Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Open Cloud AV infection

Started by jp17315 , Oct 18 2011 08:20 PM

  • Please log in to reply

#1
jp17315
Posted 18 October 2011 - 08:20 PM

jp17315

    Member

  • Member
  • PipPipPip
  • 127 posts
I have a computer running windows XP service pack 2 and it is infected with the Open Cloud AV virus. I scanned it with combofix and malwarebytes, and avast antivirus programs. They found the following viruses:
Win32:killapp-w
Win32:adware-gen
Hijack.disablecad
Pdf.exploit.js
I also deleted open cloud process that was located in system32 folder, but not sure if I have a clean computer.I now have no internet access and I am transferring the logs to cds to upload using another computer. I ran OTL and the log is below. Would appreciate any and all help in this matter. I hope I didn’t jump the gun by running Combofix.


OTL logfile created on: 10/18/2011 9:56:29 p. m. - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.52 Mb Total Physical Memory | 117.87 Mb Available Physical Memory | 23.09% Memory free
1.22 Gb Paging File | 0.86 Gb Available in Paging File | 70.85% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.93 Gb Total Space | 42.14 Gb Free Space | 75.36% Space Free | Partition Type: NTFS

Computer Name: YOUR-PA86Z1I3G7 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/06 10:33:01 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/09/06 15:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/31 16:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2007/09/10 15:12:44 | 000,069,632 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2005/06/06 22:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2003/08/12 12:50:40 | 001,376,360 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe
PRC - [2002/06/17 20:14:38 | 000,090,112 | ---- | M] (Compaq) -- C:\Compaq\EAKDRV\EAUSBKBD.exe
PRC - [2002/05/10 12:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/05/06 10:02:00 | 002,256,896 | ---- | M] (VERITAS Software Corporation) -- C:\Program Files\RecordNow\mycd.exe
PRC - [2002/04/14 06:29:58 | 000,438,272 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\CPQEADM.exe
PRC - [2001/12/15 00:01:24 | 000,032,768 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\STARTEAK.exe
PRC - [2001/08/10 01:46:44 | 000,064,512 | -H-- | M] (America Online, Inc.) -- C:\WINDOWS\system32\PackethSvc.exe
PRC - [2001/03/23 21:34:10 | 000,122,880 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\BttnServ.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/28 13:43:22 | 001,579,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11092801\algo.dll
MOD - [2011/09/27 16:41:34 | 000,212,640 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11092801\aswRep.dll
MOD - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
MOD - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
MOD - [2003/08/02 23:20:57 | 000,126,976 | R--- | M] () -- C:\Program Files\SpywareGuard\spywareguard.dll
MOD - [1998/12/21 03:35:36 | 000,024,576 | ---- | M] () -- C:\Program Files\compaq\Easy Access Button Support\BttnSeps.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (msCMTSrvc)
SRV - File not found [On_Demand | Stopped] -- -- (McSysmon)
SRV - File not found [Unknown | Stopped] -- -- (McShield)
SRV - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2003/08/12 12:50:40 | 001,376,360 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2002/05/24 12:46:14 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)
SRV - [2002/05/17 02:30:12 | 000,262,144 | ---- | M] (NeoPlanet) [Disabled | Stopped] -- C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe -- (Compaq_RBA)
SRV - [2002/05/10 12:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2001/08/10 01:46:44 | 000,064,512 | -H-- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\system32\PackethSvc.exe -- (PackethSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 15:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 15:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/10/16 20:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/07/24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2004/08/04 07:00:00 | 000,138,496 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/03/31 13:29:00 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/07/13 06:27:04 | 000,155,008 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2002/06/22 04:29:30 | 000,656,172 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2002/05/24 12:46:14 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)
DRV - [2002/05/24 12:46:14 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)
DRV - [2002/05/24 12:46:14 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)
DRV - [2001/08/10 03:26:02 | 000,022,608 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wandrv.sys -- (wandrv)
DRV - [2001/08/08 15:13:36 | 000,158,140 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2001/08/08 15:13:30 | 000,012,479 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2001/08/08 15:13:30 | 000,012,031 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2001/08/08 15:13:30 | 000,011,679 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2001/08/08 15:13:28 | 000,019,359 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2001/08/08 15:13:28 | 000,011,999 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2001/08/08 15:13:26 | 000,033,503 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2001/08/08 15:13:24 | 000,029,215 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2001/08/08 15:13:24 | 000,023,519 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2001/08/08 15:13:24 | 000,019,199 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [1999/10/30 00:35:08 | 000,024,348 | ---- | M] (Compaq Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EAWDMFD.SYS -- (EAWDMFD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://rd.yahoo.com/.../search/ie.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.aol.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/03 08:16:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/01 10:29:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Owner\Application Data\Move Networks [2009/09/24 08:05:47 | 000,000,000 | ---D | M]

[2008/12/17 09:48:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/09/27 08:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\extensions
[2011/09/27 08:08:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/26 08:22:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/02/10 07:15:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/10/03 08:16:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/10/03 08:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java™ Platform SE 6 U13 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/10/07 10:24:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll File not found
O2 - BHO: (Reg Error: Value error.) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CPQEASYACC] C:\Program Files\compaq\Easy Access Button Support\STARTEAK.exe (Compaq Computer Corporation)
O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [WCOLOREAL] C:\Program Files\COMPAQ\Coloreal\coloreal.exe ()
O4 - HKLM..\Run: [WwUeOtySDo4Q8234A] C:\WINDOWS\system32\XllOONtxP0u3Gaj.exe File not found
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: RemindU. - C:\Program Files\Upromise_Remind_U\UpromisesRemindU\UpromisetRemindU\uproC0.htm ()
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.micr...D0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.av.a...83/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Ad.pewtarex.com
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/08/01 21:46:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/07 13:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GridinSoft
[2011/10/07 13:14:48 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2011/10/07 13:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SwkUVrlOBx0c1b3
[2011/10/07 13:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\nG4aQH6dW7R9TqU
[2011/10/07 12:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\gcS1ivD3oGaHsKf
[2011/10/07 12:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\EbF3pmG5aJdKfZh
[2011/10/07 11:55:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\BmG5sQJ6dKgZhXk
[2011/10/07 11:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\bEL9gTZqjCkVzNx
[2011/10/07 11:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/10/07 11:47:48 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/10/07 11:47:48 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/10/07 11:47:45 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/10/07 11:47:44 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/10/07 11:47:44 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/10/07 11:47:42 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/10/07 11:47:42 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/10/07 11:47:41 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/10/07 11:47:10 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/10/07 11:47:08 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/10/07 11:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/10/07 11:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/10/07 11:22:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/10/07 10:31:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/10/07 10:12:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/10/06 12:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\tS2ibF3pn5Q6W8R
[2011/10/06 12:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\k8gTZqhYCkVlNx0
[2011/10/06 12:19:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\OwkUVrlOBx0c1b3
[2011/10/06 12:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\UobF4pmG5Q7E8Rq
[2011/10/06 12:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SPNycA1uv2n4m5W
[2011/10/06 12:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\JRL9hTXqjClB
[2011/10/06 12:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware-A
[2011/10/06 11:41:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\nD2onF4am5W7E8T
[2011/10/06 11:41:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ctzPNycA1
[2011/10/06 11:08:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/06 11:05:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/10/06 11:05:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/10/06 11:05:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/10/06 11:05:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/06 11:05:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Videos
[2011/10/06 11:05:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2011/10/06 11:03:52 | 004,245,600 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/10/06 10:58:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\XvS2obF3pGsJdKg
[2011/10/06 10:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\hYCekIVrzNx0
[2011/10/06 10:36:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\KD2obF4pm5Q7E8R
[2011/10/06 10:36:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\EkIBrzPyx1
[2011/10/06 10:32:58 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/10/06 10:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\oc1v3n4m6W7LgZ
[2011/10/06 10:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\A0v2b3GsJ
[2011/10/05 15:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\vsJdKgZhXkVlBPy
[2011/10/05 15:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\EDoGaHs7R9TqU
[2011/10/05 15:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/05 15:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TvoFaHsJ7E8TqYw
[2011/10/05 15:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\E8fRL9hTXjClBzN
[2011/10/05 15:13:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\IobF4pmG5Q7E
[2011/10/05 15:13:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ERZqhYXwkVlBx0c
[2011/10/05 15:03:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\kzP0ycS1iDoGaHs
[2011/10/05 15:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\YJ6dEK8fR9YwUeO
[2011/10/05 13:53:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\WuSoFpGsJdKgZhX
[2011/10/05 13:53:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\HoFaHsJE9TqYeIr
[2011/10/05 08:23:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\VoGa6WfLq
[2011/10/05 08:23:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\T9YwUeOtP
[2011/10/05 07:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\zbFG5QJdE8R9YwU
[2011/10/05 07:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\fbFpG5sQJdKgZhX
[2011/10/04 15:51:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/10/04 15:35:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/10/04 15:35:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/10/04 15:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\V8gRZ9hYXkVlBx0
[2011/10/04 15:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QA0uvS2ob3m5Q6E
[2011/10/04 15:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\YelOBtxP0c
[2011/10/04 15:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\HsQJ6dEK8R9YwU
[2011/10/04 15:13:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Open Cloud AV
[2011/10/04 15:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\VssQJJ6RZkVexiD
[2011/10/04 15:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\gnnnG4aaQHs
[2011/10/04 15:12:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\H11uuvDmH58YwkV

========== Files - Modified Within 30 Days ==========

[2011/10/18 22:03:03 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/10/18 21:40:09 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\HP WEP.job
[2011/10/18 21:37:16 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/18 21:29:50 | 000,000,191 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/10/18 21:29:48 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/18 21:29:37 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/18 21:29:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/18 21:29:28 | 535,392,256 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/11 09:08:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{8AF1CB84-6885-4017-BD07-F0BEC571FE26}
[2011/10/07 13:14:59 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Trojan Killer.lnk
[2011/10/07 11:47:49 | 000,001,755 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/10/07 11:47:43 | 000,002,702 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/10/07 10:24:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/07 07:51:51 | 000,001,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FixNCR.reg
[2011/10/06 13:02:11 | 000,000,491 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/10/06 11:08:15 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/10/06 11:04:16 | 004,245,600 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/10/06 10:33:01 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/10/06 10:32:48 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\rkill.com
[2011/10/05 15:54:54 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2011/10/05 15:47:04 | 000,501,408 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/10/05 15:06:58 | 000,002,229 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/10/05 13:55:03 | 000,000,210 | ---- | M] () -- C:\Boot.bak
[2011/10/05 08:30:55 | 000,001,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/10/04 15:13:18 | 000,001,213 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\ldr.ini
[2011/10/01 10:30:32 | 000,398,760 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2011/09/26 08:22:22 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/26 08:22:22 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/09/20 10:03:32 | 073,496,160 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe

========== Files Created - No Company Name ==========

[2011/10/18 21:40:09 | 000,000,316 | ---- | C] () -- C:\WINDOWS\tasks\HP WEP.job
[2011/10/11 09:07:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{8AF1CB84-6885-4017-BD07-F0BEC571FE26}
[2011/10/07 13:14:59 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Trojan Killer.lnk
[2011/10/07 13:07:07 | 535,392,256 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/07 11:47:49 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/10/06 11:08:15 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2011/10/06 11:08:07 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/10/06 11:05:38 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/10/06 11:05:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/10/06 11:05:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/10/06 11:05:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/10/06 11:05:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/10/06 10:32:42 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\rkill.com
[2011/10/05 15:54:54 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2011/10/05 15:46:57 | 000,501,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/10/05 15:06:58 | 000,002,229 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/10/04 15:13:15 | 000,001,213 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ldr.ini
[2011/09/26 08:22:22 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2009/10/14 08:58:09 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2009/02/11 14:06:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2008/08/06 06:35:56 | 000,061,504 | ---- | C] () -- C:\WINDOWS\System32\licensemanager.exe
[2008/08/06 06:35:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\U25STORE.DLL
[2008/08/06 06:35:56 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\U25TOTAL.DLL
[2008/08/06 06:35:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\smtls32.dll
[2008/08/06 06:35:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\U2LBAR.DLL
[2008/08/06 06:35:50 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\Ltfil60n.dll
[2008/08/06 06:35:44 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\Lfbmp60n.dll
[2008/08/06 06:35:44 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\Lfwmf60n.dll
[2008/08/06 06:35:43 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\Lffax60n.dll
[2008/08/06 06:35:43 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\Lfcmp60n.dll
[2008/08/06 06:35:43 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\Lfpng60n.dll
[2008/08/06 06:35:43 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\Lftif60n.dll
[2008/08/06 06:35:43 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\Lfpcx60n.dll
[2008/08/06 06:35:43 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\Lfpct60n.dll
[2008/08/06 06:35:43 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\Lfeps60n.dll
[2008/08/06 06:35:43 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\Lfpsd60n.dll
[2008/08/06 06:35:43 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Lftga60n.dll
[2008/08/06 06:35:43 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\Lfwpg60n.dll
[2008/08/06 06:35:43 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\Lfmsp60n.dll
[2008/08/06 06:35:43 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Lfmac60n.dll
[2008/08/06 06:35:42 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\Regsvr16.exe
[2008/08/06 06:33:02 | 000,000,184 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2007/07/26 12:01:50 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2005/11/08 12:11:11 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2005/08/02 08:55:14 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/05/21 14:37:05 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/11/18 10:11:24 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/11/18 10:11:23 | 000,000,051 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,138,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\afd.sys
[2004/08/04 07:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/01/14 16:55:09 | 000,000,723 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2003/08/28 08:00:21 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/07/10 12:07:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\dm.ini
[2003/02/22 11:03:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2003/02/07 09:59:04 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2003/01/16 15:54:09 | 000,010,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\PACKET.SYS
[2003/01/15 15:49:35 | 000,000,491 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/01/15 15:49:24 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2002/11/27 17:11:41 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2002/11/26 21:34:15 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2002/11/13 16:20:31 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/08/02 03:11:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/08/02 00:19:00 | 000,000,470 | ---- | C] () -- C:\WINDOWS\ikey.ini
[2002/08/02 00:16:30 | 000,009,310 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2002/08/01 23:59:15 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2002/08/01 23:59:14 | 000,000,626 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2002/08/01 23:59:13 | 000,007,406 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2002/08/01 23:10:54 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2002/08/01 22:50:25 | 000,000,029 | ---- | C] () -- C:\WINDOWS\ALSndMgr.ini
[2002/08/01 22:41:52 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2002/08/01 22:41:52 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2002/08/01 22:41:23 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2002/08/01 21:52:20 | 000,000,799 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/08/01 21:50:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/08/01 21:43:39 | 000,022,736 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/01 21:41:46 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/08/01 21:33:03 | 000,000,557 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/08/01 21:32:23 | 000,404,170 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/01 21:32:23 | 000,064,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/01 14:37:30 | 000,004,331 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/08/01 14:36:30 | 000,145,216 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/06/20 19:09:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll
[2002/06/01 00:59:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/05/24 12:46:08 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2002/05/24 12:44:48 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2002/05/22 21:44:14 | 000,009,785 | ---- | C] () -- C:\WINDOWS\System32\drivers\a312.sys
[2002/05/22 21:04:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2001/09/05 07:25:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\LoadDll.dll
[2001/09/01 00:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[2001/08/08 15:13:22 | 000,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll
[2000/10/25 13:15:00 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll

========== LOP Check ==========

[2002/08/02 04:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\America Online
[2011/10/07 11:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/02/13 14:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/10/05 16:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2004/01/14 16:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/10/06 10:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\A0v2b3GsJ
[2010/02/24 08:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Auslogics
[2011/10/07 11:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\bEL9gTZqjCkVzNx
[2011/10/07 11:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BmG5sQJ6dKgZhXk
[2002/01/01 00:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CoreFTP
[2002/01/01 00:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\cP2DGaHd8
[2011/10/06 11:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ctzPNycA1
[2011/10/05 15:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\E8fRL9hTXjClBzN
[2011/10/07 12:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\EbF3pmG5aJdKfZh
[2011/10/05 15:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\EDoGaHs7R9TqU
[2011/10/06 10:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\EkIBrzPyx1
[2011/10/05 15:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ERZqhYXwkVlBx0c
[2011/10/05 07:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\fbFpG5sQJdKgZhX
[2002/01/01 00:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GbD3onG4aHsKfLg
[2011/10/07 12:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gcS1ivD3oGaHsKf
[2002/01/01 00:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gN124578qklxcFG
[2011/10/04 15:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gnnnG4aaQHs
[2011/10/04 15:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\H11uuvDmH58YwkV
[2011/10/05 13:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\HoFaHsJE9TqYeIr
[2011/10/04 15:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\HsQJ6dEK8R9YwU
[2011/10/06 10:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\hYCekIVrzNx0
[2002/08/02 04:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterTrust
[2005/07/30 07:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2011/10/05 15:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\IobF4pmG5Q7E
[2002/01/01 00:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\J4578qwrtuipadf
[2011/10/06 12:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\JRL9hTXqjClB
[2011/10/06 12:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\k8gTZqhYCkVlNx0
[2011/10/06 10:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\KD2obF4pm5Q7E8R
[2011/10/05 15:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\kzP0ycS1iDoGaHs
[2007/09/18 14:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2002/01/01 00:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mVzNx0v2b3m5Q6E
[2002/01/01 00:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\n7fEL8gTZjCkVzN
[2011/10/06 11:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\nD2onF4am5W7E8T
[2011/10/07 13:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\nG4aQH6dW7R9TqU
[2011/10/06 10:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\oc1v3n4m6W7LgZ
[2002/01/01 00:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OeryuopsdghUOPS
[2009/02/10 08:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2011/10/06 12:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OwkUVrlOBx0c1b3
[2002/01/01 00:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OyyyxA11uv2ob4m
[2002/01/01 00:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\pQJJ7EKK8RZq
[2002/01/01 00:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PXXXqjjYCekBrO
[2011/10/04 15:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QA0uvS2ob3m5Q6E
[2002/01/01 00:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QBzNxuo4m5Q7EgZ
[2011/10/06 12:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SPNycA1uv2n4m5W
[2011/10/07 13:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SwkUVrlOBx0c1b3
[2002/01/01 00:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SzPNycA1iDoFaHs
[2011/10/05 08:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\T9YwUeOtP
[2002/12/05 14:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2002/01/01 00:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\THKLXCBN124578q
[2011/10/06 12:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\tS2ibF3pn5Q6W8R
[2011/10/05 15:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TvoFaHsJ7E8TqYw
[2011/10/06 12:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\UobF4pmG5Q7E8Rq
[2011/10/04 15:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\V8gRZ9hYXkVlBx0
[2004/01/12 11:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VERITAS
[2007/06/19 15:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2011/10/05 08:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VoGa6WfLq
[2011/10/05 15:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\vsJdKgZhXkVlBPy
[2011/10/04 15:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VssQJJ6RZkVexiD
[2011/10/05 13:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WuSoFpGsJdKgZhX
[2011/10/06 10:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\XvS2obF3pGsJdKg
[2011/10/04 15:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\YelOBtxP0c
[2011/10/05 15:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\YJ6dEK8fR9YwUeO
[2011/10/05 07:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\zbFG5QJdE8R9YwU
[2002/11/13 17:35:04 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 1.job
[2002/11/13 17:35:05 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2002/11/13 17:35:06 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 18 October 2011 - 10:26 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Uninstall SpywareGuard so we don't have to fight it.


Close all programs so that you are at your desktop.
Double-click on the My Computer icon.
Select the Tools menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button and exit My Computer.
Now your computer is configured to show all hidden files.

Open My Computer and navigate to

C:\Documents and Settings\Owner\Application Data\

Click on Views and select Details to make the following easier.

Delete all of the random named folders:

(Like:
SwkUVrlOBx0c1b3
nG4aQH6dW7R9TqU
VoGa6WfLq
if in doubt check the dates these seem to come in clusters just a few minutes apart.)

Delete:
C:\Documents and Settings\Owner\Start Menu\Programs\Open Cloud AV

C:\WINDOWS\system32\XllOONtxP0u3Gaj.exe (may be gone already)

Do you know what this is: Ad.pewtarex.com ??


Download and save the norton removal tool
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
Download the McAfee Removal tool
http://download.mcaf...atches/MCPR.exe

Run both tools.

Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK

Right click on the Avast Ball and select Avast! Shields Control and Disable Until Computer is Restarted

Run Combofix again and post the log.



Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Appears to me that afd.sys has been compromised. See if it is on the list when you run sigverif after running sc /scannow:

Start, Run, cmd, OK then type:

sfc /scannow

(It doesn't work all that well in XP but you might get lucky. It will probably ask for the CD - if you don't have it or it doesn't like it just tell it to skip or continue as many times as necessary)

sigverif

(press the Start button in the new window and wait for it to finish. It will list the ones it doesn't like. Is afd.sys among them?)

Copy the text in the code box by highlighting and Ctrl + c 


/md5start
afd.sys
/md5stop

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run SCAN button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.


IF you haven't already let Avast run a Boot-time scan:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?

I think on XP systems the log file can be found in text form in C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report\boot.txt
If you find it copy and paste it into a reply.

For your Internet:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, (Tools or the Firefox button), Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK.

Restart and test. If still no good:

Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box: 


ipconfig /flushdns

netsh  winsock  reset catalog

netsh  int ip reset reset.log
(I use two spaces in the code box so you will be sure to see where 1 space goes.)

Reboot and test. If it still doesn't work:


1. Click "Start," click "Control Panel," click "Network and Internet Connections," and then click "Network Connections."
2. Right-click the network connection that you want to configure (the one you use to connect to the Internet), and then click Properties.
3. On the General tab (for a local area connection), or the Networking tab (for all other connections), click "Internet Protocol (TCP/IP)", and then click "Properties."

4. Click "Use the following DNS server addresses," and then type 8.8.8.8 in the Preferred DNS server and 4.2.2.1 in the Alternate DNS server boxes.

5. Click "OK"

Reboot and test. If it still doesn't work:

(Start) Right click on My Computer, select Manage then Device Manager. Find the Network Adapters and click on the + in front to open up the sub entries. Right click on each sun-entry under Network Adapters and Uninstall. (Doesn't hurt to write down the names in case you need to download the drivers from the PC Maker's website. Normally you don't but with malware you never know.) Reboot and test. If it still doesn't work:

Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box: 

proxycfg  -d
ipconfig  /all
ipconfig  /release
ipconfig  /renew
ipconfig  /all
ping 127.0.0.1
ping  8.8.8.8
nslookup  att.com

Report any errors you get and the IP addresses of the last ipconfig /all

Ron
  • 0

#3
jp17315
Posted 19 October 2011 - 04:53 AM

jp17315

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 127 posts
I will do all this when I get home from work.

Do you know what this is: Ad.pewtarex.com ??

Yes this is legit.
  • 0

#4
jp17315
Posted 19 October 2011 - 09:38 PM

jp17315

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 127 posts
Ok...I did everything except my internet access problem.

Here is the combofix log:

ComboFix 11-10-19.06 - Owner 10/19/2011 20:05:58.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.186 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-09-20 to 2011-10-20 )))))))))))))))))))))))))))))))
.
.
2011-10-18 22:50 . 2011-10-18 22:50 -------- d-----w- c:\windows\system32\wbem\Repository
2011-10-07 18:14 . 2011-10-07 18:43 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2011-10-07 16:47 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-07 16:47 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-07 16:47 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-07 16:47 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-07 16:47 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-07 16:47 . 2011-09-06 20:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-10-07 16:47 . 2011-09-06 20:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-10-07 16:47 . 2011-09-06 20:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-07 16:47 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-07 16:47 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-07 16:46 . 2011-10-07 16:46 -------- d-----w- c:\program files\AVAST Software
2011-10-07 16:46 . 2011-10-07 16:46 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-10-06 17:02 . 2011-10-07 15:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware-A
2011-10-05 20:44 . 2011-10-05 20:44 -------- d-----w- c:\program files\Trend Micro
2011-10-04 20:52 . 2011-10-04 20:52 -------- d-s---w- c:\documents and settings\LocalService\UserData
2011-10-04 20:37 . 2011-10-04 20:37 -------- d-s---w- c:\documents and settings\NetworkService\UserData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-01 15:30 . 2009-11-09 21:56 398760 ----a-r- c:\windows\system32\cpnprt2.cid
2011-09-26 13:26 . 2011-08-27 14:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-31 22:00 . 2002-01-01 05:25 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-03 13:16 . 2011-10-03 13:16 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-06_16.41.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-20 00:52 . 2011-10-20 00:52 16384 c:\windows\temp\Perflib_Perfdata_7c8.dat
+ 2011-10-18 22:48 . 2011-10-18 22:50 98792 c:\windows\system32\Restore\rstrlog.dat
+ 2011-10-07 16:55 . 2011-10-07 16:55 196608 c:\windows\ERDNT\AutoBackup\10-7-2011\Users\00000002\UsrClass.dat
+ 2011-10-07 16:55 . 2005-10-20 17:02 163328 c:\windows\ERDNT\AutoBackup\10-7-2011\ERDNT.EXE
+ 2011-10-20 00:11 . 2011-10-20 00:11 196608 c:\windows\ERDNT\AutoBackup\10-19-2011\Users\00000002\UsrClass.dat
+ 2011-10-20 00:11 . 2005-10-20 17:02 163328 c:\windows\ERDNT\AutoBackup\10-19-2011\ERDNT.EXE
+ 2011-10-18 22:53 . 2011-10-18 22:53 196608 c:\windows\ERDNT\AutoBackup\10-18-2011\Users\00000002\UsrClass.dat
+ 2011-10-18 22:53 . 2005-10-20 17:02 163328 c:\windows\ERDNT\AutoBackup\10-18-2011\ERDNT.EXE
+ 2011-10-11 14:07 . 2011-10-11 14:07 196608 c:\windows\ERDNT\AutoBackup\10-11-2011\Users\00000002\UsrClass.dat
+ 2011-10-07 16:55 . 2011-10-07 16:55 4567040 c:\windows\ERDNT\AutoBackup\10-7-2011\Users\00000001\NTUSER.DAT
+ 2011-10-20 00:10 . 2011-10-20 00:10 4567040 c:\windows\ERDNT\AutoBackup\10-19-2011\Users\00000001\ntuser.dat
+ 2011-10-18 22:53 . 2011-10-18 22:53 4567040 c:\windows\ERDNT\AutoBackup\10-18-2011\Users\00000001\ntuser.dat
+ 2011-10-11 14:07 . 2011-10-11 14:07 4567040 c:\windows\ERDNT\AutoBackup\10-11-2011\Users\00000001\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2002-07-16 106549]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-07-05 212992]
"WCOLOREAL"="c:\program files\COMPAQ\Coloreal\coloreal.exe" [2002-02-21 143360]
"CPQEASYACC"="c:\program files\COMPAQ\Easy Access Button Support\StartEAK.exe" [2001-12-15 32768]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]
"hpbdfawep"="c:\program files\HP\Dfawep\bin\hpbdfawep.exe" [2007-04-25 954368]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 53760]
.
c:\documents and settings\Owner\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-17 01:35 87352 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL Companion.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AOL Companion.lnk
backup=c:\windows\pss\AOL Companion.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-07 03:46 57344 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2006-09-26 00:52 50736 ----a-w- c:\program files\Common Files\AOL\1187716252\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2002-05-24 17:46 188416 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon04]
2002-06-21 00:06 339968 ----a-w- c:\windows\system32\hphmon04.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-06-21 21:48 155648 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2004-01-14 21:53 77824 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\srmclean]
2001-07-25 04:34 36864 ----a-w- c:\cpqs\scom\srmclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
2002-05-09 15:01 155648 ----a-w- c:\program files\VERITAS Software\Update Manager\sgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-03-09 10:19 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2002-08-02 05:10 146432 ----a-w- c:\program files\Common Files\Real\Update_OB\evntsvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 20:45 313472 ----a-w- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Compaq_RBA"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1006MC.EXE"=
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-27 136176]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-27 136176]
R3 msCMTSrvc;Content Monitoring Tool;c:\windows\system32\msCMTSrvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 PackethSvc;Virtual NIC Service;c:\windows\System32\PackethSvc.exe [2001-08-10 64512]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-27 14:21]
.
2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-27 14:21]
.
2011-10-20 c:\windows\Tasks\HP WEP.job
- c:\program files\HP\Dfawep\bin\hpbdfawep.exe [2007-04-25 19:28]
.
2002-11-13 c:\windows\Tasks\Registration reminder 1.job
- c:\windows\System32\OOBE\oobebaln.exe [2002-11-13 12:00]
.
2002-11-13 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\System32\OOBE\oobebaln.exe [2002-11-13 12:00]
.
2002-11-13 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\System32\OOBE\oobebaln.exe [2002-11-13 12:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com/
mSearch Bar = hxxp://rd.yahoo.com/customize/yessentials_cq/defaults/sb/*http://www.yahoo.com/search/ie.html
uSearchURL,(Default) = hxxp://search.yahoo.com/search?p=%s
IE: RemindU. - file://c:\program files\Upromise_Remind_U\UpromisesRemindU\UpromisetRemindU\uproC0.htm
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-WwUeOtySDo4Q8234A - c:\windows\system32\XllOONtxP0u3Gaj.exe
MSConfigStartUp-ifffEL8gTI2bFaQ8234A - c:\windows\system32\XllOONtxP0u3Gaj.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-19 20:19
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(576)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(3788)
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2011-10-19 20:27:16
ComboFix-quarantined-files.txt 2011-10-20 01:27
ComboFix2.txt 2011-10-07 15:31
ComboFix3.txt 2011-10-06 16:49
.
Pre-Run: 45,262,065,664 bytes free
Post-Run: 45,276,614,656 bytes free
.
- - End Of File - - BF21D35390F49C2BF0688E2C153FB73B

TDSSKiller log:

21:04:34.0718 1720 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24
21:04:34.0765 1720 ============================================================
21:04:34.0765 1720 Current date / time: 2011/10/19 21:04:34.0765
21:04:34.0765 1720 SystemInfo:
21:04:34.0765 1720
21:04:34.0765 1720 OS Version: 5.1.2600 ServicePack: 2.0
21:04:34.0765 1720 Product type: Workstation
21:04:34.0765 1720 ComputerName: YOUR-PA86Z1I3G7
21:04:34.0765 1720 UserName: Owner
21:04:34.0765 1720 Windows directory: C:\WINDOWS
21:04:34.0765 1720 System windows directory: C:\WINDOWS
21:04:34.0765 1720 Processor architecture: Intel x86
21:04:34.0765 1720 Number of processors: 1
21:04:34.0765 1720 Page size: 0x1000
21:04:34.0765 1720 Boot type: Normal boot
21:04:34.0765 1720 ============================================================
21:04:36.0203 1720 Initialize success
21:05:09.0328 3664 ============================================================
21:05:09.0328 3664 Scan started
21:05:09.0328 3664 Mode: Manual;
21:05:09.0328 3664 ============================================================
21:05:09.0593 3664 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
21:05:09.0593 3664 Aavmker4 - ok
21:05:09.0718 3664 Abiosdsk - ok
21:05:09.0828 3664 abp480n5 - ok
21:05:09.0953 3664 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:05:09.0968 3664 ACPI - ok
21:05:10.0109 3664 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:05:10.0109 3664 ACPIEC - ok
21:05:10.0218 3664 adpu160m - ok
21:05:10.0375 3664 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
21:05:10.0375 3664 aec - ok
21:05:10.0531 3664 AFD (b126c2342cd1c72a74c0f7435cfaea5d) C:\WINDOWS\System32\drivers\afd.sys
21:05:10.0531 3664 AFD - ok
21:05:10.0656 3664 Aha154x - ok
21:05:10.0765 3664 aic78u2 - ok
21:05:10.0875 3664 aic78xx - ok
21:05:11.0062 3664 ALCXWDM (627909fdc8ed535e903fbb2f889dbc16) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
21:05:11.0093 3664 ALCXWDM - ok
21:05:11.0218 3664 AliIde - ok
21:05:11.0328 3664 amsint - ok
21:05:11.0453 3664 asc - ok
21:05:11.0562 3664 asc3350p - ok
21:05:11.0671 3664 asc3550 - ok
21:05:11.0859 3664 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:05:11.0859 3664 aswFsBlk - ok
21:05:12.0031 3664 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
21:05:12.0031 3664 aswMon2 - ok
21:05:12.0171 3664 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
21:05:12.0171 3664 aswRdr - ok
21:05:12.0343 3664 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
21:05:12.0375 3664 aswSnx - ok
21:05:12.0531 3664 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
21:05:12.0562 3664 aswSP - ok
21:05:12.0718 3664 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
21:05:12.0718 3664 aswTdi - ok
21:05:12.0859 3664 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:05:12.0859 3664 AsyncMac - ok
21:05:13.0000 3664 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:05:13.0015 3664 atapi - ok
21:05:13.0125 3664 Atdisk - ok
21:05:13.0250 3664 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:05:13.0250 3664 Atmarpc - ok
21:05:13.0406 3664 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:05:13.0406 3664 audstub - ok
21:05:13.0562 3664 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:05:13.0562 3664 Beep - ok
21:05:13.0687 3664 catchme - ok
21:05:13.0859 3664 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:05:13.0859 3664 cbidf2k - ok
21:05:13.0968 3664 cd20xrnt - ok
21:05:14.0140 3664 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:05:14.0140 3664 Cdaudio - ok
21:05:14.0281 3664 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
21:05:14.0281 3664 Cdfs - ok
21:05:14.0421 3664 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:05:14.0437 3664 Cdrom - ok
21:05:14.0546 3664 Changer - ok
21:05:14.0687 3664 CmdIde - ok
21:05:14.0828 3664 Cpqarray - ok
21:05:14.0968 3664 dac2w2k - ok
21:05:15.0093 3664 dac960nt - ok
21:05:15.0265 3664 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
21:05:15.0265 3664 Disk - ok
21:05:15.0453 3664 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
21:05:15.0500 3664 dmboot - ok
21:05:15.0640 3664 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\DRIVERS\dmio.sys
21:05:15.0640 3664 dmio - ok
21:05:15.0781 3664 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:05:15.0781 3664 dmload - ok
21:05:15.0937 3664 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
21:05:15.0937 3664 DMusic - ok
21:05:16.0109 3664 Dot4 HPH11 (02e5d9216994b7c77bbfe01adcb783a4) C:\WINDOWS\system32\DRIVERS\hphid411.sys
21:05:16.0109 3664 Dot4 HPH11 - ok
21:05:16.0250 3664 Dot4Print HPH11 (0fcc3ed5a97260eec98ceae8167e940a) C:\WINDOWS\system32\DRIVERS\hphipr11.sys
21:05:16.0250 3664 Dot4Print HPH11 - ok
21:05:16.0375 3664 Dot4Usb HPH11 (08b9bf9c88867d3b70473657ae4307b3) C:\WINDOWS\system32\drivers\hphius11.sys
21:05:16.0375 3664 Dot4Usb HPH11 - ok
21:05:16.0468 3664 dpti2o - ok
21:05:16.0625 3664 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
21:05:16.0625 3664 drmkaud - ok
21:05:16.0765 3664 drvmcdb (a605a3d1a946d7b9b8e011a056445136) C:\WINDOWS\system32\drivers\drvmcdb.sys
21:05:16.0765 3664 drvmcdb - ok
21:05:16.0921 3664 drvnddm (394d65a0da6bd18eaca54ae4fef28054) C:\WINDOWS\system32\drivers\drvnddm.sys
21:05:16.0921 3664 drvnddm - ok
21:05:17.0109 3664 eaps2kbd (53ce0799c9384cac99942ff032285f21) C:\WINDOWS\system32\DRIVERS\eaps2kbd.sys
21:05:17.0109 3664 eaps2kbd - ok
21:05:17.0250 3664 EAWDMFD (e54e3a335b3a03ad0252e50bb92a633c) C:\WINDOWS\system32\DRIVERS\eawdmfd.sys
21:05:17.0265 3664 EAWDMFD - ok
21:05:17.0437 3664 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
21:05:17.0437 3664 Fastfat - ok
21:05:17.0609 3664 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:05:17.0609 3664 Fdc - ok
21:05:17.0750 3664 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
21:05:17.0750 3664 Fips - ok
21:05:17.0906 3664 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:05:17.0906 3664 Flpydisk - ok
21:05:18.0093 3664 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:05:18.0109 3664 FltMgr - ok
21:05:18.0250 3664 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:05:18.0250 3664 Fs_Rec - ok
21:05:18.0406 3664 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:05:18.0406 3664 Ftdisk - ok
21:05:18.0546 3664 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:05:18.0546 3664 Gpc - ok
21:05:18.0734 3664 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:05:18.0734 3664 HidUsb - ok
21:05:18.0875 3664 hpn - ok
21:05:18.0984 3664 hpt3xx - ok
21:05:19.0140 3664 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
21:05:19.0171 3664 HTTP - ok
21:05:19.0296 3664 i2omgmt - ok
21:05:19.0406 3664 i2omp - ok
21:05:19.0546 3664 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:05:19.0546 3664 i8042prt - ok
21:05:19.0687 3664 i81x (007dbb8f9c35df8f8a20b8e7c1204b8b) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
21:05:19.0703 3664 i81x - ok
21:05:19.0843 3664 iAimFP0 (19f03895ce0b9e7fb514e67bb17edcb5) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
21:05:19.0843 3664 iAimFP0 - ok
21:05:20.0000 3664 iAimFP1 (479278c265b596c4fc1a2e0f51e70736) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
21:05:20.0000 3664 iAimFP1 - ok
21:05:20.0156 3664 iAimFP2 (66317ecbed58d15541cad4ed60888430) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
21:05:20.0171 3664 iAimFP2 - ok
21:05:20.0312 3664 iAimFP3 (5807920dcd9fe760ffd733a1297d164a) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
21:05:20.0328 3664 iAimFP3 - ok
21:05:20.0468 3664 iAimFP4 (afb6725ddf3f417495ab99198979ffb1) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
21:05:20.0484 3664 iAimFP4 - ok
21:05:20.0625 3664 iAimTV0 (3de116fe9fc7f15b0a5e0e611b344236) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
21:05:20.0625 3664 iAimTV0 - ok
21:05:20.0781 3664 iAimTV1 (275b8ec3a1aa555e3f1586eaf1302ac5) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
21:05:20.0781 3664 iAimTV1 - ok
21:05:20.0906 3664 iAimTV2 - ok
21:05:21.0062 3664 iAimTV3 (31d5981e35d0f158cd1031e0ee74c6fe) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
21:05:21.0062 3664 iAimTV3 - ok
21:05:21.0218 3664 iAimTV4 (78b4456a11582a927e9b1eca87d1e4f6) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
21:05:21.0218 3664 iAimTV4 - ok
21:05:21.0406 3664 ialm (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:05:21.0453 3664 ialm - ok
21:05:21.0593 3664 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:05:21.0593 3664 Imapi - ok
21:05:21.0718 3664 ini910u - ok
21:05:21.0875 3664 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:05:21.0875 3664 IntelIde - ok
21:05:22.0031 3664 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:05:22.0031 3664 intelppm - ok
21:05:22.0171 3664 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:05:22.0171 3664 Ip6Fw - ok
21:05:22.0312 3664 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:05:22.0312 3664 IpFilterDriver - ok
21:05:22.0453 3664 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:05:22.0453 3664 IpInIp - ok
21:05:22.0593 3664 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:05:22.0609 3664 IpNat - ok
21:05:22.0750 3664 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:05:22.0765 3664 IPSec - ok
21:05:22.0906 3664 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:05:22.0906 3664 IRENUM - ok
21:05:23.0062 3664 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:05:23.0078 3664 isapnp - ok
21:05:23.0234 3664 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:05:23.0234 3664 Kbdclass - ok
21:05:23.0375 3664 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:05:23.0375 3664 kbdhid - ok
21:05:23.0515 3664 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
21:05:23.0531 3664 kmixer - ok
21:05:23.0671 3664 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
21:05:23.0671 3664 KSecDD - ok
21:05:23.0812 3664 lbrtfdc - ok
21:05:23.0875 3664 LMIInfo - ok
21:05:24.0046 3664 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
21:05:24.0046 3664 lmimirr - ok
21:05:24.0156 3664 LMIRfsClientNP - ok
21:05:24.0312 3664 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
21:05:24.0312 3664 LMIRfsDriver - ok
21:05:24.0468 3664 ltmodem5 (fa2ed4a054360f3f873c15420f1f19cc) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
21:05:24.0515 3664 ltmodem5 - ok
21:05:24.0656 3664 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
21:05:24.0671 3664 MBAMProtector - ok
21:05:24.0828 3664 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:05:24.0828 3664 mnmdd - ok
21:05:25.0000 3664 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
21:05:25.0015 3664 Modem - ok
21:05:25.0140 3664 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:05:25.0156 3664 Mouclass - ok
21:05:25.0296 3664 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:05:25.0296 3664 mouhid - ok
21:05:25.0437 3664 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
21:05:25.0437 3664 MountMgr - ok
21:05:25.0562 3664 mraid35x - ok
21:05:25.0703 3664 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:05:25.0703 3664 MRxDAV - ok
21:05:25.0875 3664 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:05:25.0890 3664 MRxSmb - ok
21:05:26.0078 3664 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
21:05:26.0093 3664 Msfs - ok
21:05:26.0234 3664 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:05:26.0234 3664 MSKSSRV - ok
21:05:26.0375 3664 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:05:26.0375 3664 MSPCLOCK - ok
21:05:26.0515 3664 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
21:05:26.0515 3664 MSPQM - ok
21:05:26.0656 3664 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:05:26.0671 3664 mssmbios - ok
21:05:26.0812 3664 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
21:05:26.0812 3664 Mup - ok
21:05:26.0953 3664 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
21:05:26.0968 3664 NDIS - ok
21:05:27.0125 3664 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:05:27.0140 3664 NdisTapi - ok
21:05:27.0281 3664 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:05:27.0296 3664 Ndisuio - ok
21:05:27.0437 3664 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:05:27.0437 3664 NdisWan - ok
21:05:27.0578 3664 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
21:05:27.0593 3664 NDProxy - ok
21:05:27.0734 3664 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:05:27.0734 3664 NetBIOS - ok
21:05:27.0875 3664 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:05:27.0890 3664 NetBT - ok
21:05:28.0109 3664 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
21:05:28.0109 3664 Npfs - ok
21:05:28.0296 3664 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
21:05:28.0328 3664 Ntfs - ok
21:05:28.0484 3664 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:05:28.0484 3664 Null - ok
21:05:28.0640 3664 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:05:28.0640 3664 NwlnkFlt - ok
21:05:28.0765 3664 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:05:28.0781 3664 NwlnkFwd - ok
21:05:28.0968 3664 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
21:05:28.0968 3664 Parport - ok
21:05:29.0140 3664 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
21:05:29.0140 3664 PartMgr - ok
21:05:29.0281 3664 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:05:29.0281 3664 ParVdm - ok
21:05:29.0406 3664 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
21:05:29.0421 3664 PCI - ok
21:05:29.0531 3664 PCIDump - ok
21:05:29.0671 3664 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:05:29.0671 3664 PCIIde - ok
21:05:29.0812 3664 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:05:29.0828 3664 Pcmcia - ok
21:05:29.0937 3664 PDCOMP - ok
21:05:30.0109 3664 PDFRAME - ok
21:05:30.0218 3664 PDRELI - ok
21:05:30.0328 3664 PDRFRAME - ok
21:05:30.0437 3664 perc2 - ok
21:05:30.0562 3664 perc2hib - ok
21:05:30.0750 3664 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:05:30.0765 3664 PptpMiniport - ok
21:05:30.0906 3664 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
21:05:30.0906 3664 Processor - ok
21:05:31.0125 3664 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
21:05:31.0125 3664 PSched - ok
21:05:31.0265 3664 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:05:31.0265 3664 Ptilink - ok
21:05:31.0437 3664 PxHelp20 (42d4c34300405d9f377e55f5ddadd720) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
21:05:31.0437 3664 PxHelp20 - ok
21:05:31.0562 3664 ql1080 - ok
21:05:31.0671 3664 Ql10wnt - ok
21:05:31.0781 3664 ql12160 - ok
21:05:31.0906 3664 ql1240 - ok
21:05:32.0015 3664 ql1280 - ok
21:05:32.0156 3664 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:05:32.0156 3664 RasAcd - ok
21:05:32.0296 3664 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:05:32.0312 3664 Rasl2tp - ok
21:05:32.0453 3664 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:05:32.0453 3664 RasPppoe - ok
21:05:32.0609 3664 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:05:32.0609 3664 Raspti - ok
21:05:32.0765 3664 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:05:32.0781 3664 Rdbss - ok
21:05:32.0890 3664 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:05:32.0906 3664 RDPCDD - ok
21:05:33.0093 3664 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:05:33.0093 3664 rdpdr - ok
21:05:33.0250 3664 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
21:05:33.0250 3664 RDPWD - ok
21:05:33.0421 3664 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:05:33.0421 3664 redbook - ok
21:05:33.0609 3664 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
21:05:33.0625 3664 rtl8139 - ok
21:05:33.0781 3664 S3Psddr (6d9e6867f89a3b06cf317fc4c7ee5029) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
21:05:33.0781 3664 S3Psddr - ok
21:05:34.0000 3664 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:05:34.0015 3664 Secdrv - ok
21:05:34.0171 3664 Serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:05:34.0171 3664 Serenum - ok
21:05:34.0312 3664 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
21:05:34.0312 3664 Serial - ok
21:05:34.0453 3664 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:05:34.0453 3664 Sfloppy - ok
21:05:34.0593 3664 Simbad - ok
21:05:34.0703 3664 Sparrow - ok
21:05:34.0875 3664 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
21:05:34.0890 3664 splitter - ok
21:05:35.0062 3664 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
21:05:35.0078 3664 sr - ok
21:05:35.0390 3664 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
21:05:35.0406 3664 Srv - ok
21:05:35.0562 3664 sscdbhk5 (0885506bd787a1ae7041ea1d0e0f7922) C:\WINDOWS\system32\drivers\sscdbhk5.sys
21:05:35.0562 3664 sscdbhk5 - ok
21:05:35.0718 3664 ssrtln (a9e4acee2d7c9736cd753d630e13a386) C:\WINDOWS\system32\drivers\ssrtln.sys
21:05:35.0718 3664 ssrtln - ok
21:05:35.0875 3664 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:05:35.0875 3664 swenum - ok
21:05:36.0046 3664 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
21:05:36.0062 3664 swmidi - ok
21:05:36.0171 3664 symc810 - ok
21:05:36.0296 3664 symc8xx - ok
21:05:36.0406 3664 sym_hi - ok
21:05:36.0515 3664 sym_u3 - ok
21:05:36.0656 3664 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
21:05:36.0656 3664 sysaudio - ok
21:05:36.0828 3664 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:05:36.0859 3664 Tcpip - ok
21:05:37.0000 3664 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:05:37.0015 3664 TDPIPE - ok
21:05:37.0140 3664 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
21:05:37.0156 3664 TDTCP - ok
21:05:37.0281 3664 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:05:37.0296 3664 TermDD - ok
21:05:37.0437 3664 tfsnboio (471b28101ee53b965b836033d8fe7955) C:\WINDOWS\system32\dla\tfsnboio.sys
21:05:37.0437 3664 tfsnboio - ok
21:05:37.0578 3664 tfsncofs (70766ef81e05ea358118468a722fa1f5) C:\WINDOWS\system32\dla\tfsncofs.sys
21:05:37.0578 3664 tfsncofs - ok
21:05:37.0718 3664 tfsndrct (66fd0aac1648bc38cd3cd130a4ea12e0) C:\WINDOWS\system32\dla\tfsndrct.sys
21:05:37.0718 3664 tfsndrct - ok
21:05:37.0890 3664 tfsndres (2b35fcaa75b1c475374d1474a1c2efe1) C:\WINDOWS\system32\dla\tfsndres.sys
21:05:37.0890 3664 tfsndres - ok
21:05:38.0031 3664 tfsnifs (7aaa22c17642d19c64b81caae888b43f) C:\WINDOWS\system32\dla\tfsnifs.sys
21:05:38.0031 3664 tfsnifs - ok
21:05:38.0171 3664 tfsnopio (a56ebc32e332f66488cbf9c5ef4e084a) C:\WINDOWS\system32\dla\tfsnopio.sys
21:05:38.0171 3664 tfsnopio - ok
21:05:38.0328 3664 tfsnpool (53809135b8eb9eb2b29525f125456741) C:\WINDOWS\system32\dla\tfsnpool.sys
21:05:38.0343 3664 tfsnpool - ok
21:05:38.0515 3664 tfsnudf (03e0ce19e5f6a8009ebdc3cc087a6c9c) C:\WINDOWS\system32\dla\tfsnudf.sys
21:05:38.0515 3664 tfsnudf - ok
21:05:38.0671 3664 tfsnudfa (3f8f05be8f1d68a598412927aeb57bd9) C:\WINDOWS\system32\dla\tfsnudfa.sys
21:05:38.0687 3664 tfsnudfa - ok
21:05:38.0812 3664 TosIde - ok
21:05:38.0984 3664 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
21:05:38.0984 3664 Udfs - ok
21:05:39.0125 3664 ultra - ok
21:05:39.0281 3664 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
21:05:39.0296 3664 Update - ok
21:05:39.0453 3664 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:05:39.0453 3664 usbccgp - ok
21:05:39.0609 3664 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:05:39.0609 3664 usbehci - ok
21:05:39.0750 3664 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:05:39.0750 3664 usbhub - ok
21:05:39.0906 3664 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:05:39.0906 3664 usbprint - ok
21:05:40.0078 3664 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:05:40.0078 3664 USBSTOR - ok
21:05:40.0218 3664 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:05:40.0234 3664 usbuhci - ok
21:05:40.0375 3664 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
21:05:40.0375 3664 VgaSave - ok
21:05:40.0500 3664 viaagp1 - ok
21:05:40.0640 3664 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:05:40.0656 3664 ViaIde - ok
21:05:40.0796 3664 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
21:05:40.0796 3664 VolSnap - ok
21:05:40.0984 3664 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:05:40.0984 3664 Wanarp - ok
21:05:41.0140 3664 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
21:05:41.0140 3664 wanatw - ok
21:05:41.0296 3664 wandrv (30211add92098d4b5cfadbf3da01e69b) C:\WINDOWS\system32\DRIVERS\wandrv.sys
21:05:41.0296 3664 wandrv - ok
21:05:41.0421 3664 WDICA - ok
21:05:41.0578 3664 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
21:05:41.0593 3664 wdmaud - ok
21:05:41.0875 3664 {6080A529-897E-4629-A488-ABA0C29B635E} (5b3d453a2f38105bcd0c573b94dea346) C:\WINDOWS\system32\drivers\ialmsbw.sys
21:05:41.0875 3664 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
21:05:42.0046 3664 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (e147bd61a697701096ca5c830a5adb90) C:\WINDOWS\system32\drivers\ialmkchw.sys
21:05:42.0046 3664 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
21:05:42.0062 3664 MBR (0x1B8) (24bf22b59c30b9b11e1af62cfc3c418e) \Device\Harddisk0\DR0
21:05:42.0078 3664 \Device\Harddisk0\DR0 - ok
21:05:42.0078 3664 Boot (0x1200) (8b62197d4c60b39571a37145f0238274) \Device\Harddisk0\DR0\Partition0
21:05:42.0078 3664 \Device\Harddisk0\DR0\Partition0 - ok
21:05:42.0093 3664 ============================================================
21:05:42.0093 3664 Scan finished
21:05:42.0093 3664 ============================================================
21:05:42.0125 1348 Detected object count: 0
21:05:42.0125 1348 Actual detected object count: 0
21:05:51.0828 2888 Deinitialize success
  • 0

#5
jp17315
Posted 19 October 2011 - 09:53 PM

jp17315

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 127 posts
aswMBR log: Fix button was greyed out - not enabled.

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-19 21:06:43
-----------------------------
21:06:43.609 OS Version: Windows 5.1.2600 Service Pack 2
21:06:43.609 Number of processors: 1 586 0x204
21:06:43.609 ComputerName: YOUR-PA86Z1I3G7 UserName: Owner
21:06:44.109 Initialize success
21:06:44.937 AVAST engine defs: 11092801
21:07:32.671 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:07:32.671 Disk 0 Vendor: SAMSUNG_SV6003H QQ100-07 Size: 57277MB BusType: 3
21:07:34.687 Disk 0 MBR read successfully
21:07:34.687 Disk 0 MBR scan
21:07:35.406 Disk 0 unknown MBR code
21:07:35.437 Disk 0 scanning sectors +117285840
21:07:36.390 Disk 0 scanning C:\WINDOWS\system32\drivers
21:07:55.437 Service scanning
21:07:56.531 Modules scanning
21:08:22.953 Scan finished successfully
21:09:01.671 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
21:09:01.671 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"

Sigverif

afd.sys was not on the list. These files were:
lmimirr.dll
lmimirr2.dll
lmimirr.sys

OTL log: FYI - Computer did not reboot after scan.

OTL logfile created on: 10/19/2011 10:08:50 p. m. - Run 4
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.52 Mb Total Physical Memory | 164.75 Mb Available Physical Memory | 32.27% Memory free
1.22 Gb Paging File | 0.97 Gb Available in Paging File | 79.22% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.93 Gb Total Space | 41.75 Gb Free Space | 74.66% Space Free | Partition Type: NTFS

Computer Name: YOUR-PA86Z1I3G7 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/06 10:33:01 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/09/06 15:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/31 16:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2007/09/10 15:12:44 | 000,069,632 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/12 12:50:40 | 001,376,360 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe
PRC - [2002/06/17 20:14:38 | 000,090,112 | ---- | M] (Compaq) -- C:\Compaq\EAKDRV\EAUSBKBD.exe
PRC - [2002/05/10 12:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/04/14 06:29:58 | 000,438,272 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\CPQEADM.exe
PRC - [2001/12/15 00:01:24 | 000,032,768 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\STARTEAK.exe
PRC - [2001/08/10 01:46:44 | 000,064,512 | -H-- | M] (America Online, Inc.) -- C:\WINDOWS\system32\PackethSvc.exe
PRC - [2001/03/23 21:34:10 | 000,122,880 | ---- | M] (Compaq Computer Corporation) -- C:\Program Files\compaq\Easy Access Button Support\BttnServ.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/28 13:43:22 | 001,579,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11092801\algo.dll
MOD - [2011/09/27 16:41:34 | 000,212,640 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11092801\aswRep.dll
MOD - [1998/12/21 03:35:36 | 000,024,576 | ---- | M] () -- C:\Program Files\compaq\Easy Access Button Support\BttnSeps.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (msCMTSrvc)
SRV - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2003/08/12 12:50:40 | 001,376,360 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2002/05/24 12:46:14 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)
SRV - [2002/05/17 02:30:12 | 000,262,144 | ---- | M] (NeoPlanet) [Disabled | Stopped] -- C:\Program Files\compaq\Compaq Advisor\bin\compaq-rba.exe -- (Compaq_RBA)
SRV - [2002/05/10 12:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2001/08/10 01:46:44 | 000,064,512 | -H-- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\system32\PackethSvc.exe -- (PackethSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 15:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 15:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/10/16 20:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/07/24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/03/31 13:29:00 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/07/13 06:27:04 | 000,155,008 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2002/06/22 04:29:30 | 000,656,172 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2002/05/24 12:46:14 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)
DRV - [2002/05/24 12:46:14 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)
DRV - [2002/05/24 12:46:14 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)
DRV - [2001/08/10 03:26:02 | 000,022,608 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wandrv.sys -- (wandrv)
DRV - [2001/08/08 15:13:36 | 000,158,140 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2001/08/08 15:13:30 | 000,012,479 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2001/08/08 15:13:30 | 000,012,031 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2001/08/08 15:13:30 | 000,011,679 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2001/08/08 15:13:28 | 000,019,359 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2001/08/08 15:13:28 | 000,011,999 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2001/08/08 15:13:26 | 000,033,503 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2001/08/08 15:13:24 | 000,029,215 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2001/08/08 15:13:24 | 000,023,519 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2001/08/08 15:13:24 | 000,019,199 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [1999/10/30 00:35:08 | 000,024,348 | ---- | M] (Compaq Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EAWDMFD.SYS -- (EAWDMFD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://rd.yahoo.com/.../search/ie.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.aol.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/03 08:16:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/01 10:29:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Owner\Application Data\Move Networks [2009/09/24 08:05:47 | 000,000,000 | ---D | M]

[2008/12/17 09:48:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/09/27 08:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\extensions
[2011/09/27 08:08:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\a7r646om.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/26 08:22:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/02/10 07:15:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/10/03 08:16:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/10/03 08:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java™ Platform SE 6 U13 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/10/07 10:24:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Reg Error: Value error.) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CPQEASYACC] C:\Program Files\compaq\Easy Access Button Support\STARTEAK.exe (Compaq Computer Corporation)
O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [WCOLOREAL] C:\Program Files\COMPAQ\Coloreal\coloreal.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: RemindU. - C:\Program Files\Upromise_Remind_U\UpromisesRemindU\UpromisetRemindU\uproC0.htm ()
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.micr...D0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Ad.pewtarex.com
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/08/01 21:46:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/19 22:04:41 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/10/19 22:04:36 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/10/19 22:04:21 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2011/10/19 22:03:31 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/10/19 22:03:23 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/10/19 22:03:18 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2011/10/19 22:03:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2011/10/19 22:02:48 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2011/10/19 22:02:46 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/10/19 22:02:41 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/10/19 22:02:05 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/10/19 22:01:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2011/10/19 22:01:53 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2011/10/19 22:01:42 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2011/10/19 22:01:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2011/10/19 22:01:37 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/10/19 22:01:25 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv11nt.sys
[2011/10/19 22:01:24 | 000,013,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys
[2011/10/19 22:01:18 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/10/19 22:01:14 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/10/19 22:01:09 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/10/19 22:00:55 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/10/19 22:00:49 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/10/19 22:00:38 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/10/19 22:00:33 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/10/19 22:00:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2011/10/19 22:00:27 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2011/10/19 22:00:25 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2011/10/19 22:00:18 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2011/10/19 22:00:13 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/10/19 22:00:09 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2011/10/19 22:00:04 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2011/10/19 21:59:59 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2011/10/19 21:59:54 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/10/19 21:59:50 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/10/19 21:59:45 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/10/19 21:59:43 | 000,078,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2011/10/19 21:59:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2011/10/19 21:59:41 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2011/10/19 21:59:40 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2011/10/19 21:59:38 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2011/10/19 21:59:37 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2011/10/19 21:59:36 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/10/19 21:59:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2011/10/19 21:59:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2011/10/19 21:59:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2011/10/19 21:59:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2011/10/19 21:59:08 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/10/19 21:59:04 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2011/10/19 21:58:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2011/10/19 21:58:55 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2011/10/19 21:58:50 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/10/19 21:58:45 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/10/19 21:58:41 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2011/10/19 21:58:31 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2011/10/19 21:58:14 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/10/19 21:58:09 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/10/19 21:58:05 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/10/19 21:58:00 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/10/19 21:57:55 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/10/19 21:57:51 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/10/19 21:57:46 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2011/10/19 21:57:41 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2011/10/19 21:57:40 | 000,082,432 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2011/10/19 21:57:36 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2011/10/19 21:57:30 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2011/10/19 21:57:25 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2011/10/19 21:57:21 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2011/10/19 21:57:16 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2011/10/19 21:57:03 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/10/19 21:56:51 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/10/19 21:56:47 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/10/19 21:56:45 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/10/19 21:56:36 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/10/19 21:56:32 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/10/19 21:56:22 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2011/10/19 21:56:15 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2011/10/19 21:56:11 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/10/19 21:56:07 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/10/19 21:56:00 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2011/10/19 21:55:56 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2011/10/19 21:55:52 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2011/10/19 21:55:48 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2011/10/19 21:55:43 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2011/10/19 21:55:39 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2011/10/19 21:55:35 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2011/10/19 21:55:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2011/10/19 21:55:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2011/10/19 21:55:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2011/10/19 21:55:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2011/10/19 21:55:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2011/10/19 21:55:07 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/10/19 21:55:02 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/10/19 21:54:58 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/10/19 21:54:53 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/10/19 21:54:38 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/10/19 21:54:34 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2011/10/19 21:54:22 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2011/10/19 21:54:16 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2011/10/19 21:54:12 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2011/10/19 21:54:08 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2011/10/19 21:54:04 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2011/10/19 21:53:59 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2011/10/19 21:53:55 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2011/10/19 21:53:51 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2011/10/19 21:53:47 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2011/10/19 21:53:47 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2011/10/19 21:53:36 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2011/10/19 21:52:58 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/10/19 21:52:47 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/10/19 21:52:39 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/10/19 21:52:35 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/10/19 21:52:31 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/10/19 21:52:27 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2011/10/19 21:52:26 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2011/10/19 21:52:25 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2011/10/19 21:52:25 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbali.sys
[2011/10/19 21:52:15 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2011/10/19 21:52:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2011/10/19 21:52:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2011/10/19 21:51:51 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2011/10/19 21:51:34 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slwdmsup.sys
[2011/10/19 21:51:33 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slserv.exe
[2011/10/19 21:51:33 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slrundll.exe
[2011/10/19 21:51:32 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnthal.sys
[2011/10/19 21:51:31 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slntamr.sys
[2011/10/19 21:51:31 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnt7554.sys
[2011/10/19 21:51:30 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2011/10/19 21:51:29 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slextspk.dll
[2011/10/19 21:51:29 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slgen.dll
[2011/10/19 21:51:28 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slcoinst.dll
[2011/10/19 21:51:27 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/10/19 21:51:23 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/10/19 21:51:19 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/10/19 21:51:15 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2011/10/19 21:51:11 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2011/10/19 21:51:10 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/10/19 21:51:05 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2011/10/19 21:51:01 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2011/10/19 21:50:57 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2011/10/19 21:50:52 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2011/10/19 21:50:48 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2011/10/19 21:50:44 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2011/10/19 21:50:27 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/10/19 21:50:23 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/10/19 21:50:19 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/10/19 21:50:15 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/10/19 21:50:11 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2011/10/19 21:50:04 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2011/10/19 21:50:00 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2011/10/19 21:49:51 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2011/10/19 21:49:47 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2011/10/19 21:49:43 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2011/10/19 21:49:34 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/10/19 21:49:30 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2011/10/19 21:49:25 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/10/19 21:49:21 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/10/19 21:49:20 | 000,043,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2011/10/19 21:49:16 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2011/10/19 21:49:10 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2011/10/19 21:49:06 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2011/10/19 21:49:02 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/10/19 21:48:58 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/10/19 21:48:54 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/10/19 21:48:50 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/10/19 21:48:46 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/10/19 21:48:42 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/10/19 21:48:38 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/10/19 21:48:34 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/10/19 21:48:30 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/10/19 21:48:26 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2011/10/19 21:48:20 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/10/19 21:48:16 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/10/19 21:48:08 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/10/19 21:48:04 | 000,024,576 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/10/19 21:47:55 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2011/10/19 21:47:51 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2011/10/19 21:47:45 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/10/19 21:47:41 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2011/10/19 21:47:32 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/10/19 21:47:31 | 000,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismpx.sys
[2011/10/19 21:47:27 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/10/19 21:47:24 | 000,059,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2011/10/19 21:47:20 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/10/19 21:47:11 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\recagent.sys
[2011/10/19 21:47:03 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2011/10/19 21:46:55 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/10/19 21:46:51 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/10/19 21:46:46 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2011/10/19 21:46:43 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2011/10/19 21:46:31 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2011/10/19 21:46:27 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2011/10/19 21:46:23 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2011/10/19 21:46:19 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2011/10/19 21:46:15 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2011/10/19 21:46:14 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2011/10/19 21:46:06 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/10/19 21:46:03 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/10/19 21:45:59 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/10/19 21:45:57 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2011/10/19 21:45:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2011/10/19 21:45:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2011/10/19 21:45:44 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/10/19 21:45:37 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2011/10/19 21:45:34 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2011/10/19 21:45:30 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2011/10/19 21:45:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2011/10/19 21:45:02 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2011/10/19 21:44:50 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2011/10/19 21:44:46 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2011/10/19 21:44:42 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2011/10/19 21:44:38 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2011/10/19 21:44:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2011/10/19 21:44:31 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2011/10/19 21:44:26 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2011/10/19 21:44:25 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2011/10/19 21:44:24 | 000,211,712 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2011/10/19 21:44:24 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2011/10/19 21:44:19 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2011/10/19 21:44:15 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2011/10/19 21:44:14 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2011/10/19 21:44:10 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/10/19 21:44:06 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2011/10/19 21:44:03 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2011/10/19 21:43:59 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2011/10/19 21:43:55 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/10/19 21:43:54 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/10/19 21:43:50 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/10/19 21:43:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2011/10/19 21:43:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2011/10/19 21:43:25 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2011/10/19 21:43:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2011/10/19 21:43:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2011/10/19 21:43:14 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2011/10/19 21:43:10 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2011/10/19 21:43:06 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2011/10/19 21:43:02 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2011/10/19 21:42:58 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2011/10/19 21:42:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2011/10/19 21:42:51 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/10/19 21:42:46 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/10/19 21:42:43 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/10/19 21:42:37 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/10/19 21:42:34 | 000,061,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2011/10/19 21:42:29 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2011/10/19 21:42:28 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2011/10/19 21:42:25 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2011/10/19 21:42:21 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2011/10/19 21:42:19 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\ntmtlfax.sys
[2011/10/19 21:42:15 | 002,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/10/19 21:42:11 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/10/19 21:41:55 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2011/10/19 21:41:51 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2011/10/19 21:41:44 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2011/10/19 21:41:38 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/10/19 21:41:34 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/10/19 21:41:28 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2011/10/19 21:41:20 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/10/19 21:41:12 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2011/10/19 21:41:07 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/10/19 21:41:03 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/10/19 21:40:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2011/10/19 21:40:58 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2011/10/19 21:40:56 | 000,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011/10/19 21:40:52 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/10/19 21:40:49 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/10/19 21:40:45 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/10/19 21:40:41 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/10/19 21:40:38 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/10/19 21:40:34 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/10/19 21:40:30 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2011/10/19 21:40:27 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2011/10/19 21:40:23 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/10/19 21:40:19 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/10/19 21:40:16 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/10/19 21:40:12 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/10/19 21:40:08 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/10/19 21:40:07 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mutohpen.sys
[2011/10/19 21:39:59 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2011/10/19 21:39:58 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhd.dll
[2011/10/19 21:39:58 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhm.sys
[2011/10/19 21:39:52 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlstrm.sys
[2011/10/19 21:39:51 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlmnt5.sys
[2011/10/19 21:39:43 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2011/10/19 21:39:41 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2011/10/19 21:39:35 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2011/10/19 21:39:25 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2011/10/19 21:39:24 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2011/10/19 21:39:02 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2011/10/19 21:38:58 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2011/10/19 21:38:55 | 000,051,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2011/10/19 21:38:45 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2011/10/19 21:38:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011/10/19 21:38:30 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2011/10/19 21:38:23 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2011/10/19 21:38:13 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2011/10/19 21:38:09 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2011/10/19 21:38:04 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2011/10/19 21:38:01 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2011/10/19 21:37:57 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2011/10/19 21:37:49 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/10/19 21:37:40 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2011/10/19 21:37:33 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2011/10/19 21:37:29 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2011/10/19 21:37:25 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2011/10/19 21:37:21 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2011/10/19 21:37:20 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2011/10/19 21:37:12 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/10/19 21:37:08 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/10/19 21:37:07 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2011/10/19 21:37:06 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/10/19 21:37:03 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/10/19 21:36:59 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/10/19 21:36:52 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2011/10/19 21:36:42 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/10/19 21:36:39 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/10/19 21:36:34 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/10/19 21:36:28 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/10/19 21:36:26 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2011/10/19 21:36:23 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/10/19 21:36:20 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/10/19 21:36:19 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2011/10/19 21:36:18 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011/10/19 21:36:17 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2011/10/19 21:36:12 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2011/10/19 21:36:04 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2011/10/19 21:36:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2011/10/19 21:35:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2011/10/19 21:35:20 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2011/10/19 21:34:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2011/10/19 21:34:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2011/10/19 21:34:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2011/10/19 21:34:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2011/10/19 21:33:56 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2011/10/19 21:33:53 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2011/10/19 21:33:51 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2011/10/19 21:33:48 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2011/10/19 21:33:48 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/10/19 21:33:47 | 000,087,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2011/10/19 21:33:46 | 000,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2011/10/19 21:33:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2011/10/19 21:33:36 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2011/10/19 21:33:33 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2011/10/19 21:33:29 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2011/10/19 21:33:26 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2011/10/19 21:33:22 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2011/10/19 21:31:57 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/10/19 21:31:53 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2011/10/19 21:31:50 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2011/10/19 21:31:47 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2011/10/19 21:31:44 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2011/10/19 21:31:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2011/10/19 21:31:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2011/10/19 21:31:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2011/10/19 21:31:31 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2011/10/19 21:31:28 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2011/10/19 21:31:24 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2011/10/19 21:31:21 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2011/10/19 21:31:18 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2011/10/19 21:31:15 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2011/10/19 21:31:10 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2011/10/19 21:31:07 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2011/10/19 21:31:06 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2011/10/19 21:31:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2011/10/19 21:30:48 | 001,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfdpsp2.sys
[2011/10/19 21:30:47 | 000,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcxts2.sys
[2011/10/19 21:30:46 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcisp2.dll
[2011/10/19 21:30:45 | 000,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfbs2s2.sys
[2011/10/19 21:30:41 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2011/10/19 21:30:38 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2011/10/19 21:30:35 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2011/10/19 21:30:32 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2011/10/19 21:30:29 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2011/10/19 21:30:26 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2011/10/19 21:30:23 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2011/10/19 21:30:20 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2011/10/19 21:30:16 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2011/10/19 21:30:13 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2011/10/19 21:30:10 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2011/10/19 21:30:07 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2011/10/19 21:30:04 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2011/10/19 21:30:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2011/10/19 21:29:57 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2011/10/19 21:29:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2011/10/19 21:29:51 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2011/10/19 21:29:48 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2011/10/19 21:29:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2011/10/19 21:29:42 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/10/19 21:29:36 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2011/10/19 21:29:30 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/10/19 21:29:25 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2011/10/19 21:29:19 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2011/10/19 21:29:12 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2011/10/19 21:29:05 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2011/10/19 21:29:04 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys
[2011/10/19 21:29:02 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2011/10/19 21:29:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbth.sys
[2011/10/19 21:28:58 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2011/10/19 21:28:53 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2011/10/19 21:28:43 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/10/19 21:28:40 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/10/19 21:28:37 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/10/19 21:28:35 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2011/10/19 21:28:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2011/10/19 21:28:31 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2011/10/19 21:28:28 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2011/10/19 21:28:26 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2011/10/19 21:28:23 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2011/10/19 21:28:20 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/10/19 21:28:13 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2011/10/19 21:28:11 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/10/19 21:28:08 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/10/19 21:27:58 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/10/19 21:27:53 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/10/19 21:27:51 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/10/19 21:27:46 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/10/19 21:27:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2011/10/19 21:27:36 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2011/10/19 21:27:29 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2011/10/19 21:27:23 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/10/19 21:27:20 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2011/10/19 21:27:16 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/10/19 21:27:13 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/10/19 21:27:02 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2011/10/19 21:27:00 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2011/10/19 21:26:48 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2011/10/19 21:26:45 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2011/10/19 21:26:41 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2011/10/19 21:26:36 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2011/10/19 21:26:35 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2011/10/19 21:26:33 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2011/10/19 21:26:29 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2011/10/19 21:26:26 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2011/10/19 21:26:24 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2011/10/19 21:26:22 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2011/10/19 21:26:19 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2011/10/19 21:26:17 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2011/10/19 21:26:15 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2011/10/19 21:26:12 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2011/10/19 21:26:10 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2011/10/19 21:26:07 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2011/10/19 21:26:05 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2011/10/19 21:26:03 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2011/10/19 21:26:00 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2011/10/19 21:25:58 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2011/10/19 21:25:56 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2011/10/19 21:25:54 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2011/10/19 21:25:49 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2011/10/19 21:25:47 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2011/10/19 21:25:46 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2011/10/19 21:25:44 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2011/10/19 21:25:42 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2011/10/19 21:25:41 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2011/10/19 21:25:39 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2011/10/19 21:25:37 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2011/10/19 21:25:36 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2011/10/19 21:25:34 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2011/10/19 21:25:33 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2011/10/19 21:25:31 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2011/10/19 21:25:29 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2011/10/19 21:25:28 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2011/10/19 21:25:26 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2011/10/19 21:25:24 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2011/10/19 21:25:23 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2011/10/19 21:25:21 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2011/10/19 21:25:19 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2011/10/19 21:25:17 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2011/10/19 21:25:09 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011/10/19 21:25:07 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/10/19 21:25:03 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2011/10/19 21:24:59 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/10/19 21:24:58 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2011/10/19 21:24:56 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2011/10/19 21:24:55 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2011/10/19 21:24:54 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2011/10/19 21:24:48 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/10/19 21:24:47 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2011/10/19 21:24:46 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/10/19 21:24:44 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/10/19 21:24:38 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/10/19 21:24:37 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/10/19 21:24:35 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/10/19 21:24:34 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/10/19 21:24:31 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/10/19 21:24:29 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2011/10/19 21:24:28 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2011/10/19 21:24:26 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2011/10/19 21:24:25 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2011/10/19 21:24:24 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2011/10/19 21:24:22 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2011/10/19 21:24:21 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2011/10/19 21:24:19 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2011/10/19 21:24:18 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2011/10/19 21:24:16 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2011/10/19 21:24:15 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2011/10/19 21:24:13 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2011/10/19 21:24:12 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2011/10/19 21:24:08 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2011/10/19 21:24:07 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2011/10/19 21:24:05 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/10/19 21:24:03 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/10/19 21:24:02 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2011/10/19 21:24:00 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2011/10/19 21:23:58 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/10/19 21:23:57 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2011/10/19 21:23:55 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2011/10/19 21:23:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2011/10/19 21:23:52 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2011/10/19 21:23:51 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2011/10/19 21:23:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2011/10/19 21:23:41 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2011/10/19 21:23:40 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2011/10/19 21:23:35 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2011/10/19 21:23:34 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2011/10/19 21:23:33 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2011/10/19 21:23:31 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2011/10/19 21:23:30 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2011/10/19 21:23:29 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2011/10/19 21:23:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2011/10/19 21:23:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2011/10/19 21:23:25 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2011/10/19 21:23:24 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/10/19 21:23:23 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/10/19 21:23:22 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/10/19 21:23:20 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/10/19 21:23:19 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/10/19 21:23:18 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/10/19 21:23:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/10/19 21:23:15 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2011/10/19 21:23:14 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/10/19 21:23:13 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2011/10/19 21:23:12 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2011/10/19 21:23:10 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2011/10/19 21:23:08 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2011/10/19 21:23:06 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2011/10/19 21:23:05 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/10/19 21:23:00 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2011/10/19 21:22:59 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2011/10/19 21:22:58 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2011/10/19 21:22:40 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2011/10/19 21:22:38 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2011/10/19 21:22:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2011/10/19 21:22:34 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2011/10/19 21:22:32 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/10/19 21:22:32 | 000,014,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2011/10/19 21:22:30 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2011/10/19 21:22:29 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2011/10/19 21:22:28 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2011/10/19 21:22:27 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2011/10/19 21:22:26 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2011/10/19 21:22:17 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2011/10/19 21:22:16 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/10/19 21:22:01 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2011/10/19 21:21:50 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/10/19 21:21:49 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/10/19 21:21:48 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/10/19 21:21:47 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/10/19 21:21:47 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/10/19 21:21:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2011/10/19 21:21:43 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/10/19 21:21:43 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2011/10/19 21:21:42 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/10/19 21:21:41 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/10/19 21:21:40 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/10/19 21:21:38 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/10/19 21:21:36 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/10/19 21:21:31 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2011/10/19 21:21:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2011/10/19 21:21:29 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2011/10/19 21:21:28 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2011/10/19 21:21:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2011/10/19 21:21:27 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2011/10/19 21:21:26 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2011/10/19 21:21:25 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2011/10/19 21:21:24 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2011/10/19 21:19:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2011/10/19 21:19:34 | 000,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthprint.sys
[2011/10/19 21:19:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2011/10/19 21:19:32 | 000,274,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/10/19 21:19:32 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys
[2011/10/19 21:19:31 | 000,038,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys
[2011/10/19 21:19:31 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2011/10/19 21:19:30 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/10/19 21:19:29 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/10/19 21:19:28 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/10/19 21:19:28 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/10/19 21:19:27 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/10/19 21:19:26 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/10/19 21:19:25 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/10/19 21:19:24 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/10/19 21:19:21 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/10/19 21:19:20 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/10/19 21:19:20 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/10/19 21:19:19 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2011/10/19 21:19:18 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/10/19 21:19:18 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/10/19 21:19:17 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/10/19 21:19:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/10/19 21:19:15 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/10/19 21:19:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/10/19 21:19:14 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/10/19 21:19:10 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2011/10/19 21:19:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011/10/19 21:19:06 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/10/19 21:19:06 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011/10/19 21:19:05 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2011/10/19 21:19:05 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2011/10/19 21:19:04 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2011/10/19 21:19:02 | 000,014,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2011/10/19 21:19:01 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/10/19 21:19:01 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/10/19 21:19:00 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2011/10/19 21:18:59 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/10/19 21:18:59 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/10/19 21:18:58 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/10/19 21:18:57 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/10/19 21:18:57 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/10/19 21:18:55 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2011/10/19 21:18:55 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2011/10/19 21:18:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2011/10/19 21:18:41 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2011/10/19 21:18:39 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativtmxx.dll
[2011/10/19 21:18:38 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativmvxx.ax
[2011/10/19 21:18:37 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativdaxx.ax
[2011/10/19 21:18:34 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2011/10/19 21:18:34 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2011/10/19 21:18:32 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxsxx.sys
[2011/10/19 21:18:31 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxbxx.sys
[2011/10/19 21:18:30 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atintuxx.sys
[2011/10/19 21:18:29 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinttxx.sys
[2011/10/19 21:18:28 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinsnxx.sys
[2011/10/19 21:18:27 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinrvxx.sys
[2011/10/19 21:18:26 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinraxx.sys
[2011/10/19 21:18:26 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinpdxx.sys
[2011/10/19 21:18:25 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinbtxx.sys
[2011/10/19 21:18:25 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinmdxx.sys
[2011/10/19 21:18:24 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2011/10/19 21:18:23 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2011/10/19 21:18:23 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2011/10/19 21:18:22 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2011/10/19 21:18:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2011/10/19 21:18:21 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2011/10/19 21:18:21 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2011/10/19 21:18:19 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2011/10/19 21:18:18 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3d1ag.dll
[2011/10/19 21:18:17 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2011/10/19 21:18:16 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtaa.sys
[2011/10/19 21:18:16 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2011/10/19 21:18:15 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvaa.dll
[2011/10/19 21:18:15 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2011/10/19 21:18:14 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xsxx.sys
[2011/10/19 21:18:13 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xbxx.sys
[2011/10/19 21:18:12 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1tuxx.sys
[2011/10/19 21:18:11 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1snxx.sys
[2011/10/19 21:18:11 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1ttxx.sys
[2011/10/19 21:18:10 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1rvxx.sys
[2011/10/19 21:18:10 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1raxx.sys
[2011/10/19 21:18:09 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1pdxx.sys
[2011/10/19 21:18:09 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1mdxx.sys
[2011/10/19 21:18:07 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2011/10/19 21:18:07 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1btxx.sys
[2011/10/19 21:18:06 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2011/10/19 21:17:59 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/10/19 21:17:53 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2011/10/19 21:17:53 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2011/10/19 21:17:53 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2011/10/19 21:17:41 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2011/10/19 21:17:40 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2011/10/19 21:17:39 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2011/10/19 21:17:38 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/10/19 21:17:38 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2011/10/19 21:17:37 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2011/10/19 21:17:37 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2011/10/19 21:17:35 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2011/10/19 21:17:35 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2011/10/19 21:17:34 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2011/10/19 21:17:15 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2011/10/19 21:17:13 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv11nt5.dll
[2011/10/19 21:17:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2011/10/19 21:17:07 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/10/19 21:17:04 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/10/19 21:16:57 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/10/19 21:16:56 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/10/19 21:16:56 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/10/19 21:16:55 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2011/10/19 21:16:55 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2011/10/19 21:16:53 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/10/19 21:16:52 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2011/10/19 21:16:51 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2011/10/19 21:16:51 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2011/10/19 21:16:49 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2011/10/19 21:16:49 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2011/10/19 21:16:48 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/10/19 21:16:48 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/10/19 21:16:48 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2011/10/19 21:16:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2011/10/19 21:16:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2011/10/19 21:16:45 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/10/19 21:16:45 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/10/19 21:16:44 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/10/19 21:16:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2011/10/19 21:16:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2011/10/19 21:11:37 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2011/10/19 21:11:24 | 002,148,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2011/10/19 21:10:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/10/19 20:00:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/10/19 20:00:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/10/19 20:00:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/10/19 20:00:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/10/19 19:59:43 | 004,266,378 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/10/19 19:43:02 | 001,832,544 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Owner\Desktop\MCPR.exe
[2011/10/19 19:43:02 | 001,558,320 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2011/10/19 19:43:01 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2011/10/07 13:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GridinSoft
[2011/10/07 13:14:48 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2011/10/07 11:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/10/07 11:47:48 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/10/07 11:47:48 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/10/07 11:47:45 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/10/07 11:47:44 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/10/07 11:47:44 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/10/07 11:47:42 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/10/07 11:47:42 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/10/07 11:47:41 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/10/07 11:47:10 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/10/07 11:47:08 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/10/07 11:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/10/07 11:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/10/07 10:31:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/10/06 12:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware-A
[2011/10/06 11:08:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/06 11:05:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/06 11:05:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Videos
[2011/10/06 11:05:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2011/10/06 10:32:58 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/10/05 15:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/04 15:51:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/10/04 15:35:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/10/04 15:35:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[26 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/19 21:37:25 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/19 21:09:01 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBR.dat
[2011/10/19 20:03:19 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\HP WEP.job
[2011/10/19 19:52:56 | 000,000,191 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/10/19 19:52:55 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/19 19:52:41 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/19 19:52:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/19 19:52:33 | 535,392,256 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/19 18:59:43 | 004,266,378 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/10/19 18:40:53 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2011/10/19 18:40:14 | 001,832,544 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Owner\Desktop\MCPR.exe
[2011/10/19 18:40:06 | 000,920,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Norton_Removal_Tool.exe
[2011/10/11 09:08:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{8AF1CB84-6885-4017-BD07-F0BEC571FE26}
[2011/10/07 20:14:39 | 001,558,320 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2011/10/07 13:14:59 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Trojan Killer.lnk
[2011/10/07 11:47:49 | 000,001,755 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/10/07 11:47:43 | 000,002,702 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/10/07 10:24:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/07 07:51:51 | 000,001,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FixNCR.reg
[2011/10/06 13:02:11 | 000,000,491 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/10/06 11:08:15 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/10/06 10:33:01 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/10/06 10:32:48 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\rkill.com
[2011/10/05 15:54:54 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2011/10/05 15:47:04 | 000,501,408 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/10/05 15:06:58 | 000,002,229 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/10/05 13:55:03 | 000,000,210 | ---- | M] () -- C:\Boot.bak
[2011/10/05 08:30:55 | 000,001,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/10/04 15:13:18 | 000,001,213 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\ldr.ini
[2011/10/01 10:30:32 | 000,398,760 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2011/09/26 08:26:01 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/09/26 08:22:22 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/26 08:22:22 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/09/20 10:03:32 | 073,496,160 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe
[26 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/19 22:04:31 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/10/19 22:04:27 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/10/19 21:45:53 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/10/19 21:45:48 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/10/19 21:38:57 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/10/19 21:29:39 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/10/19 21:29:33 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/10/19 21:29:27 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/10/19 21:29:22 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/10/19 21:29:16 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/10/19 21:24:43 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/10/19 21:24:41 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/10/19 21:24:40 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/10/19 21:18:43 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/10/19 21:18:43 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/10/19 21:18:41 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/10/19 21:18:38 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/10/19 21:18:36 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/10/19 21:18:36 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/10/19 21:18:35 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/10/19 21:18:35 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/10/19 21:18:33 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/10/19 21:18:20 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/10/19 21:09:01 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MBR.dat
[2011/10/19 20:03:18 | 000,000,316 | ---- | C] () -- C:\WINDOWS\tasks\HP WEP.job
[2011/10/19 20:00:35 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/10/19 20:00:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/10/19 20:00:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/10/19 20:00:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/10/19 20:00:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/10/19 19:43:02 | 000,920,384 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Norton_Removal_Tool.exe
[2011/10/11 09:07:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{8AF1CB84-6885-4017-BD07-F0BEC571FE26}
[2011/10/07 13:14:59 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Trojan Killer.lnk
[2011/10/07 13:07:07 | 535,392,256 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/07 11:47:49 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/10/06 11:08:15 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2011/10/06 11:08:07 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/10/06 10:32:42 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\rkill.com
[2011/10/05 15:54:54 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2011/10/05 15:46:57 | 000,501,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/10/05 15:06:58 | 000,002,229 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/10/04 15:13:15 | 000,001,213 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ldr.ini
[2011/09/26 08:22:22 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2009/10/14 08:58:09 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2009/02/11 14:06:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2008/08/06 06:35:56 | 000,061,504 | ---- | C] () -- C:\WINDOWS\System32\licensemanager.exe
[2008/08/06 06:35:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\U25STORE.DLL
[2008/08/06 06:35:56 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\U25TOTAL.DLL
[2008/08/06 06:35:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\smtls32.dll
[2008/08/06 06:35:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\U2LBAR.DLL
[2008/08/06 06:35:50 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\Ltfil60n.dll
[2008/08/06 06:35:44 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\Lfbmp60n.dll
[2008/08/06 06:35:44 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\Lfwmf60n.dll
[2008/08/06 06:35:43 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\Lffax60n.dll
[2008/08/06 06:35:43 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\Lfcmp60n.dll
[2008/08/06 06:35:43 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\Lfpng60n.dll
[2008/08/06 06:35:43 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\Lftif60n.dll
[2008/08/06 06:35:43 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\Lfpcx60n.dll
[2008/08/06 06:35:43 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\Lfpct60n.dll
[2008/08/06 06:35:43 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\Lfeps60n.dll
[2008/08/06 06:35:43 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\Lfpsd60n.dll
[2008/08/06 06:35:43 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Lftga60n.dll
[2008/08/06 06:35:43 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\Lfwpg60n.dll
[2008/08/06 06:35:43 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\Lfmsp60n.dll
[2008/08/06 06:35:43 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Lfmac60n.dll
[2008/08/06 06:35:42 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\Regsvr16.exe
[2008/08/06 06:33:02 | 000,000,184 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2007/07/26 12:01:50 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2005/11/08 12:11:11 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2005/08/02 08:55:14 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/05/21 14:37:05 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/11/18 10:11:24 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/11/18 10:11:23 | 000,000,051 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/01/14 16:55:09 | 000,000,723 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2003/08/28 08:00:21 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/07/10 12:07:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\dm.ini
[2003/02/22 11:03:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2003/02/07 09:59:04 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2003/01/16 15:54:09 | 000,010,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\PACKET.SYS
[2003/01/15 15:49:35 | 000,000,491 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/01/15 15:49:24 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2002/11/27 17:11:41 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2002/11/26 21:34:15 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2002/11/13 16:20:31 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/08/02 03:11:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/08/02 00:19:00 | 000,000,470 | ---- | C] () -- C:\WINDOWS\ikey.ini
[2002/08/02 00:16:30 | 000,009,310 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2002/08/01 23:59:15 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2002/08/01 23:59:14 | 000,000,626 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2002/08/01 23:59:13 | 000,007,406 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2002/08/01 23:10:54 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2002/08/01 22:50:25 | 000,000,029 | ---- | C] () -- C:\WINDOWS\ALSndMgr.ini
[2002/08/01 22:41:52 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2002/08/01 22:41:52 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2002/08/01 22:41:23 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2002/08/01 21:52:20 | 000,000,799 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/08/01 21:50:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/08/01 21:43:39 | 000,022,736 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/01 21:41:46 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/08/01 21:33:03 | 000,000,557 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/08/01 21:32:23 | 000,404,170 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/01 21:32:23 | 000,064,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/01 14:37:30 | 000,004,331 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/08/01 14:36:30 | 000,145,216 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/06/20 19:09:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll
[2002/06/01 00:59:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/05/24 12:46:08 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2002/05/24 12:44:48 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2002/05/22 21:44:14 | 000,009,785 | ---- | C] () -- C:\WINDOWS\System32\drivers\a312.sys
[2002/05/22 21:04:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2001/09/05 07:25:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\LoadDll.dll
[2001/09/01 00:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[2001/08/08 15:13:22 | 000,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll
[2000/10/25 13:15:00 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll

========== Custom Scans ==========



< MD5 for: AFD.SYS >
[2004/08/04 01:14:14 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\afd.sys
[2004/08/04 07:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\system32\dllcache\afd.sys
[2004/08/04 07:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\system32\drivers\afd.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >


Avast boot time log:

This is actually the second time I did a boot time scan. This time zero infected files. It find some files that are corrupt. I now have internet access after computer booted into windows when boot scan completed. I did not do any of the suggestions for the internet part of your post.

10/07/2011 11:57
Scan of all local drives

File C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\AOLTEMP\setup.zip|>setup.exe Error 42125 {ZIP archive is corrupted.}
File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\BFTS\update.zip|>c:\suds\inner.zip|>comp01.000|>Wise0036.bin Error 42145 {Installer archive is corrupted.}
File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\BFTS\update.zip|>c:\suds\inner.zip|>comp01.000 Error 42125 {ZIP archive is corrupted.}
File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\BFTS\update.zip|>c:\suds\inner.zip Error 42125 {ZIP archive is corrupted.}
File C:\Documents and Settings\Owner\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe|>$INSTDIR\openofficeorg1.cab|>bf_xomi.dll Error 42127 {CAB archive is corrupted.}
File C:\hp\bin\KillIt.exe is infected by Win32:KillApp-W [PUP], Deleted
File C:\Program Files\Upromise_Remind_U\u11050.exe is infected by Win32:Adware-gen [Adw], Deleted
File C:\Program Files\Upromise_Remind_U\UpromiseRemindU.dll is infected by Win32:Adware-gen [Adw], Deleted
File C:\System Volume Information\_restore{CD45504F-D983-486E-9C46-F5C3E4ADCBD7}\RP1423\A0369291.exe is infected by Win32:KillApp-W [PUP], Deleted
File C:\System Volume Information\_restore{CD45504F-D983-486E-9C46-F5C3E4ADCBD7}\RP1423\A0369292.exe is infected by Win32:Adware-gen [Adw], Deleted
File C:\System Volume Information\_restore{CD45504F-D983-486E-9C46-F5C3E4ADCBD7}\RP1423\A0369293.dll is infected by Win32:Adware-gen [Adw], Deleted
Number of searched folders: 5320
Number of tested files: 407780
Number of infected files: 6

----------------------------------------
10/19/2011 22:27
Scan of all local drives

File C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0\AOLTEMP\setup.zip|>setup.exe Error 42125 {ZIP archive is corrupted.}
File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\BFTS\update.zip|>c:\suds\inner.zip|>comp01.000|>Wise0036.bin Error 42145 {Installer archive is corrupted.}
File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\BFTS\update.zip|>c:\suds\inner.zip|>comp01.000 Error 42125 {ZIP archive is corrupted.}
File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\BFTS\update.zip|>c:\suds\inner.zip Error 42125 {ZIP archive is corrupted.}
File C:\Documents and Settings\Owner\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe|>$INSTDIR\openofficeorg1.cab|>bf_xomi.dll Error 42127 {CAB archive is corrupted.}
File C:\System Volume Information\_restore{CD45504F-D983-486E-9C46-F5C3E4ADCBD7}\RP1425\A0369367.exe|>$INSTDIR\openofficeorg1.cab|>bf_xomi.dll Error 42127 {CAB archive is corrupted.}
Number of searched folders: 5318
Number of tested files: 475992
Number of infected files: 0
  • 0

#6
RKinner
Posted 19 October 2011 - 10:19 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Glad you are back on line.

With all of the corrupt files I wonder if you have a hard drive or memory problem.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#7
jp17315
Posted 20 October 2011 - 08:54 PM

jp17315

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 127 posts
here are the logs:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 20/10/2011 9:39:06 p. m.

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/10/2011 9:32:31 p. m.
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: viaagp1

Log: 'System' Date/Time: 20/10/2011 9:32:31 p. m.
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 20/10/2011 9:31:32 p. m.
Type: error Category: 0
Event: 5719 Source: NETLOGON
No Domain Controller is available for domain AD due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

Log: 'System' Date/Time: 20/10/2011 8:36:14 p. m.
Type: error Category: 0
Event: 10010 Source: DCOM
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 20/10/2011 8:34:00 p. m.
Type: error Category: 0
Event: 10010 Source: DCOM
The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vino's Event Viewer v01c run on Windows XP in English
Report run at 20/10/2011 9:40:43 p. m.

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/10/2011 9:32:50 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2268) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:50 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2268) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:49 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2228) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:49 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2228) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:49 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2188) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:49 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2188) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:48 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2148) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:48 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2148) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:47 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2108) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:47 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2108) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:46 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2060) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:46 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2060) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:45 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (1840) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:45 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (1840) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:44 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (764) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:44 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (764) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:43 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (1176) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:43 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (1176) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 20/10/2011 9:32:41 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (1084) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 20/10/2011 9:32:41 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (1084) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#8
RKinner
Posted 20 October 2011 - 09:30 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Start, Run, cmd, OK to bring up a Command window. Type with an Enter after each line:


esentutl  /g  C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb

(You will then get a message at the end to tell you whether this database is corrupt. If it is then run:)

cd  WINDOWS\SoftwareDistribution\DataStore\logs

esentutl  /r  edb

(If this doesn't repair it then run:)

cd  ..

esentutl  /p  C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb

You will get a windows popup saying only run this on a corrupt or damaged database, press ok, and then at then end you will see the result.
(I use two spaces in the code box so you can see where one goes.)

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.

Run Vino's Event Viewer as before and post the logs.

Ron
  • 0

#9
jp17315
Posted 21 October 2011 - 07:02 PM

jp17315

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 127 posts
When I entered the first command it said integrity check successful so I did not do the rest of the commands. here are the logs:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 21/10/2011 8:49:33 p. m.

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/10/2011 8:49:02 p. m.
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: viaagp1

Log: 'System' Date/Time: 21/10/2011 8:49:02 p. m.
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 21/10/2011 8:47:37 p. m.
Type: error Category: 0
Event: 5719 Source: NETLOGON
No Domain Controller is available for domain AD due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vino's Event Viewer v01c run on Windows XP in English
Report run at 21/10/2011 8:50:58 p. m.

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/10/2011 8:49:13 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2988) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:13 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2988) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:12 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2500) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:12 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2500) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:11 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (4080) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:11 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (4080) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:11 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (3712) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:11 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (3712) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:10 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (3368) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:10 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (3368) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:09 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (816) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:09 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (816) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:07 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2052) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:07 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2052) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:06 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (3992) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:06 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (3992) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:05 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (3616) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:05 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (3616) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 21/10/2011 8:49:04 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (3292) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 21/10/2011 8:49:04 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (3292) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#10
RKinner
Posted 21 October 2011 - 07:59 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Seems odd that your program can't find 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb' when windows says it is good. Right click on the file if you can find it and select Properties then Security. Click on each user type and look below to see if they have full control.

You should uninstall LogMeIn since it is not working.

Is this computer supposed to be part of a domain?

Right click on My Computer and select Manage the Device Manager then View, Show Hidden Devices. Look in the right pane. Do you see viaagp1? Probably a red mark next to it. Right click and check the properties and see if you can get it to update the driver.
  • 0

Advertisements

#11
jp17315
Posted 21 October 2011 - 08:24 PM

jp17315

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 127 posts

Seems odd that your program can't find 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb' when windows says it is good. Right click on the file if you can find it and select Properties then Security. Click on each user type and look below to see if they have full control.

Administrators have full control - Power Users do not have full control - System has full control - Users do not have full control.

You should uninstall LogMeIn since it is not working.

Uninstalled in device manager.

Is this computer supposed to be part of a domain?

Yes

Right click on My Computer and select Manage the Device Manager then View, Show Hidden Devices. Look in the right pane. Do you see viaagp1?

Do not see viaagp1. I see Via Agp filter and it is working ok.
  • 0

#12
RKinner
Posted 22 October 2011 - 01:06 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Administrators have full control - Power Users do not have full control - System has full control - Users do not have full control.


I would give everyone Full Control and see if that helps with the error.
  • 0

#13
jp17315
Posted 22 October 2011 - 11:18 AM

jp17315

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 127 posts
I gave everyone full control. Here are the logs:

Vino's Event Viewer v01c run on Windows XP in English
Report run at 22/10/2011 1:07:18 p. m.

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/10/2011 1:07:18 p. m.
Type: error Category: 0
Event: 15 Source: AutoEnrollment
Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed.

Log: 'Application' Date/Time: 22/10/2011 1:05:33 p. m.
Type: error Category: 0
Event: 1054 Source: Userenv
Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Log: 'Application' Date/Time: 22/10/2011 1:04:30 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (1800) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 22/10/2011 1:04:30 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (1800) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 22/10/2011 1:04:29 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (928) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 22/10/2011 1:04:29 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (928) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 22/10/2011 1:04:28 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (4088) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 22/10/2011 1:04:28 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (4088) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 22/10/2011 1:04:27 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (3928) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 22/10/2011 1:04:27 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (3928) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 22/10/2011 1:04:26 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (2304) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 22/10/2011 1:04:26 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (2304) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

Log: 'Application' Date/Time: 22/10/2011 1:04:25 p. m.
Type: error Category: 3
Event: 454 Source: ESENT
wuauclt (3116) Database recovery/restore failed with unexpected error -1216.

Log: 'Application' Date/Time: 22/10/2011 1:04:25 p. m.
Type: error Category: 3
Event: 494 Source: ESENT
wuauclt (3116) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/10/2011 1:04:22 p. m.
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user YOUR-PA86Z1I3G7\Owner registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 22/10/2011 1:09:21 p. m.

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/10/2011 1:07:15 p. m.
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: viaagp1

Log: 'System' Date/Time: 22/10/2011 1:07:15 p. m.
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 22/10/2011 1:05:33 p. m.
Type: error Category: 0
Event: 5719 Source: NETLOGON
No Domain Controller is available for domain AD due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#14
RKinner
Posted 22 October 2011 - 12:40 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Download and save Inherit.exe from
http://download.blee...xes/Inherit.exe

It's probably easier to use if you move it to C:\Windows\system32\


Find the wuauclt.exe file which should also be in C:\windows\system32\ and drag the file over to Inherit.exe and let go.

If that doesn't stop the errors then try Dial-A-Fix.

Download it from

http://djlizard.net....-v0.60.0.24.zip

It is a zip file so right click on it and Extract All. In the new folder that Extract All creates there should be Dial-a-fix.exe and secedit.exe. Double click on Dial-a-fix.exe.

Click on WU/WUAU

Then Click on Flush SoftwareDistribution

When that finishes, hit the GO button.

Any better?
  • 0

#15
jp17315
Posted 22 October 2011 - 08:51 PM

jp17315

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 127 posts
the inherit.exe did not fix the problems so i tried the dial-a-fix. Looks like the Application log is cleaner but not sure about the system log.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 22/10/2011 10:38:30 p. m.

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/10/2011 10:37:09 p. m.
Type: error Category: 0
Event: 15 Source: AutoEnrollment
Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed.

Log: 'Application' Date/Time: 22/10/2011 10:36:01 p. m.
Type: error Category: 0
Event: 1054 Source: Userenv
Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/10/2011 10:34:01 p. m.
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user YOUR-PA86Z1I3G7\Owner registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 22/10/2011 10:50:52 p. m.

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/10/2011 10:47:01 p. m.
Type: error Category: 0
Event: 59 Source: SideBySide
Generate Activation Context failed for C:\Program Files\HP\Dfawep\bin\MFC80U.DLL. Reference error message: The operation completed successfully. .

Log: 'System' Date/Time: 22/10/2011 10:47:01 p. m.
Type: error Category: 0
Event: 59 Source: SideBySide
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .

Log: 'System' Date/Time: 22/10/2011 10:47:01 p. m.
Type: error Category: 0
Event: 32 Source: SideBySide
Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Log: 'System' Date/Time: 22/10/2011 10:38:01 p. m.
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: viaagp1

Log: 'System' Date/Time: 22/10/2011 10:38:01 p. m.
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 22/10/2011 10:36:01 p. m.
Type: error Category: 0
Event: 5719 Source: NETLOGON
No Domain Controller is available for domain AD due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP