Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Super Awesome Rootkit Infection! Yeay!... :/

Started by Ksavvy , Sep 30 2011 01:26 AM

  • This topic is locked This topic is locked

#46
michaelg9
Posted 30 October 2011 - 06:56 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
IMPORTANT:
You will need a flash drive with a size of 512 Mb or bigger. Make sure that you do not leave anything important on the flash drive, as all data on it will be deleted during the following steps.

    • Download OTLPEStd.exe from the following link and save it to your Desktop: mirror1.
    • Download eeepcfr.zip from the following link and save it to your Desktop: the mirror
    • Finally, if you do not have a file archiver like 7-zip or Winrar installed, please download 7-zip from the following link and install it: the mirror
  • Once you have 7-zip install, decompress OTLPEStd.exe by rightclicking on the folder and choosing the options shown in the picture below. Please use a dedicated folder, for example OTLPE, on your Desktop

    Posted Image

  • Open the folder OTLPEStd which will be created in the same location as OTLPEStd.exe and right-click OTLPE_New_Std.iso. Select 7-Zip and from the submenu select Extract files... and extract the content onto your Desktop in a OTLPE folder:

    Posted Image

  • Please also decompress eeepcfr to your systemroot (usually C:\).
  • Empty the flash drive you want to install OTLPE on.
  • Go to C:\eeecpfr and double-click usb_prep8.cmd to launch it.
  • Press any key when asked to in the black window that opens.
  • As indicated in the image, make sure you have selected the correct flash drive, before proceeding.
    For Drive Label: type in OTLPE.
    Under Source Path to built BartPE/WinPE Files click ... and select the folder OTLPE that you created on your Desktop.
    Finally check Enable File Copy.

    Posted Image


  • Click on Start, accept the disclaimers and wait for the program to finish.
    Your bootable flash drive should now be ready!
  • Reboot your system using the boot USB you just created.
    Note : If you do not know how to set your computer to boot from USB follow the steps here but select Removable Storage instead of CD.
  • As the USB needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)

  • Your system should now display a Reatogo desktop.
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

Advertisements

#47
Ksavvy
Posted 02 November 2011 - 09:06 PM

Ksavvy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
please forgive the delay... eeepc.fr seems to be down still.

Is there another program that i could use in its place?
  • 0

#48
michaelg9
Posted 03 November 2011 - 06:15 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
:) The link is up
If you can't download it from the link, then try the attachment:
Attached File  eeepcfr.zip   503.8KB   116 downloads
  • 0

#49
Ksavvy
Posted 04 November 2011 - 08:49 AM

Ksavvy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
You must have fixed them :) the link had not been working for me every time i had tried it, and then after you setup another option... both work. Thank you for that.

Here is the result of the scan:

OTL logfile created on: 11/4/2011 8:36:36 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 795.00 Mb Available Physical Memory | 78.00% Memory free
902.00 Mb Paging File | 838.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.04 Gb Total Space | 76.36 Gb Free Space | 54.92% Space Free | Partition Type: NTFS
Drive X: | 3.73 Gb Total Space | 3.33 Gb Free Space | 89.27% Space Free | Partition Type: FAT

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (Remote Solver for Flow Simulation 2011)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2011/07/19 02:19:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/04 11:30:42 | 000,034,728 | ---- | M] (Arainia Solutions) [Auto] -- C:\Program Files\Gizmo\gservice.exe -- (Gizmo Central)
SRV - [2010/12/09 14:07:10 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010/12/02 09:18:32 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand] -- C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2010/10/06 22:57:42 | 000,071,432 | ---- | M] (Mentor Graphics Corporation) [Auto] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation (2)\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2010)
SRV - [2010/03/25 13:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/23 16:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009/02/05 11:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®
SRV - [2005/09/23 10:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (USBCCID)
DRV - File not found [Kernel | System] -- -- (SASKUTIL)
DRV - File not found [Kernel | System] -- -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand] -- -- (Rts516xIR)
DRV - File not found [Kernel | On_Demand] -- -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2011/05/04 11:30:46 | 000,025,488 | ---- | M] (Arainia Solutions LLC) [Kernel | System] -- C:\WINDOWS\System32\drivers\gizmodrv.sys -- (GizmoDrv)
DRV - [2010/03/23 16:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009/06/22 00:59:26 | 001,574,112 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/05/11 01:01:30 | 000,056,992 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2009/05/06 21:15:38 | 001,759,744 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/04/15 06:13:34 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/03/02 01:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/24 04:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/02/18 05:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/11/16 21:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/10/30 17:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/08/05 08:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/11/14 22:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/01/18 23:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/02 09:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/01/04 03:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...04wu45w8812314o


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\K_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...04wu45w8812314o
IE - HKU\K_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\K_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/08/24 08:27:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/14 01:47:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/14 01:47:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/29 11:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/29 11:25:55 | 000,000,000 | ---D | M]

[2011/10/17 23:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/29 09:22:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/08/26 18:38:33 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/16 19:52:28 | 000,258,560 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll

O1 HOSTS File: ([2011/10/21 15:03:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKU\K_ON_C..\Run: [GizmoDriveDelegate] C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - HKU\K_ON_C..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKLM..\RunOnce: [*acctadmqueue.exe] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe (©if systems)
O4 - HKLM..\RunOnce: [*srvfatauto.exe] C:\Documents and Settings\LocalService\srvfatauto.exe (©if systems)
O4 - HKU\Administrator_ON_C..\RunOnce: [ScrSav] C:\WINDOWS\Screensavers\Acer\run_Acer.exe (TODO: <Company name>)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe (©if systems)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Gizmo.lnk = C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk = C:\Program Files\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\Dropbox.lnk = File not found
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\qlock.lnk = C:\Program Files\Qlock\qlock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/01 02:55:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 00:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/29 18:18:56 | 127,231,689 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet(1).exe
[2011/10/29 16:49:15 | 055,288,358 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet.exe
[2011/10/25 17:40:29 | 000,171,520 | ---- | C] (©if systems) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe
[2011/10/23 18:19:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\Cookies
[2011/10/23 18:17:08 | 000,171,520 | ---- | C] (©if systems) -- C:\Documents and Settings\LocalService\srvfatauto.exe
[2011/10/23 18:16:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/10/21 13:33:27 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/21 13:30:36 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/10/19 23:50:58 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/10/19 23:50:51 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/10/19 23:50:34 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2011/10/19 23:50:23 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/10/19 23:50:15 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/10/19 23:50:13 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2011/10/19 23:50:09 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2011/10/19 23:50:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2011/10/19 23:49:51 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/10/19 23:49:43 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/10/19 23:49:31 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/10/19 23:49:22 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2011/10/19 23:49:14 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2011/10/19 23:49:04 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2011/10/19 23:49:03 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2011/10/19 23:49:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2011/10/19 23:48:55 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/10/19 23:48:52 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv10nt.sys
[2011/10/19 23:48:50 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv06nt.sys
[2011/10/19 23:48:49 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2011/10/19 23:48:47 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2011/10/19 23:48:45 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2011/10/19 23:48:43 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv11nt.sys
[2011/10/19 23:48:42 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv09nt.sys
[2011/10/19 23:48:42 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv08nt.sys
[2011/10/19 23:48:40 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv07nt.sys
[2011/10/19 23:48:38 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2011/10/19 23:48:37 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2011/10/19 23:48:35 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys
[2011/10/19 23:48:35 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2011/10/19 23:48:27 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/10/19 23:48:19 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/10/19 23:48:11 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/10/19 23:48:03 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/10/19 23:47:55 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/10/19 23:47:47 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/10/19 23:47:39 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/10/19 23:47:31 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2011/10/19 23:47:28 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\vchnt5.dll
[2011/10/19 23:47:20 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2011/10/19 23:47:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/10/19 23:47:05 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2011/10/19 23:46:57 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2011/10/19 23:46:49 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2011/10/19 23:46:42 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/10/19 23:46:34 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/10/19 23:46:27 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/10/19 23:46:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2011/10/19 23:46:23 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2011/10/19 23:46:22 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2011/10/19 23:46:22 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2011/10/19 23:46:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2011/10/19 23:46:19 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/10/19 23:46:09 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2011/10/19 23:46:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2011/10/19 23:45:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2011/10/19 23:45:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2011/10/19 23:45:40 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/10/19 23:45:32 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2011/10/19 23:45:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2011/10/19 23:45:18 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2011/10/19 23:45:10 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/10/19 23:45:03 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/10/19 23:45:00 | 000,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uagp35.sys
[2011/10/19 23:44:52 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2011/10/19 23:44:42 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/10/19 23:44:35 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/10/19 23:44:28 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/10/19 23:44:20 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/10/19 23:44:13 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/10/19 23:44:05 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/10/19 23:43:58 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2011/10/19 23:43:50 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2011/10/19 23:43:49 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2011/10/19 23:43:41 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2011/10/19 23:43:32 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2011/10/19 23:43:25 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2011/10/19 23:43:18 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2011/10/19 23:43:10 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/10/19 23:43:02 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/10/19 23:42:55 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/10/19 23:42:54 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/10/19 23:42:46 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/10/19 23:42:39 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/10/19 23:42:30 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2011/10/19 23:42:22 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2011/10/19 23:42:15 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/10/19 23:42:08 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/10/19 23:41:58 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2011/10/19 23:41:51 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2011/10/19 23:41:45 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2011/10/19 23:41:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2011/10/19 23:41:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2011/10/19 23:41:24 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2011/10/19 23:41:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2011/10/19 23:41:10 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/10/19 23:41:03 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/10/19 23:40:57 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/10/19 23:40:49 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/10/19 23:40:41 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/10/19 23:40:34 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2011/10/19 23:40:24 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2011/10/19 23:40:16 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2011/10/19 23:40:10 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2011/10/19 23:40:02 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2011/10/19 23:39:56 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2011/10/19 23:39:49 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2011/10/19 23:39:42 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2011/10/19 23:39:36 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2011/10/19 23:39:35 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2011/10/19 23:39:28 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2011/10/19 23:39:14 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/10/19 23:39:06 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/10/19 23:38:59 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/10/19 23:38:52 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/10/19 23:38:46 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/10/19 23:38:39 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2011/10/19 23:38:37 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2011/10/19 23:38:36 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2011/10/19 23:38:35 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbali.sys
[2011/10/19 23:38:28 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2011/10/19 23:38:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2011/10/19 23:38:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2011/10/19 23:38:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2011/10/19 23:38:02 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slserv.exe
[2011/10/19 23:38:02 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slwdmsup.sys
[2011/10/19 23:38:01 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnthal.sys
[2011/10/19 23:38:01 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slrundll.exe
[2011/10/19 23:38:00 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slntamr.sys
[2011/10/19 23:38:00 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnt7554.sys
[2011/10/19 23:37:59 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slextspk.dll
[2011/10/19 23:37:59 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slgen.dll
[2011/10/19 23:37:58 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slcoinst.dll
[2011/10/19 23:37:57 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/10/19 23:37:51 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/10/19 23:37:44 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/10/19 23:37:37 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2011/10/19 23:37:31 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2011/10/19 23:37:29 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/10/19 23:37:22 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2011/10/19 23:37:15 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2011/10/19 23:37:09 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2011/10/19 23:37:02 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2011/10/19 23:36:56 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2011/10/19 23:36:49 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2011/10/19 23:36:48 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\siint5.dll
[2011/10/19 23:36:36 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/10/19 23:36:29 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/10/19 23:36:23 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/10/19 23:36:16 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/10/19 23:36:10 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2011/10/19 23:36:01 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2011/10/19 23:35:55 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2011/10/19 23:35:47 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2011/10/19 23:35:46 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2011/10/19 23:35:39 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2011/10/19 23:35:32 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/10/19 23:35:25 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2011/10/19 23:35:18 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/10/19 23:35:12 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/10/19 23:35:11 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2011/10/19 23:35:04 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2011/10/19 23:34:56 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2011/10/19 23:34:50 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2011/10/19 23:34:43 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/10/19 23:34:37 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/10/19 23:34:30 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/10/19 23:34:24 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/10/19 23:34:17 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/10/19 23:34:11 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/10/19 23:34:05 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/10/19 23:33:58 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/10/19 23:33:52 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/10/19 23:33:45 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2011/10/19 23:33:44 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnbm.sys
[2011/10/19 23:33:43 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnb.dll
[2011/10/19 23:33:36 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/10/19 23:33:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/10/19 23:33:27 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/10/19 23:33:25 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/10/19 23:33:21 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2011/10/19 23:33:15 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2011/10/19 23:33:08 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2011/10/19 23:33:01 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/10/19 23:32:54 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2011/10/19 23:32:51 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/10/19 23:32:51 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismpx.sys
[2011/10/19 23:32:44 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/10/19 23:32:43 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2011/10/19 23:32:37 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/10/19 23:32:33 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\recagent.sys
[2011/10/19 23:32:24 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2011/10/19 23:32:16 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/10/19 23:32:09 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/10/19 23:32:03 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2011/10/19 23:31:56 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2011/10/19 23:31:51 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2011/10/19 23:31:44 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/10/19 23:31:38 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/10/19 23:31:31 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/10/19 23:31:29 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2011/10/19 23:31:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2011/10/19 23:31:15 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2011/10/19 23:31:08 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/10/19 23:31:05 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2011/10/19 23:30:59 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2011/10/19 23:30:59 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2011/10/19 23:30:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2011/10/19 23:30:39 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2011/10/19 23:30:33 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2011/10/19 23:30:26 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2011/10/19 23:30:20 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2011/10/19 23:30:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2011/10/19 23:30:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2011/10/19 23:30:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2011/10/19 23:30:00 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2011/10/19 23:29:59 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2011/10/19 23:29:58 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2011/10/19 23:29:57 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2011/10/19 23:29:54 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2011/10/19 23:29:48 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/10/19 23:29:42 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2011/10/19 23:29:35 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2011/10/19 23:29:29 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2011/10/19 23:29:23 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/10/19 23:29:22 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/10/19 23:29:15 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/10/19 23:29:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2011/10/19 23:29:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2011/10/19 23:28:55 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2011/10/19 23:28:49 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2011/10/19 23:28:42 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2011/10/19 23:28:36 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2011/10/19 23:28:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2011/10/19 23:28:24 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2011/10/19 23:28:17 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2011/10/19 23:28:11 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2011/10/19 23:28:05 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2011/10/19 23:27:59 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/10/19 23:27:52 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/10/19 23:27:46 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/10/19 23:27:40 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/10/19 23:27:37 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2011/10/19 23:27:34 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2011/10/19 23:27:32 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2011/10/19 23:27:26 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2011/10/19 23:27:20 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2011/10/19 23:27:19 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\ntmtlfax.sys
[2011/10/19 23:27:10 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/10/19 23:27:02 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2011/10/19 23:26:56 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2011/10/19 23:26:54 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2011/10/19 23:26:46 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/10/19 23:26:40 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/10/19 23:26:33 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2011/10/19 23:26:31 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/10/19 23:26:22 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2011/10/19 23:26:15 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/10/19 23:26:09 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/10/19 23:26:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2011/10/19 23:25:54 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/10/19 23:25:49 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/10/19 23:25:43 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/10/19 23:25:37 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/10/19 23:25:31 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/10/19 23:25:25 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/10/19 23:25:19 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2011/10/19 23:25:13 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2011/10/19 23:25:07 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/10/19 23:25:01 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/10/19 23:24:55 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/10/19 23:24:49 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/10/19 23:24:43 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/10/19 23:24:43 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mutohpen.sys
[2011/10/19 23:24:36 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2011/10/19 23:24:35 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhm.sys
[2011/10/19 23:24:34 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhd.dll
[2011/10/19 23:24:33 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/10/19 23:24:32 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlstrm.sys
[2011/10/19 23:24:31 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlmnt5.sys
[2011/10/19 23:24:24 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2011/10/19 23:24:16 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2011/10/19 23:24:06 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2011/10/19 23:24:05 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2011/10/19 23:23:53 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2011/10/19 23:23:46 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2011/10/19 23:23:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2011/10/19 23:23:36 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011/10/19 23:23:28 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2011/10/19 23:23:19 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2011/10/19 23:23:11 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2011/10/19 23:23:05 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2011/10/19 23:23:03 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2011/10/19 23:22:57 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2011/10/19 23:22:51 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2011/10/19 23:22:45 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/10/19 23:22:37 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2011/10/19 23:22:31 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2011/10/19 23:22:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2011/10/19 23:22:19 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2011/10/19 23:22:13 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2011/10/19 23:22:12 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2011/10/19 23:22:06 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/10/19 23:22:00 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/10/19 23:21:59 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2011/10/19 23:21:57 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/10/19 23:21:51 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/10/19 23:21:51 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/10/19 23:21:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/10/19 23:21:39 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2011/10/19 23:21:31 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/10/19 23:21:26 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/10/19 23:21:21 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/10/19 23:21:15 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/10/19 23:21:14 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2011/10/19 23:21:08 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/10/19 23:21:03 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/10/19 23:20:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2011/10/19 23:20:53 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2011/10/19 23:20:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2011/10/19 23:20:45 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2011/10/19 23:20:34 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2011/10/19 23:20:29 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2011/10/19 23:20:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2011/10/19 23:20:23 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/10/19 23:20:22 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2011/10/19 23:20:20 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2011/10/19 23:20:12 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2011/10/19 23:20:07 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2011/10/19 23:20:01 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2011/10/19 23:19:56 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2011/10/19 23:19:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2011/10/19 23:19:40 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/10/19 23:19:34 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2011/10/19 23:19:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2011/10/19 23:19:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2011/10/19 23:19:19 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2011/10/19 23:19:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2011/10/19 23:19:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2011/10/19 23:19:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2011/10/19 23:18:59 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2011/10/19 23:18:53 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2011/10/19 23:18:48 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2011/10/19 23:18:43 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2011/10/19 23:18:38 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2011/10/19 23:18:33 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2011/10/19 23:18:30 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2011/10/19 23:18:30 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2011/10/19 23:18:24 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2011/10/19 23:18:19 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2011/10/19 23:18:10 | 001,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfdpsp2.sys
[2011/10/19 23:18:10 | 000,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcxts2.sys
[2011/10/19 23:18:09 | 000,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfbs2s2.sys
[2011/10/19 23:18:09 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcisp2.dll
[2011/10/19 23:18:04 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2011/10/19 23:17:59 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2011/10/19 23:17:54 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2011/10/19 23:17:49 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2011/10/19 23:17:44 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2011/10/19 23:17:39 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2011/10/19 23:17:34 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2011/10/19 23:17:29 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2011/10/19 23:17:24 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2011/10/19 23:17:19 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2011/10/19 23:17:14 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2011/10/19 23:17:09 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2011/10/19 23:17:04 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2011/10/19 23:16:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2011/10/19 23:16:53 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2011/10/19 23:16:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2011/10/19 23:16:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2011/10/19 23:16:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2011/10/19 23:16:34 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/10/19 23:16:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2011/10/19 23:16:15 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/10/19 23:16:06 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2011/10/19 23:15:56 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2011/10/19 23:15:47 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2011/10/19 23:15:41 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2011/10/19 23:15:40 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys
[2011/10/19 23:15:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbth.sys
[2011/10/19 23:15:36 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2011/10/19 23:15:35 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2011/10/19 23:15:29 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2011/10/19 23:15:27 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/10/19 23:15:23 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/10/19 23:15:19 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/10/19 23:15:17 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2011/10/19 23:15:15 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2011/10/19 23:15:13 | 000,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gagp30kx.sys
[2011/10/19 23:15:09 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2011/10/19 23:15:05 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2011/10/19 23:15:00 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2011/10/19 23:14:56 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2011/10/19 23:14:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/10/19 23:14:45 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2011/10/19 23:14:41 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/10/19 23:14:37 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/10/19 23:14:31 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/10/19 23:14:27 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/10/19 23:14:23 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/10/19 23:14:20 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/10/19 23:14:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2011/10/19 23:14:10 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2011/10/19 23:13:59 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2011/10/19 23:13:54 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/10/19 23:13:50 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2011/10/19 23:13:46 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/10/19 23:13:42 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/10/19 23:13:37 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2011/10/19 23:13:34 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2011/10/19 23:13:27 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2011/10/19 23:13:23 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2011/10/19 23:13:19 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2011/10/19 23:13:15 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2011/10/19 23:13:14 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2011/10/19 23:13:10 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2011/10/19 23:13:06 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2011/10/19 23:13:02 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2011/10/19 23:12:58 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2011/10/19 23:12:54 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2011/10/19 23:12:50 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2011/10/19 23:12:47 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2011/10/19 23:12:43 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2011/10/19 23:12:39 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2011/10/19 23:12:35 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2011/10/19 23:12:31 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2011/10/19 23:12:28 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2011/10/19 23:12:24 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2011/10/19 23:12:20 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2011/10/19 23:12:17 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2011/10/19 23:12:15 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2011/10/19 23:12:12 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2011/10/19 23:12:04 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2011/10/19 23:12:01 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2011/10/19 23:11:58 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2011/10/19 23:11:56 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2011/10/19 23:11:53 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2011/10/19 23:11:50 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2011/10/19 23:11:47 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2011/10/19 23:11:45 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2011/10/19 23:11:42 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2011/10/19 23:11:40 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2011/10/19 23:11:37 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2011/10/19 23:11:34 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2011/10/19 23:11:32 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2011/10/19 23:11:29 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2011/10/19 23:11:26 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2011/10/19 23:11:24 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2011/10/19 23:11:21 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2011/10/19 23:11:17 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2011/10/19 23:11:15 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2011/10/19 23:11:12 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2011/10/19 23:11:05 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/10/19 23:11:00 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/10/19 23:10:57 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2011/10/19 23:10:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2011/10/19 23:10:53 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2011/10/19 23:10:52 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2011/10/19 23:10:45 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/10/19 23:10:43 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2011/10/19 23:10:41 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/10/19 23:10:38 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/10/19 23:10:29 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/10/19 23:10:27 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/10/19 23:10:25 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/10/19 23:10:22 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/10/19 23:10:19 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/10/19 23:10:17 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2011/10/19 23:10:14 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2011/10/19 23:10:12 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2011/10/19 23:10:10 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2011/10/19 23:10:08 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2011/10/19 23:10:05 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2011/10/19 23:10:03 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2011/10/19 23:10:01 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2011/10/19 23:09:59 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2011/10/19 23:09:56 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2011/10/19 23:09:54 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2011/10/19 23:09:52 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2011/10/19 23:09:49 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2011/10/19 23:09:46 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2011/10/19 23:09:43 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2011/10/19 23:09:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/10/19 23:09:38 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/10/19 23:09:36 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2011/10/19 23:09:34 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2011/10/19 23:09:31 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/10/19 23:09:29 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2011/10/19 23:09:26 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2011/10/19 23:09:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2011/10/19 23:09:21 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2011/10/19 23:09:19 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2011/10/19 23:09:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2011/10/19 23:09:11 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2011/10/19 23:09:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2011/10/19 23:09:07 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2011/10/19 23:09:05 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2011/10/19 23:09:03 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2011/10/19 23:09:01 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2011/10/19 23:08:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2011/10/19 23:08:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2011/10/19 23:08:54 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/10/19 23:08:54 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2011/10/19 23:08:52 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/10/19 23:08:50 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/10/19 23:08:48 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/10/19 23:08:45 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/10/19 23:08:43 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/10/19 23:08:41 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/10/19 23:08:39 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2011/10/19 23:08:38 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/10/19 23:08:36 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2011/10/19 23:08:34 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2011/10/19 23:08:32 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2011/10/19 23:08:29 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2011/10/19 23:08:26 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2011/10/19 23:08:24 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/10/19 23:08:22 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2011/10/19 23:08:20 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2011/10/19 23:08:15 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2011/10/19 23:08:13 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2011/10/19 23:08:10 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/10/19 23:08:07 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2011/10/19 23:08:06 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2011/10/19 23:08:05 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2011/10/19 23:08:03 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2011/10/19 23:08:02 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2011/10/19 23:08:00 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2011/10/19 23:07:58 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/10/19 23:07:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2011/10/19 23:07:51 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\ch7xxnt5.dll
[2011/10/19 23:07:50 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/10/19 23:07:48 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/10/19 23:07:47 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/10/19 23:07:46 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/10/19 23:07:45 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/10/19 23:07:42 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/10/19 23:07:41 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/10/19 23:07:40 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/10/19 23:07:39 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/10/19 23:07:36 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/10/19 23:07:33 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/10/19 23:07:31 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2011/10/19 23:07:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2011/10/19 23:07:29 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2011/10/19 23:07:27 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2011/10/19 23:07:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2011/10/19 23:07:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2011/10/19 23:07:24 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2011/10/19 23:07:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2011/10/19 23:07:22 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2011/10/19 23:06:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2011/10/19 23:06:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2011/10/19 23:06:56 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthprint.sys
[2011/10/19 23:06:55 | 000,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys
[2011/10/19 23:06:55 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys
[2011/10/19 23:06:55 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2011/10/19 23:06:54 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/10/19 23:06:52 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/10/19 23:06:51 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/10/19 23:06:50 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/10/19 23:06:49 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/10/19 23:06:48 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/10/19 23:06:47 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/10/19 23:06:46 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/10/19 23:06:44 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/10/19 23:06:43 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/10/19 23:06:42 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/10/19 23:06:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2011/10/19 23:06:40 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/10/19 23:06:39 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/10/19 23:06:38 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/10/19 23:06:37 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/10/19 23:06:36 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/10/19 23:06:35 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/10/19 23:06:34 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/10/19 23:06:33 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2011/10/19 23:06:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011/10/19 23:06:31 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011/10/19 23:06:30 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/10/19 23:06:30 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2011/10/19 23:06:29 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2011/10/19 23:06:28 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2011/10/19 23:06:26 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/10/19 23:06:25 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/10/19 23:06:24 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2011/10/19 23:06:23 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/10/19 23:06:22 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/10/19 23:06:21 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/10/19 23:06:20 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/10/19 23:06:20 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/10/19 23:06:18 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2011/10/19 23:06:17 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2011/10/19 23:06:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2011/10/19 23:06:12 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv10nt5.dll
[2011/10/19 23:06:11 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv06nt5.dll
[2011/10/19 23:06:09 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv04nt5.dll
[2011/10/19 23:06:08 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv02nt5.dll
[2011/10/19 23:06:06 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv01nt5.dll
[2011/10/19 23:06:01 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2011/10/19 23:05:58 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativtmxx.dll
[2011/10/19 23:05:56 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativmvxx.ax
[2011/10/19 23:05:54 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativdaxx.ax
[2011/10/19 23:05:50 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2011/10/19 23:05:50 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2011/10/19 23:05:48 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxsxx.sys
[2011/10/19 23:05:46 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxbxx.sys
[2011/10/19 23:05:42 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atintuxx.sys
[2011/10/19 23:05:42 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinttxx.sys
[2011/10/19 23:05:39 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinsnxx.sys
[2011/10/19 23:05:37 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinrvxx.sys
[2011/10/19 23:05:36 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinraxx.sys
[2011/10/19 23:05:36 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinpdxx.sys
[2011/10/19 23:05:35 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinmdxx.sys
[2011/10/19 23:05:34 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinbtxx.sys
[2011/10/19 23:05:33 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2011/10/19 23:05:32 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2011/10/19 23:05:32 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2011/10/19 23:05:31 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2011/10/19 23:05:30 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2011/10/19 23:05:29 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2011/10/19 23:05:28 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2011/10/19 23:05:26 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2011/10/19 23:05:24 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3d1ag.dll
[2011/10/19 23:05:23 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2011/10/19 23:05:22 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtaa.sys
[2011/10/19 23:05:20 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvaa.dll
[2011/10/19 23:05:20 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2011/10/19 23:05:19 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2011/10/19 23:05:18 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xsxx.sys
[2011/10/19 23:05:17 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xbxx.sys
[2011/10/19 23:05:15 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1tuxx.sys
[2011/10/19 23:05:14 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1snxx.sys
[2011/10/19 23:05:14 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1ttxx.sys
[2011/10/19 23:05:13 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1rvxx.sys
[2011/10/19 23:05:12 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1raxx.sys
[2011/10/19 23:05:11 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1pdxx.sys
[2011/10/19 23:05:10 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1mdxx.sys
[2011/10/19 23:05:08 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1btxx.sys
[2011/10/19 23:05:07 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2011/10/19 23:05:07 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2011/10/19 23:05:06 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/10/19 23:05:03 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2011/10/19 23:05:01 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2011/10/19 23:05:00 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/10/19 23:04:59 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2011/10/19 23:04:58 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2011/10/19 23:04:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2011/10/19 23:04:51 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv11nt5.dll
[2011/10/19 23:04:51 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv09nt5.dll
[2011/10/19 23:04:48 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv08nt5.dll
[2011/10/19 23:04:47 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv07nt5.dll
[2011/10/19 23:04:45 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv02nt5.dll
[2011/10/19 23:04:45 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv05nt5.dll
[2011/10/19 23:04:43 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv01nt5.dll
[2011/10/19 23:04:41 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/10/19 23:04:40 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/10/19 23:04:39 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/10/19 23:04:38 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/10/19 23:04:38 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/10/19 23:04:37 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2011/10/19 23:04:36 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2011/10/19 23:04:35 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/10/19 23:04:33 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2011/10/19 23:04:32 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2011/10/19 23:04:32 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2011/10/19 23:04:30 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2011/10/19 23:04:29 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/10/19 23:04:28 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/10/19 23:04:28 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2011/10/19 23:04:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2011/10/19 23:04:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2011/10/19 23:04:24 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/10/19 23:04:23 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/10/19 23:04:23 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/10/19 23:04:22 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2011/10/19 23:04:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2011/10/19 23:03:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2011/10/18 03:07:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\K\Desktop\OTL(1).exe
[2011/10/18 02:37:36 | 004,263,508 | R--- | C] (Swearware) -- C:\Documents and Settings\K\Desktop\ComboFix.exe
[2011/10/16 13:41:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2011/10/16 13:41:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2011/10/16 13:41:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011/10/16 13:41:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2011/10/16 13:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2011/10/16 13:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2011/10/16 13:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2011/10/16 13:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2011/10/16 13:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2011/10/16 13:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2011/10/16 13:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2011/10/16 13:41:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2011/10/16 13:41:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2011/10/16 13:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2011/10/16 13:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2011/10/16 13:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2011/10/16 13:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Super-Cow
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Oberon Games
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Google Gadgets
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Grubby Games
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Acer GameZone Console
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Acer GameZone
[2011/10/16 13:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Acer
[2011/10/14 13:37:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/10/14 13:37:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/10/14 13:37:56 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/10/14 13:37:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/10/11 21:05:30 | 000,000,000 | ---D | C] -- C:\found.000
[2011/10/07 15:21:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/10/07 13:17:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/22 16:06:54 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/08/22 09:51:46 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/08/01 03:35:00 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/11/04 10:23:03 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/02 16:48:05 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3207847200-596957751-681764103-1005UA.job
[2011/11/02 16:42:05 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/02 15:32:53 | 000,437,618 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/02 15:32:53 | 000,069,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/02 15:29:03 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/11/02 15:28:46 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/02 15:28:45 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/02 15:28:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/02 15:28:41 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/29 17:19:10 | 127,231,689 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet(1).exe
[2011/10/29 16:29:52 | 055,288,358 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet.exe
[2011/10/25 17:40:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/10/25 17:40:29 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/10/23 18:17:08 | 000,171,520 | ---- | M] (©if systems) -- C:\Documents and Settings\LocalService\srvfatauto.exe
[2011/10/21 15:03:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/20 10:59:31 | 000,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2011/10/20 00:48:00 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3207847200-596957751-681764103-1005Core.job
[2011/10/19 09:06:02 | 098,050,368 | ---- | M] () -- C:\Documents and Settings\K\Desktop\setup_11.0.0.1245.x01_2011_10_19_15_41.exe
[2011/10/18 03:08:30 | 000,171,520 | ---- | M] (©if systems) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe
[2011/10/17 23:49:48 | 004,263,508 | R--- | M] (Swearware) -- C:\Documents and Settings\K\Desktop\ComboFix.exe
[2011/10/17 23:43:58 | 059,854,808 | ---- | M] () -- C:\Documents and Settings\K\Desktop\setup_av_free_cnet.exe
[2011/10/16 14:48:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K\Desktop\OTL(1).exe
[2011/10/16 13:40:24 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/16 13:40:14 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fips.sys
[2011/10/14 12:28:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/07 14:01:27 | 000,957,904 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

========== Files Created - No Company Name ==========

[2011/10/25 17:40:29 | 000,002,447 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/10/25 17:40:29 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/10/25 17:40:29 | 000,000,988 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\Dropbox.lnk
[2011/10/25 17:40:29 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk
[2011/10/25 17:40:29 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2011/10/25 17:40:29 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Gizmo.lnk
[2011/10/25 17:40:29 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\qlock.lnk
[2011/10/25 17:40:29 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/10/23 18:28:40 | 1063,194,624 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/21 19:00:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/19 23:50:50 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/10/19 23:50:42 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/10/19 23:31:22 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/10/19 23:31:14 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/10/19 23:23:45 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/10/19 23:16:29 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/10/19 23:16:20 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/10/19 23:16:10 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/10/19 23:16:01 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/10/19 23:15:51 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/10/19 23:10:36 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/10/19 23:10:34 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/10/19 23:10:32 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/10/19 23:06:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/10/19 23:06:03 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/10/19 23:06:00 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/10/19 23:05:55 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/10/19 23:05:54 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/10/19 23:05:53 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/10/19 23:05:52 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/10/19 23:05:51 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/10/19 23:05:49 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/10/19 23:05:28 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/10/19 22:04:15 | 098,050,368 | ---- | C] () -- C:\Documents and Settings\K\Desktop\setup_11.0.0.1245.x01_2011_10_19_15_41.exe
[2011/10/18 00:09:11 | 059,854,808 | ---- | C] () -- C:\Documents and Settings\K\Desktop\setup_av_free_cnet.exe
[2011/10/16 15:10:08 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/10/16 15:10:02 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/10/16 13:41:43 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/16 13:41:43 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/10/16 13:41:42 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2011/10/16 13:41:42 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2011/10/16 13:41:42 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2011/10/14 13:37:56 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/10/14 13:37:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/10/14 13:37:56 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/10/14 13:37:56 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/10/14 13:37:56 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/10/14 12:44:48 | 000,582,656 | ---- | C] () -- C:\Documents and Settings\K\Desktop\OTL.scr
[2011/09/11 23:28:42 | 000,000,625 | ---- | C] () -- C:\WINDOWS\solvermfc.INI
[2011/02/10 22:28:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/09 14:18:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2010/10/18 01:04:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\yap.INI
[2010/09/16 14:41:58 | 000,957,904 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/03 15:03:54 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/08/25 05:31:38 | 000,083,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/24 18:30:06 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\K\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/24 05:05:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/22 16:06:54 | 001,759,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/08/22 16:06:54 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/08/22 16:06:53 | 000,000,323 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010/03/23 16:26:48 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2010/03/23 16:17:40 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2009/12/20 21:42:18 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/08/01 06:01:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/08/01 04:48:57 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/08/01 04:48:57 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/08/01 04:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/08/01 04:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/08/01 04:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/08/01 04:48:57 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2009/08/01 04:48:57 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/08/01 04:48:57 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/08/01 04:48:01 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/08/01 03:34:51 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/08/01 03:34:50 | 000,437,618 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/01 03:34:50 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/08/01 03:34:50 | 000,069,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/01 03:34:50 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/08/01 03:34:50 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/08/01 03:34:49 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/08/01 03:34:49 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/08/01 03:34:48 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/08/01 03:34:48 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/08/01 03:34:44 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/08/01 03:34:42 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/08/01 02:58:22 | 000,007,003 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/08/01 02:57:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/08/01 02:52:54 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/08/01 02:51:59 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/07/31 19:49:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/31 19:48:41 | 000,368,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/08 18:08:42 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2009/02/24 22:20:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2001/11/14 16:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2009/08/01 05:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer
[2009/08/01 05:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer GameZone Console
[2009/08/01 05:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Super-Cow
[2010/08/22 16:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\.BitTornado
[2009/08/01 05:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Acer
[2009/08/01 05:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Acer GameZone Console
[2011/01/08 15:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\calibre
[2011/05/25 14:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\DassaultSystemes
[2011/10/19 01:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Dropbox
[2011/01/02 18:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\FreeOrion
[2011/05/04 11:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Gizmo
[2011/11/02 15:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\IM
[2011/03/02 23:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010/10/14 09:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\MuPAD
[2010/11/25 01:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Paltalk
[2011/04/10 02:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\PrimoPDF
[2011/10/02 17:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Qlock
[2009/08/01 05:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Super-Cow
[2011/05/25 14:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2009/08/01 05:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2010/08/24 19:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

========== Purity Check ==========


< End of report >
  • 0

#50
michaelg9
Posted 06 November 2011 - 05:46 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

Open up notepad, paste the following inside and save the following named fix.txt in your USB with OTLPE inside:

:OTL
O4 - HKLM..\RunOnce: [*acctadmqueue.exe] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe (©if systems)
O4 - HKLM..\RunOnce: [*srvfatauto.exe] C:\Documents and Settings\LocalService\srvfatauto.exe (©if systems)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe (©if systems)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
[2011/10/25 17:40:29 | 000,171,520 | ---- | C] (©if systems) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe
[2011/10/23 18:17:08 | 000,171,520 | ---- | C] (©if systems) -- C:\Documents and Settings\LocalService\srvfatauto.exe
[2011/10/23 18:17:08 | 000,171,520 | ---- | M] (©if systems) -- C:\Documents and Settings\LocalService\srvfatauto.exe
[2011/10/18 03:08:30 | 000,171,520 | ---- | M] (©if systems) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe

:Services

:Reg

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
@=""

:Files

:Commands




Next:


Start OTLPE as you did previously from USB

  • Insert your USB drive with fix.txt on it
  • Start OTLPE
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, when it finishes save the log it outputs in your USB and post it in your next post. Stay in OTLPE environment
  • Go to start > All programs > RegEdit and select Remote(Run Scanner)
  • Select yes at the confirmation prompt
  • At the second prompt, select your user account's name and check the "Automatically load all remaining Users?" box.
  • We'll be altering the registry, so please follow the steps exactly as you see them. If you don't find / understand something stop and post back
  • From the left menu navigate to:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

    Note: When you go there, at the bottom of the regedit windows it will say:

    My Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

  • Right click at the RunOnce key from the left menu and select Permissions...:
    Posted Image
  • Under Group or User Names select Administrators
  • Under Permissions for Administrators select Deny Full Control (the right first checkbox):
    Posted Image
  • Select OK
  • Select Yes at the confirmation window
  • Close Regedit.
  • Reboot, open OTL and press quick scan and post the log here

  • 0

#51
Ksavvy
Posted 07 November 2011 - 08:05 PM

Ksavvy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Here we go:


========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Invalid CLSID key: *acctadmqueue.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Invalid CLSID key: *srvfatauto.exe
C:\Documents and Settings\LocalService\srvfatauto.exe moved successfully.
File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe not found.
File C:\Documents and Settings\LocalService\srvfatauto.exe not found.
File C:\Documents and Settings\LocalService\srvfatauto.exe not found.
File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\acctadmqueue.exe not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\ not found.
Unable to set value : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\@|"" /E!
========== FILES ==========
========== COMMANDS ==========

OTLPE by OldTimer - Version 3.1.48.0 log created on 11062011_195712



OTL logfile created on: 11/6/2011 8:10:36 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 795.00 Mb Available Physical Memory | 78.00% Memory free
902.00 Mb Paging File | 835.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.04 Gb Total Space | 76.36 Gb Free Space | 54.92% Space Free | Partition Type: NTFS
Drive X: | 3.73 Gb Total Space | 3.33 Gb Free Space | 89.24% Space Free | Partition Type: FAT

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (Remote Solver for Flow Simulation 2011)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2011/07/19 01:19:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/04 10:30:42 | 000,034,728 | ---- | M] (Arainia Solutions) [Auto] -- C:\Program Files\Gizmo\gservice.exe -- (Gizmo Central)
SRV - [2010/12/09 13:07:10 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010/12/02 08:18:32 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand] -- C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2010/10/06 21:57:42 | 000,071,432 | ---- | M] (Mentor Graphics Corporation) [Auto] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation (2)\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2010)
SRV - [2010/03/25 12:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/23 15:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009/02/05 10:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®
SRV - [2005/09/23 09:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (USBCCID)
DRV - File not found [Kernel | System] -- -- (SASKUTIL)
DRV - File not found [Kernel | System] -- -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand] -- -- (Rts516xIR)
DRV - File not found [Kernel | On_Demand] -- -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2011/05/04 10:30:46 | 000,025,488 | ---- | M] (Arainia Solutions LLC) [Kernel | System] -- C:\WINDOWS\System32\drivers\gizmodrv.sys -- (GizmoDrv)
DRV - [2010/03/23 15:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009/06/21 23:59:26 | 001,574,112 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/05/11 00:01:30 | 000,056,992 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2009/05/06 20:15:38 | 001,759,744 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/04/15 05:13:34 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/03/02 00:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/24 03:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/02/18 04:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/11/16 20:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/10/30 16:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/08/05 07:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/11/14 21:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/01/18 22:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/02 08:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/01/04 02:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...04wu45w8812314o


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\K_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...04wu45w8812314o
IE - HKU\K_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\K_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/08/24 07:27:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/14 00:47:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/14 00:47:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/29 10:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/29 10:25:55 | 000,000,000 | ---D | M]

[2011/10/17 22:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/29 08:22:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/08/26 17:38:33 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/16 18:52:28 | 000,258,560 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll

O1 HOSTS File: ([2011/10/21 14:03:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKU\K_ON_C..\Run: [GizmoDriveDelegate] C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - HKU\K_ON_C..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKU\Administrator_ON_C..\RunOnce: [ScrSav] C:\WINDOWS\Screensavers\Acer\run_Acer.exe (TODO: <Company name>)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Gizmo.lnk = C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk = C:\Program Files\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\Dropbox.lnk = File not found
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\qlock.lnk = C:\Program Files\Qlock\qlock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\K_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/01 01:55:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 00:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/29 17:18:56 | 127,231,689 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet(1).exe
[2011/10/29 15:49:15 | 055,288,358 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet.exe
[2011/10/23 17:19:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\Cookies
[2011/10/23 17:16:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/10/21 12:33:27 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/21 12:30:36 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/10/19 22:50:58 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/10/19 22:50:51 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/10/19 22:50:34 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2011/10/19 22:50:23 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/10/19 22:50:15 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/10/19 22:50:13 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2011/10/19 22:50:09 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2011/10/19 22:50:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2011/10/19 22:49:51 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/10/19 22:49:43 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/10/19 22:49:31 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/10/19 22:49:22 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2011/10/19 22:49:14 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2011/10/19 22:49:04 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2011/10/19 22:49:03 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2011/10/19 22:49:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2011/10/19 22:48:55 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/10/19 22:48:52 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv10nt.sys
[2011/10/19 22:48:50 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv06nt.sys
[2011/10/19 22:48:49 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2011/10/19 22:48:47 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2011/10/19 22:48:45 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2011/10/19 22:48:43 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv11nt.sys
[2011/10/19 22:48:42 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv09nt.sys
[2011/10/19 22:48:42 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv08nt.sys
[2011/10/19 22:48:40 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv07nt.sys
[2011/10/19 22:48:38 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2011/10/19 22:48:37 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2011/10/19 22:48:35 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys
[2011/10/19 22:48:35 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2011/10/19 22:48:27 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/10/19 22:48:19 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/10/19 22:48:11 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/10/19 22:48:03 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/10/19 22:47:55 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/10/19 22:47:47 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/10/19 22:47:39 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/10/19 22:47:31 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2011/10/19 22:47:28 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\vchnt5.dll
[2011/10/19 22:47:20 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2011/10/19 22:47:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/10/19 22:47:05 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2011/10/19 22:46:57 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2011/10/19 22:46:49 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2011/10/19 22:46:42 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/10/19 22:46:34 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/10/19 22:46:27 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/10/19 22:46:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2011/10/19 22:46:23 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2011/10/19 22:46:22 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2011/10/19 22:46:22 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2011/10/19 22:46:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2011/10/19 22:46:19 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/10/19 22:46:09 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2011/10/19 22:46:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2011/10/19 22:45:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2011/10/19 22:45:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2011/10/19 22:45:40 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/10/19 22:45:32 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2011/10/19 22:45:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2011/10/19 22:45:18 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2011/10/19 22:45:10 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/10/19 22:45:03 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/10/19 22:45:00 | 000,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uagp35.sys
[2011/10/19 22:44:52 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2011/10/19 22:44:42 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/10/19 22:44:35 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/10/19 22:44:28 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/10/19 22:44:20 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/10/19 22:44:13 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/10/19 22:44:05 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/10/19 22:43:58 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2011/10/19 22:43:50 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2011/10/19 22:43:49 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2011/10/19 22:43:41 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2011/10/19 22:43:32 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2011/10/19 22:43:25 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2011/10/19 22:43:18 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2011/10/19 22:43:10 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/10/19 22:43:02 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/10/19 22:42:55 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/10/19 22:42:54 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/10/19 22:42:46 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/10/19 22:42:39 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/10/19 22:42:30 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2011/10/19 22:42:22 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2011/10/19 22:42:15 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/10/19 22:42:08 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/10/19 22:41:58 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2011/10/19 22:41:51 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2011/10/19 22:41:45 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2011/10/19 22:41:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2011/10/19 22:41:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2011/10/19 22:41:24 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2011/10/19 22:41:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2011/10/19 22:41:10 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/10/19 22:41:03 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/10/19 22:40:57 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/10/19 22:40:49 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/10/19 22:40:41 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/10/19 22:40:34 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2011/10/19 22:40:24 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2011/10/19 22:40:16 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2011/10/19 22:40:10 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2011/10/19 22:40:02 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2011/10/19 22:39:56 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2011/10/19 22:39:49 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2011/10/19 22:39:42 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2011/10/19 22:39:36 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2011/10/19 22:39:35 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2011/10/19 22:39:28 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2011/10/19 22:39:14 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/10/19 22:39:06 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/10/19 22:38:59 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/10/19 22:38:52 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/10/19 22:38:46 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/10/19 22:38:39 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2011/10/19 22:38:37 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2011/10/19 22:38:36 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2011/10/19 22:38:35 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbali.sys
[2011/10/19 22:38:28 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2011/10/19 22:38:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2011/10/19 22:38:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2011/10/19 22:38:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2011/10/19 22:38:02 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slserv.exe
[2011/10/19 22:38:02 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slwdmsup.sys
[2011/10/19 22:38:01 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnthal.sys
[2011/10/19 22:38:01 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slrundll.exe
[2011/10/19 22:38:00 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slntamr.sys
[2011/10/19 22:38:00 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnt7554.sys
[2011/10/19 22:37:59 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slextspk.dll
[2011/10/19 22:37:59 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slgen.dll
[2011/10/19 22:37:58 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slcoinst.dll
[2011/10/19 22:37:57 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/10/19 22:37:51 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/10/19 22:37:44 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/10/19 22:37:37 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2011/10/19 22:37:31 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2011/10/19 22:37:29 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/10/19 22:37:22 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2011/10/19 22:37:15 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2011/10/19 22:37:09 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2011/10/19 22:37:02 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2011/10/19 22:36:56 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2011/10/19 22:36:49 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2011/10/19 22:36:48 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\siint5.dll
[2011/10/19 22:36:36 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/10/19 22:36:29 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/10/19 22:36:23 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/10/19 22:36:16 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/10/19 22:36:10 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2011/10/19 22:36:01 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2011/10/19 22:35:55 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2011/10/19 22:35:47 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2011/10/19 22:35:46 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2011/10/19 22:35:39 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2011/10/19 22:35:32 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/10/19 22:35:25 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2011/10/19 22:35:18 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/10/19 22:35:12 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/10/19 22:35:11 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2011/10/19 22:35:04 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2011/10/19 22:34:56 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2011/10/19 22:34:50 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2011/10/19 22:34:43 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/10/19 22:34:37 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/10/19 22:34:30 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/10/19 22:34:24 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/10/19 22:34:17 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/10/19 22:34:11 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/10/19 22:34:05 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/10/19 22:33:58 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/10/19 22:33:52 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/10/19 22:33:45 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2011/10/19 22:33:44 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnbm.sys
[2011/10/19 22:33:43 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnb.dll
[2011/10/19 22:33:36 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/10/19 22:33:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/10/19 22:33:27 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/10/19 22:33:25 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/10/19 22:33:21 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2011/10/19 22:33:15 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2011/10/19 22:33:08 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2011/10/19 22:33:01 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/10/19 22:32:54 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2011/10/19 22:32:51 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/10/19 22:32:51 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismpx.sys
[2011/10/19 22:32:44 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/10/19 22:32:43 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2011/10/19 22:32:37 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/10/19 22:32:33 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\recagent.sys
[2011/10/19 22:32:24 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2011/10/19 22:32:16 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/10/19 22:32:09 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/10/19 22:32:03 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2011/10/19 22:31:56 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2011/10/19 22:31:51 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2011/10/19 22:31:44 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/10/19 22:31:38 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/10/19 22:31:31 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/10/19 22:31:29 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2011/10/19 22:31:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2011/10/19 22:31:15 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2011/10/19 22:31:08 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/10/19 22:31:05 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2011/10/19 22:30:59 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2011/10/19 22:30:59 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2011/10/19 22:30:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2011/10/19 22:30:39 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2011/10/19 22:30:33 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2011/10/19 22:30:26 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2011/10/19 22:30:20 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2011/10/19 22:30:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2011/10/19 22:30:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2011/10/19 22:30:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2011/10/19 22:30:00 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2011/10/19 22:29:59 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2011/10/19 22:29:58 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2011/10/19 22:29:57 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2011/10/19 22:29:54 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2011/10/19 22:29:48 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/10/19 22:29:42 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2011/10/19 22:29:35 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2011/10/19 22:29:29 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2011/10/19 22:29:23 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/10/19 22:29:22 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/10/19 22:29:15 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/10/19 22:29:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2011/10/19 22:29:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2011/10/19 22:28:55 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2011/10/19 22:28:49 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2011/10/19 22:28:42 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2011/10/19 22:28:36 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2011/10/19 22:28:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2011/10/19 22:28:24 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2011/10/19 22:28:17 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2011/10/19 22:28:11 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2011/10/19 22:28:05 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2011/10/19 22:27:59 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/10/19 22:27:52 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/10/19 22:27:46 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/10/19 22:27:40 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/10/19 22:27:37 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2011/10/19 22:27:34 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2011/10/19 22:27:32 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2011/10/19 22:27:26 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2011/10/19 22:27:20 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2011/10/19 22:27:19 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\ntmtlfax.sys
[2011/10/19 22:27:10 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/10/19 22:27:02 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2011/10/19 22:26:56 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2011/10/19 22:26:54 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2011/10/19 22:26:46 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/10/19 22:26:40 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/10/19 22:26:33 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2011/10/19 22:26:31 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/10/19 22:26:22 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2011/10/19 22:26:15 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/10/19 22:26:09 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/10/19 22:26:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2011/10/19 22:25:54 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/10/19 22:25:49 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/10/19 22:25:43 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/10/19 22:25:37 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/10/19 22:25:31 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/10/19 22:25:25 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/10/19 22:25:19 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2011/10/19 22:25:13 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2011/10/19 22:25:07 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/10/19 22:25:01 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/10/19 22:24:55 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/10/19 22:24:49 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/10/19 22:24:43 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/10/19 22:24:43 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mutohpen.sys
[2011/10/19 22:24:36 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2011/10/19 22:24:35 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhm.sys
[2011/10/19 22:24:34 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhd.dll
[2011/10/19 22:24:33 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/10/19 22:24:32 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlstrm.sys
[2011/10/19 22:24:31 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlmnt5.sys
[2011/10/19 22:24:24 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2011/10/19 22:24:16 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2011/10/19 22:24:06 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2011/10/19 22:24:05 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2011/10/19 22:23:53 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2011/10/19 22:23:46 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2011/10/19 22:23:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2011/10/19 22:23:36 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011/10/19 22:23:28 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2011/10/19 22:23:19 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2011/10/19 22:23:11 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2011/10/19 22:23:05 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2011/10/19 22:23:03 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2011/10/19 22:22:57 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2011/10/19 22:22:51 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2011/10/19 22:22:45 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/10/19 22:22:37 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2011/10/19 22:22:31 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2011/10/19 22:22:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2011/10/19 22:22:19 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2011/10/19 22:22:13 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2011/10/19 22:22:12 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2011/10/19 22:22:06 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/10/19 22:22:00 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/10/19 22:21:59 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2011/10/19 22:21:57 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/10/19 22:21:51 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/10/19 22:21:51 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/10/19 22:21:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/10/19 22:21:39 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2011/10/19 22:21:31 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/10/19 22:21:26 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/10/19 22:21:21 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/10/19 22:21:15 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/10/19 22:21:14 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2011/10/19 22:21:08 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/10/19 22:21:03 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/10/19 22:20:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2011/10/19 22:20:53 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2011/10/19 22:20:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2011/10/19 22:20:45 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2011/10/19 22:20:34 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2011/10/19 22:20:29 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2011/10/19 22:20:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2011/10/19 22:20:23 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/10/19 22:20:22 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2011/10/19 22:20:20 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2011/10/19 22:20:12 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2011/10/19 22:20:07 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2011/10/19 22:20:01 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2011/10/19 22:19:56 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2011/10/19 22:19:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2011/10/19 22:19:40 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/10/19 22:19:34 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2011/10/19 22:19:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2011/10/19 22:19:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2011/10/19 22:19:19 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2011/10/19 22:19:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2011/10/19 22:19:09 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2011/10/19 22:19:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2011/10/19 22:18:59 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2011/10/19 22:18:53 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2011/10/19 22:18:48 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2011/10/19 22:18:43 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2011/10/19 22:18:38 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2011/10/19 22:18:33 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2011/10/19 22:18:30 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2011/10/19 22:18:30 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2011/10/19 22:18:24 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2011/10/19 22:18:19 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2011/10/19 22:18:10 | 001,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfdpsp2.sys
[2011/10/19 22:18:10 | 000,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcxts2.sys
[2011/10/19 22:18:09 | 000,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfbs2s2.sys
[2011/10/19 22:18:09 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcisp2.dll
[2011/10/19 22:18:04 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2011/10/19 22:17:59 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2011/10/19 22:17:54 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2011/10/19 22:17:49 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2011/10/19 22:17:44 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2011/10/19 22:17:39 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2011/10/19 22:17:34 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2011/10/19 22:17:29 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2011/10/19 22:17:24 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2011/10/19 22:17:19 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2011/10/19 22:17:14 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2011/10/19 22:17:09 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2011/10/19 22:17:04 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2011/10/19 22:16:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2011/10/19 22:16:53 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2011/10/19 22:16:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2011/10/19 22:16:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2011/10/19 22:16:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2011/10/19 22:16:34 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/10/19 22:16:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2011/10/19 22:16:15 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/10/19 22:16:06 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2011/10/19 22:15:56 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2011/10/19 22:15:47 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2011/10/19 22:15:41 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2011/10/19 22:15:40 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys
[2011/10/19 22:15:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbth.sys
[2011/10/19 22:15:36 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2011/10/19 22:15:35 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2011/10/19 22:15:29 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2011/10/19 22:15:27 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/10/19 22:15:23 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/10/19 22:15:19 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/10/19 22:15:17 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2011/10/19 22:15:15 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2011/10/19 22:15:13 | 000,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gagp30kx.sys
[2011/10/19 22:15:09 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2011/10/19 22:15:05 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2011/10/19 22:15:00 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2011/10/19 22:14:56 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2011/10/19 22:14:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/10/19 22:14:45 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2011/10/19 22:14:41 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/10/19 22:14:37 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/10/19 22:14:31 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/10/19 22:14:27 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/10/19 22:14:23 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/10/19 22:14:20 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/10/19 22:14:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2011/10/19 22:14:10 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2011/10/19 22:13:59 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2011/10/19 22:13:54 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/10/19 22:13:50 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2011/10/19 22:13:46 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/10/19 22:13:42 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/10/19 22:13:37 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2011/10/19 22:13:34 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2011/10/19 22:13:27 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2011/10/19 22:13:23 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2011/10/19 22:13:19 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2011/10/19 22:13:15 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2011/10/19 22:13:14 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2011/10/19 22:13:10 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2011/10/19 22:13:06 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2011/10/19 22:13:02 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2011/10/19 22:12:58 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2011/10/19 22:12:54 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2011/10/19 22:12:50 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2011/10/19 22:12:47 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2011/10/19 22:12:43 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2011/10/19 22:12:39 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2011/10/19 22:12:35 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2011/10/19 22:12:31 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2011/10/19 22:12:28 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2011/10/19 22:12:24 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2011/10/19 22:12:20 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2011/10/19 22:12:17 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2011/10/19 22:12:15 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2011/10/19 22:12:12 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2011/10/19 22:12:04 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2011/10/19 22:12:01 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2011/10/19 22:11:58 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2011/10/19 22:11:56 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2011/10/19 22:11:53 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2011/10/19 22:11:50 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2011/10/19 22:11:47 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2011/10/19 22:11:45 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2011/10/19 22:11:42 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2011/10/19 22:11:40 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2011/10/19 22:11:37 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2011/10/19 22:11:34 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2011/10/19 22:11:32 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2011/10/19 22:11:29 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2011/10/19 22:11:26 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2011/10/19 22:11:24 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2011/10/19 22:11:21 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2011/10/19 22:11:17 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2011/10/19 22:11:15 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2011/10/19 22:11:12 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2011/10/19 22:11:05 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/10/19 22:11:00 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/10/19 22:10:57 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2011/10/19 22:10:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2011/10/19 22:10:53 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2011/10/19 22:10:52 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2011/10/19 22:10:45 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/10/19 22:10:43 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2011/10/19 22:10:41 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/10/19 22:10:38 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/10/19 22:10:29 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/10/19 22:10:27 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/10/19 22:10:25 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/10/19 22:10:22 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/10/19 22:10:19 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/10/19 22:10:17 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2011/10/19 22:10:14 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2011/10/19 22:10:12 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2011/10/19 22:10:10 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2011/10/19 22:10:08 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2011/10/19 22:10:05 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2011/10/19 22:10:03 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2011/10/19 22:10:01 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2011/10/19 22:09:59 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2011/10/19 22:09:56 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2011/10/19 22:09:54 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2011/10/19 22:09:52 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2011/10/19 22:09:49 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2011/10/19 22:09:46 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2011/10/19 22:09:43 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2011/10/19 22:09:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/10/19 22:09:38 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/10/19 22:09:36 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2011/10/19 22:09:34 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2011/10/19 22:09:31 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/10/19 22:09:29 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2011/10/19 22:09:26 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2011/10/19 22:09:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2011/10/19 22:09:21 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2011/10/19 22:09:19 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2011/10/19 22:09:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2011/10/19 22:09:11 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2011/10/19 22:09:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2011/10/19 22:09:07 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2011/10/19 22:09:05 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2011/10/19 22:09:03 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2011/10/19 22:09:01 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2011/10/19 22:08:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2011/10/19 22:08:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2011/10/19 22:08:54 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/10/19 22:08:54 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2011/10/19 22:08:52 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/10/19 22:08:50 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/10/19 22:08:48 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/10/19 22:08:45 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/10/19 22:08:43 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/10/19 22:08:41 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/10/19 22:08:39 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2011/10/19 22:08:38 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/10/19 22:08:36 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2011/10/19 22:08:34 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2011/10/19 22:08:32 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2011/10/19 22:08:29 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2011/10/19 22:08:26 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2011/10/19 22:08:24 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/10/19 22:08:22 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2011/10/19 22:08:20 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2011/10/19 22:08:15 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2011/10/19 22:08:13 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2011/10/19 22:08:10 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/10/19 22:08:07 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2011/10/19 22:08:06 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2011/10/19 22:08:05 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2011/10/19 22:08:03 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2011/10/19 22:08:02 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2011/10/19 22:08:00 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2011/10/19 22:07:58 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/10/19 22:07:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2011/10/19 22:07:51 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\ch7xxnt5.dll
[2011/10/19 22:07:50 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/10/19 22:07:48 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/10/19 22:07:47 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/10/19 22:07:46 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/10/19 22:07:45 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/10/19 22:07:42 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/10/19 22:07:41 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/10/19 22:07:40 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/10/19 22:07:39 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/10/19 22:07:36 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/10/19 22:07:33 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/10/19 22:07:31 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2011/10/19 22:07:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2011/10/19 22:07:29 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2011/10/19 22:07:27 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2011/10/19 22:07:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2011/10/19 22:07:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2011/10/19 22:07:24 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2011/10/19 22:07:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2011/10/19 22:07:22 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2011/10/19 22:06:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2011/10/19 22:06:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2011/10/19 22:06:56 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthprint.sys
[2011/10/19 22:06:55 | 000,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys
[2011/10/19 22:06:55 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys
[2011/10/19 22:06:55 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2011/10/19 22:06:54 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/10/19 22:06:52 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/10/19 22:06:51 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/10/19 22:06:50 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/10/19 22:06:49 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/10/19 22:06:48 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/10/19 22:06:47 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/10/19 22:06:46 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/10/19 22:06:44 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/10/19 22:06:43 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/10/19 22:06:42 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/10/19 22:06:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2011/10/19 22:06:40 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/10/19 22:06:39 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/10/19 22:06:38 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/10/19 22:06:37 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/10/19 22:06:36 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/10/19 22:06:35 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/10/19 22:06:34 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/10/19 22:06:33 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2011/10/19 22:06:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011/10/19 22:06:31 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011/10/19 22:06:30 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/10/19 22:06:30 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2011/10/19 22:06:29 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2011/10/19 22:06:28 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2011/10/19 22:06:26 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/10/19 22:06:25 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/10/19 22:06:24 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2011/10/19 22:06:23 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/10/19 22:06:22 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/10/19 22:06:21 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/10/19 22:06:20 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/10/19 22:06:20 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/10/19 22:06:18 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2011/10/19 22:06:17 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2011/10/19 22:06:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2011/10/19 22:06:12 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv10nt5.dll
[2011/10/19 22:06:11 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv06nt5.dll
[2011/10/19 22:06:09 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv04nt5.dll
[2011/10/19 22:06:08 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv02nt5.dll
[2011/10/19 22:06:06 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv01nt5.dll
[2011/10/19 22:06:01 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2011/10/19 22:05:58 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativtmxx.dll
[2011/10/19 22:05:56 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativmvxx.ax
[2011/10/19 22:05:54 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativdaxx.ax
[2011/10/19 22:05:50 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2011/10/19 22:05:50 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2011/10/19 22:05:48 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxsxx.sys
[2011/10/19 22:05:46 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxbxx.sys
[2011/10/19 22:05:42 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atintuxx.sys
[2011/10/19 22:05:42 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinttxx.sys
[2011/10/19 22:05:39 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinsnxx.sys
[2011/10/19 22:05:37 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinrvxx.sys
[2011/10/19 22:05:36 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinraxx.sys
[2011/10/19 22:05:36 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinpdxx.sys
[2011/10/19 22:05:35 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinmdxx.sys
[2011/10/19 22:05:34 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinbtxx.sys
[2011/10/19 22:05:33 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2011/10/19 22:05:32 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2011/10/19 22:05:32 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2011/10/19 22:05:31 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2011/10/19 22:05:30 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2011/10/19 22:05:29 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2011/10/19 22:05:28 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2011/10/19 22:05:26 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2011/10/19 22:05:24 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3d1ag.dll
[2011/10/19 22:05:23 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2011/10/19 22:05:22 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtaa.sys
[2011/10/19 22:05:20 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvaa.dll
[2011/10/19 22:05:20 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2011/10/19 22:05:19 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2011/10/19 22:05:18 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xsxx.sys
[2011/10/19 22:05:17 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xbxx.sys
[2011/10/19 22:05:15 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1tuxx.sys
[2011/10/19 22:05:14 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1snxx.sys
[2011/10/19 22:05:14 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1ttxx.sys
[2011/10/19 22:05:13 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1rvxx.sys
[2011/10/19 22:05:12 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1raxx.sys
[2011/10/19 22:05:11 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1pdxx.sys
[2011/10/19 22:05:10 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1mdxx.sys
[2011/10/19 22:05:08 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1btxx.sys
[2011/10/19 22:05:07 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2011/10/19 22:05:07 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2011/10/19 22:05:06 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/10/19 22:05:03 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2011/10/19 22:05:01 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2011/10/19 22:05:00 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/10/19 22:04:59 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2011/10/19 22:04:58 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2011/10/19 22:04:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2011/10/19 22:04:51 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv11nt5.dll
[2011/10/19 22:04:51 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv09nt5.dll
[2011/10/19 22:04:48 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv08nt5.dll
[2011/10/19 22:04:47 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv07nt5.dll
[2011/10/19 22:04:45 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv02nt5.dll
[2011/10/19 22:04:45 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv05nt5.dll
[2011/10/19 22:04:43 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv01nt5.dll
[2011/10/19 22:04:41 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/10/19 22:04:40 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/10/19 22:04:39 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/10/19 22:04:38 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/10/19 22:04:38 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/10/19 22:04:37 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2011/10/19 22:04:36 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2011/10/19 22:04:35 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/10/19 22:04:33 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2011/10/19 22:04:32 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2011/10/19 22:04:32 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2011/10/19 22:04:30 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2011/10/19 22:04:29 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/10/19 22:04:28 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/10/19 22:04:28 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2011/10/19 22:04:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2011/10/19 22:04:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2011/10/19 22:04:24 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/10/19 22:04:23 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/10/19 22:04:23 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/10/19 22:04:22 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2011/10/19 22:04:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2011/10/19 22:03:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2011/10/18 02:07:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\K\Desktop\OTL(1).exe
[2011/10/18 01:37:36 | 004,263,508 | R--- | C] (Swearware) -- C:\Documents and Settings\K\Desktop\ComboFix.exe
[2011/10/16 12:41:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2011/10/16 12:41:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2011/10/16 12:41:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011/10/16 12:41:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2011/10/16 12:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2011/10/16 12:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2011/10/16 12:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2011/10/16 12:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2011/10/16 12:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2011/10/16 12:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2011/10/16 12:41:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2011/10/16 12:41:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2011/10/16 12:41:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2011/10/16 12:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2011/10/16 12:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2011/10/16 12:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2011/10/16 12:41:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Super-Cow
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Oberon Games
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Google Gadgets
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Grubby Games
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Acer GameZone Console
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Acer GameZone
[2011/10/16 12:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Acer
[2011/10/14 12:37:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/10/14 12:37:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/10/14 12:37:56 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/10/14 12:37:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/10/11 20:05:30 | 000,000,000 | ---D | C] -- C:\found.000
[2010/08/22 15:06:54 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/08/22 08:51:46 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/08/01 02:35:00 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/11/06 19:57:14 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/11/04 09:23:03 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/02 15:48:05 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3207847200-596957751-681764103-1005UA.job
[2011/11/02 15:42:05 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/02 14:32:53 | 000,437,618 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/02 14:32:53 | 000,069,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/02 14:29:03 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/11/02 14:28:46 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/02 14:28:45 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/02 14:28:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/02 14:28:41 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/29 16:19:10 | 127,231,689 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet(1).exe
[2011/10/29 15:29:52 | 055,288,358 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet.exe
[2011/10/25 16:40:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/10/21 14:03:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/20 09:59:31 | 000,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2011/10/19 23:48:00 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3207847200-596957751-681764103-1005Core.job
[2011/10/19 08:06:02 | 098,050,368 | ---- | M] () -- C:\Documents and Settings\K\Desktop\setup_11.0.0.1245.x01_2011_10_19_15_41.exe
[2011/10/17 22:49:48 | 004,263,508 | R--- | M] (Swearware) -- C:\Documents and Settings\K\Desktop\ComboFix.exe
[2011/10/17 22:43:58 | 059,854,808 | ---- | M] () -- C:\Documents and Settings\K\Desktop\setup_av_free_cnet.exe
[2011/10/16 13:48:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K\Desktop\OTL(1).exe
[2011/10/16 12:40:24 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/16 12:40:14 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fips.sys
[2011/10/14 11:28:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

========== Files Created - No Company Name ==========

[2011/10/25 16:40:29 | 000,002,447 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/10/25 16:40:29 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/10/25 16:40:29 | 000,000,988 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\Dropbox.lnk
[2011/10/25 16:40:29 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk
[2011/10/25 16:40:29 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2011/10/25 16:40:29 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Gizmo.lnk
[2011/10/25 16:40:29 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\qlock.lnk
[2011/10/25 16:40:29 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/10/23 17:28:40 | 1063,194,624 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/21 18:00:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/19 22:50:50 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/10/19 22:50:42 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/10/19 22:31:22 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/10/19 22:31:14 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/10/19 22:23:45 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/10/19 22:16:29 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/10/19 22:16:20 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/10/19 22:16:10 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/10/19 22:16:01 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/10/19 22:15:51 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/10/19 22:10:36 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/10/19 22:10:34 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/10/19 22:10:32 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/10/19 22:06:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/10/19 22:06:03 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/10/19 22:06:00 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/10/19 22:05:55 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/10/19 22:05:54 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/10/19 22:05:53 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/10/19 22:05:52 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/10/19 22:05:51 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/10/19 22:05:49 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/10/19 22:05:28 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/10/19 21:04:15 | 098,050,368 | ---- | C] () -- C:\Documents and Settings\K\Desktop\setup_11.0.0.1245.x01_2011_10_19_15_41.exe
[2011/10/17 23:09:11 | 059,854,808 | ---- | C] () -- C:\Documents and Settings\K\Desktop\setup_av_free_cnet.exe
[2011/10/16 14:10:08 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/10/16 14:10:02 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/10/16 12:41:43 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/16 12:41:43 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/10/16 12:41:42 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2011/10/16 12:41:42 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2011/10/16 12:41:42 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2011/10/14 12:37:56 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/10/14 12:37:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/10/14 12:37:56 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/10/14 12:37:56 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/10/14 12:37:56 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/10/14 11:44:48 | 000,582,656 | ---- | C] () -- C:\Documents and Settings\K\Desktop\OTL.scr
[2011/09/11 22:28:42 | 000,000,625 | ---- | C] () -- C:\WINDOWS\solvermfc.INI
[2011/02/10 21:28:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/09 13:18:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2010/10/18 00:04:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\yap.INI
[2010/09/16 13:41:58 | 000,957,904 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/03 14:03:54 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/08/25 04:31:38 | 000,083,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/24 17:30:06 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\K\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/24 04:05:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/22 15:06:54 | 001,759,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/08/22 15:06:54 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/08/22 15:06:53 | 000,000,323 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010/03/23 15:26:48 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2010/03/23 15:17:40 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2009/12/20 20:42:18 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/08/01 05:01:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/08/01 03:48:57 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/08/01 03:48:57 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/08/01 03:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/08/01 03:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/08/01 03:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/08/01 03:48:57 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2009/08/01 03:48:57 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/08/01 03:48:57 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/08/01 03:48:01 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/08/01 02:34:51 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/08/01 02:34:50 | 000,437,618 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/01 02:34:50 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/08/01 02:34:50 | 000,069,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/01 02:34:50 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/08/01 02:34:50 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/08/01 02:34:49 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/08/01 02:34:49 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/08/01 02:34:48 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/08/01 02:34:48 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/08/01 02:34:44 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/08/01 02:34:42 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/08/01 01:58:22 | 000,007,003 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/08/01 01:57:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/08/01 01:52:54 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/08/01 01:51:59 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/07/31 18:49:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/31 18:48:41 | 000,368,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/08 17:08:42 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2009/02/24 21:20:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2009/08/01 04:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer
[2009/08/01 04:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acer GameZone Console
[2009/08/01 04:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Super-Cow
[2010/08/22 15:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\.BitTornado
[2009/08/01 04:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Acer
[2009/08/01 04:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Acer GameZone Console
[2011/01/08 14:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\calibre
[2011/05/25 13:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\DassaultSystemes
[2011/10/19 00:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Dropbox
[2011/01/02 17:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\FreeOrion
[2011/05/04 10:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Gizmo
[2011/11/02 14:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\IM
[2011/03/02 22:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010/10/14 08:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\MuPAD
[2010/11/25 00:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Paltalk
[2011/04/10 01:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\PrimoPDF
[2011/10/02 16:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Qlock
[2009/08/01 04:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Super-Cow
[2011/05/25 13:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2009/08/01 04:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2010/08/24 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

========== Purity Check ==========


< End of report >
  • 0

#52
michaelg9
Posted 08 November 2011 - 06:46 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello
It seems that we got it :)

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



Next:

Run a full scan with your antivirus and delete anything it finds. Tell me if it found anything and what was that.


Next:


Open OTL, press the None Button, Under Extra Registry select Use Safelist and click Run Scan. Post the extras.txt log it produces



Next:

How is your computer running? Are there any other problems?
  • 0

#53
Ksavvy
Posted 09 November 2011 - 11:44 PM

Ksavvy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
WOW, I have really been looking forward to you saying that :)

during malware bytes install:

Error creating registry key:
Hkey_Local_machine\software\microsoft\windows\currentversion\runonce

regcreatkeyex failed; code 5.
access is denied.

I ignored and continued.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8121

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/8/2011 10:25:37 PM
mbam-log-2011-11-08 (22-25-09).txt

Scan type: Full scan (C:\|)
Objects scanned: 409957
Time elapsed: 3 hour(s), 29 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 22

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Backup\Kellen\my documents\my dropbox\SOFTWARE\mwsnap300.exe (PUP.Perflogger) -> No action taken.
c:\documents and settings\K\my documents\my dropbox\SOFTWARE\mwsnap300.exe (PUP.Perflogger) -> No action taken.
c:\Qoobox\quarantine\C\documents and settings\K\fathostprov.exe.vir (Trojan.FakeAlert) -> No action taken.
c:\Qoobox\quarantine\C\WINDOWS\system32\intelw32.dll.vir (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\RP128\A0039960.exe (Trojan.FakeAlert) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp128\a0039961.dll (Trojan.FakeAlert) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\RP128\A0040967.sys (Trojan.FakeAlert) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp128\a0040968.ini (Trojan.Agent) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp130\a0041070.ini (Trojan.Agent) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\RP130\A0041090.dll (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp135\a0042832.ini (Trojan.Agent) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp138\a0044891.ini (Trojan.Agent) -> No action taken.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\RP139\A0049681.exe (Trojan.FakeAlert) -> No action taken.
c:\_OTL\movedfiles\10072011_101724\c_documents and settings\K\start menu\Programs\Startup\dnsdevcab.exe (Trojan.FakeAlert) -> No action taken.
c:\_OTL\movedfiles\10112011_180913\c_documents and settings\K\application data\cryptdnsmgr.exe (Trojan.FakeAlert) -> No action taken.
c:\_OTL\movedfiles\10112011_180913\c_documents and settings\K\start menu\Programs\proxyqueueapi.exe (Trojan.FakeAlert) -> No action taken.
c:\_OTL\movedfiles\10112011_180913\c_windows\system32\cscautoadsl.exe (Trojan.FakeAlert) -> No action taken.
c:\_OTL\movedfiles\10142011_092031\c_documents and settings\K\application data\auditsrvcfg.exe (Trojan.FakeAlert) -> No action taken.
c:\_OTL\movedfiles\10142011_092031\c_windows\system32\c_74940.nl_ (Backdoor.0Access) -> No action taken.
c:\_OTL\movedfiles\10182011_000826\c_documents and settings\K\start menu\Programs\edithostadv.exe (Trojan.FakeAlert) -> No action taken.
c:\_OTL\movedfiles\11062011_195712\c_documents and settings\all users\start menu\Programs\Startup\acctadmqueue.exe (Trojan.FakeAlert) -> No action taken.
c:\_OTL\movedfiles\11062011_195712\c_documents and settings\localservice\srvfatauto.exe (Trojan.FakeAlert) -> No action taken.




Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8121

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/8/2011 10:25:52 PM
mbam-log-2011-11-08 (22-25-52).txt

Scan type: Full scan (C:\|)
Objects scanned: 409957
Time elapsed: 3 hour(s), 29 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 22

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Backup\Kellen\my documents\my dropbox\SOFTWARE\mwsnap300.exe (PUP.Perflogger) -> Not selected for removal.
c:\documents and settings\K\my documents\my dropbox\SOFTWARE\mwsnap300.exe (PUP.Perflogger) -> Not selected for removal.
c:\Qoobox\quarantine\C\documents and settings\K\fathostprov.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\intelw32.dll.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\RP128\A0039960.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp128\a0039961.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\RP128\A0040967.sys (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp128\a0040968.ini (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp130\a0041070.ini (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\RP130\A0041090.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp135\a0042832.ini (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\rp138\a0044891.ini (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{577e2158-88b0-493a-bdb5-e2ee0fe6ac39}\RP139\A0049681.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\10072011_101724\c_documents and settings\K\start menu\Programs\Startup\dnsdevcab.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\10112011_180913\c_documents and settings\K\application data\cryptdnsmgr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\10112011_180913\c_documents and settings\K\start menu\Programs\proxyqueueapi.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\10112011_180913\c_windows\system32\cscautoadsl.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\10142011_092031\c_documents and settings\K\application data\auditsrvcfg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\10142011_092031\c_windows\system32\c_74940.nl_ (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\10182011_000826\c_documents and settings\K\start menu\Programs\edithostadv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\11062011_195712\c_documents and settings\all users\start menu\Programs\Startup\acctadmqueue.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\11062011_195712\c_documents and settings\localservice\srvfatauto.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8121

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/9/2011 7:13:00 AM
mbam-log-2011-11-09 (07-13-00).txt

Scan type: Quick scan
Objects scanned: 186396
Time elapsed: 8 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




I used Avast and i wasnt able to get a log out of it. it tried to interfere with the mbam scans, and the items that it deleted were mostly previously quarantined items, or the items that mbam originally caught.



OTL logfile created on: 11/9/2011 10:39:59 PM - Run 14
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\K\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.87 Mb Total Physical Memory | 469.52 Mb Available Physical Memory | 46.31% Memory free
2.38 Gb Paging File | 1.63 Gb Available in Paging File | 68.36% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.04 Gb Total Space | 75.83 Gb Free Space | 54.54% Space Free | Partition Type: NTFS
Drive D: | 3.73 Gb Total Space | 2.82 Gb Free Space | 75.42% Space Free | Partition Type: FAT

Computer Name: ACER-399B23EC8F | User Name: K | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

< End of report >



OTL Extras logfile created on: 11/9/2011 10:39:59 PM - Run 14
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\K\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.87 Mb Total Physical Memory | 469.52 Mb Available Physical Memory | 46.31% Memory free
2.38 Gb Paging File | 1.63 Gb Available in Paging File | 68.36% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.04 Gb Total Space | 75.83 Gb Free Space | 54.54% Space Free | Partition Type: NTFS
Drive D: | 3.73 Gb Total Space | 2.82 Gb Free Space | 75.42% Space Free | Partition Type: FAT

Computer Name: ACER-399B23EC8F | User Name: K | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\K\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\K\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\FreeOrion\freeoriond.exe" = C:\Program Files\FreeOrion\freeoriond.exe:*:Enabled:freeoriond -- ()
"C:\Documents and Settings\K\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\K\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\ImageJ\jre\bin\javaw.exe" = C:\Program Files\ImageJ\jre\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" = C:\Program Files\DivX\DivX Update\DivXUpdate.exe:*:Disabled:DivX Update -- ()
"C:\Program Files\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe" = C:\Program Files\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe:*:Disabled:sldBgDwldresu -- (Dassault Systèmes SolidWorks Corp.)
"C:\Program Files\TechSmith\Jing\Jing.exe" = C:\Program Files\TechSmith\Jing\Jing.exe:*:Disabled:Jing -- (TechSmith Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{15041B8B-AC63-41DF-91D2-2118CE39E8D9}" = SolidWorks Flow Simulation 2010 SP05
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2AD738DC-FC24-4342-A2DA-BB6DCCF6B048}" = Jing
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = WebCam
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = FXCM MT4 powered by BT 4.00
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736D2DAD-3D87-4CAA-8646-83D238AD68E0}" = PhotoView 360
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B0CBE5D-33AE-4C85-8F52-E53DAE76BA5C}" = SolidWorks Flow Simulation 2011 SP04
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{92D9E57D-73A5-4329-9888-FBBC16ED8944}_is1" = UN.CO.VER. 2.0
"{9402DAC1-447E-49C9-979D-BD5838E709D7}" = SolidWorks eDrawings 2011 SP04
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2B6CEF9-F05B-4E6A-97CB-4241C1155F77}" = TweetAttacks
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A66DBCC6-8802-3D15-9FDF-9552742C08B0}" = Google Talk Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}" = SolidWorks 2010 SP05
"{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}" = Cisco Systems VPN Client 5.0.07.0290
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C00F32AF-E350-43CC-80EB-F0D961A5C9BD}" = calibre
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0D3BFE5-5215-41BD-B82E-81D7FB6A9166}" = SolidWorks 2011 SP04
"{D31220EB-925B-4D3D-ACDD-1389DA6D2EF3}" = SolidWorks eDrawings 2010
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DBAC1413-D5AE-4c89-AE9A-B330B02DBAB0}" = eVoice Player 1.0
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.5
"{F82AA7DA-F49B-CA39-C3FC-DDC983B3E223}" = Market Samurai
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Setup.divx.com" = DivX Setup
"DjVuLibre+DjView" = DjVuLibre+DjView
"FreeOrion" = FreeOrion 0.3.15
"Gizmo Central" = Gizmo Central
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"ImageJ_is1" = ImageJ 1.44p
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"MatlabR2010a" = MATLAB R2010a
"Mendeley Desktop" = Mendeley Desktop 0.9.8.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"MiKTeX 2.9" = MiKTeX 2.9
"Mnemosyne_is1" = Mnemosyne 1.2.2
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"MWSnap 3" = MWSnap 3
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenTTD" = OpenTTD 1.0.5
"PalTalk8.2" = PaltalkScene
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"Qlock" = Qlock Lite
"Scrivener for Windows Beta 1.6" = Scrivener for Windows Beta
"SolidWorks Installation Manager 20100-40500-1100-200" = SolidWorks 2010 SP05
"SolidWorks Installation Manager 20110-40400-1100-200" = SolidWorks 2011 SP04
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Rosetta Stone" = The Rosetta Stone
"thinkorswim" = thinkorswim
"VLC media player" = VLC media player 1.1.11
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/9/2011 11:34:57 PM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21844

Error - 11/9/2011 11:34:59 PM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/9/2011 11:34:59 PM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 23813

Error - 11/9/2011 11:34:59 PM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 23813

Error - 11/9/2011 11:35:01 PM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/9/2011 11:35:01 PM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 25766

Error - 11/9/2011 11:35:01 PM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 25766

Error - 11/10/2011 1:19:42 AM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/10/2011 1:19:42 AM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6307563

Error - 11/10/2011 1:19:42 AM | Computer Name = ACER-399B23EC8F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6307563

[ System Events ]
Error - 11/2/2011 3:28:51 PM | Computer Name = ACER-399B23EC8F | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL

Error - 11/2/2011 7:03:13 PM | Computer Name = ACER-399B23EC8F | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 11/7/2011 7:35:45 PM | Computer Name = ACER-399B23EC8F | Source = Service Control Manager | ID = 7000
Description = The Remote Solver for Flow Simulation 2011 service failed to start
due to the following error: %%2

Error - 11/7/2011 7:35:47 PM | Computer Name = ACER-399B23EC8F | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL

Error - 11/7/2011 7:36:47 PM | Computer Name = ACER-399B23EC8F | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 11/9/2011 6:14:06 AM | Computer Name = ACER-399B23EC8F | Source = Service Control Manager | ID = 7000
Description = The Remote Solver for Flow Simulation 2011 service failed to start
due to the following error: %%2

Error - 11/9/2011 6:14:21 AM | Computer Name = ACER-399B23EC8F | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
atapi PCIIde SASDIFSV SASKUTIL

Error - 11/9/2011 10:02:50 AM | Computer Name = ACER-399B23EC8F | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.195 for the Network Card with network
address 0CEEE6B00C9A has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 11/9/2011 1:52:05 PM | Computer Name = ACER-399B23EC8F | Source = Service Control Manager | ID = 7000
Description = The Remote Solver for Flow Simulation 2011 service failed to start
due to the following error: %%2

Error - 11/9/2011 1:52:14 PM | Computer Name = ACER-399B23EC8F | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL


< End of report >



Computer is running well :yes: I havent noticed anything weird yet.
  • 0

#54
michaelg9
Posted 10 November 2011 - 10:03 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,

Actually you were infected with two super awesome rootkits and another super stubborn infection

The MBAM error is caused due to the alternation of the reg key we did to prevent the infection from re-spawning, we'll set it back in a little

You didn't delete the nasties MBAM found, so run this fix to remove them:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Services

    :Reg

    :Files
    c:\Backup\Kellen\my documents\my dropbox\SOFTWARE\mwsnap300.exe
    c:\documents and settings\K\my documents\my dropbox\SOFTWARE\mwsnap300.exe

    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.



Next:

Right click Avast ball from the taskbar and click Program settings > Reports (avast home). Check to see if you find any scan logs there and post them



Next:

Run ESET Online Scan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  • ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

  • 0

#55
Ksavvy
Posted 13 November 2011 - 09:51 PM

Ksavvy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
All processes killed
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
c:\Backup\Kellen\my documents\my dropbox\SOFTWARE\MWSnap300.exe moved successfully.
c:\documents and settings\K\my documents\my dropbox\SOFTWARE\MWSnap300.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: K
->Temp folder emptied: 37475451 bytes
->Temporary Internet Files folder emptied: 2487536 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 57957260 bytes
->Flash cache emptied: 7018 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2371603 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 96.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: K
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11132011_104812

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


OTL logfile created on: 11/13/2011 10:58:19 AM - Run 15
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\K\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.87 Mb Total Physical Memory | 274.73 Mb Available Physical Memory | 27.10% Memory free
2.38 Gb Paging File | 1.80 Gb Available in Paging File | 75.33% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.04 Gb Total Space | 75.12 Gb Free Space | 54.03% Space Free | Partition Type: NTFS

Computer Name: ACER-399B23EC8F | User Name: K | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/13 01:21:22 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/08 18:42:28 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/10/16 11:48:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K\Desktop\OTL(1).exe
PRC - [2011/09/06 13:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/08 18:28:02 | 000,977,408 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011/06/08 12:12:40 | 001,834,280 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe
PRC - [2011/05/25 13:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\K\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/05/04 08:30:42 | 000,034,728 | ---- | M] (Arainia Solutions) -- C:\Program Files\Gizmo\gservice.exe
PRC - [2011/05/04 08:30:41 | 000,223,640 | ---- | M] (Arainia Solutions) -- C:\Program Files\Gizmo\gizmo.exe
PRC - [2011/03/21 14:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/10/06 19:57:42 | 000,071,432 | ---- | M] (Mentor Graphics Corporation) -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation (2)\binCFW\StandAloneSlv.exe
PRC - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2009/06/25 17:30:36 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/05/08 15:09:42 | 000,607,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/02/13 23:37:32 | 004,142,080 | ---- | M] () -- C:\Program Files\Qlock\qlock.exe
PRC - [2009/02/05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2009/01/31 11:26:09 | 007,300,392 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe
PRC - [2008/12/30 00:09:54 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/07/03 15:58:22 | 000,094,208 | ---- | M] (sonix) -- C:\WINDOWS\PLFSetL.exe
PRC - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008/04/15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/13 09:02:12 | 001,614,336 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11111301\algo.dll
MOD - [2011/11/13 01:21:25 | 000,849,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/11/11 10:19:04 | 000,240,992 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11111301\aswRep.dll
MOD - [2011/05/04 08:30:42 | 000,404,384 | ---- | M] () -- C:\Program Files\Gizmo\gdatabase.dll
MOD - [2011/05/04 08:30:42 | 000,394,656 | ---- | M] () -- C:\Program Files\Gizmo\gdrive.dll
MOD - [2011/05/04 08:30:42 | 000,372,632 | ---- | M] () -- C:\Program Files\Gizmo\ghash.dll
MOD - [2011/05/04 08:30:42 | 000,339,864 | ---- | M] () -- C:\Program Files\Gizmo\gscript.dll
MOD - [2011/05/04 08:30:42 | 000,339,864 | ---- | M] () -- C:\Program Files\Gizmo\geditor.dll
MOD - [2011/05/04 08:30:41 | 000,315,800 | ---- | M] () -- C:\Program Files\Gizmo\gmanager.dll
MOD - [2011/05/04 08:30:41 | 000,166,816 | ---- | M] () -- C:\Program Files\Gizmo\gimage.dll
MOD - [2011/04/19 12:39:46 | 000,315,392 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll
MOD - [2011/04/19 12:39:44 | 000,433,664 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll
MOD - [2011/03/21 14:10:36 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/06/03 13:46:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/03/23 13:26:48 | 000,201,512 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2010/02/23 06:04:00 | 001,589,248 | ---- | M] () -- C:\Program Files\Google\Google Gears\Firefox\lib\ff36\gears.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/12/20 18:42:16 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2009/05/08 15:08:42 | 002,854,976 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2009/05/08 15:06:38 | 000,069,697 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009/02/13 23:37:32 | 004,142,080 | ---- | M] () -- C:\Program Files\Qlock\qlock.exe
MOD - [2008/04/14 05:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 05:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/06/06 22:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Remote Solver for Flow Simulation 2011)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/07/18 23:19:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/04 08:30:42 | 000,034,728 | ---- | M] (Arainia Solutions) [Auto | Running] -- C:\Program Files\Gizmo\gservice.exe -- (Gizmo Central)
SRV - [2010/12/09 11:07:10 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010/12/02 06:18:32 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2010/10/06 19:57:42 | 000,071,432 | ---- | M] (Mentor Graphics Corporation) [Auto | Running] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation (2)\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2010)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009/02/05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®
SRV - [2005/09/23 07:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 13:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 13:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 13:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 13:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/04 08:30:46 | 000,025,488 | ---- | M] (Arainia Solutions LLC) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\gizmodrv.sys -- (GizmoDrv)
DRV - [2010/03/23 13:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009/06/21 21:59:26 | 001,574,112 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/05/10 22:01:30 | 000,056,992 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2009/05/06 18:15:38 | 001,759,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/04/15 03:13:34 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/03/01 22:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/24 01:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/02/18 02:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/11/16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/10/30 14:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/08/05 05:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/11/14 19:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/01/18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/02 06:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/01/04 00:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...04wu45w8812314o

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...04wu45w8812314o
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://chased1k.tada...list.com/lists"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {E0B8C461-F8FB-49b4-8373-FE32E9252800}:5.0.0.177572
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.3.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: [email protected]:1.11
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.7.0
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1289

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\K\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\K\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\K\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\K\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\K\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/08/24 05:27:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/13 22:47:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/13 22:47:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/08 20:42:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/13 01:21:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/13 01:21:38 | 000,000,000 | ---D | M]

[2010/08/24 02:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\K\Application Data\Mozilla\Extensions
[2011/11/13 11:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions
[2011/08/12 18:05:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/12 18:05:05 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/08/12 18:05:05 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011/11/09 13:07:01 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2011/11/09 13:07:12 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2011/11/09 13:07:11 | 000,000,000 | ---D | M] (Readability) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\[email protected]
[2011/11/13 11:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/29 06:22:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/11/08 20:42:39 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/04/13 22:47:03 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/04/13 22:47:04 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010/08/24 05:27:06 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/08/26 15:38:33 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/16 16:52:28 | 000,258,560 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll

O1 HOSTS File: ([2011/10/21 12:03:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKCU..\Run: [GizmoDriveDelegate] C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - HKCU..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Gizmo.lnk = C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk = C:\Program Files\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\K\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\qlock.lnk = C:\Program Files\Qlock\qlock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{698AAFBC-E2FC-49F8-A30F-84A1EC6145C5}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\K\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\K\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/31 23:55:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/13 10:48:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/11/08 20:43:47 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/08 20:43:47 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/08 20:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/11/08 20:43:41 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/08 20:43:41 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/08 20:43:41 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/08 20:43:40 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/08 20:43:40 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/08 20:43:40 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/08 20:42:32 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/08 20:42:31 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/08 20:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/11/08 20:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/08 19:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/11/08 19:05:24 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\K\Desktop\aswMBR.exe
[2011/11/08 18:52:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K\Application Data\Malwarebytes
[2011/11/08 18:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/08 18:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/08 18:48:44 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/08 18:48:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/29 15:18:56 | 127,231,689 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet(1).exe
[2011/10/29 13:49:15 | 055,288,358 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet.exe
[2011/10/23 15:16:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/10/21 10:33:27 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/21 10:30:36 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/10/19 20:50:58 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/10/19 20:50:51 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/10/19 20:50:23 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/10/19 20:50:15 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/10/19 20:49:51 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/10/19 20:49:43 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/10/19 20:49:31 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/10/19 20:48:55 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/10/19 20:48:27 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/10/19 20:48:19 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/10/19 20:48:11 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/10/19 20:48:03 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/10/19 20:47:55 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/10/19 20:47:47 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/10/19 20:47:39 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/10/19 20:47:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/10/19 20:46:42 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/10/19 20:46:34 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/10/19 20:46:27 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/10/19 20:46:19 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/10/19 20:45:40 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/10/19 20:45:10 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/10/19 20:45:03 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/10/19 20:44:42 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/10/19 20:44:35 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/10/19 20:44:28 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/10/19 20:44:20 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/10/19 20:44:13 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/10/19 20:44:05 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/10/19 20:43:10 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/10/19 20:43:02 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/10/19 20:42:55 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/10/19 20:42:54 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/10/19 20:42:46 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/10/19 20:42:39 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/10/19 20:42:15 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/10/19 20:42:08 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/10/19 20:41:10 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/10/19 20:41:03 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/10/19 20:40:57 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/10/19 20:40:49 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/10/19 20:40:41 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/10/19 20:39:14 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/10/19 20:39:06 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/10/19 20:38:59 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/10/19 20:38:52 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/10/19 20:38:46 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/10/19 20:37:57 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/10/19 20:37:51 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/10/19 20:37:44 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/10/19 20:37:29 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/10/19 20:36:36 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/10/19 20:36:29 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/10/19 20:36:23 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/10/19 20:36:16 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/10/19 20:35:32 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/10/19 20:35:18 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/10/19 20:35:12 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/10/19 20:34:43 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/10/19 20:34:37 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/10/19 20:34:30 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/10/19 20:34:24 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/10/19 20:34:17 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/10/19 20:34:11 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/10/19 20:34:05 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/10/19 20:33:58 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/10/19 20:33:52 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/10/19 20:33:36 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/10/19 20:33:30 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/10/19 20:33:27 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/10/19 20:33:25 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/10/19 20:33:01 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/10/19 20:32:51 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/10/19 20:32:44 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/10/19 20:32:37 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/10/19 20:32:16 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/10/19 20:32:09 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/10/19 20:31:44 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/10/19 20:31:38 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/10/19 20:31:31 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/10/19 20:31:08 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/10/19 20:29:48 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/10/19 20:29:23 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/10/19 20:29:22 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/10/19 20:29:15 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/10/19 20:27:59 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/10/19 20:27:52 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/10/19 20:27:46 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/10/19 20:27:40 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/10/19 20:27:10 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/10/19 20:26:46 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/10/19 20:26:40 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/10/19 20:26:31 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/10/19 20:26:15 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/10/19 20:26:09 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/10/19 20:25:54 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/10/19 20:25:49 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/10/19 20:25:43 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/10/19 20:25:37 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/10/19 20:25:31 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/10/19 20:25:25 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/10/19 20:25:07 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/10/19 20:25:01 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/10/19 20:24:55 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/10/19 20:24:49 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/10/19 20:24:43 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/10/19 20:22:45 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/10/19 20:22:06 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/10/19 20:22:00 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/10/19 20:21:57 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/10/19 20:21:51 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/10/19 20:21:51 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/10/19 20:21:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/10/19 20:21:31 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/10/19 20:21:26 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/10/19 20:21:21 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/10/19 20:21:15 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/10/19 20:21:08 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/10/19 20:21:03 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/10/19 20:20:23 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/10/19 20:19:40 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/10/19 20:16:34 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/10/19 20:16:15 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/10/19 20:15:27 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/10/19 20:15:23 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/10/19 20:15:19 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/10/19 20:14:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/10/19 20:14:41 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/10/19 20:14:37 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/10/19 20:14:31 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/10/19 20:14:27 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/10/19 20:14:23 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/10/19 20:14:20 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/10/19 20:13:54 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/10/19 20:13:46 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/10/19 20:13:42 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/10/19 20:11:05 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/10/19 20:11:00 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/10/19 20:10:45 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/10/19 20:10:41 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/10/19 20:10:38 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/10/19 20:10:29 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/10/19 20:10:27 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/10/19 20:10:25 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/10/19 20:10:22 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/10/19 20:10:19 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/10/19 20:09:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/10/19 20:09:38 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/10/19 20:09:31 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/10/19 20:08:54 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/10/19 20:08:52 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/10/19 20:08:50 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/10/19 20:08:48 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/10/19 20:08:45 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/10/19 20:08:43 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/10/19 20:08:41 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/10/19 20:08:38 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/10/19 20:08:24 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/10/19 20:08:10 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/10/19 20:07:58 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/10/19 20:07:50 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/10/19 20:07:48 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/10/19 20:07:47 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/10/19 20:07:46 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/10/19 20:07:45 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/10/19 20:07:42 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/10/19 20:07:41 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/10/19 20:07:40 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/10/19 20:07:39 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/10/19 20:07:36 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/10/19 20:07:33 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/10/19 20:06:54 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/10/19 20:06:52 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/10/19 20:06:51 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/10/19 20:06:50 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/10/19 20:06:49 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/10/19 20:06:48 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/10/19 20:06:47 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/10/19 20:06:46 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/10/19 20:06:44 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/10/19 20:06:43 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/10/19 20:06:42 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/10/19 20:06:40 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/10/19 20:06:39 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/10/19 20:06:38 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/10/19 20:06:37 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/10/19 20:06:36 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/10/19 20:06:35 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/10/19 20:06:34 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/10/19 20:06:30 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/10/19 20:06:26 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/10/19 20:06:25 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/10/19 20:06:23 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/10/19 20:06:22 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/10/19 20:06:21 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/10/19 20:06:20 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/10/19 20:06:20 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/10/19 20:05:06 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/10/19 20:05:00 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/10/19 20:04:41 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/10/19 20:04:40 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/10/19 20:04:39 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/10/19 20:04:38 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/10/19 20:04:38 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/10/19 20:04:35 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/10/19 20:04:29 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/10/19 20:04:28 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/10/19 20:04:24 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/10/19 20:04:23 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/10/19 20:04:23 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/10/18 00:07:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\K\Desktop\OTL(1).exe
[2011/10/17 23:37:36 | 004,263,508 | R--- | C] (Swearware) -- C:\Documents and Settings\K\Desktop\ComboFix.exe
[2010/08/22 13:06:54 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/08/22 06:51:46 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/08/01 00:35:00 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[1 C:\Documents and Settings\K\Desktop\*.tmp files -> C:\Documents and Settings\K\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/13 10:54:59 | 000,437,618 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/13 10:54:59 | 000,069,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/13 10:53:07 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3207847200-596957751-681764103-1005UA.job
[2011/11/13 10:51:44 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/11/13 10:50:39 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/13 10:50:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/13 10:50:20 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/13 10:47:18 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/10 06:48:32 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/09 13:04:07 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/08 20:43:48 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/11/08 20:43:40 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/08 19:07:37 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/11/08 18:53:02 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3207847200-596957751-681764103-1005Core.job
[2011/11/08 18:48:48 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/07 16:35:39 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/29 14:19:10 | 127,231,689 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet(1).exe
[2011/10/29 13:29:52 | 055,288,358 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\K\Desktop\OTLPENet.exe
[2011/10/25 14:40:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/10/21 12:03:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/20 07:59:31 | 000,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2011/10/19 06:06:02 | 098,050,368 | ---- | M] () -- C:\Documents and Settings\K\Desktop\setup_11.0.0.1245.x01_2011_10_19_15_41.exe
[2011/10/17 20:49:48 | 004,263,508 | R--- | M] (Swearware) -- C:\Documents and Settings\K\Desktop\ComboFix.exe
[2011/10/17 20:43:58 | 059,854,808 | ---- | M] () -- C:\Documents and Settings\K\Desktop\setup_av_free_cnet.exe
[2011/10/16 11:48:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K\Desktop\OTL(1).exe
[2011/10/16 10:40:24 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\Documents and Settings\K\Desktop\*.tmp files -> C:\Documents and Settings\K\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/08 20:43:48 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/11/08 19:07:37 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/11/08 18:48:48 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/25 14:40:29 | 000,002,447 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/10/25 14:40:29 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/10/25 14:40:29 | 000,000,988 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\Dropbox.lnk
[2011/10/25 14:40:29 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk
[2011/10/25 14:40:29 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2011/10/25 14:40:29 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Gizmo.lnk
[2011/10/25 14:40:29 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\qlock.lnk
[2011/10/25 14:40:29 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/10/23 15:28:40 | 1063,194,624 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/21 16:00:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/19 20:50:50 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/10/19 20:50:42 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/10/19 20:31:22 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/10/19 20:31:14 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/10/19 20:23:45 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/10/19 20:16:29 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/10/19 20:16:20 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/10/19 20:16:10 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/10/19 20:16:01 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/10/19 20:15:51 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/10/19 20:10:36 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/10/19 20:10:34 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/10/19 20:10:32 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/10/19 20:06:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/10/19 20:06:03 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/10/19 20:06:00 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/10/19 20:05:55 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/10/19 20:05:54 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/10/19 20:05:53 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/10/19 20:05:52 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/10/19 20:05:51 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/10/19 20:05:49 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/10/19 20:05:28 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/10/19 19:04:15 | 098,050,368 | ---- | C] () -- C:\Documents and Settings\K\Desktop\setup_11.0.0.1245.x01_2011_10_19_15_41.exe
[2011/10/17 21:09:11 | 059,854,808 | ---- | C] () -- C:\Documents and Settings\K\Desktop\setup_av_free_cnet.exe
[2011/10/16 12:10:08 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/10/16 12:10:02 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/10/16 10:05:44 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/10/14 10:37:56 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/10/14 10:37:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/10/14 10:37:56 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/10/14 10:37:56 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/10/14 10:37:56 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/11 20:28:42 | 000,000,625 | ---- | C] () -- C:\WINDOWS\solvermfc.INI
[2011/02/10 19:28:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/09 11:18:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2010/10/17 22:04:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\yap.INI
[2010/09/16 11:41:58 | 000,957,904 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/03 12:03:54 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/08/25 02:31:38 | 000,083,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/24 15:30:06 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\K\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/24 02:05:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/22 13:06:54 | 001,759,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/08/22 13:06:54 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/08/22 13:06:53 | 000,000,323 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010/03/23 13:26:48 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2010/03/23 13:17:40 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2009/12/20 18:42:18 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/08/01 03:01:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/08/01 01:48:57 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/08/01 01:48:57 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/08/01 01:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/08/01 01:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/08/01 01:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/08/01 01:48:57 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2009/08/01 01:48:57 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/08/01 01:48:57 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/08/01 01:48:01 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/08/01 00:34:51 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/08/01 00:34:50 | 000,437,618 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/01 00:34:50 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/08/01 00:34:50 | 000,069,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/01 00:34:50 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/08/01 00:34:50 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/08/01 00:34:49 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/08/01 00:34:49 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/08/01 00:34:48 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/08/01 00:34:48 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/08/01 00:34:44 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/08/01 00:34:42 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/07/31 23:58:22 | 000,007,003 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/07/31 23:57:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/31 23:52:54 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/07/31 23:51:59 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/07/31 16:49:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/31 16:48:41 | 000,368,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/08 15:08:42 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2009/02/24 19:20:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2011/11/08 20:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/25 11:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2009/08/01 02:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2010/08/24 16:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/22 13:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\.BitTornado
[2009/08/01 02:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Acer
[2009/08/01 02:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Acer GameZone Console
[2011/01/08 12:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\calibre
[2011/05/25 11:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\DassaultSystemes
[2011/11/13 10:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Dropbox
[2011/01/02 15:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\FreeOrion
[2011/05/04 08:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Gizmo
[2011/11/13 10:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\IM
[2011/03/02 20:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010/10/14 06:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\MuPAD
[2010/11/24 22:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Paltalk
[2011/04/09 23:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\PrimoPDF
[2011/10/02 14:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Qlock
[2009/08/01 02:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Super-Cow

========== Purity Check ==========



< End of report >



So the Avast interface has changed, i can get to the scan logs through the user interface, but none of them are exportable. I will try to post pictures below

ok, so i cant upload or paste images

I have 4 logs, 3 of which have about 21 viruses all together, the last scan found nothing. besides the items that were "moved to chest" that we just deleted with OTL, everything else was deleted. let me know if you need specifics and i can try and copy that all down somehow.




ESET Online Scanner

Threats Found!
infected files: 1

C:\System Volume Information\_restore{577E2158-88B0-493A-BDB5-E2EE0FE6AC39}\RP128\A0039962.ini Win32/Adware.AntimalwareDoctor.AE.Gen application
  • 0

Advertisements

#56
michaelg9
Posted 14 November 2011 - 07:04 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

Upgrading Java:
  • Go here and click Free Java Download
  • It will offer you the latest version of java, download it and install it


Next:

  • Go to start > run and type regedit and press enter
  • From the left menu navigate to:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

    Note: When you go there, at the bottom of the regedit windows it will say:

    My Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

  • Right click at the RunOnce key from the left menu and select Permissions...:
    Posted Image
  • Under Group or User Names select Administrators
  • Under Permissions for Administrators select Allow Full Control (the left first checkbox):
  • Select OK
  • Select Yes if any confirmation window appears.
  • Close Regedit.
  • Reboot.


Next:

Open up OTL and press the quick scan button. Post here the log.
After this, if all go well I'll give you some advice to keep clean and you'll be free to go :)
  • 0

#57
Ksavvy
Posted 19 November 2011 - 10:50 PM

Ksavvy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Thank you :)

So i updated Java

I did the regedit thing, but permissions were already what was instructed

I still cant delete the OTL.exe and OTL.src that the rootkit seemed to restrict

Here is the OTL Scan:

OTL logfile created on: 11/19/2011 7:46:26 PM - Run 16
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\K\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.87 Mb Total Physical Memory | 198.79 Mb Available Physical Memory | 19.61% Memory free
2.38 Gb Paging File | 1.67 Gb Available in Paging File | 69.90% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.04 Gb Total Space | 70.24 Gb Free Space | 50.51% Space Free | Partition Type: NTFS

Computer Name: ACER-399B23EC8F | User Name: K | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/13 01:21:22 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/08 18:42:28 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/10/16 11:48:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K\Desktop\OTL(1).exe
PRC - [2011/09/06 13:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/08 18:28:02 | 000,977,408 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011/08/08 18:18:26 | 007,892,992 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\Evernote.exe
PRC - [2011/08/08 18:06:28 | 000,387,072 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\EvernoteTray.exe
PRC - [2011/06/08 12:12:40 | 001,834,280 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe
PRC - [2011/05/25 13:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\K\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/05/04 08:30:42 | 000,034,728 | ---- | M] (Arainia Solutions) -- C:\Program Files\Gizmo\gservice.exe
PRC - [2011/05/04 08:30:41 | 000,223,640 | ---- | M] (Arainia Solutions) -- C:\Program Files\Gizmo\gizmo.exe
PRC - [2011/03/21 14:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/10/06 19:57:42 | 000,071,432 | ---- | M] (Mentor Graphics Corporation) -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation (2)\binCFW\StandAloneSlv.exe
PRC - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2009/06/25 17:30:36 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/05/08 15:09:42 | 000,607,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/02/13 23:37:32 | 004,142,080 | ---- | M] () -- C:\Program Files\Qlock\qlock.exe
PRC - [2009/02/05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2009/01/31 11:26:09 | 007,300,392 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe
PRC - [2008/12/30 00:09:54 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/07/03 15:58:22 | 000,094,208 | ---- | M] (sonix) -- C:\WINDOWS\PLFSetL.exe
PRC - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008/04/15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/19 11:31:18 | 001,618,432 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11111901\algo.dll
MOD - [2011/11/18 09:08:11 | 001,618,432 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11111801\algo.dll
MOD - [2011/11/15 04:59:54 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11111901\aswRep.dll
MOD - [2011/11/15 04:59:54 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11111801\aswRep.dll
MOD - [2011/11/13 01:21:25 | 000,849,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/08/02 05:18:16 | 006,271,648 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/07/19 20:01:30 | 017,657,856 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libcef.dll
MOD - [2011/05/04 13:19:48 | 000,160,782 | ---- | M] () -- C:\Program Files\Evernote\Evernote\avformat-52.dll
MOD - [2011/05/04 13:19:20 | 001,305,102 | ---- | M] () -- C:\Program Files\Evernote\Evernote\avcodec-52.dll
MOD - [2011/05/04 13:19:20 | 000,096,782 | ---- | M] () -- C:\Program Files\Evernote\Evernote\avutil-50.dll
MOD - [2011/05/04 08:30:42 | 000,404,384 | ---- | M] () -- C:\Program Files\Gizmo\gdatabase.dll
MOD - [2011/05/04 08:30:42 | 000,394,656 | ---- | M] () -- C:\Program Files\Gizmo\gdrive.dll
MOD - [2011/05/04 08:30:42 | 000,372,632 | ---- | M] () -- C:\Program Files\Gizmo\ghash.dll
MOD - [2011/05/04 08:30:42 | 000,339,864 | ---- | M] () -- C:\Program Files\Gizmo\gscript.dll
MOD - [2011/05/04 08:30:42 | 000,339,864 | ---- | M] () -- C:\Program Files\Gizmo\geditor.dll
MOD - [2011/05/04 08:30:41 | 000,315,800 | ---- | M] () -- C:\Program Files\Gizmo\gmanager.dll
MOD - [2011/05/04 08:30:41 | 000,166,816 | ---- | M] () -- C:\Program Files\Gizmo\gimage.dll
MOD - [2011/04/19 12:39:46 | 000,315,392 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll
MOD - [2011/04/19 12:39:44 | 000,433,664 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll
MOD - [2011/03/21 14:10:36 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/06/03 13:46:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/03/23 13:26:48 | 000,201,512 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2010/02/23 06:04:00 | 001,589,248 | ---- | M] () -- C:\Program Files\Google\Google Gears\Firefox\lib\ff36\gears.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/12/20 18:42:16 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2009/05/08 15:08:42 | 002,854,976 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2009/05/08 15:06:38 | 000,069,697 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009/02/13 23:37:32 | 004,142,080 | ---- | M] () -- C:\Program Files\Qlock\qlock.exe
MOD - [2008/04/14 05:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 05:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/06/06 22:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Remote Solver for Flow Simulation 2011)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/07/18 23:19:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/04 08:30:42 | 000,034,728 | ---- | M] (Arainia Solutions) [Auto | Running] -- C:\Program Files\Gizmo\gservice.exe -- (Gizmo Central)
SRV - [2010/12/09 11:07:10 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010/12/02 06:18:32 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2010/10/06 19:57:42 | 000,071,432 | ---- | M] (Mentor Graphics Corporation) [Auto | Running] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation (2)\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2010)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009/02/05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®
SRV - [2005/09/23 07:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 13:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 13:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 13:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 13:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/04 08:30:46 | 000,025,488 | ---- | M] (Arainia Solutions LLC) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\gizmodrv.sys -- (GizmoDrv)
DRV - [2011/04/01 08:06:52 | 000,009,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\K\Local Settings\Application Data\0 A.D. alpha\binaries\system\aken.sys -- (Aken)
DRV - [2010/03/23 13:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009/06/21 21:59:26 | 001,574,112 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/05/10 22:01:30 | 000,056,992 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2009/05/06 18:15:38 | 001,759,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/04/15 03:13:34 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/03/01 22:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/24 01:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/02/18 02:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/11/16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/10/30 14:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/08/05 05:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/11/14 19:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/01/18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/02 06:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/01/04 00:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...04wu45w8812314o

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...04wu45w8812314o
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://chased1k.tada...list.com/lists"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {E0B8C461-F8FB-49b4-8373-FE32E9252800}:5.0.0.177572
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.3.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: [email protected]:1.11
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.7.0
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1289

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\K\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\K\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\K\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\K\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\K\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/08/24 05:27:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/13 22:47:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/13 22:47:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/08 20:42:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/13 01:21:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/19 19:36:54 | 000,000,000 | ---D | M]

[2010/08/24 02:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\K\Application Data\Mozilla\Extensions
[2011/11/19 19:35:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions
[2011/08/12 18:05:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/12 18:05:05 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/08/12 18:05:05 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011/11/09 13:07:01 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2011/11/09 13:07:12 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2011/11/09 13:07:11 | 000,000,000 | ---D | M] (Readability) -- C:\Documents and Settings\K\Application Data\Mozilla\Firefox\Profiles\tjyi1aio.default\extensions\[email protected]
[2011/11/19 19:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/29 06:22:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/11/19 19:36:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/11/08 20:42:39 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/04/13 22:47:03 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/04/13 22:47:04 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010/08/24 05:27:06 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/08/26 15:38:33 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/16 16:52:28 | 000,258,560 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll

O1 HOSTS File: ([2011/10/21 12:03:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKCU..\Run: [GizmoDriveDelegate] C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - HKCU..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Gizmo.lnk = C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk = C:\Program Files\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\K\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Documents and Settings\K\Start Menu\Programs\Startup\qlock.lnk = C:\Program Files\Qlock\qlock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{698AAFBC-E2FC-49F8-A30F-84A1EC6145C5}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\K\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\K\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/31 23:55:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/19 19:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/11/16 16:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K\Start Menu\Programs\Fraps
[2011/11/16 16:02:27 | 000,000,000 | ---D | C] -- C:\Fraps
[2011/11/15 22:06:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K\Application Data\0ad
[2011/11/15 22:03:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K\Start Menu\Programs\0 A.D. alpha
[2011/11/15 21:59:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K\Local Settings\Application Data\0 A.D. alpha
[2011/11/13 12:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/11/13 10:48:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/11/08 20:43:47 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/08 20:43:47 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/08 20:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/11/08 20:43:41 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/08 20:43:41 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/08 20:43:41 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/08 20:43:40 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/08 20:43:40 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/08 20:43:40 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/08 20:42:32 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/08 20:42:31 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/08 20:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/11/08 20:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/08 19:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/11/08 18:52:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K\Application Data\Malwarebytes
[2011/11/08 18:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/08 18:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/08 18:48:44 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/08 18:48:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/23 15:16:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/10/22 04:21:38 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll
[2011/10/21 10:33:27 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/21 10:30:36 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/08/22 13:06:54 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/08/22 06:51:46 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/08/01 00:35:00 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/11/19 19:56:22 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3207847200-596957751-681764103-1005UA.job
[2011/11/19 19:47:10 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/19 19:27:48 | 000,437,618 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/19 19:27:48 | 000,069,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/19 19:23:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/19 19:23:06 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/11/19 19:22:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/19 19:22:31 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/18 12:05:12 | 000,193,052 | ---- | M] () -- C:\Documents and Settings\K\My Documents\GTDclouds_1920_wide.jpg
[2011/11/18 12:01:45 | 000,304,431 | ---- | M] () -- C:\Documents and Settings\K\My Documents\GTDclouds_2048.jpg
[2011/11/17 18:53:01 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3207847200-596957751-681764103-1005Core.job
[2011/11/15 10:42:50 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\K\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/14 23:15:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/14 22:06:17 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\K\Desktop\Shortcut to Goodrich.lnk
[2011/11/10 06:48:32 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/08 20:43:40 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/07 16:35:39 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/25 14:40:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/10/22 04:21:38 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll
[2011/10/21 12:03:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

========== Files Created - No Company Name ==========

[2011/11/18 12:05:11 | 000,193,052 | ---- | C] () -- C:\Documents and Settings\K\My Documents\GTDclouds_1920_wide.jpg
[2011/11/18 12:01:41 | 000,304,431 | ---- | C] () -- C:\Documents and Settings\K\My Documents\GTDclouds_2048.jpg
[2011/10/25 14:40:29 | 000,002,447 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/10/25 14:40:29 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/10/25 14:40:29 | 000,000,988 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\Dropbox.lnk
[2011/10/25 14:40:29 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk
[2011/10/25 14:40:29 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2011/10/25 14:40:29 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Gizmo.lnk
[2011/10/25 14:40:29 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\K\Start Menu\Programs\Startup\qlock.lnk
[2011/10/25 14:40:29 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/10/23 15:28:40 | 1063,194,624 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/21 16:00:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/14 10:37:56 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/10/14 10:37:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/10/14 10:37:56 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/10/14 10:37:56 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/10/14 10:37:56 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/11 20:28:42 | 000,000,625 | ---- | C] () -- C:\WINDOWS\solvermfc.INI
[2011/02/10 19:28:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/09 11:18:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2010/10/17 22:04:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\yap.INI
[2010/09/16 11:41:58 | 000,957,904 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/03 12:03:54 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/08/25 02:31:38 | 000,083,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/24 15:30:06 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\K\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/24 02:05:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/22 13:06:54 | 001,759,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/08/22 13:06:54 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/08/22 13:06:53 | 000,000,323 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010/03/23 13:26:48 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2010/03/23 13:17:40 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2009/12/20 18:42:18 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/08/01 03:01:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/08/01 01:48:57 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/08/01 01:48:57 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/08/01 01:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/08/01 01:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/08/01 01:48:57 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/08/01 01:48:57 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2009/08/01 01:48:57 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/08/01 01:48:57 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/08/01 01:48:01 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/08/01 00:34:51 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/08/01 00:34:50 | 000,437,618 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/01 00:34:50 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/08/01 00:34:50 | 000,069,678 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/01 00:34:50 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/08/01 00:34:50 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/08/01 00:34:49 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/08/01 00:34:49 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/08/01 00:34:48 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/08/01 00:34:48 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/08/01 00:34:44 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/08/01 00:34:42 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/07/31 23:58:22 | 000,007,003 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/07/31 23:57:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/31 23:52:54 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/07/31 23:51:59 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/07/31 16:49:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/31 16:48:41 | 000,368,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/08 15:08:42 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2009/02/24 19:20:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2011/11/08 20:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/25 11:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2009/08/01 02:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2010/08/24 16:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/22 13:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\.BitTornado
[2011/11/15 22:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\0ad
[2009/08/01 02:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Acer
[2009/08/01 02:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Acer GameZone Console
[2011/01/08 12:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\calibre
[2011/05/25 11:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\DassaultSystemes
[2011/11/19 19:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Dropbox
[2011/01/02 15:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\FreeOrion
[2011/05/04 08:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Gizmo
[2011/11/19 19:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\IM
[2011/03/02 20:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010/10/14 06:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\MuPAD
[2010/11/24 22:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Paltalk
[2011/04/09 23:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\PrimoPDF
[2011/10/02 14:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Qlock
[2009/08/01 02:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\K\Application Data\Super-Cow

========== Purity Check ==========



< End of report >
  • 0

#58
michaelg9
Posted 21 November 2011 - 01:29 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Happy to hear that you're clean finally :yes:

Congratulations! Your logs are clean! :) Now that you are clean, please follow these precautions in order to keep safe:


Over the course of the fix you've used a variety of special tools to help with the cleaning process - none of these are of any use to you now that you're clean, and it's best not to have them hanging around on your computer.


Next:


Uninstall ComboFix from your computer:
  • Click on Start > Run
  • Type Combofix /Uninstall in the run box and click Ok. Note the space between the x and the /u, it needs to be there.
    Posted Image

Next:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL for the last time and hit the cleanup button. It will remove all the programs we have used plus itself.

Next:

Note: If you are using Firefox I would suggest the use of these add-ons:
  • NoScript - for blocking ads and other potential website attacks.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.


Next:


Automatic Updates for Windows
  • Click Start.
  • Select Settings and then Control Panel.
  • Select Automatic Updates.
  • Click Automatic (recommended)
  • Choose a day and a time when you know the computer will be on and connected to the internet.
  • Click Apply then OK.



Next:


Additional security programs - For additional security, the use of these tools is important:
  • Malwarebytes Anti-Malware. - Update the free version and scan with it often. It is an excellent scanning tool to have on your side.
  • The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. This little program packs a powerful punch as it block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial

Next:

Upgrading Java:
  • Go here and click Do I have Java
  • It will check your current version and then offer to update to the latest version, if there are any.


Next:


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.


Next:


Keep a backup of your important files to prevent future data loss.


Happy safe computing !! :)
  • 0

#59
Ksavvy
Posted 22 November 2011 - 10:33 PM

Ksavvy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Thank you so much for all of your help. You are a scholar and a saint!
  • 0

#60
michaelg9
Posted 23 November 2011 - 06:39 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
You are welcome :happy:
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP