Jump to content

bk436

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. OTL logfile created on: 5/24/2010 3:57:48 PM - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Brian\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 39.06 Gb Total Space | 26.86 Gb Free Space | 68.76% Space Free | Partition Type: NTFS Drive D: | 39.06 Gb Total Space | 38.16 Gb Free Space | 97.70% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 853.38 Gb Total Space | 778.97 Gb Free Space | 91.28% Space Free | Partition Type: NTFS Drive H: | 1397.26 Gb Total Space | 472.96 Gb Free Space | 33.85% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: BK Current User Name: Brian Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010/05/24 15:57:04 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe PRC - [2010/02/22 20:57:21 | 000,319,280 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2009/12/07 16:43:16 | 001,455,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe PRC - [2009/12/07 16:43:16 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe PRC - [2009/12/07 16:43:16 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2009/12/07 16:43:14 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe PRC - [2009/12/07 16:43:14 | 001,864,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe PRC - [2009/09/30 20:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2008/05/26 23:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/09/26 18:05:58 | 000,734,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe PRC - [2007/01/30 01:39:34 | 001,432,064 | ---- | M] (Phoenix Labs) -- C:\Program Files\PeerGuardian2\pg2.exe ========== Modules (SafeList) ========== MOD - [2010/05/24 15:57:04 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe MOD - [2008/04/14 05:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2009/12/07 16:43:16 | 000,341,320 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC) SRV - [2009/12/07 16:43:16 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2009/12/07 16:43:16 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2009/12/07 16:43:14 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus) SRV - [2009/12/07 16:43:14 | 001,864,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService) SRV - [2009/07/13 13:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate) ========== Driver Services (SafeList) ========== DRV - [2010/05/10 02:00:00 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100523.004\NAVEX15.SYS -- (NAVEX15) DRV - [2010/05/10 02:00:00 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100523.004\NAVENG.SYS -- (NAVENG) DRV - [2010/01/23 11:29:05 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2010/01/12 17:57:06 | 000,162,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wpshelper.sys -- (WpsHelper) DRV - [2009/12/30 10:54:26 | 001,399,680 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009/12/07 16:43:18 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS) DRV - [2009/12/07 16:43:16 | 000,320,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL) DRV - [2009/12/07 16:43:16 | 000,281,648 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP) DRV - [2009/12/07 16:43:16 | 000,092,488 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant) DRV - [2009/12/07 16:43:16 | 000,050,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2) DRV - [2009/12/07 16:43:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX) DRV - [2009/12/07 16:43:12 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2009/12/07 16:43:12 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2009/12/07 16:43:12 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2009/12/07 16:43:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon) DRV - [2009/11/20 20:34:54 | 010,235,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009/09/17 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/09/17 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/06/05 16:16:32 | 000,142,336 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2009/04/08 14:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21) DRV - [2008/04/14 05:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007/01/30 01:16:42 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2008/04/14 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (CDNSCacheObj Object) - {376892AE-1825-4E5F-9F85-23F9640051CC} - C:\WINDOWS\mplayerplgn.dll File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKCU..\Run: [steam] G:\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab (QuickTime Object) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shock...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Brian\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Brian\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/12/29 12:36:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/12/29 12:36:34 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Error starting restore point: System Restore is disabled. Error closing restore point: System Restore is disabled. ========== Files/Folders - Created Within 90 Days ========== [2010/05/24 15:57:01 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe [2010/05/22 17:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2010/05/22 09:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\gtk-2.0 [2010/05/22 09:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET [2010/05/22 09:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\Paint.NET [2010/05/21 23:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\.thumbnails [2010/05/21 23:44:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\My Documents\gegl-0.0 [2010/05/21 23:44:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\.gimp-2.6 [2010/05/21 23:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2010/05/21 08:14:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Desktop\antimalware [2010/05/20 21:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2010/05/20 21:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2010/05/20 21:41:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\Apple [2010/05/20 21:41:42 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2010/05/20 21:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple [2010/05/20 21:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\Apple Computer [2010/05/20 21:40:22 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/05/19 21:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Desktop\Photos [2010/05/16 18:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2010/05/16 18:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\Google [2010/05/16 18:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\Temp [2010/05/16 18:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2010/05/16 18:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010/05/16 18:37:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\Google [2010/05/15 15:14:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010/05/15 15:13:27 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW [2010/05/12 21:30:12 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll [2010/05/12 21:30:12 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll [2010/05/12 21:30:00 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe [2010/05/12 21:29:59 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys [2010/05/12 21:29:46 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys [2010/05/12 21:29:45 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys [2010/05/12 21:29:41 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys [2010/05/12 21:29:38 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys [2010/05/12 21:29:34 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys [2010/05/12 21:29:34 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys [2010/05/12 21:29:33 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys [2010/05/12 21:29:32 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys [2010/05/12 21:29:31 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys [2010/05/12 21:29:30 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys [2010/05/12 21:29:30 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys [2010/05/12 21:29:26 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys [2010/05/12 21:29:25 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys [2010/05/12 21:29:25 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys [2010/05/12 21:29:25 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys [2010/05/12 21:29:22 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys [2010/05/12 21:29:19 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll [2010/05/12 21:29:18 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll [2010/05/12 21:29:18 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll [2010/05/12 21:29:16 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll [2010/05/12 21:29:16 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys [2010/05/12 21:29:15 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll [2010/05/12 21:29:15 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll [2010/05/12 21:29:15 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys [2010/05/12 21:29:15 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys [2010/05/12 21:29:12 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys [2010/05/12 21:29:10 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys [2010/05/12 21:29:10 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys [2010/05/12 21:29:10 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll [2010/05/12 21:29:09 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys [2010/05/12 21:29:09 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys [2010/05/12 21:29:06 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll [2010/05/12 21:29:06 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys [2010/05/12 21:29:01 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys [2010/05/12 21:29:01 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll [2010/05/12 21:29:01 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll [2010/05/12 21:29:00 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys [2010/05/12 21:28:59 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys [2010/05/12 21:28:55 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys [2010/05/12 21:28:49 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys [2010/05/12 21:28:48 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll [2010/05/12 21:28:48 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys [2010/05/12 21:28:48 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys [2010/05/12 21:28:48 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys [2010/05/12 21:28:43 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys [2010/05/12 21:28:43 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys [2010/05/12 21:28:43 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys [2010/05/12 21:28:42 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys [2010/05/12 21:28:38 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll [2010/05/12 21:28:38 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys [2010/05/12 21:28:38 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys [2010/05/12 21:28:38 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys [2010/05/12 21:28:34 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys [2010/05/12 21:28:33 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys [2010/05/12 21:28:33 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys [2010/05/12 21:28:31 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll [2010/05/12 21:28:31 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys [2010/05/12 21:28:30 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll [2010/05/12 21:28:30 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll [2010/05/12 21:28:30 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys [2010/05/12 21:28:29 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll [2010/05/12 21:28:29 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys [2010/05/12 21:28:29 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll [2010/05/12 21:28:29 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys [2010/05/12 21:28:27 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll [2010/05/12 21:28:27 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll [2010/05/12 21:28:26 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll [2010/05/12 21:28:26 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll [2010/05/12 21:28:25 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys [2010/05/12 21:28:24 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys [2010/05/12 21:28:23 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll [2010/05/12 21:28:21 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys [2010/05/12 21:28:21 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys [2010/05/12 21:28:20 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll [2010/05/12 21:28:15 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys [2010/05/12 21:28:15 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys [2010/05/12 21:28:10 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys [2010/05/12 21:28:10 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys [2010/05/12 21:28:09 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys [2010/05/12 21:28:08 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys [2010/05/12 21:27:58 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys [2010/05/12 21:27:58 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe [2010/05/12 21:27:56 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys [2010/05/12 21:27:56 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys [2010/05/12 21:27:56 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys [2010/05/12 21:27:51 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys [2010/05/12 21:27:51 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys [2010/05/12 21:27:50 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys [2010/05/12 21:27:50 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys [2010/05/12 21:27:42 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys [2010/05/12 21:27:39 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys [2010/05/12 21:27:39 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys [2010/05/12 21:27:38 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys [2010/05/12 21:27:37 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys [2010/05/12 21:27:35 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll [2010/05/12 21:27:35 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys [2010/05/12 21:27:33 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll [2010/05/12 21:27:33 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys [2010/05/12 21:27:33 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys [2010/05/12 21:27:32 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys [2010/05/12 21:27:32 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll [2010/05/12 21:27:32 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll [2010/05/12 21:27:32 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys [2010/05/12 21:27:31 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys [2010/05/12 21:27:31 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll [2010/05/12 21:27:31 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys [2010/05/12 21:27:31 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll [2010/05/12 21:27:30 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys [2010/05/12 21:27:14 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys [2010/05/12 21:27:05 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys [2010/05/12 21:27:02 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys [2010/05/12 21:27:02 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys [2010/05/12 21:27:02 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys [2010/05/12 21:27:02 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys [2010/05/12 21:27:02 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys [2010/05/12 21:27:01 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys [2010/05/12 21:26:59 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys [2010/05/12 21:26:59 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys [2010/05/12 21:26:59 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys [2010/05/12 21:26:58 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys [2010/05/12 21:26:57 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys [2010/05/12 21:26:57 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys [2010/05/12 21:26:41 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys [2010/05/12 21:26:39 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys [2010/05/12 21:26:25 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll [2010/05/12 21:26:10 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll [2010/05/12 21:26:09 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll [2010/05/12 21:26:04 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys [2010/05/12 21:26:03 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys [2010/05/12 21:26:03 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys [2010/05/12 21:26:00 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys [2010/05/12 21:25:56 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys [2010/05/12 21:25:55 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys [2010/05/12 21:25:54 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys [2010/05/12 21:25:54 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys [2010/05/12 21:25:54 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys [2010/05/12 21:25:53 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys [2010/05/12 21:25:49 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys [2010/05/12 21:25:48 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys [2010/05/12 21:25:48 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys [2010/05/12 21:25:42 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys [2010/05/12 21:25:29 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys [2010/05/12 21:25:27 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys [2010/05/12 21:25:24 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys [2010/05/12 21:25:24 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys [2010/05/12 21:25:23 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys [2010/05/12 21:25:23 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe [2010/05/12 21:25:22 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll [2010/05/12 21:25:22 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll [2010/05/12 21:25:22 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll [2010/05/12 21:25:21 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys [2010/05/12 21:25:16 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys [2010/05/12 21:25:16 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys [2010/05/12 21:25:15 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys [2010/05/12 21:25:09 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys [2010/05/12 21:25:09 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys [2010/05/12 21:25:09 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys [2010/05/12 21:25:09 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys [2010/05/12 21:25:09 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys [2010/05/12 21:25:08 | 000,249,856 | ---- | C] (Comtrol
  2. As a continuation of the problem I had in topic http://forums.malwarebytes.org/index.php?showtopic=49849 , I ran Malwarebytes today and got the exact same registry key infection listed. Any idea how I can keep this from coming back? Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4123 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 5/21/2010 8:13:46 AM mbam-log-2010-05-21 (08-13-46).txt Scan type: Quick scan Objects scanned: 118633 Time elapsed: 3 minute(s), 56 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  3. Everything is running fine. But to be honest I didn't notice any effects of the malware other than it showing up on the scans. Thanks for your help. It is good to know the problem is gone. It is more than a little troubling that I picked up this malware by just going to what I thought was a reputable site. I didn't click on anything, the alert came up on my AntiVirus instantly. I am using IE8, is there a browser you would recommend to perhaps avoid this problem?
  4. File sfcfiles.dll received on 2010.05.15 18:44:23 (UTC) Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED Result: 0/41 (0%) Loading server information... Your file is queued in position: 1. Estimated start time is between 38 and 55 seconds. Do not close the window until scan is complete. The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result. If you are waiting for more than five minutes you have to resend your file. Your file is being scanned by VirusTotal in this moment, results will be shown as they're generated. Compact Print results Your file has expired or does not exists. Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished. Email: Antivirus Version Last Update Result a-squared 4.5.0.50 2010.05.10 - AhnLab-V3 2010.05.15.00 2010.05.14 - AntiVir 8.2.1.242 2010.05.14 - Antiy-AVL 2.0.3.7 2010.05.14 - Authentium 5.2.0.5 2010.05.15 - Avast 4.8.1351.0 2010.05.15 - Avast5 5.0.332.0 2010.05.15 - AVG 9.0.0.787 2010.05.15 - BitDefender 7.2 2010.05.15 - CAT-QuickHeal 10.00 2010.05.15 - ClamAV 0.96.0.3-git 2010.05.15 - Comodo 4849 2010.05.15 - DrWeb 5.0.2.03300 2010.05.15 - eSafe 7.0.17.0 2010.05.13 - eTrust-Vet 35.2.7490 2010.05.15 - F-Prot 4.5.1.85 2010.05.15 - F-Secure 9.0.15370.0 2010.05.15 - Fortinet 4.1.133.0 2010.05.15 - GData 21 2010.05.15 - Ikarus T3.1.1.84.0 2010.05.15 - Jiangmin 13.0.900 2010.05.15 - Kaspersky 7.0.0.125 2010.05.15 - McAfee 5.400.0.1158 2010.05.15 - McAfee-GW-Edition 2010.1 2010.05.15 - Microsoft 1.5703 2010.05.14 - NOD32 5117 2010.05.15 - Norman 6.04.12 2010.05.15 - nProtect 2010-05-15.01 2010.05.15 - Panda 10.0.2.7 2010.05.15 - PCTools 7.0.3.5 2010.05.15 - Prevx 3.0 2010.05.15 - Rising 22.47.04.03 2010.05.14 - Sophos 4.53.0 2010.05.15 - Sunbelt 6307 2010.05.15 - Symantec 20101.1.0.89 2010.05.15 - TheHacker 6.5.2.0.280 2010.05.14 - TrendMicro 9.120.0.1004 2010.05.15 - TrendMicro-HouseCall 9.120.0.1004 2010.05.15 - VBA32 3.12.12.5 2010.05.14 - ViRobot 2010.5.15.2318 2010.05.15 - VirusBuster 5.0.27.0 2010.05.15 - Additional information File size: 1614848 bytes MD5...: 600d58665d16bfbb776efefb0e80532d SHA1..: c9719f14eab06cf0b5422bad7bee950a7c308768 SHA256: bc43d953e24b76a86aa7252a35ce408341fc14e6b1cb5a0c592a92ba4f9325ae ssdeep: 3072:4UeE8F3PH/mvTKJrhqCaDfzqdK2D+P7KsLxvmzmekuNrR4:4w8FlmfzqQHL xvmzy PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x120d timedatestamp.....: 0x48025222 (Sun Apr 13 18:34:10 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xcbf 0xe00 5.90 d3fe89394e3542961bec08f951a2b772 .data 0x2000 0x17e730 0x17e800 3.28 5d80ab7c2b8cdbd61fd93d0e84a79990 .rsrc 0x181000 0x408 0x600 2.49 6ad33d817c21d5547a4921c76c19efff .reloc 0x182000 0xa230 0xa400 5.76 31a909823c459f02f7ee7c2c9f09fc93 ( 1 imports ) > ntdll.dll: LdrDisableThreadCalloutsForDll, NtClose, NtQueryValueKey, NtOpenKey, RtlInitUnicodeString, RtlGetVersion, NtTerminateProcess, RtlUnhandledExceptionFilter, RtlUnwind, NtQueryVirtualMemory ( 1 exports ) SfcGetFiles RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win32 Executable Generic (68.0%) Generic Win/DOS Executable (15.9%) DOS Executable Generic (15.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. All rights reserved. product......: Microsoft_ Windows_ Operating System description..: Windows 2000 System File Checker original name: internal name: file version.: 5.1.2600.5512 (xpsp.080413-2111) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned
  5. ComboFix 10-05-13.02 - Brian 05/15/2010 8:52.3.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3063.2572 [GMT -6:00] Running from: c:\documents and settings\Brian\Desktop\Combo-Fix.exe Command switches used :: c:\documents and settings\Brian\Desktop\CFScript.txt AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Endpoint Protection *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . ((((((((((((((((((((((((( Files Created from 2010-04-15 to 2010-05-15 ))))))))))))))))))))))))))))))) . 2010-05-13 03:30 . 2008-04-14 10:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2010-05-13 03:30 . 2001-08-18 03:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2010-05-13 03:30 . 2008-04-14 10:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2010-05-13 03:30 . 2001-08-18 03:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2010-05-13 03:30 . 2001-08-18 03:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2010-05-13 03:30 . 2001-08-18 03:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2010-05-13 03:28 . 2001-08-17 17:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys 2010-05-13 03:27 . 2008-04-14 10:40 211584 -c--a-w- c:\windows\system32\dllcache\perm2dll.dll 2010-05-13 03:26 . 2001-08-17 17:12 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys 2010-05-13 03:25 . 2001-08-18 03:36 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll 2010-05-13 03:24 . 2008-04-14 05:06 13952 -c--a-w- c:\windows\system32\dllcache\cmbatt.sys 2010-05-13 03:23 . 2008-04-14 03:06 10880 -c--a-w- c:\windows\system32\dllcache\admjoy.sys 2010-05-11 00:13 . 2010-05-11 00:42 -------- d-----w- C:\Combo-Fix 2010-05-07 03:23 . 2010-05-07 03:23 -------- d-----w- c:\windows\Sun 2010-05-07 03:23 . 2010-05-07 03:23 503808 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\msvcp71.dll 2010-05-07 03:23 . 2010-05-07 03:23 499712 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\jmc.dll 2010-05-07 03:23 . 2010-05-07 03:23 348160 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\msvcr71.dll 2010-05-07 03:23 . 2010-05-07 03:23 61440 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3adba50d-n\decora-sse.dll 2010-05-07 03:23 . 2010-05-07 03:23 12800 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3adba50d-n\decora-d3d.dll 2010-05-07 03:23 . 2010-05-07 03:23 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-07 03:23 . 2010-05-07 03:23 -------- d-----w- c:\program files\Java 2010-05-07 03:22 . 2010-05-07 03:22 -------- d-----w- c:\program files\Common Files\Java 2010-05-06 02:31 . 2010-05-06 02:31 -------- d-----w- c:\windows\system32\Adobe 2010-05-06 01:12 . 2010-05-06 01:12 -------- d-----w- c:\documents and settings\Brian\Application Data\Malwarebytes 2010-05-06 01:11 . 2010-04-29 21:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-06 01:11 . 2010-05-06 01:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-06 01:11 . 2010-05-06 01:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-06 01:11 . 2010-04-29 21:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-03 01:58 . 2010-05-03 01:58 -------- d-----w- c:\documents and settings\Brian\Local Settings\Application Data\Codemasters 2010-05-01 07:34 . 2010-05-01 07:34 216736 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-05-01 01:41 . 2010-05-01 01:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters 2010-05-01 01:32 . 2010-05-01 01:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2010-05-01 01:32 . 2010-05-01 01:32 -------- d-----w- c:\windows\system32\xlive . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-13 02:00 . 2009-12-31 18:53 -------- d-----w- c:\documents and settings\Brian\Application Data\uTorrent 2010-05-13 01:58 . 2010-01-01 21:35 -------- d-----w- c:\program files\PeerGuardian2 2010-05-02 07:01 . 2009-12-30 21:38 -------- d-----w- c:\documents and settings\Brian\Application Data\vlc 2010-05-02 05:13 . 2009-12-30 21:38 -------- d-----w- c:\documents and settings\Brian\Application Data\dvdcss 2010-04-03 01:22 . 2010-04-03 01:22 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ 2010-03-10 06:15 . 2009-11-05 12:54 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:19 . 2009-12-08 17:07 919040 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2009-11-05 12:53 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-16 14:08 . 2009-11-05 12:53 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25 . 2009-08-04 14:20 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-15 17:24 . 2009-12-29 18:50 18440 ----a-w- c:\documents and settings\Brian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT . (((((((((((((((((((((((((((((((((((((((((( SR_Search )))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ------- Sigcheck ------- [-] 2009-11-05 . 600D58665D16BFBB776EFEFB0E80532D . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot_2010-05-13_23.29.45 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-15 14:47 . 2010-05-15 14:47 16384 c:\windows\Temp\Perflib_Perfdata_6e4.dat + 2008-04-14 11:00 . 2010-05-15 14:51 78318 c:\windows\system32\perfc009.dat - 2008-04-14 11:00 . 2010-05-13 23:25 78318 c:\windows\system32\perfc009.dat + 2010-02-13 00:36 . 2010-05-14 05:14 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2010-02-13 00:36 . 2010-04-14 23:36 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2010-02-13 00:36 . 2010-04-14 23:36 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2010-02-13 00:36 . 2010-05-14 05:14 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe - 2010-02-13 00:36 . 2010-04-14 23:36 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2010-02-13 00:36 . 2010-05-14 05:14 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe - 2010-02-13 00:36 . 2010-04-14 23:36 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2010-02-13 00:36 . 2010-05-14 05:14 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2010-02-13 00:36 . 2010-05-14 05:14 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe - 2010-02-13 00:36 . 2010-04-14 23:36 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe + 2010-02-13 00:36 . 2010-05-14 05:14 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2010-02-13 00:36 . 2010-04-14 23:36 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2010-02-13 00:36 . 2010-04-14 23:36 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2010-02-13 00:36 . 2010-05-14 05:14 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2008-04-14 11:00 . 2010-05-13 23:25 462498 c:\windows\system32\perfh009.dat + 2008-04-14 11:00 . 2010-05-15 14:51 462498 c:\windows\system32\perfh009.dat + 2009-12-29 18:34 . 2010-01-29 15:01 691712 c:\windows\system32\inetcomm.dll - 2009-12-29 18:34 . 2009-11-05 12:53 691712 c:\windows\system32\inetcomm.dll + 2009-12-29 18:34 . 2010-01-29 15:01 691712 c:\windows\system32\dllcache\inetcomm.dll - 2009-12-29 18:34 . 2009-11-05 12:53 691712 c:\windows\system32\dllcache\inetcomm.dll - 2010-02-13 00:36 . 2010-04-14 23:36 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2010-02-13 00:36 . 2010-05-14 05:14 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2010-02-13 00:36 . 2010-05-14 05:14 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2010-02-13 00:36 . 2010-04-14 23:36 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe + 2010-02-13 00:36 . 2010-05-14 05:14 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2010-02-13 00:36 . 2010-04-14 23:36 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2010-02-13 00:36 . 2010-05-14 05:14 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe - 2010-02-13 00:36 . 2010-04-14 23:36 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2010-02-13 00:36 . 2010-05-14 05:14 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe - 2010-02-13 00:36 . 2010-04-14 23:36 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe - 2010-02-13 00:36 . 2010-04-14 23:36 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2010-02-13 00:36 . 2010-05-14 05:14 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2009-12-29 18:34 . 2010-01-30 02:31 1315328 c:\windows\system32\dllcache\msoe.dll - 2009-12-29 18:34 . 2009-11-05 12:53 1315328 c:\windows\system32\dllcache\msoe.dll + 2009-10-17 00:07 . 2009-10-17 00:07 6115328 c:\windows\Installer\143581d.msp + 2010-04-21 23:46 . 2010-04-21 23:46 5522432 c:\windows\Installer\1435805.msp + 2009-12-29 18:37 . 2010-04-30 18:51 32058312 c:\windows\system32\MRT.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Steam"="g:\steam\Steam.exe" [2010-05-07 1238352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-21 110184] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-21 12669544] "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-12-30 33665024] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2009-12-07 115560] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "IE8"="advpack.dll" [2009-11-05 128512] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "g:\\Steam\\Steam.exe"= "g:\\Steam\\steamapps\\gurdgurdson\\team fortress 2\\hl2.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "g:\\Steam\\steamapps\\common\\mirrors edge\\Binaries\\MirrorsEdge.exe"= "g:\\Steam\\steamapps\\common\\europa universalis iii - complete\\eu3game.exe"= "g:\\Steam\\steamapps\\common\\mass effect\\Binaries\\MassEffect.exe"= "g:\\Steam\\steamapps\\common\\ghostbusters\\ghost_w32.exe"= "g:\\Steam\\steamapps\\common\\mount and blade\\runme.exe"= "g:\\Steam\\steamapps\\common\\bioshock\\Builds\\Release\\Bioshock.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"= "c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"= "g:\\Steam\\steamapps\\common\\psychonauts\\PsychoLauncher.exe"= "g:\\Steam\\steamapps\\common\\empire total war demo\\Empire.exe"= "g:\\Steam\\steamapps\\common\\batman arkham asylum - demo\\Binaries\\ShippingPC-BmGame.exe"= "g:\\Steam\\steamapps\\common\\dirt\\DiRT.exe"= "g:\\Steam\\steamapps\\common\\dirt 2\\dirt2.exe"= R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1/24/2010 7:19 PM 102448] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [9/17/2009 8:00 PM 1399680] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [12/7/2009 4:43 PM 23888] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-15 08:54 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(316) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Completion time: 2010-05-15 08:55:12 ComboFix-quarantined-files.txt 2010-05-15 14:55 ComboFix2.txt 2010-05-13 23:30 ComboFix3.txt 2010-05-11 00:42 Pre-Run: 26,649,092,096 bytes free Post-Run: 26,666,803,200 bytes free - - End Of File - - 78D7FA81936E766F457BDBAA28D79EC9
  6. ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Steam"="g:\steam\Steam.exe" [2010-05-07 1238352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-21 110184] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-21 12669544] "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-12-30 33665024] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2009-12-07 115560] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "IE8"="advpack.dll" [2009-11-05 128512] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "g:\\Steam\\Steam.exe"= "g:\\Steam\\steamapps\\gurdgurdson\\team fortress 2\\hl2.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "g:\\Steam\\steamapps\\common\\mirrors edge\\Binaries\\MirrorsEdge.exe"= "g:\\Steam\\steamapps\\common\\europa universalis iii - complete\\eu3game.exe"= "g:\\Steam\\steamapps\\common\\mass effect\\Binaries\\MassEffect.exe"= "g:\\Steam\\steamapps\\common\\ghostbusters\\ghost_w32.exe"= "g:\\Steam\\steamapps\\common\\mount and blade\\runme.exe"= "g:\\Steam\\steamapps\\common\\bioshock\\Builds\\Release\\Bioshock.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"= "c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"= "g:\\Steam\\steamapps\\common\\psychonauts\\PsychoLauncher.exe"= "g:\\Steam\\steamapps\\common\\empire total war demo\\Empire.exe"= "g:\\Steam\\steamapps\\common\\batman arkham asylum - demo\\Binaries\\ShippingPC-BmGame.exe"= "g:\\Steam\\steamapps\\common\\dirt\\DiRT.exe"= "g:\\Steam\\steamapps\\common\\dirt 2\\dirt2.exe"= R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1/24/2010 7:19 PM 102448] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [9/17/2009 8:00 PM 1399680] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [12/7/2009 4:43 PM 23888] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-13 17:29 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(944) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Completion time: 2010-05-13 17:30:27 ComboFix-quarantined-files.txt 2010-05-13 23:30 ComboFix2.txt 2010-05-11 00:42 Pre-Run: 26,390,724,608 bytes free Post-Run: 26,409,410,560 bytes free - - End Of File - - 4ECC246906B9C7AE2C92F7B447035A9D
  7. ComboFix 10-05-13.02 - Brian 05/13/2010 17:28:05.2.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3063.2459 [GMT -6:00] Running from: c:\documents and settings\Brian\Desktop\Combo-Fix.exe AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Endpoint Protection *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . ((((((((((((((((((((((((( Files Created from 2010-04-13 to 2010-05-13 ))))))))))))))))))))))))))))))) . 2010-05-13 03:30 . 2008-04-14 10:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2010-05-13 03:30 . 2001-08-18 03:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2010-05-13 03:30 . 2008-04-14 10:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2010-05-13 03:30 . 2001-08-18 03:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2010-05-13 03:30 . 2001-08-18 03:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2010-05-13 03:30 . 2001-08-18 03:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2010-05-13 03:28 . 2001-08-17 17:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys 2010-05-13 03:27 . 2008-04-14 10:40 211584 -c--a-w- c:\windows\system32\dllcache\perm2dll.dll 2010-05-13 03:26 . 2001-08-17 17:12 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys 2010-05-13 03:25 . 2001-08-18 03:36 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll 2010-05-13 03:24 . 2008-04-14 05:06 13952 -c--a-w- c:\windows\system32\dllcache\cmbatt.sys 2010-05-13 03:23 . 2008-04-14 03:06 10880 -c--a-w- c:\windows\system32\dllcache\admjoy.sys 2010-05-11 00:13 . 2010-05-11 00:42 -------- d-----w- C:\Combo-Fix 2010-05-07 03:23 . 2010-05-07 03:23 -------- d-----w- c:\windows\Sun 2010-05-07 03:23 . 2010-05-07 03:23 503808 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\msvcp71.dll 2010-05-07 03:23 . 2010-05-07 03:23 499712 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\jmc.dll 2010-05-07 03:23 . 2010-05-07 03:23 348160 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\msvcr71.dll 2010-05-07 03:23 . 2010-05-07 03:23 61440 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3adba50d-n\decora-sse.dll 2010-05-07 03:23 . 2010-05-07 03:23 12800 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3adba50d-n\decora-d3d.dll 2010-05-07 03:23 . 2010-05-07 03:23 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-07 03:23 . 2010-05-07 03:23 -------- d-----w- c:\program files\Java 2010-05-07 03:22 . 2010-05-07 03:22 -------- d-----w- c:\program files\Common Files\Java 2010-05-06 02:31 . 2010-05-06 02:31 -------- d-----w- c:\windows\system32\Adobe 2010-05-06 01:12 . 2010-05-06 01:12 -------- d-----w- c:\documents and settings\Brian\Application Data\Malwarebytes 2010-05-06 01:11 . 2010-04-29 21:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-06 01:11 . 2010-05-06 01:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-06 01:11 . 2010-05-06 01:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-06 01:11 . 2010-04-29 21:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-03 01:58 . 2010-05-03 01:58 -------- d-----w- c:\documents and settings\Brian\Local Settings\Application Data\Codemasters 2010-05-01 07:34 . 2010-05-01 07:34 216736 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-05-01 01:41 . 2010-05-01 01:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters 2010-05-01 01:32 . 2010-05-01 01:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2010-05-01 01:32 . 2010-05-01 01:32 -------- d-----w- c:\windows\system32\xlive . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-13 02:00 . 2009-12-31 18:53 -------- d-----w- c:\documents and settings\Brian\Application Data\uTorrent 2010-05-13 01:58 . 2010-01-01 21:35 -------- d-----w- c:\program files\PeerGuardian2 2010-05-02 07:01 . 2009-12-30 21:38 -------- d-----w- c:\documents and settings\Brian\Application Data\vlc 2010-05-02 05:13 . 2009-12-30 21:38 -------- d-----w- c:\documents and settings\Brian\Application Data\dvdcss 2010-04-03 01:22 . 2010-04-03 01:22 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ 2010-03-10 06:15 . 2009-11-05 12:54 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:19 . 2009-12-08 17:07 919040 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2009-11-05 12:53 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-16 14:08 . 2009-11-05 12:53 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25 . 2009-08-04 14:20 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-15 17:24 . 2009-12-29 18:50 18440 ----a-w- c:\documents and settings\Brian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT . ------- Sigcheck ------- [-] 2009-11-05 . 600D58665D16BFBB776EFEFB0E80532D . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot@2010-05-11_00.42.16 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-13 23:21 . 2010-05-13 23:21 16384 c:\windows\Temp\Perflib_Perfdata_600.dat + 2008-04-14 11:00 . 2010-05-13 23:25 78318 c:\windows\system32\perfc009.dat - 2008-04-14 11:00 . 2010-05-10 23:31 78318 c:\windows\system32\perfc009.dat + 2010-05-13 03:29 . 2001-08-17 17:11 16970 c:\windows\system32\dllcache\xem336n5.sys + 2008-04-14 04:42 . 2009-12-08 17:22 52736 c:\windows\system32\dllcache\wzcsapi.dll + 2010-05-13 03:29 . 2008-04-14 03:04 19455 c:\windows\system32\dllcache\wvchntxx.sys + 2010-05-13 03:29 . 2008-04-14 05:16 19200 c:\windows\system32\dllcache\wstcodec.sys + 2010-05-13 03:29 . 2008-04-14 03:04 12063 c:\windows\system32\dllcache\wsiintxx.sys + 2001-08-17 21:36 . 2009-12-08 17:21 13824 c:\windows\system32\dllcache\wowfaxui.dll + 2010-05-13 03:29 . 2001-08-17 17:12 34890 c:\windows\system32\dllcache\wlandrv2.sys + 2010-05-13 03:29 . 2001-08-18 03:36 53760 c:\windows\system32\dllcache\wiamsmud.dll + 2010-05-13 03:29 . 2001-08-18 03:36 87040 c:\windows\system32\dllcache\wiafbdrv.dll + 2010-05-13 03:29 . 2008-04-14 03:04 23615 c:\windows\system32\dllcache\wch7xxnt.sys + 2010-05-13 03:29 . 2008-04-14 05:15 31744 c:\windows\system32\dllcache\wceusbsh.sys + 2010-05-13 03:29 . 2001-08-17 17:10 35871 c:\windows\system32\dllcache\wbfirdma.sys + 2010-05-13 03:29 . 2008-04-14 03:04 25471 c:\windows\system32\dllcache\watv10nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 22271 c:\windows\system32\dllcache\watv06nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 33599 c:\windows\system32\dllcache\watv04nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 19551 c:\windows\system32\dllcache\watv02nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 29311 c:\windows\system32\dllcache\watv01nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 11935 c:\windows\system32\dllcache\wadv11nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 11871 c:\windows\system32\dllcache\wadv09nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 11295 c:\windows\system32\dllcache\wadv08nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 11807 c:\windows\system32\dllcache\wadv07nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 11775 c:\windows\system32\dllcache\wadv05nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 12127 c:\windows\system32\dllcache\wadv02nt.sys + 2010-05-13 03:29 . 2008-04-14 03:04 12415 c:\windows\system32\dllcache\wadv01nt.sys + 2010-05-13 03:29 . 2008-04-14 05:13 14208 c:\windows\system32\dllcache\wacompen.sys + 2010-05-13 03:29 . 2001-08-17 17:13 16925 c:\windows\system32\dllcache\w940nd.sys + 2010-05-13 03:29 . 2001-08-17 17:13 19016 c:\windows\system32\dllcache\w926nd.sys + 2010-05-13 03:29 . 2001-08-17 17:13 19528 c:\windows\system32\dllcache\w840nd.sys + 2010-05-13 03:29 . 2001-08-17 18:28 64605 c:\windows\system32\dllcache\vvoice.sys + 2010-05-13 03:29 . 2001-08-17 18:49 24576 c:\windows\system32\dllcache\viairda.sys + 2010-05-13 03:29 . 2008-04-14 05:06 42240 c:\windows\system32\dllcache\viaagp.sys + 2010-05-13 03:29 . 2008-04-14 10:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll + 2001-08-17 13:02 . 2009-12-08 17:21 58112 c:\windows\system32\dllcache\vdmindvd.sys + 2010-05-13 03:29 . 2008-04-14 10:42 11325 c:\windows\system32\dllcache\vchnt5.dll + 2001-08-17 21:36 . 2009-12-08 17:21 49211 c:\windows\system32\dllcache\usrvpa.dll + 2001-08-17 21:36 . 2009-12-08 17:21 45116 c:\windows\system32\dllcache\usrvoica.dll + 2001-08-17 21:36 . 2009-12-08 17:21 49209 c:\windows\system32\dllcache\usrv80a.dll + 2001-08-17 21:36 . 2009-12-08 17:21 41019 c:\windows\system32\dllcache\usrsvpia.dll + 2001-08-17 21:37 . 2009-12-08 17:21 69700 c:\windows\system32\dllcache\usrshuta.exe + 2001-08-17 21:36 . 2009-12-08 17:21 49211 c:\windows\system32\dllcache\usrsdpia.dll + 2001-08-17 21:36 . 2009-12-08 17:21 77883 c:\windows\system32\dllcache\usrrtosa.dll + 2001-08-17 21:37 . 2009-12-08 17:21 61508 c:\windows\system32\dllcache\usrprbda.exe + 2001-08-17 21:37 . 2009-12-08 17:21 77891 c:\windows\system32\dllcache\usrmlnka.exe + 2001-08-17 21:36 . 2009-12-08 17:21 53305 c:\windows\system32\dllcache\usrlbva.dll + 2001-08-17 21:36 . 2009-12-08 17:21 86073 c:\windows\system32\dllcache\usrfaxa.dll + 2001-08-17 21:36 . 2009-12-08 17:21 77890 c:\windows\system32\dllcache\usrdpa.dll + 2001-08-17 21:36 . 2009-12-08 17:21 69699 c:\windows\system32\dllcache\usrcoina.dll + 2001-08-17 21:36 . 2009-12-08 17:21 61500 c:\windows\system32\dllcache\usrcntra.dll + 2010-05-13 03:29 . 2008-04-14 05:15 20608 c:\windows\system32\dllcache\usbuhci.sys + 2010-05-13 03:29 . 2008-04-14 05:15 26112 c:\windows\system32\dllcache\usbser.sys + 2010-05-13 03:29 . 2008-04-14 05:15 15104 c:\windows\system32\dllcache\usbscan.sys + 2010-05-13 03:29 . 2008-04-14 05:17 25856 c:\windows\system32\dllcache\usbprint.sys + 2010-05-13 03:29 . 2008-04-14 05:15 17152 c:\windows\system32\dllcache\usbohci.sys + 2008-04-13 23:15 . 2009-12-08 17:22 15872 c:\windows\system32\dllcache\usbintel.sys + 2010-05-13 03:29 . 2008-04-14 05:15 32128 c:\windows\system32\dllcache\usbccgp.sys + 2008-04-13 23:15 . 2009-12-08 17:22 25728 c:\windows\system32\dllcache\usbcamd2.sys + 2008-04-13 23:15 . 2009-12-08 17:22 25600 c:\windows\system32\dllcache\usbcamd.sys + 2010-05-13 03:29 . 2008-04-14 05:15 60032 c:\windows\system32\dllcache\usbaudio.sys + 2010-05-13 03:29 . 2008-04-14 05:26 12800 c:\windows\system32\dllcache\usb8023x.sys + 2010-05-13 03:29 . 2008-04-14 03:05 32384 c:\windows\system32\dllcache\usb101et.sys + 2010-05-13 03:29 . 2001-08-18 03:36 94720 c:\windows\system32\dllcache\umaxud32.dll + 2010-05-13 03:29 . 2001-08-18 03:36 28160 c:\windows\system32\dllcache\umaxu40.dll + 2010-05-13 03:29 . 2001-08-18 03:36 26624 c:\windows\system32\dllcache\umaxu22.dll + 2010-05-13 03:29 . 2001-08-18 03:36 69632 c:\windows\system32\dllcache\umaxu12.dll + 2010-05-13 03:29 . 2001-08-18 03:36 50688 c:\windows\system32\dllcache\umaxscan.dll + 2010-05-13 03:29 . 2001-08-17 18:58 22912 c:\windows\system32\dllcache\umaxpcls.sys + 2010-05-13 03:29 . 2001-08-18 03:36 50176 c:\windows\system32\dllcache\umaxp60.dll + 2010-05-13 03:29 . 2001-08-18 03:36 47616 c:\windows\system32\dllcache\umaxcam.dll + 2010-05-13 03:29 . 2001-08-17 18:52 36736 c:\windows\system32\dllcache\ultra.sys + 2010-05-13 03:29 . 2008-04-14 05:06 44672 c:\windows\system32\dllcache\uagp35.sys + 2010-05-13 03:29 . 2001-08-17 18:48 11520 c:\windows\system32\dllcache\twotrack.sys + 2008-04-13 23:26 . 2009-12-08 17:22 12288 c:\windows\system32\dllcache\tunmp.sys + 2001-08-17 13:06 . 2009-12-08 17:21 21376 c:\windows\system32\dllcache\tsbvcap.sys + 2010-05-13 03:29 . 2001-08-17 17:12 34375 c:\windows\system32\dllcache\tpro4.sys + 2010-05-13 03:29 . 2001-08-18 03:35 42496 c:\windows\system32\dllcache\tp4res.dll + 2010-05-13 03:29 . 2008-04-14 10:42 82944 c:\windows\system32\dllcache\tp4mon.exe + 2010-05-13 03:29 . 2001-08-18 03:36 31744 c:\windows\system32\dllcache\tp4.dll + 2001-08-17 13:01 . 2009-12-08 17:21 51712 c:\windows\system32\dllcache\tosdvd.sys + 2010-05-13 03:29 . 2001-08-17 17:10 28232 c:\windows\system32\dllcache\tos4mo.sys + 2010-05-13 03:29 . 2001-08-17 19:56 81408 c:\windows\system32\dllcache\tgiul50.dll + 2009-12-29 18:32 . 2008-04-14 11:43 40840 c:\windows\system32\dllcache\termdd.sys + 2010-05-13 03:29 . 2001-08-17 17:13 17129 c:\windows\system32\dllcache\tdkcd31.sys + 2010-05-13 03:29 . 2001-08-17 17:13 37961 c:\windows\system32\dllcache\tdk100b.sys - 2009-12-29 18:37 . 2003-03-24 23:52 16384 c:\windows\system32\dllcache\tcptsat.dll + 2009-12-29 18:37 . 2003-03-24 22:52 16384 c:\windows\system32\dllcache\tcptsat.dll - 2009-12-29 18:37 . 2003-03-24 23:52 32827 c:\windows\system32\dllcache\tcptest.exe + 2009-12-29 18:37 . 2003-03-24 22:52 32827 c:\windows\system32\dllcache\tcptest.exe + 2010-05-13 03:29 . 2001-08-17 18:49 30464 c:\windows\system32\dllcache\tbatm155.sys + 2010-05-13 03:29 . 2001-08-17 17:50 36640 c:\windows\system32\dllcache\t2r4mini.sys + 2010-05-13 03:29 . 2001-08-17 19:07 32640 c:\windows\system32\dllcache\symc8xx.sys + 2010-05-13 03:29 . 2001-08-17 19:07 16256 c:\windows\system32\dllcache\symc810.sys + 2010-05-13 03:29 . 2001-08-17 19:07 30688 c:\windows\system32\dllcache\sym_u3.sys + 2010-05-13 03:29 . 2001-08-17 19:07 28384 c:\windows\system32\dllcache\sym_hi.sys + 2010-05-13 03:29 . 2001-08-18 03:36 94293 c:\windows\system32\dllcache\sxports.dll + 2010-05-13 03:29 . 2001-08-18 03:36 10240 c:\windows\system32\dllcache\swpidflt.dll + 2010-05-13 03:29 . 2001-08-18 03:36 10240 c:\windows\system32\dllcache\swpdflt2.dll + 2010-05-13 03:29 . 2001-08-18 03:36 53760 c:\windows\system32\dllcache\sw_wheel.dll + 2010-05-13 03:29 . 2001-08-18 03:36 41472 c:\windows\system32\dllcache\sw_effct.dll + 2010-05-13 03:29 . 2008-04-14 05:16 15232 c:\windows\system32\dllcache\streamip.sys + 2009-12-29 11:28 . 2008-04-14 04:42 74752 c:\windows\system32\dllcache\storprop.dll + 2010-05-13 03:29 . 2001-08-18 03:36 53248 c:\windows\system32\dllcache\stlncoin.dll + 2010-05-13 03:29 . 2001-08-17 18:51 16896 c:\windows\system32\dllcache\stcusb.sys + 2010-05-13 03:28 . 2001-08-18 03:36 99328 c:\windows\system32\dllcache\srusd.dll + 2010-05-13 03:28 . 2001-08-18 03:36 24660 c:\windows\system32\dllcache\spxupchk.dll + 2001-08-17 21:36 . 2009-12-08 17:21 72192 c:\windows\system32\dllcache\sprio800.dll + 2001-08-17 21:36 . 2009-12-08 17:21 70656 c:\windows\system32\dllcache\sprio600.dll + 2001-08-17 21:36 . 2009-12-08 17:21 69632 c:\windows\system32\dllcache\spnike.dll + 2010-05-13 03:28 . 2001-08-17 18:51 61824 c:\windows\system32\dllcache\speed.sys + 2010-05-13 03:28 . 2001-08-17 19:07 19072 c:\windows\system32\dllcache\sparrow.sys + 2010-05-13 03:28 . 2001-08-17 17:51 37040 c:\windows\system32\dllcache\sonypi.sys + 2010-05-13 03:28 . 2001-08-17 17:51 20752 c:\windows\system32\dllcache\sonync.sys + 2008-04-13 23:16 . 2009-12-08 17:22 25344 c:\windows\system32\dllcache\sonydcam.sys + 2010-05-13 03:28 . 2001-08-17 17:51 58368 c:\windows\system32\dllcache\smiminib.sys + 2010-05-13 03:28 . 2001-08-17 17:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys + 2010-05-13 03:28 . 2001-08-17 17:10 35913 c:\windows\system32\dllcache\smcirda.sys + 2010-05-13 03:28 . 2001-08-17 17:12 24576 c:\windows\system32\dllcache\smc8000n.sys + 2010-05-13 03:28 . 2008-04-14 05:06 16000 c:\windows\system32\dllcache\smbbatt.sys + 2010-05-13 03:28 . 2001-08-18 03:36 45568 c:\windows\system32\dllcache\smb3w.dll + 2010-05-13 03:28 . 2001-08-18 03:36 33792 c:\windows\system32\dllcache\smb0w.dll + 2010-05-13 03:28 . 2001-08-18 03:36 28672 c:\windows\system32\dllcache\sma0w.dll + 2010-05-13 03:28 . 2001-08-18 03:36 28160 c:\windows\system32\dllcache\sm91w.dll + 2010-05-13 03:28 . 2008-04-14 04:53 13240 c:\windows\system32\dllcache\slwdmsup.sys + 2010-05-13 03:28 . 2008-04-14 10:42 73796 c:\windows\system32\dllcache\slserv.exe + 2010-05-13 03:28 . 2008-04-14 10:42 32866 c:\windows\system32\dllcache\slrundll.exe + 2010-05-13 03:28 . 2008-04-14 04:53 95424 c:\windows\system32\dllcache\slnthal.sys + 2010-05-13 03:28 . 2008-04-14 05:16 11136 c:\windows\system32\dllcache\slip.sys + 2010-05-13 03:28 . 2008-04-14 10:42 73832 c:\windows\system32\dllcache\slcoinst.dll + 2010-05-13 03:28 . 2008-04-14 03:05 63547 c:\windows\system32\dllcache\sla30nd5.sys + 2010-05-13 03:28 . 2001-08-17 17:12 91294 c:\windows\system32\dllcache\skfpwin.sys + 2010-05-13 03:28 . 2001-08-17 17:12 94698 c:\windows\system32\dllcache\sk98xwin.sys + 2010-05-13 03:28 . 2001-08-17 17:50 50432 c:\windows\system32\dllcache\sisv.sys + 2010-05-13 03:28 . 2008-04-14 03:05 32768 c:\windows\system32\dllcache\sisnic.sys + 2010-05-13 03:28 . 2008-04-14 05:06 40960 c:\windows\system32\dllcache\sisagp.sys + 2010-05-13 03:28 . 2001-08-17 17:50 68608 c:\windows\system32\dllcache\sis6306p.sys + 2009-12-29 18:37 . 2003-03-24 22:52 16437 c:\windows\system32\dllcache\shtml.exe - 2009-12-29 18:37 . 2003-03-24 23:52 16437 c:\windows\system32\dllcache\shtml.exe + 2009-12-29 18:37 . 2003-03-24 22:52 20536 c:\windows\system32\dllcache\shtml.dll - 2009-12-29 18:37 . 2003-03-24 23:52 20536 c:\windows\system32\dllcache\shtml.dll + 2010-05-13 03:28 . 2001-07-21 19:29 18400 c:\windows\system32\dllcache\sgsmld.sys + 2010-05-13 03:28 . 2001-08-17 17:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys + 2010-05-13 03:28 . 2001-08-17 17:19 36480 c:\windows\system32\dllcache\sfmanm.sys + 2008-04-14 11:00 . 2008-04-14 11:00 11392 c:\windows\system32\dllcache\sfloppy.sys + 2008-04-14 11:00 . 2008-04-14 11:00 11008 c:\windows\system32\dllcache\sffp_sd.sys + 2008-04-14 11:00 . 2008-04-14 11:00 11904 c:\windows\system32\dllcache\sffdisk.sys + 2010-05-13 03:28 . 2001-08-17 18:48 17664 c:\windows\system32\dllcache\sermouse.sys + 2008-04-14 11:00 . 2008-04-14 11:00 64512 c:\windows\system32\dllcache\serial.sys + 2008-04-14 11:00 . 2008-04-14 11:00 15744 c:\windows\system32\dllcache\serenum.sys + 2008-04-14 11:00 . 2008-04-14 11:00 29184 c:\windows\system32\dllcache\sdhcinst.dll + 2008-04-14 11:00 . 2008-04-14 11:00 79232 c:\windows\system32\dllcache\sdbus.sys + 2010-05-13 03:28 . 2008-04-14 05:15 11520 c:\windows\system32\dllcache\scsiscan.sys + 2010-05-13 03:28 . 2001-08-17 18:52 11648 c:\windows\system32\dllcache\scsiprnt.sys + 2008-04-14 11:00 . 2008-04-14 11:00 96384 c:\windows\system32\dllcache\scsiport.sys + 2010-05-13 03:28 . 2001-08-17 18:51 17280 c:\windows\system32\dllcache\scr111.sys + 2010-05-13 03:28 . 2001-08-17 18:51 16640 c:\windows\system32\dllcache\scmstcs.sys + 2010-05-13 03:28 . 2001-08-17 18:51 23936 c:\windows\system32\dllcache\sccmusbm.sys + 2010-05-13 03:28 . 2001-08-17 18:51 23936 c:\windows\system32\dllcache\sccmn50m.sys + 2010-05-13 03:28 . 2008-04-14 05:10 43904 c:\windows\system32\dllcache\sbp2port.sys + 2010-05-13 03:28 . 2001-08-17 17:50 75392 c:\windows\system32\dllcache\s3savmxm.sys + 2010-05-13 03:28 . 2001-08-17 17:50 77824 c:\windows\system32\dllcache\s3sav4m.sys + 2010-05-13 03:28 . 2001-08-17 17:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys + 2010-05-13 03:28 . 2001-08-18 03:36 62496 c:\windows\system32\dllcache\s3mtrio.dll + 2010-05-13 03:28 . 2001-08-17 17:50 41216 c:\windows\system32\dllcache\s3mt3d.sys + 2010-05-13 03:28 . 2001-08-17 18:57 65664 c:\windows\system32\dllcache\s3legacy.sys + 2010-05-13 03:23 . 2001-08-17 19:56 66048 c:\windows\system32\dllcache\s3legacy.dll + 2010-05-13 03:28 . 2001-08-18 03:36 82432 c:\windows\system32\dllcache\rwia450.dll + 2010-05-13 03:28 . 2001-08-18 03:36 79872 c:\windows\system32\dllcache\rwia430.dll + 2010-05-13 03:28 . 2008-04-14 10:42 29696 c:\windows\system32\dllcache\rw450ext.dll + 2010-05-13 03:28 . 2008-04-14 10:42 27648 c:\windows\system32\dllcache\rw430ext.dll + 2010-05-13 03:28 . 2008-04-14 03:05 20992 c:\windows\system32\dllcache\rtl8139.sys + 2010-05-13 03:28 . 2001-08-17 17:12 19017 c:\windows\system32\dllcache\rtl8029.sys + 2010-05-13 03:28 . 2001-08-17 17:19 30720 c:\windows\system32\dllcache\rthwcls.sys + 2010-05-13 03:28 . 2008-04-14 05:10 79104 c:\windows\system32\dllcache\rocket.sys + 2010-05-13 03:28 . 2008-04-14 05:26 30592 c:\windows\system32\dllcache\rndismpx.sys + 2010-05-13 03:28 . 2001-08-17 17:12 37563 c:\windows\system32\dllcache\rlnet5.sys + 2001-08-17 12:24 . 2009-12-08 17:21 12032 c:\windows\system32\dllcache\riodrv.sys + 2001-08-17 12:24 . 2009-12-08 17:21 12032 c:\windows\system32\dllcache\rio8drv.sys + 2010-05-13 03:28 . 2008-04-14 05:16 59136 c:\windows\system32\dllcache\rfcomm.sys + 2010-05-13 03:28 . 2001-08-18 03:36 86097 c:\windows\system32\dllcache\reslog32.dll + 2009-12-29 11:30 . 2008-04-13 23:10 57600 c:\windows\system32\dllcache\redbook.sys + 2010-05-13 03:28 . 2008-04-14 04:53 13776 c:\windows\system32\dllcache\recagent.sys + 2010-05-13 03:28 . 2001-08-17 18:51 19584 c:\windows\system32\dllcache\rasirda.sys + 2010-05-13 03:28 . 2001-08-18 03:36 41472 c:\windows\system32\dllcache\qvusd.dll + 2010-05-13 03:28 . 2001-08-17 18:52 49024 c:\windows\system32\dllcache\ql1280.sys + 2010-05-13 03:28 . 2001-08-17 18:52 40448 c:\windows\system32\dllcache\ql1240.sys + 2010-05-13 03:28 . 2001-08-17 18:52 45312 c:\windows\system32\dllcache\ql12160.sys + 2010-05-13 03:28 . 2001-08-17 18:52 33152 c:\windows\system32\dllcache\ql10wnt.sys + 2010-05-13 03:28 . 2001-08-17 18:52 40320 c:\windows\system32\dllcache\ql1080.sys + 2010-05-13 03:28 . 2001-08-18 03:36 35328 c:\windows\system32\dllcache\psisload.dll + 2010-05-13 03:28 . 2001-08-17 18:51 16128 c:\windows\system32\dllcache\pscr.sys + 2008-04-13 23:01 . 2009-12-08 17:22 35840 c:\windows\system32\dllcache\processr.sys + 2010-05-13 03:28 . 2008-04-14 05:11 17664 c:\windows\system32\dllcache\ppa3.sys + 2010-05-13 03:28 . 2001-08-17 18:53 17792 c:\windows\system32\dllcache\ppa.sys + 2008-04-14 04:42 . 2009-12-08 17:22 15360 c:\windows\system32\dllcache\pjlmon.dll + 2008-04-14 04:42 . 2009-12-08 17:22 35328 c:\windows\system32\dllcache\pid.dll + 2010-05-13 03:28 . 2001-08-17 19:07 19840 c:\windows\system32\dllcache\philtune.sys + 2010-05-13 03:28 . 2001-08-17 19:04 92416 c:\windows\system32\dllcache\phildec.sys + 2010-05-13 03:28 . 2001-08-17 19:04 75776 c:\windows\system32\dllcache\philcam1.sys + 2010-05-13 03:28 . 2001-08-18 03:36 16384 c:\windows\system32\dllcache\philcam1.dll + 2010-05-13 03:27 . 2008-04-14 05:14 28032 c:\windows\system32\dllcache\perm3.sys + 2010-05-13 03:27 . 2008-04-14 05:14 27904 c:\windows\system32\dllcache\perm2.sys + 2010-05-13 03:27 . 2001-08-17 19:07 27296 c:\windows\system32\dllcache\perc2.sys + 2010-05-13 03:27 . 2001-08-18 03:36 86016 c:\windows\system32\dllcache\pctspk.exe + 2010-05-13 03:27 . 2001-08-17 17:11 35328 c:\windows\system32\dllcache\pcntpci5.sys + 2010-05-13 03:27 . 2001-08-17 17:11 29769 c:\windows\system32\dllcache\pcntn5m.sys + 2010-05-13 03:27 . 2001-08-17 17:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys + 2010-05-13 03:27 . 2001-08-17 17:12 26153 c:\windows\system32\dllcache\pcmlm56.sys + 2010-05-13 03:27 . 2008-04-14 03:05 29502 c:\windows\system32\dllcache\pca200e.sys + 2010-05-13 03:27 . 2001-08-17 17:12 30495 c:\windows\system32\dllcache\pc100nds.sys + 2008-04-13 23:10 . 2009-12-08 17:22 80128 c:\windows\system32\dllcache\parport.sys + 2008-04-13 23:01 . 2009-12-08 17:22 42752 c:\windows\system32\dllcache\p3.sys + 2010-05-13 03:27 . 2001-08-18 03:36 41984 c:\windows\system32\dllcache\ovui2rc.dll + 2010-05-13 03:27 . 2001-08-18 03:36 44544 c:\windows\system32\dllcache\ovui2.dll + 2010-05-13 03:27 . 2001-08-17 19:05 25216 c:\windows\system32\dllcache\ovsound2.sys + 2010-05-13 03:27 . 2001-08-18 03:36 39424 c:\windows\system32\dllcache\ovcoms.exe + 2010-05-13 03:27 . 2001-08-18 03:36 20480 c:\windows\system32\dllcache\ovcomc.dll + 2010-05-13 03:27 . 2001-08-17 19:05 31872 c:\windows\system32\dllcache\ovce.sys + 2010-05-13 03:27 . 2001-08-17 19:05 28032 c:\windows\system32\dllcache\ovcd.sys + 2010-05-13 03:27 . 2001-08-17 19:05 48000 c:\windows\system32\dllcache\ovcam2.sys + 2010-05-13 03:27 . 2001-08-17 19:05 25088 c:\windows\system32\dllcache\ovca.sys + 2010-05-13 03:27 . 2001-08-17 18:28 54186 c:\windows\system32\dllcache\otcsercb.sys + 2010-05-13 03:27 . 2001-08-17 17:12 43689 c:\windows\system32\dllcache\otceth5.sys + 2010-05-13 03:27 . 2001-08-17 17:12 27209 c:\windows\system32\dllcache\otc06x5.sys + 2010-05-13 03:27 . 2001-08-17 17:20 54528 c:\windows\system32\dllcache\opl3sax.sys + 2008-04-14 11:00 . 2008-04-14 11:00 61696 c:\windows\system32\dllcache\ohci1394.sys + 2010-05-13 03:27 . 2001-08-17 17:49 51552 c:\windows\system32\dllcache\ntgrip.sys + 2010-05-13 03:27 . 2008-04-14 05:24 28672 c:\windows\system32\dllcache\nscirda.sys + 2010-05-13 03:27 . 2001-08-17 17:20 87040 c:\windows\system32\dllcache\nm6wdm.sys + 2001-08-17 12:24 . 2009-12-08 17:21 12032 c:\windows\system32\dllcache\nikedrv.sys + 2008-04-13 23:21 . 2009-12-08 17:22 61824 c:\windows\system32\dllcache\nic1394.sys + 2010-05-13 03:27 . 2001-08-17 17:12 32840 c:\windows\system32\dllcache\ngrpci.sys + 2010-05-13 03:27 . 2001-08-17 17:11 65278 c:\windows\system32\dllcache\netflx3.sys + 2010-05-13 03:27 . 2001-08-17 17:50 39264 c:\windows\system32\dllcache\neo20xx.sys + 2010-05-13 03:27 . 2001-08-18 03:36 60480 c:\windows\system32\dllcache\neo20xx.dll + 2010-05-13 03:27 . 2001-08-17 18:49 15872 c:\windows\system32\dllcache\ne2000.sys + 2008-04-13 23:26 . 2009-12-08 17:22 14592 c:\windows\system32\dllcache\ndisuio.sys + 2010-05-13 03:27 . 2008-04-14 05:16 10880 c:\windows\system32\dllcache\ndisip.sys + 2010-05-13 03:27 . 2008-04-14 05:16 85248 c:\windows\system32\dllcache\nabtsfec.sys + 2010-05-13 03:27 . 2001-08-17 19:56 91488 c:\windows\system32\dllcache\n9i3disp.dll + 2010-05-13 03:27 . 2001-08-17 17:50 27936 c:\windows\system32\dllcache\n9i3d.sys + 2010-05-13 03:27 . 2001-08-17 17:50 33088 c:\windows\system32\dllcache\n9i128v2.sys + 2010-05-13 03:27 . 2001-08-18 03:36 59104 c:\windows\system32\dllcache\n9i128v2.dll + 2010-05-13 03:27 . 2001-08-17 17:50 13664 c:\windows\system32\dllcache\n9i128.sys + 2010-05-13 03:27 . 2001-08-17 19:56 35392 c:\windows\system32\dllcache\n9i128.dll + 2010-05-13 03:27 . 2001-08-17 17:11 52255 c:\windows\system32\dllcache\n1000nt5.sys + 2010-05-13 03:27 . 2001-08-17 18:50 75520 c:\windows\system32\dllcache\mxport.sys + 2010-05-13 03:27 . 2001-08-17 18:49 19968 c:\windows\system32\dllcache\mxnic.sys + 2010-05-13 03:27 . 2001-08-18 03:36 19968 c:\windows\system32\dllcache\mxicfg.dll + 2010-05-13 03:27 . 2001-08-17 18:50 21888 c:\windows\system32\dllcache\mxcard.sys + 2010-05-13 03:27 . 2008-04-14 05:13 12672 c:\windows\system32\dllcache\mutohpen.sys + 2008-04-14 04:42 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll - 2010-02-11 00:13 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll + 2010-05-13 03:27 . 2008-04-14 05:16 49024 c:\windows\system32\dllcache\mstape.sys + 2008-04-13 23:06 . 2009-12-08 17:22 15488 c:\windows\system32\dllcache\mssmbios.sys + 2010-05-13 03:27 . 2001-08-17 18:48 12416 c:\windows\system32\dllcache\msriffwv.sys + 2010-05-13 03:27 . 2008-04-14 05:24 22016 c:\windows\system32\dllcache\msircomm.sys + 2010-05-13 03:27 . 2001-08-17 19:02 35200 c:\windows\system32\dllcache\msgame.sys + 2010-05-13 03:27 . 2008-04-14 05:16 51200 c:\windows\system32\dllcache\msdv.sys + 2010-05-13 03:27 . 2001-08-17 18:52 17280 c:\windows\system32\dllcache\mraid35x.sys + 2010-05-13 03:27 . 2008-04-14 05:16 15232 c:\windows\system32\dllcache\mpe.sys + 2001-08-17 12:48 . 2009-12-08 17:21 12160 c:\windows\system32\dllcache\mouhid.sys + 2008-04-13 23:09 . 2009-12-08 17:22 23040 c:\windows\system32\dllcache\mouclass.sys + 2010-05-13 03:27 . 2001-08-17 18:57 16128 c:\windows\system32\dllcache\modemcsa.sys + 2008-04-13 23:30 . 2009-12-08 17:22 30080 c:\windows\system32\dllcache\modem.sys + 2008-04-13 23:06 . 2009-12-08 17:22 63744 c:\windows\system32\dllcache\mf.sys + 2010-05-13 03:27 . 2008-04-14 05:11 26112 c:\windows\system32\dllcache\memstpci.sys + 2010-05-13 03:27 . 2001-08-18 03:36 47616 c:\windows\system32\dllcache\memgrp.dll + 2010-05-13 03:27 . 2001-08-17 17:19 48768 c:\windows\system32\dllcache\maestro.sys + 2010-05-13 03:27 . 2001-08-18 03:36 58880 c:\windows\system32\dllcache\m3092dc.dll + 2010-05-13 03:27 . 2001-08-18 03:36 58368 c:\windows\system32\dllcache\m3091dc.dll + 2010-05-13 03:27 . 2001-08-17 17:49 22848 c:\windows\system32\dllcache\lwusbhid.sys + 2010-05-13 03:27 . 2008-04-14 03:09 20864 c:\windows\system32\dllcache\lwadihid.sys + 2010-05-13 03:26 . 2001-08-17 17:12 20573 c:\windows\system32\dllcache\lne100.sys + 2010-05-13 03:26 . 2001-08-17 17:11 25065 c:\windows\system32\dllcache\lmndis3.sys + 2010-05-13 03:26 . 2001-08-17 18:51 15744 c:\windows\system32\dllcache\lit220p.sys + 2010-05-13 03:26 . 2008-04-14 05:10 34688 c:\windows\system32\dllcache\lbrtfdc.sys + 2010-05-13 03:26 . 2001-08-17 17:12 26442 c:\windows\system32\dllcache\lanepic5.sys + 2010-05-13 03:26 . 2001-08-17 17:12 19016 c:\windows\system32\dllcache\ktc111.sys + 2010-05-13 03:26 . 2001-08-18 03:36 37376 c:\windows\system32\dllcache\kousd.dll + 2010-05-13 03:26 . 2008-04-14 10:41 48640 c:\windows\system32\dllcache\kdsui.dll + 2010-05-13 03:26 . 2008-04-14 05:09 14592 c:\windows\system32\dllcache\kbdhid.sys + 2008-04-14 11:00 . 2008-04-14 11:00 24576 c:\windows\system32\dllcache\kbdclass.sys + 2008-04-14 04:41 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll - 2010-02-11 00:13 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll + 2010-05-13 03:26 . 2001-08-17 18:49 26624 c:\windows\system32\dllcache\irstusb.sys + 2010-05-13 03:26 . 2001-08-17 18:51 18688 c:\windows\system32\dllcache\irsir.sys + 2010-05-13 03:26 . 2008-04-14 10:41 28160 c:\windows\system32\dllcache\irmon.dll + 2010-05-13 03:26 . 2001-08-17 18:49 23552 c:\windows\system32\dllcache\irmk7.sys + 2010-05-13 03:26 . 2008-04-14 05:24 88192 c:\windows\system32\dllcache\irda.sys + 2010-05-13 03:26 . 2008-04-14 05:15 46592 c:\windows\system32\dllcache\irbus.sys + 2010-05-13 03:26 . 2001-08-17 17:12 45632 c:\windows\system32\dllcache\ip5515.sys + 2010-05-13 03:26 . 2001-08-18 03:36 90200 c:\windows\system32\dllcache\io8ports.dll + 2010-05-13 03:26 . 2001-08-17 18:50 38784 c:\windows\system32\dllcache\io8.sys + 2008-04-14 11:00 . 2008-04-14 11:00 36352 c:\windows\system32\dllcache\intelppm.sys + 2010-05-13 03:26 . 2001-08-17 18:47 13056 c:\windows\system32\dllcache\inport.sys + 2010-05-13 03:26 . 2001-08-17 18:52 16000 c:\windows\system32\dllcache\ini910u.sys + 2008-04-14 11:00 . 2008-04-14 11:00 42112 c:\windows\system32\dllcache\imapi.sys + 2010-05-13 03:26 . 2001-08-18 03:36 20480 c:\windows\system32\dllcache\icam5ext.dll + 2010-05-13 03:26 . 2001-08-18 03:36 45056 c:\windows\system32\dllcache\icam5com.dll + 2010-05-13 03:26 . 2001-08-18 03:36 61952 c:\windows\system32\dllcache\icam4ext.dll + 2010-05-13 03:26 . 2001-08-18 03:36 91136 c:\windows\system32\dllcache\icam4com.dll + 2010-05-13 03:26 . 2001-08-18 03:36 26624 c:\windows\system32\dllcache\icam3ext.dll + 2010-05-13 03:26 . 2001-08-17 19:06 38528 c:\windows\system32\dllcache\ibmvcap.sys + 2010-05-13 03:26 . 2001-08-17 17:11 28700 c:\windows\system32\dllcache\ibmexmp.sys + 2008-04-14 11:00 . 2008-04-14 11:00 52480 c:\windows\system32\dllcache\i8042prt.sys + 2010-05-13 03:26 . 2001-08-17 17:49 58592 c:\windows\system32\dllcache\i740nt5.sys + 2010-05-13 03:26 . 2008-04-14 05:11 18560 c:\windows\system32\dllcache\i2omp.sys + 2010-05-13 03:26 . 2008-04-14 10:41 32285 c:\windows\system32\dllcache\hsfcisp2.dll + 2010-05-13 03:26 . 2001-08-17 18:28 50751 c:\windows\system32\dllcache\hsf_tone.sys + 2010-05-13 03:26 . 2001-08-17 18:28 73279 c:\windows\system32\dllcache\hsf_spkp.sys + 2010-05-13 03:26 . 2001-08-17 18:28 44863 c:\windows\system32\dllcache\hsf_soar.sys + 2010-05-13 03:26 . 2001-08-17 18:28 57471 c:\windows\system32\dllcache\hsf_samp.sys + 2010-05-13 03:26 . 2001-08-17 18:28 67167 c:\windows\system32\dllcache\hsf_bsc2.sys + 2010-05-13 03:26 . 2001-08-18 03:36 19456 c:\windows\system32\dllcache\hr1w.dll + 2010-05-13 03:26 . 2001-08-18 03:36 13312 c:\windows\system32\dllcache\hpsjmcro.dll + 2010-05-13 03:26 . 2001-08-17 19:07 25952 c:\windows\system32\dllcache\hpn.sys + 2010-05-13 03:26 . 2001-08-18 03:36 32768 c:\windows\system32\dllcache\hpgtmcro.dll + 2010-05-13 03:26 . 2001-08-18 03:36 68608 c:\windows\system32\dllcache\hpgt53tk.dll + 2010-05-13 03:26 . 2001-08-18 03:36 31232 c:\windows\system32\dllcache\hpgt42tk.dll + 2010-05-13 03:26 . 2001-08-18 03:36 93696 c:\windows\system32\dllcache\hpgt42.dll + 2010-05-13 03:26 . 2001-08-18 03:36 48128 c:\windows\system32\dllcache\hpgt33tk.dll + 2010-05-13 03:26 . 2001-08-18 03:36 89088 c:\windows\system32\dllcache\hpgt33.dll + 2010-05-13 03:26 . 2001-08-18 03:36 83968 c:\windows\system32\dllcache\hpgt21.dll + 2008-04-14 11:00 . 2008-04-14 11:00 10368 c:\windows\system32\dllcache\hidusb.sys + 2010-05-13 03:26 . 2008-04-14 10:41 21504 c:\windows\system32\dllcache\hidserv.dll + 2008-04-14 11:00 . 2008-04-14 11:00 24960 c:\windows\system32\dllcache\hidparse.sys + 2010-05-13 03:26 . 2008-04-14 05:15 19200 c:\windows\system32\dllcache\hidir.sys + 2008-04-14 11:00 . 2008-04-14 11:00 36864 c:\windows\system32\dllcache\hidclass.sys + 2010-05-13 03:26 . 2008-04-14 05:16 25600 c:\windows\system32\dllcache\hidbth.sys + 2010-05-13 03:26 . 2008-04-14 05:06 20352 c:\windows\system32\dllcache\hidbatt.sys + 2008-04-14 04:41 . 2009-12-08 17:22 20992 c:\windows\system32\dllcache\hid.dll + 2010-05-13 03:26 . 2008-04-14 05:10 28288 c:\windows\system32\dllcache\grserial.sys + 2010-05-13 03:26 . 2001-08-17 18:51 82304 c:\windows\system32\dllcache\grclass.sys + 2010-05-13 03:26 . 2001-08-17 18:51 17408 c:\windows\system32\dllcache\gpr400.sys + 2010-05-13 03:26 . 2008-04-14 05:15 59136 c:\windows\system32\dllcache\gckernel.sys + 2010-05-13 03:26 . 2008-04-14 05:15 10624 c:\windows\system32\dllcache\gameenum.sys + 2010-05-13 03:26 . 2008-04-14 05:06 46464 c:\windows\system32\dllcache\gagp30kx.sys + 2001-08-17 12:57 . 2009-12-08 17:21 12160 c:\windows\system32\dllcache\fsvga.sys + 2009-12-29 18:37 . 2003-03-24 22:52 20538 c:\windows\system32\dllcache\fpremadm.exe - 2009-12-29 18:37 . 2003-03-24 23:52 20538 c:\windows\system32\dllcache\fpremadm.exe - 2009-12-29 18:37 . 2003-03-24 23:52 20541 c:\windows\system32\dllcache\fpexedll.dll + 2009-12-29 18:37 . 2003-03-24 22:52 20541 c:\windows\system32\dllcache\fpexedll.dll - 2009-12-29 18:38 . 2003-03-24 23:52 94208 c:\windows\system32\dllcache\fpencode.dll + 2009-12-29 18:38 . 2003-03-24 22:52 94208 c:\windows\system32\dllcache\fpencode.dll - 2009-12-29 18:38 . 2003-03-24 23:52 20541 c:\windows\system32\dllcache\fpadmdll.dll + 2009-12-29 18:38 . 2003-03-24 22:52 20541 c:\windows\system32\dllcache\fpadmdll.dll - 2009-12-29 18:38 . 2003-03-24 23:52 24632 c:\windows\system32\dllcache\fpadmcgi.exe + 2009-12-29 18:38 . 2003-03-24 22:52 24632 c:\windows\system32\dllcache\fpadmcgi.exe - 2009-12-29 18:37 . 2003-03-24 23:52 14608 c:\windows\system32\dllcache\fp98sadm.exe + 2009-12-29 18:37 . 2003-03-24 22:52 14608 c:\windows\system32\dllcache\fp98sadm.exe - 2009-12-29 18:37 . 2003-03-24 23:52 49212 c:\windows\system32\dllcache\fp4awebs.dll + 2009-12-29 18:37 . 2003-03-24 22:52 49212 c:\windows\system32\dllcache\fp4awebs.dll + 2009-12-29 18:37 . 2003-03-24 22:52 32826 c:\windows\system32\dllcache\fp4avss.dll - 2009-12-29 18:37 . 2003-03-24 23:52 32826 c:\windows\system32\dllcache\fp4avss.dll - 2009-12-29 18:37 . 2003-03-24 23:52 41020 c:\windows\system32\dllcache\fp4avnb.dll + 2009-12-29 18:37 . 2003-03-24 22:52 41020 c:\windows\system32\dllcache\fp4avnb.dll - 2009-12-29 18:37 . 2003-03-24 23:52 49210 c:\windows\system32\dllcache\fp4areg.dll + 2009-12-29 18:37 . 2003-03-24 22:52 49210 c:\windows\system32\dllcache\fp4areg.dll + 2009-12-29 18:37 . 2003-03-24 22:52 82035 c:\windows\system32\dllcache\fp4anscp.dll - 2009-12-29 18:37 . 2003-03-24 23:52 82035 c:\windows\system32\dllcache\fp4anscp.dll + 2010-05-13 03:25 . 2008-04-14 03:05 34173 c:\windows\system32\dllcache\forehe.sys + 2010-05-13 03:25 . 2001-08-18 03:36 71680 c:\windows\system32\dllcache\fnfilter.dll + 2008-04-14 11:00 . 2008-04-14 11:00 20480 c:\windows\system32\dllcache\flpydisk.sys + 2010-05-13 03:25 . 2001-08-17 17:13 27165 c:\windows\system32\dllcache\fetnd5.sys + 2010-05-13 03:25 . 2001-08-17 17:10 22090 c:\windows\system32\dllcache\fem556n5.sys + 2008-04-14 11:00 . 2008-04-14 11:00 27392 c:\windows\system32\dllcache\fdc.sys + 2010-05-13 03:25 . 2001-08-17 17:12 24618 c:\windows\system32\dllcache\fa410nd5.sys + 2010-05-13 03:25 . 2001-08-17 17:12 16074 c:\windows\system32\dllcache\fa312nd5.sys + 2010-05-13 03:25 . 2001-08-17 17:11 11850 c:\windows\system32\dllcache\f3ab18xj.sys + 2010-05-13 03:25 . 2001-08-17 17:11 12362 c:\windows\system32\dllcache\f3ab18xi.sys + 2009-12-29 18:38 . 2001-08-18 04:36 12288 c:\windows\system32\dllcache\EXCH_smtpctrs.dll - 2009-12-29 18:38 . 2001-08-18 05:36 12288 c:\windows\system32\dllcache\EXCH_smtpctrs.dll + 2009-12-29 18:38 . 2001-08-18 04:36 26112 c:\windows\system32\dllcache\EXCH_seos.dll - 2009-12-29 18:38 . 2001-08-18 05:36 26112 c:\windows\system32\dllcache\EXCH_seos.dll - 2009-12-29 18:38 . 2001-08-18 05:36 57856 c:\windows\system32\dllcache\EXCH_scripto.dll + 2009-12-29 18:38 . 2001-08-18 04:36 57856 c:\windows\system32\dllcache\EXCH_scripto.dll + 2009-12-29 18:38 . 2001-08-18 04:36 23040 c:\windows\system32\dllcache\EXCH_regtrace.exe - 2009-12-29 18:38 . 2001-08-18 05:36 23040 c:\windows\system32\dllcache\EXCH_regtrace.exe - 2009-12-29 18:38 . 2001-08-18 05:36 38912 c:\windows\system32\dllcache\EXCH_ntfsdrv.dll + 2009-12-29 18:38 . 2001-08-18 04:36 38912 c:\windows\system32\dllcache\EXCH_ntfsdrv.dll + 2009-12-29 18:38 . 2001-08-18 04:36 65536 c:\windows\system32\dllcache\EXCH_mailmsg.dll - 2009-12-29 18:38 . 2001-08-18 05:36 65536 c:\windows\system32\dllcache\EXCH_mailmsg.dll + 2009-12-29 18:38 . 2001-08-18 04:36 43520 c:\windows\system32\dllcache\EXCH_fcachdll.dll - 2009-12-29 18:38 . 2001-08-18 05:36 43520 c:\windows\system32\dllcache\EXCH_fcachdll.dll + 2009-12-29 18:37 . 2001-08-18 04:36 45056 c:\windows\system32\dllcache\EXCH_aqadmin.dll - 2009-12-29 18:37 . 2001-08-18 05:36 45056 c:\windows\system32\dllcache\EXCH_aqadmin.dll + 2010-05-13 03:25 . 2001-08-17 17:12 16998 c:\windows\system32\dllcache\ex10.sys + 2010-05-13 03:25 . 2001-08-18 03:36 45568 c:\windows\system32\dllcache\esunib.dll + 2010-05-13 03:25 . 2001-08-18 03:36 45568 c:\windows\system32\dllcache\esuni.dll + 2010-05-13 03:25 . 2001-08-18 03:36 34816 c:\windows\system32\dllcache\esuimg.dll + 2010-05-13 03:25 . 2001-08-18 03:36 43008 c:\windows\system32\dllcache\esucm.dll + 2010-05-13 03:25 . 2001-08-17 17:19 63360 c:\windows\system32\dllcache\ess.sys + 2010-05-13 03:25 . 2001-08-17 17:19 72192 c:\windows\system32\dllcache\es1969.sys + 2010-05-13 03:25 . 2001-08-17 17:19 40704 c:\windows\system32\dllcache\es1371mp.sys + 2010-05-13 03:25 . 2001-08-17 17:19 37120 c:\windows\system32\dllcache\es1370mp.sys + 2010-05-13 03:25 . 2001-08-18 03:36 61952 c:\windows\system32\dllcache\eqnloop.exe + 2010-05-13 03:25 . 2001-08-18 03:36 51200 c:\windows\system32\dllcache\eqnlogr.exe + 2010-05-13 03:25 . 2001-08-18 03:36 53248 c:\windows\system32\dllcache\eqndiag.exe + 2010-05-13 03:25 . 2001-08-17 17:12 18503 c:\windows\system32\dllcache\epro4.sys + 2010-05-13 03:25 . 2001-08-17 17:10 19996 c:\windows\system32\dllcache\em556n4.sys + 2010-05-13 03:25 . 2001-08-17 17:10 25159 c:\windows\system32\dllcache\elnk3.sys + 2010-05-13 03:25 . 2001-08-17 17:11 70174 c:\windows\system32\dllcache\el98xn5.sys + 2010-05-13 03:25 . 2001-08-17 17:11 66591 c:\windows\system32\dllcache\el90xbc5.sys + 2010-05-13 03:25 . 2001-08-17 17:11 77386 c:\windows\system32\dllcache\el656nd5.sys + 2010-05-13 03:25 . 2001-08-17 17:11 69194 c:\windows\system32\dllcache\el656cd5.sys + 2010-05-13 03:25 . 2001-08-17 17:10 26141 c:\windows\system32\dllcache\el589nd5.sys + 2010-05-13 03:25 . 2001-08-17 17:10 69692 c:\windows\system32\dllcache\el575nd5.sys + 2010-05-13 03:25 . 2001-08-17 17:10 24653 c:\windows\system32\dllcache\el574nd4.sys + 2010-05-13 03:25 . 2001-08-17 17:10 55999 c:\windows\system32\dllcache\el556nd5.sys + 2010-05-13 03:25 . 2001-08-17 17:10 44103 c:\windows\system32\dllcache\el515.sys + 2010-05-13 03:25 . 2001-08-17 17:12 19594 c:\windows\system32\dllcache\e100isa4.sys + 2010-05-13 03:25 . 2001-08-17 17:12 50719 c:\windows\system32\dllcache\e1000nt5.sys + 2008-04-14 11:00 . 2008-04-14 11:00 71168 c:\windows\system32\dllcache\dxg.sys + 2001-08-17 21:36 . 2009-12-08 17:21 55296 c:\windows\system32\dllcache\dvdplay.exe + 2010-05-13 03:25 . 2001-08-17 19:07 20192 c:\windows\system32\dllcache\dpti2o.sys + 2010-05-13 03:25 . 2001-08-17 17:12 28062 c:\windows\system32\dllcache\dp83820.sys + 2010-05-13 03:25 . 2001-08-17 18:47 23808 c:\windows\system32\dllcache\dot4usb.sys + 2010-05-13 03:25 . 2001-08-17 18:47 12928 c:\windows\system32\dllcache\dot4prt.sys + 2008-04-14 04:41 . 2009-12-08 17:22 52224 c:\windows\system32\dllcache\dmutil.dll + 2010-05-13 03:25 . 2001-08-17 17:11 29696 c:\windows\system32\dllcache\dm9pci5.sys + 2010-05-13 03:25 . 2001-08-17 17:11 26698 c:\windows\system32\dllcache\dlh5xnd5.sys + 2010-05-13 03:25 . 2001-08-18 03:36 29768 c:\windows\system32\dllcache\divasu.dll + 2010-05-13 03:25 . 2001-08-18 03:36 37962 c:\windows\system32\dllcache\divaprop.dll + 2010-05-13 03:25 . 2001-08-18 03:36 38985 c:\windows\system32\dllcache\disrvsu.dll + 2010-05-13 03:25 . 2001-08-18 03:36 31305 c:\windows\system32\dllcache\disrvpp.dll + 2008-04-14 11:00 . 2008-04-14 11:00 36352 c:\windows\system32\dllcache\disk.sys + 2010-05-13 03:25 . 2001-08-17 17:13 91305 c:\windows\system32\dllcache\dimaint.sys + 2010-05-13 03:25 . 2001-08-17 17:17 42432 c:\windows\system32\dllcache\digirlpt.sys + 2010-05-13 03:25 . 2001-08-17 17:14 21606 c:\windows\system32\dllcache\digiisdn.sys + 2010-05-13 03:25 . 2001-08-18 03:36 41046 c:\windows\system32\dllcache\digiisdn.dll + 2010-05-13 03:25 . 2001-08-17 17:17 90525 c:\windows\system32\dllcache\digifep5.sys + 2010-05-13 03:25 . 2001-08-17 17:13 37735 c:\windows\system32\dllcache\digiasyn.sys + 2010-05-13 03:25 . 2001-08-18 03:36 65622 c:\windows\system32\dllcache\digiasyn.dll + 2010-05-13 03:24 . 2001-08-18 03:36 32256 c:\windows\system32\dllcache\diapi2NT.dll + 2010-05-13 03:25 . 2001-08-17 17:17 29531 c:\windows\system32\dllcache\dgapci.sys + 2010-05-13 03:25 . 2001-08-17 17:11 24649 c:\windows\system32\dllcache\dfe650d.sys + 2010-05-13 03:25 . 2001-08-17 17:11 24648 c:\windows\system32\dllcache\dfe650.sys + 2010-05-13 03:25 . 2001-08-18 03:36 24064 c:\windows\system32\dllcache\devldr32.exe + 2010-05-13 03:25 . 2001-08-17 17:11 20928 c:\windows\system32\dllcache\defpa.sys + 2010-05-13 03:25 . 2001-08-18 03:36 86016 c:\windows\system32\dllcache\dc240usd.dll + 2010-05-13 03:25 . 2001-08-17 17:12 63208 c:\windows\system32\dllcache\dc21x4.sys + 2010-05-13 03:25 . 2001-08-18 03:36 80896 c:\windows\system32\dllcache\dc210usd.dll + 2010-05-13 03:25 . 2001-08-18 03:36 25600 c:\windows\system32\dllcache\dc210_32.dll + 2010-05-13 03:25 . 2001-08-17 18:52 14720 c:\windows\system32\dllcache\dac960nt.sys + 2010-05-13 03:25 . 2001-08-18 03:36 27648 c:\windows\system32\dllcache\cyzports.dll + 2010-05-13 03:25 . 2001-08-17 18:50 49792 c:\windows\system32\dllcache\cyzport.sys + 2010-05-13 03:25 . 2001-08-18 03:36 27136 c:\windows\system32\dllcache\cyzcoins.dll + 2010-05-13 03:25 . 2001-08-18 03:36 27648 c:\windows\system32\dllcache\cyyports.dll + 2010-05-13 03:25 . 2001-08-17 18:50 50176 c:\windows\system32\dllcache\cyyport.sys + 2010-05-13 03:25 . 2001-08-18 03:36 28672 c:\windows\system32\dllcache\cyycoins.dll + 2010-05-13 03:25 . 2001-08-17 18:50 14848 c:\windows\system32\dllcache\cyclom-y.sys + 2010-05-13 03:25 . 2001-08-17 18:50 17152 c:\windows\system32\dllcache\cyclad-z.sys + 2010-05-13 03:25 . 2008-04-14 03:06 48640 c:\windows\system32\dllcache\cwrwdm.sys + 2010-05-13 03:25 . 2001-08-17 17:19 93952 c:\windows\system32\dllcache\cwcwdm.sys + 2010-05-13 03:25 . 2001-08-17 17:19 72832 c:\windows\system32\dllcache\cwbwdm.sys + 2010-05-13 03:25 . 2001-08-17 17:19 96256 c:\windows\system32\dllcache\ctlsb16.sys + 2008-04-13 23:01 . 2009-12-08 17:22 36736 c:\windows\system32\dllcache\crusoe.sys + 2010-05-13 03:25 . 2001-08-17 17:19 42112 c:\windows\system32\dllcache\crtaud.sys + 2010-05-13 03:25 . 2001-08-17 17:11 60970 c:\windows\system32\dllcache\cpqtrnd5.sys + 2010-05-13 03:25 . 2001-08-17 17:13 21533 c:\windows\system32\dllcache\cpqndis5.sys + 2001-08-17 12:24 . 2009-12-08 17:21 11776 c:\windows\system32\dllcache\cpqdap01.sys + 2010-05-13 03:25 . 2001-08-17 18:52 14976 c:\windows\system32\dllcache\cpqarray.sys + 2010-05-13 03:25 . 2008-04-14 05:06 10240 c:\windows\system32\dllcache\compbatt.sys + 2010-05-13 03:25 . 2001-08-17 17:11 39936 c:\windows\system32\dllcache\cnxt1803.sys + 2010-05-13 03:25 . 2001-08-18 03:36 44032 c:\windows\system32\dllcache\cnusd.dll + 2008-04-14 04:41 . 2009-12-08 17:22 47104 c:\windows\system32\dllcache\cnbjmon.dll + 2010-05-13 03:24 . 2001-08-17 18:51 20736 c:\windows\system32\dllcache\cmbp0wdm.sys + 2010-05-13 03:24 . 2001-08-17 18:57 45696 c:\windows\system32\dllcache\cirrus.sys + 2010-05-13 03:24 . 2001-08-17 19:56 91264 c:\windows\system32\dllcache\cirrus.dll + 2010-05-13 03:24 . 2008-04-14 10:41 15423 c:\windows\system32\dllcache\ch7xxnt5.dll + 2010-05-13 03:24 . 2001-08-17 17:13 49182 c:\windows\system32\dllcache\cem56n5.sys + 2010-05-13 03:24 . 2001-08-17 17:13 22044 c:\windows\system32\dllcache\cem33n5.sys + 2010-05-13 03:24 . 2001-08-17 17:13 22044 c:\windows\system32\dllcache\cem28n5.sys + 2010-05-13 03:24 . 2001-08-17 17:13 27164 c:\windows\system32\dllcache\ce3n5.sys + 2010-05-13 03:24 . 2001-08-17 17:13 21530 c:\windows\system32\dllcache\ce2n5.sys + 2008-04-14 11:00 . 2008-04-14 11:00 62976 c:\windows\system32\dllcache\cdrom.sys + 2001-08-17 12:52 . 2009-12-08 17:21 18688 c:\windows\system32\dllcache\cdaudio.sys + 2010-05-13 03:24 . 2008-04-14 05:16 17024 c:\windows\system32\dllcache\ccdecode.sys + 2008-04-14 11:00 . 2008-04-14 11:00 13952 c:\windows\system32\dllcache\cbidf2k.sys + 2010-05-13 03:24 . 2001-08-17 17:13 46108 c:\windows\system32\dllcache\cben5.sys + 2010-05-13 03:24 . 2001-08-17 17:12 39680 c:\windows\system32\dllcache\cb325.sys + 2010-05-13 03:24 . 2001-08-17 17:12 37916 c:\windows\system32\dllcache\cb102.sys + 2010-05-13 03:24 . 2001-08-18 03:36 74240 c:\windows\system32\dllcache\camexo20.dll + 2010-05-13 03:24 . 2001-08-17 18:51 13824 c:\windows\system32\dllcache\bulltlp3.sys + 2010-05-13 03:24 . 2008-04-14 05:16 18944 c:\windows\system32\dllcache\bthusb.sys + 2008-04-14 11:00 . 2008-04-14 11:00 30208 c:\windows\system32\dllcache\bthserv.dll + 2010-05-13 03:24 . 2008-04-14 05:16 36480 c:\windows\system32\dllcache\bthprint.sys + 2010-05-13 03:24 . 2008-04-14 05:16 37888 c:\windows\system32\dllcache\bthmodem.sys + 2010-05-13 03:24 . 2008-04-14 05:16 17024 c:\windows\system32\dllcache\bthenum.sys + 2008-04-14 11:00 . 2008-04-14 11:00 20992 c:\windows\system32\dllcache\bthci.dll + 2010-05-13 03:24 . 2001-08-17 17:11 31529 c:\windows\system32\dllcache\brzwlan.sys + 2010-05-13 03:24 . 2001-08-17 18:12 10368 c:\windows\system32\dllcache\brusbscn.sys + 2010-05-13 03:24 . 2001-08-17 18:12 11008 c:\windows\system32\dllcache\brusbmdm.sys + 2010-05-13 03:24 . 2001-08-17 18:12 60416 c:\windows\system32\dllcache\brserwdm.sys + 2010-05-13 03:24 . 2001-08-17 18:12 39552 c:\windows\system32\dllcache\brparwdm.sys + 2010-05-13 03:24 . 2001-08-18 03:36 41472 c:\windows\system32\dllcache\brmfusb.dll + 2010-05-13 03:24 . 2001-08-18 03:36 32256 c:\windows\system32\dllcache\brmfrsmg.exe + 2010-05-13 03:24 . 2001-08-18 03:36 29696 c:\windows\system32\dllcache\brmflpt.dll + 2010-05-13 03:24 . 2001-08-18 03:36 81408 c:\windows\system32\dllcache\brmfcwia.dll + 2010-05-13 03:24 . 2001-08-18 03:36 15360 c:\windows\system32\dllcache\brmfbidi.dll + 2010-05-13 03:24 . 2001-08-17 18:12 12160 c:\windows\system32\dllcache\brfiltlo.sys + 2010-05-13 03:24 . 2001-08-18 03:36 12800 c:\windows\system32\dllcache\brevif.dll + 2010-05-13 03:24 . 2001-08-18 03:36 19456 c:\windows\system32\dllcache\brbidiif.dll + 2010-05-13 03:24 . 2008-04-14 05:16 11776 c:\windows\system32\dllcache\bdasup.sys + 2010-05-13 03:24 . 2001-08-17 17:11 26568 c:\windows\system32\dllcache\bcm4e5.sys + 2010-05-13 03:24 . 2001-08-17 17:11 54271 c:\windows\system32\dllcache\bcm42xx5.sys + 2010-05-13 03:24 . 2001-08-17 17:11 66557 c:\windows\system32\dllcache\bcm42u.sys + 2010-05-13 03:24 . 2008-04-14 05:06 14208 c:\windows\system32\dllcache\battc.sys + 2010-05-13 03:24 . 2001-08-17 17:48 36128 c:\windows\system32\dllcache\banshee.sys + 2010-05-13 03:24 . 2001-08-17 17:11 96640 c:\windows\system32\dllcache\b57xp32.sys + 2010-05-13 03:24 . 2001-08-17 17:13 89952 c:\windows\system32\dllcache\b1cbase.sys + 2010-05-13 03:24 . 2001-08-17 17:19 36992 c:\windows\system32\dllcache\aztw2320.sys + 2010-05-13 03:24 . 2001-08-17 17:13 37568 c:\windows\system32\dllcache\avmwan.sys + 2010-05-13 03:24 . 2001-08-18 03:36 87552 c:\windows\system32\dllcache\avmcoxp.dll + 2010-05-13 03:24 . 2008-04-14 05:16 13696 c:\windows\system32\dllcache\avcstrm.sys + 2010-05-13 03:24 . 2001-08-17 19:01 36096 c:\windows\system32\dllcache\avcaudio.sys + 2010-05-13 03:24 . 2008-04-14 05:16 38912 c:\windows\system32\dllcache\avc.sys - 2009-12-29 18:37 . 2003-03-24 23:52 16439 c:\windows\system32\dllcache\author.exe + 2009-12-29 18:37 . 2003-03-24 22:52 16439 c:\windows\system32\dllcache\author.exe + 2009-12-29 18:37 . 2003-03-24 22:52 20540 c:\windows\system32\dllcache\author.dll - 2009-12-29 18:37 . 2003-03-24 23:52 20540 c:\windows\system32\dllcache\author.dll + 2010-05-13 03:24 . 2008-04-14 10:41 17279 c:\windows\system32\dllcache\atv10nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 14143 c:\windows\system32\dllcache\atv06nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 25471 c:\windows\system32\dllcache\atv04nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 11359 c:\windows\system32\dllcache\atv02nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 21183 c:\windows\system32\dllcache\atv01nt5.dll + 2010-05-13 03:24 . 2001-08-17 17:49 23552 c:\windows\system32\dllcache\atixbar.sys + 2010-05-13 03:24 . 2001-08-17 17:49 26624 c:\windows\system32\dllcache\ativxbar.sys + 2010-05-13 03:24 . 2001-08-17 17:49 19456 c:\windows\system32\dllcache\ativttxx.sys + 2010-05-13 03:24 . 2008-04-14 10:41 32768 c:\windows\system32\dllcache\ativtmxx.dll + 2010-05-13 03:24 . 2001-08-17 17:49 17152 c:\windows\system32\dllcache\atitvsnd.sys + 2010-05-13 03:24 . 2001-08-17 17:49 17152 c:\windows\system32\dllcache\atitunep.sys + 2010-05-13 03:24 . 2001-08-17 17:49 26880 c:\windows\system32\dllcache\atirtsnd.sys + 2010-05-13 03:24 . 2001-08-17 17:49 49920 c:\windows\system32\dllcache\atirtcap.sys + 2010-05-13 03:24 . 2001-08-17 17:48 70528 c:\windows\system32\dllcache\atiragem.sys + 2010-05-13 03:24 . 2001-08-17 17:49 10240 c:\windows\system32\dllcache\atipcxxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 63488 c:\windows\system32\dllcache\atinxsxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 31744 c:\windows\system32\dllcache\atinxbxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 73216 c:\windows\system32\dllcache\atintuxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 13824 c:\windows\system32\dllcache\atinttxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 28672 c:\windows\system32\dllcache\atinsnxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 52224 c:\windows\system32\dllcache\atinraxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 14336 c:\windows\system32\dllcache\atinpdxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 13824 c:\windows\system32\dllcache\atinmdxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 57856 c:\windows\system32\dllcache\atinbtxx.sys + 2010-05-13 03:24 . 2001-08-17 17:49 75136 c:\windows\system32\dllcache\atimpae.sys + 2010-05-13 03:24 . 2001-08-18 03:36 37376 c:\windows\system32\dllcache\atievxx.exe + 2010-05-13 03:24 . 2001-08-17 17:49 46464 c:\windows\system32\dllcache\atibt829.sys + 2010-05-13 03:24 . 2008-04-14 03:04 34735 c:\windows\system32\dllcache\ati1xsxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 29455 c:\windows\system32\dllcache\ati1xbxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 36463 c:\windows\system32\dllcache\ati1tuxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 21343 c:\windows\system32\dllcache\ati1ttxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 26367 c:\windows\system32\dllcache\ati1snxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 63663 c:\windows\system32\dllcache\ati1rvxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 30671 c:\windows\system32\dllcache\ati1raxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 12047 c:\windows\system32\dllcache\ati1pdxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 11615 c:\windows\system32\dllcache\ati1mdxx.sys + 2010-05-13 03:24 . 2008-04-14 03:04 56623 c:\windows\system32\dllcache\ati1btxx.sys + 2010-05-13 03:24 . 2001-08-17 18:57 77568 c:\windows\system32\dllcache\ati.sys + 2010-05-13 03:24 . 2001-08-17 19:55 96128 c:\windows\system32\dllcache\ati.dll + 2010-05-13 03:24 . 2001-08-17 17:12 97354 c:\windows\system32\dllcache\aspndis3.sys + 2010-05-13 03:24 . 2001-08-17 18:51 14848 c:\windows\system32\dllcache\asc3550.sys + 2010-05-13 03:24 . 2001-08-17 18:52 22400 c:\windows\system32\dllcache\asc3350p.sys + 2010-05-13 03:24 . 2001-08-17 18:52 26496 c:\windows\system32\dllcache\asc.sys + 2008-04-13 23:21 . 2009-12-08 17:22 60800 c:\windows\system32\dllcache\arp1394.sys + 2010-05-13 03:24 . 2008-04-14 03:05 36224 c:\windows\system32\dllcache\an983.sys + 2010-05-13 03:24 . 2001-08-17 18:52 12032 c:\windows\system32\dllcache\amsint.sys + 2008-04-13 23:01 . 2009-12-08 17:22 37760 c:\windows\system32\dllcache\amdk7.sys + 2008-04-13 23:01 . 2009-12-08 17:22 37376 c:\windows\system32\dllcache\amdk6.sys + 2010-05-13 03:24 . 2008-04-14 05:06 43008 c:\windows\system32\dllcache\amdagp.sys + 2010-05-13 03:24 . 2001-08-17 17:11 16969 c:\windows\system32\dllcache\amb8002.sys + 2010-05-13 03:24 . 2008-04-14 05:06 42752 c:\windows\system32\dllcache\alim1541.sys + 2010-05-13 03:24 . 2001-08-17 18:49 26624 c:\windows\system32\dllcache\alifir.sys + 2010-05-13 03:24 . 2001-08-17 17:11 27678 c:\windows\system32\dllcache\ali5261.sys + 2010-05-13 03:24 . 2001-08-17 19:07 56960 c:\windows\system32\dllcache\aic78xx.sys + 2010-05-13 03:24 . 2001-08-17 19:07 55168 c:\windows\system32\dllcache\aic78u2.sys + 2010-05-13 03:24 . 2001-08-17 18:52 12800 c:\windows\system32\dllcache\aha154x.sys + 2010-05-13 03:24 . 2008-04-14 05:06 44928 c:\windows\system32\dllcache\agpcpq.sys + 2010-05-13 03:24 . 2008-04-14 05:06 42368 c:\windows\system32\dllcache\agp440.sys + 2010-05-13 03:24 . 2001-08-17 17:11 46112 c:\windows\system32\dllcache\adptsf50.sys - 2009-12-29 18:37 . 2003-03-24 23:52 16439 c:\windows\system32\dllcache\admin.exe + 2009-12-29 18:37 . 2003-03-24 22:52 16439 c:\windows\system32\dllcache\admin.exe - 2009-12-29 18:37 . 2003-03-24 23:52 20540 c:\windows\system32\dllcache\admin.dll + 2009-12-29 18:37 . 2003-03-24 22:52 20540 c:\windows\system32\dllcache\admin.dll + 2010-05-13 03:23 . 2001-08-17 17:11 20160 c:\windows\system32\dllcache\adm8511.sys + 2008-04-14 11:00 . 2008-04-14 11:00 11648 c:\windows\system32\dllcache\acpiec.sys + 2010-05-13 03:23 . 2001-08-18 03:36 61440 c:\windows\system32\dllcache\acerscad.dll + 2010-05-13 03:23 . 2008-04-14 03:06 84480 c:\windows\system32\dllcache\ac97via.sys + 2010-05-13 03:23 . 2001-08-17 17:20 96256 c:\windows\system32\dllcache\ac97intc.sys + 2010-05-13 03:23 . 2001-08-17 18:52 23552 c:\windows\system32\dllcache\abp480n5.sys + 2010-05-13 03:23 . 2001-08-18 03:36 98304 c:\windows\system32\dllcache\a3d.dll + 2010-05-13 03:23 . 2001-08-17 19:55 38400 c:\windows\system32\dllcache\8514a.dll + 2010-05-13 03:23 . 2008-04-14 05:16 48128 c:\windows\system32\dllcache\61883.sys + 2010-05-13 03:23 . 2008-04-14 05:10 12288 c:\windows\system32\dllcache\4mmdat.sys + 2010-05-13 03:23 . 2001-08-17 19:06 11264 c:\windows\system32\dllcache\1394vdbg.sys + 2008-04-14 11:00 . 2008-04-14 11:00 53376 c:\windows\system32\dllcache\1394bus.sys + 2010-05-13 03:29 . 2008-04-14 10:42 8192 c:\windows\system32\dllcache\wshirda.dll + 2001-08-17 21:36 . 2009-12-08 17:21 3200 c:\windows\system32\dllcache\wowfax.dll + 2009-12-29 11:29 . 2008-04-13 23:06 8832 c:\windows\system32\dllcache\wmiacpi.sys + 2010-05-13 03:29 . 2008-04-14 05:10 5376 c:\windows\system32\dllcache\viaide.sys + 2010-05-13 03:29 . 2001-08-17 18:28 7556 c:\windows\system32\dllcache\usroslba.sys + 2008-04-14 11:00 . 2008-04-14 11:00 4736 c:\windows\system32\dllcache\usbd.sys - 2010-02-11 00:13 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll + 2001-08-17 21:36 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll + 2010-05-13 03:29 . 2001-08-17 18:51 4992 c:\windows\system32\dllcache\toside.sys + 2010-05-13 03:29 . 2001-08-17 18:52 7040 c:\windows\system32\dllcache\tandqic.sys + 2010-05-13 03:29 . 2001-08-17 19:02 3968 c:\windows\system32\dllcache\swusbflt.sys + 2008-04-13 23:09 . 2009-12-08 17:22 4352 c:\windows\system32\dllcache\swenum.sys + 2001-08-17 21:36 . 2009-12-08 17:21 8192 c:\windows\system32\dllcache\streamci.dll + 2010-05-13 03:28 . 2001-08-17 18:56 7552 c:\windows\system32\dllcache\sonypvu1.sys + 2010-05-13 03:28 . 2001-08-17 18:53 9600 c:\windows\system32\dllcache\sonymc.sys + 2010-05-13 03:28 . 2008-04-14 05:10 7552 c:\windows\system32\dllcache\sonyait.sys + 2010-05-13 03:28 . 2001-08-17 18:53 7040 c:\windows\system32\dllcache\snyaitmc.sys + 2010-05-13 03:28 . 2001-08-17 18:57 6784 c:\windows\system32\dllcache\smbhc.sys + 2010-05-13 03:28 . 2008-04-14 05:06 6912 c:\windows\system32\dllcache\smbclass.sys + 2010-05-13 03:28 . 2008-04-14 05:06 5888 c:\windows\system32\dllcache\smbali.sys + 2010-05-13 03:28 . 2008-04-14 10:42 3901 c:\windows\system32\dllcache\siint5.dll + 2010-05-13 03:28 . 2001-08-17 18:53 6784 c:\windows\system32\dllcache\serscan.sys + 2010-05-13 03:28 . 2001-08-17 18:53 6912 c:\windows\system32\dllcache\seaddsmc.sys + 2010-05-13 03:28 . 2001-08-18 03:36 9216 c:\windows\system32\dllcache\rsmgrstr.dll + 2010-05-13 03:28 . 2001-08-17 17:19 3840 c:\windows\system32\dllcache\rpfun.sys + 2010-05-13 03:28 . 2001-08-17 18:53 3328 c:\windows\system32\dllcache\qv2kux.sys + 2010-05-13 03:28 . 2008-04-14 05:10 6016 c:\windows\system32\dllcache\qic157.sys + 2010-05-13 03:28 . 2001-08-18 03:36 5632 c:\windows\system32\dllcache\ptpusb.dll + 2010-05-13 03:28 . 2008-04-14 05:10 8832 c:\windows\system32\dllcache\powerfil.sys + 2010-05-13 03:28 . 2001-08-17 18:53 7168 c:\windows\system32\dllcache\pnrmc.sys + 2010-05-13 03:27 . 2001-08-17 19:07 5504 c:\windows\system32\dllcache\perc2hib.sys + 2008-04-14 11:00 . 2008-04-14 11:00 3456 c:\windows\system32\dllcache\oprghdlr.sys + 2010-05-13 03:27 . 2001-08-17 18:47 9344 c:\windows\system32\dllcache\ntapm.sys + 2010-05-13 03:27 . 2001-08-17 18:53 7552 c:\windows\system32\dllcache\nsmmc.sys + 2010-05-13 03:27 . 2001-08-18 03:36 7168 c:\windows\system32\dllcache\mxport.dll + 2010-05-13 03:27 . 2008-04-14 05:09 5504 c:\windows\system32\dllcache\mstee.sys + 2010-05-13 03:27 . 2001-08-17 19:00 2944 c:\windows\system32\dllcache\msmpu401.sys + 2010-05-13 03:27 . 2001-08-17 18:48 6016 c:\windows\system32\dllcache\msfsio.sys + 2010-05-13 03:27 . 2001-08-17 18:52 6528 c:\windows\system32\dllcache\miniqic.sys + 2010-05-13 03:27 . 2001-08-17 18:58 8320 c:\windows\system32\dllcache\memcard.sys + 2010-05-13 03:27 . 2001-08-17 18:52 7424 c:\windows\system32\dllcache\mammoth.sys + 2010-05-13 03:27 . 2008-04-14 05:10 7040 c:\windows\system32\dllcache\ltotape.sys + 2010-05-13 03:27 . 2001-08-17 18:53 4992 c:\windows\system32\dllcache\loop.sys + 2010-05-13 03:26 . 2001-08-18 03:36 8192 c:\windows\system32\dllcache\kbdkor.dll + 2010-05-13 03:26 . 2001-08-18 03:36 8704 c:\windows\system32\dllcache\kbdjpn.dll + 2010-05-13 03:26 . 2008-04-14 10:39 6144 c:\windows\system32\dllcache\kbd106.dll + 2010-05-13 03:26 . 2001-08-17 19:55 5632 c:\windows\system32\dllcache\kbd103.dll + 2010-05-13 03:26 . 2001-08-17 19:55 6144 c:\windows\system32\dllcache\kbd101c.dll + 2010-05-13 03:26 . 2001-08-17 19:55 6144 c:\windows\system32\dllcache\kbd101b.dll + 2010-05-13 03:26 . 2008-04-14 05:10 5504 c:\windows\system32\dllcache\intelide.sys + 2010-05-13 03:26 . 2001-08-18 03:34 9216 c:\windows\system32\dllcache\ibmsgnet.dll + 2010-05-13 03:26 . 2008-04-14 05:11 8576 c:\windows\system32\dllcache\i2omgmt.sys + 2010-05-13 03:26 . 2001-08-18 03:36 9759 c:\windows\system32\dllcache\hsf_inst.dll + 2010-05-13 03:26 . 2001-08-17 18:52 5760 c:\windows\system32\dllcache\hpt4qic.sys + 2010-05-13 03:26 . 2001-08-17 19:02 2688 c:\windows\system32\dllcache\hidswvd.sys + 2010-05-13 03:26 . 2001-08-17 19:02 8576 c:\windows\system32\dllcache\hidgame.sys + 2008-04-14 11:00 . 2008-04-14 11:00 7168 c:\windows\system32\dllcache\hccoin.dll - 2009-12-29 18:38 . 2001-08-18 05:36 7168 c:\windows\system32\dllcache\EXCH_snprfdll.dll + 2009-12-29 18:38 . 2001-08-18 04:36 7168 c:\windows\system32\dllcache\EXCH_snprfdll.dll + 2009-12-29 18:37 . 2001-08-18 04:36 5632 c:\windows\system32\dllcache\EXCH_adsiisex.dll - 2009-12-29 18:37 . 2001-08-18 05:36 5632 c:\windows\system32\dllcache\EXCH_adsiisex.dll + 2010-05-13 03:25 . 2001-08-17 18:52 7040 c:\windows\system32\dllcache\exabyte2.sys + 2009-12-29 11:29 . 2001-08-17 12:46 6400 c:\windows\system32\dllcache\enum1394.sys + 2010-05-13 03:25 . 2001-08-17 18:53 7296 c:\windows\system32\dllcache\elmsmc.sys + 2010-05-13 03:25 . 2001-08-17 18:47 8704 c:\windows\system32\dllcache\dot4scan.sys + 2010-05-13 03:25 . 2008-04-14 05:10 8320 c:\windows\system32\dllcache\dlttape.sys + 2010-05-13 03:25 . 2001-08-18 03:36 6216 c:\windows\system32\dllcache\divaci.dll + 2010-05-13 03:25 . 2001-08-18 03:36 6729 c:\windows\system32\dllcache\disrvci.dll + 2010-05-13 03:25 . 2001-08-17 18:52 7424 c:\windows\system32\dllcache\ddsmc.sys + 2010-05-13 03:25 . 2001-08-17 17:19 3584 c:\windows\system32\dllcache\cwcosnt5.sys + 2010-05-13 03:25 . 2001-08-17 17:19 3072 c:\windows\system32\dllcache\cwbmidi.sys + 2010-05-13 03:25 . 2001-08-17 17:19 3072 c:\windows\system32\dllcache\cwbase.sys + 2010-05-13 03:25 . 2001-08-18 03:36 4096 c:\windows\system32\dllcache\ctwdm32.dll + 2010-05-13 03:25 . 2001-08-17 17:19 3712 c:\windows\system32\dllcache\ctljystk.sys + 2010-05-13 03:25 . 2001-08-17 17:19 6912 c:\windows\system32\dllcache\ctlfacem.sys + 2010-05-13 03:25 . 2001-08-17 18:51 6656 c:\windows\system32\dllcache\cmdide.sys + 2010-05-13 03:24 . 2008-04-14 05:11 8192 c:\windows\system32\dllcache\changer.sys + 2010-05-13 03:24 . 2001-08-17 18:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys + 2010-05-13 03:24 . 2001-08-18 03:36 9728 c:\windows\system32\dllcache\brserif.dll + 2010-05-13 03:24 . 2001-08-18 03:36 5120 c:\windows\system32\dllcache\brscnrsm.dll + 2010-05-13 03:24 . 2001-08-17 18:12 3168 c:\windows\system32\dllcache\brparimg.sys + 2010-05-13 03:24 . 2001-08-17 18:12 3968 c:\windows\system32\dllcache\brfiltup.sys + 2010-05-13 03:24 . 2001-08-17 18:12 2944 c:\windows\system32\dllcache\brfilt.sys + 2010-05-13 03:24 . 2001-08-18 03:36 9728 c:\windows\system32\dllcache\brcoinst.dll + 2009-12-29 11:30 . 2001-08-17 12:59 3072 c:\windows\system32\dllcache\audstub.sys + 2010-05-13 03:24 . 2001-08-17 17:49 9472 c:\windows\system32\dllcache\ativmdcd.sys + 2010-05-13 03:24 . 2001-08-17 18:47 6272 c:\windows\system32\dllcache\apmbatt.sys + 2010-05-13 03:24 . 2001-08-17 18:51 5248 c:\windows\system32\dllcache\aliide.sys + 2010-05-13 03:24 . 2008-04-14 10:41 3775 c:\windows\system32\dllcache\adv11nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 3711 c:\windows\system32\dllcache\adv09nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 3135 c:\windows\system32\dllcache\adv08nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 3647 c:\windows\system32\dllcache\adv07nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 3615 c:\windows\system32\dllcache\adv05nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 3967 c:\windows\system32\dllcache\adv02nt5.dll + 2010-05-13 03:24 . 2008-04-14 10:41 4255 c:\windows\system32\dllcache\adv01nt5.dll + 2010-05-13 03:23 . 2001-08-17 18:53 7424 c:\windows\system32\dllcache\adicvls.sys - 2008-04-14 11:00 . 2010-05-10 23:31 462498 c:\windows\system32\perfh009.dat + 2008-04-14 11:00 . 2010-05-13 23:25 462498 c:\windows\system32\perfh009.dat + 2008-04-14 04:42 . 2009-12-08 17:22 483840 c:\windows\system32\dllcache\wzcsvc.dll + 2008-04-14 11:00 . 2008-04-14 11:00 108032 c:\windows\system32\dllcache\wshbth.dll + 2010-05-13 03:29 . 2008-04-14 03:05 154624 c:\windows\system32\dllcache\wlluc48.sys + 2010-05-13 03:29 . 2001-08-17 18:28 771581 c:\windows\system32\dllcache\winacisa.sys + 2010-05-13 03:29 . 2001-08-17 18:28 701386 c:\windows\system32\dllcache\wdhaalba.sys + 2010-05-13 03:29 . 2001-08-17 18:28 397502 c:\windows\system32\dllcache\vpctcom.sys + 2010-05-13 03:29 . 2001-08-17 18:28 604253 c:\windows\system32\dllcache\vmodem.sys + 2010-05-13 03:29 . 2001-08-17 17:14 249402 c:\windows\system32\dllcache\vinwm.sys + 2010-05-13 03:29 . 2001-08-17 18:28 687999 c:\windows\system32\dllcache\usrwdxjs.sys + 2001-08-17 21:36 . 2009-12-08 17:21 102457 c:\windows\system32\dllcache\usrv42a.dll + 2010-05-13 03:29 . 2001-08-17 18:28 765884 c:\windows\system32\dllcache\usrti.sys + 2010-05-13 03:29 . 2001-08-17 18:28 113762 c:\windows\system32\dllcache\usrpda.sys + 2001-08-17 21:36 . 2009-12-08 17:21 323641 c:\windows\system32\dllcache\usrdtea.dll + 2010-05-13 03:29 . 2001-08-17 18:28 224802 c:\windows\system32\dllcache\usr1807a.sys + 2010-05-13 03:29 . 2001-08-17 18:28 794399 c:\windows\system32\dllcache\usr1806v.sys + 2010-05-13 03:29 . 2001-08-17 18:28 793598 c:\windows\system32\dllcache\usr1806.sys + 2010-05-13 03:29 . 2001-08-17 18:28 794654 c:\windows\system32\dllcache\usr1801.sys + 2010-05-13 03:29 . 2008-04-14 05:16 121984 c:\windows\system32\dllcache\usbvideo.sys + 2010-05-13 03:29 . 2001-08-18 03:36 211968 c:\windows\system32\dllcache\um54scan.dll + 2010-05-13 03:29 . 2001-08-18 03:36 216064 c:\windows\system32\dllcache\um34scan.dll + 2010-05-13 03:29 . 2001-08-17 17:51 166784 c:\windows\system32\dllcache\tridxpm.sys + 2010-05-13 03:29 . 2001-08-18 03:36 525568 c:\windows\system32\dllcache\tridxp.dll + 2010-05-13 03:29 . 2001-08-17 17:51 159232 c:\windows\system32\dllcache\tridkbm.sys + 2010-05-13 03:29 . 2001-08-17 19:56 440576 c:\windows\system32\dllcache\tridkb.dll + 2010-05-13 03:29 . 2001-08-17 17:51 222336 c:\windows\system32\dllcache\trid3dm.sys + 2010-05-13 03:29 . 2001-08-17 19:56 315520 c:\windows\system32\dllcache\trid3d.dll + 2010-05-13 03:29 . 2001-08-17 19:02 230912 c:\windows\system32\dllcache\tosdvd03.sys + 2010-05-13 03:29 . 2001-08-17 19:01 241664 c:\windows\system32\dllcache\tosdvd02.sys + 2010-05-13 03:29 . 2001-08-17 17:14 123995 c:\windows\system32\dllcache\tjisdn.sys + 2010-05-13 03:29 . 2001-08-17 17:51 138528 c:\windows\system32\dllcache\tgiulnt5.sys + 2010-05-13 03:29 . 2008-04-14 05:10 149376 c:\windows\system32\dllcache\tffsport.sys + 2010-05-13 03:29 . 2001-08-17 19:56 172768 c:\windows\system32\dllcache\t2r4disp.dll + 2010-05-13 03:29 . 2001-08-17 18:50 103936 c:\windows\system32\dllcache\sx.sys + 2010-05-13 03:29 . 2001-08-18 03:36 155648 c:\windows\system32\dllcache\stlnprop.dll + 2010-05-13 03:29 . 2001-08-17 17:18 285760 c:\windows\system32\dllcache\stlnata.sys + 2010-05-13 03:28 . 2001-08-18 03:36 106584 c:\windows\system32\dllcache\spdports.dll + 2010-05-13 03:28 . 2001-08-18 03:36 114688 c:\windows\system32\dllcache\sonypi.dll + 2010-05-13 03:28 . 2001-08-17 19:56 147200 c:\windows\system32\dllcache\smidispb.dll + 2010-05-13 03:28 . 2008-04-14 04:53 404990 c:\windows\system32\dllcache\slntamr.sys + 2010-05-13 03:28 . 2008-04-14 04:53 129535 c:\windows\system32\dllcache\slnt7554.sys + 2010-05-13 03:28 . 2008-04-14 10:42 188508 c:\windows\system32\dllcache\slgen.dll + 2010-05-13 03:28 . 2008-04-14 10:42 286792 c:\windows\system32\dllcache\slextspk.dll + 2010-05-13 03:28 . 2001-08-17 19:56 157696 c:\windows\system32\dllcache\sisv256.dll + 2010-05-13 03:28 . 2001-08-18 03:36 238592 c:\windows\system32\dllcache\sisgrv.dll + 2010-05-13 03:28 . 2001-08-17 17:50 104064 c:\windows\system32\dllcache\sisgrp.sys + 2010-05-13 03:28 . 2001-08-17 19:56 150144 c:\windows\system32\dllcache\sis6306v.dll + 2010-05-13 03:28 . 2001-08-17 19:56 252032 c:\windows\system32\dllcache\sis300iv.dll + 2010-05-13 03:28 . 2001-08-17 17:50 101760 c:\windows\system32\dllcache\sis300ip.sys + 2010-05-13 03:28 . 2001-07-21 19:29 161568 c:\windows\system32\dllcache\sgsmusb.sys + 2010-05-13 03:28 . 2001-08-18 03:36 386560 c:\windows\system32\dllcache\sgiul50.dll + 2010-05-13 03:28 . 2001-08-18 03:36 495616 c:\windows\system32\dllcache\sblfx.dll + 2010-05-13 03:28 . 2001-08-17 19:56 245632 c:\windows\system32\dllcache\s3savmx.dll + 2010-05-13 03:28 . 2001-08-17 19:56 198400 c:\windows\system32\dllcache\s3sav4.dll + 2010-05-13 03:28 . 2001-08-17 19:56 179264 c:\windows\system32\dllcache\s3sav3d.dll + 2010-05-13 03:28 . 2001-08-17 19:56 210496 c:\windows\system32\dllcache\s3mvirge.dll + 2010-05-13 03:28 . 2001-08-17 19:56 182272 c:\windows\system32\dllcache\s3mt3d.dll + 2010-05-13 03:28 . 2001-08-17 17:50 166720 c:\windows\system32\dllcache\s3m.sys + 2010-05-13 03:28 . 2008-04-14 03:04 166912 c:\windows\system32\dllcache\s3gnbm.sys + 2010-05-13 03:28 . 2008-04-14 10:42 397056 c:\windows\system32\dllcache\s3gnb.dll + 2009-12-29 18:32 . 2008-04-14 06:02 196224 c:\windows\system32\dllcache\rdpdr.sys + 2010-05-13 03:28 . 2001-08-17 18:28 714762 c:\windows\system32\dllcache\r2mdmkxx.sys + 2010-05-13 03:28 . 2001-08-17 18:28 899146 c:\windows\system32\dllcache\r2mdkxga.sys + 2010-05-13 03:28 . 2001-08-17 18:28 130942 c:\windows\system32\dllcache\ptserlv.sys + 2010-05-13 03:28 . 2001-08-17 18:28 112574 c:\windows\system32\dllcache\ptserlp.sys + 2010-05-13 03:28 . 2001-08-17 18:28 128286 c:\windows\system32\dllcache\ptserli.sys + 2010-05-13 03:28 . 2008-04-14 10:42 159232 c:\windows\system32\dllcache\ptpusd.dll + 2010-05-13 03:28 . 2008-04-14 10:42 363520 c:\windows\system32\dllcache\psisdecd.dll + 2010-05-13 03:28 . 2001-08-18 03:36 121344 c:\windows\system32\dllcache\phvfwext.dll + 2010-05-13 03:28 . 2001-08-17 19:04 173696 c:\windows\system32\dllcache\philcam2.sys + 2010-05-13 03:28 . 2008-04-14 10:40 259328 c:\windows\system32\dllcache\perm3dd.dll + 2010-05-13 03:27 . 2008-04-14 02:42 169984 c:\windows\system32\dllcache\pcx500.sys + 2008-04-14 11:00 . 2008-04-14 11:00 120192 c:\windows\system32\dllcache\pcmcia.sys + 2001-08-17 21:36 . 2009-12-08 17:21 157696 c:\windows\system32\dllcache\paqsp.dll + 2010-05-13 03:27 . 2001-08-17 19:05 351616 c:\windows\system32\dllcache\ovcodek2.sys + 2010-05-13 03:27 . 2001-08-18 03:36 116736 c:\windows\system32\dllcache\ovcodec2.dll + 2010-05-13 03:27 . 2001-08-17 17:50 198144 c:\windows\system32\dllcache\nv3.sys + 2010-05-13 03:27 . 2001-08-18 03:36 123776 c:\windows\system32\dllcache\nv3.dll + 2010-05-13 03:27 . 2008-04-14 04:53 180360 c:\windows\system32\dllcache\ntmtlfax.sys + 2010-05-13 03:27 . 2001-08-17 17:20 126080 c:\windows\system32\dllcache\nm5a2wdm.sys + 2010-05-13 03:27 . 2008-04-14 03:05 132695 c:\windows\system32\dllcache\netwlan5.sys + 2010-05-13 03:27 . 2001-08-17 17:11 128000 c:\windows\system32\dllcache\n100325.sys + 2010-05-13 03:27 . 2001-08-17 17:50 103296 c:\windows\system32\dllcache\mtxvideo.sys + 2010-05-13 03:27 . 2008-04-14 03:04 452736 c:\windows\system32\dllcache\mtxparhm.sys + 2010-05-13 03:27 . 2008-04-14 04:53 126686 c:\windows\system32\dllcache\mtlmnt5.sys - 2009-12-29 18:32 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe + 2009-12-29 18:32 . 2008-04-14 11:00 343040 c:\windows\system32\dllcache\mspaint.exe - 2010-02-11 00:13 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys + 2009-11-05 12:53 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys + 2010-05-13 03:27 . 2001-08-17 17:50 320384 c:\windows\system32\dllcache\mgaum.sys + 2010-05-13 03:27 . 2001-08-17 19:56 235648 c:\windows\system32\dllcache\mgaud.dll + 2001-08-17 21:36 . 2009-12-08 17:21 147968 c:\windows\system32\dllcache\mdwmdmsp.dll + 2010-05-13 03:27 . 2001-08-17 17:12 164586 c:\windows\system32\dllcache\mdgndis5.sys + 2010-05-13 03:27 . 2001-08-17 18:28 797500 c:\windows\system32\dllcache\ltsmt.sys + 2010-05-13 03:27 . 2001-08-17 18:28 802683 c:\windows\system32\dllcache\ltsm.sys + 2010-05-13 03:27 . 2008-04-14 04:53 420992 c:\windows\system32\dllcache\ltmdmntt.sys + 2010-05-13 03:27 . 2001-08-17 18:28 576746 c:\windows\system32\dllcache\ltmdmntl.sys + 2010-05-13 03:27 . 2008-04-14 04:53 606684 c:\windows\system32\dllcache\ltmdmnt.sys + 2010-05-13 03:27 . 2001-08-17 18:28 727786 c:\windows\system32\dllcache\ltck000c.sys + 2010-05-13 03:26 . 2008-04-14 10:41 253952 c:\windows\system32\dllcache\kdsusd.dll + 2010-05-13 03:26 . 2008-04-14 10:42 151552 c:\windows\system32\dllcache\irftp.exe + 2010-05-13 03:26 . 2001-08-18 03:36 372824 c:\windows\system32\dllcache\iconf32.dll + 2010-05-13 03:26 . 2001-08-17 19:06 100992 c:\windows\system32\dllcache\icam5usb.sys + 2010-05-13 03:26 . 2001-08-17 19:06 154496 c:\windows\system32\dllcache\icam4usb.sys + 2010-05-13 03:26 . 2001-08-17 19:05 141056 c:\windows\system32\dllcache\icam3.sys + 2010-05-13 03:26 . 2001-08-17 17:12 109085 c:\windows\system32\dllcache\ibmtrp.sys + 2010-05-13 03:26 . 2001-08-17 17:12 100936 c:\windows\system32\dllcache\ibmtok.sys + 2010-05-13 03:26 . 2008-04-14 03:04 161020 c:\windows\system32\dllcache\i81xnt5.sys + 2010-05-13 03:26 . 2008-04-14 10:41 702845 c:\windows\system32\dllcache\i81xdnt5.dll + 2010-05-13 03:26 . 2001-08-17 19:56 353184 c:\windows\system32\dllcache\i740dnt5.dll + 2009-12-08 17:11 . 2009-12-08 17:11 265728 c:\windows\system32\dllcache\http.sys + 2010-05-13 03:26 . 2008-04-14 04:53 685056 c:\windows\system32\dllcache\hsfcxts2.sys + 2010-05-13 03:26 . 2008-04-14 04:53 220032 c:\windows\system32\dllcache\hsfbs2s2.sys + 2010-05-13 03:26 . 2001-08-17 18:28 488383 c:\windows\system32\dllcache\hsf_v124.sys + 2010-05-13 03:26 . 2001-08-17 18:28 542879 c:\windows\system32\dllcache\hsf_msft.sys + 2010-05-13 03:26 . 2001-08-17 18:28 391199 c:\windows\system32\dllcache\hsf_k56k.sys + 2010-05-13 03:26 . 2001-08-17 18:28 115807 c:\windows\system32\dllcache\hsf_fsks.sys + 2010-05-13 03:26 . 2001-08-17 18:28 199711 c:\windows\system32\dllcache\hsf_faxx.sys + 2010-05-13 03:26 . 2001-08-17 18:28 289887 c:\windows\system32\dllcache\hsf_fall.sys + 2010-05-13 03:26 . 2001-08-17 18:28 150239 c:\windows\system32\dllcache\hsf_amos.sys + 2010-05-13 03:26 . 2001-08-18 03:36 324608 c:\windows\system32\dllcache\hpojwia.dll + 2010-05-13 03:26 . 2001-08-18 03:36 165888 c:\windows\system32\dllcache\hpgt53.dll + 2010-05-13 03:26 . 2001-08-18 03:36 126976 c:\windows\system32\dllcache\hpgt34tk.dll + 2010-05-13 03:26 . 2001-08-18 03:36 101376 c:\windows\system32\dllcache\hpgt34.dll + 2010-05-13 03:26 . 2001-08-18 03:36 123392 c:\windows\system32\dllcache\hpgt21tk.dll + 2010-05-13 03:26 . 2001-08-18 03:36 119296 c:\windows\system32\dllcache\hpdigwia.dll + 2010-05-13 03:26 . 2001-08-17 18:28 907456 c:\windows\system32\dllcache\hcf_msft.sys + 2010-05-13 03:26 . 2001-08-17 17:49 322432 c:\windows\system32\dllcache\g400m.sys + 2010-05-13 03:26 . 2001-08-17 17:49 320384 c:\windows\system32\dllcache\g200m.sys + 2010-05-13 03:26 . 2001-08-17 19:56 470144 c:\windows\system32\dllcache\g200d.dll + 2010-05-13 03:26 . 2001-08-17 17:15 454912 c:\windows\system32\dllcache\fxusbase.sys + 2010-05-13 03:25 . 2001-08-17 17:15 455296 c:\windows\system32\dllcache\fusbbase.sys + 2010-05-13 03:25 . 2001-08-17 17:15 455680 c:\windows\system32\dllcache\fus2base.sys + 2008-04-14 11:00 . 2008-04-14 11:00 125056 c:\windows\system32\dllcache\ftdisk.sys + 2008-04-14 11:00 . 2008-04-14 11:00 193024 c:\windows\system32\dllcache\fsquirt.exe + 2010-05-13 03:25 . 2001-08-17 17:15 442240 c:\windows\system32\dllcache\fpnpbase.sys + 2009-12-29 18:37 . 2003-03-24 22:52 208896 c:\windows\system32\dllcache\fpmmcsat.dll - 2009-12-29 18:37 . 2003-03-24 23:52 208896 c:\windows\system32\dllcache\fpmmcsat.dll - 2009-12-29 18:37 . 2004-05-13 07:39 598071 c:\windows\system32\dllcache\fpmmc.dll + 2009-12-29 18:37 . 2004-05-13 06:39 598071 c:\windows\system32\dllcache\fpmmc.dll - 2009-12-29 18:37 . 2003-03-24 23:52 188494 c:\windows\system32\dllcache\fpcount.exe + 2009-12-29 18:37 . 2003-03-24 22:52 188494 c:\windows\system32\dllcache\fpcount.exe + 2010-05-13 03:25 . 2001-08-17 17:14 441728 c:\windows\system32\dllcache\fpcmbase.sys + 2010-05-13 03:25 . 2001-08-17 17:14 444416 c:\windows\system32\dllcache\fpcibase.sys - 2009-12-29 18:37 . 2003-03-24 23:52 109328 c:\windows\system32\dllcache\fp98swin.exe + 2009-12-29 18:37 . 2003-03-24 22:52 109328 c:\windows\system32\dllcache\fp98swin.exe - 2009-12-29 18:37 . 2004-05-13 07:39 876653 c:\windows\system32\dllcache\fp4awel.dll + 2009-12-29 18:37 . 2004-05-13 06:39 876653 c:\windows\system32\dllcache\fp4awel.dll + 2009-12-29 18:37 . 2003-03-24 22:52 102509 c:\windows\system32\dllcache\fp4atxt.dll - 2009-12-29 18:37 . 2003-03-24 23:52 102509 c:\windows\system32\dllcache\fp4atxt.dll - 2009-12-29 18:37 . 2003-03-24 23:52 147513 c:\windows\system32\dllcache\fp4apws.dll + 2009-12-29 18:37 . 2003-03-24 22:52 147513 c:\windows\system32\dllcache\fp4apws.dll + 2009-12-29 18:37 . 2004-05-13 06:39 184435 c:\windows\system32\dllcache\fp4amsft.dll - 2009-12-29 18:37 . 2004-05-13 07:39 184435 c:\windows\system32\dllcache\fp4amsft.dll + 2010-05-13 03:25 . 2008-04-14 03:06 137088 c:\windows\system32\dllcache\essm2e.sys + 2010-05-13 03:25 . 2001-08-17 18:28 347550 c:\windows\system32\dllcache\es56tpi.sys + 2010-05-13 03:25 . 2001-08-17 18:28 594238 c:\windows\system32\dllcache\es56hpi.sys + 2010-05-13 03:25 . 2001-08-17 18:28 595647 c:\windows\system32\dllcache\es56cvmp.sys + 2010-05-13 03:25 . 2001-08-17 17:19 174464 c:\windows\system32\dllcache\es198x.sys + 2010-05-13 03:25 . 2001-08-17 17:17 629952 c:\windows\system32\dllcache\eqn.sys + 2010-05-13 03:25 . 2001-08-17 18:50 114944 c:\windows\system32\dllcache\epstw2k.sys + 2010-05-13 03:25 . 2001-08-17 18:50 144896 c:\windows\system32\dllcache\epcfw2k.sys + 2010-05-13 03:25 . 2001-08-17 17:19 283904 c:\windows\system32\dllcache\emu10k1m.sys + 2010-05-13 03:25 . 2001-08-17 17:11 171520 c:\windows\system32\dllcache\el99xn51.sys + 2010-05-13 03:25 . 2001-08-17 17:11 455199 c:\windows\system32\dllcache\el985n51.sys + 2010-05-13 03:25 . 2001-08-17 17:11 153631 c:\windows\system32\dllcache\el90xnd5.sys + 2010-05-13 03:25 . 2001-08-17 18:28 241206 c:\windows\system32\dllcache\el656se5.sys + 2010-05-13 03:25 . 2001-08-17 18:28 634134 c:\windows\system32\dllcache\el656ct5.sys + 2010-05-13 03:25 . 2001-08-17 17:12 117760 c:\windows\system32\dllcache\e100b325.sys + 2010-05-13 03:25 . 2001-08-17 17:20 334208 c:\windows\system32\dllcache\ds1wdm.sys + 2010-05-13 03:25 . 2008-04-14 05:09 206976 c:\windows\system32\dllcache\dot4.sys + 2010-05-13 03:25 . 2001-08-17 17:14 952007 c:\windows\system32\dllcache\diwan.sys + 2010-05-13 03:25 . 2001-08-18 03:36 236060 c:\windows\system32\dllcache\ditrace.exe + 2010-05-13 03:25 . 2001-08-18 03:36 614429 c:\windows\system32\dllcache\digiview.exe + 2010-05-13 03:25 . 2001-08-18 03:36 110621 c:\windows\system32\dllcache\digirlpt.dll + 2010-05-13 03:25 . 2001-08-18 03:36 102484 c:\windows\system32\dllcache\digiinf.dll + 2010-05-13 03:25 . 2001-08-18 03:36 159828 c:\windows\system32\dllcache\digihlc.dll + 2010-05-13 03:25 . 2001-08-18 03:36 229462 c:\windows\system32\dllcache\digifwrk.dll + 2010-05-13 03:25 . 2001-08-17 17:13 103044 c:\windows\system32\dllcache\digidxb.sys + 2010-05-13 03:25 . 2001-08-18 03:36 131156 c:\windows\system32\dllcache\digidbp.dll + 2010-05-13 03:24 . 2001-08-17 17:13 164923 c:\windows\system32\dllcache\diapi2.sys + 2010-05-13 03:25 . 2001-08-18 03:36 419357 c:\windows\system32\dllcache\dgconfig.dll + 2010-05-13 03:25 . 2001-08-18 03:36 256512 c:\windows\system32\dllcache\devcon32.dll + 2010-05-13 03:25 . 2001-08-18 03:36 110592 c:\windows\system32\dllcache\dc260usd.dll + 2010-05-13 03:25 . 2001-08-17 18:52 179584 c:\windows\system32\dllcache\dac2w2k.sys + 2010-05-13 03:25 . 2001-08-17 17:12 117760 c:\windows\system32\dllcache\d100ib5.sys + 2010-05-13 03:25 . 2001-08-17 17:19 111872 c:\windows\system32\dllcache\cwcspud.sys + 2010-05-13 03:25 . 2008-04-14 10:41 249856 c:\windows\system32\dllcache\ctmasetp.dll + 2010-05-13 03:25 . 2001-08-18 03:36 175104 c:\windows\system32\dllcache\csamsp.dll + 2010-05-13 03:25 . 2001-08-18 03:36 216064 c:\windows\system32\dllcache\cpscan.dll + 2010-05-13 03:24 . 2001-08-17 18:57 248064 c:\windows\system32\dllcache\cl546xm.sys + 2010-05-13 03:24 . 2001-08-17 19:56 170880 c:\windows\system32\dllcache\cl546x.dll + 2010-05-13 03:24 . 2001-08-17 19:56 111232 c:\windows\system32\dllcache\cl5465.dll + 2001-08-17 13:02 . 2009-12-08 17:21 262528 c:\windows\system32\dllcache\cinemst2.sys + 2010-05-13 03:24 . 2001-08-17 19:02 272640 c:\windows\system32\dllcache\cinemclc.sys + 2010-05-13 03:24 . 2001-08-17 17:13 980034 c:\windows\system32\dllcache\cicap.sys - 2009-12-29 18:37 . 2003-03-24 23:52 188480 c:\windows\system32\dllcache\cfgwiz.exe + 2009-12-29 18:37 . 2003-03-24 22:52 188480 c:\windows\system32\dllcache\cfgwiz.exe + 2010-05-13 03:24 . 2001-08-17 18:28 714698 c:\windows\system32\dllcache\cbmdmkxx.sys + 2010-05-13 03:24 . 2008-04-14 10:41 121856 c:\windows\system32\dllcache\camext30.dll + 2010-05-13 03:24 . 2001-08-18 03:36 236032 c:\windows\system32\dllcache\camext20.dll + 2010-05-13 03:24 . 2001-08-17 19:04 171264 c:\windows\system32\dllcache\camdrv30.sys + 2010-05-13 03:24 . 2001-08-17 19:04 223232 c:\windows\system32\dllcache\camdrv21.sys + 2010-05-13 03:24 . 2001-08-17 19:05 314752 c:\windows\system32\dllcache\camdro21.sys + 2009-11-05 12:53 . 2009-11-05 12:53 272128 c:\windows\system32\dllcache\bthport.sys + 2010-05-13 03:24 . 2008-04-14 05:21 101120 c:\windows\system32\dllcache\bthpan.sys + 2010-05-13 03:24 . 2001-08-18 03:36 102400 c:\windows\system32\dllcache\binlsvc.dll + 2010-05-13 03:24 . 2001-08-17 18:28 871388 c:\windows\system32\dllcache\bcmdm.sys + 2010-05-13 03:24 . 2001-08-17 19:56 342336 c:\windows\system32\dllcache\banshee.dll + 2010-05-13 03:24 . 2001-08-18 03:36 144384 c:\windows\system32\dllcache\avmenum.dll + 2010-05-13 03:24 . 2008-04-14 10:41 516768 c:\windows\system32\dllcache\ativvaxx.dll + 2010-05-13 03:24 . 2001-08-17 19:56 104832 c:\windows\system32\dllcache\atiraged.dll + 2010-05-13 03:24 . 2008-04-14 03:04 104960 c:\windows\system32\dllcache\atinrvxx.sys + 2010-05-13 03:24 . 2001-08-17 17:48 281600 c:\windows\system32\dllcache\atimtai.sys + 2010-05-13 03:24 . 2001-08-17 17:48 289664 c:\windows\system32\dllcache\atimpab.sys + 2010-05-13 03:24 . 2001-08-17 19:56 268160 c:\windows\system32\dllcache\atidvai.dll + 2010-05-13 03:24 . 2001-08-17 19:56 137216 c:\windows\system32\dllcache\atidrae.dll + 2010-05-13 03:24 . 2001-08-17 19:55 382592 c:\windows\system32\dllcache\atidrab.dll + 2010-05-13 03:24 . 2008-04-14 10:41 870784 c:\windows\system32\dllcache\ati3d1ag.dll + 2010-05-13 03:24 . 2008-04-14 03:04 701440 c:\windows\system32\dllcache\ati2mtag.sys + 2010-05-13 03:24 . 2008-04-14 03:04 327040 c:\windows\system32\dllcache\ati2mtaa.sys + 2010-05-13 03:24 . 2008-04-14 10:41 201728 c:\windows\system32\dllcache\ati2dvag.dll + 2010-05-13 03:24 . 2008-04-14 10:41 377984 c:\windows\system32\dllcache\ati2dvaa.dll + 2010-05-13 03:24 . 2008-04-14 10:41 229376 c:\windows\system32\dllcache\ati2cqag.dll + 2010-05-13 03:24 . 2001-08-17 19:07 101888 c:\windows\system32\dllcache\adpu160m.sys + 2010-05-13 03:23 . 2001-08-17 17:19 747392 c:\windows\system32\dllcache\adm8830.sys + 2010-05-13 03:23 . 2001-08-17 17:19 553984 c:\windows\system32\dllcache\adm8820.sys + 2010-05-13 03:23 . 2001-08-17 17:19 584448 c:\windows\system32\dllcache\adm8810.sys + 2008-04-14 11:00 . 2008-04-14 11:00 187776 c:\windows\system32\dllcache\acpi.sys + 2010-05-13 03:23 . 2001-08-17 17:20 297728 c:\windows\system32\dllcache\ac97sis.sys + 2010-05-13 03:23 . 2008-04-14 03:06 231552 c:\windows\system32\dllcache\ac97ali.sys + 2010-05-13 03:23 . 2001-08-18 03:36 462848 c:\windows\system32\dllcache\a3dapi.dll + 2010-05-13 03:23 . 2001-08-17 17:48 148352 c:\windows\system32\dllcache\3dfxvsm.sys + 2010-05-13 03:23 . 2001-08-17 19:55 689216 c:\windows\system32\dllcache\3dfxvs.dll + 2010-05-13 03:23 . 2001-08-17 18:28 762780 c:\windows\system32\dllcache\3cwmcru.sys + 2009-08-04 14:20 . 2010-02-16 13:25 2024448 c:\windows\system32\dllcache\ntkrpamp.exe - 2010-03-06 01:13 . 2010-02-16 13:25 2024448 c:\windows\system32\dllcache\ntkrpamp.exe - 2010-03-06 01:13 . 2010-02-16 14:08 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe + 2009-11-05 12:53 . 2010-02-16 14:08 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe + 2010-05-13 03:27 . 2008-04-14 10:42 1737856 c:\windows\system32\dllcache\mtxparhd.dll + 2010-05-13 03:27 . 2008-04-14 04:53 1309184 c:\windows\system32\dllcache\mtlstrm.sys + 2010-05-13 03:26 . 2008-04-14 04:53 1041536 c:\windows\system32\dllcache\hsfdpsp2.sys + 2010-05-13 03:26 . 2001-08-17 19:56 1733120 c:\windows\system32\dllcache\g400d.dll + 2010-05-13 03:24 . 2008-04-14 10:41 1888992 c:\windows\system32\dllcache\ati3duag.dll . -- Snapshot reset to current date -- .
  8. SystemLook v1.0 by jpshortstuff (11.01.10) Log created at 18:10 on 11/05/2010 by Brian (Administrator - Elevation successful) ========== filefind ========== Searching for "*sfcfiles*" C:\WINDOWS\system32\sfcfiles.dll --a--- 1614848 bytes [13:35 05/11/2009] [13:35 05/11/2009] 600D58665D16BFBB776EFEFB0E80532D -=End Of File=- I have some windows updates downloaded but not installed. Should I hold off on applying them until this is fixed?
  9. ComboFix 10-05-10.02 - Brian 05/10/2010 18:40:45.1.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3063.2455 [GMT -6:00] Running from: c:\documents and settings\Brian\Desktop\Combo-Fix.exe AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Endpoint Protection *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . ((((((((((((((((((((((((( Files Created from 2010-04-11 to 2010-05-11 ))))))))))))))))))))))))))))))) . 2010-05-07 03:23 . 2010-05-07 03:23 -------- d-----w- c:\windows\Sun 2010-05-07 03:23 . 2010-05-07 03:23 503808 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\msvcp71.dll 2010-05-07 03:23 . 2010-05-07 03:23 499712 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\jmc.dll 2010-05-07 03:23 . 2010-05-07 03:23 348160 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-15a08668-n\msvcr71.dll 2010-05-07 03:23 . 2010-05-07 03:23 61440 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3adba50d-n\decora-sse.dll 2010-05-07 03:23 . 2010-05-07 03:23 12800 ----a-w- c:\documents and settings\Brian\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3adba50d-n\decora-d3d.dll 2010-05-07 03:23 . 2010-05-07 03:23 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-07 03:23 . 2010-05-07 03:23 -------- d-----w- c:\program files\Java 2010-05-07 03:22 . 2010-05-07 03:22 -------- d-----w- c:\program files\Common Files\Java 2010-05-06 02:31 . 2010-05-06 02:31 -------- d-----w- c:\windows\system32\Adobe 2010-05-06 01:12 . 2010-05-06 01:12 -------- d-----w- c:\documents and settings\Brian\Application Data\Malwarebytes 2010-05-06 01:11 . 2010-04-29 21:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-06 01:11 . 2010-05-06 01:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-06 01:11 . 2010-05-06 01:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-06 01:11 . 2010-04-29 21:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-03 01:58 . 2010-05-03 01:58 -------- d-----w- c:\documents and settings\Brian\Local Settings\Application Data\Codemasters 2010-05-01 07:34 . 2010-05-01 07:34 216736 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-05-01 01:41 . 2010-05-01 01:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters 2010-05-01 01:32 . 2010-05-01 01:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2010-05-01 01:32 . 2010-05-01 01:32 -------- d-----w- c:\windows\system32\xlive . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-10 11:56 . 2009-12-31 18:53 -------- d-----w- c:\documents and settings\Brian\Application Data\uTorrent 2010-05-10 11:55 . 2010-01-01 21:35 -------- d-----w- c:\program files\PeerGuardian2 2010-05-02 07:01 . 2009-12-30 21:38 -------- d-----w- c:\documents and settings\Brian\Application Data\vlc 2010-05-02 05:13 . 2009-12-30 21:38 -------- d-----w- c:\documents and settings\Brian\Application Data\dvdcss 2010-04-03 01:22 . 2010-04-03 01:22 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ 2010-03-10 06:15 . 2009-11-05 12:54 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:19 . 2009-12-08 17:07 919040 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2009-11-05 12:53 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-16 14:08 . 2009-11-05 12:53 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25 . 2009-08-04 14:20 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-15 17:24 . 2009-12-29 18:50 18440 ----a-w- c:\documents and settings\Brian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-02-12 04:33 . 2008-04-14 11:00 100864 ----a-w- c:\windows\system32\6to4svc.dll 2010-02-11 12:02 . 2009-11-05 12:53 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys . ------- Sigcheck ------- [-] 2009-11-05 . 600D58665D16BFBB776EFEFB0E80532D . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Steam"="g:\steam\Steam.exe" [2010-05-07 1238352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-21 110184] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-21 12669544] "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-12-30 33665024] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2009-12-07 115560] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "IE8"="advpack.dll" [2009-11-05 128512] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "g:\\Steam\\Steam.exe"= "g:\\Steam\\steamapps\\gurdgurdson\\team fortress 2\\hl2.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "g:\\Steam\\steamapps\\common\\mirrors edge\\Binaries\\MirrorsEdge.exe"= "g:\\Steam\\steamapps\\common\\europa universalis iii - complete\\eu3game.exe"= "g:\\Steam\\steamapps\\common\\mass effect\\Binaries\\MassEffect.exe"= "g:\\Steam\\steamapps\\common\\ghostbusters\\ghost_w32.exe"= "g:\\Steam\\steamapps\\common\\mount and blade\\runme.exe"= "g:\\Steam\\steamapps\\common\\bioshock\\Builds\\Release\\Bioshock.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"= "c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"= "g:\\Steam\\steamapps\\common\\psychonauts\\PsychoLauncher.exe"= "g:\\Steam\\steamapps\\common\\empire total war demo\\Empire.exe"= "g:\\Steam\\steamapps\\common\\batman arkham asylum - demo\\Binaries\\ShippingPC-BmGame.exe"= "g:\\Steam\\steamapps\\common\\dirt\\DiRT.exe"= "g:\\Steam\\steamapps\\common\\dirt 2\\dirt2.exe"= R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1/24/2010 7:19 PM 102448] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [9/17/2009 8:00 PM 1399680] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [12/7/2009 4:43 PM 23888] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 . - - - - ORPHANS REMOVED - - - - HKLM-Run-nwiz - nwiz.exe SafeBoot-Symantec Antvirus AddRemove-Eastside Hockey Manager v1.16_is1 - g:\eastside hockey manager\unins000.exe ************************************************************************** scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2580) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Completion time: 2010-05-10 18:42:50 ComboFix-quarantined-files.txt 2010-05-11 00:42 Pre-Run: 25,933,602,816 bytes free Post-Run: 26,934,190,080 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - C4ABEEE5120D6239649B56A795143AF1
  10. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version 4084 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 592010 43201 PM mbam-log-2010-05-09 (16-32-01).txt Scan type Quick scan Objects scanned 117268 Time elapsed 2 minute(s), 27 second(s) Memory Processes Infected 0 Memory Modules Infected 0 Registry Keys Infected 0 Registry Values Infected 0 Registry Data Items Infected 0 Folders Infected 0 Files Infected 0 Memory Processes Infected (No malicious items detected) Memory Modules Infected (No malicious items detected) Registry Keys Infected (No malicious items detected) Registry Values Infected (No malicious items detected) Registry Data Items Infected (No malicious items detected) Folders Infected (No malicious items detected) Files Infected (No malicious items detected) DDS (Ver_10-03-17.01) - NTFSx86 Run by Brian at 16:33:13.34 on Sun 05/09/2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3063.2445 [GMT -6:00] AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Endpoint Protection *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files\PeerGuardian2\pg2.exe C:\Program Files\uTorrent\uTorrent.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Brian\Desktop\antimalware\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://google.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {1FD79A59-37B1-459B-9097-09F9FAB8A523} - No File BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [steam] "g:\steam\Steam.exe" -silent mRun: [nwiz] nwiz.exe /installquiet mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1 mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRunOnce: [iE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart dRunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ============= SERVICES / DRIVERS =============== R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-12-7 108392] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-12-7 108392] R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2009-12-7 2477304] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-1-24 102448] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20100508.019\NAVENG.SYS [2010-5-8 84912] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20100508.019\NAVEX15.SYS [2010-5-8 1324720] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-9-17 1399680] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2009-12-7 23888] =============== Created Last 30 ================ 2010-05-08 20:37:20 0 ----a-w- c:\documents and settings\brian\defogger_reenable 2010-05-07 03:23:24 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-05-07 03:23:24 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-06 02:31:23 0 d-----w- c:\windows\system32\Adobe 2010-05-06 01:12:03 0 d-----w- c:\docume~1\brian\applic~1\Malwarebytes 2010-05-06 01:11:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-06 01:11:57 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-06 01:11:57 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-06 01:11:57 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-05-01 01:41:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Codemasters 2010-05-01 01:32:47 0 d-----w- c:\windows\system32\xlive 2010-05-01 01:32:47 0 d-----w- c:\program files\Microsoft Games for Windows - LIVE ==================== Find3M ==================== 2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:19:44 919040 ----a-w- c:\windows\system32\wininet.dll 2010-02-16 14:08:49 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25:04 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll 2006-06-24 05:48:54 32768 ----a-w- c:\windows\inf\UpdateUSB.exe 2009-12-29 11:27:31 245760 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat 2009-12-29 18:40:09 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009122920091230\index.dat ============= FINISH: 16:33:19.29 ===============
  11. I ran Malwarebytes' Anti-Malware which found some malware and I followed the removal instructions. On the next several rescans over the next few days no problems were found. A few days later the program the program has found the exact same malware. I went through the removal process again, and now any scans (quick or full) do not find anything, but of course I am worried that perhaps it will come back again. I have Symantec AV which does not find anything in full scans, but did inform me when the malware first infected my computer. Below is the MBAM scan before I went through the removal process. I'm not sure if it is worth mentioning or not, but GMER used 100% of the CPU when running almost freezing the computer. It did manage to complete its scan. At no other point have I noticed poor computer performance. DDS/GMER is attached. Thanks for any help. Brian Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4073 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 5/8/2010 12:43:19 PM mbam-log-2010-05-08 (12-43-19).txt Scan type: Quick scan Objects scanned: 115184 Time elapsed: 3 minute(s), 42 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS (Ver_10-03-17.01) - NTFSx86 Run by Brian at 14:42:42.40 on Sat 05/08/2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3063.2327 [GMT -6:00] AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Endpoint Protection *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Brian\Desktop\antimalware\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://google.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {1FD79A59-37B1-459B-9097-09F9FAB8A523} - No File BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [steam] "g:\steam\Steam.exe" -silent mRun: [nwiz] nwiz.exe /installquiet mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1 mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRunOnce: [iE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart dRunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ============= SERVICES / DRIVERS =============== R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-12-7 108392] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-12-7 108392] R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2009-12-7 2477304] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-1-24 102448] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20100507.032\NAVENG.SYS [2010-5-7 84912] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20100507.032\NAVEX15.SYS [2010-5-7 1324720] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-9-17 1399680] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2009-12-7 23888] =============== Created Last 30 ================ 2010-05-08 20:37:20 0 ----a-w- c:\documents and settings\brian\defogger_reenable 2010-05-07 03:23:24 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-05-07 03:23:24 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-06 02:31:23 0 d-----w- c:\windows\system32\Adobe 2010-05-06 01:12:03 0 d-----w- c:\docume~1\brian\applic~1\Malwarebytes 2010-05-06 01:11:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-06 01:11:57 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-06 01:11:57 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-06 01:11:57 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-05-01 01:41:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Codemasters 2010-05-01 01:32:47 0 d-----w- c:\windows\system32\xlive 2010-05-01 01:32:47 0 d-----w- c:\program files\Microsoft Games for Windows - LIVE ==================== Find3M ==================== 2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:19:44 919040 ----a-w- c:\windows\system32\wininet.dll 2010-02-16 14:08:49 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25:04 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll 2006-06-24 05:48:54 32768 ----a-w- c:\windows\inf\UpdateUSB.exe 2009-12-29 11:27:31 245760 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat 2009-12-29 18:40:09 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009122920091230\index.dat ============= FINISH: 14:42:47.75 =============== Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.