Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

WinXP Computer is Infected Again [Solved]


  • This topic is locked This topic is locked

#16
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets run a deeper scan and once that is done we will reset system restore

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
NSIS_extraction.png
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.
  • Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

    3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


    Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

  • 0

Advertisements


#17
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

ComboFix 15-04-09.01 - Bryan Bridgewater 04/08/2015  19:02:12.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.959.561 [GMT -5:00]
Running from: c:\documents and settings\Bryan Bridgewater\Desktop\ComboFix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Bryan Bridgewater\Application Data\BtvStack.dll
c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\kakyhu
c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\kakyhu\1a17
c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\kakyhu\kakyhu.exe
c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\mugieym.dll
.
.
(((((((((((((((((((((((((   Files Created from 2015-03-09 to 2015-04-09  )))))))))))))))))))))))))))))))
.
.
2015-04-08 22:34 . 2015-04-08 23:43    473600    ----a-w-    c:\windows\system32\audisrss.exe
2015-04-07 15:51 . 2015-04-07 15:51    --------    d-----w-    c:\documents and settings\All Users\Application Data\IewbOmaxv
2015-04-06 14:07 . 2015-04-07 18:25    --------    d-----w-    C:\FRST
2015-04-05 21:47 . 2015-04-05 21:47    --------    d-----w-    C:\Desktop
2015-04-03 22:54 . 2015-04-04 00:14    --------    d-----w-    c:\documents and settings\Bryan Bridgewater\Application Data\Local Store
2015-03-24 04:37 . 2015-03-24 04:37    --------    d-----w-    c:\documents and settings\Bryan Bridgewater\Doctor Web
2015-03-19 13:14 . 2015-03-19 13:14    --------    d-----w-    c:\documents and settings\Bryan Bridgewater\Application Data\SUPERAntiSpyware.com
2015-03-19 13:12 . 2015-04-08 13:07    --------    d-----w-    c:\program files\SUPERAntiSpyware
2015-03-19 13:12 . 2015-03-19 13:12    --------    d-----w-    c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2015-03-12 19:11 . 2015-03-12 19:11    --------    d-----w-    C:\RegBackup
2015-03-12 18:30 . 2001-08-17 18:49    26624    -c--a-w-    c:\windows\system32\dllcache\irstusb.sys
2015-03-12 18:30 . 2001-08-17 18:51    18688    -c--a-w-    c:\windows\system32\dllcache\irsir.sys
2015-03-12 18:30 . 2008-04-13 21:11    28160    -c--a-w-    c:\windows\system32\dllcache\irmon.dll
2015-03-12 18:30 . 2008-04-13 21:12    151552    -c--a-w-    c:\windows\system32\dllcache\irftp.exe
2015-03-12 18:30 . 2001-08-17 18:49    23552    -c--a-w-    c:\windows\system32\dllcache\irmk7.sys
2015-03-12 18:30 . 2008-04-13 15:54    88192    -c--a-w-    c:\windows\system32\dllcache\irda.sys
2015-03-12 18:29 . 2001-08-17 17:12    45632    -c--a-w-    c:\windows\system32\dllcache\ip5515.sys
2015-03-12 18:29 . 2001-08-18 03:36    90200    -c--a-w-    c:\windows\system32\dllcache\io8ports.dll
2015-03-12 18:29 . 2001-08-17 18:50    38784    -c--a-w-    c:\windows\system32\dllcache\io8.sys
2015-03-12 18:29 . 2008-04-13 15:40    5504    -c--a-w-    c:\windows\system32\dllcache\intelide.sys
2015-03-12 18:29 . 2001-08-17 18:47    13056    -c--a-w-    c:\windows\system32\dllcache\inport.sys
2015-03-12 18:29 . 2001-08-17 18:52    16000    -c--a-w-    c:\windows\system32\dllcache\ini910u.sys
2015-03-12 18:24 . 2001-08-17 19:56    353184    -c--a-w-    c:\windows\system32\dllcache\i740dnt5.dll
2015-03-12 18:24 . 2008-04-13 15:41    18560    -c--a-w-    c:\windows\system32\dllcache\i2omp.sys
2015-03-12 18:24 . 2008-04-13 15:41    8576    -c--a-w-    c:\windows\system32\dllcache\i2omgmt.sys
2015-03-12 18:22 . 2001-08-18 03:36    19456    -c--a-w-    c:\windows\system32\dllcache\hr1w.dll
2015-03-12 18:22 . 2001-08-17 18:52    5760    -c--a-w-    c:\windows\system32\dllcache\hpt4qic.sys
2015-03-12 18:22 . 2001-08-18 03:36    13312    -c--a-w-    c:\windows\system32\dllcache\hpsjmcro.dll
2015-03-12 18:22 . 2001-08-18 03:36    324608    -c--a-w-    c:\windows\system32\dllcache\hpojwia.dll
2015-03-12 18:22 . 2001-08-17 19:07    25952    -c--a-w-    c:\windows\system32\dllcache\hpn.sys
2015-03-12 18:22 . 2001-08-18 03:36    32768    -c--a-w-    c:\windows\system32\dllcache\hpgtmcro.dll
2015-03-12 18:22 . 2001-08-18 03:36    68608    -c--a-w-    c:\windows\system32\dllcache\hpgt53tk.dll
2015-03-12 18:21 . 2001-08-18 03:36    165888    -c--a-w-    c:\windows\system32\dllcache\hpgt53.dll
2015-03-12 18:21 . 2001-08-18 03:36    31232    -c--a-w-    c:\windows\system32\dllcache\hpgt42tk.dll
2015-03-12 18:21 . 2001-08-18 03:36    93696    -c--a-w-    c:\windows\system32\dllcache\hpgt42.dll
2015-03-12 18:21 . 2001-08-18 03:36    126976    -c--a-w-    c:\windows\system32\dllcache\hpgt34tk.dll
2015-03-12 18:21 . 2001-08-18 03:36    101376    -c--a-w-    c:\windows\system32\dllcache\hpgt34.dll
2015-03-12 18:21 . 2001-08-18 03:36    48128    -c--a-w-    c:\windows\system32\dllcache\hpgt33tk.dll
2015-03-12 18:21 . 2001-08-18 03:36    89088    -c--a-w-    c:\windows\system32\dllcache\hpgt33.dll
2015-03-12 18:21 . 2001-08-18 03:36    123392    -c--a-w-    c:\windows\system32\dllcache\hpgt21tk.dll
2015-03-12 18:21 . 2001-08-18 03:36    83968    -c--a-w-    c:\windows\system32\dllcache\hpgt21.dll
2015-03-12 18:21 . 2001-08-18 03:36    119296    -c--a-w-    c:\windows\system32\dllcache\hpdigwia.dll
2015-03-12 18:20 . 2001-08-17 19:02    2688    -c--a-w-    c:\windows\system32\dllcache\hidswvd.sys
2015-03-12 18:20 . 2008-04-13 21:11    21504    -c--a-w-    c:\windows\system32\dllcache\hidserv.dll
2015-03-12 18:20 . 2001-08-17 19:02    8576    -c--a-w-    c:\windows\system32\dllcache\hidgame.sys
2015-03-12 18:20 . 2008-04-13 15:36    20352    -c--a-w-    c:\windows\system32\dllcache\hidbatt.sys
2015-03-12 18:18 . 2001-08-17 17:10    22090    -c--a-w-    c:\windows\system32\dllcache\fem556n5.sys
2015-03-12 18:17 . 2001-08-17 17:10    24653    -c--a-w-    c:\windows\system32\dllcache\el574nd4.sys
2015-03-12 18:17 . 2001-08-17 17:10    55999    -c--a-w-    c:\windows\system32\dllcache\el556nd5.sys
2015-03-12 18:17 . 2001-08-17 17:10    44103    -c--a-w-    c:\windows\system32\dllcache\el515.sys
2015-03-12 18:17 . 2001-08-17 17:12    19594    -c--a-w-    c:\windows\system32\dllcache\e100isa4.sys
2015-03-12 18:17 . 2001-08-17 17:12    117760    -c--a-w-    c:\windows\system32\dllcache\e100b325.sys
2015-03-12 18:17 . 2001-08-17 17:12    50719    -c--a-w-    c:\windows\system32\dllcache\e1000nt5.sys
2015-03-12 18:16 . 2001-08-17 17:20    334208    -c--a-w-    c:\windows\system32\dllcache\ds1wdm.sys
2015-03-12 18:15 . 2001-08-17 19:07    20192    -c--a-w-    c:\windows\system32\dllcache\dpti2o.sys
2015-03-12 18:14 . 2001-08-17 17:12    28062    -c--a-w-    c:\windows\system32\dllcache\dp83820.sys
2015-03-12 18:14 . 2001-08-17 18:47    23808    -c--a-w-    c:\windows\system32\dllcache\dot4usb.sys
2015-03-12 18:14 . 2001-08-17 18:47    8704    -c--a-w-    c:\windows\system32\dllcache\dot4scan.sys
2015-03-12 18:13 . 2001-08-17 18:47    12928    -c--a-w-    c:\windows\system32\dllcache\dot4prt.sys
2015-03-12 18:13 . 2008-04-13 15:39    206976    -c--a-w-    c:\windows\system32\dllcache\dot4.sys
2015-03-12 18:10 . 2001-08-18 03:36    110621    -c--a-w-    c:\windows\system32\dllcache\digirlpt.dll
2015-03-12 18:09 . 2001-08-17 18:52    14720    -c--a-w-    c:\windows\system32\dllcache\dac960nt.sys
2015-03-12 18:09 . 2001-08-17 18:52    179584    -c--a-w-    c:\windows\system32\dllcache\dac2w2k.sys
2015-03-12 18:07 . 2001-08-17 19:56    111232    -c--a-w-    c:\windows\system32\dllcache\cl5465.dll
2015-03-12 18:03 . 2001-08-17 18:51    13824    -c--a-w-    c:\windows\system32\dllcache\bulltlp3.sys
2015-03-12 18:02 . 2001-08-17 17:11    31529    -c--a-w-    c:\windows\system32\dllcache\brzwlan.sys
2015-03-12 18:02 . 2001-08-17 18:12    10368    -c--a-w-    c:\windows\system32\dllcache\brusbscn.sys
2015-03-12 18:01 . 2001-08-17 18:12    11008    -c--a-w-    c:\windows\system32\dllcache\brusbmdm.sys
2015-03-12 18:01 . 2001-08-17 18:12    60416    -c--a-w-    c:\windows\system32\dllcache\brserwdm.sys
2015-03-12 18:01 . 2001-08-18 03:36    9728    -c--a-w-    c:\windows\system32\dllcache\brserif.dll
2015-03-12 18:01 . 2001-08-18 03:36    5120    -c--a-w-    c:\windows\system32\dllcache\brscnrsm.dll
2015-03-12 17:59 . 2001-08-18 03:36    102400    -c--a-w-    c:\windows\system32\dllcache\binlsvc.dll
2015-03-12 17:58 . 2008-04-13 15:46    38912    -c--a-w-    c:\windows\system32\dllcache\avc.sys
2015-03-12 17:57 . 2001-08-17 17:49    23552    -c--a-w-    c:\windows\system32\dllcache\atixbar.sys
2015-03-12 17:57 . 2001-08-17 17:49    26624    -c--a-w-    c:\windows\system32\dllcache\ativxbar.sys
2015-03-12 17:57 . 2001-08-17 17:49    19456    -c--a-w-    c:\windows\system32\dllcache\ativttxx.sys
2015-03-12 17:56 . 2001-08-17 17:49    9472    -c--a-w-    c:\windows\system32\dllcache\ativmdcd.sys
2015-03-12 17:56 . 2001-08-17 17:49    17152    -c--a-w-    c:\windows\system32\dllcache\atitvsnd.sys
2015-03-12 17:56 . 2001-08-17 17:49    17152    -c--a-w-    c:\windows\system32\dllcache\atitunep.sys
2015-03-12 17:56 . 2001-08-17 17:49    26880    -c--a-w-    c:\windows\system32\dllcache\atirtsnd.sys
2015-03-12 17:56 . 2001-08-17 17:49    49920    -c--a-w-    c:\windows\system32\dllcache\atirtcap.sys
2015-03-12 17:56 . 2001-08-17 17:48    70528    -c--a-w-    c:\windows\system32\dllcache\atiragem.sys
2015-03-12 17:56 . 2001-08-17 19:56    104832    -c--a-w-    c:\windows\system32\dllcache\atiraged.dll
2015-03-12 17:56 . 2001-08-17 17:49    10240    -c--a-w-    c:\windows\system32\dllcache\atipcxxx.sys
2015-03-12 17:55 . 2001-08-17 17:48    281600    -c--a-w-    c:\windows\system32\dllcache\atimtai.sys
2015-03-12 17:55 . 2001-08-17 17:49    75136    -c--a-w-    c:\windows\system32\dllcache\atimpae.sys
2015-03-12 17:55 . 2001-08-17 17:48    289664    -c--a-w-    c:\windows\system32\dllcache\atimpab.sys
2015-03-12 17:55 . 2001-08-18 03:36    37376    -c--a-w-    c:\windows\system32\dllcache\atievxx.exe
2015-03-12 17:54 . 2001-08-17 19:56    268160    -c--a-w-    c:\windows\system32\dllcache\atidvai.dll
2015-03-12 17:53 . 2001-08-17 19:56    137216    -c--a-w-    c:\windows\system32\dllcache\atidrae.dll
2015-03-12 17:53 . 2001-08-17 19:55    382592    -c--a-w-    c:\windows\system32\dllcache\atidrab.dll
2015-03-12 17:53 . 2001-08-17 17:49    46464    -c--a-w-    c:\windows\system32\dllcache\atibt829.sys
2015-03-12 17:53 . 2001-08-17 19:55    96128    -c--a-w-    c:\windows\system32\dllcache\ati.dll
2015-03-12 17:53 . 2001-08-17 18:57    77568    -c--a-w-    c:\windows\system32\dllcache\ati.sys
2015-03-12 17:44 . 2001-08-17 19:07    101888    -c--a-w-    c:\windows\system32\dllcache\adpu160m.sys
2015-03-12 17:44 . 2001-08-17 17:11    46112    -c--a-w-    c:\windows\system32\dllcache\adptsf50.sys
2015-03-12 17:44 . 2004-08-04 04:32    10880    -c--a-w-    c:\windows\system32\dllcache\admjoy.sys
2015-03-12 17:44 . 2001-08-17 17:19    747392    -c--a-w-    c:\windows\system32\dllcache\adm8830.sys
2015-03-12 17:44 . 2001-08-17 17:19    553984    -c--a-w-    c:\windows\system32\dllcache\adm8820.sys
2015-03-12 17:44 . 2001-08-17 17:19    584448    -c--a-w-    c:\windows\system32\dllcache\adm8810.sys
2015-03-12 17:44 . 2001-08-17 18:53    7424    -c--a-w-    c:\windows\system32\dllcache\adicvls.sys
2015-03-12 17:44 . 2001-08-17 17:11    20160    -c--a-w-    c:\windows\system32\dllcache\adm8511.sys
2015-03-12 16:03 . 2015-03-12 16:03    --------    d-----w-    c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2015-03-12 15:43 . 2015-03-14 03:34    --------    d-----w-    c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\DoNotTrackPlus
2015-03-12 14:46 . 2015-03-14 08:38    --------    d-----w-    c:\documents and settings\All Users\Application Data\CheckPoint
2015-03-10 21:50 . 2015-03-10 21:50    --------    d-----w-    c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\Macromedia
2015-03-10 21:50 . 2015-03-16 01:17    --------    d-----w-    c:\windows\FrameworkUpdate
2015-03-10 10:25 . 2001-08-18 03:36    8192    ----a-w-    c:\windows\system32\kbdkor.dll
2015-03-10 10:25 . 2001-08-18 03:36    8704    ----a-w-    c:\windows\system32\kbdjpn.dll
2015-03-10 10:25 . 2001-08-17 19:55    6144    -c--a-w-    c:\windows\system32\dllcache\kbd101c.dll
2015-03-10 10:25 . 2001-08-17 19:55    6144    ----a-w-    c:\windows\system32\kbd101c.dll
2015-03-10 10:25 . 2001-08-17 19:55    5632    -c--a-w-    c:\windows\system32\dllcache\kbd103.dll
2015-03-10 10:25 . 2001-08-17 19:55    5632    ----a-w-    c:\windows\system32\kbd103.dll
2015-03-10 10:25 . 2001-08-17 19:55    6144    -c--a-w-    c:\windows\system32\dllcache\kbd101b.dll
2015-03-10 10:25 . 2001-08-17 19:55    6144    ----a-w-    c:\windows\system32\kbd101b.dll
2015-03-10 10:25 . 2008-04-13 21:09    6144    -c--a-w-    c:\windows\system32\dllcache\kbd106.dll
2015-03-10 10:25 . 2008-04-13 21:09    6144    ----a-w-    c:\windows\system32\kbd106.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-20 15:59 . 2015-02-23 18:07    136216    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2015-03-20 15:59 . 2015-02-23 18:07    105864    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2015-02-23 06:54 . 2015-02-23 06:54    422760    ----a-w-    c:\windows\system32\drivers\wrranbfs.sys
2015-02-05 17:41 . 2012-06-22 16:41    701616    -c--a-w-    c:\windows\system32\FlashPlayerApp.exe
2015-02-05 17:41 . 2011-10-04 18:02    71344    -c--a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-04 23:51 . 2015-02-23 18:07    37352    ----a-w-    c:\windows\system32\drivers\avkmgr.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-03-13 5529880]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2015-01-22 6699800]
"IewbOmaxv"="c:\documents and settings\All Users\Application Data\IewbOmaxv\YodofAlkec.huu" [2015-04-07 303328]
"clicedos"="c:\windows\system32\audisrss.exe" [2015-04-08 473600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2005-10-11 7286784]
"nwiz"="nwiz.exe" [2005-10-11 1519616]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2005-10-11 86016]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-05-04 161328]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2015-03-20 704512]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\swprv]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"\\??\\c:\\windows\\system32\\winlogon.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2/23/2015 1:07 PM 37352]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 Vsp;Vsp;\??\c:\windows\System32\drivers\Vsp.sys --> c:\windows\System32\drivers\Vsp.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - IPVNMon
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ       Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 22:23    452136    -c--a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 17:41]
.
2015-04-09 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- c:\windows\system32\xp_eos.exe [2014-03-10 01:59]
.
2015-04-08 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- c:\windows\system32\xp_eos.exe [2014-03-10 01:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.foxnews.com/
uSearchURL,(Default) = hxxp://rd.yahoo.com/customize/sbcydsl/defaults/su/*http://www.yahoo.com
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-BluetoothS - c:\documents and settings\Bryan Bridgewater\Application Data\BtvStack.dll
HKCU-Run-befic - c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\befic\befic.exe
HKCU-Run-mugieym - c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\mugieym.dll
HKCU-Run-clipuirt - c:\windows\system32\audifmon.exe
HKCU-Run-gieymum - c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
HKLM-Run-befic - c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\befic\befic.exe
HKLM-Run-kakyhu - c:\documents and settings\Bryan Bridgewater\Local Settings\Application Data\kakyhu\kakyhu.exe
SafeBoot-TweakingRunAsSystem0003
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-04-08 19:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NSL]
"ImagePath"="\"c:\program files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files\Norton Safe Web Lite\Engine\1.0.1.8\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0436630F-A522-DE68-E646-0593B3596643}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1FB660F4-2182-5DA6-752F-3542DC6EA509}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"hajnbcmlcchkbedk"=hex:61,62,6f,69,66,62,6b,6c,68,61,6b,6b,6d,6d,68,63,66,69,
   68,67,68,67,6a,65,64,66,6b,65,6d,6b,6a,70,6a,61,00,dc
"jaknocmdomneggglmdio"=hex:6f,61,62,69,6e,67,69,6b,64,61,6e,63,63,67,69,6c,61,
   6a,62,70,6a,63,62,6e,67,68,65,6f,6d,68,00,77
.
[HKEY_USERS\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DD39FDFD-BB31-23DD-880A-B1E4438DAF45}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oainafohdkjhbokmcjecceahbplbhf"=hex:64,61,69,64,6d,6a,68,63,00,70
"oaemipcfgokbkfaglcmcdleaedjhoe"=hex:69,61,6f,63,6d,67,63,63,63,6f,6f,6a,6d,6a,
   6d,6b,63,68,00,00
"naknoeepedjhjnoanimpnflieifm"=hex:6a,61,69,64,64,68,70,66,69,6f,6a,61,6d,70,
   70,65,6f,64,65,68,00,fd
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(624)
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(2148)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\SUPERAntiSpyware\SASCORE.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE
.
**************************************************************************
.
Completion time: 2015-04-08  19:29:02 - machine was rebooted
ComboFix-quarantined-files.txt  2015-04-09 00:28
.
Pre-Run: 21,434,015,744 bytes free
Post-Run: 21,466,148,864 bytes free
.
- - End Of File - - C0BD6D0CD94D5AA9178C246C03691441
8F558EB6672622401DA993E1E865C861
 

It is still running about same. The only thing is my antivirus program is not working again. You had fixed the first time. It give me the same message about Windows cannot open this program because it has been prevented by a software restriction policy. For more information, open Event Viewer or contact your system administrator.


  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK, are all the popups appearing in Chrome or do you get them in IE as well

Could you run this FRST fix and then run a fresh FRST scan so that I can see what is left

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
c:\documents and settings\All Users\Application Data\IewbOmaxv
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#19
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

The popups are just in IE. I did not have chrome on that machine. I did have Firefox, but the computer is so slow. I uninstalled, but I will reinstall if I ever get this computer fixed.


  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Obviously there is something I am missing... Could you run a fresh FRST scan please
  • 0

#21
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Bryan Bridgewater at 2015-04-10 17:39:32 Run:3
Running from C:\Documents and Settings\Bryan Bridgewater\Desktop
Loaded Profiles: Bryan Bridgewater (Available profiles: Bryan Bridgewater & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CreateRestorePoint:
c:\documents and settings\All Users\Application Data\IewbOmaxv
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Restore point was successfully created.
c:\documents and settings\All Users\Application Data\IewbOmaxv => Moved successfully.

=========  bitsadmin /reset /allusers =========

'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.

========= End of CMD: =========

EmptyTemp: => Removed 53.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog 17:56:10 ====


  • 0

#22
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Bryan Bridgewater (administrator) on DEBRA on 10-04-2015 18:05:04
Running from C:\Documents and Settings\Bryan Bridgewater\Desktop
Loaded Profiles: Bryan Bridgewater (Available profiles: Bryan Bridgewater & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\WINDOWS\system32\imapi.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [161328 2007-05-04] (Nero AG)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\SUPERAntiSpyware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
Winlogon\Notify\gieymum: C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll ()
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [IewbOmaxv] => regsvr32.exe "C:\Documents and Settings\All Users\Application Data\IewbOmaxv\YodofAlkec.huu"
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [clicedos] => C:\windows\system32\audisrss.exe [473600 2015-04-08] (The Audacity Team)
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [gieymum] => rundll32 "C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll",gieymum

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1606980848-1801674531-839522115-1004 -> {CC96ABC4-00CF-4501-8CF1-F36B1C97D436} URL = http://www.bing.com/...ms}&FORM=IE0006
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Bryan Bridgewater\Application Data\Mozilla\Firefox\Profiles\dmh1xjgc.default
FF Homepage: hxxp://www.foxnews.com/
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1606980848-1801674531-839522115-1004: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\Bryan Bridgewater\Application Data\Facebook\npfbplugin_1_0_3.dll [2010-03-06] ( )
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [804600 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-20] (Avira Operations GmbH & Co. KG)
S3 HP Port Resolver; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company) [File not signed]
S3 HP Status Server; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S2 NSL; "C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe" /s "NSL" /m "C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\diMaster.dll" /prefetch:1

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [278728 2011-07-08] ()
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2015-02-04] (Avira Operations GmbH & Co. KG)
S3 CA561; C:\windows\System32\Drivers\SPCA561.SYS [119798 2002-10-01] (SP)
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 FETND5BV; C:\windows\System32\DRIVERS\fetnd5bv.sys [42496 2004-12-16] (VIA Technologies, Inc.              )
S3 FETNDIS; C:\windows\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc.              )
S3 FETNDISB; C:\windows\System32\DRIVERS\fetnd5b.sys [42496 2004-04-14] (VIA Technologies, Inc.              )
S3 HPZid412; C:\windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\windows\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
U0 IPVNMon; C:\windows\system32\Drivers\IPVNMon.sys [95884 2002-08-19] (Visual Networks) [File not signed]
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [25416 2011-07-08] ()
R2 MCSTRM; C:\windows\system32\Drivers\MCSTRM.sys [8413 2007-11-24] (RealNetworks, Inc.) [File not signed]
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2009-08-14] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2009-08-14] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2015-02-04] (Avira GmbH)
R2 tmcomm; C:\WINDOWS\system32\drivers\tmcomm.sys [102664 2007-11-04] (Trend Micro Inc.)
R0 viaagp1; C:\windows\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
R3 VIAudio; C:\windows\System32\drivers\vinyl97.sys [161536 2004-09-06] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; No ImagePath
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MSICPL; \??\D:\install4\MSICPL.sys [X]
S3 NTACCESS; \??\D:\NTACCESS.sys [X]
S3 RT73; system32\DRIVERS\rt73.sys [X]
U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\D:\NTGLM7X.sys [X]
U3 TlntSvr; No ImagePath
S3 Vsp; \??\C:\WINDOWS\System32\drivers\Vsp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 18:05 - 2015-04-10 18:05 - 00012682 _____ () C:\Documents and Settings\Bryan Bridgewater\Desktop\FRST.txt
2015-04-08 21:23 - 2015-04-08 21:23 - 00023552 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
2015-04-08 19:29 - 2015-04-10 18:13 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater\Local Settings\temp
2015-04-08 19:29 - 2015-04-08 19:29 - 00022232 _____ () C:\ComboFix.txt
2015-04-08 19:29 - 2015-04-08 19:29 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-04-08 19:29 - 2015-04-08 19:29 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-04-08 19:29 - 2015-04-08 19:29 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2015-04-08 19:29 - 2015-04-08 19:29 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-04-08 18:01 - 2011-06-26 01:45 - 00256000 _____ () C:\windows\PEV.exe
2015-04-08 18:01 - 2010-11-07 12:20 - 00208896 _____ () C:\windows\MBR.exe
2015-04-08 18:01 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-04-08 18:01 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-04-08 18:01 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-04-08 18:01 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2015-04-08 18:01 - 2000-08-30 19:00 - 00098816 _____ () C:\windows\sed.exe
2015-04-08 18:01 - 2000-08-30 19:00 - 00080412 _____ () C:\windows\grep.exe
2015-04-08 18:01 - 2000-08-30 19:00 - 00068096 _____ () C:\windows\zip.exe
2015-04-08 18:00 - 2015-04-08 19:29 - 00000000 ____D () C:\Qoobox
2015-04-08 17:34 - 2015-04-08 18:43 - 00473600 _____ (The Audacity Team) C:\windows\system32\audisrss.exe
2015-04-06 09:07 - 2015-04-10 18:05 - 00000000 ____D () C:\FRST
2015-04-06 09:04 - 2015-04-06 08:34 - 01135104 _____ (Farbar) C:\Documents and Settings\Bryan Bridgewater\Desktop\FRST.exe
2015-04-03 17:54 - 2015-04-03 19:14 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater\Application Data\Local Store
2015-03-26 02:50 - 2015-03-26 02:54 - 00003967 _____ () C:\windows\KB2964358-IE8.log
2015-03-26 01:53 - 2015-03-26 02:09 - 00003948 _____ () C:\windows\KB2936068-IE8.log
2015-03-26 01:15 - 2015-03-26 01:17 - 00000945 _____ () C:\DelFix.txt
2015-03-23 23:37 - 2015-03-24 02:49 - 00065536 _____ () C:\windows\system32\config\Doctor Web.evt
2015-03-23 23:37 - 2015-03-23 23:37 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater\Doctor Web
2015-03-19 08:14 - 2015-03-19 08:14 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater\Application Data\SUPERAntiSpyware.com
2015-03-19 08:12 - 2015-04-08 08:07 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-19 08:12 - 2015-04-05 02:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-03-19 08:12 - 2015-03-19 08:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2015-03-18 10:11 - 2015-03-18 17:15 - 00000000 ____D () C:\windows\erdnt
2015-03-12 16:28 - 2015-03-16 15:57 - 00000240 _____ () C:\windows\setupact.log
2015-03-12 16:28 - 2015-03-12 16:28 - 00000000 _____ () C:\windows\setuperr.log
2015-03-12 14:11 - 2015-03-12 14:11 - 00000000 ____D () C:\RegBackup
2015-03-12 13:57 - 2008-04-13 16:12 - 00116224 ____C (Xerox) C:\windows\system32\dllcache\xrxwiadr.dll
2015-03-12 13:57 - 2008-04-13 16:12 - 00018944 ____C () C:\windows\system32\dllcache\xrxscnui.dll
2015-03-12 13:57 - 2003-03-31 07:00 - 00028288 ____C () C:\windows\system32\dllcache\xjis.nls
2015-03-12 13:57 - 2001-08-17 22:37 - 00099865 ____C (Eicon Technology) C:\windows\system32\dllcache\xlog.exe
2015-03-12 13:57 - 2001-08-17 22:37 - 00027648 ____C () C:\windows\system32\dllcache\xrxftplt.exe
2015-03-12 13:57 - 2001-08-17 22:37 - 00004608 ____C (Microsoft Corporation) C:\windows\system32\dllcache\xrxflnch.exe
2015-03-12 13:57 - 2001-08-17 22:36 - 00023040 ____C (Xerox Corporation) C:\windows\system32\dllcache\xrxwbtmp.dll
2015-03-12 13:56 - 2008-04-13 16:12 - 00008192 ____C (Microsoft Corporation) C:\windows\system32\dllcache\wshirda.dll
2015-03-12 13:56 - 2004-08-03 23:29 - 00019455 ____C (Intel® Corporation) C:\windows\system32\dllcache\wvchntxx.sys
2015-03-12 13:56 - 2004-08-03 23:29 - 00012063 ____C (Intel® Corporation) C:\windows\system32\dllcache\wsiintxx.sys
2015-03-12 13:56 - 2001-08-17 12:11 - 00016970 ____C (US Robotics MCD (Megahertz)) C:\windows\system32\dllcache\xem336n5.sys
2015-03-12 13:55 - 2008-04-13 10:36 - 00008832 ____C (Microsoft Corporation) C:\windows\system32\dllcache\wmiacpi.sys
2015-03-12 13:54 - 2004-08-03 23:31 - 00154624 ____C (Lucent Technologies) C:\windows\system32\dllcache\wlluc48.sys
2015-03-12 13:54 - 2001-08-17 12:12 - 00034890 ____C (Raytheon Corp.) C:\windows\system32\dllcache\wlandrv2.sys
2015-03-12 13:53 - 2015-04-10 18:04 - 00041220 _____ () C:\windows\setupapi.log
2015-03-12 13:53 - 2008-04-13 10:45 - 00031744 ____C (Microsoft Corporation) C:\windows\system32\dllcache\wceusbsh.sys
2015-03-12 13:53 - 2008-04-13 10:45 - 00026112 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbser.sys
2015-03-12 13:53 - 2008-04-13 10:45 - 00017152 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbohci.sys
2015-03-12 13:53 - 2004-08-03 23:31 - 00032384 ____C (KLSI USA, Inc.) C:\windows\system32\dllcache\usb101et.sys
2015-03-12 13:53 - 2004-08-03 23:29 - 00033599 ____C (Intel® Corporation) C:\windows\system32\dllcache\watv04nt.sys
2015-03-12 13:53 - 2004-08-03 23:29 - 00029311 ____C (Intel® Corporation) C:\windows\system32\dllcache\watv01nt.sys
2015-03-12 13:53 - 2004-08-03 23:29 - 00023615 ____C (Intel® Corporation) C:\windows\system32\dllcache\wch7xxnt.sys
2015-03-12 13:53 - 2004-08-03 23:29 - 00019551 ____C (Intel® Corporation) C:\windows\system32\dllcache\watv02nt.sys
2015-03-12 13:53 - 2004-08-03 23:29 - 00012415 ____C (Intel® Corporation) C:\windows\system32\dllcache\wadv01nt.sys
2015-03-12 13:53 - 2004-08-03 23:29 - 00012127 ____C (Intel® Corporation) C:\windows\system32\dllcache\wadv02nt.sys
2015-03-12 13:53 - 2004-08-03 23:29 - 00011775 ____C (Intel® Corporation) C:\windows\system32\dllcache\wadv05nt.sys
2015-03-12 13:53 - 2001-08-17 22:36 - 00094720 ____C (Microsoft Corporation) C:\windows\system32\dllcache\umaxud32.dll
2015-03-12 13:53 - 2001-08-17 22:36 - 00087040 ____C (Microsoft Corporation) C:\windows\system32\dllcache\wiafbdrv.dll
2015-03-12 13:53 - 2001-08-17 22:36 - 00069632 ____C (Microsoft Corporation) C:\windows\system32\dllcache\umaxu12.dll
2015-03-12 13:53 - 2001-08-17 22:36 - 00053760 ____C (Microsoft Corporation) C:\windows\system32\dllcache\wiamsmud.dll
2015-03-12 13:53 - 2001-08-17 22:36 - 00050688 ____C (UMAX DATA SYSTEMS INC.) C:\windows\system32\dllcache\umaxscan.dll
2015-03-12 13:53 - 2001-08-17 22:36 - 00050176 ____C (Microsoft Corporation) C:\windows\system32\dllcache\umaxp60.dll
2015-03-12 13:53 - 2001-08-17 22:36 - 00028160 ____C (Microsoft Corporation) C:\windows\system32\dllcache\umaxu40.dll
2015-03-12 13:53 - 2001-08-17 22:36 - 00026624 ____C (Microsoft Corporation) C:\windows\system32\dllcache\umaxu22.dll
2015-03-12 13:53 - 2001-08-17 13:58 - 00022912 ____C (Microsoft Corporation) C:\windows\system32\dllcache\umaxpcls.sys
2015-03-12 13:53 - 2001-08-17 13:49 - 00024576 ____C (VIA Technologies, Inc.) C:\windows\system32\dllcache\viairda.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00794654 ____C (U.S. Robotics, Inc.) C:\windows\system32\dllcache\usr1801.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00794399 ____C (U.S. Robotics, Inc.) C:\windows\system32\dllcache\usr1806v.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00793598 ____C (U.S. Robotics, Inc.) C:\windows\system32\dllcache\usr1806.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00771581 ____C (Rockwell) C:\windows\system32\dllcache\winacisa.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00765884 ____C (U.S. Robotics, Inc.) C:\windows\system32\dllcache\usrti.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00701386 ____C (3Com Corporation) C:\windows\system32\dllcache\wdhaalba.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00687999 ____C (U.S. Robotics Corporation) C:\windows\system32\dllcache\usrwdxjs.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00604253 ____C (PCTEL, INC.) C:\windows\system32\dllcache\vmodem.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00397502 ____C (PCtel, Inc.) C:\windows\system32\dllcache\vpctcom.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00224802 ____C (U.S. Robotics Corporation) C:\windows\system32\dllcache\usr1807a.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00113762 ____C (U.S. Robotics Corporation) C:\windows\system32\dllcache\usrpda.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00064605 ____C (PCtel, Inc.) C:\windows\system32\dllcache\vvoice.sys
2015-03-12 13:53 - 2001-08-17 13:28 - 00007556 ____C (U.S. Robotics Corporation) C:\windows\system32\dllcache\usroslba.sys
2015-03-12 13:53 - 2001-08-17 12:14 - 00249402 ____C (Xircom) C:\windows\system32\dllcache\vinwm.sys
2015-03-12 13:53 - 2001-08-17 12:13 - 00019528 ____C (Winbond Electronics Corporation) C:\windows\system32\dllcache\w840nd.sys
2015-03-12 13:53 - 2001-08-17 12:13 - 00019016 ____C (Winbond Electronics Corporation) C:\windows\system32\dllcache\w926nd.sys
2015-03-12 13:53 - 2001-08-17 12:13 - 00016925 ____C (Winbond Electronics Corporation) C:\windows\system32\dllcache\w940nd.sys
2015-03-12 13:53 - 2001-08-17 12:10 - 00035871 ____C (Winbond Electronics Corp.) C:\windows\system32\dllcache\wbfirdma.sys
2015-03-12 13:52 - 2008-04-13 16:12 - 00082944 ____C (IBM Corporation) C:\windows\system32\dllcache\tp4mon.exe
2015-03-12 13:52 - 2008-04-13 10:40 - 00149376 ____C (M-Systems) C:\windows\system32\dllcache\tffsport.sys
2015-03-12 13:52 - 2001-08-17 22:36 - 00525568 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\tridxp.dll
2015-03-12 13:52 - 2001-08-17 22:36 - 00216064 ____C (UMAX Data Systems Inc.) C:\windows\system32\dllcache\um34scan.dll
2015-03-12 13:52 - 2001-08-17 22:36 - 00211968 ____C (UMAX Data Systems Inc.) C:\windows\system32\dllcache\um54scan.dll
2015-03-12 13:52 - 2001-08-17 22:36 - 00047616 ____C (Microsoft Corporation) C:\windows\system32\dllcache\umaxcam.dll
2015-03-12 13:52 - 2001-08-17 22:36 - 00031744 ____C (IBM Corporation) C:\windows\system32\dllcache\tp4.dll
2015-03-12 13:52 - 2001-08-17 22:35 - 00042496 ____C (IBM Corporation) C:\windows\system32\dllcache\tp4res.dll
2015-03-12 13:52 - 2001-08-17 14:56 - 00440576 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\tridkb.dll
2015-03-12 13:52 - 2001-08-17 14:56 - 00315520 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\trid3d.dll
2015-03-12 13:52 - 2001-08-17 14:56 - 00081408 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\tgiul50.dll
2015-03-12 13:52 - 2001-08-17 14:02 - 00230912 ____C (Toshiba Corporation) C:\windows\system32\dllcache\tosdvd03.sys
2015-03-12 13:52 - 2001-08-17 14:01 - 00241664 ____C (Toshiba Corporation) C:\windows\system32\dllcache\tosdvd02.sys
2015-03-12 13:52 - 2001-08-17 13:52 - 00036736 ____C (Promise Technology, Inc.) C:\windows\system32\dllcache\ultra.sys
2015-03-12 13:52 - 2001-08-17 13:51 - 00004992 ____C (Microsoft Corporation) C:\windows\system32\dllcache\toside.sys
2015-03-12 13:52 - 2001-08-17 13:48 - 00011520 ____C (IBM Corporation) C:\windows\system32\dllcache\twotrack.sys
2015-03-12 13:52 - 2001-08-17 12:51 - 00222336 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\trid3dm.sys
2015-03-12 13:52 - 2001-08-17 12:51 - 00166784 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\tridxpm.sys
2015-03-12 13:52 - 2001-08-17 12:51 - 00159232 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\tridkbm.sys
2015-03-12 13:52 - 2001-08-17 12:51 - 00138528 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\tgiulnt5.sys
2015-03-12 13:52 - 2001-08-17 12:14 - 00123995 ____C (Tiger Jet Network) C:\windows\system32\dllcache\tjisdn.sys
2015-03-12 13:52 - 2001-08-17 12:13 - 00037961 ____C (TDK Corporation) C:\windows\system32\dllcache\tdk100b.sys
2015-03-12 13:52 - 2001-08-17 12:13 - 00017129 ____C (TDK Corporation) C:\windows\system32\dllcache\tdkcd31.sys
2015-03-12 13:52 - 2001-08-17 12:12 - 00034375 ____C (Intel Corporation) C:\windows\system32\dllcache\tpro4.sys
2015-03-12 13:52 - 2001-08-17 12:10 - 00028232 ____C (TOSHIBA Corporation) C:\windows\system32\dllcache\tos4mo.sys
2015-03-12 13:51 - 2001-08-17 14:56 - 00172768 ____C (Number Nine Visual Technology) C:\windows\system32\dllcache\t2r4disp.dll
2015-03-12 13:51 - 2001-08-17 14:07 - 00032640 ____C (LSI Logic) C:\windows\system32\dllcache\symc8xx.sys
2015-03-12 13:51 - 2001-08-17 14:07 - 00030688 ____C (LSI Logic) C:\windows\system32\dllcache\sym_u3.sys
2015-03-12 13:51 - 2001-08-17 14:07 - 00016256 ____C (Symbios Logic Inc.) C:\windows\system32\dllcache\symc810.sys
2015-03-12 13:51 - 2001-08-17 13:52 - 00007040 ____C (Microsoft Corporation) C:\windows\system32\dllcache\tandqic.sys
2015-03-12 13:51 - 2001-08-17 13:49 - 00030464 ____C (Toshiba Corporation) C:\windows\system32\dllcache\tbatm155.sys
2015-03-12 13:51 - 2001-08-17 12:50 - 00036640 ____C (Number Nine Visual Technology Corp.) C:\windows\system32\dllcache\t2r4mini.sys
2015-03-12 13:50 - 2001-08-17 22:36 - 00094293 ____C (Perle Systems Ltd. ) C:\windows\system32\dllcache\sxports.dll
2015-03-12 13:50 - 2001-08-17 22:36 - 00010240 ____C (Microsoft Corporation) C:\windows\system32\dllcache\swpidflt.dll
2015-03-12 13:50 - 2001-08-17 22:36 - 00010240 ____C (Microsoft Corporation) C:\windows\system32\dllcache\swpdflt2.dll
2015-03-12 13:50 - 2001-08-17 14:07 - 00028384 ____C (LSI Logic) C:\windows\system32\dllcache\sym_hi.sys
2015-03-12 13:50 - 2001-08-17 14:02 - 00003968 ____C (Microsoft Corporation) C:\windows\system32\dllcache\swusbflt.sys
2015-03-12 13:50 - 2001-08-17 13:50 - 00103936 ____C (Perle Systems Ltd. ) C:\windows\system32\dllcache\sx.sys
2015-03-12 13:49 - 2001-08-17 22:36 - 00053760 ____C (Microsoft Corporation) C:\windows\system32\dllcache\sw_wheel.dll
2015-03-12 13:49 - 2001-08-17 22:36 - 00041472 ____C (Microsoft Corporation) C:\windows\system32\dllcache\sw_effct.dll
2015-03-12 13:48 - 2001-08-17 22:36 - 00155648 ____C (Stallion Technologies) C:\windows\system32\dllcache\stlnprop.dll
2015-03-12 13:48 - 2001-08-17 22:36 - 00053248 ____C (Stallion Technologies) C:\windows\system32\dllcache\stlncoin.dll
2015-03-12 13:48 - 2001-08-17 13:51 - 00016896 ____C (SCM Microsystems, Inc.) C:\windows\system32\dllcache\stcusb.sys
2015-03-12 13:48 - 2001-08-17 12:18 - 00285760 ____C (Stallion Technologies) C:\windows\system32\dllcache\stlnata.sys
2015-03-12 13:47 - 2008-04-13 10:40 - 00007552 ____C (Microsoft Corporation) C:\windows\system32\dllcache\sonyait.sys
2015-03-12 13:47 - 2001-08-17 22:36 - 00114688 ____C (Sony Corporation) C:\windows\system32\dllcache\sonypi.dll
2015-03-12 13:47 - 2001-08-17 22:36 - 00106584 ____C (Perle Systems Ltd.) C:\windows\system32\dllcache\spdports.dll
2015-03-12 13:47 - 2001-08-17 22:36 - 00099328 ____C (Microsoft Corporation) C:\windows\system32\dllcache\srusd.dll
2015-03-12 13:47 - 2001-08-17 22:36 - 00024660 ____C (Perle Systems Ltd.) C:\windows\system32\dllcache\spxupchk.dll
2015-03-12 13:47 - 2001-08-17 14:07 - 00019072 ____C (Adaptec, Inc.) C:\windows\system32\dllcache\sparrow.sys
2015-03-12 13:47 - 2001-08-17 13:56 - 00007552 ____C (Sony Corporation) C:\windows\system32\dllcache\sonypvu1.sys
2015-03-12 13:47 - 2001-08-17 13:53 - 00009600 ____C (Microsoft Corporation) C:\windows\system32\dllcache\sonymc.sys
2015-03-12 13:47 - 2001-08-17 13:51 - 00061824 ____C (Perle Systems Ltd.) C:\windows\system32\dllcache\speed.sys
2015-03-12 13:47 - 2001-08-17 12:51 - 00037040 ____C (Sony Corporation) C:\windows\system32\dllcache\sonypi.sys
2015-03-12 13:47 - 2001-08-17 12:51 - 00020752 ____C (Sony Corporation) C:\windows\system32\dllcache\sonync.sys
2015-03-12 13:47 - 2001-08-17 12:11 - 00048736 ____C (3Com) C:\windows\system32\dllcache\srwlnd5.sys
2015-03-12 13:46 - 2008-04-13 10:36 - 00016000 ____C (Microsoft Corporation) C:\windows\system32\dllcache\smbbatt.sys
2015-03-12 13:46 - 2008-04-13 10:36 - 00006912 ____C (Microsoft Corporation) C:\windows\system32\dllcache\smbclass.sys
2015-03-12 13:46 - 2004-08-03 23:31 - 00063547 ____C (Symbol Technologies) C:\windows\system32\dllcache\sla30nd5.sys
2015-03-12 13:46 - 2004-08-03 23:31 - 00032768 ____C (SiS Corporation) C:\windows\system32\dllcache\sisnic.sys
2015-03-12 13:46 - 2001-08-17 22:36 - 00238592 ____C (Silicon Integrated Systems Corporation) C:\windows\system32\dllcache\sisgrv.dll
2015-03-12 13:46 - 2001-08-17 22:36 - 00045568 ____C (Microsoft Corporation) C:\windows\system32\dllcache\smb3w.dll
2015-03-12 13:46 - 2001-08-17 22:36 - 00033792 ____C (Microsoft Corporation) C:\windows\system32\dllcache\smb0w.dll
2015-03-12 13:46 - 2001-08-17 22:36 - 00028672 ____C (Microsoft Corporation) C:\windows\system32\dllcache\sma0w.dll
2015-03-12 13:46 - 2001-08-17 22:36 - 00028160 ____C (Microsoft Corporation) C:\windows\system32\dllcache\sm91w.dll
2015-03-12 13:46 - 2001-08-17 14:56 - 00157696 ____C (Silicon Integrated Systems Corporation) C:\windows\system32\dllcache\sisv256.dll
2015-03-12 13:46 - 2001-08-17 14:56 - 00147200 ____C (Silicon Motion Inc.) C:\windows\system32\dllcache\smidispb.dll
2015-03-12 13:46 - 2001-08-17 13:57 - 00006784 ____C (Microsoft Corporation) C:\windows\system32\dllcache\smbhc.sys
2015-03-12 13:46 - 2001-08-17 13:53 - 00007040 ____C (Microsoft Corporation) C:\windows\system32\dllcache\snyaitmc.sys
2015-03-12 13:46 - 2001-08-17 12:51 - 00058368 ____C (Silicon Motion Inc.) C:\windows\system32\dllcache\smiminib.sys
2015-03-12 13:46 - 2001-08-17 12:50 - 00050432 ____C (Silicon Integrated Systems Corporation) C:\windows\system32\dllcache\sisv.sys
2015-03-12 13:46 - 2001-08-17 12:12 - 00094698 ____C (SysKonnect GmbH.) C:\windows\system32\dllcache\sk98xwin.sys
2015-03-12 13:46 - 2001-08-17 12:12 - 00091294 ____C (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) C:\windows\system32\dllcache\skfpwin.sys
2015-03-12 13:46 - 2001-08-17 12:12 - 00025034 ____C (SMC Networks, Inc.) C:\windows\system32\dllcache\smcpwr2n.sys
2015-03-12 13:46 - 2001-08-17 12:12 - 00024576 ____C (SMC Networks, Inc.) C:\windows\system32\dllcache\smc8000n.sys
2015-03-12 13:46 - 2001-08-17 12:10 - 00035913 ____C (SMC) C:\windows\system32\dllcache\smcirda.sys
2015-03-12 13:45 - 2008-04-13 10:45 - 00011520 ____C (Microsoft Corporation) C:\windows\system32\dllcache\scsiscan.sys
2015-03-12 13:45 - 2008-04-13 10:40 - 00043904 ____C (Microsoft Corporation) C:\windows\system32\dllcache\sbp2port.sys
2015-03-12 13:45 - 2001-08-17 22:36 - 00495616 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\sblfx.dll
2015-03-12 13:45 - 2001-08-17 22:36 - 00386560 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\sgiul50.dll
2015-03-12 13:45 - 2001-08-17 14:56 - 00252032 ____C (Silicon Integrated Systems Corporation) C:\windows\system32\dllcache\sis300iv.dll
2015-03-12 13:45 - 2001-08-17 14:56 - 00150144 ____C (Silicon Integrated Systems Corporation) C:\windows\system32\dllcache\sis6306v.dll
2015-03-12 13:45 - 2001-08-17 13:53 - 00006912 ____C (Microsoft Corporation) C:\windows\system32\dllcache\seaddsmc.sys
2015-03-12 13:45 - 2001-08-17 13:52 - 00011648 ____C (Microsoft Corporation) C:\windows\system32\dllcache\scsiprnt.sys
2015-03-12 13:45 - 2001-08-17 13:51 - 00023936 ____C (OMNIKEY AG) C:\windows\system32\dllcache\sccmusbm.sys
2015-03-12 13:45 - 2001-08-17 13:51 - 00023936 ____C (OMNIKEY AG) C:\windows\system32\dllcache\sccmn50m.sys
2015-03-12 13:45 - 2001-08-17 13:51 - 00017280 ____C (SCM Microsystems) C:\windows\system32\dllcache\scr111.sys
2015-03-12 13:45 - 2001-08-17 13:51 - 00016640 ____C (Microsoft Corporation) C:\windows\system32\dllcache\scmstcs.sys
2015-03-12 13:45 - 2001-08-17 13:48 - 00017664 ____C (Microsoft Corporation) C:\windows\system32\dllcache\sermouse.sys
2015-03-12 13:45 - 2001-08-17 12:51 - 00098080 ____C (Trident Microsystems Inc.) C:\windows\system32\dllcache\sgiulnt5.sys
2015-03-12 13:45 - 2001-08-17 12:50 - 00104064 ____C (Silicon Integrated Systems Corporation) C:\windows\system32\dllcache\sisgrp.sys
2015-03-12 13:45 - 2001-08-17 12:50 - 00101760 ____C (Silicon Integrated Systems Corporation) C:\windows\system32\dllcache\sis300ip.sys
2015-03-12 13:45 - 2001-08-17 12:50 - 00075392 ____C (S3 Graphics, Inc.) C:\windows\system32\dllcache\s3savmxm.sys
2015-03-12 13:45 - 2001-08-17 12:50 - 00068608 ____C (Silicon Integrated Systems Corporation) C:\windows\system32\dllcache\sis6306p.sys
2015-03-12 13:45 - 2001-08-17 12:19 - 00036480 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\sfmanm.sys
2015-03-12 13:45 - 2001-07-21 14:29 - 00161568 ____C (Micro Systemation) C:\windows\system32\dllcache\sgsmusb.sys
2015-03-12 13:45 - 2001-07-21 14:29 - 00018400 ____C (Micro Systemation) C:\windows\system32\dllcache\sgsmld.sys
2015-03-12 13:44 - 2008-04-13 16:12 - 00029696 ____C (Ricoh Co., Ltd.) C:\windows\system32\dllcache\rw450ext.dll
2015-03-12 13:44 - 2008-04-13 16:12 - 00027648 ____C (Ricoh Co., Ltd.) C:\windows\system32\dllcache\rw430ext.dll
2015-03-12 13:44 - 2008-04-13 10:40 - 00079104 ____C (Comtrol Corporation) C:\windows\system32\dllcache\rocket.sys
2015-03-12 13:44 - 2004-08-03 23:31 - 00020992 ____C (Realtek Semiconductor Corporation) C:\windows\system32\dllcache\rtl8139.sys
2015-03-12 13:44 - 2001-08-17 22:36 - 00082432 ____C (Ricoh Co., Ltd.) C:\windows\system32\dllcache\rwia450.dll
2015-03-12 13:44 - 2001-08-17 22:36 - 00079872 ____C (Ricoh Co., Ltd.) C:\windows\system32\dllcache\rwia430.dll
2015-03-12 13:44 - 2001-08-17 22:36 - 00062496 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3mtrio.dll
2015-03-12 13:44 - 2001-08-17 22:36 - 00009216 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\rsmgrstr.dll
2015-03-12 13:44 - 2001-08-17 14:56 - 00245632 ____C (S3 Graphics, Inc.) C:\windows\system32\dllcache\s3savmx.dll
2015-03-12 13:44 - 2001-08-17 14:56 - 00210496 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3mvirge.dll
2015-03-12 13:44 - 2001-08-17 14:56 - 00198400 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3sav4.dll
2015-03-12 13:44 - 2001-08-17 14:56 - 00182272 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3mt3d.dll
2015-03-12 13:44 - 2001-08-17 14:56 - 00179264 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3sav3d.dll
2015-03-12 13:44 - 2001-08-17 13:57 - 00065664 ____C (Microsoft Corporation) C:\windows\system32\dllcache\s3legacy.sys
2015-03-12 13:44 - 2001-08-17 12:50 - 00166720 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3m.sys
2015-03-12 13:44 - 2001-08-17 12:50 - 00077824 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3sav4m.sys
2015-03-12 13:44 - 2001-08-17 12:50 - 00061504 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3sav3dm.sys
2015-03-12 13:44 - 2001-08-17 12:50 - 00041216 ____C (S3 Incorporated) C:\windows\system32\dllcache\s3mt3d.sys
2015-03-12 13:44 - 2001-08-17 12:19 - 00030720 ____C (Conexant Systems Inc.) C:\windows\system32\dllcache\rthwcls.sys
2015-03-12 13:44 - 2001-08-17 12:19 - 00003840 ____C (Conexant Systems Inc.) C:\windows\system32\dllcache\rpfun.sys
2015-03-12 13:44 - 2001-08-17 12:12 - 00037563 ____C (RadioLAN) C:\windows\system32\dllcache\rlnet5.sys
2015-03-12 13:44 - 2001-08-17 12:12 - 00019017 ____C (Realtek Semiconductor Corporation) C:\windows\system32\dllcache\rtl8029.sys
2015-03-12 13:43 - 2001-08-17 22:36 - 00086097 ____C (Xircom) C:\windows\system32\dllcache\reslog32.dll
2015-03-12 13:43 - 2001-08-17 13:51 - 00019584 ____C (Microsoft Corporation) C:\windows\system32\dllcache\rasirda.sys
2015-03-12 13:42 - 2008-04-13 16:12 - 00159232 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ptpusd.dll
2015-03-12 13:42 - 2008-04-13 16:12 - 00033280 ____C () C:\windows\system32\dllcache\psisrndr.ax
2015-03-12 13:42 - 2008-04-13 10:40 - 00006016 ____C (Microsoft Corporation) C:\windows\system32\dllcache\qic157.sys
2015-03-12 13:42 - 2001-08-17 22:36 - 00041472 ____C (Microsoft Corporation) C:\windows\system32\dllcache\qvusd.dll
2015-03-12 13:42 - 2001-08-17 22:36 - 00035328 ____C (Microsoft Corporation) C:\windows\system32\dllcache\psisload.dll
2015-03-12 13:42 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ptpusb.dll
2015-03-12 13:42 - 2001-08-17 13:53 - 00003328 ____C (Microsoft Corporation) C:\windows\system32\dllcache\qv2kux.sys
2015-03-12 13:42 - 2001-08-17 13:52 - 00049024 ____C (QLogic Corporation) C:\windows\system32\dllcache\ql1280.sys
2015-03-12 13:42 - 2001-08-17 13:52 - 00045312 ____C (QLogic Corporation) C:\windows\system32\dllcache\ql12160.sys
2015-03-12 13:42 - 2001-08-17 13:52 - 00040448 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ql1240.sys
2015-03-12 13:42 - 2001-08-17 13:52 - 00040320 ____C (QLogic Corporation) C:\windows\system32\dllcache\ql1080.sys
2015-03-12 13:42 - 2001-08-17 13:52 - 00033152 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ql10wnt.sys
2015-03-12 13:42 - 2001-08-17 13:28 - 00899146 ____C (Xircom, Inc.) C:\windows\system32\dllcache\r2mdkxga.sys
2015-03-12 13:42 - 2001-08-17 13:28 - 00714762 ____C (Xircom, Inc.) C:\windows\system32\dllcache\r2mdmkxx.sys
2015-03-12 13:42 - 2001-08-17 13:28 - 00130942 ____C (PCTEL, INC.) C:\windows\system32\dllcache\ptserlv.sys
2015-03-12 13:42 - 2001-08-17 13:28 - 00128286 ____C (PCTEL, INC.) C:\windows\system32\dllcache\ptserli.sys
2015-03-12 13:42 - 2001-08-17 13:28 - 00112574 ____C (PCTEL, INC.) C:\windows\system32\dllcache\ptserlp.sys
2015-03-12 13:41 - 2008-04-13 16:12 - 00363520 ____C () C:\windows\system32\dllcache\psisdecd.dll
2015-03-12 13:41 - 2008-04-13 10:41 - 00017664 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ppa3.sys
2015-03-12 13:41 - 2008-04-13 10:40 - 00008832 ____C (Microsoft Corporation) C:\windows\system32\dllcache\powerfil.sys
2015-03-12 13:41 - 2003-03-31 07:00 - 00083748 ____C () C:\windows\system32\dllcache\prcp.nls
2015-03-12 13:41 - 2003-03-31 07:00 - 00083748 ____C () C:\windows\system32\dllcache\prc.nls
2015-03-12 13:41 - 2001-08-17 13:53 - 00017792 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ppa.sys
2015-03-12 13:41 - 2001-08-17 13:53 - 00007168 ____C (Microsoft Corporation) C:\windows\system32\dllcache\pnrmc.sys
2015-03-12 13:41 - 2001-08-17 13:51 - 00016128 ____C (SCM Microsystems, Inc.) C:\windows\system32\dllcache\pscr.sys
2015-03-12 13:40 - 2008-04-13 16:10 - 00259328 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\windows\system32\dllcache\perm3dd.dll
2015-03-12 13:40 - 2008-04-13 16:10 - 00211584 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\windows\system32\dllcache\perm2dll.dll
2015-03-12 13:40 - 2008-04-13 10:44 - 00028032 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\windows\system32\dllcache\perm3.sys
2015-03-12 13:40 - 2008-04-13 10:44 - 00027904 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\windows\system32\dllcache\perm2.sys
2015-03-12 13:40 - 2004-08-03 23:31 - 00029502 ____C (Marconi Communications, Inc.) C:\windows\system32\dllcache\pca200e.sys
2015-03-12 13:40 - 2004-08-03 23:06 - 00169984 ____C (Cisco Systems) C:\windows\system32\dllcache\pcx500.sys
2015-03-12 13:40 - 2001-08-17 22:37 - 00105984 ____C (Microsoft Corporation) C:\windows\system32\dllcache\phdsext.ax
2015-03-12 13:40 - 2001-08-17 22:36 - 00121344 ____C (Microsoft Corporation) C:\windows\system32\dllcache\phvfwext.dll
2015-03-12 13:40 - 2001-08-17 22:36 - 00086016 ____C (PCtel, Inc.) C:\windows\system32\dllcache\pctspk.exe
2015-03-12 13:40 - 2001-08-17 22:36 - 00016384 ____C (Microsoft Corporation) C:\windows\system32\dllcache\philcam1.dll
2015-03-12 13:40 - 2001-08-17 14:07 - 00027296 ____C (Microsoft Corporation) C:\windows\system32\dllcache\perc2.sys
2015-03-12 13:40 - 2001-08-17 14:07 - 00019840 ____C (Microsoft Corporation) C:\windows\system32\dllcache\philtune.sys
2015-03-12 13:40 - 2001-08-17 14:07 - 00005504 ____C (Microsoft Corporation) C:\windows\system32\dllcache\perc2hib.sys
2015-03-12 13:40 - 2001-08-17 14:04 - 00173696 ____C (Microsoft Corporation) C:\windows\system32\dllcache\philcam2.sys
2015-03-12 13:40 - 2001-08-17 14:04 - 00092416 ____C (Microsoft Corporation) C:\windows\system32\dllcache\phildec.sys
2015-03-12 13:40 - 2001-08-17 14:04 - 00075776 ____C (Microsoft Corporation) C:\windows\system32\dllcache\philcam1.sys
2015-03-12 13:40 - 2001-08-17 13:51 - 00003328 ____C (Microsoft Corporation) C:\windows\system32\dllcache\pciide.sys
2015-03-12 13:40 - 2001-08-17 12:12 - 00030495 ____C (Linksys) C:\windows\system32\dllcache\pc100nds.sys
2015-03-12 13:40 - 2001-08-17 12:12 - 00026153 ____C (Linksys) C:\windows\system32\dllcache\pcmlm56.sys
2015-03-12 13:40 - 2001-08-17 12:11 - 00035328 ____C (AMD Inc.) C:\windows\system32\dllcache\pcntpci5.sys
2015-03-12 13:40 - 2001-08-17 12:11 - 00030282 ____C (AMD Inc.) C:\windows\system32\dllcache\pcntn5hl.sys
2015-03-12 13:40 - 2001-08-17 12:11 - 00029769 ____C (AMD Inc.) C:\windows\system32\dllcache\pcntn5m.sys
2015-03-12 13:37 - 2008-04-13 10:54 - 00028672 ____C (National Semiconductor Corporation) C:\windows\system32\dllcache\nscirda.sys
2015-03-12 13:37 - 2008-04-13 10:46 - 00061696 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ohci1394.sys
2015-03-12 13:37 - 2001-08-17 22:36 - 00123776 ____C (NVIDIA Corporation) C:\windows\system32\dllcache\nv3.dll
2015-03-12 13:37 - 2001-08-17 22:36 - 00116736 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovcodec2.dll
2015-03-12 13:37 - 2001-08-17 22:36 - 00044544 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovui2.dll
2015-03-12 13:37 - 2001-08-17 22:36 - 00041984 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovui2rc.dll
2015-03-12 13:37 - 2001-08-17 22:36 - 00039424 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovcoms.exe
2015-03-12 13:37 - 2001-08-17 22:36 - 00020480 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovcomc.dll
2015-03-12 13:37 - 2001-08-17 14:05 - 00351616 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovcodek2.sys
2015-03-12 13:37 - 2001-08-17 14:05 - 00048000 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovcam2.sys
2015-03-12 13:37 - 2001-08-17 14:05 - 00031872 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovce.sys
2015-03-12 13:37 - 2001-08-17 14:05 - 00028032 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovcd.sys
2015-03-12 13:37 - 2001-08-17 14:05 - 00025216 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovsound2.sys
2015-03-12 13:37 - 2001-08-17 14:05 - 00025088 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ovca.sys
2015-03-12 13:37 - 2001-08-17 13:53 - 00007552 ____C (Microsoft Corporation) C:\windows\system32\dllcache\nsmmc.sys
2015-03-12 13:37 - 2001-08-17 13:47 - 00009344 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ntapm.sys
2015-03-12 13:37 - 2001-08-17 13:28 - 00054186 ____C (Ositech Communications, Inc.) C:\windows\system32\dllcache\otcsercb.sys
2015-03-12 13:37 - 2001-08-17 12:50 - 00198144 ____C (NVIDIA Corporation) C:\windows\system32\dllcache\nv3.sys
2015-03-12 13:37 - 2001-08-17 12:49 - 00051552 ____C (Kensington Technology Group) C:\windows\system32\dllcache\ntgrip.sys
2015-03-12 13:37 - 2001-08-17 12:20 - 00126080 ____C (NeoMagic Corporation) C:\windows\system32\dllcache\nm5a2wdm.sys
2015-03-12 13:37 - 2001-08-17 12:20 - 00087040 ____C (NeoMagic Corporation) C:\windows\system32\dllcache\nm6wdm.sys
2015-03-12 13:37 - 2001-08-17 12:20 - 00054528 ____C (Yamaha Corp.) C:\windows\system32\dllcache\opl3sax.sys
2015-03-12 13:37 - 2001-08-17 12:12 - 00043689 ____C (Ositech Communications, Inc.) C:\windows\system32\dllcache\otceth5.sys
2015-03-12 13:37 - 2001-08-17 12:12 - 00032840 ____C (NETGEAR Corporation.) C:\windows\system32\dllcache\ngrpci.sys
2015-03-12 13:37 - 2001-08-17 12:12 - 00027209 ____C (Ositech Communications, Inc.) C:\windows\system32\dllcache\otc06x5.sys
2015-03-12 13:36 - 2004-08-03 23:31 - 00132695 ____C (802.11b) C:\windows\system32\dllcache\netwlan5.sys
2015-03-12 13:36 - 2001-08-17 22:36 - 00060480 ____C (NeoMagic Corporation) C:\windows\system32\dllcache\neo20xx.dll
2015-03-12 13:36 - 2001-08-17 22:36 - 00059104 ____C (Number Nine Visual Technology Corp.) C:\windows\system32\dllcache\n9i128v2.dll
2015-03-12 13:36 - 2001-08-17 22:36 - 00019968 ____C (Moxa Technologies Co., Ltd) C:\windows\system32\dllcache\mxicfg.dll
2015-03-12 13:36 - 2001-08-17 22:36 - 00007168 ____C (Moxa Technologies Co., Ltd) C:\windows\system32\dllcache\mxport.dll
2015-03-12 13:36 - 2001-08-17 14:56 - 00091488 ____C (Number Nine Visual Technology Corp.) C:\windows\system32\dllcache\n9i3disp.dll
2015-03-12 13:36 - 2001-08-17 14:56 - 00035392 ____C (Number Nine Visual Technology Corp.) C:\windows\system32\dllcache\n9i128.dll
2015-03-12 13:36 - 2001-08-17 13:50 - 00075520 ____C (Moxa Technologies Co., Ltd.) C:\windows\system32\dllcache\mxport.sys
2015-03-12 13:36 - 2001-08-17 13:50 - 00021888 ____C (Moxa Technologies Co., Ltd.) C:\windows\system32\dllcache\mxcard.sys
2015-03-12 13:36 - 2001-08-17 13:49 - 00019968 ____C (Macronix International Co., Ltd. ) C:\windows\system32\dllcache\mxnic.sys
2015-03-12 13:36 - 2001-08-17 13:49 - 00015872 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ne2000.sys
2015-03-12 13:36 - 2001-08-17 12:50 - 00103296 ____C (Matrox Graphics Inc) C:\windows\system32\dllcache\mtxvideo.sys
2015-03-12 13:36 - 2001-08-17 12:50 - 00039264 ____C (NeoMagic Corporation) C:\windows\system32\dllcache\neo20xx.sys
2015-03-12 13:36 - 2001-08-17 12:50 - 00033088 ____C (Number Nine Visual Technology Corp.) C:\windows\system32\dllcache\n9i128v2.sys
2015-03-12 13:36 - 2001-08-17 12:50 - 00027936 ____C (Number Nine Visual Technology Corp.) C:\windows\system32\dllcache\n9i3d.sys
2015-03-12 13:36 - 2001-08-17 12:50 - 00013664 ____C (Number Nine Visual Technology Corp.) C:\windows\system32\dllcache\n9i128.sys
2015-03-12 13:36 - 2001-08-17 12:11 - 00128000 ____C (Compaq Computer Corporation) C:\windows\system32\dllcache\n100325.sys
2015-03-12 13:36 - 2001-08-17 12:11 - 00065278 ____C (Compaq Computer Corporation) C:\windows\system32\dllcache\netflx3.sys
2015-03-12 13:36 - 2001-08-17 12:11 - 00052255 ____C (Compaq Computer Corporation) C:\windows\system32\dllcache\n1000nt5.sys
2015-03-12 13:35 - 2008-04-13 10:54 - 00022016 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msircomm.sys
2015-03-12 13:35 - 2008-04-13 10:46 - 00049024 ____C (Microsoft Corporation) C:\windows\system32\dllcache\mstape.sys
2015-03-12 13:35 - 2001-08-17 14:00 - 00002944 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msmpu401.sys
2015-03-12 13:35 - 2001-08-17 13:48 - 00012416 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msriffwv.sys
2015-03-12 13:34 - 2008-04-13 16:12 - 00056832 ____C () C:\windows\system32\dllcache\msdvbnp.ax
2015-03-12 13:34 - 2008-04-13 10:46 - 00051200 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msdv.sys
2015-03-12 13:34 - 2001-08-17 14:02 - 00035200 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msgame.sys
2015-03-12 13:34 - 2001-08-17 13:48 - 00006016 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msfsio.sys
2015-03-12 13:33 - 2008-04-13 10:46 - 00015232 ____C (Microsoft Corporation) C:\windows\system32\dllcache\mpe.sys
2015-03-12 13:33 - 2008-04-13 10:41 - 00026112 ____C (Sony Corporation) C:\windows\system32\dllcache\memstpci.sys
2015-03-12 13:33 - 2008-04-13 10:40 - 00007040 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ltotape.sys
2015-03-12 13:33 - 2004-08-03 23:41 - 00606684 ____C (LT) C:\windows\system32\dllcache\ltmdmnt.sys
2015-03-12 13:33 - 2004-08-03 23:41 - 00420992 ____C (LT) C:\windows\system32\dllcache\ltmdmntt.sys
2015-03-12 13:33 - 2004-08-03 23:39 - 00020864 ____C (Logitech Inc.) C:\windows\system32\dllcache\lwadihid.sys
2015-03-12 13:33 - 2001-08-17 22:36 - 00058880 ____C (Microsoft Corporation) C:\windows\system32\dllcache\m3092dc.dll
2015-03-12 13:33 - 2001-08-17 22:36 - 00058368 ____C (Microsoft Corporation) C:\windows\system32\dllcache\m3091dc.dll
2015-03-12 13:33 - 2001-08-17 22:36 - 00047616 ____C (Microsoft Corporation) C:\windows\system32\dllcache\memgrp.dll
2015-03-12 13:33 - 2001-08-17 14:56 - 00235648 ____C (Matrox Graphics Inc.) C:\windows\system32\dllcache\mgaud.dll
2015-03-12 13:33 - 2001-08-17 13:58 - 00008320 ____C (Microsoft Corporation) C:\windows\system32\dllcache\memcard.sys
2015-03-12 13:33 - 2001-08-17 13:57 - 00016128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\modemcsa.sys
2015-03-12 13:33 - 2001-08-17 13:53 - 00004992 ____C (Microsoft Corporation) C:\windows\system32\dllcache\loop.sys
2015-03-12 13:33 - 2001-08-17 13:52 - 00017280 ____C (American Megatrends Inc.) C:\windows\system32\dllcache\mraid35x.sys
2015-03-12 13:33 - 2001-08-17 13:52 - 00007424 ____C (Microsoft Corporation) C:\windows\system32\dllcache\mammoth.sys
2015-03-12 13:33 - 2001-08-17 13:52 - 00006528 ____C (Microsoft Corporation) C:\windows\system32\dllcache\miniqic.sys
2015-03-12 13:33 - 2001-08-17 13:28 - 00802683 ____C (Lucent Technologies) C:\windows\system32\dllcache\ltsm.sys
2015-03-12 13:33 - 2001-08-17 13:28 - 00797500 ____C (LT) C:\windows\system32\dllcache\ltsmt.sys
2015-03-12 13:33 - 2001-08-17 13:28 - 00727786 ____C (Xircom, Inc.) C:\windows\system32\dllcache\ltck000c.sys
2015-03-12 13:33 - 2001-08-17 13:28 - 00576746 ____C (LT) C:\windows\system32\dllcache\ltmdmntl.sys
2015-03-12 13:33 - 2001-08-17 12:50 - 00320384 ____C (Matrox Graphics Inc.) C:\windows\system32\dllcache\mgaum.sys
2015-03-12 13:33 - 2001-08-17 12:49 - 00022848 ____C (Logitech Inc.) C:\windows\system32\dllcache\lwusbhid.sys
2015-03-12 13:33 - 2001-08-17 12:19 - 00048768 ____C (ESS Technology, Inc.) C:\windows\system32\dllcache\maestro.sys
2015-03-12 13:33 - 2001-08-17 12:12 - 00164586 ____C (Madge Networks Ltd) C:\windows\system32\dllcache\mdgndis5.sys
2015-03-12 13:32 - 2008-04-13 16:11 - 00253952 ____C (Microsoft Corporation) C:\windows\system32\dllcache\kdsusd.dll
2015-03-12 13:32 - 2008-04-13 16:11 - 00048640 ____C (Microsoft Corporation) C:\windows\system32\dllcache\kdsui.dll
2015-03-12 13:32 - 2008-04-13 10:40 - 00034688 ____C (Toshiba Corp.) C:\windows\system32\dllcache\lbrtfdc.sys
2015-03-12 13:32 - 2003-03-31 07:00 - 00047066 ____C () C:\windows\system32\dllcache\ksc.nls
2015-03-12 13:32 - 2001-08-17 22:36 - 00037376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\kousd.dll
2015-03-12 13:32 - 2001-08-17 13:51 - 00015744 ____C (Litronic Industries) C:\windows\system32\dllcache\lit220p.sys
2015-03-12 13:32 - 2001-08-17 12:12 - 00070730 ____C (Linksys Group, Inc.) C:\windows\system32\dllcache\lne100tx.sys
2015-03-12 13:32 - 2001-08-17 12:12 - 00026442 ____C (SMSC) C:\windows\system32\dllcache\lanepic5.sys
2015-03-12 13:32 - 2001-08-17 12:12 - 00020573 ____C (The Linksts Group ) C:\windows\system32\dllcache\lne100.sys
2015-03-12 13:32 - 2001-08-17 12:12 - 00019016 ____C (Kingston Technology Company ) C:\windows\system32\dllcache\ktc111.sys
2015-03-12 13:32 - 2001-08-17 12:11 - 00025065 ____C (D-Link) C:\windows\system32\dllcache\lmndis3.sys
2015-03-12 13:30 - 2008-04-13 16:12 - 00151552 ____C (Microsoft Corporation) C:\windows\system32\dllcache\irftp.exe
2015-03-12 13:30 - 2008-04-13 16:11 - 00028160 ____C (Microsoft Corporation) C:\windows\system32\dllcache\irmon.dll
2015-03-12 13:30 - 2008-04-13 10:54 - 00088192 ____C (Microsoft Corporation) C:\windows\system32\dllcache\irda.sys
2015-03-12 13:30 - 2001-08-17 13:51 - 00018688 ____C (Microsoft Corporation) C:\windows\system32\dllcache\irsir.sys
2015-03-12 13:30 - 2001-08-17 13:49 - 00026624 ____C (SigmaTel, Inc.) C:\windows\system32\dllcache\irstusb.sys
2015-03-12 13:30 - 2001-08-17 13:49 - 00023552 ____C (MKNet Corporation) C:\windows\system32\dllcache\irmk7.sys
2015-03-12 13:29 - 2008-04-13 10:40 - 00005504 ____C (Microsoft Corporation) C:\windows\system32\dllcache\intelide.sys
2015-03-12 13:29 - 2001-08-17 22:36 - 00090200 ____C (Perle Systems Ltd. ) C:\windows\system32\dllcache\io8ports.dll
2015-03-12 13:29 - 2001-08-17 13:52 - 00016000 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ini910u.sys
2015-03-12 13:29 - 2001-08-17 13:50 - 00038784 ____C (Perle Systems Ltd. ) C:\windows\system32\dllcache\io8.sys
2015-03-12 13:29 - 2001-08-17 13:47 - 00013056 ____C (Microsoft Corporation) C:\windows\system32\dllcache\inport.sys
2015-03-12 13:29 - 2001-08-17 12:12 - 00045632 ____C (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) C:\windows\system32\dllcache\ip5515.sys
2015-03-12 13:25 - 2008-04-13 16:11 - 00702845 ____C (Intel® Corporation) C:\windows\system32\dllcache\i81xdnt5.dll
2015-03-12 13:25 - 2004-08-03 23:29 - 00161020 ____C (Intel® Corporation) C:\windows\system32\dllcache\i81xnt5.sys
2015-03-12 13:25 - 2001-08-17 22:36 - 00372824 ____C (Xircom) C:\windows\system32\dllcache\iconf32.dll
2015-03-12 13:25 - 2001-08-17 22:36 - 00091136 ____C (Microsoft Corporation) C:\windows\system32\dllcache\icam4com.dll
2015-03-12 13:25 - 2001-08-17 22:36 - 00061952 ____C (Microsoft Corporation) C:\windows\system32\dllcache\icam4ext.dll
2015-03-12 13:25 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) C:\windows\system32\dllcache\icam5com.dll
2015-03-12 13:25 - 2001-08-17 22:36 - 00026624 ____C (Microsoft Corporation) C:\windows\system32\dllcache\icam3ext.dll
2015-03-12 13:25 - 2001-08-17 22:36 - 00020480 ____C (Microsoft Corporation) C:\windows\system32\dllcache\icam5ext.dll
2015-03-12 13:25 - 2001-08-17 22:34 - 00009216 ____C (IBM Corporation) C:\windows\system32\dllcache\ibmsgnet.dll
2015-03-12 13:25 - 2001-08-17 14:06 - 00154496 ____C (Microsoft Corporation) C:\windows\system32\dllcache\icam4usb.sys
2015-03-12 13:25 - 2001-08-17 14:06 - 00100992 ____C (Microsoft Corporation) C:\windows\system32\dllcache\icam5usb.sys
2015-03-12 13:25 - 2001-08-17 14:06 - 00038528 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ibmvcap.sys
2015-03-12 13:25 - 2001-08-17 14:05 - 00141056 ____C (Microsoft Corporation) C:\windows\system32\dllcache\icam3.sys
2015-03-12 13:25 - 2001-08-17 12:49 - 00058592 ____C (Intel Corporation) C:\windows\system32\dllcache\i740nt5.sys
2015-03-12 13:25 - 2001-08-17 12:12 - 00109085 ____C (IBM Corporation) C:\windows\system32\dllcache\ibmtrp.sys
2015-03-12 13:25 - 2001-08-17 12:12 - 00100936 ____C (IBM Corporation) C:\windows\system32\dllcache\ibmtok.sys
2015-03-12 13:25 - 2001-08-17 12:11 - 00028700 ____C (IBM Corp.) C:\windows\system32\dllcache\ibmexmp.sys
2015-03-12 13:24 - 2008-04-13 10:41 - 00018560 ____C (Microsoft Corporation) C:\windows\system32\dllcache\i2omp.sys
2015-03-12 13:24 - 2008-04-13 10:41 - 00008576 ____C (Microsoft Corporation) C:\windows\system32\dllcache\i2omgmt.sys
2015-03-12 13:24 - 2001-08-17 14:56 - 00353184 ____C (Intel Corporation) C:\windows\system32\dllcache\i740dnt5.dll
2015-03-12 13:23 - 2001-08-17 22:36 - 00009759 ____C (Conexant) C:\windows\system32\dllcache\hsf_inst.dll
2015-03-12 13:23 - 2001-08-17 13:28 - 00542879 ____C (Conexant) C:\windows\system32\dllcache\hsf_msft.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00488383 ____C (Conexant) C:\windows\system32\dllcache\hsf_v124.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00391199 ____C (Conexant) C:\windows\system32\dllcache\hsf_k56k.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00289887 ____C (Conexant) C:\windows\system32\dllcache\hsf_fall.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00199711 ____C (Conexant) C:\windows\system32\dllcache\hsf_faxx.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00150239 ____C (Conexant) C:\windows\system32\dllcache\hsf_amos.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00115807 ____C (Conexant) C:\windows\system32\dllcache\hsf_fsks.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00073279 ____C (Conexant) C:\windows\system32\dllcache\hsf_spkp.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00067167 ____C (Conexant) C:\windows\system32\dllcache\hsf_bsc2.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00057471 ____C (Conexant) C:\windows\system32\dllcache\hsf_samp.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00050751 ____C (Conexant) C:\windows\system32\dllcache\hsf_tone.sys
2015-03-12 13:23 - 2001-08-17 13:28 - 00044863 ____C (Conexant) C:\windows\system32\dllcache\hsf_soar.sys
2015-03-12 13:22 - 2001-08-17 22:36 - 00324608 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpojwia.dll
2015-03-12 13:22 - 2001-08-17 22:36 - 00068608 ____C (Avisioin) C:\windows\system32\dllcache\hpgt53tk.dll
2015-03-12 13:22 - 2001-08-17 22:36 - 00032768 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpgtmcro.dll
2015-03-12 13:22 - 2001-08-17 22:36 - 00019456 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hr1w.dll
2015-03-12 13:22 - 2001-08-17 22:36 - 00013312 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpsjmcro.dll
2015-03-12 13:22 - 2001-08-17 14:07 - 00025952 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpn.sys
2015-03-12 13:22 - 2001-08-17 13:52 - 00005760 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpt4qic.sys
2015-03-12 13:21 - 2001-08-17 22:36 - 00165888 ____C () C:\windows\system32\dllcache\hpgt53.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00126976 ____C (Hewlett Packard) C:\windows\system32\dllcache\hpgt34tk.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00123392 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpgt21tk.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00119296 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpdigwia.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00101376 ____C () C:\windows\system32\dllcache\hpgt34.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00093696 ____C () C:\windows\system32\dllcache\hpgt42.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00089088 ____C () C:\windows\system32\dllcache\hpgt33.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00083968 ____C () C:\windows\system32\dllcache\hpgt21.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00048128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpgt33tk.dll
2015-03-12 13:21 - 2001-08-17 22:36 - 00031232 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hpgt42tk.dll
2015-03-12 13:20 - 2008-04-13 16:11 - 00021504 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hidserv.dll
2015-03-12 13:20 - 2008-04-13 10:36 - 00020352 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hidbatt.sys
2015-03-12 13:20 - 2001-08-17 14:02 - 00008576 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hidgame.sys
2015-03-12 13:20 - 2001-08-17 14:02 - 00002688 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hidswvd.sys
2015-03-12 13:19 - 2008-04-13 10:45 - 00059136 ____C (Microsoft Corporation) C:\windows\system32\dllcache\gckernel.sys
2015-03-12 13:19 - 2008-04-13 10:45 - 00010624 ____C (Microsoft Corporation) C:\windows\system32\dllcache\gameenum.sys
2015-03-12 13:19 - 2008-04-13 10:40 - 00028288 ____C (Gemplus) C:\windows\system32\dllcache\grserial.sys
2015-03-12 13:19 - 2004-08-03 23:31 - 00034173 ____C (Marconi Communications, Inc.) C:\windows\system32\dllcache\forehe.sys
2015-03-12 13:19 - 2001-08-17 22:36 - 00092160 ____C (Microsoft Corporation) C:\windows\system32\dllcache\fuusd.dll
2015-03-12 13:19 - 2001-08-17 22:36 - 00071680 ____C (Microsoft Corporation) C:\windows\system32\dllcache\fnfilter.dll
2015-03-12 13:19 - 2001-08-17 14:56 - 01733120 ____C (Matrox Graphics Inc.) C:\windows\system32\dllcache\g400d.dll
2015-03-12 13:19 - 2001-08-17 14:56 - 00470144 ____C (Matrox Graphics Inc.) C:\windows\system32\dllcache\g200d.dll
2015-03-12 13:19 - 2001-08-17 13:51 - 00082304 ____C (Gemplus) C:\windows\system32\dllcache\grclass.sys
2015-03-12 13:19 - 2001-08-17 13:51 - 00017408 ____C (Gemplus) C:\windows\system32\dllcache\gpr400.sys
2015-03-12 13:19 - 2001-08-17 13:28 - 00907456 ____C (Conexant) C:\windows\system32\dllcache\hcf_msft.sys
2015-03-12 13:19 - 2001-08-17 12:49 - 00322432 ____C (Matrox Graphics Inc.) C:\windows\system32\dllcache\g400m.sys
2015-03-12 13:19 - 2001-08-17 12:49 - 00320384 ____C (Matrox Graphics Inc.) C:\windows\system32\dllcache\g200m.sys
2015-03-12 13:19 - 2001-08-17 12:15 - 00455680 ____C (AVM GmbH) C:\windows\system32\dllcache\fus2base.sys
2015-03-12 13:19 - 2001-08-17 12:15 - 00455296 ____C (AVM GmbH) C:\windows\system32\dllcache\fusbbase.sys
2015-03-12 13:19 - 2001-08-17 12:15 - 00454912 ____C (AVM GmbH) C:\windows\system32\dllcache\fxusbase.sys
2015-03-12 13:19 - 2001-08-17 12:15 - 00442240 ____C (AVM GmbH) C:\windows\system32\dllcache\fpnpbase.sys
2015-03-12 13:19 - 2001-08-17 12:14 - 00444416 ____C (AVM GmbH) C:\windows\system32\dllcache\fpcibase.sys
2015-03-12 13:19 - 2001-08-17 12:14 - 00441728 ____C (AVM GmbH) C:\windows\system32\dllcache\fpcmbase.sys
2015-03-12 13:18 - 2004-08-03 23:32 - 00137088 ____C (ESS Technology, Inc.) C:\windows\system32\dllcache\essm2e.sys
2015-03-12 13:18 - 2001-08-17 22:36 - 00061952 ____C (Equinox Systems Inc.) C:\windows\system32\dllcache\eqnloop.exe
2015-03-12 13:18 - 2001-08-17 22:36 - 00053248 ____C (Equinox Systems Inc.) C:\windows\system32\dllcache\eqndiag.exe
2015-03-12 13:18 - 2001-08-17 22:36 - 00051200 ____C (Equinox Systems Inc.) C:\windows\system32\dllcache\eqnlogr.exe
2015-03-12 13:18 - 2001-08-17 22:36 - 00045568 ____C (SEIKO EPSON CORP.) C:\windows\system32\dllcache\esunib.dll
2015-03-12 13:18 - 2001-08-17 22:36 - 00045568 ____C (SEIKO EPSON CORP.) C:\windows\system32\dllcache\esuni.dll
2015-03-12 13:18 - 2001-08-17 22:36 - 00043008 ____C (SEIKO EPSON CORP.) C:\windows\system32\dllcache\esucm.dll
2015-03-12 13:18 - 2001-08-17 22:36 - 00034816 ____C (SEIKO EPSON CORP.) C:\windows\system32\dllcache\esuimg.dll
2015-03-12 13:18 - 2001-08-17 13:53 - 00007296 ____C (Microsoft Corporation) C:\windows\system32\dllcache\elmsmc.sys
2015-03-12 13:18 - 2001-08-17 13:52 - 00007040 ____C (Microsoft Corporation) C:\windows\system32\dllcache\exabyte2.sys
2015-03-12 13:18 - 2001-08-17 13:50 - 00144896 ____C (Microsoft Corporation) C:\windows\system32\dllcache\epcfw2k.sys
2015-03-12 13:18 - 2001-08-17 13:50 - 00114944 ____C (Microsoft Corporation) C:\windows\system32\dllcache\epstw2k.sys
2015-03-12 13:18 - 2001-08-17 13:46 - 00006400 ____C (Microsoft Corporation) C:\windows\system32\dllcache\enum1394.sys
2015-03-12 13:18 - 2001-08-17 13:28 - 00634134 ____C (3Com Corporation) C:\windows\system32\dllcache\el656ct5.sys
2015-03-12 13:18 - 2001-08-17 13:28 - 00595647 ____C (ESS Technology, Inc.) C:\windows\system32\dllcache\es56cvmp.sys
2015-03-12 13:18 - 2001-08-17 13:28 - 00594238 ____C (ESS Technology, Inc.) C:\windows\system32\dllcache\es56hpi.sys
2015-03-12 13:18 - 2001-08-17 13:28 - 00347550 ____C (ESS Technology, Inc.) C:\windows\system32\dllcache\es56tpi.sys
2015-03-12 13:18 - 2001-08-17 13:28 - 00241206 ____C (3Com Corporation) C:\windows\system32\dllcache\el656se5.sys
2015-03-12 13:18 - 2001-08-17 12:19 - 00283904 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\emu10k1m.sys
2015-03-12 13:18 - 2001-08-17 12:19 - 00174464 ____C (ESS Technology, Inc.) C:\windows\system32\dllcache\es198x.sys
2015-03-12 13:18 - 2001-08-17 12:19 - 00072192 ____C (ESS Technology Inc.) C:\windows\system32\dllcache\es1969.sys
2015-03-12 13:18 - 2001-08-17 12:19 - 00063360 ____C (ESS Technology, Inc.) C:\windows\system32\dllcache\ess.sys
2015-03-12 13:18 - 2001-08-17 12:19 - 00040704 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\es1371mp.sys
2015-03-12 13:18 - 2001-08-17 12:19 - 00037120 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\es1370mp.sys
2015-03-12 13:18 - 2001-08-17 12:17 - 00629952 ____C (Equinox Systems Inc.) C:\windows\system32\dllcache\eqn.sys
2015-03-12 13:18 - 2001-08-17 12:12 - 00024618 ____C (NETGEAR) C:\windows\system32\dllcache\fa410nd5.sys
2015-03-12 13:18 - 2001-08-17 12:12 - 00018503 ____C (Intel Corporation) C:\windows\system32\dllcache\epro4.sys
2015-03-12 13:18 - 2001-08-17 12:12 - 00016998 ____C (Intel Corporation) C:\windows\system32\dllcache\ex10.sys
2015-03-12 13:18 - 2001-08-17 12:12 - 00016074 ____C (NETGEAR Corp.) C:\windows\system32\dllcache\fa312nd5.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00455199 ____C (3Com Corporation.) C:\windows\system32\dllcache\el985n51.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00171520 ____C (3Com Corporation) C:\windows\system32\dllcache\el99xn51.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00153631 ____C (3Com Corporation) C:\windows\system32\dllcache\el90xnd5.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00077386 ____C (3Com Corporation) C:\windows\system32\dllcache\el656nd5.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00070174 ____C (3Com Corporation) C:\windows\system32\dllcache\el98xn5.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00069194 ____C (3Com Corporation) C:\windows\system32\dllcache\el656cd5.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00066591 ____C (3Com Corporation) C:\windows\system32\dllcache\el90xbc5.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00012362 ____C (FUJITSU LIMITED) C:\windows\system32\dllcache\f3ab18xi.sys
2015-03-12 13:18 - 2001-08-17 12:11 - 00011850 ____C (FUJITSU LIMITED) C:\windows\system32\dllcache\f3ab18xj.sys
2015-03-12 13:18 - 2001-08-17 12:10 - 00069692 ____C (3Com Corporation) C:\windows\system32\dllcache\el575nd5.sys
2015-03-12 13:18 - 2001-08-17 12:10 - 00026141 ____C (3Com Corporation) C:\windows\system32\dllcache\el589nd5.sys
2015-03-12 13:18 - 2001-08-17 12:10 - 00025159 ____C (3Com Corporation) C:\windows\system32\dllcache\elnk3.sys
2015-03-12 13:18 - 2001-08-17 12:10 - 00022090 ____C (3Com Corporation) C:\windows\system32\dllcache\fem556n5.sys
2015-03-12 13:18 - 2001-08-17 12:10 - 00019996 ____C (3Com Corporation) C:\windows\system32\dllcache\em556n4.sys
2015-03-12 13:17 - 2001-08-17 12:12 - 00117760 ____C (Intel Corporation) C:\windows\system32\dllcache\e100b325.sys
2015-03-12 13:17 - 2001-08-17 12:12 - 00050719 ____C (Intel Corporation) C:\windows\system32\dllcache\e1000nt5.sys
2015-03-12 13:17 - 2001-08-17 12:12 - 00019594 ____C (Intel Corporation) C:\windows\system32\dllcache\e100isa4.sys
2015-03-12 13:17 - 2001-08-17 12:10 - 00055999 ____C (3Com Corporation) C:\windows\system32\dllcache\el556nd5.sys
2015-03-12 13:17 - 2001-08-17 12:10 - 00044103 ____C (3Com Corporation) C:\windows\system32\dllcache\el515.sys
2015-03-12 13:17 - 2001-08-17 12:10 - 00024653 ____C (3Com Corporation) C:\windows\system32\dllcache\el574nd4.sys
2015-03-12 13:16 - 2008-04-13 16:12 - 00020992 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dshowext.ax
2015-03-12 13:16 - 2001-08-17 12:20 - 00334208 ____C (Yamaha Corp.) C:\windows\system32\dllcache\ds1wdm.sys
2015-03-12 13:15 - 2001-08-17 14:07 - 00020192 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dpti2o.sys
2015-03-12 13:14 - 2001-08-17 13:47 - 00023808 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dot4usb.sys
2015-03-12 13:14 - 2001-08-17 13:47 - 00008704 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dot4scan.sys
2015-03-12 13:14 - 2001-08-17 12:12 - 00028062 ____C (National Semiconductor Coproration) C:\windows\system32\dllcache\dp83820.sys
2015-03-12 13:13 - 2008-04-13 10:39 - 00206976 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dot4.sys
2015-03-12 13:13 - 2001-08-17 13:47 - 00012928 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dot4prt.sys
2015-03-12 13:11 - 2008-04-13 10:40 - 00008320 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dlttape.sys
2015-03-12 13:11 - 2001-08-17 22:36 - 00614429 ____C (Digi International Inc.) C:\windows\system32\dllcache\digiview.exe
2015-03-12 13:11 - 2001-08-17 22:36 - 00236060 ____C (Eicon Technology) C:\windows\system32\dllcache\ditrace.exe
2015-03-12 13:11 - 2001-08-17 22:36 - 00038985 ____C (Eicon Technology) C:\windows\system32\dllcache\disrvsu.dll
2015-03-12 13:11 - 2001-08-17 22:36 - 00037962 ____C () C:\windows\system32\dllcache\divaprop.dll
2015-03-12 13:11 - 2001-08-17 22:36 - 00031305 ____C (Eicon Technology) C:\windows\system32\dllcache\disrvpp.dll
2015-03-12 13:11 - 2001-08-17 22:36 - 00029768 ____C () C:\windows\system32\dllcache\divasu.dll
2015-03-12 13:11 - 2001-08-17 22:36 - 00006729 ____C (Eicon Technology) C:\windows\system32\dllcache\disrvci.dll
2015-03-12 13:11 - 2001-08-17 22:36 - 00006216 ____C () C:\windows\system32\dllcache\divaci.dll
2015-03-12 13:11 - 2001-08-17 12:17 - 00042432 ____C (Digi International, Inc.) C:\windows\system32\dllcache\digirlpt.sys
2015-03-12 13:11 - 2001-08-17 12:14 - 00952007 ____C (Eicon Technology) C:\windows\system32\dllcache\diwan.sys
2015-03-12 13:11 - 2001-08-17 12:13 - 00091305 ____C (Eicon Technology) C:\windows\system32\dllcache\dimaint.sys
2015-03-12 13:11 - 2001-08-17 12:11 - 00029696 ____C (CNet Technology, Inc. ) C:\windows\system32\dllcache\dm9pci5.sys
2015-03-12 13:11 - 2001-08-17 12:11 - 00026698 ____C (D-Link Corporation) C:\windows\system32\dllcache\dlh5xnd5.sys
2015-03-12 13:10 - 2001-08-17 22:36 - 00419357 ____C (Digi International) C:\windows\system32\dllcache\dgconfig.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00256512 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\devcon32.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00229462 ____C (Digi International Inc.) C:\windows\system32\dllcache\digifwrk.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00159828 ____C (Digi International Inc.) C:\windows\system32\dllcache\digihlc.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00131156 ____C (Digi International Inc.) C:\windows\system32\dllcache\digidbp.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00110621 ____C (Digi International, Inc.) C:\windows\system32\dllcache\digirlpt.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00110592 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dc260usd.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00102484 ____C (Digi International Inc.) C:\windows\system32\dllcache\digiinf.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00086016 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dc240usd.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00080896 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dc210usd.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00065622 ____C (Digi International Inc.) C:\windows\system32\dllcache\digiasyn.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00041046 ____C (Digi International Inc.) C:\windows\system32\dllcache\digiisdn.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00025600 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dc210_32.dll
2015-03-12 13:10 - 2001-08-17 22:36 - 00024064 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\devldr32.exe
2015-03-12 13:10 - 2001-08-17 13:52 - 00007424 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ddsmc.sys
2015-03-12 13:10 - 2001-08-17 12:17 - 00090525 ____C (Digi International Inc.) C:\windows\system32\dllcache\digifep5.sys
2015-03-12 13:10 - 2001-08-17 12:17 - 00029531 ____C (Digi International Inc.) C:\windows\system32\dllcache\dgapci.sys
2015-03-12 13:10 - 2001-08-17 12:14 - 00021606 ____C (Digi International Inc.) C:\windows\system32\dllcache\digiisdn.sys
2015-03-12 13:10 - 2001-08-17 12:13 - 00103044 ____C (Digi International Inc.) C:\windows\system32\dllcache\digidxb.sys
2015-03-12 13:10 - 2001-08-17 12:13 - 00037735 ____C (Digi International Inc.) C:\windows\system32\dllcache\digiasyn.sys
2015-03-12 13:10 - 2001-08-17 12:12 - 00063208 ____C (Intel Corporation.) C:\windows\system32\dllcache\dc21x4.sys
2015-03-12 13:10 - 2001-08-17 12:11 - 00024649 ____C (D-Link) C:\windows\system32\dllcache\dfe650d.sys
2015-03-12 13:10 - 2001-08-17 12:11 - 00024648 ____C (D-Link) C:\windows\system32\dllcache\dfe650.sys
2015-03-12 13:10 - 2001-08-17 12:11 - 00020928 ____C (Digital Networks, LLC) C:\windows\system32\dllcache\defpa.sys
2015-03-12 13:09 - 2001-08-17 13:52 - 00179584 ____C (Mylex Corporation) C:\windows\system32\dllcache\dac2w2k.sys
2015-03-12 13:09 - 2001-08-17 13:52 - 00014720 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dac960nt.sys
2015-03-12 13:08 - 2008-04-13 16:11 - 00249856 ____C (Comtrol® Corporation) C:\windows\system32\dllcache\ctmasetp.dll
2015-03-12 13:08 - 2008-04-13 10:36 - 00013952 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cmbatt.sys
2015-03-12 13:08 - 2008-04-13 10:36 - 00010240 ____C (Microsoft Corporation) C:\windows\system32\dllcache\compbatt.sys
2015-03-12 13:08 - 2004-08-03 23:32 - 00048640 ____C (Crystal Semiconductor Corp.) C:\windows\system32\dllcache\cwrwdm.sys
2015-03-12 13:08 - 2001-08-17 22:36 - 00216064 ____C (COMPAQ Inc.) C:\windows\system32\dllcache\cpscan.dll
2015-03-12 13:08 - 2001-08-17 22:36 - 00175104 ____C (Microsoft Corporation) C:\windows\system32\dllcache\csamsp.dll
2015-03-12 13:08 - 2001-08-17 22:36 - 00044032 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cnusd.dll
2015-03-12 13:08 - 2001-08-17 22:36 - 00028672 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cyycoins.dll
2015-03-12 13:08 - 2001-08-17 22:36 - 00027648 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cyzports.dll
2015-03-12 13:08 - 2001-08-17 22:36 - 00027648 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cyyports.dll
2015-03-12 13:08 - 2001-08-17 22:36 - 00027136 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cyzcoins.dll
2015-03-12 13:08 - 2001-08-17 22:36 - 00004096 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\ctwdm32.dll
2015-03-12 13:08 - 2001-08-17 14:56 - 00170880 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cl546x.dll
2015-03-12 13:08 - 2001-08-17 13:57 - 00248064 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cl546xm.sys
2015-03-12 13:08 - 2001-08-17 13:52 - 00014976 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cpqarray.sys
2015-03-12 13:08 - 2001-08-17 13:51 - 00020736 ____C (OMNIKEY AG) C:\windows\system32\dllcache\cmbp0wdm.sys
2015-03-12 13:08 - 2001-08-17 13:51 - 00006656 ____C (CMD Technology, Inc.) C:\windows\system32\dllcache\cmdide.sys
2015-03-12 13:08 - 2001-08-17 13:50 - 00050176 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cyyport.sys
2015-03-12 13:08 - 2001-08-17 13:50 - 00049792 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cyzport.sys
2015-03-12 13:08 - 2001-08-17 13:50 - 00017152 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cyclad-z.sys
2015-03-12 13:08 - 2001-08-17 13:50 - 00014848 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cyclom-y.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00111872 ____C (Crystal Semiconductor Corp.) C:\windows\system32\dllcache\cwcspud.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00096256 ____C (Copyright © Creative Technology Ltd. 1994-2001) C:\windows\system32\dllcache\ctlsb16.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00093952 ____C (Crystal Semiconductor Corp.) C:\windows\system32\dllcache\cwcwdm.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00072832 ____C (Crystal Semiconductor Corp.) C:\windows\system32\dllcache\cwbwdm.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00042112 ____C (Conexant Systems Inc.) C:\windows\system32\dllcache\crtaud.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00006912 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\ctlfacem.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00003712 ____C (Creative Technology Ltd.) C:\windows\system32\dllcache\ctljystk.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00003584 ____C (Crystal Semiconductor Corp.) C:\windows\system32\dllcache\cwcosnt5.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00003072 ____C (Crystal Semiconductor Corp.) C:\windows\system32\dllcache\cwbmidi.sys
2015-03-12 13:08 - 2001-08-17 12:19 - 00003072 ____C (Crystal Semiconductor Corp.) C:\windows\system32\dllcache\cwbase.sys
2015-03-12 13:08 - 2001-08-17 12:13 - 00021533 ____C (Compaq Computer Corporation) C:\windows\system32\dllcache\cpqndis5.sys
2015-03-12 13:08 - 2001-08-17 12:12 - 00117760 ____C (Intel Corporation) C:\windows\system32\dllcache\d100ib5.sys
2015-03-12 13:08 - 2001-08-17 12:11 - 00060970 ____C (Compaq Computer Corp.) C:\windows\system32\dllcache\cpqtrnd5.sys
2015-03-12 13:08 - 2001-08-17 12:11 - 00039936 ____C (Conexant Systems, Inc.) C:\windows\system32\dllcache\cnxt1803.sys
2015-03-12 13:07 - 2008-04-13 16:11 - 00121856 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camext30.dll
2015-03-12 13:07 - 2008-04-13 10:40 - 00008192 ____C (Microsoft Corporation) C:\windows\system32\dllcache\changer.sys
2015-03-12 13:07 - 2003-03-31 07:00 - 00177698 ____C () C:\windows\system32\dllcache\c_20949.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00173602 ____C () C:\windows\system32\dllcache\c_20936.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066594 ____C () C:\windows\system32\dllcache\c_864.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066594 ____C () C:\windows\system32\dllcache\c_862.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066594 ____C () C:\windows\system32\dllcache\c_858.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066594 ____C () C:\windows\system32\dllcache\c_720.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_870.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_708.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_28596.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_21027.nls
2015-03-12 13:07 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_21025.nls
2015-03-12 13:07 - 2001-08-17 22:37 - 00244224 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camext20.ax
2015-03-12 13:07 - 2001-08-17 22:37 - 00116736 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camext30.ax
2015-03-12 13:07 - 2001-08-17 22:37 - 00073216 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camexo20.ax
2015-03-12 13:07 - 2001-08-17 22:36 - 00236032 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camext20.dll
2015-03-12 13:07 - 2001-08-17 22:36 - 00074240 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camexo20.dll
2015-03-12 13:07 - 2001-08-17 22:36 - 00032256 ____C (Eicon Technology Corporation) C:\windows\system32\dllcache\diapi2NT.dll
2015-03-12 13:07 - 2001-08-17 14:56 - 00111232 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cl5465.dll
2015-03-12 13:07 - 2001-08-17 14:56 - 00091264 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cirrus.dll
2015-03-12 13:07 - 2001-08-17 14:05 - 00314752 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camdro21.sys
2015-03-12 13:07 - 2001-08-17 14:04 - 00223232 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camdrv21.sys
2015-03-12 13:07 - 2001-08-17 14:04 - 00171264 ____C (Microsoft Corporation) C:\windows\system32\dllcache\camdrv30.sys
2015-03-12 13:07 - 2001-08-17 14:02 - 00272640 ____C (RAVISENT Technologies Inc.) C:\windows\system32\dllcache\cinemclc.sys
2015-03-12 13:07 - 2001-08-17 13:57 - 00045696 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cirrus.sys
2015-03-12 13:07 - 2001-08-17 13:52 - 00007680 ____C (Microsoft Corporation) C:\windows\system32\dllcache\cd20xrnt.sys
2015-03-12 13:07 - 2001-08-17 13:28 - 00714698 ____C (Xircom, Inc.) C:\windows\system32\dllcache\cbmdmkxx.sys
2015-03-12 13:07 - 2001-08-17 12:13 - 00980034 ____C (Xircom) C:\windows\system32\dllcache\cicap.sys
2015-03-12 13:07 - 2001-08-17 12:13 - 00164923 ____C (Eicon Technology) C:\windows\system32\dllcache\diapi2.sys
2015-03-12 13:07 - 2001-08-17 12:13 - 00049182 ____C (Xircom, Inc.) C:\windows\system32\dllcache\cem56n5.sys
2015-03-12 13:07 - 2001-08-17 12:13 - 00046108 ____C (Xircom, Inc.) C:\windows\system32\dllcache\cben5.sys
2015-03-12 13:07 - 2001-08-17 12:13 - 00027164 ____C (Xircom, Inc.) C:\windows\system32\dllcache\ce3n5.sys
2015-03-12 13:07 - 2001-08-17 12:13 - 00022044 ____C (Xircom, Inc.) C:\windows\system32\dllcache\cem33n5.sys
2015-03-12 13:07 - 2001-08-17 12:13 - 00022044 ____C (Xircom, Inc.) C:\windows\system32\dllcache\cem28n5.sys
2015-03-12 13:07 - 2001-08-17 12:13 - 00021530 ____C (Xircom, Inc.) C:\windows\system32\dllcache\ce2n5.sys
2015-03-12 13:07 - 2001-08-17 12:12 - 00039680 ____C (Silicom Ltd.) C:\windows\system32\dllcache\cb325.sys
2015-03-12 13:07 - 2001-08-17 12:12 - 00037916 ____C (Fast Ethernet Controller Provider) C:\windows\system32\dllcache\cb102.sys
2015-03-12 13:06 - 2003-03-31 07:00 - 00180770 ____C () C:\windows\system32\dllcache\c_20932.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20924.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20880.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20871.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20838.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20833.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20424.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20423.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20420.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20297.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20290.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20285.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20284.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20280.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20278.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20277.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20273.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20269.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20108.nls
2015-03-12 13:06 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20107.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00189986 ____C () C:\windows\system32\dllcache\c_1361.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00187938 ____C () C:\windows\system32\dllcache\c_20005.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00186402 ____C () C:\windows\system32\dllcache\c_20001.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00185378 ____C () C:\windows\system32\dllcache\c_20003.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00180258 ____C () C:\windows\system32\dllcache\c_20004.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00180258 ____C () C:\windows\system32\dllcache\c_20000.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00173602 ____C () C:\windows\system32\dllcache\c_20002.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20106.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_20105.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1149.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1148.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1147.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1146.nls
2015-03-12 13:05 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1145.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00195618 ____C () C:\windows\system32\dllcache\c_10002.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00177698 ____C () C:\windows\system32\dllcache\c_10003.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00173602 ____C () C:\windows\system32\dllcache\c_10008.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00162850 ____C () C:\windows\system32\dllcache\c_10001.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1144.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1143.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1142.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1141.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1140.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_1047.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_10021.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_10005.nls
2015-03-12 13:04 - 2003-03-31 07:00 - 00066082 ____C () C:\windows\system32\dllcache\c_10004.nls
2015-03-12 13:03 - 2001-08-17 13:51 - 00013824 ____C (Microsoft Corporation) C:\windows\system32\dllcache\bulltlp3.sys
2015-03-12 13:02 - 2001-08-17 13:12 - 00010368 ____C (Brother Industries Ltd.) C:\windows\system32\dllcache\brusbscn.sys
2015-03-12 13:02 - 2001-08-17 12:11 - 00031529 ____C (BreezeCOM) C:\windows\system32\dllcache\brzwlan.sys
2015-03-12 13:01 - 2001-08-17 22:36 - 00009728 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brserif.dll
2015-03-12 13:01 - 2001-08-17 22:36 - 00005120 ____C (Brother Industries,Ltd.) C:\windows\system32\dllcache\brscnrsm.dll
2015-03-12 13:01 - 2001-08-17 13:12 - 00060416 ____C (Brother Industries Ltd.) C:\windows\system32\dllcache\brserwdm.sys
2015-03-12 13:01 - 2001-08-17 13:12 - 00011008 ____C (Brother Industries Ltd.) C:\windows\system32\dllcache\brusbmdm.sys
2015-03-12 13:00 - 2003-03-31 07:00 - 00082172 ____C () C:\windows\system32\dllcache\bopomofo.nls
2015-03-12 13:00 - 2001-08-17 22:36 - 00081408 ____C (Microsoft Corporation) C:\windows\system32\dllcache\brmfcwia.dll
2015-03-12 13:00 - 2001-08-17 22:36 - 00041472 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brmfusb.dll
2015-03-12 13:00 - 2001-08-17 22:36 - 00032256 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brmfrsmg.exe
2015-03-12 13:00 - 2001-08-17 22:36 - 00029696 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brmflpt.dll
2015-03-12 13:00 - 2001-08-17 22:36 - 00019456 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brbidiif.dll
2015-03-12 13:00 - 2001-08-17 22:36 - 00015360 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brmfbidi.dll
2015-03-12 13:00 - 2001-08-17 22:36 - 00012800 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brevif.dll
2015-03-12 13:00 - 2001-08-17 22:36 - 00009728 ____C (Brother Industries Ltd.) C:\windows\system32\dllcache\brcoinst.dll
2015-03-12 13:00 - 2001-08-17 13:12 - 00039552 ____C (Brother Industries Ltd.) C:\windows\system32\dllcache\brparwdm.sys
2015-03-12 13:00 - 2001-08-17 13:12 - 00012160 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brfiltlo.sys
2015-03-12 13:00 - 2001-08-17 13:12 - 00003968 ____C (Brother Industries, Ltd.) C:\windows\system32\dllcache\brfiltup.sys
2015-03-12 13:00 - 2001-08-17 13:12 - 00003168 ____C (Brother Industries Ltd.) C:\windows\system32\dllcache\brparimg.sys
2015-03-12 13:00 - 2001-08-17 13:12 - 00002944 ____C (Brother Industries Ltd.) C:\windows\system32\dllcache\brfilt.sys
2015-03-12 12:59 - 2008-04-13 16:12 - 00018432 ____C (Microsoft Corporation) C:\windows\system32\dllcache\bdaplgin.ax
2015-03-12 12:59 - 2008-04-13 10:46 - 00013696 ____C (Microsoft Corporation) C:\windows\system32\dllcache\avcstrm.sys
2015-03-12 12:59 - 2008-04-13 10:46 - 00011776 ____C (Microsoft Corporation) C:\windows\system32\dllcache\bdasup.sys
2015-03-12 12:59 - 2008-04-13 10:36 - 00014208 ____C (Microsoft Corporation) C:\windows\system32\dllcache\battc.sys
2015-03-12 12:59 - 2003-03-31 07:00 - 00066728 ____C () C:\windows\system32\dllcache\big5.nls
2015-03-12 12:59 - 2001-08-17 22:36 - 00144384 ____C (AVM GmbH) C:\windows\system32\dllcache\avmenum.dll
2015-03-12 12:59 - 2001-08-17 22:36 - 00102400 ____C (Microsoft Corporation) C:\windows\system32\dllcache\binlsvc.dll
2015-03-12 12:59 - 2001-08-17 22:36 - 00087552 ____C (AVM GmbH) C:\windows\system32\dllcache\avmcoxp.dll
2015-03-12 12:59 - 2001-08-17 14:56 - 00342336 ____C (3Dfx Interactive, Inc.) C:\windows\system32\dllcache\banshee.dll
2015-03-12 12:59 - 2001-08-17 14:01 - 00036096 ____C (Microsoft Corporation) C:\windows\system32\dllcache\avcaudio.sys
2015-03-12 12:59 - 2001-08-17 13:28 - 00871388 ____C (BCM) C:\windows\system32\dllcache\bcmdm.sys
2015-03-12 12:59 - 2001-08-17 12:48 - 00036128 ____C (3Dfx Interactive, Inc.) C:\windows\system32\dllcache\banshee.sys
2015-03-12 12:59 - 2001-08-17 12:19 - 00036992 ____C (Aztech Systems Ltd) C:\windows\system32\dllcache\aztw2320.sys
2015-03-12 12:59 - 2001-08-17 12:13 - 00089952 ____C (AVM GmbH) C:\windows\system32\dllcache\b1cbase.sys
2015-03-12 12:59 - 2001-08-17 12:13 - 00037568 ____C (AVM GmbH) C:\windows\system32\dllcache\avmwan.sys
2015-03-12 12:59 - 2001-08-17 12:11 - 00096640 ____C (Broadcom Corporation) C:\windows\system32\dllcache\b57xp32.sys
2015-03-12 12:59 - 2001-08-17 12:11 - 00066557 ____C (Broadcom Corporation) C:\windows\system32\dllcache\bcm42u.sys
2015-03-12 12:59 - 2001-08-17 12:11 - 00054271 ____C (Broadcom Corporation) C:\windows\system32\dllcache\bcm42xx5.sys
2015-03-12 12:59 - 2001-08-17 12:11 - 00026568 ____C (Broadcom Corporation) C:\windows\system32\dllcache\bcm4e5.sys
2015-03-12 12:58 - 2008-04-13 10:46 - 00038912 ____C (Microsoft Corporation) C:\windows\system32\dllcache\avc.sys
2015-03-12 12:57 - 2001-08-17 12:49 - 00026624 ____C () C:\windows\system32\dllcache\ativxbar.sys
2015-03-12 12:57 - 2001-08-17 12:49 - 00023552 ____C () C:\windows\system32\dllcache\atixbar.sys
2015-03-12 12:57 - 2001-08-17 12:49 - 00019456 ____C () C:\windows\system32\dllcache\ativttxx.sys
2015-03-12 12:56 - 2001-08-17 14:56 - 00104832 ____C (ATI Technologies Inc.) C:\windows\system32\dllcache\atiraged.dll
2015-03-12 12:56 - 2001-08-17 12:49 - 00049920 ____C () C:\windows\system32\dllcache\atirtcap.sys
2015-03-12 12:56 - 2001-08-17 12:49 - 00026880 ____C () C:\windows\system32\dllcache\atirtsnd.sys
2015-03-12 12:56 - 2001-08-17 12:49 - 00017152 ____C () C:\windows\system32\dllcache\atitvsnd.sys
2015-03-12 12:56 - 2001-08-17 12:49 - 00017152 ____C () C:\windows\system32\dllcache\atitunep.sys
2015-03-12 12:56 - 2001-08-17 12:49 - 00010240 ____C () C:\windows\system32\dllcache\atipcxxx.sys
2015-03-12 12:56 - 2001-08-17 12:49 - 00009472 ____C () C:\windows\system32\dllcache\ativmdcd.sys
2015-03-12 12:56 - 2001-08-17 12:48 - 00070528 ____C (ATI Technologies Inc.) C:\windows\system32\dllcache\atiragem.sys
2015-03-12 12:55 - 2001-08-17 22:36 - 00037376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\atievxx.exe
2015-03-12 12:55 - 2001-08-17 12:49 - 00075136 ____C (ATI Technologies Inc.) C:\windows\system32\dllcache\atimpae.sys
2015-03-12 12:55 - 2001-08-17 12:48 - 00289664 ____C (ATI Technologies Inc.) C:\windows\system32\dllcache\atimpab.sys
2015-03-12 12:55 - 2001-08-17 12:48 - 00281600 ____C (ATI Technologies Inc.) C:\windows\system32\dllcache\atimtai.sys
2015-03-12 12:54 - 2001-08-17 14:56 - 00268160 ____C (ATI Technologies Inc.) C:\windows\system32\dllcache\atidvai.dll
2015-03-12 12:53 - 2001-08-17 14:56 - 00137216 ____C (ATI Technologies Inc.) C:\windows\system32\dllcache\atidrae.dll
2015-03-12 12:53 - 2001-08-17 14:55 - 00382592 ____C (ATI Technologies Inc.) C:\windows\system32\dllcache\atidrab.dll
2015-03-12 12:53 - 2001-08-17 14:55 - 00096128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ati.dll
2015-03-12 12:53 - 2001-08-17 13:57 - 00077568 ____C (ATI Technologies, Inc.) C:\windows\system32\dllcache\ati.sys
2015-03-12 12:53 - 2001-08-17 12:49 - 00046464 ____C () C:\windows\system32\dllcache\atibt829.sys
2015-03-12 12:52 - 2004-08-03 23:31 - 00036224 ____C (ADMtek Incorporated.) C:\windows\system32\dllcache\an983.sys
2015-03-12 12:52 - 2001-08-17 14:07 - 00056960 ____C (Microsoft Corporation) C:\windows\system32\dllcache\aic78xx.sys
2015-03-12 12:52 - 2001-08-17 14:07 - 00055168 ____C (Microsoft Corporation) C:\windows\system32\dllcache\aic78u2.sys
2015-03-12 12:52 - 2001-08-17 13:52 - 00026496 ____C (Advanced System Products, Inc.) C:\windows\system32\dllcache\asc.sys
2015-03-12 12:52 - 2001-08-17 13:52 - 00022400 ____C (Microsoft Corporation) C:\windows\system32\dllcache\asc3350p.sys
2015-03-12 12:52 - 2001-08-17 13:52 - 00012800 ____C (Microsoft Corporation) C:\windows\system32\dllcache\aha154x.sys
2015-03-12 12:52 - 2001-08-17 13:52 - 00012032 ____C (Microsoft Corporation) C:\windows\system32\dllcache\amsint.sys
2015-03-12 12:52 - 2001-08-17 13:51 - 00014848 ____C (Advanced System Products, Inc.) C:\windows\system32\dllcache\asc3550.sys
2015-03-12 12:52 - 2001-08-17 13:51 - 00005248 ____C (Acer Laboratories Inc.) C:\windows\system32\dllcache\aliide.sys
2015-03-12 12:52 - 2001-08-17 13:49 - 00026624 ____C (Acer Laboratories Inc.) C:\windows\system32\dllcache\alifir.sys
2015-03-12 12:52 - 2001-08-17 13:47 - 00006272 ____C (Microsoft Corporation) C:\windows\system32\dllcache\apmbatt.sys
2015-03-12 12:52 - 2001-08-17 12:12 - 00097354 ____C (Bay Networks, Inc.) C:\windows\system32\dllcache\aspndis3.sys
2015-03-12 12:52 - 2001-08-17 12:11 - 00027678 ____C (Acer Laboratories Inc.) C:\windows\system32\dllcache\ali5261.sys
2015-03-12 12:52 - 2001-08-17 12:11 - 00016969 ____C (AmbiCom, Inc.) C:\windows\system32\dllcache\amb8002.sys
2015-03-12 12:51 - 2001-08-17 22:37 - 00024576 ____C (Microsoft Corporation) C:\windows\system32\dllcache\agcgauge.ax
2015-03-12 12:44 - 2004-08-03 23:32 - 00010880 ____C (Aureal, Inc.) C:\windows\system32\dllcache\admjoy.sys
2015-03-12 12:44 - 2001-08-17 14:07 - 00101888 ____C (Microsoft Corporation) C:\windows\system32\dllcache\adpu160m.sys
2015-03-12 12:44 - 2001-08-17 13:53 - 00007424 ____C (Microsoft Corporation) C:\windows\system32\dllcache\adicvls.sys
2015-03-12 12:44 - 2001-08-17 12:19 - 00747392 ____C (Aureal, Inc.) C:\windows\system32\dllcache\adm8830.sys
2015-03-12 12:44 - 2001-08-17 12:19 - 00584448 ____C (Aureal, Inc.) C:\windows\system32\dllcache\adm8810.sys
2015-03-12 12:44 - 2001-08-17 12:19 - 00553984 ____C (Aureal, Inc.) C:\windows\system32\dllcache\adm8820.sys
2015-03-12 12:44 - 2001-08-17 12:11 - 00046112 ____C (Adaptec, Inc ) C:\windows\system32\dllcache\adptsf50.sys
2015-03-12 12:44 - 2001-08-17 12:11 - 00020160 ____C (ADMtek Incorporated) C:\windows\system32\dllcache\adm8511.sys
2015-03-12 12:43 - 2008-04-13 10:46 - 00053376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\1394bus.sys
2015-03-12 12:43 - 2008-04-13 10:46 - 00048128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\61883.sys
2015-03-12 12:43 - 2008-04-13 10:40 - 00012288 ____C (Microsoft Corporation) C:\windows\system32\dllcache\4mmdat.sys
2015-03-12 12:43 - 2004-08-03 23:32 - 00231552 ____C (Acer Laboratories Inc.) C:\windows\system32\dllcache\ac97ali.sys
2015-03-12 12:43 - 2004-08-03 23:32 - 00084480 ____C (VIA Technologies, Inc.) C:\windows\system32\dllcache\ac97via.sys
2015-03-12 12:43 - 2001-08-17 22:36 - 00462848 ____C (Aureal Inc.) C:\windows\system32\dllcache\a3dapi.dll
2015-03-12 12:43 - 2001-08-17 22:36 - 00098304 ____C (Aureal Semiconductor) C:\windows\system32\dllcache\a3d.dll
2015-03-12 12:43 - 2001-08-17 22:36 - 00061440 ____C (Color Flatbed Scanner) C:\windows\system32\dllcache\acerscad.dll
2015-03-12 12:43 - 2001-08-17 14:55 - 00689216 ____C (3dfx Interactive, Inc.) C:\windows\system32\dllcache\3dfxvs.dll
2015-03-12 12:43 - 2001-08-17 14:55 - 00038400 ____C (Microsoft Corporation) C:\windows\system32\dllcache\8514a.dll
2015-03-12 12:43 - 2001-08-17 14:06 - 00011264 ____C (Microsoft Corporation) C:\windows\system32\dllcache\1394vdbg.sys
2015-03-12 12:43 - 2001-08-17 13:52 - 00023552 ____C (Microsoft Corporation) C:\windows\system32\dllcache\abp480n5.sys
2015-03-12 12:43 - 2001-08-17 13:28 - 00762780 ____C (3Com, Inc.) C:\windows\system32\dllcache\3cwmcru.sys
2015-03-12 12:43 - 2001-08-17 12:48 - 00148352 ____C (3dfx Interactive, Inc.) C:\windows\system32\dllcache\3dfxvsm.sys
2015-03-12 12:43 - 2001-08-17 12:20 - 00297728 ____C (Silicon Integrated Systems Corp.) C:\windows\system32\dllcache\ac97sis.sys
2015-03-12 12:43 - 2001-08-17 12:20 - 00096256 ____C (Intel Corporation) C:\windows\system32\dllcache\ac97intc.sys
2015-03-12 12:42 - 2001-08-17 14:56 - 00066048 ____C (Microsoft Corporation) C:\windows\system32\dllcache\s3legacy.dll
2015-03-12 11:04 - 2015-03-12 11:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Adobe
2015-03-12 11:03 - 2015-03-12 11:03 - 00059184 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-03-12 11:03 - 2015-03-12 11:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2015-03-12 11:03 - 2015-03-12 11:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla
2015-03-12 10:43 - 2015-03-13 22:34 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\DoNotTrackPlus
2015-03-12 09:46 - 2015-03-14 03:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2015-03-12 09:35 - 2015-03-12 09:35 - 00003970 _____ () C:\windows\DPINST.LOG
2015-03-12 07:50 - 2015-03-12 07:50 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Adobe
2015-03-11 18:03 - 2015-04-10 18:04 - 00509331 _____ () C:\windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 18:02 - 2015-03-08 16:12 - 00000000 ___HD () C:\Documents and Settings\All Users\Application Data\{572AEF17-44EE-4628-95B5-4C1D51D77FED}
2015-04-10 18:02 - 2007-01-09 19:51 - 00000159 ____C () C:\windows\wiadebug.log
2015-04-10 18:01 - 2014-03-09 22:23 - 00000246 ____C () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-04-10 18:01 - 2007-01-10 05:00 - 00000006 ___HC () C:\windows\Tasks\SA.DAT
2015-04-10 18:01 - 2007-01-09 19:51 - 00000049 ____C () C:\windows\wiaservc.log
2015-04-10 17:59 - 2007-01-10 05:03 - 00032560 _____ () C:\windows\SchedLgU.Txt
2015-04-10 17:58 - 2007-01-10 05:05 - 00000178 __SHC () C:\Documents and Settings\Bryan Bridgewater\ntuser.ini
2015-04-10 17:56 - 2014-02-03 15:17 - 00000664 _____ () C:\windows\system32\d3d9caps.dat
2015-04-10 17:41 - 2012-06-22 11:41 - 00000830 ____C () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-10 17:21 - 2003-03-31 07:00 - 00013646 ____C () C:\windows\system32\wpa.dbl
2015-04-08 19:16 - 2003-03-31 07:00 - 00000259 _____ () C:\windows\system.ini
2015-04-08 19:15 - 2007-01-10 04:58 - 00000000 ____D () C:\windows\system32\Restore
2015-04-08 17:47 - 2014-03-09 22:23 - 00000240 ____C () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-04-07 23:10 - 2013-10-29 17:07 - 00000409 ____C () C:\Documents and Settings\Bryan Bridgewater\My Documents\mm0115.slh
2015-04-07 11:39 - 2007-01-10 04:57 - 00000000 ____D () C:\windows\Registration
2015-04-07 07:41 - 2014-02-02 17:26 - 00000664 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\d3d9caps.dat
2015-04-06 08:48 - 2007-01-10 05:03 - 00000178 __SHC () C:\Documents and Settings\LocalService\ntuser.ini
2015-04-05 22:16 - 2013-05-10 19:58 - 00000000 ____D () C:\gh
2015-04-05 02:17 - 2015-02-23 11:46 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-05 02:07 - 2007-01-11 05:24 - 00000116 ____C () C:\windows\NeroDigital.ini
2015-03-28 11:28 - 2007-01-10 05:03 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-03-26 02:47 - 2013-07-31 15:36 - 00000000 ____D () C:\windows\system32\MRT
2015-03-26 01:51 - 2010-02-27 04:33 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater\My Documents\JODY RESUME
2015-03-25 06:18 - 2009-09-18 01:54 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater\Application Data\HpUpdate
2015-03-23 23:37 - 2007-01-10 05:05 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater
2015-03-20 17:28 - 2013-02-05 17:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\smartluck
2015-03-20 17:28 - 2013-02-05 17:24 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\smartluck
2015-03-20 10:59 - 2015-02-23 13:07 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-20 10:59 - 2015-02-23 13:07 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-18 22:30 - 2007-01-11 03:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2015-03-18 17:44 - 2007-01-09 19:48 - 00523394 ____C () C:\windows\system32\PerfStringBackup.INI
2015-03-18 17:17 - 2007-01-09 19:41 - 00000000 ____D () C:\windows\repair
2015-03-18 14:30 - 2007-01-11 02:57 - 00059184 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-03-17 01:02 - 2007-08-15 08:39 - 00000000 __HDC () C:\windows\$NtUninstallKB936021$
2015-03-16 19:21 - 2009-10-22 23:20 - 00000000 ____D () C:\Documents and Settings\Bryan Bridgewater\Application Data\U3
2015-03-16 16:11 - 2015-02-23 02:29 - 00000000 ____D () C:\windows\system32\NtmsData
2015-03-15 20:17 - 2015-03-10 16:50 - 00000000 ____D () C:\windows\FrameworkUpdate
2015-03-14 03:48 - 2009-05-28 14:47 - 00000000 ____D () C:\Program Files\Common Files\Motive
2015-03-14 00:35 - 2007-01-09 19:47 - 00238352 ____C () C:\windows\system32\FNTCACHE.DAT
2015-03-13 19:21 - 2015-02-18 17:51 - 02031616 _____ () C:\windows\system32\config\WindowsPowerShell.evt
2015-03-12 11:16 - 2015-03-09 11:00 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-03-12 09:35 - 2007-01-10 05:28 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2014-02-02 17:26 - 2015-04-07 07:41 - 0000664 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\d3d9caps.dat
2007-01-12 01:35 - 2008-05-10 16:37 - 0198144 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-01-11 03:20 - 2007-01-11 03:20 - 0000140 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\fusioncache.dat
2015-04-08 21:23 - 2015-04-08 21:23 - 0023552 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
2010-04-24 19:54 - 2010-04-24 21:17 - 0000600 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\PUTTY.RND
2010-10-14 16:41 - 2010-10-30 03:36 - 0001940 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2013-05-11 00:57 - 2013-05-11 00:57 - 0000022 ____C () C:\Documents and Settings\All Users\New Compressed (zipped) Folder.zip

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================


  • 0

#23
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Bryan Bridgewater at 2015-04-10 18:16:20
Running from C:\Documents and Settings\Bryan Bridgewater\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advantage Plus (HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\{ABC80E95-873B-43A8-8C05-133BFAD2F76D}) (Version:  - )
AGEIA PhysX v6.12.02 (HKLM\...\{7032E73F-68A0-48F9-8100-E70E79169BAE}) (Version: 6.12.02 - AGEIA Technologies, Inc.)
CameraDrivers (Version: 7.0.0.310 - Hewlett-Packard) Hidden
CameraUserGuides (Version: 7.0.0.310 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
EVGA Display Driver (HKLM\...\{BEF3EFE7-5159-436D-9BF0-CCC633179EB4}) (Version: 1.00.000 - EVGA)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 4620 series Basic Device Software (HKLM\...\{C4E2A2F2-2A53-42C7-920A-169713776631}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Help (HKLM\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
HP Officejet 4620 series Product Improvement Study (HKLM\...\{5696CE5E-FD09-4DFF-82CE-DB87229F03DD}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Cameras 7.0 (HKLM\...\{4CE9FD0E-9D00-404a-AA78-F55537371611}) (Version: 7.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
hpicamDrvQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
LightScribe  1.6.43.1 (Version: 1.6.43.1 - http://www.lightscribe.com)Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Office XP Standard (HKLM\...\{91120409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB925673) (HKLM\...\{FE9126DB-5F84-495A-BB46-3C724F1C2D08}) (Version: 6.00.3888.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{F61DD673-0030-4BB2-A382-7E57E97F1033}) (Version: 7.02.8078 - Nero AG)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Smart Luck History Editor Version 1.0.1.21 (HKLM\...\{FA9C2068-9144-426E-A0A1-E10E62B5DDB2}_is1) (Version:  - Gail Howard's)
VIA Audio Driver Setup Program (HKLM\...\VIA Audio Driver Setup Program) (Version:  - )
VIA Rhine-Family Fast Ethernet Adapter (HKLM\...\VN_VUIns_Rhine_VIA) (Version:  - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1606980848-1801674531-839522115-1004_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Documents and Settings\Bryan Bridgewater\Application Data\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1606980848-1801674531-839522115-1004_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-1606980848-1801674531-839522115-1004_Classes\CLSID\{702EB635-D66F-4FAA-834C-97645FF24178}\InprocServer32 -> C:\Documents and Settings\All Users\Application Data\{572AEF17-44EE-4628-95B5-4C1D51D77FED}\ipsecsnp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1606980848-1801674531-839522115-1004_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\Bryan Bridgewater\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

==================== Restore Points  =========================

08-04-2015 19:15:55 System Checkpoint
10-04-2015 17:39:47 Restore Point Created by FRST

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2003-03-31 07:00 - 2015-04-08 19:15 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\windows\system32\xp_eos.exe
Task: C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\windows\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) ==============

2015-04-08 21:23 - 2015-04-08 21:23 - 00023552 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1606980848-1801674531-839522115-1004\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1606980848-1801674531-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1606980848-1801674531-839522115-1006 - Limited - Enabled)
Bryan Bridgewater (S-1-5-21-1606980848-1801674531-839522115-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Bryan Bridgewater
Guest (S-1-5-21-1606980848-1801674531-839522115-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1606980848-1801674531-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1606980848-1801674531-839522115-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: RAID Controller
Description: RAID Controller
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/08/2015 09:26:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 31.tmp, version 1.0.0.1, faulting module 31.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [31.tmp!ws!]

Error: (04/08/2015 09:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 30.tmp, version 1.0.0.1, faulting module 30.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [30.tmp!ws!]

Error: (04/08/2015 09:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 2f.tmp, version 1.0.0.1, faulting module 2f.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [2f.tmp!ws!]

Error: (04/08/2015 09:24:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 2e.tmp, version 1.0.0.1, faulting module 2e.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [2e.tmp!ws!]

Error: (04/08/2015 09:23:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 2d.tmp, version 1.0.0.1, faulting module 2d.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [2d.tmp!ws!]

Error: (04/08/2015 06:45:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 37.tmp, version 1.0.0.1, faulting module 37.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [37.tmp!ws!]

Error: (04/08/2015 06:42:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 35.tmp, version 1.0.0.1, faulting module 35.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [35.tmp!ws!]

Error: (04/08/2015 06:42:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 34.tmp, version 1.0.0.1, faulting module 34.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [34.tmp!ws!]

Error: (04/08/2015 06:42:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 33.tmp, version 1.0.0.1, faulting module 33.tmp, version 1.0.0.1, fault address 0x000087d1.
Processing media-specific event for [33.tmp!ws!]

Error: (04/08/2015 08:21:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application 5.tmp, version 2.1.0.5, faulting module 5.tmp, version 2.1.0.5, fault address 0x000087d1.
Processing media-specific event for [5.tmp!ws!]


System errors:
=============
Error: (04/10/2015 06:01:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error:
%%3

Error: (04/10/2015 05:23:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error:
%%3

Error: (04/10/2015 05:23:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the AntiVirSchedulerService service.

Error: (04/10/2015 05:23:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Driver Foundation - User-mode Driver Framework service failed to start due to the following error:
%%1053

Error: (04/10/2015 05:23:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Windows Driver Foundation - User-mode Driver Framework service to connect.

Error: (04/08/2015 07:47:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error:
%%3

Error: (04/08/2015 07:15:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error:
%%3

Error: (04/08/2015 05:33:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The System Restore Service service terminated with the following error:
%%2

Error: (04/08/2015 05:33:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error:
%%3

Error: (04/08/2015 05:33:11 PM) (Source: SRService) (EventID: 104) (User: )
Description: The System Restore initialization process failed.


Microsoft Office Sessions:
=========================
Error: (04/08/2015 09:26:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 31.tmp1.0.0.131.tmp1.0.0.1000087d1

Error: (04/08/2015 09:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 30.tmp1.0.0.130.tmp1.0.0.1000087d1

Error: (04/08/2015 09:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 2f.tmp1.0.0.12f.tmp1.0.0.1000087d1

Error: (04/08/2015 09:24:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 2e.tmp1.0.0.12e.tmp1.0.0.1000087d1

Error: (04/08/2015 09:23:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 2d.tmp1.0.0.12d.tmp1.0.0.1000087d1

Error: (04/08/2015 06:45:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 37.tmp1.0.0.137.tmp1.0.0.1000087d1

Error: (04/08/2015 06:42:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 35.tmp1.0.0.135.tmp1.0.0.1000087d1

Error: (04/08/2015 06:42:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 34.tmp1.0.0.134.tmp1.0.0.1000087d1

Error: (04/08/2015 06:42:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 33.tmp1.0.0.133.tmp1.0.0.1000087d1

Error: (04/08/2015 08:21:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 5.tmp2.1.0.55.tmp2.1.0.5000087d1


==================== Memory info ===========================

Processor: AMD Sempron™ 2400+
Percentage of memory in use: 99%
Total physical RAM: 959.48 MB
Available physical RAM: 3.95 MB
Total Pagefile: 2414.28 MB
Available Pagefile: 827.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1957.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:37.26 GB) (Free:19.9 GB) NTFS
Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (Cruzer) (Removable) (Total:3.74 GB) (Free:2.55 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37.3 GB) (Disk ID: AACBAACB)
Partition 1: (Active) - (Size=37.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I think I will need to do a rootkit scan as well, as the same bad ones were downloaded after we cleaned



CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\SUPERAntiSpyware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
Winlogon\Notify\gieymum: C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll ()
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [IewbOmaxv] => regsvr32.exe "C:\Documents and Settings\All Users\Application Data\IewbOmaxv\YodofAlkec.huu"
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [clicedos] => C:\windows\system32\audisrss.exe [473600 2015-04-08] (The Audacity Team)
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [gieymum] => rundll32 "C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll",gieymum
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
S2 NSL; "C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe" /s "NSL" /m "C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\diMaster.dll" /prefetch:1
R2 tmcomm; C:\WINDOWS\system32\drivers\tmcomm.sys [102664 2007-11-04] (Trend Micro Inc.)
2015-04-08 21:23 - 2015-04-08 21:23 - 00023552 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
2015-04-08 17:34 - 2015-04-08 18:43 - 00473600 _____ (The Audacity Team) C:\windows\system32\audisrss.exe
2015-04-10 18:02 - 2015-03-08 16:12 - 00000000 ___HD () C:\Documents and Settings\All Users\Application Data\{572AEF17-44EE-4628-95B5-4C1D51D77FED}
2015-04-05 22:16 - 2013-05-10 19:58 - 00000000 ____D () C:\gh
2007-01-12 01:35 - 2008-05-10 16:37 - 0198144 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-08 21:23 - 2015-04-08 21:23 - 0023552 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
2010-10-14 16:41 - 2010-10-30 03:36 - 0001940 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
C:\windows\system32\audisrss.exe
C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
C:\Documents and Settings\All Users\Application Data\IewbOmaxv
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#25
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

This fix really helped the computer. No error messages popped up and the Antivirus loaded again.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Bryan Bridgewater at 2015-04-11 10:29:30 Run:4
Running from C:\Documents and Settings\Bryan Bridgewater\Desktop
Loaded Profiles: Bryan Bridgewater (Available profiles: Bryan Bridgewater & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CreateRestorePoint:
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\SUPERAntiSpyware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
Winlogon\Notify\gieymum: C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll ()
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [IewbOmaxv] => regsvr32.exe "C:\Documents and Settings\All Users\Application Data\IewbOmaxv\YodofAlkec.huu"
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [clicedos] => C:\windows\system32\audisrss.exe [473600 2015-04-08] (The Audacity Team)
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\...\Run: [gieymum] => rundll32 "C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll",gieymum
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
S2 NSL; "C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe" /s "NSL" /m "C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\diMaster.dll" /prefetch:1
R2 tmcomm; C:\WINDOWS\system32\drivers\tmcomm.sys [102664 2007-11-04] (Trend Micro Inc.)
2015-04-08 21:23 - 2015-04-08 21:23 - 00023552 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
2015-04-08 17:34 - 2015-04-08 18:43 - 00473600 _____ (The Audacity Team) C:\windows\system32\audisrss.exe
2015-04-10 18:02 - 2015-03-08 16:12 - 00000000 ___HD () C:\Documents and Settings\All Users\Application Data\{572AEF17-44EE-4628-95B5-4C1D51D77FED}
2015-04-05 22:16 - 2013-05-10 19:58 - 00000000 ____D () C:\gh
2007-01-12 01:35 - 2008-05-10 16:37 - 0198144 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-08 21:23 - 2015-04-08 21:23 - 0023552 _____ () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
2010-10-14 16:41 - 2010-10-30 03:36 - 0001940 ____C () C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
C:\windows\system32\audisrss.exe
C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll
C:\Documents and Settings\All Users\Application Data\IewbOmaxv
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Restore point was successfully created.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gieymum" => Key deleted successfully.
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\IewbOmaxv => value deleted successfully.
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\clicedos => value deleted successfully.
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\gieymum => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1606980848-1801674531-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} => not found.
NSL => Service deleted successfully.
tmcomm => Service stopped successfully.
tmcomm => Service deleted successfully.
C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll => Moved successfully.
C:\windows\system32\audisrss.exe => Moved successfully.

"C:\Documents and Settings\All Users\Application Data\{572AEF17-44EE-4628-95B5-4C1D51D77FED}" directory move:

Could not move "C:\Documents and Settings\All Users\Application Data\{572AEF17-44EE-4628-95B5-4C1D51D77FED}" directory. => Scheduled to move on reboot.

C:\gh => Moved successfully.
C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
"C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll" => File/Directory not found.
C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini => Moved successfully.
"C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll" => File/Directory not found.
"C:\windows\system32\audisrss.exe" => File/Directory not found.
"C:\Documents and Settings\Bryan Bridgewater\Local Settings\Application Data\gieymum.dll" => File/Directory not found.
"C:\Documents and Settings\All Users\Application Data\IewbOmaxv" => File/Directory not found.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========


The operation completed successfully


========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========


The operation completed successfully


========= End of Reg: =========


========= RemoveProxy: =========

HKU\S-1-5-21-1606980848-1801674531-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-1606980848-1801674531-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.


========= End of RemoveProxy: =========


=========  netsh advfirewall reset =========

The following command was not found: advfirewall reset.

========= End of CMD: =========


=========  netsh advfirewall set allprofiles state ON =========

The following command was not found: advfirewall set allprofiles state ON.

========= End of CMD: =========


=========  ipconfig /flushdns =========



Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========= End of CMD: =========


=========  netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the machine in order to complete the reset.


========= End of CMD: =========


=========  netsh int ip reset c:\resetlog.txt =========



========= End of CMD: =========


=========  ipconfig /release =========



Windows IP Configuration





Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        IP Address. . . . . . . . . . . . : 0.0.0.0

        Subnet Mask . . . . . . . . . . . : 0.0.0.0

        Default Gateway . . . . . . . . . :


========= End of CMD: =========


=========  ipconfig /renew =========



Windows IP Configuration





Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : attlocal.net

        IP Address. . . . . . . . . . . . : 192.168.1.64

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.254


========= End of CMD: =========


=========  netsh int ipv4 reset =========

The following command was not found: int ipv4 reset.

========= End of CMD: =========


=========  netsh int ipv6 reset =========

IPv6 is not installed.


========= End of CMD: =========


=========  bitsadmin /reset /allusers =========

'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.

========= End of CMD: =========

EmptyTemp: => Removed 59.9 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-11 10:42:37)<=

C:\Documents and Settings\All Users\Application Data\{572AEF17-44EE-4628-95B5-4C1D51D77FED} => Is moved successfully.

==== End of Fixlog 10:42:37 ====


  • 0

Advertisements


#26
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-04-11 11:05:42
-----------------------------
11:05:42.171    OS Version: Windows 5.1.2600 Service Pack 3
11:05:42.171    Number of processors: 1 586 0x801
11:05:42.171    ComputerName: DEBRA  UserName:
11:05:43.796    Initialize success
11:05:43.906    VM: initialized successfully
11:05:43.906    VM: Amd CPU virtualization not supported
11:13:09.093    AVAST engine defs: 15041100
11:22:52.546    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:22:52.562    Disk 0 Vendor: WDC_WD400BB-00JKA0 05.01C05 Size: 38166MB BusType: 3
11:22:52.812    Disk 0 MBR read successfully
11:22:52.828    Disk 0 MBR scan
11:22:54.890    Disk 0 Windows XP default MBR code
11:22:54.921    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS        38154 MB offset 63
11:22:54.968    Disk 0 unknown boot code
11:22:57.015    Disk 0 statistics 238/0/0 @ 0.82 MB/s
11:22:57.015    Scan finished successfully
11:30:39.343    Disk 0 MBR has been saved successfully to "G:\MBR.dat"
11:30:39.359    The log file has been saved successfully to "G:\aswMBR.txt"

 


  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could I have on further FRST scan please and also how is the computer running now ??

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0

#28
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/16/2015
Scan Time: 9:05:22 PM
Logfile: Scanlog1.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.17.02
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Bryan Bridgewater

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 443814
Time Elapsed: 3 hr, 17 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 13
Trojan.Vawtrak, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\3F2.tmp, Quarantined, [921775adf793c96d5e7133aaa95c48b8],
Trojan.Vawtrak, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\170.tmp, Quarantined, [e4c5ba68682230067d865688c93c05fb],
Trojan.VawTrak.ED, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\59.tmp, Quarantined, [e8c10f1303873df98cfb959d0ff37090],
Trojan.VawTrak.ED, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\BE.tmp, Quarantined, [0e9b51d1c3c749ed4245dd55936fb947],
Trojan.VawTrak.ED, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\163.tmp, Quarantined, [2980a979f397f83edaad6fc37b8744bc],
Trojan.VawTrak.ED, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\1AE.tmp, Quarantined, [37724dd55d2d96a0ea9db67c1be76f91],
Trojan.VawTrak.ED, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\1EB.tmp, Quarantined, [faafbb67b8d2c373662148ea837f8080],
Trojan.Agent.ED, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\7E.tmp, Quarantined, [3c6d5bc706841521e9ff210816ec619f],
Trojan.Vawtrak, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\263.tmp, Quarantined, [7e2b0b17d1b99b9ba02f716ce71e1de3],
Trojan.AGent.ED, C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\20D.tmp, Quarantined, [5b4eb0726a2080b61132e0367b8717e9],
Trojan.MSIL.ED, C:\WINDOWS\Installer\{ADC60442-B6E8-4974-B3A8-CF7D4093ED34}\msiexec.exe, Quarantined, [f1b80f13bfcb4aec21e00619b34fdc24],
Trojan.Agent.DED, C:\WINDOWS\Installer\{E96A1E13-C689-40B6-8A7A-D2A025568768}\msiexec.exe, Quarantined, [f1b873af7f0bc373640c5e98a55c24dc],
Trojan.Zemot.ED, C:\WINDOWS\Installer\{FBDEFBA9-3813-4531-8438-C6E0A645DF96}\msiexec.exe, Quarantined, [b5f434ee93f75adcad60dd5849b9eb15],

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#29
bryan6791

bryan6791

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/12/2015
Scan Time: 10:09:18 AM
Logfile: Scanlog.txt
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.04.12.02
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Bryan Bridgewater

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373508
Time Elapsed: 59 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is it behaving now ? MBAM caught the installers which were not showing on the other logs :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP