Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dell Dimension E521 Won't boot


  • This topic is locked This topic is locked

#1
bweeasel

bweeasel

    Member

  • Member
  • PipPip
  • 31 posts
A friends Dell Dimension E521 got infected with something and he was getting BSOD with error code 0X0000007B. Couldn't get past it so I used Windows XP Home Installation disk to repair and was successful. However, just minutes after rebooting every icon from the desktop disappeared and could not access the start menu or anything else. Computer seemed to freeze up. Upon restarting it simply cycles. It seems that just before you get to the Windows screen in the boot process the computer restarts and it continues to do so over and over. Not sure where to go from here as I can't get get the thing to boot in order to run anti malware tools.

P.S.
Before solving the BSOD issue I had removed his hard drive and plugged it into my computer and was able to remove all necessary files he needs. I also ran Malwarebytes on the drive (while connected to my computer) and it was able to find and clean 9 problems... apparently it didn't get them all.

Any help would be much appreciated!
  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
:welcome:

Lets give it a try. You will need a USB (Flash) pendrive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

  • 0

#3
bweeasel

bweeasel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I don't get the "Repair Your Computer" option when pressing F8. Here's what I do get...

Safe Mode
Safe Mode With Networking
Safe Mode With Command Prompt

Enable Boot Logging
Enable VGA Mode
Last Known Good Configuration
Directory Service Restore Mode
Debugging Mode

Start Windows Normally
Reboot
Return To OS Choices Menu
  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
I thought the OS was other than XP. Sorry about that.

Lets try this tool. You will need a USB drive and a CD to burn. There will be several steps to follow.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download driver.sh by noahdfear to your USB drive
  • Also Download Query.exe by noahdfear to the USB drive. In your working computer, navigate to the USB drive and click on the Query.exe. A folder and a file, query.sh, will be extracted.
  • Once this process is completed, download Dumpit by noahdfear to the USB drive.
  • Remove the USB & CD and insert them in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • In some computers you need to tap F12 and choose to boot from the CD, in others is the Esc key. Please consult your computer's documentation.
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Then type bash driver.sh -af
  • Press Enter
  • You will be prompted to input a filename.
  • Type the following:

    Winlogon.exe

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    volsnap.sys

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    explorer.exe

  • Press Enter
  • After it has completed the search enter the next file to be searched
  • Type the following:

    Userinit.exe

  • Press Enter
  • After the search is completed type Exit and press Enter.
  • After it has finished a report will be located in the USB drive as filefind.txt
  • While still in the Open Terminal, type bash query.sh
  • Press Enter
  • After it has finished a report will be located in the USB drive as RegReport.txt
  • Close Open Terminal
  • Confirm that you see the file dumpit in your USB drive and double click on it.
  • After it has finished a report will be located in your USB drive named mbr.zip
  • Plug the USB back into the clean computer post the contents of the report.txt, filefind.txt and RegReport.txt in your next reply. The mbr.zip file must be attached to your reply.

  • 0

#5
bweeasel

bweeasel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
report.txt

Wed Mar 7 10:52:50 UTC 2012
Driver report for /mnt/sda1/WINDOWS/system32/drivers
d26e26ea516450af9d072635c60387f4 secdrv.sys has NO Company Name!

9859c0f6936e723e4892d7141b1327d5 acpiec.sys
Microsoft Corporation

94ddd4b3acbd7a9558e1762cd58386f9 acpi.sys
Microsoft Corporation

b05f2367f62552a2de7e3c352b7b9885 ADM8511.SYS
ADMtek Incorporated

ff773feda15e8bd97fd54fe87a0acdbe aec.sys
Microsoft Corporation

51b1872b62d1c335bac53313913c8d5b afd.sys
Microsoft Corporation

65880045c51aa36184841cee915a61df agp440.sys
Microsoft Corporation

bef1a1ba294959466ab6bc54b01b08a7 agpcpq.sys
Microsoft Corporation

c793db379f9e81f6efe56e43df6b31d8 alim1541.sys
Microsoft Corporation

8d49db427f7c6eb6a044fea26cfad4ff amdagp.sys
Advanced Micro Devices

9db64a52f764ea5e822636dc4bd347a1 amdk6.sys
Microsoft Corporation

e1f2a5f066a6656c8cd5056947a73723 amdk7.sys
Microsoft Corporation

0a4d13b388c814560bd69c3a496ecfa8 AmdK8.sys
Advanced Micro Devices

e47ae30589d7195bb044847fbb63a06e arp1394.sys
Microsoft Corporation

03f403b07a884fc2aa54a0916c410931 asyncmac.sys
Microsoft Corporation

95b858761a00e1d4f81f79a0da019aca atapi.sys
Microsoft Corporation

d649c57da6fa762c64013747e5d7d2d6 ati1btxx.sys
ATI Technologies

60b6aa2dc1521da343f781b70eb7895a ati1mdxx.sys
ATI Technologies

6fdc61e8e8e17f6ecc2d9a10fa8df347 ati1pdxx.sys
ATI Technologies

9d318099bf3876a4af4bc75966d27603 ati1raxx.sys
ATI Technologies

bcaf267b10620f8c93f6e87ab726e145 ati1rvxx.sys
ATI Technologies

dac7d785cf62f5bd41441e9d6f5a6efe ati1snxx.sys
ATI Technologies

f7706dae7d101f1b19ce552d772ebfce ati1ttxx.sys
ATI Technologies

6f714b4720dd80ffa9f8d2731594ea4c ati1tuxx.sys
ATI Technologies

67ffbc158dd4d27ba3fc92c6acd87f73 ati1xbxx.sys
ATI Technologies

0d8cab1f08f7d3c4de228b49e12e596a ati1xsxx.sys
ATI Technologies

1faa2c017e2182bbeadcc0d3968f525d ati2mtaa.sys
ATI Technologies

f9e8c05a3e9854bb54e843eef03631ba ati2mtag.sys
ATI Technologies

56425df5ba6ad6319c2372eb762fc9b3 atinbtxx.sys
ATI Technologies

3943209112d5329e39fbf272feb4be64 atinmdxx.sys
ATI Technologies

e74208a4dc1bff9c02a1d2abe7f4d2d3 atinpdxx.sys
ATI Technologies

ae7cf7785c87cda85acaee341fa5c9e7 atinraxx.sys
ATI Technologies

bfdd269f073c48045c603ee40292d38e atinrvxx.sys
ATI Technologies

de8112b2cf0ca43c3f0b0f0319b1b853 atinsnxx.sys
ATI Technologies

576784030bc44baf29e7f9c9cbf329ac atinttxx.sys
ATI Technologies

24aab71c27924511eb287e6ed5e066a1 atintuxx.sys
ATI Technologies

fa9a2edf1fde103de3f731ad0638f96e atinxbxx.sys
ATI Technologies

9a03f21983f9fdb65506030f35843cfe atinxsxx.sys
ATI Technologies

8d735ca1cbdb0081b0e3b9ff0eb222d0 atmarpc.sys
Microsoft Corporation

39a0a59180f19946374275745b21aeba atmepvc.sys
Microsoft Corporation

882c3a43bbf994f092e0bc9f9e180cf7 atmlane.sys
Microsoft Corporation

e7ef69b38d17ba01f914ae8f66216a38 atmuni.sys
Microsoft Corporation

d9f724aa26c010a217c97606b160ed68 audstub.sys
Microsoft Corporation

cd4646067cc7dcba1907fa0acf7e3966 bcm4sbxp.sys
Broadcom Corporation

da1f27d85e0d1525f6621372e7b685e9 beep.sys
Microsoft Corporation

dba7442096f025a0490ec348f82acdbe bridge.sys
Microsoft Corporation

b279426e3c0c344893ed78a613a73bde bthenum.sys
Microsoft Corporation

fca6f069597b62d42495191ace3fc6c1 bthmodem.sys
Microsoft Corporation

80602b8746d3738f5886ce3d67ef06b6 bthpan.sys
Microsoft Corporation

662bfd909447dd9cc15b1a1c366583b4 bthport.sys
Microsoft Corporation

bb68cebffd181e18a26112d1b9f90f3d bthprint.sys
Microsoft Corporation

61364cd71ef63b0f038b7e9df00f1efa bthusb.sys
Microsoft Corporation

90a673fc8e12a79afbed2576f6a7aaf9 cbidf2k.sys
Microsoft Corporation

c1b486a7658353d33a10cc15211a873b cdaudio.sys
Microsoft Corporation

049a38451f2611caf2fd528e023a0b5a cdfs.sys
Microsoft Corporation

6506e033ad04cfec9ee56dbefd1083dd cdrom.sys
Microsoft Corporation

84853b3fd012251690570e9e7e43343f cercsr6.sys
Adaptec

b562592b7f5759c99e179ca467ecfb4c cinemst2.sys
Ravisent Technologies

4e86b33aff1a6af46889cbcf90f0c8f0 classpnp.sys
Microsoft Corporation

9624293e55ad405415862b504ca95b73 cpqdap01.sys
Compaq Computer Corp

fc6368cbf164066ecc583dd27185bcfd crusoe.sys
Microsoft Corporation

b5ecadf7708960f1818c7fa015f4c239 CVirtA.sys
Cisco Systems

465ced77e7c4f9d71b81ba600edafac1 CVPNDRVA.sys
Cisco Systems

188eb90ac2b70c41fdd41ee36ae2a592 diskdump.sys
Microsoft Corporation

d1b16340ceaceecbf52340a0cbdf43e1 disk.sys
Microsoft Corporation

e18132d39407aadca6b1d19adf408a8a dmboot.sys
Microsoft Corp

aca44e9a8e2ff7c833664263c8478629 dmio.sys
Microsoft Corp

e9317282a63ca4d188c0df5e09c6ac5f dmload.sys
Microsoft Corp

ef05974d47d56fa8387f170f05bae5e7 DMusic.sys
Microsoft Corporation

86d52c32a308f84bbc626bff7c1fb710 dne2000.sys
tHVS_VERSION_INFOEvEv?dStringFileInfo@bZCompanyNameDeterministicNetworks,Inc.fFileDescriptionDeterministicNetworkEnhancer<FileVersion...(InternalNameDNETLegalCopyrightCopyright©[email protected],[email protected]$Translationt|

fd859e517fa2abb53654afa7ec9e3a94 drmkaud.sys
Microsoft Corporation

eef84aeba94e204f0a15d633a85a216d drmk.sys
Microsoft Corporation

fe97d0343acfdebdd578fc67cc91fa87 dxapi.sys
Microsoft Corporation

3d1383ae689ebc3a0f938b0aaece5596 dxg.sys
Microsoft Corporation

a73f5d6705b1d820c19b18782e176efd dxgthk.sys
Microsoft Corporation

e4a3a8f3e60b542a747b10e86faa5dad fastfat.sys
Microsoft Corporation

19c5c7eac0190a42522290bf002f64ea fdc.sys
Microsoft Corporation

e153ab8a11de5452bcf5ac7652dbf3ed fips.sys
Microsoft Corporation

8f70d1f7606f7442e2f7383f3701d728 flpydisk.sys
Microsoft Corporation

b2cf4b0786f8212cb92ed2b50c6db6b0 fltmgr.sys
Microsoft Corporation

3e1e2bd4f39b0e2b7dc4f4d2bcc2779a fs_rec.sys
Microsoft Corporation

455f778ee14368468560bd7cb8c854d0 fsvga.sys
Microsoft Corporation

6ac26732762483366c3969c9e4d2259d ftdisk.sys
Microsoft Corporation

3a74c423cf6bcca6982715878f450a3b gagp30kx.sys
Microsoft Corporation

573c7d0a32852b48f3058cfd8026f511 hdaudbus.sys
Windows Server DDK provider

9131ede087af04a7d80f7ebadc164254 Hdaudio.sys
Windows Server DDK provider

7bd2de4c85eb4241eed57672b16a7d8d hidbth.sys
Microsoft Corporation

151b49e5cc28b76d84225ae2b69e02da hidclass.sys
Microsoft Corporation

ff9edc832d1ba6deb1e923b9be5179cf hidir.sys
Microsoft Corporation

d099d5a07e97b09ca6a8070ca58678e7 hidparse.sys
Microsoft Corporation

1de6783b918f540149aa69943bdfeba8 hidusb.sys
Microsoft Corporation

970178e8e003eb1481293830069624b9 hsfbs2s2.sys
Conexant

f59ed5a43b988a18ef582bb07b2327a7 HSF_CNXT.sys
Conexant

1225ebea76aac3c84df6c54fe5e5d8be hsfcxts2.sys
Conexant

ebb354438a4c5a3327fb97306260714a hsfdpsp2.sys
Conexant

60e1604729a15ef4a3b05f298427b3b1 HSF_DP.sys
Conexant

77e4ff0b73bc0aeaaf39bf0c8104231f HSFHWBS2.sys
Conexant

f80a415ef82cd06ffaf0d971528ead38 http.sys
Microsoft Corporation

7080f46568108cc6ea73e460ee6ee702 i8042prt.sys
Microsoft Corporation

3cb4410747f2330d97b10b656d5bb2ac imapi.sys
Microsoft Corporation

8c953733d8f36eb2133f5bb58808b66b intelppm.sys
Microsoft Corporation

3bb22519a194418d5fec05d800a19ad0 ip6fw.sys
Microsoft Corporation

731f22ba402ee4b62748adaf6363c182 ipfltdrv.sys
Microsoft Corporation

f56dd863ba732a4e8ee58d486c31250f ipinip.sys
Microsoft Corporation

fc672ad6e9676814a0c844912f2abcff ipnat.sys
Microsoft Corporation

1c4802409cfd4a7051f458b744cfcaa5 ipsec.sys
Microsoft Corporation

b43201394646b7e98c89056edda686b5 irenum.sys
Microsoft Corporation

e504f706ccb699c2596e9a3da1596e87 isapnp.sys
Microsoft Corporation

1e7f78c2fc393356cd884c6fde7966f9 kbdclass.sys
Microsoft Corporation

4e33c6dea3bcc50776f02a1c1ae28671 kbdhid.sys
Microsoft Corporation

10e0feb086d8c1419b958c9034e4668a kmixer.sys
Microsoft Corporation

abc70e8b89cce44731a346deb764bf95 ksecdd.sys
Microsoft Corporation

29f4584e6bdf44b39123622a65e25314 ks.sys
Microsoft Corporation

d68e165c3123aba3b1282eddb4213bd8 mbamswissarmy.sys
Malwarebytes Corporation

836e0e09ca9869be7eb39ef2cf3602c7 mbam.sys
Malwarebytes Corporation

d1f8be91ed4ddb671d42e473e3fe71ab mcd.sys
Microsoft Corporation

eeaea6514ba7c9d273b5e87c4e1aab30 mdmxsdk.sys
Conexant

9c46695db5d49d9a7333807430a43be2 mf.sys
Microsoft Corporation

4ae068242760a1fb6e1a44bf4e16afa6 mnmdd.sys
Microsoft Corporation

1992e0d143b09653ab0f9c5e04b0fd65 MODEMCSA.sys
Microsoft Corporation

7760873e4ec17f288e61f00044dea000 modem.sys
Microsoft Corporation

81fb25d6ee5e0728d2c0630c58d7d908 mouclass.sys
Microsoft Corporation

b1c303e17fb9d46e87a98e4ba6769685 mouhid.sys
Microsoft Corporation

d4face53a1c48cf8419b4cf494d2ee2e mountmgr.sys
Microsoft Corporation

7e34bfa1a7b60bba1da03d677f16cd63 MpFilter.sys
Microsoft Corporation

d30cba20cc355d3648b9fed5bb55a9d5 mrxdav.sys
Microsoft Corporation

7a3a2be44e12e2abde1af891e83ac130 mrxsmb.sys
Microsoft Corporation

a1831538e119363d0d90d757ac8a2012 msfs.sys
Microsoft Corporation

13591e0a02e85de2a388f3ec4bd206df msgpc.sys
Microsoft Corporation

9686ded76afb73b48905c77a002c3ad5 mskssrv.sys
Microsoft Corporation

bd8a0dcf208c27e20416bf9e8aed9cf9 mspclock.sys
Microsoft Corporation

f6a726b8832db1f88326b8be98b11981 mspqm.sys
Microsoft Corporation

af5f4f3f14a8ea2c26de30f7a1e17136 mssmbios.sys
Microsoft Corporation

c53775780148884ac87c455489a0c070 mtlmnt5.sys
Smart Link

54886a652bf5685192141df304e923fd mtlstrm.sys
Smart Link

6dda78a0be692b61b668fab860f276cf mtxparhm.sys
Matrox Graphics

08c56887f06473b09fc1b39e7dec0fb6 mup.sys
Microsoft Corporation

5e175bc8bb8b737d26d38d07f9140ea7 mutohpen.sys
Microsoft Corporation

3b350e5a2a5e951453f3993275a4523a ndis.sys
Microsoft Corporation

08d43bbdacdf23f34d79e44ed35c1b4c ndistapi.sys
Microsoft Corporation

e6b6d5e4c9c199b7bb56d7862ea68fbc ndisuio.sys
Microsoft Corporation

15787deca8c5428beeaa8044f544fd85 ndiswan.sys
Microsoft Corporation

59fc3fb44d2669bc144fd87826bb571f ndproxy.sys
Microsoft Corporation

e351339fa17c4a70940e15b5e3dae6e2 netbios.sys
Microsoft Corporation

d96f3bc5a6e7452b0e3275b560dc8528 netbt.sys
Microsoft Corporation

ff4ceca01030be87d530e2c5859738db nic1394.sys
Microsoft Corporation

be984d604d91c217355cdd3737aad25d nikedrv.sys
Diamond Multimedia Systems

bb7af7f10c210e3712ed703d0f047e09 nmnt.sys
Microsoft Corporation

20aba9f035e3a98877480e34fcc4dcb3 npfs.sys
Microsoft Corporation

e3ae9c79498210a5f39fe5a9ad62bc55 ntfs.sys
Microsoft Corporation

576b34ceae5b7e5d9fd2775e93b3db53 ntmtlfax.sys
Smart Link

73c1e1f395918bc2c6dd67af7591a3ad null.sys
Microsoft Corporation

15a6306a0b958bf60f09688d0ee70479 nv4_mini.sys
NVIDIA Corporation

dce353985c988bfb7e84fd942068151f NvAtaBus.sys
NVIDIA Corporation

9c8a8e00648eaf7a1d794f7cfb25a6b4 nvraid.sys
NVIDIA Corporation

b305f3fad35083837ef46a0bbce2fc57 nwlnkflt.sys
Microsoft Corporation

c99b3415198d1aab7227f2c88fd664b9 nwlnkfwd.sys
Microsoft Corporation

e700e93f7c4acb65dca2b7dda9b36ce3 nwlnkipx.sys
Microsoft Corporation

56d34a67c05e94e16377c60609741ff8 nwlnknb.sys
Microsoft Corporation

c0bb7d1615e1acbdc99757f6ceaf8cf0 nwlnkspx.sys
Microsoft Corporation

4bb30ddc53ebc76895e38694580cdfe9 oprghdlr.sys
Microsoft Corporation

a724b79af03c0f38cfbd8ef3a49829e6 p3.sys
Microsoft Corporation

67fd105f525a94c0246c9088e85a2f3b parport.sys
Microsoft Corporation

3334430c29dc338092f79c38ef7b4cd0 partmgr.sys
Microsoft Corporation

70e98b3fd8e963a6a46a2e6247e0bea1 parvdm.sys
Microsoft Corporation

ccf5f451bb1a5a2a522a76e670000ff0 pciide.sys
Microsoft Corporation

146d37a214304bd3432cfd3360ff067f pciidex.sys
Microsoft Corporation

9390447f3b1be5064a3ebe98c555a1e5 pci.sys
Microsoft Corporation

4ca446e011e2f61ac45eb2e3bc3f1584 pcmcia.sys
Microsoft Corporation

560220102acc7edc5f22d791e7e39058 portcls.sys
Microsoft Corporation

0f8a31ab9d8963f66ad93d3f69a1914c processr.sys
Microsoft Corporation

944440247fe6988c88b376ed85a0cd1a psched.sys
Microsoft Corporation

80d317bd1c3dbc5d4fe7b1678c60cadd ptilink.sys
Parallel Technologies

fe0d99d6f31e4fad8159f690d68ded9c rasacd.sys
Microsoft Corporation

4c242c79a9c0d98d52d6f8cb9248d528 rasl2tp.sys
Microsoft Corporation

888335b3be346119cf7b4eff3a3fca7c raspppoe.sys
Microsoft Corporation

fed674d73eb56c35444f701e847bf85b raspptp.sys
Microsoft Corporation

fdbb1d60066fcfbb7452fd8f9829b242 raspti.sys
Microsoft Corporation

01524cd237223b18adbb48f70083f101 rawwan.sys
Microsoft Corporation

df80c149c96fcfbb8a3dc3d5dd950aa8 rdbss.sys
Microsoft Corporation

4912d5b403614ce99c28420f75353332 rdpcdd.sys
Microsoft Corporation

5208d077065ea8775e319f9834f94136 rdpdr.sys
Microsoft Corporation

0606700377b6fb8b04475e92507adade rdpwd.sys
Microsoft Corporation

e9aaa0092d74a9d371659c4c38882e12 recagent.sys
Smart Link

ab56d6ed4e86d2b6f819a24a070f35f7 redbook.sys
Microsoft Corporation

851c30df2807fcfa21e4c681a7d6440e rfcomm.sys
Microsoft Corporation

a56fe08ec7473e8580a390bb1081cdd7 rio8drv.sys
Diamond Multimedia Systems

0a854df84c77a0be205bfeab2ae4f0ec riodrv.sys
Diamond Multimedia Systems

35e81b908ae4e97fc7bdf4607c516ff4 RMCast.sys
Microsoft Corporation

f18e651e4b6c7d8bd367454e016ab5d4 rndismp.sys
Microsoft Corporation

726548542afeca56257ff01eb13bb6d7 rndismpx.sys
Microsoft Corporation

d8b0b4ade32574b2d9c5cc34dc0dbbe7 rootmdm.sys
Microsoft Corporation

0dbcc071a268e0340a2ba6bdd98bace4 s3gnbm.sys
SGraphics

f1d2d6d805ae2856f3d923e949ad917d scsiport.sys
Microsoft Corporation

8d04819a3ce51b9eb47e5689b44d43c4 sdbus.sys
Microsoft Corporation

d26e26ea516450af9d072635c60387f4 secdrv.sys

65a7c4d86c153c82e33a552c217abb29 serenum.sys
Microsoft Corporation

dc7cbfec14b1b38bcf32aba922ffeaad serial.sys
Microsoft Corporation

0fa803c64df0914b41f807ea276bf2a6 sffdisk.sys
Microsoft Corporation

d66d22d76878bf3483a6be30183fb648 sffp_mmc.sys
Microsoft Corporation

c17c331e435ed8737525c86a7557b3ac sffp_sd.sys
Microsoft Corporation

4e1b8866f3d208dee3906a191cb493e3 sfloppy.sys
Microsoft Corporation

5a61f7f9dfb3d3bf5c5c72c36a375428 sisagp.sys
Silicon Integrated Systems

d9673011648a71ed1e1f77b831bc85e6 slnt7554.sys
Smart Link

2c1779c0feb1f4a6033600305eba623a slntamr.sys
Smart Link

f9b8e30e82ee95cf3e1d3e495599b99c slnthal.sys
Smart Link

db56bb2c55723815cf549d7fc50cfceb slwdmsup.sys
Smart Link

a50c1a6d6952c977b58e981264deab2c smbali.sys
Microsoft Corporation

017daecf0ed3aa731313433601ec40fa smclib.sys
Microsoft Corporation

8970aefce5c8766bb7b04e9e51e550a8 sonydcam.sys
Microsoft Corporation

32c54211e9e8a45cbcb097beaeb1999a splitter.sys
Microsoft Corporation

cd952661dbdf31c42e325a06bc67fd0e sr.sys
Microsoft Corporation

94619eb663216f9bf12f9b950fcab3c0 srv.sys
Microsoft Corporation

8990440e4b2a7ca5a56a1833b03741fd sthda.sys
SigmaTel

0ec1d6ad48588545d5c282e28524e385 stream.sys
Microsoft Corporation

064740c5c02de46723c4b8200ee876df swenum.sys
Microsoft Corporation

94abc808fc4b6d7d2bbf42b85e25bb4d swmidi.sys
Microsoft Corporation

b0b19f036f76333ab3338c7493e87b12 sysaudio.sys
Microsoft Corporation

d1570ddee0b8ad173a689f1a9a343b57 tape.sys
Microsoft Corporation

7e6d0adc725fa65bdfafd4752d9777ae tcpip6.sys
Microsoft Corporation

244a2f9816bc9b593957281ef577d976 tcpip.sys
Microsoft Corporation

fd6a09d156139030729cf5f08f5d0cb9 tdi.sys
Microsoft Corporation

1a96630babbd59e8b885eae0dfbe6a3e tdpipe.sys
Microsoft Corporation

d1c578c6b37713694c5edd7c2d7f7451 tdtcp.sys
Microsoft Corporation

194c51bc28a7ce9818012142b062e431 termdd.sys
Microsoft Corporation

699450901c5ccfd82357cbc531cedd23 tosdvd.sys
Microsoft Corporation

d74a8ec75305f1d3cfde7c7fc1bd62a9 tsbvcap.sys
Toshiba Corporation

fcf888ad3bf91c61501093d5b2e104ba tunmp.sys
Microsoft Corporation

d85938f272d1bcf3db3a31fc0a048928 uagp35.sys
Microsoft Corporation

01ca8ec606522d2f60820b0c0086fdd5 udfs.sys
Microsoft Corporation

164cfae1d766905f56c432acfc54f28c update.sys
Microsoft Corporation

567d6c305295fea98e02fd3e5258ca89 usb8023.sys
Microsoft Corporation

b6cc50279d6cd28e090a5d33244adc9a usb8023x.sys
Microsoft Corporation

61018ba9df6b63e51d9753c980e73ec2 usbcamd2.sys
Microsoft Corporation

2654eecc6fb13603ebddcd5c8ea943d1 usbcamd.sys
Microsoft Corporation

79fee3cfec5b14194dbe0a703d82b2a4 usbccgp.sys
Microsoft Corporation

596eb39b50d6ebd9b734dc4ae0544693 usbd.sys
Microsoft Corporation

2d0c2f3836f72e85d41d9c50aeeb5423 usbehci.sys
Microsoft Corporation

d7bf70ac85e48b6c4df953401eccb75a usbhub.sys
Microsoft Corporation

7e29fede2050071c806d8bac7700e1ad usbintel.sys
Microsoft Corporation

4e7d2f6df7a7e02d80fe0b109f0c9f02 usbohci.sys
Microsoft Corporation

2ecaba73e8a4e58499bcc1fdb534ef34 usbport.sys
Microsoft Corporation

c9a83be290c89730ae59f6c3085f072d usbprint.sys
Microsoft Corporation

7691af2109474eb923004f3dca4c9559 usbscan.sys
Microsoft Corporation

4923c60f9c381eae679db04021d26abb usbstor.sys
Microsoft Corporation

63bbfca7f390f4c49ed4b96bfb1633e0 usbvideo.sys
Microsoft Corporation

55e01061c74a8cefff58dc36114a8d3f vdmindvd.sys
Ravisent Technologies

08d2edfd7261242b8aea27f1fe11e120 vga.sys
Microsoft Corporation

cdb62aaa807c1a0a3a8449f83267e628 viaagp.sys
Microsoft Corporation

9b900adeee167b99207ececccb5712a9 videoprt.sys
Microsoft Corporation

6fdc9523ef81617cf5028f47fcaf0fbe volsnap.sys
Microsoft Corporation

137c9a747ce717d16029d81cee9d32b9 wacompen.sys
Microsoft Corporation

0308aef61941e4af478fa1a0f83812f5 wadv07nt.sys
Intel Corporation

714038a8aa5de08e12062202cd7eaeb5 wadv08nt.sys
Intel Corporation

7bb3aa595e4507a788de1cdc63f4c8c4 wadv09nt.sys
Intel Corporation

36e6c405b6143d09687f4056fd9a0d10 wadv11nt.sys
Intel Corporation

484af08f15d1306ff2e8b64fe62a160c wanarp.sys
Microsoft Corporation

352fa0e98bc461ce1ce5d41f64db558d watv06nt.sys
Intel Corporation

791cc45de6e50445be72e8ad6401ff45 watv10nt.sys
Intel Corporation

499b653356a9e5589ee83ac47e5d2a8c wdmaud.sys
Microsoft Corporation

2f31b7f954bed437f2c75026c65caf7b wmilib.sys
Microsoft Corporation

1385e5aa9c9821790d33a9563b8d2dd0 wpdusb.sys
Microsoft Corporation

6abe6e225adb5a751622a9cc3bc19ce8 ws2ifsl.sys
Microsoft Corporation

f15feafffbb3644ccc80c5da584e6311 WudfPf.sys
Microsoft Corporation

28b524262bce6de1f7ef9f510ba3985b WudfRd.sys
Microsoft Corporation

Driver report for /mnt/sda1/WINDOWS/LastGood.Tmp/System32/DRIVERS

cf4def1bf66f06964dc0d91844239104 wpdusb.sys
Microsoft Corporation

filefind.txt

Search results for Winlogon.exe

2246d8d8f4714a2cedb21ab9b1849abb /mnt/sda1/WINDOWS/system32/dllcache/winlogon.exe
504.5K Aug 29 2002

2246d8d8f4714a2cedb21ab9b1849abb /mnt/sda1/WINDOWS/system32/winlogon.exe
504.5K Aug 29 2002






Search results for volsnap.sys

6fdc9523ef81617cf5028f47fcaf0fbe /mnt/sda1/WINDOWS/system32/dllcache/volsnap.sys
48.0K Aug 29 2002

6fdc9523ef81617cf5028f47fcaf0fbe /mnt/sda1/WINDOWS/system32/drivers/volsnap.sys
48.0K Aug 29 2002



Search results for explorer.exe

7712df0cdde3a5ac89843e61cd5b3658 /mnt/sda1/WINDOWS/$hf_mig$/KB938828/SP2QFE/explorer.exe
1009.0K Jun 13 2007

a82b28bfc2e4455fe43022a498c0ef0a /mnt/sda1/WINDOWS/system32/dllcache/explorer.exe
980.5K Aug 29 2002

a82b28bfc2e4455fe43022a498c0ef0a /mnt/sda1/WINDOWS/explorer.exe
980.5K Aug 29 2002

a0732187050030ae399b241436565e64 /mnt/sda1/WINDOWS/$NtUninstallKB938828$/explorer.exe
1008.0K Aug 4 2004



Search results for Userinit.exe

d1e53dc57143f2584b1dd53b036c0633 /mnt/sda1/Documents and Settings/Cathi Kressin/Desktop/1111/Login-Logoff/userinit.exe
24.5K Feb 20 2010

e931e0a2b8bf0019db902e98d03662cb /mnt/sda1/WINDOWS/system32/dllcache/userinit.exe
21.5K Aug 29 2002

e931e0a2b8bf0019db902e98d03662cb /mnt/sda1/WINDOWS/system32/userinit.exe
21.5K Aug 29 2002

RegReport.txt

The RegReport.txt was blank!?!

Attached Files

  • Attached File  mbr.zip   1.68KB   213 downloads

  • 0

#6
bweeasel

bweeasel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Ran bash query.sh again and got a report:

Remote Registry Report

Hive </mnt/sda1/WINDOWS/system32/config/software>
\Microsoft\Windows NT\CurrentVersion> Value <ProductName> of type REG_SZ, data length 42 [0x2a]
Microsoft Windows XP
\Microsoft\Windows NT\CurrentVersion> Value <CSDVersion> of type REG_SZ, data length 30 [0x1e]
Service Pack 1
\Microsoft\Windows NT\CurrentVersion> Value <SystemRoot> of type REG_SZ, data length 22 [0x16]
C:\WINDOWS
\Microsoft\Windows NT\CurrentVersion\Windows> Value <AppInit_DLLs> of type REG_SZ, data length 2 [0x2]
(...)\Windows NT\CurrentVersion\Winlogon> Value <Shell> of type REG_SZ, data length 26 [0x1a]
Explorer.exe
(...)\Windows NT\CurrentVersion\Winlogon> Value <Userinit> of type REG_SZ, data length 68 [0x44]
C:\WINDOWS\system32\userinit.exe,
(...)\Windows NT\CurrentVersion\Winlogon\Notify> Node has 11 subkeys and 0 values
<!SASWinLogon>
<crypt32chain>
<cryptnet>
<cscdll>
<dimsntfy>
<ScCertProp>
<Schedule>
<sclgntfy>
<SensLogn>
<termsrv>
<wlballoon>
\Microsoft\Windows\CurrentVersion\Run> Node has 1 subkeys and 11 values
<OptionalComponents>
size type value name [value if type DWORD]
106 REG_SZ <NvCplDaemon>
122 REG_SZ <SunJavaUpdateSched>
114 REG_SZ <Adobe Reader Speed Launcher>
104 REG_SZ <QuickTime Task>
142 REG_SZ <MSC>
112 REG_SZ <lxeamon.exe>
112 REG_SZ <EzPrint>
130 REG_SZ <TkBellExe>
36 REG_SZ <nwiz>
120 REG_SZ <NvMediaCenter>
26 REG_SZ <SigmatelSysTrayApp>
(...)\Windows\CurrentVersion\policies\system> Node has 0 subkeys and 5 values
4 REG_DWORD <dontdisplaylastusername> 0 [0x0]
4 REG_DWORD <legalnoticecaption> 1 [0x1]
8 REG_SZ <legalnoticetext>
4 REG_DWORD <shutdownwithoutlogon> 1 [0x1]
4 REG_DWORD <undockwithoutlogon> 1 [0x1]


Hive </mnt/sda1/Documents and Settings/Cathi Kressin/NTUSER.DAT>
(...)\Microsoft\Windows\CurrentVersion\Run> Node has 0 subkeys and 2 values
size type value name [value if type DWORD]
62 REG_SZ <ctfmon.exe>
110 REG_SZ <SUPERAntiSpyware>
(...)\Windows\CurrentVersion\Policies\Explorer> Node has 1 subkeys and 1 values
<Run>
4 REG_DWORD <NoDriveTypeAutoRun> 145 [0x91]
(...)\Windows\CurrentVersion\Policies\System> Node has 0 subkeys and 0 values


Hive </mnt/sda1/Documents and Settings/kressin/NTUSER.DAT>
(...)\Microsoft\Windows\CurrentVersion\Run> Node has 0 subkeys and 3 values
size type value name [value if type DWORD]
62 REG_SZ <ctfmon.exe>
104 REG_SZ <MSMSGS>
104 REG_SZ <Windows Update Server>
(...)\Windows\CurrentVersion\Policies\Explorer> Node has 0 subkeys and 1 values
4 REG_DWORD <NoDriveTypeAutoRun> 145 [0x91]
(...)\Windows\CurrentVersion\Policies\System> Node has 0 subkeys and 0 values
  • 0

#7
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
Every report shows a new installation (SP1). The entries seems legit. Lets re-write the Master Boot Record and hope for the best. During the process you may be asked about the partition to write the MBR to, and Operating System. The answer should be sda and Windows XP.

Download xPUD_MBRfix and save it in the USB drive.

  • Boot the ailing computer to xPUD
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Double click on xPUD_MBRfix to execute the script and wait.
  • Upon finishes, its actions will produce a report (mlog.txt)
  • Post that report in your next reply
Boot in Normal Mode and let me know the outcome.
  • 0

#8
bweeasel

bweeasel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Wed Mar 7 15:50:50 UTC 2012

User has chosen Windows XP boot code
User has chosen drive sda
Backing up mbr to backup_sda.bin

Boot code structure before fix
/dev/sda has an x86 boot sector,
it is a Microsoft 2000/XP/2003 master boot record, like the one this
program creates with the switch -m on a hard disk device.

Boot code structure after repairing
/dev/sda has an x86 boot sector,
it is a Microsoft 2000/XP/2003 master boot record, like the one this
program creates with the switch -m on a hard disk device.
  • 0

#9
bweeasel

bweeasel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Still doing the same thing. I failed to mention that upon booting the first thing that happens is after the DELL screen appears I get a "Diskette drive 0 seek failure". However the boot sequence in the F2 setup is correct. When I press F1 to continue it seems like it's going to start (blinking cursor in the top left corner of scree) but then just shuts down and attempts to reboot and the process starts all over. Might it have something to do with that? My friend removed the battery and replaced it in his attempt to figure out what was wrong and I know that can mess with the BIOS settings... right?
  • 0

#10
bweeasel

bweeasel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I tried hooking up the hard drive to the sata2 port (left the optical drive in sata1) and changed the boot sequence. Same thing.
  • 0

Advertisements


#11
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
Removing the battery will erase the CMOS. Wonder if the Diskette seek option still selected as well as the date and time in the BIOS. Checking on the drive partitions, seems the Recovery partition was also removed. Are there any documents you need to save? In my opinion, a full format and reinstall should be done.
  • 0

#12
bweeasel

bweeasel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I was able to save everything He needed onto my computer. I suppose I could do a clean reinstall.
  • 0

#13
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
I believe that will be the best alternative.
  • 0

#14
bweeasel

bweeasel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I was able to resolve the Diskette seek error. I was also able to get the computer to boot and is currently running. I ran OTL and here is the log if you are still willing to take a look. :-) I also have the extras log.

OTL log

OTL logfile created on: 3/8/2012 11:09:08 AM - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = C:\Documents and Settings\Cathi Kressin\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.42 Mb Total Physical Memory | 623.47 Mb Available Physical Memory | 65.05% Memory free
2.26 Gb Paging File | 1.93 Gb Available in Paging File | 85.18% Paging File free
Paging file location(s): c:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 123.72 Gb Free Space | 83.03% Space Free | Partition Type: NTFS
Drive D: | 581.97 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KRESSIN-334AE91 | User Name: Cathi Kressin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/08 10:37:16 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cathi Kressin\Desktop\OTL.exe
PRC - [2010/11/30 12:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/22 10:29:41 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/11/11 11:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/05/05 07:18:46 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
PRC - [2010/05/05 07:18:43 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010/04/14 14:45:21 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeacoms.exe
PRC - [2010/04/14 14:45:14 | 000,193,192 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaserv.exe
PRC - [2008/06/19 18:08:44 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2006/07/27 13:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/01/09 09:36:06 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\swsc.exe
PRC - [2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/08 11:02:09 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\Cathi Kressin\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/05/21 13:32:29 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\Cathi Kressin\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/05/21 13:32:27 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\Cathi Kressin\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/05/21 13:32:23 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\Cathi Kressin\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2010/05/05 07:18:46 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
MOD - [2010/05/05 07:18:43 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010/04/05 04:56:20 | 000,094,359 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2010/04/05 04:56:19 | 000,045,221 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epstring.dll
MOD - [2010/04/05 04:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010/04/05 04:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizard.dll
MOD - [2010/04/05 04:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\customui.dll
MOD - [2010/04/05 04:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epfunct.dll
MOD - [2010/04/05 04:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\eputil.dll
MOD - [2010/04/05 04:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\imagutil.dll
MOD - [2010/04/01 11:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010/04/01 11:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2009/11/04 07:14:19 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeadrpp.dll
MOD - [2009/05/27 06:16:50 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeadatr.dll
MOD - [2009/05/06 08:04:36 | 000,466,944 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll
MOD - [2009/05/06 08:03:44 | 000,372,736 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll
MOD - [2009/04/07 13:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\iptk.dll
MOD - [2009/03/09 23:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009/03/02 08:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009/02/20 02:48:43 | 000,023,552 | ---- | M] () -- C:\WINDOWS\system32\LXEAsmr.dll
MOD - [2009/02/20 02:48:03 | 000,299,008 | ---- | M] () -- C:\WINDOWS\system32\LXEAsm.dll
MOD - [2008/06/19 18:08:52 | 000,197,408 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2007/07/12 22:33:58 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2006/08/23 13:12:38 | 000,196,608 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2006/01/09 09:36:06 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\swsc.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2010/11/11 11:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/04/14 14:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxeacoms.exe -- (lxea_device)
SRV - [2010/04/14 14:45:14 | 000,193,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2008/06/19 18:08:44 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010/05/10 12:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 12:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/06/19 18:07:50 | 000,306,299 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008/03/29 17:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/21 03:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/27 13:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/06/18 22:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/26 11:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2001/08/17 11:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/23 15:08:53 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/03/08 11:00:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.h...nosticsxp2k.cab (DDRevision Class)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBF8889C-5E02-4DB3-8CBD-C765F2157A38}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Cathi Kressin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cathi Kressin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/19 12:42:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/08/04 06:00:00 | 000,000,110 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *sprestrt)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/08 11:07:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/03/08 10:52:43 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/03/08 10:50:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/03/08 10:50:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/03/08 10:50:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/03/08 10:50:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/03/08 10:50:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/03/08 10:50:36 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/03/08 10:48:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/03/08 10:48:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cathi Kressin\My Documents\My Videos
[2012/03/08 10:48:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cathi Kressin\My Documents\My Pictures
[2012/03/08 10:48:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cathi Kressin\My Documents\My Music
[2012/03/08 10:48:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cathi Kressin\Start Menu\Programs\Administrative Tools
[2012/03/08 10:48:02 | 004,430,843 | R--- | C] (Swearware) -- C:\Documents and Settings\Cathi Kressin\Desktop\ComboFix.exe
[2012/03/08 10:41:06 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cathi Kressin\Desktop\OTL.exe
[2012/03/08 10:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2012/03/08 10:27:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/03/08 10:22:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/03/08 10:22:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/03/08 10:22:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/03/08 10:22:14 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/03/08 10:22:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/03/08 10:22:14 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/03/08 10:22:12 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/03/08 10:22:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/03/08 10:22:09 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/03/08 10:22:09 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/03/08 10:22:09 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/03/08 10:22:02 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/03/08 10:22:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/03/08 10:22:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/03/08 10:21:58 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/03/08 10:21:58 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/03/08 10:21:58 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/03/08 10:21:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/03/08 10:21:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/03/08 10:21:57 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/03/08 10:21:57 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/03/08 10:21:57 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/03/08 10:21:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/03/08 10:21:51 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/03/08 10:21:51 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/03/08 10:21:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/03/08 10:21:51 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/03/08 10:21:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/03/08 10:21:50 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/03/08 10:21:50 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/03/08 10:21:50 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/03/08 10:21:50 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/03/08 10:21:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012/03/08 10:21:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/03/08 10:21:49 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/03/08 10:21:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/03/08 10:21:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/03/08 10:21:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/03/08 10:21:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/03/08 10:21:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/03/08 10:21:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/03/08 10:21:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/03/08 10:21:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/03/08 10:21:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/03/08 10:21:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/03/08 10:21:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/03/08 10:21:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/03/08 10:21:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/03/08 10:21:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/03/08 10:21:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/03/08 10:21:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/03/08 10:21:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/03/08 10:21:45 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/03/08 10:21:40 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/03/08 10:21:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/03/08 10:21:38 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/03/08 10:21:38 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/03/08 10:21:37 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/03/08 10:21:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/03/08 10:21:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/03/08 10:21:35 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/03/08 10:21:34 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/03/08 10:21:32 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/03/08 10:21:32 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/03/08 10:21:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/03/08 10:21:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/03/08 10:21:29 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/03/08 10:21:29 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/03/08 10:21:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/03/08 10:21:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/03/08 10:21:28 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/03/08 10:21:28 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/03/08 10:21:28 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plugin.ocx
[2012/03/08 10:21:28 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/03/08 10:21:27 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/03/08 10:21:26 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/03/08 10:21:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/03/08 10:21:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/03/08 10:21:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/03/08 10:21:22 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/03/08 10:21:16 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/03/08 10:21:15 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/03/08 10:21:10 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/03/08 10:21:10 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/03/08 10:21:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012/03/08 10:21:01 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/03/08 10:21:01 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/03/08 10:21:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/03/08 10:20:59 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/03/08 10:20:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012/03/08 10:20:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/03/08 10:20:57 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/03/08 10:20:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/03/08 10:20:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/03/08 10:20:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/03/08 10:20:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/03/08 10:20:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/03/08 10:20:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/03/08 10:20:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/03/08 10:20:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/03/08 10:20:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/03/08 10:20:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/03/08 10:20:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/03/08 10:20:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/03/08 10:20:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/03/08 10:20:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/03/08 10:20:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/03/08 10:20:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/03/08 10:20:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/03/08 10:20:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/03/08 10:20:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/03/08 10:20:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/03/08 10:20:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/03/08 10:20:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/03/08 10:20:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/03/08 10:20:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/03/08 10:20:53 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/03/08 10:20:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/03/08 10:20:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/03/08 10:20:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/03/08 10:20:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/03/08 10:20:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/03/08 10:20:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/03/08 10:20:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/03/08 10:20:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/03/08 10:20:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/03/08 10:20:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/03/08 10:20:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/03/08 10:20:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/03/08 10:20:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/03/08 10:20:50 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012/03/08 10:20:48 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/03/08 10:20:48 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/03/08 10:20:47 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/03/08 10:20:47 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/03/08 10:20:47 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/03/08 10:20:47 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/03/08 10:20:47 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/03/08 10:20:47 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/03/08 10:20:47 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/03/08 10:20:47 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/03/08 10:20:46 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/03/08 10:20:46 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/03/08 10:20:46 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/03/08 10:20:46 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/03/08 10:20:46 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/03/08 10:20:46 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/03/08 10:20:46 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/03/08 10:20:45 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/03/08 10:20:45 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/03/08 10:20:45 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/03/08 10:20:45 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/03/08 10:20:45 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/03/08 10:20:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/03/08 10:20:40 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/03/08 10:20:35 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/03/08 10:20:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012/03/08 10:20:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/03/08 10:20:30 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/03/08 10:20:29 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012/03/08 10:20:29 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/03/08 10:20:29 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/03/08 10:20:29 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012/03/08 10:20:29 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/03/08 10:20:29 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012/03/08 10:20:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/03/08 10:20:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/03/08 10:20:29 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/03/08 10:20:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012/03/08 10:20:28 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/03/08 10:20:28 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012/03/08 10:20:28 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/03/08 10:20:28 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/03/08 10:20:28 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/03/08 10:20:28 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012/03/08 10:20:28 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/03/08 10:20:28 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/03/08 10:20:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/03/08 10:20:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/03/08 10:20:27 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/03/08 10:20:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/03/08 10:20:26 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/03/08 10:20:26 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/03/08 10:20:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/03/08 10:20:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/03/08 10:20:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/03/08 10:20:24 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/03/08 10:20:24 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012/03/08 10:20:24 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/03/08 10:20:24 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/03/08 10:20:24 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/03/08 10:20:24 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/03/08 10:20:24 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/03/08 10:20:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/03/08 10:20:15 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/03/08 10:20:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/03/08 10:20:13 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/03/08 10:20:12 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/03/08 10:20:12 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/03/08 10:20:12 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/03/08 10:20:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/03/08 10:20:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/03/08 10:20:11 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/03/08 10:20:11 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/03/08 10:20:11 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/03/08 10:20:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/03/08 10:20:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/03/08 10:20:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/03/08 10:20:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/03/08 10:20:09 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/03/08 10:20:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/03/08 10:20:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/03/08 10:19:42 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012/03/08 10:19:42 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/03/08 10:19:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/03/08 10:19:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/03/08 10:19:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/03/08 10:19:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012/03/08 10:19:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/03/08 10:19:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012/03/08 10:19:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/03/08 10:19:29 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012/03/08 10:19:29 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012/03/08 10:19:29 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012/03/08 10:19:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/03/08 10:19:24 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/03/08 10:19:23 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/03/08 10:19:23 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/03/08 10:19:23 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012/03/08 10:19:23 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/03/08 10:19:23 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/03/08 10:19:23 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/03/08 10:19:22 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/03/08 10:19:22 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/03/08 10:19:22 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/03/08 10:19:22 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/03/08 10:19:22 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/03/08 10:19:22 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/03/08 10:19:22 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/03/08 10:19:21 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/03/08 10:19:21 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/03/08 10:19:21 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/03/08 10:19:20 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012/03/08 10:19:20 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012/03/08 10:19:20 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012/03/08 10:19:19 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012/03/08 10:18:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/03/08 10:16:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/03/08 10:16:43 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2012/03/08 10:02:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/03/08 10:02:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/03/08 10:02:07 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/03/08 10:02:07 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/03/06 23:34:49 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2012/03/06 23:34:49 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2012/03/06 23:34:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2012/03/06 23:34:42 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2012/03/06 23:34:42 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2012/03/06 23:34:42 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2012/03/06 23:34:41 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2012/03/06 23:34:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2012/03/06 23:34:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2012/03/06 23:34:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2012/03/06 23:34:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2012/03/06 23:34:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2012/03/06 23:34:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2012/03/06 23:34:41 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2012/03/06 23:34:41 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2012/03/06 23:34:39 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2012/03/06 23:34:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2012/03/06 23:34:39 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2012/03/06 23:34:39 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2012/03/06 23:34:38 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2012/03/06 23:34:38 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2012/03/06 23:34:38 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2012/03/06 23:34:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2012/03/06 23:34:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2012/03/06 23:34:38 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012/03/06 23:34:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2012/03/06 23:34:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2012/03/06 23:34:37 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2012/03/06 23:34:37 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2012/03/06 23:34:37 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2012/03/06 23:34:37 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2012/03/06 23:34:37 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2012/03/06 23:34:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2012/03/06 23:34:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2012/03/06 23:34:37 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2012/03/06 23:34:37 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2012/03/06 23:34:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2012/03/06 23:34:37 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2012/03/06 23:34:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2012/03/06 23:34:36 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2012/03/06 23:34:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2012/03/06 23:34:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2012/03/06 23:34:35 | 000,561,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2012/03/06 23:34:35 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2012/03/06 23:34:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2012/03/06 23:34:35 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2012/03/06 23:34:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2012/03/06 23:34:35 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2012/03/06 23:34:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2012/03/06 23:34:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2012/03/06 23:34:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2012/03/06 23:34:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2012/03/06 23:34:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2012/03/06 23:34:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2012/03/06 23:34:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2012/03/06 23:34:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2012/03/06 23:34:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2012/03/06 23:34:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2012/03/06 23:34:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2012/03/06 23:34:32 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2012/03/06 23:34:32 | 000,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2012/03/06 23:34:31 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2012/03/06 23:34:31 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2012/03/06 23:34:31 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2012/03/06 23:34:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2012/03/06 23:34:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2012/03/06 23:34:30 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2012/03/06 23:34:30 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2012/03/06 23:34:30 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2012/03/06 23:34:30 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2012/03/06 23:34:29 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2012/03/06 23:34:29 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2012/03/06 23:34:27 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2012/03/06 23:34:27 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2012/03/06 23:34:27 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2012/03/06 23:34:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2012/03/06 23:34:26 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2012/03/06 23:34:26 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2012/03/06 23:34:26 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2012/03/06 23:34:26 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2012/03/06 23:34:26 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2012/03/06 23:34:26 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2012/03/06 23:34:26 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2012/03/06 23:34:25 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2012/03/06 23:34:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2012/03/06 23:34:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2012/03/06 23:34:25 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2012/03/06 23:34:25 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2012/03/06 23:34:25 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2012/03/06 23:34:25 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2012/03/06 23:34:25 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2012/03/06 23:34:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2012/03/06 23:34:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2012/03/06 23:34:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2012/03/06 23:34:24 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2012/03/06 23:34:24 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2012/03/06 23:34:24 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2012/03/06 23:34:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2012/03/06 23:34:24 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2012/03/06 23:34:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2012/03/06 23:34:23 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2012/03/06 23:34:23 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2012/03/06 23:34:23 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2012/03/06 23:34:23 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2012/03/06 23:34:23 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2012/03/06 23:34:23 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2012/03/06 23:34:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2012/03/06 23:34:22 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2012/03/06 23:34:22 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2012/03/06 23:34:22 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2012/03/06 23:34:22 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2012/03/06 23:34:22 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2012/03/06 23:34:22 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2012/03/06 23:34:22 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2012/03/06 23:34:21 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2012/03/06 23:34:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2012/03/06 23:34:20 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2012/03/06 23:34:20 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2012/03/06 23:34:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2012/03/06 23:34:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2012/03/06 23:34:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2012/03/06 23:34:16 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2012/03/06 23:34:16 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2012/03/06 23:34:16 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2012/03/06 23:34:16 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2012/03/06 23:34:16 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2012/03/06 23:34:15 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2012/03/06 23:34:15 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2012/03/06 23:34:15 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2012/03/06 23:34:15 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2012/03/06 23:34:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2012/03/06 23:34:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2012/03/06 23:34:15 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2012/03/06 23:34:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2012/03/06 23:34:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2012/03/06 23:34:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2012/03/06 23:34:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2012/03/06 23:34:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2012/03/06 23:34:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2012/03/06 23:34:14 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2012/03/06 23:34:14 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2012/03/06 23:34:14 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2012/03/06 23:34:14 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2012/03/06 23:34:14 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2012/03/06 23:34:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2012/03/06 23:34:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2012/03/06 23:34:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2012/03/06 23:34:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2012/03/06 23:34:14 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2012/03/06 23:34:13 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2012/03/06 23:34:13 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2012/03/06 23:34:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2012/03/06 23:34:13 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2012/03/06 23:34:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2012/03/06 23:34:12 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2012/03/06 23:33:21 | 000,345,088 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2012/03/06 23:33:21 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012/03/06 23:33:21 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2012/03/06 23:33:21 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2012/03/06 23:33:21 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2012/03/06 23:33:21 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2012/03/06 23:33:21 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2012/03/06 23:33:21 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2012/03/06 23:33:20 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2012/03/06 23:33:20 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2012/03/06 23:33:20 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2012/03/06 23:33:20 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2012/03/06 23:33:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2012/03/06 23:33:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2012/03/06 23:33:20 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2012/03/06 23:33:20 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2012/03/06 23:33:20 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2012/03/06 23:33:20 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2012/03/06 23:33:19 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2012/03/06 23:33:19 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2012/03/06 23:33:19 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2012/03/06 23:33:19 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2012/03/06 23:33:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2012/03/06 23:33:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2012/03/06 23:33:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2012/03/06 23:33:18 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2012/03/06 23:33:18 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2012/03/06 23:33:18 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2012/03/06 23:33:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2012/03/06 23:33:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2012/03/06 23:33:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2012/03/06 23:33:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2012/03/06 23:33:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2012/03/06 23:33:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2012/03/06 23:33:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2012/03/06 23:33:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2012/03/06 23:33:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2012/03/06 23:33:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2012/03/06 23:33:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2012/03/06 23:33:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2012/03/06 23:33:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2012/03/06 23:33:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2012/03/06 23:33:17 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2012/03/06 23:33:17 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2012/03/06 23:33:17 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2012/03/06 23:33:17 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2012/03/06 23:33:17 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2012/03/06 23:33:17 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2012/03/06 23:33:17 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2012/03/06 23:33:17 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2012/03/06 23:33:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2012/03/06 23:33:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2012/03/06 23:33:16 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2012/03/06 23:33:16 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2012/03/06 23:33:16 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2012/03/06 23:33:16 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2012/03/06 23:33:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2012/03/06 23:33:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2012/03/06 23:33:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2012/03/06 23:33:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2012/03/06 23:33:15 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2012/03/06 23:33:15 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2012/03/06 23:33:15 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2012/03/06 23:33:15 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2012/03/06 23:33:15 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2012/03/06 23:33:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2012/03/06 23:33:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2012/03/06 23:33:15 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2012/03/06 23:33:14 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2012/03/06 23:33:14 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2012/03/06 23:33:14 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2012/03/06 23:33:14 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2012/03/06 23:33:14 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2012/03/06 23:33:14 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2012/03/06 23:33:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2012/03/06 23:33:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2012/03/06 23:33:01 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2012/03/06 23:33:01 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2012/03/06 23:33:00 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2012/03/06 23:33:00 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2012/03/06 23:33:00 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2012/03/06 23:33:00 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2012/03/06 23:32:59 | 001,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2012/03/06 23:32:59 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2012/03/06 23:32:59 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2012/03/06 23:32:59 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2012/03/06 23:32:58 | 000,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012/03/06 23:32:58 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2012/03/06 23:32:58 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2012/03/06 23:32:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2012/03/06 23:32:57 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2012/03/06 23:32:57 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2012/03/06 23:32:56 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2012/03/06 23:32:56 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2012/03/06 23:32:56 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2012/03/06 23:32:56 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2012/03/06 23:32:56 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2012/03/06 23:32:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2012/03/06 23:32:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2012/03/06 23:32:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2012/03/06 23:32:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2012/03/06 23:32:55 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2012/03/06 23:32:55 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2012/03/06 23:32:55 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2012/03/06 23:32:55 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2012/03/06 23:32:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2012/03/06 23:32:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2012/03/06 23:32:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2012/03/06 23:32:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2012/03/06 23:32:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2012/03/06 23:32:54 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2012/03/06 23:32:54 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2012/03/06 23:32:54 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2012/03/06 23:32:53 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2012/03/06 23:32:52 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2012/03/06 23:32:52 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2012/03/06 23:32:52 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2012/03/06 23:32:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2012/03/06 23:32:51 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2012/03/06 23:32:51 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2012/03/06 23:32:51 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2012/03/06 23:32:51 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2012/03/06 23:32:51 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2012/03/06 23:32:50 | 000,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2012/03/06 23:32:50 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2012/03/06 23:32:50 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2012/03/06 23:32:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2012/03/06 23:32:49 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2012/03/06 23:32:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2012/03/06 23:32:49 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2012/03/06 23:32:48 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2012/03/06 23:32:48 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2012/03/06 23:32:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2012/03/06 23:32:47 | 001,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2012/03/06 23:32:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2012/03/06 23:32:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2012/03/06 23:17:07 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2012/03/06 23:17:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2012/03/06 23:15:46 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2012/03/06 23:15:45 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2012/03/06 23:15:44 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2012/03/06 23:15:44 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2012/03/06 23:15:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2012/03/06 23:15:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2012/03/06 23:15:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2012/03/06 23:15:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2012/03/06 23:15:39 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2012/03/06 23:15:38 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2012/03/06 23:15:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2012/02/12 14:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[7 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/08 11:05:30 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/03/08 11:01:05 | 000,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/03/08 11:00:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/03/08 11:00:09 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/08 11:00:05 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-1482476501-839522115-1004.job
[2012/03/08 10:59:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/08 10:52:48 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/03/08 10:46:22 | 004,430,843 | R--- | M] (Swearware) -- C:\Documents and Settings\Cathi Kressin\Desktop\ComboFix.exe
[2012/03/08 10:37:16 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cathi Kressin\Desktop\OTL.exe
[2012/03/08 10:32:23 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/08 10:29:57 | 000,445,644 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/08 10:29:57 | 000,073,076 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/08 10:28:57 | 000,013,668 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/08 10:26:43 | 000,302,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/08 10:25:01 | 000,000,287 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/03/08 10:18:23 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/03/08 10:18:20 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/03/08 10:18:20 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/03/08 10:18:07 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/03/08 10:15:43 | 000,023,372 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/03/08 10:12:57 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/03/06 23:47:38 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/03/06 23:46:47 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2012/03/06 23:46:12 | 000,013,668 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012/03/06 23:40:56 | 000,004,326 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/03/06 23:36:25 | 000,369,849 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2012/03/06 23:36:04 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2012/03/03 21:53:41 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-1482476501-839522115-1004.job
[2012/03/03 21:44:12 | 000,000,016 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2012/03/01 09:51:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/28 23:25:04 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/12 14:51:58 | 000,398,760 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2 C:\*.tmp files -> C:\*.tmp -> ]
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/08 10:52:48 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/03/08 10:52:44 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/03/08 10:50:59 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/03/08 10:50:59 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/03/08 10:50:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/03/08 10:50:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/03/08 10:50:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/03/08 10:21:28 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/03/08 10:20:57 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/03/08 10:20:48 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/03/08 10:20:47 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/03/08 10:20:45 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/03/08 10:20:37 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/03/08 10:20:32 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/03/08 10:20:27 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/03/08 10:20:12 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/03/08 10:17:01 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/03/08 10:01:37 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/03/08 10:01:37 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2012/03/08 10:01:37 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/03/08 10:01:37 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/03/08 10:01:37 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/03/08 10:01:37 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/03/08 10:01:37 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/03/08 10:01:37 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/03/08 10:01:37 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/03/08 10:01:37 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/03/08 10:01:37 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/03/08 10:01:37 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012/03/08 10:01:37 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/03/08 10:01:36 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/03/08 10:01:36 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012/03/08 10:01:36 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/03/08 10:01:36 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/03/06 23:46:12 | 000,013,668 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2012/03/06 23:36:06 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2012/03/06 23:36:04 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2012/03/06 23:34:41 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012/03/06 23:34:25 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012/03/06 23:33:26 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/03/06 23:33:25 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN Explorer.lnk
[2012/03/06 23:13:24 | 000,369,849 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2011/07/19 17:06:35 | 000,012,466 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\t2m6h4oht6qxk24v3280150nje5ta55f6y0vyc05
[2011/06/11 19:39:39 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxeavs.dll
[2011/06/11 19:39:34 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoin.dll
[2011/06/11 19:39:22 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxeagcfg.dll
[2011/06/11 19:39:20 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeacui.dll
[2011/06/11 19:39:20 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeacuir.dll
[2011/06/11 19:36:09 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxearwrd.ini
[2011/06/11 19:35:56 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEAinst.dll
[2011/06/11 19:35:55 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeainpa.dll
[2011/06/11 19:35:55 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEAhcp.dll
[2011/06/11 19:35:54 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeausb1.dll
[2011/06/11 19:35:54 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaiesc.dll
[2011/06/11 19:35:53 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaserv.dll
[2011/06/11 19:35:53 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeapmui.dll
[2011/06/11 19:35:52 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxealmpm.dll
[2011/06/11 19:35:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxeajswr.dll
[2011/06/11 19:35:51 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaih.exe
[2011/06/11 19:35:51 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxeains.dll
[2011/06/11 19:35:51 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxeainsb.dll
[2011/06/11 19:35:51 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxeainsr.dll
[2011/06/11 19:35:50 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeahbn3.dll
[2011/06/11 19:35:50 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxeagrd.dll
[2011/06/11 19:35:50 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeacub.dll
[2011/06/11 19:35:50 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeacur.dll
[2011/06/11 19:35:49 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoms.exe
[2011/06/11 19:35:49 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeacu.dll
[2011/06/11 19:35:48 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomm.dll
[2011/06/11 19:35:47 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomc.dll
[2011/06/11 19:35:47 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacfg.exe
[2011/06/11 19:34:53 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LXEAsmr.dll
[2011/06/11 19:34:52 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEAsm.dll
[2011/05/21 12:48:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2011/05/21 09:23:17 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/21 08:35:00 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~15720228r
[2011/05/21 08:35:00 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~15720228
[2011/05/21 08:34:51 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\15720228
[2010/12/29 12:58:21 | 000,011,264 | ---- | C] () -- C:\WINDOWS\DCEBoot.exe

< End of report >


EXTRAS log

OTL Extras logfile created on: 3/8/2012 11:09:08 AM - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = C:\Documents and Settings\Cathi Kressin\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.42 Mb Total Physical Memory | 623.47 Mb Available Physical Memory | 65.05% Memory free
2.26 Gb Paging File | 1.93 Gb Available in Paging File | 85.18% Paging File free
Paging file location(s): c:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 123.72 Gb Free Space | 83.03% Space Free | Partition Type: NTFS
Drive D: | 581.97 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KRESSIN-334AE91 | User Name: Cathi Kressin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\WINDOWS\system32\lxeacoms.exe" = C:\WINDOWS\system32\lxeacoms.exe:*:Enabled:S300-S400 Series Server -- ( )
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader -- (ABBYY (BIT Software))


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It! Library 10
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Premium 10
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCC7F68-A437-4559-A840-F5E010934951}" = HP Driver Diagnostics
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A580547F-4FB6-433E-A595-21CAA858C556}" = Microsoft Office Live Small Business Image Uploader
"{A7091E1D-36A4-47F1-A739-173CC341414F}" = Cisco Systems VPN Client 5.0.03.0560
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DE1AF137-C455-494A-A817-EFE44BCCFDEE}" = Works Upgrade
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Bejeweled 2 Deluxe 1.0" = Bejeweled 2 Deluxe 1.0
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"CutePDF Writer Installation" = CutePDF Writer 2.7
"GPL Ghostscript_is1" = Docudesk GPL Ghostscript 8.15
"HijackThis" = HijackThis 2.0.2
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"PictureItPrem_v10" = Microsoft Picture It! Premium 10
"RealPlayer 12.0" = RealPlayer
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2005Setup" = Microsoft Works 2005 Setup Launcher
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YTdetect" = Yahoo! Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/8/2012 12:28:07 PM | Computer Name = KRESSIN-334AE91 | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF
while recovering repository file.

Error - 3/8/2012 12:28:09 PM | Computer Name = KRESSIN-334AE91 | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS
COMMUNICATION FOUNDATION\SERVICEMODEL.MOF while recovering repository file.

Error - 3/8/2012 12:28:09 PM | Computer Name = KRESSIN-334AE91 | Source = WinMgmt | ID = 4
Description = Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF
while recovering repository file.

Error - 3/8/2012 12:30:41 PM | Computer Name = KRESSIN-334AE91 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/8/2012 12:33:00 PM | Computer Name = KRESSIN-334AE91 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/8/2012 12:34:34 PM | Computer Name = KRESSIN-334AE91 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/8/2012 12:35:04 PM | Computer Name = KRESSIN-334AE91 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/8/2012 12:40:23 PM | Computer Name = KRESSIN-334AE91 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8107.0,
P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 3/8/2012 12:41:03 PM | Computer Name = KRESSIN-334AE91 | Source = Application Hang | ID = 1002
Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/8/2012 12:47:35 PM | Computer Name = KRESSIN-334AE91 | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.36.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 3/8/2012 12:40:33 PM | Computer Name = KRESSIN-334AE91 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.121.805.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8101.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 3/8/2012 12:40:33 PM | Computer Name = KRESSIN-334AE91 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.121.805.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8101.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 3/8/2012 12:40:33 PM | Computer Name = KRESSIN-334AE91 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.121.805.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8101.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 3/8/2012 12:40:33 PM | Computer Name = KRESSIN-334AE91 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.121.805.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.8101.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 3/8/2012 12:54:03 PM | Computer Name = KRESSIN-334AE91 | Source = Service Control Manager | ID = 7034
Description = The Updater Service for StartNow Toolbar service terminated unexpectedly.
It has done this 1 time(s).

Error - 3/8/2012 1:00:27 PM | Computer Name = KRESSIN-334AE91 | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80070032 Error description: The request is not supported. Reason:
%%842

Error - 3/8/2012 1:00:27 PM | Computer Name = KRESSIN-334AE91 | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80070032 Error description: The request is not supported. Reason:
%%842

Error - 3/8/2012 1:00:28 PM | Computer Name = KRESSIN-334AE91 | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80070032 Error description: The request is not supported. Reason:
%%837

Error - 3/8/2012 1:00:28 PM | Computer Name = KRESSIN-334AE91 | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80070032 Error description: The request is not supported. Reason:
%%837

Error - 3/8/2012 1:00:46 PM | Computer Name = KRESSIN-334AE91 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
MpFilter


< End of report >
  • 0

#15
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
When a Repair Install is perform, most of the programs installed do not launch as Registry entries are removed during the process. If it is happening, re-installing the program should resolve the issue. Is the computer able to update?

Posted Image Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner.
  • Select the option YES, I accept the Terms of Use then click on Start.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:

    Scan for potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth Technology

  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP