Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need Help To remove HiPerfCooker_v1

Started by 40SWMike , Jul 22 2011 12:58 PM

  • Please log in to reply

#1
40SWMike
Posted 22 July 2011 - 12:58 PM

40SWMike

    Member

  • Member
  • PipPip
  • 15 posts
Hi, I have had my hard drive cleaned and Windows XP reloaded 4 times and I keep getting HiPerfCooker_v1 reinstalled. I have run scan after scan and nothing ever shows up. I check my event viewer and find,A provider, HiPerfCooker_v1 has been registered in the WMI namespace, ROOT\WMI,to use the Local System account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Please Help, Mike

P.S. scaned with OTL

OTL logfile created on: 7/22/2011 11:57:34 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\user\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

758.42 Mb Total Physical Memory | 407.11 Mb Available Physical Memory | 53.68% Memory free
1.81 Gb Paging File | 1.41 Gb Available in Paging File | 77.97% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 68.78 Gb Free Space | 92.30% Space Free | Partition Type: NTFS

Computer Name: HP3 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days

========== Processes (SafeList) ==========

PRC - [2011/07/22 11:56:33 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
PRC - [2011/02/16 15:26:04 | 000,188,272 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2011/02/10 08:00:24 | 000,116,752 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2011/02/10 07:57:40 | 001,035,512 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2010/08/08 04:18:46 | 000,238,928 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
PRC - [2010/08/08 04:18:44 | 000,138,640 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/10/14 09:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (SafeList) ==========

MOD - [2011/07/22 11:56:33 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/08 04:18:46 | 000,079,184 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/02/16 15:26:04 | 000,188,272 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2010/08/08 04:18:44 | 000,341,072 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TM_CFW.sys -- (tmcfw)
DRV - [2010/08/08 04:18:44 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010/08/08 04:18:44 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/08/08 04:18:44 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/08/08 04:18:44 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2006/04/28 17:12:40 | 000,429,184 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/04/13 09:12:38 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/08/03 16:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/04/26 07:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2002/09/20 09:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0


FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\firefoxextension\ [2011/07/21 12:30:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/22 09:51:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/07/22 09:51:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2011/07/22 09:51:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/07/08 01:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 02:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [OE] C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1309029058937 (WUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.100.58 10.110.100.2
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/25 12:26:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 180 Days ==========

[2011/07/22 11:56:31 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2011/07/22 10:18:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\HiJackThis
[2011/07/22 09:51:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Mozilla
[2011/07/22 09:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Mozilla
[2011/07/22 09:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/07/22 09:43:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/07/21 16:59:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2011/07/21 14:10:38 | 013,685,936 | ---- | C] (Mozilla) -- C:\Documents and Settings\user\My Documents\Firefox Setup 5.0.1.exe
[2011/07/21 12:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Simply Super Software
[2011/07/21 12:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2011/07/21 12:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\IObit
[2011/07/21 12:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Trend Micro Titanium Internet Security
[2011/07/21 12:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SoundMAX
[2011/07/11 15:39:52 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2011/07/11 15:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/07/11 14:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes
[2011/07/11 14:28:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/27 14:16:43 | 000,341,072 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\TM_CFW.sys
[2011/06/25 15:03:39 | 000,000,000 | ---D | C] -- C:\temp
[2011/06/25 14:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Trend Micro
[2011/06/25 14:52:18 | 000,092,112 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmtdi.sys
[2011/06/25 14:52:10 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2011/06/25 14:52:10 | 000,080,464 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmactmon.sys
[2011/06/25 14:52:10 | 000,064,080 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmevtmgr.sys
[2011/06/25 14:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trend Micro
[2011/06/25 14:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/06/25 14:40:14 | 000,429,184 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2011/06/25 14:40:13 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2011/06/25 14:38:25 | 000,235,100 | ---- | C] (Analog Devices Inc) -- C:\WINDOWS\System32\drivers\MidiSyn.sys
[2011/06/25 14:38:20 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2011/06/25 14:38:18 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2011/06/25 14:38:15 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2011/06/25 14:38:13 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2011/06/25 14:38:10 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2011/06/25 14:38:08 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2011/06/25 14:38:06 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2011/06/25 14:38:04 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2011/06/25 14:38:01 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2011/06/25 14:38:00 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2011/06/25 14:37:57 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2011/06/25 14:37:48 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2011/06/25 14:37:48 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2011/06/25 14:37:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/06/25 14:37:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2011/06/25 14:37:47 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2011/06/25 14:37:47 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2011/06/25 14:37:47 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2011/06/25 14:37:47 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2011/06/25 14:37:39 | 000,381,056 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\drivers\senfilt.sys
[2011/06/25 14:37:39 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/06/25 14:37:39 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2011/06/25 14:37:38 | 001,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll
[2011/06/25 14:37:38 | 000,030,208 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll
[2011/06/25 14:37:37 | 000,991,232 | ---- | C] (Sensaura) -- C:\WINDOWS\System32\virtear.dll
[2011/06/25 14:37:37 | 000,765,952 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System\crlds3d.dll
[2011/06/25 14:37:37 | 000,065,536 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3d.dll
[2011/06/25 14:37:37 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2011/06/25 14:37:37 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2011/06/25 14:37:37 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/06/25 14:37:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar
[2011/06/25 14:37:37 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2011/06/25 14:37:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/06/25 14:36:15 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2011/06/25 14:24:07 | 000,000,000 | ---D | C] -- C:\SwSetup
[2011/06/25 14:24:07 | 000,000,000 | ---D | C] -- C:\BIOS
[2011/06/25 14:17:32 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011/06/25 14:17:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2011/06/25 14:16:19 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\IECompatCache
[2011/06/25 14:15:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\PrivacIE
[2011/06/25 14:15:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\IETldCache
[2011/06/25 14:03:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/06/25 14:03:19 | 011,081,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/06/25 14:03:19 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/06/25 14:03:19 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/06/25 14:03:19 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/06/25 14:03:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/06/25 14:03:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/06/25 14:01:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/06/25 13:31:37 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/06/25 13:31:33 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/06/25 13:28:40 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/06/25 13:28:24 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/06/25 13:28:10 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2011/06/25 13:27:57 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2011/06/25 13:27:57 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011/06/25 13:27:35 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011/06/25 13:26:46 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2011/06/25 13:26:23 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/06/25 13:24:05 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2011/06/25 13:23:32 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2011/06/25 13:20:29 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2011/06/25 13:20:28 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2011/06/25 13:20:27 | 002,192,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2011/06/25 13:20:27 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/06/25 13:19:52 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2011/06/25 13:19:48 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2011/06/25 13:19:11 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/06/25 13:19:07 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2011/06/25 13:15:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/06/25 13:13:32 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2011/06/25 13:13:32 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2011/06/25 13:13:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/06/25 13:12:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/06/25 13:11:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/06/25 13:10:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\UserData
[2011/06/25 13:00:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/06/25 12:54:45 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011/06/25 12:54:45 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2011/06/25 12:54:45 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011/06/25 12:54:40 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2011/06/25 12:54:39 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2011/06/25 12:54:38 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2011/06/25 12:54:28 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2011/06/25 12:54:28 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2011/06/25 12:54:28 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2011/06/25 12:54:28 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2011/06/25 12:54:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2011/06/25 12:54:27 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2011/06/25 12:54:27 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2011/06/25 12:54:27 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2011/06/25 12:54:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2011/06/25 12:54:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2011/06/25 12:54:27 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2011/06/25 12:54:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2011/06/25 12:54:27 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2011/06/25 12:54:27 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2011/06/25 12:54:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2011/06/25 12:54:26 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2011/06/25 12:54:26 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2011/06/25 12:54:26 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2011/06/25 12:54:26 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2011/06/25 12:54:26 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2011/06/25 12:54:26 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2011/06/25 12:54:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2011/06/25 12:54:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2011/06/25 12:54:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2011/06/25 12:54:26 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2011/06/25 12:54:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2011/06/25 12:54:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2011/06/25 12:54:25 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2011/06/25 12:54:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2011/06/25 12:54:24 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2011/06/25 12:54:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2011/06/25 12:54:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2011/06/25 12:54:24 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2011/06/25 12:54:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2011/06/25 12:54:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2011/06/25 12:54:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2011/06/25 12:54:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2011/06/25 12:54:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2011/06/25 12:54:23 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2011/06/25 12:54:23 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2011/06/25 12:54:23 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2011/06/25 12:54:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2011/06/25 12:54:23 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2011/06/25 12:54:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2011/06/25 12:54:23 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2011/06/25 12:54:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2011/06/25 12:54:22 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2011/06/25 12:54:22 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2011/06/25 12:54:22 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2011/06/25 12:54:22 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2011/06/25 12:54:22 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2011/06/25 12:54:22 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2011/06/25 12:54:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2011/06/25 12:54:22 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2011/06/25 12:54:22 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2011/06/25 12:54:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2011/06/25 12:54:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2011/06/25 12:54:22 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2011/06/25 12:54:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2011/06/25 12:54:21 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2011/06/25 12:54:21 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2011/06/25 12:54:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011/06/25 12:54:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2011/06/25 12:54:20 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2011/06/25 12:54:20 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2011/06/25 12:54:18 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2011/06/25 12:54:18 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2011/06/25 12:54:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/06/25 12:54:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/06/25 12:54:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2011/06/25 12:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/06/25 12:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/06/25 12:51:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/06/25 12:51:18 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2011/06/25 12:48:40 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011/06/25 12:48:40 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011/06/25 12:48:40 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011/06/25 12:48:40 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011/06/25 12:48:40 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011/06/25 12:48:40 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011/06/25 12:48:40 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2011/06/25 12:48:40 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2011/06/25 12:48:40 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2011/06/25 12:48:40 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2011/06/25 12:48:40 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2011/06/25 12:48:40 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2011/06/25 12:48:40 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2011/06/25 12:48:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/06/25 12:48:39 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2011/06/25 12:48:39 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011/06/25 12:48:39 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011/06/25 12:48:39 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011/06/25 12:48:39 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011/06/25 12:48:39 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011/06/25 12:48:39 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011/06/25 12:48:39 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011/06/25 12:48:39 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011/06/25 12:48:39 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011/06/25 12:48:39 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011/06/25 12:48:39 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011/06/25 12:48:39 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011/06/25 12:48:39 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011/06/25 12:48:39 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011/06/25 12:48:39 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011/06/25 12:48:38 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2011/06/25 12:48:38 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2011/06/25 12:48:38 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2011/06/25 12:48:38 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2011/06/25 12:48:38 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2011/06/25 12:48:37 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2011/06/25 12:48:37 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2011/06/25 12:48:36 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011/06/25 12:48:36 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011/06/25 12:48:35 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011/06/25 12:48:35 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011/06/25 12:48:35 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011/06/25 12:48:35 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2011/06/25 12:48:35 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2011/06/25 12:48:35 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2011/06/25 12:48:34 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011/06/25 12:48:34 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011/06/25 12:48:34 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011/06/25 12:48:34 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011/06/25 12:48:34 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2011/06/25 12:48:34 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2011/06/25 12:48:34 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2011/06/25 12:48:33 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011/06/25 12:48:33 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011/06/25 12:48:33 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011/06/25 12:48:33 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011/06/25 12:48:33 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011/06/25 12:48:33 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011/06/25 12:47:00 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/06/25 12:46:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/06/25 12:46:33 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2011/06/25 12:43:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/06/25 12:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/06/25 12:36:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Identities
[2011/06/25 12:36:19 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/06/25 12:36:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Pictures
[2011/06/25 12:36:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Music
[2011/06/25 12:36:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Application Data\Microsoft
[2011/06/25 12:36:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Application Data
[2011/06/25 12:36:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Favorites
[2011/06/25 12:36:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\Cookies
[2011/06/25 12:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft
[2011/06/25 12:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop
[2011/06/25 12:36:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo
[2011/06/25 12:36:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2011/06/25 12:36:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Startup
[2011/06/25 12:36:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Start Menu
[2011/06/25 12:36:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents
[2011/06/25 12:36:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Accessories
[2011/06/25 12:36:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Templates
[2011/06/25 12:36:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood
[2011/06/25 12:36:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood
[2011/06/25 12:36:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Local Settings
[2011/06/25 12:30:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/06/25 12:30:05 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/06/25 12:30:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/06/25 12:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/06/25 12:29:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/06/25 12:29:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/06/25 12:28:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/06/25 12:28:19 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/06/25 12:28:18 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/06/25 12:28:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/06/25 12:28:12 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/06/25 12:28:12 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/06/25 12:28:12 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/06/25 12:28:10 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/06/25 12:28:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/06/25 12:28:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/06/25 12:28:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/06/25 12:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/06/25 12:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/06/25 12:28:05 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/06/25 12:28:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/06/25 12:28:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/06/25 12:28:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/06/25 12:28:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/06/25 12:28:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/06/25 12:28:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/06/25 12:28:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/06/25 12:28:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/06/25 12:28:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/06/25 12:28:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/06/25 12:28:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/06/25 12:28:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/06/25 12:28:04 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/06/25 12:28:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/06/25 12:28:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/06/25 12:27:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/06/25 12:27:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/06/25 12:27:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/06/25 12:27:56 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/06/25 12:27:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/06/25 12:27:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/06/25 12:27:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/06/25 12:27:51 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/06/25 12:27:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/06/25 12:27:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/06/25 12:27:47 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/06/25 12:27:32 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/06/25 12:27:32 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/06/25 12:27:30 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/06/25 12:27:26 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/06/25 12:27:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/06/25 12:27:12 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2011/06/25 12:27:11 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/06/25 12:27:10 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/06/25 12:27:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/06/25 12:27:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/06/25 12:27:07 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/06/25 12:27:07 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/06/25 12:27:07 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/06/25 12:27:07 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/06/25 12:27:05 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2011/06/25 12:26:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/06/25 12:26:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/06/25 12:26:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/06/25 12:26:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/06/25 12:26:55 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/06/25 12:26:55 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/06/25 12:26:46 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/06/25 12:26:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/06/25 12:26:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/06/25 12:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/06/25 12:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/06/25 12:25:48 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2011/06/25 12:24:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/06/25 12:24:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/06/25 12:24:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/06/25 12:24:26 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/06/25 12:23:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/06/25 12:23:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2011/06/25 12:23:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2011/06/25 12:23:39 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2011/06/25 12:23:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2011/06/25 12:23:39 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2011/06/25 12:23:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2011/06/25 12:23:31 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2011/06/25 12:23:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2011/06/25 12:23:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2011/06/25 12:23:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2011/06/25 12:23:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2011/06/25 12:23:29 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2011/06/25 12:23:29 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2011/06/25 12:23:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2011/06/25 12:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/06/25 12:23:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2011/06/25 12:23:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2011/06/25 12:23:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2011/06/25 12:23:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2011/06/25 12:23:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2011/06/25 12:23:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/06/25 12:23:25 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2011/06/25 12:23:25 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2011/06/25 12:23:25 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2011/06/25 12:23:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/06/25 12:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/06/25 12:23:24 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2011/06/25 12:23:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/06/25 12:23:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/06/25 12:23:21 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2011/06/25 12:23:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2011/06/25 12:23:20 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2011/06/25 12:23:20 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2011/06/25 12:23:20 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2011/06/25 12:23:20 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2011/06/25 12:23:20 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2011/06/25 12:23:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2011/06/25 12:23:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/06/25 12:23:19 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/06/25 12:23:19 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2011/06/25 12:23:19 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2011/06/25 12:23:19 | 000,209,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2011/06/25 12:23:19 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/06/25 12:23:18 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2011/06/25 12:23:18 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2011/06/25 12:23:18 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2011/06/25 12:23:18 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2011/06/25 12:23:18 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2011/06/25 12:23:18 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2011/06/25 12:23:18 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2011/06/25 12:23:18 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2011/06/25 12:23:18 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2011/06/25 12:23:18 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2011/06/25 12:23:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2011/06/25 12:23:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2011/06/25 12:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/06/25 12:23:10 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2011/06/25 12:23:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2011/06/25 12:23:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2011/06/25 12:23:10 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2011/06/25 12:23:08 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2011/06/25 12:23:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2011/06/25 12:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/06/25 12:23:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2011/06/25 12:23:07 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2011/06/25 12:23:07 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2011/06/25 12:23:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2011/06/25 12:23:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2011/06/25 12:23:04 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2011/06/25 12:23:04 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2011/06/25 12:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/06/25 12:23:03 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2011/06/25 12:23:02 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2011/06/25 12:23:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2011/06/25 12:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/06/25 12:23:01 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2011/06/25 12:23:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2011/06/25 12:23:01 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2011/06/25 12:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/06/25 12:22:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/06/25 12:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/06/25 12:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/06/25 12:22:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/06/25 12:22:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/06/25 12:21:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/06/25 12:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/06/25 12:21:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/06/25 12:21:45 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/06/25 12:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/06/25 12:21:38 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2011/06/25 12:21:38 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2011/06/25 12:21:38 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2011/06/25 12:21:38 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2011/06/25 12:21:38 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2011/06/25 12:21:38 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2011/06/25 12:21:38 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2011/06/25 12:21:38 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2011/06/25 12:21:38 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2011/06/25 12:21:38 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2011/06/25 12:21:37 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2011/06/25 12:21:37 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2011/06/25 12:21:37 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2011/06/25 12:21:37 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2011/06/25 12:21:37 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2011/06/25 12:21:37 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2011/06/25 12:21:37 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2011/06/25 12:21:37 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2011/06/25 12:21:37 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2011/06/25 12:21:36 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2011/06/25 12:21:36 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2011/06/25 12:21:36 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2011/06/25 12:21:36 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2011/06/25 12:21:36 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2011/06/25 12:21:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2011/06/25 12:21:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2011/06/25 12:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/06/25 12:21:26 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2011/06/25 12:21:26 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2011/06/25 12:21:26 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2011/06/25 12:21:26 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2011/06/25 12:21:25 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2011/06/25 12:21:25 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2011/06/25 12:21:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2011/06/25 12:21:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2011/06/25 12:21:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2011/06/25 12:21:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2011/06/25 12:21:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2011/06/25 12:21:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2011/06/25 12:21:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2011/06/25 12:21:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2011/06/25 12:21:18 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2011/06/25 12:21:18 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2011/06/25 12:21:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2011/06/25 12:21:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2011/06/25 12:21:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2011/06/25 12:21:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2011/06/25 12:21:17 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2011/06/25 12:21:17 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2011/06/25 12:21:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2011/06/25 12:21:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2011/06/25 12:21:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2011/06/25 12:21:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2011/06/25 12:21:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2011/06/25 12:21:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2011/06/25 12:21:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2011/06/25 12:21:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2011/06/25 12:21:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2011/06/25 12:21:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2011/06/25 12:21:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2011/06/25 12:21:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2011/06/25 12:21:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2011/06/25 12:21:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2011/06/25 12:21:16 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2011/06/25 12:21:16 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2011/06/25 12:21:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2011/06/25 12:21:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2011/06/25 12:21:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2011/06/25 12:21:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2011/06/25 12:21:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2011/06/25 12:21:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2011/06/25 12:21:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2011/06/25 12:21:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2011/06/25 12:21:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2011/06/25 12:21:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2011/06/25 12:21:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2011/06/25 12:21:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2011/06/25 12:21:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2011/06/25 12:21:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2011/06/25 12:21:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2011/06/25 12:21:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2011/06/25 12:21:15 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2011/06/25 12:21:15 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2011/06/25 12:21:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2011/06/25 12:21:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2011/06/25 12:21:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2011/06/25 12:21:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2011/06/25 12:21:14 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2011/06/25 12:21:14 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2011/06/25 12:21:14 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2011/06/25 12:21:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2011/06/25 12:21:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2011/06/25 12:21:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2011/06/25 12:21:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2011/06/25 12:21:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2011/06/25 12:21:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2011/06/25 12:21:10 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2011/06/25 12:21:10 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2011/06/25 12:21:10 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2011/06/25 12:21:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2011/06/25 12:21:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2011/06/25 12:21:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2011/06/25 12:21:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2011/06/25 12:21:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2011/06/25 12:21:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2011/06/25 12:21:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2011/06/25 12:21:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2011/06/25 12:21:03 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2011/06/25 12:21:03 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2011/06/25 12:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/06/25 12:21:02 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2011/06/25 12:21:02 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2011/06/25 12:21:02 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2011/06/25 12:21:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2011/06/25 12:21:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2011/06/25 12:21:02 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2011/06/25 12:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/06/25 12:21:01 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2011/06/25 12:21:01 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2011/06/25 12:21:01 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2011/06/25 12:21:01 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2011/06/25 12:21:00 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2011/06/25 12:21:00 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2011/06/25 12:21:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2011/06/25 12:21:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2011/06/25 12:21:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2011/06/25 12:21:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2011/06/25 12:21:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2011/06/25 12:21:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2011/06/25 12:21:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2011/06/25 12:21:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2011/06/25 12:20:59 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2011/06/25 12:20:59 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2011/06/25 12:20:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2011/06/25 12:20:59 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2011/06/25 12:20:59 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2011/06/25 12:20:59 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2011/06/25 12:20:59 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2011/06/25 12:20:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/06/25 12:20:58 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2011/06/25 12:20:58 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2011/06/25 12:20:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2011/06/25 12:20:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2011/06/25 12:20:58 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2011/06/25 12:20:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/06/25 12:20:57 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2011/06/25 12:20:57 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2011/06/25 12:20:52 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2011/06/25 12:20:51 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2011/06/25 12:20:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2011/06/25 12:20:51 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2011/06/25 12:19:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/06/25 06:11:01 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2011/06/25 06:10:36 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2011/06/25 06:10:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2011/06/25 06:08:43 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/06/25 06:08:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/06/25 06:08:40 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2011/06/25 06:08:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2011/06/25 06:08:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2011/06/25 06:08:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2011/06/25 06:08:39 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/06/25 06:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/06/25 06:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/06/25 06:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/06/25 06:08:36 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tintlgnt.ime
[2011/06/25 06:08:36 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/06/25 06:08:36 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/06/25 06:08:36 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/06/25 06:08:36 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/06/25 06:08:36 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/06/25 06:08:36 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2011/06/25 06:08:36 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/06/25 06:08:36 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2011/06/25 06:08:36 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/06/25 06:08:36 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2011/06/25 06:08:36 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/06/25 06:08:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2011/06/25 06:08:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/06/25 06:08:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2011/06/25 06:08:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/06/25 06:08:36 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/06/25 06:08:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/06/25 06:08:36 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/06/25 06:08:36 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cintlgnt.ime
[2011/06/25 06:08:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/06/25 06:08:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2011/06/25 06:08:36 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/06/25 06:08:35 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2011/06/25 06:08:35 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/06/25 06:08:35 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/06/25 06:08:35 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2011/06/25 06:08:35 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/06/25 06:08:35 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2011/06/25 06:08:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/06/25 06:08:35 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2011/06/25 06:08:35 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/06/25 06:08:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/06/25 06:08:33 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pintlgnt.ime
[2011/06/25 06:08:33 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/06/25 06:08:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winzm.ime
[2011/06/25 06:08:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/06/25 06:08:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsp.ime
[2011/06/25 06:08:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/06/25 06:08:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winpy.ime
[2011/06/25 06:08:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/06/25 06:08:33 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/06/25 06:08:33 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/06/25 06:08:33 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/06/25 06:08:33 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/06/25 06:08:32 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2011/06/25 06:08:32 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/06/25 06:08:32 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/06/25 06:08:32 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2011/06/25 06:08:32 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/06/25 06:08:32 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/06/25 06:08:32 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/06/25 06:08:32 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/06/25 06:08:32 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/06/25 06:08:32 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/06/25 06:08:32 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/06/25 06:08:32 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/06/25 06:08:32 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/06/25 06:08:32 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/06/25 06:08:32 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/06/25 06:08:31 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/06/25 06:08:31 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/06/25 06:08:31 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2011/06/25 06:08:31 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/06/25 06:08:31 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/06/25 06:08:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/06/25 06:08:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll
[2011/06/25 06:08:31 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinpun.dll
[2011/06/25 06:08:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/06/25 06:08:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdvntc.dll
[2011/06/25 06:08:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintel.dll
[2011/06/25 06:08:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintam.dll
[2011/06/25 06:08:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmar.dll
[2011/06/25 06:08:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinkan.dll
[2011/06/25 06:08:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinhin.dll
[2011/06/25 06:08:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinguj.dll
[2011/06/25 06:08:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdindev.dll
[2011/06/25 06:08:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/06/25 06:08:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/06/25 06:08:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/06/25 06:08:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/06/25 06:08:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/06/25 06:08:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/06/25 06:08:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/06/25 06:08:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/06/25 06:08:31 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeo.dll
[2011/06/25 06:08:31 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarmw.dll
[2011/06/25 06:08:31 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarme.dll
[2011/06/25 06:08:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/06/25 06:08:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/06/25 06:08:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/06/25 06:08:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdurdu.dll
[2011/06/25 06:08:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr2.dll
[2011/06/25 06:08:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr1.dll
[2011/06/25 06:08:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfa.dll
[2011/06/25 06:08:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv2.dll
[2011/06/25 06:08:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv1.dll
[2011/06/25 06:08:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2011/06/25 06:08:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/06/25 06:08:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/06/25 06:08:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/06/25 06:08:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/06/25 06:08:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/06/25 06:08:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/06/25 06:08:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/06/25 06:08:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda3.dll
[2011/06/25 06:08:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda2.dll
[2011/06/25 06:08:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda1.dll
[2011/06/25 06:08:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/06/25 06:08:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/06/25 06:08:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/06/25 06:08:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdheb.dll
[2011/06/25 06:08:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/06/25 06:08:22 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/06/25 06:08:22 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2011/06/25 06:08:22 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/06/25 06:08:22 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2011/06/25 06:08:22 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth3.dll
[2011/06/25 06:08:22 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth2.dll
[2011/06/25 06:08:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/06/25 06:08:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/06/25 06:08:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll
[2011/06/25 06:08:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/06/25 06:08:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth1.dll
[2011/06/25 06:08:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth0.dll
[2011/06/25 06:08:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/06/25 06:08:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/06/25 06:08:21 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2011/06/25 06:08:21 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/06/25 06:08:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2011/06/25 06:08:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/06/25 06:08:21 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2011/06/25 06:08:21 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/06/25 06:08:19 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/06/25 06:08:12 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2011/06/25 06:08:12 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wingb.ime
[2011/06/25 06:08:12 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/06/25 06:08:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/06/25 06:08:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2011/06/25 06:08:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/06/25 06:08:10 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/06/25 06:08:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/06/25 06:08:10 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/06/25 06:08:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/06/25 06:08:05 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/06/25 06:08:05 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/06/25 06:08:05 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/06/25 06:08:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2011/06/25 06:08:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/06/25 06:08:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2011/06/25 06:08:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/06/25 06:08:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2011/06/25 06:08:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2011/06/25 06:08:04 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/06/25 06:08:04 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/06/25 06:08:04 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/06/25 06:08:04 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/06/25 06:08:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2011/06/25 06:08:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/06/25 06:08:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2011/06/25 06:08:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2011/06/25 06:08:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2011/06/25 06:08:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2011/06/25 06:08:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2011/06/25 06:07:56 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/06/25 06:07:56 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/06/25 06:07:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/06/25 06:07:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2011/06/25 06:07:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2011/06/25 06:07:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2011/06/25 06:07:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2011/06/25 06:07:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2011/06/25 06:07:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2011/06/25 06:07:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2011/06/25 06:07:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2011/06/25 06:07:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2011/06/25 06:07:46 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2011/06/25 06:07:46 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2011/06/25 06:07:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2011/06/25 06:07:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2011/06/25 06:07:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2011/06/25 06:07:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2011/06/25 06:07:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2011/06/25 06:07:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2011/06/25 06:07:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2011/06/25 06:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2011/06/25 06:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2011/06/25 06:07:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2011/06/25 06:07:43 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2011/06/25 06:07:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2011/06/25 06:07:43 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2011/06/25 06:07:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2011/06/25 06:07:43 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2011/06/25 06:07:43 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2011/06/25 06:07:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2011/06/25 06:07:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2011/06/25 06:07:43 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2011/06/25 06:07:43 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2011/06/25 06:07:43 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2011/06/25 06:07:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2011/06/25 06:07:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2011/06/25 06:07:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2011/06/25 06:07:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2011/06/25 06:07:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2011/06/25 06:07:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2011/06/25 06:07:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2011/06/25 06:07:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2011/06/25 06:07:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2011/06/25 06:07:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2011/06/25 06:07:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2011/06/25 06:07:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2011/06/25 06:07:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2011/06/25 06:07:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2011/06/25 06:07:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2011/06/25 06:07:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2011/06/25 06:07:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2011/06/25 06:07:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2011/06/25 06:07:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2011/06/25 06:07:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2011/06/25 06:07:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2011/06/25 06:07:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2011/06/25 06:07:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2011/06/25 06:07:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2011/06/25 06:07:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2011/06/25 06:07:38 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2011/06/25 06:07:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2011/06/25 06:07:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2011/06/25 06:07:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2011/06/25 06:07:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2011/06/25 06:07:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2011/06/25 06:07:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2011/06/25 06:07:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2011/06/25 06:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2011/06/25 06:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2011/06/25 06:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2011/06/25 06:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2011/06/25 06:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2011/06/25 06:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2011/06/25 06:07:35 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011/06/25 06:07:35 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2011/06/25 06:07:35 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2011/06/25 06:07:35 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2011/06/25 06:07:35 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2011/06/25 06:07:35 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2011/06/25 06:07:35 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/06/25 06:07:35 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/06/25 06:07:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/06/25 06:07:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/06/25 06:07:34 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2011/06/25 06:07:34 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2011/06/25 06:07:34 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2011/06/25 06:07:34 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2011/06/25 06:07:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2011/06/25 06:07:34 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2011/06/25 06:07:34 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2011/06/25 06:07:34 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2011/06/25 06:07:34 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2011/06/25 06:07:33 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2011/06/25 06:07:33 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2011/06/25 06:07:33 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2011/06/25 06:07:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2011/06/25 06:07:33 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2011/06/25 06:07:33 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2011/06/25 06:07:33 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2011/06/25 06:07:33 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2011/06/25 06:07:33 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2011/06/25 06:07:32 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2011/06/25 06:07:32 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2011/06/25 06:07:32 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2011/06/25 06:07:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2011/06/25 06:07:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2011/06/25 06:07:31 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2011/06/25 06:07:31 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2011/06/25 06:07:31 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2011/06/25 06:07:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2011/06/25 06:07:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/06/25 06:07:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/06/25 06:07:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/06/25 06:07:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/06/25 06:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/06/25 06:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/06/25 06:07:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/06/25 06:07:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/06/25 06:06:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/06/25 06:06:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/06/25 06:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/06/25 06:06:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/06/25 05:59:26 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/06/25 05:59:26 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/06/25 05:59:26 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/06/25 05:59:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/06/25 05:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011/04/25 08:47:19 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011/04/25 08:47:19 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2011/03/03 07:21:11 | 001,857,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2011/03/03 00:55:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2011/02/17 07:18:03 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2011/02/15 06:56:39 | 000,290,432 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2011/02/02 01:58:35 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2011/01/27 05:57:06 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 180 Days ==========

[2011/07/22 11:56:33 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2011/07/22 11:29:53 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\user\Desktop\HiJackThis.lnk
[2011/07/22 09:51:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/07/22 09:51:16 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/07/22 09:51:16 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/22 09:45:11 | 000,324,346 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/22 09:45:11 | 000,044,570 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/21 17:41:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/21 14:10:40 | 013,685,936 | ---- | M] (Mozilla) -- C:\Documents and Settings\user\My Documents\Firefox Setup 5.0.1.exe
[2011/07/21 13:59:52 | 000,741,442 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Grandpa's Messed Up His Computer [RESOLVED] - Geeks to Go Forums.mht
[2011/07/21 13:50:10 | 014,448,872 | ---- | M] () -- C:\Documents and Settings\user\My Documents\clj5550_ps_win32.exe
[2011/07/21 13:46:21 | 013,756,648 | ---- | M] () -- C:\Documents and Settings\user\My Documents\clj5550_pcl5_win32.exe
[2011/07/21 13:42:41 | 014,254,824 | ---- | M] () -- C:\Documents and Settings\user\My Documents\clj5550_pcl6_win32.exe
[2011/07/21 13:28:04 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Michael exe.msi
[2011/07/21 13:18:15 | 000,700,742 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Spyware and viruses Help pleaseeeeee! [RESOLVED] - Geeks to Go Forums.mht
[2011/07/21 12:13:46 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/21 11:51:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/25 19:30:39 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Windows Explorer.lnk
[2011/06/25 14:54:04 | 000,000,932 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Trend Micro Titanium Internet Security.lnk
[2011/06/25 14:15:08 | 000,157,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/25 14:12:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/25 13:01:26 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/06/25 12:48:12 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/06/25 12:36:30 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/06/25 12:29:33 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/06/25 12:28:44 | 000,000,287 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/06/25 12:26:11 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/25 12:26:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/06/25 12:26:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/06/25 12:26:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/06/25 12:26:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/06/25 12:26:01 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/06/25 12:26:01 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/06/25 12:25:48 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/06/25 12:22:49 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/06/25 12:19:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/05/30 16:19:48 | 005,964,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2011/05/02 09:31:52 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2011/04/29 10:19:43 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/04/26 10:11:12 | 011,081,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/04/25 10:11:12 | 001,211,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2011/04/25 10:11:12 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2011/04/25 10:11:12 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2011/04/25 10:11:12 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2011/04/25 10:11:12 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2011/04/25 10:11:12 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/04/25 10:11:12 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2011/04/25 10:11:12 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2011/04/25 10:11:12 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2011/04/25 10:11:12 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/04/25 10:11:11 | 001,991,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/04/25 10:11:11 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2011/04/25 10:11:11 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2011/04/25 10:11:11 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/04/25 10:11:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2011/04/25 10:11:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2011/04/25 10:11:11 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2011/04/25 10:11:11 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2011/04/25 10:11:11 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2011/04/25 10:11:11 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2011/04/25 10:11:10 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2011/04/25 10:11:10 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2011/04/25 08:47:19 | 001,510,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2011/04/25 08:47:19 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2011/04/25 08:47:19 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011/04/25 08:47:19 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2011/04/25 06:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2011/04/25 06:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2011/04/25 06:01:22 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2011/04/21 07:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/03/03 07:21:11 | 001,857,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2011/03/03 07:21:11 | 001,857,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2011/03/03 00:55:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2011/02/17 07:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2011/02/16 07:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2011/02/15 06:56:39 | 000,290,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2011/02/15 06:56:39 | 000,290,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2011/02/09 07:53:52 | 000,270,848 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/02/09 07:53:52 | 000,186,880 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2011/02/08 07:33:55 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll
[2011/02/08 07:33:55 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2011/02/08 07:33:55 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll
[2011/02/08 07:33:55 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2011/02/02 01:58:35 | 002,067,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2011/01/27 05:57:06 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/22 10:18:55 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\user\Desktop\HiJackThis.lnk
[2011/07/22 09:51:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/07/22 09:51:16 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/07/22 09:51:16 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/07/22 09:51:15 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/07/21 13:59:46 | 000,741,442 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Grandpa's Messed Up His Computer [RESOLVED] - Geeks to Go Forums.mht
[2011/07/21 13:50:10 | 014,448,872 | ---- | C] () -- C:\Documents and Settings\user\My Documents\clj5550_ps_win32.exe
[2011/07/21 13:46:20 | 013,756,648 | ---- | C] () -- C:\Documents and Settings\user\My Documents\clj5550_pcl5_win32.exe
[2011/07/21 13:42:41 | 014,254,824 | ---- | C] () -- C:\Documents and Settings\user\My Documents\clj5550_pcl6_win32.exe
[2011/07/21 13:28:03 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Michael exe.msi
[2011/07/21 13:18:08 | 000,700,742 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Spyware and viruses Help pleaseeeeee! [RESOLVED] - Geeks to Go Forums.mht
[2011/07/11 15:39:52 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2011/07/11 15:39:52 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2011/07/11 15:39:52 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2011/07/11 15:39:52 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2011/06/25 14:53:44 | 000,000,932 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Trend Micro Titanium Internet Security.lnk
[2011/06/25 12:54:42 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011/06/25 12:54:42 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011/06/25 12:54:42 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011/06/25 12:54:42 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011/06/25 12:54:41 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011/06/25 12:54:41 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011/06/25 12:54:41 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011/06/25 12:54:41 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011/06/25 12:54:41 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011/06/25 12:54:41 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011/06/25 12:54:41 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011/06/25 12:54:41 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011/06/25 12:54:41 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011/06/25 12:54:41 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011/06/25 12:54:41 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011/06/25 12:54:41 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011/06/25 12:54:41 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011/06/25 12:54:40 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011/06/25 12:54:40 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011/06/25 12:54:40 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011/06/25 12:54:40 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011/06/25 12:54:40 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011/06/25 12:54:40 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011/06/25 12:54:40 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011/06/25 12:54:40 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011/06/25 12:54:40 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011/06/25 12:54:40 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011/06/25 12:54:40 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011/06/25 12:54:40 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011/06/25 12:54:40 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011/06/25 12:54:40 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011/06/25 12:54:40 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011/06/25 12:54:40 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011/06/25 12:54:40 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011/06/25 12:54:40 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011/06/25 12:54:40 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011/06/25 12:54:40 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011/06/25 12:54:40 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011/06/25 12:54:40 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011/06/25 12:54:40 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011/06/25 12:54:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011/06/25 12:54:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011/06/25 12:54:40 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011/06/25 12:54:40 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011/06/25 12:54:40 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011/06/25 12:54:39 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011/06/25 12:54:39 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011/06/25 12:54:39 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011/06/25 12:54:39 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011/06/25 12:54:39 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011/06/25 12:54:39 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011/06/25 12:54:39 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011/06/25 12:54:39 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011/06/25 12:54:39 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011/06/25 12:54:39 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011/06/25 12:54:39 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011/06/25 12:54:39 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011/06/25 12:54:39 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011/06/25 12:54:39 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011/06/25 12:54:39 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011/06/25 12:54:39 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011/06/25 12:54:39 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011/06/25 12:54:39 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011/06/25 12:54:39 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011/06/25 12:54:39 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011/06/25 12:54:39 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011/06/25 12:54:39 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011/06/25 12:54:38 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011/06/25 12:54:38 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011/06/25 12:54:38 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011/06/25 12:54:38 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011/06/25 12:54:38 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011/06/25 12:54:38 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011/06/25 12:54:38 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011/06/25 12:54:38 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011/06/25 12:54:38 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011/06/25 12:54:38 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011/06/25 12:54:38 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011/06/25 12:54:38 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011/06/25 12:54:38 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011/06/25 12:48:38 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/06/25 12:48:37 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/06/25 12:48:35 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/06/25 12:36:51 | 000,001,475 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Windows Explorer.lnk
[2011/06/25 12:36:30 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/06/25 12:36:22 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Outlook Express.lnk
[2011/06/25 12:36:19 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/25 12:36:19 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Internet Explorer.lnk
[2011/06/25 12:36:11 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Remote Assistance.lnk
[2011/06/25 12:36:11 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Windows Media Player.lnk
[2011/06/25 12:29:33 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/06/25 12:28:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/06/25 12:26:11 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/25 12:26:11 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/06/25 12:26:11 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/06/25 12:26:11 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/06/25 12:26:11 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/06/25 12:26:01 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/06/25 12:26:01 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/06/25 12:26:00 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/06/25 12:24:25 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/06/25 12:24:07 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/06/25 12:23:37 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/06/25 12:23:37 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/06/25 12:23:31 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/06/25 12:22:49 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/06/25 12:21:46 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2011/06/25 12:21:20 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/06/25 12:21:20 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/06/25 12:21:20 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/06/25 12:21:20 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/06/25 12:21:20 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/06/25 12:21:20 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/06/25 12:21:19 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/06/25 12:21:19 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/06/25 12:21:19 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/06/25 12:21:19 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/06/25 12:21:19 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/06/25 12:21:17 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/06/25 12:21:17 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/06/25 12:21:16 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/06/25 12:21:09 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/06/25 06:08:46 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/06/25 06:08:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/06/25 06:08:40 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/06/25 06:08:40 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/06/25 06:08:40 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/06/25 06:08:39 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/06/25 06:08:36 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/06/25 06:08:35 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/06/25 06:08:33 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/06/25 06:08:32 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/06/25 06:08:22 | 000,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2011/06/25 06:08:21 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2011/06/25 06:08:21 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/06/25 06:08:21 | 000,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2011/06/25 06:08:17 | 000,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2011/06/25 06:08:17 | 000,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2011/06/25 06:08:17 | 000,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2011/06/25 06:08:17 | 000,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2011/06/25 06:08:16 | 000,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2011/06/25 06:08:16 | 000,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2011/06/25 06:08:16 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2011/06/25 06:08:16 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2011/06/25 06:08:16 | 000,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2011/06/25 06:08:16 | 000,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2011/06/25 06:08:16 | 000,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2011/06/25 06:08:16 | 000,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2011/06/25 06:08:16 | 000,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2011/06/25 06:08:16 | 000,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2011/06/25 06:08:16 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2011/06/25 06:08:13 | 001,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2011/06/25 06:08:13 | 001,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2011/06/25 06:08:12 | 001,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2011/06/25 06:08:10 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/06/25 06:08:10 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/06/25 06:08:02 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/06/25 06:07:32 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/06/25 06:07:17 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/06/25 06:07:17 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/06/25 06:07:17 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/06/25 06:07:17 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/06/25 06:07:17 | 000,007,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/06/25 06:07:16 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/06/25 06:07:16 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/06/25 06:07:16 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/06/25 06:06:30 | 000,157,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/25 06:05:51 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011/06/25 06:05:46 | 000,000,287 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/02/09 07:53:52 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/02/09 07:53:52 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 06:00:00 | 000,324,346 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 06:00:00 | 000,044,570 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/05/28 11:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 11:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

< End of report >
OTL Extras logfile created on: 7/22/2011 11:57:34 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\user\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

758.42 Mb Total Physical Memory | 407.11 Mb Available Physical Memory | 53.68% Memory free
1.81 Gb Paging File | 1.41 Gb Available in Paging File | 77.97% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 68.78 Gb Free Space | 92.30% Space Free | Partition Type: NTFS

Computer Name: HP3 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Internet Security
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"ie8" = Windows Internet Explorer 8
"Mozilla Firefox 5.0.1 (x86 en-US)" = Mozilla Firefox 5.0.1 (x86 en-US)
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/21/2011 3:10:30 PM | Computer Name = HP3 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

[ System Events ]
Error - 7/21/2011 2:58:00 PM | Computer Name = HP3 | Source = Service Control Manager | ID = 7023
Description = The Human Interface Device Access service terminated with the following
error: %%126

Error - 7/21/2011 3:00:09 PM | Computer Name = HP3 | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 7/21/2011 3:01:52 PM | Computer Name = HP3 | Source = Service Control Manager | ID = 7001
Description = The Network DDE service depends on the Network DDE DSDM service which
failed to start because of the following error: %%1058

Error - 7/21/2011 4:17:51 PM | Computer Name = HP3 | Source = NetDDE | ID = 206
Description = Listen failed: 23: The ncb_lana_num member did not specify a valid
network number.

Error - 7/21/2011 4:18:23 PM | Computer Name = HP3 | Source = Service Control Manager | ID = 7001
Description = The Fast User Switching Compatibility service depends on the Terminal
Services service which failed to start because of the following error: %%1058

Error - 7/21/2011 6:56:09 PM | Computer Name = HP3 | Source = Service Control Manager | ID = 7000
Description = The Alerter service failed to start due to the following error: %%1079

Error - 7/21/2011 6:56:16 PM | Computer Name = HP3 | Source = Service Control Manager | ID = 7001
Description = The Fast User Switching Compatibility service depends on the Terminal
Services service which failed to start because of the following error: %%1058

Error - 7/21/2011 7:36:33 PM | Computer Name = HP3 | Source = Service Control Manager | ID = 7001
Description = The Fast User Switching Compatibility service depends on the Terminal
Services service which failed to start because of the following error: %%1058

Error - 7/21/2011 7:41:33 PM | Computer Name = HP3 | Source = Service Control Manager | ID = 7000
Description = The Alerter service failed to start due to the following error: %%1079

Error - 7/21/2011 7:41:39 PM | Computer Name = HP3 | Source = Service Control Manager | ID = 7001
Description = The Fast User Switching Compatibility service depends on the Terminal
Services service which failed to start because of the following error: %%1058


< End of report >
  • 0

Advertisements

#2
RKinner
Posted 22 July 2011 - 09:27 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
HiPerfCooker_v1 is a Microsoft program. Nothing to worry about. The warning is just a stupid Microsoft's left hand not knowing what the right hand is doing thing.
http://msdn.microsof...ibrary/aa390431

Ron
  • 0

#3
40SWMike
Posted 23 July 2011 - 11:31 AM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thanks Ron,but I do have something that is running in background that has crashed my security software and then rebooted laptop and has also disconnected from web as I was chatting with help at Microsoft. I have had other weird events as well, the first event was e-mails were sent to everyone in my address book without my knowledge. I sure would appreciate any help. Thanks for your time, Mike

Edited by 40SWMike, 23 July 2011 - 12:51 PM.

  • 0

#4
RKinner
Posted 23 July 2011 - 07:36 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
OK.

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan


On completion of the scan (Note if the Fix button is enabled and tell me) click save log, save it to your desktop and post in your next reply


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download

http://ad13.geekstogo.com/MBRCheck.exe

Save it and run it. It will produce a log MBRCheck(date).txt on your desktop. Copy and paste it into a reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Re-activate your anti-virus at this time :!:

Ron
  • 0

#5
40SWMike
Posted 25 July 2011 - 12:07 PM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thanks Ron, the fix button is there.
aswMBR version 0.9.8.977 Copyright© 2011 AVAST Software
Run date: 2011-07-25 11:59:18
-----------------------------
11:59:18.437 OS Version: Windows 5.1.2600 Service Pack 3
11:59:18.437 Number of processors: 1 586 0xD08
11:59:18.437 ComputerName: HP3 UserName:
11:59:19.781 Initialize success
11:59:51.109 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
11:59:51.109 Disk 0 Vendor: TOSHIBA_MK8025GAS KA024A Size: 76319MB BusType: 3
11:59:51.140 Disk 0 MBR read successfully
11:59:51.140 Disk 0 MBR scan
11:59:51.140 Disk 0 Windows XP default MBR code
11:59:51.156 Disk 0 scanning sectors +156280320
11:59:51.234 Disk 0 scanning C:\WINDOWS\system32\drivers
12:00:01.078 Service scanning
12:00:02.640 Modules scanning
12:00:09.093 Disk 0 trace - called modules:
12:00:09.140 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
12:00:09.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82f46ab8]
12:00:09.140 3 CLASSPNP.SYS[f757cfd7] -> nt!IofCallDriver -> \Device\00000072[0x82f88398]
12:00:09.140 5 ACPI.sys[f7413620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x82fe0940]
12:00:09.187 Scan finished successfully
12:00:38.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user\Desktop\MBR.dat"
12:00:38.859 The log file has been saved successfully to "C:\Documents and Settings\user\Desktop\aswMBR.txt"

2011/07/25 12:18:11.0656 2688 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/25 12:18:12.0484 2688 ================================================================================
2011/07/25 12:18:12.0484 2688 SystemInfo:
2011/07/25 12:18:12.0484 2688
2011/07/25 12:18:12.0484 2688 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/25 12:18:12.0484 2688 Product type: Workstation
2011/07/25 12:18:12.0484 2688 ComputerName: HP3
2011/07/25 12:18:12.0484 2688 UserName: user
2011/07/25 12:18:12.0484 2688 Windows directory: C:\WINDOWS
2011/07/25 12:18:12.0484 2688 System windows directory: C:\WINDOWS
2011/07/25 12:18:12.0484 2688 Processor architecture: Intel x86
2011/07/25 12:18:12.0484 2688 Number of processors: 1
2011/07/25 12:18:12.0484 2688 Page size: 0x1000
2011/07/25 12:18:12.0484 2688 Boot type: Normal boot
2011/07/25 12:18:12.0484 2688 ================================================================================
2011/07/25 12:18:14.0406 2688 Initialize success
2011/07/25 12:18:23.0812 1788 ================================================================================
2011/07/25 12:18:23.0812 1788 Scan started
2011/07/25 12:18:23.0812 1788 Mode: Manual;
2011/07/25 12:18:23.0812 1788 ================================================================================
2011/07/25 12:18:24.0750 1788 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/25 12:18:24.0859 1788 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/07/25 12:18:25.0281 1788 aeaudio (f13d8e7e1faa31019c25eb17b5fb2662) C:\WINDOWS\system32\drivers\aeaudio.sys
2011/07/25 12:18:25.0406 1788 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/25 12:18:25.0703 1788 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/25 12:18:25.0875 1788 AgereSoftModem (029e01cb2938bec5af31bf47b6af0159) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/07/25 12:18:26.0812 1788 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/25 12:18:26.0906 1788 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/25 12:18:27.0312 1788 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/25 12:18:27.0437 1788 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/25 12:18:27.0843 1788 BCM43XX (114234fafec7060392195170e1c4d45e) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/07/25 12:18:28.0015 1788 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/25 12:18:28.0265 1788 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/25 12:18:28.0484 1788 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/25 12:18:28.0718 1788 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/25 12:18:28.0796 1788 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/25 12:18:29.0281 1788 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/07/25 12:18:29.0421 1788 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/07/25 12:18:29.0812 1788 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/25 12:18:30.0031 1788 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/25 12:18:30.0453 1788 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/25 12:18:30.0625 1788 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/25 12:18:30.0843 1788 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/25 12:18:31.0078 1788 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/25 12:18:31.0359 1788 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/25 12:18:31.0531 1788 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/07/25 12:18:31.0625 1788 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/25 12:18:31.0828 1788 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/07/25 12:18:31.0921 1788 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/25 12:18:32.0015 1788 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/25 12:18:32.0234 1788 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/25 12:18:32.0390 1788 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/25 12:18:32.0609 1788 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/25 12:18:33.0015 1788 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/25 12:18:33.0187 1788 ialm (240d0f5d7caafd87bd8d801a97bbe041) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/07/25 12:18:33.0453 1788 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/25 12:18:33.0640 1788 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/25 12:18:33.0718 1788 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/25 12:18:33.0937 1788 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/25 12:18:34.0078 1788 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/25 12:18:34.0234 1788 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/25 12:18:34.0437 1788 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/25 12:18:34.0515 1788 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/25 12:18:34.0609 1788 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/25 12:18:34.0812 1788 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/25 12:18:34.0937 1788 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/25 12:18:35.0062 1788 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/25 12:18:35.0343 1788 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/25 12:18:35.0593 1788 MidiSyn (63c34814492aa65fc517b002de77b191) C:\WINDOWS\system32\drivers\MidiSyn.sys
2011/07/25 12:18:35.0734 1788 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/25 12:18:35.0968 1788 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/25 12:18:36.0078 1788 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/25 12:18:36.0218 1788 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/25 12:18:36.0562 1788 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/25 12:18:36.0734 1788 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/25 12:18:36.0968 1788 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/25 12:18:37.0156 1788 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/25 12:18:37.0250 1788 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/25 12:18:37.0531 1788 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/25 12:18:37.0718 1788 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/25 12:18:37.0843 1788 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/25 12:18:38.0031 1788 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/25 12:18:38.0250 1788 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/25 12:18:38.0343 1788 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/25 12:18:38.0515 1788 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/25 12:18:38.0718 1788 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/25 12:18:38.0843 1788 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/25 12:18:39.0046 1788 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/25 12:18:39.0234 1788 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/25 12:18:39.0375 1788 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/25 12:18:39.0625 1788 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/25 12:18:39.0843 1788 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/25 12:18:39.0937 1788 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/25 12:18:40.0140 1788 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/07/25 12:18:40.0343 1788 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/25 12:18:40.0437 1788 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/25 12:18:40.0625 1788 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/25 12:18:40.0875 1788 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
2011/07/25 12:18:40.0984 1788 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/07/25 12:18:42.0062 1788 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/25 12:18:42.0250 1788 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/25 12:18:42.0453 1788 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/25 12:18:42.0828 1788 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/25 12:18:43.0031 1788 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/25 12:18:43.0093 1788 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/25 12:18:43.0375 1788 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/25 12:18:43.0609 1788 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/25 12:18:43.0734 1788 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/25 12:18:43.0906 1788 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/25 12:18:44.0125 1788 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/25 12:18:44.0328 1788 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/07/25 12:18:44.0515 1788 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/25 12:18:44.0781 1788 senfilt (9a4c4a4b191200f12085d188be70e4e3) C:\WINDOWS\system32\drivers\senfilt.sys
2011/07/25 12:18:44.0953 1788 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/25 12:18:45.0187 1788 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/25 12:18:45.0421 1788 smwdm (014ab093e6452ea88031bb6e22919bb5) C:\WINDOWS\system32\drivers\smwdm.sys
2011/07/25 12:18:45.0812 1788 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/25 12:18:45.0953 1788 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/25 12:18:46.0265 1788 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/25 12:18:46.0437 1788 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/25 12:18:46.0812 1788 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/25 12:18:47.0375 1788 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/25 12:18:47.0546 1788 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/25 12:18:47.0984 1788 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/25 12:18:48.0109 1788 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/25 12:18:48.0593 1788 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/25 12:18:48.0703 1788 tmactmon (de87a23d2ddc7378d1c7ab681e20de47) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
2011/07/25 12:18:48.0812 1788 tmcfw (7c5ca15a4993e101bf3cc521984c885a) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
2011/07/25 12:18:49.0125 1788 tmcomm (540c2b5dc47651c572c2804dc72fdda8) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
2011/07/25 12:18:49.0265 1788 tmevtmgr (2de1fa64ebaff376f2c038f64492f62c) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
2011/07/25 12:18:49.0375 1788 tmtdi (5a61679b2277b9ad550e30479a69503b) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
2011/07/25 12:18:49.0687 1788 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/25 12:18:49.0859 1788 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/25 12:18:50.0125 1788 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/25 12:18:50.0234 1788 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/25 12:18:50.0343 1788 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/25 12:18:51.0031 1788 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/25 12:18:51.0281 1788 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/25 12:18:51.0328 1788 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/25 12:18:51.0453 1788 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/25 12:18:51.0781 1788 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/25 12:18:51.0906 1788 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/25 12:18:52.0156 1788 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/25 12:18:52.0281 1788 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/07/25 12:18:52.0453 1788 Boot (0x1200) (96462ce8e7170e253aaecc18f124d70e) \Device\Harddisk0\DR0\Partition0
2011/07/25 12:18:52.0468 1788 ================================================================================
2011/07/25 12:18:52.0468 1788 Scan finished
2011/07/25 12:18:52.0468 1788 ================================================================================
2011/07/25 12:18:52.0484 2796 Detected object count: 0
2011/07/25 12:18:52.0484 2796 Actual detected object count: 0

Edited by 40SWMike, 25 July 2011 - 12:22 PM.

  • 0

#6
40SWMike
Posted 25 July 2011 - 12:29 PM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 115):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D1000 \WINDOWS\system32\hal.dll
0xF7A3C000 \WINDOWS\system32\KDCOM.DLL
0xF794C000 \WINDOWS\system32\BOOTVID.dll
0xF740D000 ACPI.sys
0xF7A3E000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF73FC000 pci.sys
0xF753C000 isapnp.sys
0xF7950000 compbatt.sys
0xF7954000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7B04000 PCIIde.sys
0xF77BC000 \WINDOWS\System32\Drivers\PCIIDEX.SYS
0xF7A40000 intelide.sys
0xF73DE000 pcmcia.sys
0xF754C000 MountMgr.sys
0xF73BF000 ftdisk.sys
0xF7958000 ACPIEC.sys
0xF7B05000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF77C4000 PartMgr.sys
0xF755C000 VolSnap.sys
0xF73A7000 atapi.sys
0xF756C000 disk.sys
0xF757C000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7387000 fltmgr.sys
0xF7375000 sr.sys
0xF735E000 KSecDD.sys
0xF72D1000 Ntfs.sys
0xF72A4000 NDIS.sys
0xF728A000 Mup.sys
0xF76CC000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF79FC000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xF711F000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF710B000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7834000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF70E7000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF783C000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF707E000 \SystemRoot\system32\DRIVERS\bcmwl5.sys
0xF784C000 \SystemRoot\system32\DRIVERS\RTL8139.SYS
0xF703E000 \SystemRoot\system32\drivers\smwdm.sys
0xF701A000 \SystemRoot\system32\drivers\portcls.sys
0xF76DC000 \SystemRoot\system32\drivers\drmk.sys
0xF6FF7000 \SystemRoot\system32\drivers\ks.sys
0xF6FD7000 \SystemRoot\system32\drivers\aeaudio.sys
0xF6F79000 \SystemRoot\system32\drivers\senfilt.sys
0xF6E74000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0xF7854000 \SystemRoot\System32\Drivers\Modem.SYS
0xF7A08000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF76FC000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF785C000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7864000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF770C000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF771C000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF772C000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF7B31000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF773C000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7A10000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6E5D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF774C000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF775C000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF786C000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6E24000 \SystemRoot\system32\DRIVERS\psched.sys
0xF776C000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7874000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF787C000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF777C000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A58000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6D9F000 \SystemRoot\system32\DRIVERS\update.sys
0xF7A20000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF6BB7000 \SystemRoot\system32\DRIVERS\TM_CFW.sys
0xF778C000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF759C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7A5A000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7A62000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7BB1000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A64000 \SystemRoot\System32\Drivers\Beep.SYS
0xF78A4000 \SystemRoot\System32\drivers\vga.sys
0xF7A66000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A68000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF78AC000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF78B4000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF79D8000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAA6ED000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAA694000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAA66C000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAA64A000 \SystemRoot\System32\drivers\afd.sys
0xF75BC000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAA635000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0xAA5E2000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAA572000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF75CC000 \SystemRoot\System32\Drivers\Fips.SYS
0xAA54C000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF75DC000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF764C000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xAA534000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7A76000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF6B9F000 \SystemRoot\System32\drivers\Dxapi.sys
0xF78F4000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7B2A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF041000 \SystemRoot\System32\ialmdev5.DLL
0xBF075000 \SystemRoot\System32\ialmdd5.DLL
0xAA3E0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xAA197000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xAA13B000 \SystemRoot\system32\DRIVERS\tmcomm.sys
0xAA101000 \SystemRoot\system32\DRIVERS\tmevtmgr.sys
0xAA0E4000 \SystemRoot\system32\DRIVERS\tmactmon.sys
0xA9F87000 \SystemRoot\system32\drivers\wdmaud.sys
0xAA23C000 \SystemRoot\system32\drivers\sysaudio.sys
0xA9900000 \SystemRoot\System32\Drivers\HTTP.sys
0xA9525000 \??\C:\DOCUME~1\user\LOCALS~1\Temp\aswMBR.sys
0xA93DF000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 33):
0 System Idle Process
4 System
1004 C:\WINDOWS\system32\smss.exe
1052 csrss.exe
1076 C:\WINDOWS\system32\winlogon.exe
1120 C:\WINDOWS\system32\services.exe
1132 C:\WINDOWS\system32\lsass.exe
1292 C:\WINDOWS\system32\svchost.exe
1372 svchost.exe
1408 C:\WINDOWS\system32\svchost.exe
1532 svchost.exe
1644 svchost.exe
1956 C:\WINDOWS\system32\spoolsv.exe
248 svchost.exe
276 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
292 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
472 C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
480 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
848 C:\WINDOWS\explorer.exe
212 C:\WINDOWS\system32\igfxtray.exe
420 C:\WINDOWS\system32\hkcmd.exe
680 C:\WINDOWS\system32\igfxpers.exe
392 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
796 C:\WINDOWS\AGRSMMSG.exe
908 C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
1424 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
1420 C:\WINDOWS\system32\ctfmon.exe
1616 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
1596 C:\WINDOWS\system32\alg.exe
1764 C:\WINDOWS\system32\igfxsrvc.exe
3356 C:\Program Files\Internet Explorer\iexplore.exe
624 C:\Program Files\Internet Explorer\iexplore.exe
1448 C:\Documents and Settings\user\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK8025GAS, Rev: KA024A

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7276

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/25/2011 12:53:04 PM
mbam-log-2011-07-25 (12-53-04).txt

Scan type: Quick scan
Objects scanned: 169880
Time elapsed: 8 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Ron, I tried to download Combofix but I'm using wi-fi at library. System would not let me. Will try another location. Do not have web access at home at this time. Thanks, Mike

Edited by 40SWMike, 25 July 2011 - 01:40 PM.

  • 0

#7
40SWMike
Posted 26 July 2011 - 12:24 PM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
ComboFix 11-07-26.02 - user 07/26/2011 11:25:53.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.758.547 [GMT -6:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-06-26 to 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-26 17:12 . 2011-07-26 17:12 -------- d-----w- c:\windows\LastGood
2011-07-26 17:10 . 2010-08-08 10:18 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-07-26 17:10 . 2010-08-08 10:18 203600 ----a-w- c:\windows\TmNSCIns.dll
2011-07-26 17:05 . 2011-07-26 17:05 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-25 18:40 . 2011-07-07 01:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-25 18:40 . 2011-07-25 18:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-25 18:40 . 2011-07-07 01:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-22 21:06 . 2011-07-22 21:06 -------- d-----w- c:\program files\hp deskjet 5550 series
2011-07-22 21:06 . 2002-12-10 00:19 147512 ----a-w- c:\windows\system32\hpzlnt07.dll
2011-07-22 21:04 . 2011-07-22 21:05 -------- d-----w- c:\program files\Hewlett-Packard
2011-07-22 19:33 . 2011-07-22 19:33 -------- d-----w- c:\program files\Common Files\Adobe
2011-07-22 19:25 . 2011-07-22 19:25 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-07-22 19:25 . 2011-07-22 19:25 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Adobe
2011-07-22 16:18 . 2011-07-22 16:18 388096 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-22 15:51 . 2011-07-22 15:51 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Mozilla
2011-07-21 22:59 . 2008-04-14 06:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2011-07-21 22:59 . 2008-04-14 06:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-07-21 18:44 . 2011-07-21 18:44 -------- d-----w- c:\windows\system32\wbem\Repository
2011-07-21 18:44 . 2011-07-21 18:44 -------- d-----w- c:\documents and settings\user\Application Data\Simply Super Software
2011-07-21 18:44 . 2011-07-21 18:44 -------- d-----w- c:\documents and settings\user\Application Data\IObit
2011-07-21 18:44 . 2011-07-21 18:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2011-07-11 21:48 . 2011-07-21 18:45 -------- d-----w- c:\documents and settings\Guest
2011-07-11 21:39 . 2006-06-19 18:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2011-07-11 21:39 . 2006-05-25 20:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2011-07-11 21:39 . 2005-08-26 06:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2011-07-11 21:39 . 2003-02-03 01:06 153088 ----a-w- c:\windows\system32\unrar3.dll
2011-07-11 21:39 . 2002-03-06 06:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2011-07-11 21:06 . 2011-07-11 21:06 -------- d-----w- c:\program files\IObit
2011-07-11 20:29 . 2011-07-11 20:29 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes
2011-07-11 20:28 . 2011-07-11 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-25 20:24 . 2011-06-25 20:23 1628552 ----a-w- c:\documents and settings\bios.exe
2011-06-25 20:20 . 2011-06-25 20:20 4318656 ----a-w- c:\documents and settings\bwifi.exe
2011-06-25 20:20 . 2011-06-25 20:19 9694488 ----a-w- c:\documents and settings\vid.exe
2011-06-25 20:19 . 2011-06-25 20:19 20514032 ----a-w- c:\documents and settings\aud.exe
2011-06-02 14:02 . 2004-08-04 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-02 15:31 . 2011-06-25 18:23 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2004-08-04 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2004-08-04 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 07:16 . 2011-07-22 15:51 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-13 88209]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-12-10 188416]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 205.139.50.143 63.209.206.118 4.2.2.1
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\guag6bjc.default\
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 11:30
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1645522239-1500820517-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'explorer.exe'(3396)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2011-07-26 11:31:50
ComboFix-quarantined-files.txt 2011-07-26 17:31
.
Pre-Run: 73,166,028,800 bytes free
Post-Run: 73,258,696,704 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 3A592EFA8677DC825C490A2E71FB73C5
I had to uninstall my security software to install and run Combofix, when re-installing securty software it crashed then completed install. Thanks Ron for your help, Mike

Edited by 40SWMike, 27 July 2011 - 12:28 PM.

  • 0

#8
40SWMike
Posted 30 July 2011 - 11:45 AM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Hi Ron, I have run all scans as directed hope you can figure out a fix. From what I see I would not have a clue as to what it is? I am very appreciative for your time and trouble to help me. Thanks again, Mike
  • 0

#9
RKinner
Posted 30 July 2011 - 02:15 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Sorry. Lost your reply.

I'm not seeing anything in any of the logs.

Download GMER from http://www.gmer.net/download.php Note the file's name and save it to your root folder, such as C:\.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on http://www.bleepingcomputer.com/forums/topic114351.html to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.


We Need to check for Rootkits with RootRepeal

[*]Extract RootRepeal.exe from the archive.
Right click on rootrepeal.zip and Extract All. Then move to the folder it created and find rootrepeal.exe and run it.
[*]Open Posted Image on your desktop.
[*]Click the Posted Image tab.
[*]Click the Posted Image button.
[*]Check all seven boxes: Posted Image
[*]Push Ok
[*]Check the box for your main system drive (Usually C:), and press Ok.
[*]Allow RootRepeal to run a scan of your system. This may take some time.
[*]Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.
[/list]

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a report option. Click on it and copy and paste the report (even if it says nothing found).


1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.

Start, Run, sfc /scannow, OK

SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.

Start, Run, sigverif, OK

Press Start. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#10
40SWMike
Posted 03 August 2011 - 11:59 AM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2011/08/02 16:33
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF740D000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2069376 File Visible: - Signed: -
Status: -

Name: ACPIEC.sys
Image Path: ACPIEC.sys
Address: 0xF7958000 Size: 11648 File Visible: - Signed: -
Status: -

Name: aeaudio.sys
Image Path: C:\WINDOWS\system32\drivers\aeaudio.sys
Address: 0xF6FD7000 Size: 129280 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xAA622000 Size: 138496 File Visible: - Signed: -
Status: -

Name: AGRSM.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AGRSM.sys
Address: 0xF6E4D000 Size: 1066208 File Visible: - Signed: -
Status: -

Name: Apfiltr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
Address: 0xF6E33000 Size: 105984 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF73A7000 Size: 96512 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF7C8E000 Size: 3072 File Visible: - Signed: -
Status: -

Name: BATTC.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS
Address: 0xF7954000 Size: 16384 File Visible: - Signed: -
Status: -

Name: bcmwl5.sys
Image Path: C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
Address: 0xF707E000 Size: 429184 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF7A58000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF794C000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF761C000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF770C000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF757C000 Size: 53248 File Visible: - Signed: -
Status: -

Name: CmBatt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Address: 0xF7A14000 Size: 13952 File Visible: - Signed: -
Status: -

Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF7950000 Size: 10240 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF756C000 Size: 36352 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF76DC000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xAA50C000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7A62000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xF6B75000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF000000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF7BC7000 Size: 4096 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF75BC000 Size: 44544 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF7387000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF7A56000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF73BF000 Size: 125056 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806D1000 Size: 131840 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xA9AB5000 Size: 265728 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF76EC000 Size: 52480 File Visible: - Signed: -
Status: -

Name: ialmdd5.DLL
Image Path: C:\WINDOWS\System32\ialmdd5.DLL
Address: 0xBF075000 Size: 925696 File Visible: - Signed: -
Status: -

Name: ialmdev5.DLL
Image Path: C:\WINDOWS\System32\ialmdev5.DLL
Address: 0xBF041000 Size: 212992 File Visible: - Signed: -
Status: -

Name: ialmdnt5.dll
Image Path: C:\WINDOWS\System32\ialmdnt5.dll
Address: 0xBF020000 Size: 135168 File Visible: - Signed: -
Status: -

Name: ialmnt5.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
Address: 0xF711F000 Size: 1049056 File Visible: - Signed: -
Status: -

Name: ialmrnt5.dll
Image Path: C:\WINDOWS\System32\ialmrnt5.dll
Address: 0xBF012000 Size: 57344 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF76FC000 Size: 42112 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xF7A40000 Size: 5504 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xF76CC000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xAA54C000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xAA6C5000 Size: 75264 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF753C000 Size: 37248 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF7844000 Size: 24576 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF7A3C000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xA9611000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\drivers\ks.sys
Address: 0xF6FF7000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF735E000 Size: 92928 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF7A5A000 Size: 4224 File Visible: - Signed: -
Status: -

Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF783C000 Size: 30080 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF784C000 Size: 23040 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF754C000 Size: 42368 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xAA16F000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xAA572000 Size: 456320 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF7894000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF775C000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF7A30000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF728A000 Size: 105472 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF72A4000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF7A20000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xAA400000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF6DF4000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF778C000 Size: 40960 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF75AC000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xAA644000 Size: 162816 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF789C000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF72D1000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2069376 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7C86000 Size: 2944 File Visible: - Signed: -
Status: -

Name: OPRGHDLR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Address: 0xF7B05000 Size: 4096 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF77C4000 Size: 19712 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF73FC000 Size: 68224 File Visible: - Signed: -
Status: -

Name: PCIIde.sys
Image Path: PCIIde.sys
Address: 0xF7B04000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\System32\Drivers\PCIIDEX.SYS
Address: 0xF77BC000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pcmcia.sys
Image Path: pcmcia.sys
Address: 0xF73DE000 Size: 120192 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2069376 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xF701A000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF6DE3000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF785C000 Size: 17792 File Visible: - Signed: -
Status: -

Name: pxtdipow.sys
Image Path: C:\DOCUME~1\user\LOCALS~1\Temp\pxtdipow.sys
Address: 0xA963C000 Size: 100864 File Visible: No Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF79F0000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF772C000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF773C000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF774C000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF7864000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2069376 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xAA5E2000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF7A5C000 Size: 4224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF771C000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA99C5000 Size: 49152 File Visible: No Signed: -
Status: -

Name: RTL8139.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
Address: 0xF782C000 Size: 20992 File Visible: - Signed: -
Status: -

Name: senfilt.sys
Image Path: C:\WINDOWS\system32\drivers\senfilt.sys
Address: 0xF6F79000 Size: 381056 File Visible: - Signed: -
Status: -

Name: smwdm.sys
Image Path: C:\WINDOWS\system32\drivers\smwdm.sys
Address: 0xF703E000 Size: 259648 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF7375000 Size: 73472 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF7A4E000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xAA1EC000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xAA66C000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF7854000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF777C000 Size: 40704 File Visible: - Signed: -
Status: -

Name: TM_CFW.sys
Image Path: C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
Address: 0xF6B9D000 Size: 1998848 File Visible: - Signed: -
Status: -

Name: tmactmon.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tmactmon.sys
Address: 0xAA01C000 Size: 118784 File Visible: - Signed: -
Status: -

Name: tmcomm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tmcomm.sys
Address: 0xAA073000 Size: 212992 File Visible: - Signed: -
Status: -

Name: tmevtmgr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
Address: 0xAA039000 Size: 73728 File Visible: - Signed: -
Status: -

Name: tmtdi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tmtdi.sys
Address: 0xAA60D000 Size: 85376 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF6D85000 Size: 384768 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF7A50000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF7824000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF759C000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF70E7000 Size: 147456 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF781C000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF788C000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF710B000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF755C000 Size: 52352 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF75CC000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF78CC000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xA9FDF000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1859584 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1859584 File Visible: - Signed: -
Status: -

Name: wmiacpi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
Address: 0xF7A04000 Size: 8832 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
Address: 0xF7A3E000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2069376 File Visible: - Signed: -
Status: -

Edited by 40SWMike, 03 August 2011 - 12:00 PM.

  • 0

Advertisements

#11
40SWMike
Posted 03 August 2011 - 12:04 PM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-02 15:59:14
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 TOSHIBA_MK8025GAS rev.KA024A
Running: er6k6jk2.exe; Driver: C:\DOCUME~1\user\LOCALS~1\Temp\pxtdipow.sys


---- System - GMER 1.0.15 ----

SSDT 82A6B740 ZwCreateKey
SSDT 82C824C0 ZwCreateMutant
SSDT 82A6A540 ZwCreateProcess
SSDT 82A6A840 ZwCreateProcessEx
SSDT 82C82880 ZwCreateSymbolicLinkObject
SSDT 82C82020 ZwCreateThread
SSDT 82A6BD40 ZwDeleteKey
SSDT 82A6C640 ZwDeleteValueKey
SSDT 82C82A60 ZwDuplicateObject
SSDT 82C821C0 ZwLoadDriver
SSDT 82A6AB40 ZwOpenProcess
SSDT 82A6CC20 ZwOpenSection
SSDT 82A6AE40 ZwOpenThread
SSDT 82A6C040 ZwRenameKey
SSDT 82A6C340 ZwRestoreKey
SSDT 82C826A0 ZwSetSystemInformation
SSDT 82A6BA40 ZwSetValueKey
SSDT 82A6B140 ZwTerminateProcess
SSDT 82A6B440 ZwTerminateThread
SSDT 82A6CE00 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF6FCEF80]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)

---- EOF - GMER 1.0.15 ----

Ron found this hidden file, hope it is a help. Thanks, Mike

06/25/2011 14:15:23 Inf Version is set to "8,00,6001,18702".
06/25/2011 14:15:23 HKCU Active Setup Key not found.

06/25/2011 14:15:23 COM initialized with S_OK success code.

06/25/2011 14:15:23 Branding Internet Explorer...
06/25/2011 14:15:23 Command line is "/mode:isp /peruser".

06/25/2011 14:15:23 Global branding settings are:
06/25/2011 14:15:23 Context is (0x01C00008) "Internet Content Providers, running from per-user stub";
06/25/2011 14:15:23 Settings file is "C:\Program Files\Internet Explorer\Signup\install.ins";
06/25/2011 14:15:23 Target folder path is "C:\Program Files\Internet Explorer\Signup".
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 About to clear previous branding...
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing migration of old settings...
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing wininet setup...
06/25/2011 14:15:23 There are no connection settings to process!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing deletion of connection settings...
06/25/2011 14:15:23 Existing connection settings weren't specified to be deleted!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing zones HKCU settings...
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing local machine policies and restrictions...
06/25/2011 14:15:23 There are no local machine *.inf files to process!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing current user policies and restrictions...
06/25/2011 14:15:23 There are no current user *.inf files to process!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing legacy policies and restrictions...
06/25/2011 14:15:23 There are no local machine *.inf files to process!
06/25/2011 14:15:23 There are no current user *.inf files to process!
06/25/2011 14:15:23 There are no legacy *.inf files to process!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing general customizations...
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing Help->About customization...
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing browser toolbar buttons...
06/25/2011 14:15:23 There are no toolbar buttons to process!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing root certificates...
06/25/2011 14:15:23 This feature is for ISPs only!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing default favorites and/or quick links...
06/25/2011 14:15:23 Creating separate thread for processing default favorites...

06/25/2011 14:15:23 COM initialized with S_OK success code.
06/25/2011 14:15:23 Determining favorites attributes...
06/25/2011 14:15:23 <Favorites> folder location is "C:\Documents and Settings\user\Favorites".
06/25/2011 14:15:23 marked as Low Integrity,
06/25/2011 14:15:23 Title - "Microsoft Websites\IE site on Microsoft.com.url",
06/25/2011 14:15:23 URL - "http://go.microsoft..../?linkid=44661",
06/25/2011 14:15:23 with a default icon,
06/25/2011 14:15:23 not marked IEAK created,
06/25/2011 14:15:23 Done.
06/25/2011 14:15:23 Determining favorites attributes...
06/25/2011 14:15:23 marked as Low Integrity,
06/25/2011 14:15:23 Title - "Microsoft Websites\IE Add-on site",
06/25/2011 14:15:23 URL - "http://go.microsoft..../?LinkId=50893",
06/25/2011 14:15:23 with a default icon,
06/25/2011 14:15:23 not marked IEAK created,
06/25/2011 14:15:23 Done.
06/25/2011 14:15:23 Determining favorites attributes...
06/25/2011 14:15:23 marked as Low Integrity,
06/25/2011 14:15:23 Title - "Microsoft Websites\Microsoft At Home",
06/25/2011 14:15:23 URL - "http://go.microsoft..../?linkid=55424",
06/25/2011 14:15:23 with a default icon,
06/25/2011 14:15:23 not marked IEAK created,
06/25/2011 14:15:23 Done.
06/25/2011 14:15:23 Determining favorites attributes...
06/25/2011 14:15:23 marked as Low Integrity,
06/25/2011 14:15:23 Title - "Microsoft Websites\Microsoft At Work",
06/25/2011 14:15:23 URL - "http://go.microsoft..../?linkid=68920",
06/25/2011 14:15:23 with a default icon,
06/25/2011 14:15:23 not marked IEAK created,
06/25/2011 14:15:23 Done.
06/25/2011 14:15:23 Determining favorites attributes...
06/25/2011 14:15:23 marked as Low Integrity,
06/25/2011 14:15:23 Title - "Microsoft Websites\Microsoft Store",
06/25/2011 14:15:23 URL - "http://go.microsoft....?linkid=140813",
06/25/2011 14:15:23 with a default icon,
06/25/2011 14:15:23 not marked IEAK created,
06/25/2011 14:15:23 Done.
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing deletion of favorites and/or quick links...
06/25/2011 14:15:23 None of the favorites folders were specified to be deleted!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing favorites...
06/25/2011 14:15:23 There are no favorites to add!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing ordering of favorites...
06/25/2011 14:15:23 Favorites will be put into the default position!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing quick links...
06/25/2011 14:15:23 There are no quick links to add!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing ordering of quick links...
06/25/2011 14:15:23 Quick Links will be put into the default position!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing connection settings...
06/25/2011 14:15:23 There are no connection settings to process!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Processing TrustedPublisherLockdown restriction...
06/25/2011 14:15:23 This restriction is not set!
06/25/2011 14:15:23 Done.

06/25/2011 14:15:23 Creating feeds...
06/25/2011 14:15:23 Processing [Feeds] section...

06/25/2011 14:15:23 Processing [FavoritesBar] section for Feeds...

06/25/2011 14:15:23 Processing [FavoritesBar] section for WebSlices...

06/25/2011 14:15:27 Done.

06/25/2011 14:15:27 Creating start pages...
06/25/2011 14:15:27 There are no start pages to add!
06/25/2011 14:15:27 Done.

06/25/2011 14:15:27 Creating search providers...
06/25/2011 14:15:27 There are no search providers to add!
06/25/2011 14:15:27 Done.

06/25/2011 14:15:27 Installing Activities...
06/25/2011 14:15:27 There are no Actitivies to Install!
06/25/2011 14:15:27 Done.

06/25/2011 14:15:27 Installing Unattend Favorite bar items...
06/25/2011 14:15:27 Cannot Open Registry Key HKCU\SOFTWARE\Microsoft\Internet Explorer\AppliedUnattend [error=2]. It probably doesn't exist. Not an error.
06/25/2011 14:15:27 ProcessUnattendFavBarItems processing favbaritems from location: SOFTWARE\Microsoft\Internet Explorer\UnattendBackup\ActiveSetup\FavoriteBarItems
06/25/2011 14:15:27 No subkeys found.
06/25/2011 14:15:27 Done.

06/25/2011 14:15:27 Installing Unattend Activites...
06/25/2011 14:15:27 Cannot Open Registry Key HKCU\SOFTWARE\Microsoft\Internet Explorer\AppliedUnattend [error=2]. It probably doesn't exist. Not an error.
06/25/2011 14:15:27 ProcessUnattendActivities processing activities from location: SOFTWARE\Microsoft\Internet Explorer\UnattendBackup\ActiveSetup\Accelerators
06/25/2011 14:15:27 No subkeys found.
06/25/2011 14:15:27 Done.

06/25/2011 14:15:27 Refreshing browser settings...
06/25/2011 14:15:27 Broadcasting "Windows settings change" to all top level windows...
06/25/2011 14:15:27 Done.
06/25/2011 14:15:27 Done.
06/25/2011 14:15:27 Done.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 03/08/2011 1:26:06 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/08/2011 3:36:51 PM
Type: error Category: 6
Event: 16 Source: Windows Update Agent
Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Log: 'System' Date/Time: 02/08/2011 3:36:35 PM
Type: error Category: 0
Event: 9 Source: atapi
The device, \Device\Ide\IdePort0, did not respond within the timeout period.

Log: 'System' Date/Time: 02/08/2011 2:55:48 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Alerter service depends on the Workstation service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 02/08/2011 11:10:15 AM
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 02/08/2011 11:10:15 AM
Type: error Category: 0
Event: 17 Source: W32Time
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Log: 'System' Date/Time: 01/08/2011 9:19:50 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Alerter service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.

Log: 'System' Date/Time: 01/08/2011 9:09:46 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Alerter service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.

Log: 'System' Date/Time: 01/08/2011 1:27:40 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Alerter service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.

Log: 'System' Date/Time: 01/08/2011 10:49:54 AM
Type: error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

Log: 'System' Date/Time: 01/08/2011 10:49:23 AM
Type: error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

Log: 'System' Date/Time: 01/08/2011 10:48:45 AM
Type: error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

Log: 'System' Date/Time: 31/07/2011 3:36:54 PM
Type: error Category: 6
Event: 16 Source: Windows Update Agent
Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Log: 'System' Date/Time: 28/07/2011 7:24:04 PM
Type: error Category: 0
Event: 9 Source: atapi
The device, \Device\Ide\IdePort0, did not respond within the timeout period.

Log: 'System' Date/Time: 27/07/2011 10:08:14 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Fast User Switching Compatibility service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/07/2011 10:08:07 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Alerter service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.

Log: 'System' Date/Time: 27/07/2011 10:06:53 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Fast User Switching Compatibility service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/07/2011 12:10:39 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Fast User Switching Compatibility service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 27/07/2011 12:10:35 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Alerter service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.

Log: 'System' Date/Time: 27/07/2011 12:09:22 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Fast User Switching Compatibility service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 26/07/2011 9:06:43 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Fast User Switching Compatibility service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/07/2011 4:44:17 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 0014A56C4E2E. The IP address being used is 169.254.72.201.

Log: 'System' Date/Time: 24/07/2011 7:58:42 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 0014A56C4E2E. The IP address being used is 169.254.72.201.

Log: 'System' Date/Time: 22/07/2011 3:06:45 PM
Type: warning Category: 0
Event: 20 Source: Print
Printer Driver hp deskjet 5550 series for Windows NT x86 Version-3 was added or updated. Files:- hpz2ku07.dll, hpzntp07.dll, hpf4a607.dat, hpfuih07.hlp, hpzcon07.dll, hpzcoi07.dll, hpzrp307.dll, hpzstw07.exe, hpzr3207.dll, hpzcon07.dll, hpzcfg07.exe, hpzeng07.exe, hpzflt07.dll, hpzime07.dll, hpzjui07.dll, hpzpre07.exe, hpzres07.dll, hpzstc07.exe, hpztbi07.dll, hpztbu07.exe, hpztbx07.exe, hpzvip07.dll, hpzlnt07.dll, hpzcoi07.dll.

Log: 'System' Date/Time: 21/07/2011 1:00:56 PM
Type: warning Category: 0
Event: 39 Source: NapAgent
The Network Access Protection Agent was unable to determine which HRAs to request a health certificate from. A network change or if GP is configured, a configuration change will prompt further attempts to acquire a health certificate. Otherwise no further attempts will be made. Contact the HRA administrator for more information.

Log: 'System' Date/Time: 27/06/2011 3:04:05 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 0014A56C4E2E. The IP address being used is 169.254.72.201.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 03/08/2011 1:29:41 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 01/08/2011 9:04:54 PM
Type: error Category: 1
Event: 4437 Source: MSDTC
The account that the MS DTC service is running under is invalid. This can happen if the service account information has been changed using the Services snap-in in Microsoft Management Console (MMC). MS DTC service will continue to start. Please make sure that the MS DTC service account information is updated using the Component Services Explorer.

Log: 'Application' Date/Time: 30/07/2011 11:14:09 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:14:09 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:14:09 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server returned an invalid or unrecognized response

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:36 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:35 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:35 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:35 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:35 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:35 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:35 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 30/07/2011 11:13:35 AM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 01/08/2011 1:26:32 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user HP3\user registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Log: 'Application' Date/Time: 21/07/2011 1:10:30 PM
Type: warning Category: 0
Event: 6 Source: crypt32
Reached crypt32 threshold of 50 events and will suspend logging for 60 minutes

Log: 'Application' Date/Time: 21/07/2011 12:50:05 PM
Type: warning Category: 0
Event: 2006 Source: LoadPerf
LastCounter and LastHelp values of performance registry is corrupted and needs to be updated. The first and second DWORDs in Data Section are the original values while the third and forth DWORDs in Data Section are the updated new values.

Log: 'Application' Date/Time: 21/07/2011 12:41:11 PM
Type: warning Category: 0
Event: 2006 Source: LoadPerf
LastCounter and LastHelp values of performance registry is corrupted and needs to be updated. The first and second DWORDs in Data Section are the original values while the third and forth DWORDs in Data Section are the updated new values.

Log: 'Application' Date/Time: 21/07/2011 12:08:20 PM
Type: warning Category: 0
Event: 6 Source: crypt32
Reached crypt32 threshold of 50 events and will suspend logging for 60 minutes

Log: 'Application' Date/Time: 25/06/2011 12:55:10 PM
Type: warning Category: 0
Event: 63 Source: WinMgmt
A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 25/06/2011 12:22:04 PM
Type: warning Category: 0
Event: 63 Source: WinMgmt
A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Edited by 40SWMike, 03 August 2011 - 01:31 PM.

  • 0

#12
RKinner
Posted 03 August 2011 - 01:26 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
The hidden file is just a log file that is created when you do an upgrade or install of IE and Outlook Express. Nothing to worry about. The file is safe to discard.

Nothing in your logs at all suspicious. You might want to look at your router. Does it have a different password from the default? Is it wireless? Are you using the maximum encryption? What firmware is on it?

Ron
  • 0

#13
40SWMike
Posted 03 August 2011 - 01:41 PM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
QuickScan Beta 32-bit v0.9.9.99
-------------------------------
Scan date: Wed Aug 03 13:36:04 2011
Machine ID: 7851A27B



No infection found.
-------------------



Processes
---------
Advanced SystemCare 456 C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
Advanced SystemCare 4 Tray 988 C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
Agere SoftModem Messaging Applet 808 C:\WINDOWS\AGRSMMSG.exe
Alps Pointing-device Driver 896 C:\Program Files\Apoint2K\Apoint.exe
Alps Pointing-device Driver for Windows 1572 C:\Program Files\Apoint2K\ApntEx.exe
HP DeskJet 836 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
Intel® Common User Interface 752 C:\WINDOWS\system32\hkcmd.exe
Intel® Common User Interface 792 C:\WINDOWS\system32\igfxpers.exe
Intel® Common User Interface 3784 C:\WINDOWS\system32\igfxsrvc.exe
Intel® Common User Interface 652 C:\WINDOWS\system32\igfxtray.exe
Microsoft® Windows® Operating System 208 C:\WINDOWS\system32\spoolsv.exe
SMax4PNP Application 800 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
SoundMAX service agent 1876 C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Trend Micro Anti-Malware Solution Platf 364 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
Trend Micro Anti-Malware Solution Platf 312 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
Trend Micro Anti-Spam for Outlook 924 C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
Trend Micro UniClient 408 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
Trend Micro UniClient 348 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(verified) Microsoft® Windows® Operating System 2012 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 2180 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 1068 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 944 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 1148 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 1136 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 964 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 276 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1312 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1380 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1420 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1464 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1580 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1832 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1092 C:\WINDOWS\system32\winlogon.exe
(verified) Windows® Internet Explorer 2280 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 3224 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 3416 C:\Program Files\Internet Explorer\iexplore.exe


Network activity
----------------
Process coreServiceShell.exe (312) connected on port 80 (HTTP) --> 74.125.227.33
Process coreServiceShell.exe (312) connected on port 80 (HTTP) --> 63.97.123.17
Process coreServiceShell.exe (312) connected on port 80 (HTTP) --> 66.220.149.18
Process coreServiceShell.exe (312) connected on port 443 (HTTP over SSL) --> 23.2.249.83
Process coreServiceShell.exe (312) connected on port 80 (HTTP) --> 63.97.123.51

Process svchost.exe (1380) listens on ports: 135 (RPC)


Autoruns and critical files
---------------------------
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Advanced SystemCare 4 Tray C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
Agere SoftModem Messaging Applet C:\WINDOWS\AGRSMMSG.exe
Alps Pointing-device Driver C:\Program Files\Apoint2K\Apoint.exe
HP DeskJet C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll
Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\logon.scr
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
SMax4PNP Application C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
Trend Micro Anti-Spam for Outlook C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
Trend Micro Titanium C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
Trend Micro UniClient C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
新注音 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
(verified) Microsoft IME 2002 C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
BitDefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Browser Exploit Prevention C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System C:\WINDOWS\System32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
Trend Micro Network Security Components C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe


Scan
----
MD5: 0bd343c45b4eccf8d6af94d6c3adc310 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 3978f082274f723ad5a0a8058c2417dd C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
MD5: c06f1a3ff958a10f828eee828623e193 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
MD5: e4b207a43e097fe3d335a5c1e8335c19 C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll
MD5: 077c9d66d5cbb120f96c277e2632dc75 C:\Program Files\Apoint2K\ApntEx.exe
MD5: 084ecac69cf20f162409de34495f4d6e C:\Program Files\Apoint2K\Apoint.DLL
MD5: e9baeaf70deb530fa496ce1bde2188f0 C:\Program Files\Apoint2K\Apoint.exe
MD5: bb0d38233f7261cce2d24bffd1f6ca0d C:\Program Files\Apoint2K\ApResUS.dll
MD5: 14bb715bb0752cf6d7e0404d0c9e56cf C:\Program Files\Apoint2K\EzAuto.dll
MD5: a2b8dc70cda24e7fc1bf4829c4eb4edd C:\Program Files\Apoint2K\EzLaunch.DLL
MD5: 42d248c8b9460f908e9d11475bad534c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: d2ada8af0ee98f3f76536015d74ee4bf C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MD5: c228a432a5a1fd7803d5387089dd053c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: 47c1de0a890613ffcff1d67648eedf90 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: a9d7153b413dd0a43aac72190473eeaf C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 6f120933f87e7dec972476170288a267 C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: 5dd552e15419354fcd8ee92ae2660814 C:\Program Files\internet explorer\xpshims.dll
MD5: 18ba414c06b667fa2cb48dc3e27c8f97 C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
MD5: aaaacbe10f58e92c0c3432bc901b2844 C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
MD5: d639546cb6cb38c386db746dc3b01520 C:\Program Files\IObit\Advanced SystemCare 4\datastate.dll
MD5: 4c2eaedd8e7e57838db48c4c88b476db C:\Program Files\IObit\Advanced SystemCare 4\madBasic_.bpl
MD5: d5d103a7c4f9dab3de6062160a9d03a6 C:\Program Files\IObit\Advanced SystemCare 4\madDisAsm_.bpl
MD5: 9e60c31564457f12584f7ac755e968b4 C:\Program Files\IObit\Advanced SystemCare 4\madExcept_.bpl
MD5: 2ba8242cd13b239565628220fbd0535b C:\Program Files\IObit\Advanced SystemCare 4\rtl120.bpl
MD5: e716be751fca66e97e49757305f44b3c C:\Program Files\IObit\Advanced SystemCare 4\vcl120.bpl
MD5: 3d6ebf8ecd830eb8f232361835ec4911 C:\Program Files\IObit\Advanced SystemCare 4\vclx120.bpl
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: b5cb94d7f639fdfbd4307f9e13de21f1 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
MD5: 7b6425745b2ad8354fe8ad2dce30a9e7 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
MD5: 02a5da225f3731eb7c5d93321e1c54f9 C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
MD5: f52744c171b626088893b8887c1f0196 C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
MD5: 0b966e3470e9af729a215dde52a26352 C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmProxy.dll
MD5: 1e7d6e98e18529bdbe18f32f5898a8ac C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEHook.dll
MD5: d2e80278273752a75775aa339e64fc6a C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
MD5: c2d8b536220e80a2a13874f2d448fbea C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
MD5: acc13813205aa50965840b0b5267a2da C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
MD5: 9d3b93a103e6432145533f5f7bb837b7 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
MD5: 230ea041666125b6812fe3ff964b2df3 C:\WINDOWS\AGRSMMSG.exe
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: 823451876778f382b23afe20ef2ddc20 C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: 7304984c4f875860bc99658d2ffc4805 C:\WINDOWS\system32\BROWSEUI.dll
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll
MD5: bdaaf79dd63f194434d31a74b9bb8b77 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll
MD5: 2a9e427681169f02274ad8c17d52fa2d C:\WINDOWS\system32\CSRSRV.dll
MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: f13d8e7e1faa31019c25eb17b5fb2662 C:\WINDOWS\system32\drivers\aeaudio.sys
MD5: 355556d9e580915118cd7ef736653a89 C:\WINDOWS\System32\drivers\afd.sys
MD5: 029e01cb2938bec5af31bf47b6af0159 C:\WINDOWS\system32\DRIVERS\AGRSM.sys
MD5: 285b803bfa147716b6fe7545586450cd C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
MD5: 114234fafec7060392195170e1c4d45e C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
MD5: 240d0f5d7caafd87bd8d801a97bbe041 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
MD5: 63c34814492aa65fc517b002de77b191 C:\WINDOWS\system32\drivers\MidiSyn.sys
MD5: 0dc719e9b15e902346e87e9dcd5751fa C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 9a4c4a4b191200f12085d188be70e4e3 C:\WINDOWS\system32\drivers\senfilt.sys
MD5: 014ab093e6452ea88031bb6e22919bb5 C:\WINDOWS\system32\drivers\smwdm.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 7c5ca15a4993e101bf3cc521984c885a C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
MD5: de87a23d2ddc7378d1c7ab681e20de47 C:\WINDOWS\system32\DRIVERS\tmactmon.sys
MD5: 540c2b5dc47651c572c2804dc72fdda8 C:\WINDOWS\system32\DRIVERS\tmcomm.sys
MD5: 2de1fa64ebaff376f2c038f64492f62c C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
MD5: 5a61679b2277b9ad550e30479a69503b C:\WINDOWS\system32\DRIVERS\tmtdi.sys
MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll
MD5: 3ea40c03bb20a68f5f49798296112ef9 C:\WINDOWS\system32\hccutils.DLL
MD5: 42344ddf30337979216ea6afa58bb42a C:\WINDOWS\system32\hkcmd.exe
MD5: e3eae647947b8d0214f8e89dab1b496e C:\WINDOWS\system32\hpzlnt07.dll
MD5: af61826b82de7b95d5db8ee075a172d2 C:\WINDOWS\system32\ieframe.dll
MD5: c0b6195f1afda4a3061915501eb75d4a C:\WINDOWS\system32\iepeers.dll
MD5: ba356bd33397936d2e292cb00f80c164 C:\WINDOWS\system32\iertutil.dll
MD5: bfc2a40fe739c453f5d02b7eef41ca28 C:\WINDOWS\system32\igfxdev.dll
MD5: 4b10675852fe8862521024778e264d5f C:\WINDOWS\system32\igfxpers.exe
MD5: 84e54181481b72144672af9c044dac7b C:\WINDOWS\system32\igfxres.dll
MD5: f36c8d4f87907953eee9d0b1b55bc65e C:\WINDOWS\system32\igfxress.dll
MD5: 841a401331b3ec5c5662517fffd3ea12 C:\WINDOWS\system32\igfxsrvc.dll
MD5: 476a0876c16d2cc3f5a46697cf37bee7 C:\WINDOWS\system32\igfxsrvc.exe
MD5: 6e5a178e359ee42f748186a14449d848 C:\WINDOWS\system32\igfxtray.exe
MD5: 024dc0f68df5fd6ae9dd82dfbaf479d6 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
MD5: 73c37297c84dc0500aeef8ec130afd60 C:\WINDOWS\system32\INETCOMM.dll
MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\System32\logon.scr
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: 6b890b23b7b82345ae820e9d0e056b13 C:\WINDOWS\system32\Macromed\Flash\Flash10u.ocx
MD5: 5ff9d3dbdb154fc50f680a32ba397614 C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL
MD5: 14da23d2b9310c694aba9dcae14dc059 C:\WINDOWS\system32\msfeeds.dll
MD5: 22ba5235ea846eda87f68a1dcc2bfcf9 C:\WINDOWS\system32\mshtml.dll
MD5: d3f72d50de53f9f1f55240115af4d42e c:\windows\system32\msi.dll
MD5: c7e39ea41233e9f5b86c8da3a9f1e4a8 C:\WINDOWS\system32\mspmsnsv.dll
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\System32\mswsock.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 c:\windows\system32\netshell.dll
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
MD5: 7a6a7900b5e322763430ba6fd9a31224 C:\WINDOWS\system32\ole32.dll
MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
MD5: abeedd547e939ad827b2e29dec754206 C:\WINDOWS\system32\schannel.dll
MD5: a824fb0907738a39680b0609671f4740 C:\WINDOWS\system32\SHDOCVW.dll
MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: 28bd4fca1baf3db23c3e901eb02cff85 C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZR3207.DLL
MD5: 2d9ce5dde52ceea539e0dd20735a0797 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 C:\WINDOWS\System32\srvsvc.dll
MD5: 78bb1e601edab917094b0260a5a57c85 C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: f98827d54446a0ff71999be8369dd368 C:\WINDOWS\system32\VXDIF.DLL
MD5: cc951c2212a200475a587a440e0aa804 C:\WINDOWS\system32\WININET.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: ec0a223c4854e98a3afb2c31b7b420a0 C:\WINDOWS\system32\winsrv.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: 1b3b381e1aab46f7b321a46150d890cb C:\WINDOWS\system32\xpsp3res.dll
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll


No file uploaded.

Scan finished - communication took 4 sec
Total traffic - 0.01 MB sent, 0.52 KB recvd
Scanned 470 files and modules - 29 seconds

==============================================================================

Ron it would not let me run as directed. Thanks again, Mike
  • 0

#14
RKinner
Posted 03 August 2011 - 04:23 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Ron it would not let me run as directed. Thanks again, Mike


What wouldn't run?

Looking at your event files we have quite a lot of strange things going on.

First you have Network Access Protection running and I have no idea why it would be. I'd right click on My Computer, select Manage then Continue then Services and Applications then Services. Find Network Access Protection Client and right click and select Properties then change the Startup Type to Disabled. Then Apply. STOP the service if it is running.

Repeat for the Alerter service.

Repeat for the Fast User Switching Compatibility service

Reboot and see if you can still get on the internet. If not go back in and change Network Access Protection Client back to Automatic Apply and reboot.

Right click on the clock and select Adjust Date/Time then Internet Time then Change Settings. Make sure the box is checked to Synchronize with an Internet Time server then Update now. If it doesn't work change the time server to one of the others and try again. Were you able to get it to work?

Control Panel, Windows Updates. Does it say no updates or is there an error message?

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. Run Vino's as before and post the logs.
  • 0

#15
40SWMike
Posted 04 August 2011 - 02:55 PM

40SWMike

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Hi Ron, I'm using library wi-fi to go online as my router was screwed. Bitdefender would not allow to run as directed. Windows Update seems to be fine.The major problem I'm having is VEW, I try to run scan and I get (Run time error-'462':)The Remote Server Machine does not exist or it is unavailable. I checked Event Viewer and it says their is an error, but I can view events but can't copy anything. Someone is screwing around with me. I have a scan I would like you to see. Hope this is not a waste of your time. Thanks again, Mike

SIGVERIF Scan.
browseui.dll 25/04/2011 2:5.1 Signed KB2530548.cat Microsoft Windows Component Publisher
csrsrv.dll 26/04/2011 2:5.1 Signed KB2507938.cat Microsoft Windows Component Publisher
iedkcs32.dll 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
ieencode.dll 25/04/2011 2:5.1 Signed KB2530548.cat Microsoft Windows Component Publisher
iepeers.dll 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
inetcomm.dll 02/05/2011 2:5.1 Signed KB2544893.cat Microsoft Windows Component Publisher
inetcpl.cpl 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
jsproxy.dll 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
licmgr10.dll 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
mshtml.dll 30/05/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
mshtmled.dll 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
mstime.dll 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
schannel.dll 29/04/2011 2:5.1 Signed KB2541763.cat Microsoft Windows Component Publisher
urlmon.dll 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
wininet.dll 25/04/2011 2:5.1 Signed KB2530548-IE8.cat Microsoft Windows Component Publisher
mrxsmb.sys 29/04/2011 2:5.1 Signed KB2536276.cat Microsoft Windows Component Publisher
mup.sys 21/04/2011 2:5.1 Signed KB2535512.cat Microsoft Windows Component Publisher

Unscanned Files:
------------------
[c:\program files\common files\microsoft shared\web server extensions\40\_vti_bin]
fpcount.exe The file is not installed.
shtml.exe The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\_vti_bin\_vti_adm]
admin.exe The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\_vti_bin\_vti_aut]
author.exe The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\admcgi\scripts]
fpadmcgi.exe The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\admisapi\scripts]
fpadmdll.dll The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\bin]
cfgwiz.exe The file is not installed.
fp4areg.dll The file is not installed.
fp4atxt.dll The file is not installed.
fp4avss.dll The file is not installed.
fp4awel.dll The file is not installed.
fpencode.dll The file is not installed.
fpexedll.dll The file is not installed.
fpmmc.dll The file is not installed.
fpremadm.exe The file is not installed.
tcptest.exe The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\bin\1033]
fpmmcsat.dll The file is not installed.
tcptsat.dll The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\bots\vinavbar]
fp4avnb.dll The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\isapi]
shtml.dll The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\isapi\_vti_adm]
admin.dll The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\isapi\_vti_aut]
author.dll The file is not installed.
[c:\program files\common files\microsoft shared\web server extensions\40\servsupp]
fp4amsft.dll The file is not installed.
fp4anscp.dll The file is not installed.
fp4apws.dll The file is not installed.
fp4awebs.dll The file is not installed.
[c:\program files\microsoft frontpage\version3.0\bin]
fp98sadm.exe The file is not installed.
fp98swin.exe The file is not installed.
[c:\program files\xerox\nwwia]
xrxflnch.exe The file is not installed.
xrxftplt.exe The file is not installed.
[c:\windows\system]
agcgauge.ax The file is not installed.
camexo20.ax The file is not installed.
camexo20.dll The file is not installed.
camext20.dll The file is not installed.
philcam1.dll The file is not installed.
phvfwext.dll The file is not installed.
[c:\windows\system32]
3dfxvs.dll The file is not installed.
8514a.dll The file is not installed.
a3dapi.dll The file is not installed.
acerscad.dll The file is not installed.
adsiisex.dll The file is not installed.
ati.dll The file is not installed.
atidrab.dll The file is not installed.
atidrae.dll The file is not installed.
atidvai.dll The file is not installed.
atievxx.exe The file is not installed.
atiraged.dll The file is not installed.
avmcoxp.dll The file is not installed.
avmenum.dll The file is not installed.
banshee.dll The file is not installed.
bdaplgin.ax The file is not installed.
binlsvc.dll The file is not installed.
brbidiif.dll The file is not installed.
brcoinst.dll The file is not installed.
brevif.dll The file is not installed.
brmfbidi.dll The file is not installed.
brmfcwia.dll The file is not installed.
brmflpt.dll The file is not installed.
brmfrsmg.exe The file is not installed.
brmfusb.dll The file is not installed.
brscnrsm.dll The file is not installed.
brserif.dll The file is not installed.
c_1047.nls The file is not installed.
c_1140.nls The file is not installed.
c_1141.nls The file is not installed.
c_1142.nls The file is not installed.
c_1143.nls The file is not installed.
c_1144.nls The file is not installed.
c_1145.nls The file is not installed.
c_1146.nls The file is not installed.
c_1147.nls The file is not installed.
c_1148.nls The file is not installed.
c_1149.nls The file is not installed.
c_20001.nls The file is not installed.
c_20002.nls The file is not installed.
c_20003.nls The file is not installed.
c_20004.nls The file is not installed.
c_20005.nls The file is not installed.
c_20105.nls The file is not installed.
c_20106.nls The file is not installed.
c_20107.nls The file is not installed.
c_20108.nls The file is not installed.
c_20269.nls The file is not installed.
c_20273.nls The file is not installed.
c_20277.nls The file is not installed.
c_20278.nls The file is not installed.
c_20280.nls The file is not installed.
c_20284.nls The file is not installed.
c_20285.nls The file is not installed.
c_20297.nls The file is not installed.
c_20420.nls The file is not installed.
c_20423.nls The file is not installed.
c_20424.nls The file is not installed.
c_20833.nls The file is not installed.
c_20838.nls The file is not installed.
c_20871.nls The file is not installed.
c_20880.nls The file is not installed.
c_20924.nls The file is not installed.
c_21025.nls The file is not installed.
c_858.nls The file is not installed.
c_870.nls The file is not installed.
camext20.ax The file is not installed.
camext30.ax The file is not installed.
camext30.dll The file is not installed.
capi20nt.dll The file is not installed.
change.exe The file is not installed.
chglogon.exe The file is not installed.
chgport.exe The file is not installed.
chgusr.exe The file is not installed.
cirrus.dll The file is not installed.
cl5465.dll The file is not installed.
cl546x.dll The file is not installed.
cnusd.dll The file is not installed.
cprofile.exe The file is not installed.
cpscan.dll The file is not installed.
csamsp.dll The file is not installed.
ctmasetp.dll The file is not installed.
ctwdm32.dll The file is not installed.
cyycoins.dll The file is not installed.
cyyports.dll The file is not installed.
cyzcoins.dll The file is not installed.
cyzports.dll The file is not installed.
dc210_32.dll The file is not installed.
dc210usd.dll The file is not installed.
dc240usd.dll The file is not installed.
dc260usd.dll The file is not installed.
devcon32.dll The file is not installed.
devldr32.exe The file is not installed.
dgconfig.dll The file is not installed.
digiasyn.dll The file is not installed.
digidbp.dll The file is not installed.
digifwrk.dll The file is not installed.
digihlc.dll The file is not installed.
digiinf.dll The file is not installed.
digiisdn.dll The file is not installed.
digirlpt.dll The file is not installed.
digiview.exe The file is not installed.
disrvci.dll The file is not installed.
disrvpp.dll The file is not installed.
disrvsu.dll The file is not installed.
ditrace.exe The file is not installed.
divaci.dll The file is not installed.
divaprop.dll The file is not installed.
divasu.dll The file is not installed.
dshowext.ax The file is not installed.
edb500.dll The file is not installed.
eqndiag.exe The file is not installed.
eqnlogr.exe The file is not installed.
eqnloop.exe The file is not installed.
esucm.dll The file is not installed.
esucmd.dll The file is not installed.
esuimg.dll The file is not installed.
esuimgd.dll The file is not installed.
esuni.dll The file is not installed.
esunib.dll The file is not installed.
esunid.dll The file is not installed.
evntagnt.dll The file is not installed.
evntcmd.exe The file is not installed.
evntwin.exe The file is not installed.
fcachdll.dll The file is not installed.
flattemp.exe The file is not installed.
fnfilter.dll The file is not installed.
fpcibase.sys The file is not installed.
fpcmbase.sys The file is not installed.
fpnpbase.sys The file is not installed.
fus2base.sys The file is not installed.
fusbbase.sys The file is not installed.
fuusd.dll The file is not installed.
fxsapi.dll The file is not installed.
fxscfgwz.dll The file is not installed.
fxsclnt.exe The file is not installed.
fxsclntr.dll The file is not installed.
fxscom.dll The file is not installed.
fxscomex.dll The file is not installed.
fxscover.exe The file is not installed.
fxsdrv.dll The file is not installed.
fxsevent.dll The file is not installed.
fxsext32.dll The file is not installed.
fxsmon.dll The file is not installed.
fxsperf.dll The file is not installed.
fxsres.dll The file is not installed.
fxsroute.dll The file is not installed.
fxssend.exe The file is not installed.
fxsst.dll The file is not installed.
fxssvc.exe The file is not installed.
fxst30.dll The file is not installed.
fxstiff.dll The file is not installed.
fxsui.dll The file is not installed.
fxswzrd.dll The file is not installed.
fxsxp32.dll The file is not installed.
fxusbase.sys The file is not installed.
g200d.dll The file is not installed.
g400d.dll The file is not installed.
hidserv.dll The file is not installed.
hostmib.dll The file is not installed.
hpdigwia.dll The file is not installed.
hpgt21.dll The file is not installed.
hpgt21tk.dll The file is not installed.
hpgt33.dll The file is not installed.
hpgt33tk.dll The file is not installed.
hpgt34.dll The file is not installed.
hpgt34tk.dll The file is not installed.
hpgt42.dll The file is not installed.
hpgt42tk.dll The file is not installed.
hpgt53.dll The file is not installed.
hpgt53tk.dll The file is not installed.
hpgtmcro.dll The file is not installed.
hpojwia.dll The file is not installed.
hpsjmcro.dll The file is not installed.
hr1w.dll The file is not installed.
hsf_inst.dll The file is not installed.
i740dnt5.dll The file is not installed.
i81xdnt5.dll The file is not installed.
ibmsgnet.dll The file is not installed.
icam3ext.dll The file is not installed.
icam4com.dll The file is not installed.
icam4ext.dll The file is not installed.
icam5com.dll The file is not installed.
icam5ext.dll The file is not installed.
io8ports.dll The file is not installed.
iprip.dll The file is not installed.
ipsink.ax The file is not installed.
irftp.exe The file is not installed.
irmon.dll The file is not installed.
jupiw.dll The file is not installed.
kdsui.dll The file is not installed.
kdsusd.dll The file is not installed.
kousd.dll The file is not installed.
kstvtune.ax The file is not installed.
kswdmcap.ax The file is not installed.
ksxbar.ax The file is not installed.
lmmib2.dll The file is not installed.
lpdsvc.dll The file is not installed.
lprmon.dll The file is not installed.
m3091dc.dll The file is not installed.
m3092dc.dll The file is not installed.
memgrp.dll The file is not installed.
mga.dll The file is not installed.
mgaud.dll The file is not installed.
migisol.exe The file is not installed.
msdvbnp.ax The file is not installed.
msiregmv.exe The file is not installed.
mtstocom.exe The file is not installed.
mxicfg.dll The file is not installed.
mxport.dll The file is not installed.
n9i128.dll The file is not installed.
n9i128v2.dll The file is not installed.
n9i3disp.dll The file is not installed.
neo20xx.dll The file is not installed.
nv3.dll The file is not installed.
ovcodec2.dll The file is not installed.
ovcomc.dll The file is not installed.
ovcoms.exe The file is not installed.
ovui2.dll The file is not installed.
ovui2rc.dll The file is not installed.
pctspk.exe The file is not installed.
perm2dll.dll The file is not installed.
perm3dd.dll The file is not installed.
phdsext.ax The file is not installed.
pmxgl.dll The file is not installed.
pmxmcro.dll The file is not installed.
pmxviceo.dll The file is not installed.
psisdecd.dll The file is not installed.
psisload.dll The file is not installed.
psisrndr.ax The file is not installed.
query.exe The file is not installed.
quser.exe The file is not installed.
qvusd.dll The file is not installed.
register.exe The file is not installed.
regtrace.exe The file is not installed.
rsmgrstr.dll The file is not installed.
rw001ext.dll The file is not installed.
rw330ext.dll The file is not installed.
rw430ext.dll The file is not installed.
rw450ext.dll The file is not installed.
rwia001.dll The file is not installed.
rwia330.dll The file is not installed.
rwia430.dll The file is not installed.
rwia450.dll The file is not installed.
s3legacy.dll The file is not installed.
s3mt3d.dll The file is not installed.
s3mtrio.dll The file is not installed.
s3mvirge.dll The file is not installed.
s3sav3d.dll The file is not installed.
s3sav4.dll The file is not installed.
s3savmx.dll The file is not installed.
sblfx.dll The file is not installed.
sgiul50.dll The file is not installed.
simptcp.dll The file is not installed.
sis300iv.dll The file is not installed.
sis6306v.dll The file is not installed.
sisgrv.dll The file is not installed.
sisv256.dll The file is not installed.
sm59w.dll The file is not installed.
sm81w.dll The file is not installed.
sm87w.dll The file is not installed.
sm89w.dll The file is not installed.
sm8aw.dll The file is not installed.
sm8cw.dll The file is not installed.
sm8dw.dll The file is not installed.
sm90w.dll The file is not installed.
sm91w.dll The file is not installed.
sm92w.dll The file is not installed.
sm93w.dll The file is not installed.
sm9aw.dll The file is not installed.
sma0w.dll The file is not installed.
sma3w.dll The file is not installed.
smb0w.dll The file is not installed.
smb3w.dll The file is not installed.
smb6w.dll The file is not installed.
smidispb.dll The file is not installed.
smtpctrs.dll The file is not installed.
snmp.exe The file is not installed.
snmpmib.dll The file is not installed.
snmptrap.exe The file is not installed.
snprfdll.dll The file is not installed.
sonypi.dll The file is not installed.
spdports.dll The file is not installed.
spxupchk.dll The file is not installed.
srusbusd.dll The file is not installed.
srusd.dll The file is not installed.
stlncoin.dll The file is not installed.
stlnprop.dll The file is not installed.
sw_effct.dll The file is not installed.
sw_wheel.dll The file is not installed.
swpdflt2.dll The file is not installed.
swpidflt.dll The file is not installed.
sxports.dll The file is not installed.
t2r4disp.dll The file is not installed.
tgiul50.dll The file is not installed.
tp4.dll The file is not installed.
tp4mon.exe The file is not installed.
tp4res.dll The file is not installed.
trid3d.dll The file is not installed.
tridkb.dll The file is not installed.
tridxp.dll The file is not installed.
tsprof.exe The file is not installed.
um34scan.dll The file is not installed.
um54scan.dll The file is not installed.
umaxcam.dll The file is not installed.
umaxp60.dll The file is not installed.
umaxscan.dll The file is not installed.
umaxu12.dll The file is not installed.
umaxu22.dll The file is not installed.
umaxu40.dll The file is not installed.
umaxud32.dll The file is not installed.
vfwwdm32.dll The file is not installed.
w32.dll The file is not installed.
weitekp9.dll The file is not installed.
wiafbdrv.dll The file is not installed.
wiamsmud.dll The file is not installed.
wshirda.dll The file is not installed.
xlog.exe The file is not installed.
xrxscnui.dll The file is not installed.
xrxwbtmp.dll The file is not installed.
xrxwiadr.dll The file is not installed.
[c:\windows\system32\com]
migregdb.exe The file is not installed.
[c:\windows\system32\drivers]
1394bus.sys The file is not installed.
1394vdbg.sys The file is not installed.
3cwmcru.sys The file is not installed.
3dfxvsm.sys The file is not installed.
4mmdat.sys The file is not installed.
61883.sys The file is not installed.
abp480n5.sys The file is not installed.
ac97ali.sys The file is not installed.
ac97intc.sys The file is not installed.
ac97sis.sys The file is not installed.
ac97via.sys The file is not installed.
adicvls.sys The file is not installed.
adm8511.sys The file is not installed.
adm8810.sys The file is not installed.
adm8820.sys The file is not installed.
adm8830.sys The file is not installed.
admjoy.sys The file is not installed.
adptsf50.sys The file is not installed.
adpu160m.sys The file is not installed.
aha154x.sys The file is not installed.
aic78u2.sys The file is not installed.
aic78xx.sys The file is not installed.
ali5261.sys The file is not installed.
alifir.sys The file is not installed.
aliide.sys The file is not installed.
amb8002.sys The file is not installed.
amsint.sys The file is not installed.
an983.sys The file is not installed.
apmbatt.sys The file is not installed.
asc.sys The file is not installed.
asc3350p.sys The file is not installed.
asc3550.sys The file is not installed.
aspndis3.sys The file is not installed.
ati.sys The file is not installed.
atibt829.sys The file is not installed.
atimpab.sys The file is not installed.
atimpae.sys The file is not installed.
atimtai.sys The file is not installed.
atipcxxx.sys The file is not installed.
atiragem.sys The file is not installed.
atirtcap.sys The file is not installed.
atirtsnd.sys The file is not installed.
atitunep.sys The file is not installed.
atitvsnd.sys The file is not installed.
ativmdcd.sys The file is not installed.
ativttxx.sys The file is not installed.
ativxbar.sys The file is not installed.
atixbar.sys The file is not installed.
avc.sys The file is not installed.
avcaudio.sys The file is not installed.
avcstrm.sys The file is not installed.
avmwan.sys The file is not installed.
aztw2320.sys The file is not installed.
b1cbase.sys The file is not installed.
b57xp32.sys The file is not installed.
banshee.sys The file is not installed.
bcm42u.sys The file is not installed.
bcm42xx5.sys The file is not installed.
bcm4e5.sys The file is not installed.
bcmdm.sys The file is not installed.
bdasup.sys The file is not installed.
brfilt.sys The file is not installed.
brfiltlo.sys The file is not installed.
brfiltup.sys The file is not installed.
brparimg.sys The file is not installed.
brparwdm.sys The file is not installed.
brserwdm.sys The file is not installed.
brusbmdm.sys The file is not installed.
brusbscn.sys The file is not installed.
brzwlan.sys The file is not installed.
bulltlp3.sys The file is not installed.
camdro21.sys The file is not installed.
camdrv21.sys The file is not installed.
camdrv30.sys The file is not installed.
cap7146.sys The file is not installed.
cb102.sys The file is not installed.
cb325.sys The file is not installed.
cben5.sys The file is not installed.
cbmdmkxx.sys The file is not installed.
ccdecode.sys The file is not installed.
cd20xrnt.sys The file is not installed.
ce2n5.sys The file is not installed.
ce3n5.sys The file is not installed.
cem28n5.sys The file is not installed.
cem33n5.sys The file is not installed.
cem56n5.sys The file is not installed.
changer.sys The file is not installed.
cicap.sys The file is not installed.
cinemclc.sys The file is not installed.
cirrus.sys The file is not installed.
cl546xm.sys The file is not installed.
cmbp0wdm.sys The file is not installed.
cmdide.sys The file is not installed.
cnxt1803.sys The file is not installed.
cpqarray.sys The file is not installed.
cpqndis5.sys The file is not installed.
cpqtrnd5.sys The file is not installed.
crtaud.sys The file is not installed.
ctlfacem.sys The file is not installed.
ctljystk.sys The file is not installed.
ctlsb16.sys The file is not installed.
cwbase.sys The file is not installed.
cwbmidi.sys The file is not installed.
cwbwdm.sys The file is not installed.
cwcos.sys The file is not installed.
cwcspud.sys The file is not installed.
cwcwdm.sys The file is not installed.
cwrwdm.sys The file is not installed.
cyclad-z.sys The file is not installed.
cyclom-y.sys The file is not installed.
cyyport.sys The file is not installed.
cyzport.sys The file is not installed.
d100ib5.sys The file is not installed.
dac2w2k.sys The file is not installed.
dac960nt.sys The file is not installed.
dc21x4.sys The file is not installed.
ddsmc.sys The file is not installed.
defpa.sys The file is not installed.
dfe650.sys The file is not installed.
dfe650d.sys The file is not installed.
dgapci.sys The file is not installed.
digiasyn.sys The file is not installed.
digidxb.sys The file is not installed.
digifep5.sys The file is not installed.
digiisdn.sys The file is not installed.
digirlpt.sys The file is not installed.
dlh5xnd5.sys The file is not installed.
dlttape.sys The file is not installed.
dm9pci5.sys The file is not installed.
dot4.sys The file is not installed.
dot4prt.sys The file is not installed.
dot4scan.sys The file is not installed.
dot4usb.sys The file is not installed.
dp83820.sys The file is not installed.
dpti2o.sys The file is not installed.
ds1wdm.sys The file is not installed.
e1000nt5.sys The file is not installed.
e100b325.sys The file is not installed.
e100isa4.sys The file is not installed.
el515.sys The file is not installed.
el556nd5.sys The file is not installed.
el574nd4.sys The file is not installed.
el575nd5.sys The file is not installed.
el589nd5.sys The file is not installed.
el656cd5.sys The file is not installed.
el656ct5.sys The file is not installed.
el656nd5.sys The file is not installed.
el656se5.sys The file is not installed.
el90xbc5.sys The file is not installed.
el90xnd5.sys The file is not installed.
el985n51.sys The file is not installed.
el98xn5.sys The file is not installed.
el99xn51.sys The file is not installed.
elmsmc.sys The file is not installed.
elnk3.sys The file is not installed.
em556n4a.sys The file is not installed.
em556n4b.sys The file is not installed.
em556n4i.sys The file is not installed.
emu10k1m.sys The file is not installed.
enum1394.sys The file is not installed.
epcfw2k.sys The file is not installed.
epro4.sys The file is not installed.
epstw2k.sys The file is not installed.
eqn.sys The file is not installed.
es1370mp.sys The file is not installed.
es1371mp.sys The file is not installed.
es1969.sys The file is not installed.
es198x.sys The file is not installed.
es56cvmp.sys The file is not installed.
es56hpi.sys The file is not installed.
es56tpi.sys The file is not installed.
ess.sys The file is not installed.
essm2e.sys The file is not installed.
et4000.sys The file is not installed.
ex10.sys The file is not installed.
exabyte2.sys The file is not installed.
f3ab18xi.sys The file is not installed.
f3ab18xj.sys The file is not installed.
fa312nd5.sys The file is not installed.
fa410nd5.sys The file is not installed.
fem556na.sys The file is not installed.
fem556nb.sys The file is not installed.
fem556ni.sys The file is not installed.
fetnd5.sys The file is not installed.
forehe.sys The file is not installed.
g200m.sys The file is not installed.
g400m.sys The file is not installed.
gameenum.sys The file is not installed.
gckernel.sys The file is not installed.
gpr400.sys The file is not installed.
grclass.sys The file is not installed.
grserial.sys The file is not installed.
hcf_msft.sys The file is not installed.
hidbatt.sys The file is not installed.
hidgame.sys The file is not installed.
hidswvd.sys The file is not installed.
hidusb.sys The file is not installed.
hpn.sys The file is not installed.
hpt4qic.sys The file is not installed.
hsf_amos.sys The file is not installed.
hsf_bsc2.sys The file is not installed.
hsf_fall.sys The file is not installed.
hsf_faxx.sys The file is not installed.
hsf_fsks.sys The file is not installed.
hsf_k56k.sys The file is not installed.
hsf_msft.sys The file is not installed.
hsf_samp.sys The file is not installed.
hsf_soar.sys The file is not installed.
hsf_spkp.sys The file is not installed.
hsf_tone.sys The file is not installed.
hsf_v124.sys The file is not installed.
i2omgmt.sys The file is not installed.
i2omp.sys The file is not installed.
i740nt5.sys The file is not installed.
i81xnt5.sys The file is not installed.
ibmexmp.sys The file is not installed.
ibmtok.sys The file is not installed.
ibmtrp.sys The file is not installed.
ibmvcap.sys The file is not installed.
icam3.sys The file is not installed.
icam4usb.sys The file is not installed.
icam5usb.sys The file is not installed.
ini910u.sys The file is not installed.
inport.sys The file is not installed.
io8.sys The file is not installed.
ip5515.sys The file is not installed.
irda.sys The file is not installed.
irmk7.sys The file is not installed.
irsir.sys The file is not installed.
irstusb.sys The file is not installed.
kbdhid.sys The file is not installed.
ktc111.sys The file is not installed.
lanepic5.sys The file is not installed.
lbrtfdc.sys The file is not installed.
lit220p.sys The file is not installed.
lmndis3.sys The file is not installed.
lne100.sys The file is not installed.
lne100tx.sys The file is not installed.
loop.sys The file is not installed.
ltck000c.sys The file is not installed.
ltmdmnt.sys The file is not installed.
ltmdmntl.sys The file is not installed.
ltmdmntt.sys The file is not installed.
ltotape.sys The file is not installed.
ltsm.sys The file is not installed.
ltsmt.sys The file is not installed.
lwadihid.sys The file is not installed.
lwusbhid.sys The file is not installed.
maestro.sys The file is not installed.
mammoth.sys The file is not installed.
mdgndis5.sys The file is not installed.
memcard.sys The file is not installed.
memstpci.sys The file is not installed.
mga.sys The file is not installed.
mgaum.sys The file is not installed.
miniqic.sys The file is not installed.
modemcsa.sys The file is not installed.
mouhid.sys The file is not installed.
mpe.sys The file is not installed.
mraid35x.sys The file is not installed.
msdv.sys The file is not installed.
msfsio.sys The file is not installed.
msgame.sys The file is not installed.
msircomm.sys The file is not installed.
msmpu401.sys The file is not installed.
msriffwv.sys The file is not installed.
mstape.sys The file is not installed.
mstee.sys The file is not installed.
mtxvideo.sys The file is not installed.
mxcard.sys The file is not installed.
mxnic.sys The file is not installed.
mxport.sys The file is not installed.
n1000nt5.sys The file is not installed.
n100325.sys The file is not installed.
n9i128.sys The file is not installed.
n9i128v2.sys The file is not installed.
n9i3d.sys The file is not installed.
nabtsfec.sys The file is not installed.
ndisip.sys The file is not installed.
ne2000.sys The file is not installed.
neo20xx.sys The file is not installed.
netflx3.sys The file is not installed.
netwlan5.sys The file is not installed.
ngrpci.sys The file is not installed.
nm5a2wdm.sys The file is not installed.
nm6wdm.sys The file is not installed.
nscirda.sys The file is not installed.
nsmmc.sys The file is not installed.
ntapm.sys The file is not installed.
ntgrip.sys The file is not installed.
nv3.sys The file is not installed.
ohci1394.sys The file is not installed.
opl3sax.sys The file is not installed.
otc06x5.sys The file is not installed.
otceth5.sys The file is not installed.
otcsercb.sys The file is not installed.
ovca.sys The file is not installed.
ovcam2.sys The file is not installed.
ovcd.sys The file is not installed.
ovce.sys The file is not installed.
ovcodek2.sys The file is not installed.
ovsound2.sys The file is not installed.
pc100nds.sys The file is not installed.
pca200e.sys The file is not installed.
pcmlm56.sys The file is not installed.
pcntn5hl.sys The file is not installed.
pcntn5m.sys The file is not installed.
pcntpci5.sys The file is not installed.
pcx500.sys The file is not installed.
perc2.sys The file is not installed.
perc2hib.sys The file is not installed.
perm2.sys The file is not installed.
perm3.sys The file is not installed.
philcam1.sys The file is not installed.
philcam2.sys The file is not installed.
phildec.sys The file is not installed.
philtune.sys The file is not installed.
pnrmc.sys The file is not installed.
powerfil.sys The file is not installed.
ppa.sys The file is not installed.
ppa3.sys The file is not installed.
pscr.sys The file is not installed.
ptpusb.dll The file is not installed.
ptpusd.dll The file is not installed.
ptserli.sys The file is not installed.
ptserlp.sys The file is not installed.
ptserlv.sys The file is not installed.
qic157.sys The file is not installed.
ql1080.sys The file is not installed.
ql10wnt.sys The file is not installed.
ql12160.sys The file is not installed.
ql1240.sys The file is not installed.
ql1280.sys The file is not installed.
qv2kux.sys The file is not installed.
r2mdkxga.sys The file is not installed.
r2mdmkxx.sys The file is not installed.
ramdisk.sys The file is not installed.
rasirda.sys The file is not installed.
rlnet5.sys The file is not installed.
rocket.sys The file is not installed.
rpfun.sys The file is not installed.
rthwcls.sys The file is not installed.
rtl8029.sys The file is not installed.
s3legacy.sys The file is not installed.
s3m.sys The file is not installed.
s3mt3d.sys The file is not installed.
s3sav3dm.sys The file is not installed.
s3sav4m.sys The file is not installed.
s3savmxm.sys The file is not installed.
sbp2port.sys The file is not installed.
sccmn50m.sys The file is not installed.
sccmusbm.sys The file is not installed.
scmstcs.sys The file is not installed.
scr111.sys The file is not installed.
scsiprnt.sys The file is not installed.
scsiscan.sys The file is not installed.
seaddsmc.sys The file is not installed.
sermouse.sys The file is not installed.
serscan.sys The file is not installed.
sfmanm.sys The file is not installed.
sgiulnt5.sys The file is not installed.
sgsmld.sys The file is not installed.
sgsmusb.sys The file is not installed.
sis300ip.sys The file is not installed.
sis6306p.sys The file is not installed.
sisgrp.sys The file is not installed.
sisnic.sys The file is not installed.
sisv.sys The file is not installed.
sk98xwin.sys The file is not installed.
skfpwin.sys The file is not installed.
sla30nd5.sys The file is not installed.
slip.sys The file is not installed.
smbbatt.sys The file is not installed.
smbclass.sys The file is not installed.
smbhc.sys The file is not installed.
smc8000n.sys The file is not installed.
smcirda.sys The file is not installed.
smcpwr2n.sys The file is not installed.
smiminib.sys The file is not installed.
snyaitmc.sys The file is not installed.
sonyait.sys The file is not installed.
sonymc.sys The file is not installed.
sonync.sys The file is not installed.
sonypi.sys The file is not installed.
sonypvu1.sys The file is not installed.
sparrow.sys The file is not installed.
speed.sys The file is not installed.
srwlnd5.sys The file is not installed.
stcusb.sys The file is not installed.
stlnata.sys The file is not installed.
streamip.sys The file is not installed.
swusbflt.sys The file is not installed.
sx.sys The file is not installed.
sym_hi.sys The file is not installed.
sym_u3.sys The file is not installed.
symc810.sys The file is not installed.
symc8xx.sys The file is not installed.
t2r4mini.sys The file is not installed.
tandqic.sys The file is not installed.
tbatm155.sys The file is not installed.
tdasync.sys The file is not installed.
tdipx.sys The file is not installed.
tdk100b.sys The file is not installed.
tdkcd31.sys The file is not installed.
tdspx.sys The file is not installed.
tffsport.sys The file is not installed.
tgiulnt5.sys The file is not installed.
tjisdn.sys The file is not installed.
tos4mo.sys The file is not installed.
tosdvd02.sys The file is not installed.
tosdvd03.sys The file is not installed.
toside.sys The file is not installed.
tpro4.sys The file is not installed.
trid3dm.sys The file is not installed.
tridkbm.sys The file is not installed.
tridxpm.sys The file is not installed.
twotrack.sys The file is not installed.
ultra.sys The file is not installed.
umaxpcls.sys The file is not installed.
usb101et.sys The file is not installed.
usbaudio.sys The file is not installed.
usbccgp.sys The file is not installed.
usbohci.sys The file is not installed.
usbscan.sys The file is not installed.
usbser.sys The file is not installed.
usr1801.sys The file is not installed.
usr1806.sys The file is not installed.
usr1806v.sys The file is not installed.
usr1807a.sys The file is not installed.
usroslba.sys The file is not installed.
usrpda.sys The file is not installed.
usrti.sys The file is not installed.
usrwdxjs.sys The file is not installed.
viaide.sys The file is not installed.
viairda.sys The file is not installed.
vinwm.sys The file is not installed.
vmodem.sys The file is not installed.
vpctcom.sys The file is not installed.
vvoice.sys The file is not installed.
w840nd.sys The file is not installed.
w926nd.sys The file is not installed.
w940nd.sys The file is not installed.
wadv01nt.sys The file is not installed.
wadv02nt.sys The file is not installed.
wadv05nt.sys The file is not installed.
watv01nt.sys The file is not installed.
watv02nt.sys The file is not installed.
watv04nt.sys The file is not installed.
wbfirdma.sys The file is not installed.
wceusbsh.sys The file is not installed.
wch7xxnt.sys The file is not installed.
wdhaalba.sys The file is not installed.
weitekp9.sys The file is not installed.
winacisa.sys The file is not installed.
wlandrv2.sys The file is not installed.
wlluc48.sys The file is not installed.
wsiintxx.sys The file is not installed.
wstcodec.sys The file is not installed.
wvchntxx.sys The file is not installed.
xem336n5.sys The file is not installed.
[c:\windows\system32\drivers\disdn]
capi20.sys The file is not installed.
dimaint.sys The file is not installed.
diwan.sys The file is not installed.
[c:\windows\system32\inetsrv]
aqadmin.dll The file is not installed.
aqueue.dll The file is not installed.
mailmsg.dll The file is not installed.
ntfsdrv.dll The file is not installed.
scripto.dll The file is not installed.
seos.dll The file is not installed.
smtpsvc.dll The file is not installed.
[c:\windows\system32\wbem]
snmpcl.dll The file is not installed.
snmpincl.dll The file is not installed.
snmpsmir.dll The file is not installed.
snmpstup.dll The file is not installed.
snmpthrd.dll The file is not installed.
[c:\windows\system32\wbem\snmp]
smi2smir.exe The file is not installed.
smierrsm.dll The file is not installed.
smierrsy.dll The file is not installed.
smimsgif.dll The file is not installed.
[c:\windows\system32\xircom]
iconf32.dll The file is not installed.
reslog32.dll The file is not installed.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP