PDA

View Full Version : Malware redirects Google Search Results



GreenWithEnvy
2012-04-09, 15:04
Hi. I'm looking for some assistance to remove some malware on my PC. I have SpyBot and Malwarebytes. Spy Doctor doesn't pick up a problem when I scan.
Malwarebytes does and it always finds a dll in the Windows\System32 folder and says it's a Rootkit..0Access. It says it has to delete it on start up. Every time the system boots up, the bad dll file is renamed and it's not deleted. A scan finds the renamed dll, says it will delete it on start up, but it's renamed and the cycle continues. In safe mode, it can be deleted outright, but it still appears under a new name after you boot in normal mode.

Symptoms are redirected links on Google results page and tabs just opening up on their own to spam sites. I ran RootkitBuster from Trend Micro but I didn't see anything suspicious in the results.

I backed up the registry.

Here is my DDS log. Thank you in advance for any assistance you can provide

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_31
Run by Mike Hoover at 7:52:13 on 2012-04-09
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.43 [GMT -4:00]
.
FW: Sunbelt Personal Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs
\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page =
uSearch Bar =
mStart Page = hxxp://www.google.com
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
TB: {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [PCFix] c:\program files\pcfix\PCFix.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [DVDSentry] c:\windows\system32\DSentry.exe
mRun: [AdaptecDirectCD] "c:\program files\roxio\easy cd creator 5\directcd\DirectCD.exe"
mRun: [WinVNC] "c:\program files\ultravnc\winvnc.exe" -servicehelper
mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"
mRun: [<NO NAME>]
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/
IE: {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/
IE: {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F}
LSP: mswsock.dll
Trusted Zone: highmark.com\www
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E19F9330-3110-11d4-991C-005004D3B3DB} - hxxp://java.sun.com/products/plugin/1.3.0_01/jinstall-130_01-win.cab
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{36CB7DFF-4912-4EDB-9ACB-4BF5D9220F57} : DhcpNameServer = 75.75.76.76 75.75.75.75
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - c:\program files\qualcomm\eudora\EuShlExt.dll
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mike hoover\application data\mozilla\firefox\profiles\h1ofpo0d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\npjpi160_31.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\opera\program\plugins\npdrmv2.dll
FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: http://forums.spybot.info/misc.php?do=email_dev&email=anFzQHN1bi5jb20= - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Myibidder (Myibay) Bid Sniper for eBay: http://forums.spybot.info/misc.php?do=email_dev&email=ZmlyZWZveDFAbXlpYmF5LmNvbQ== - %profile%\extensions\firefox1@myibay.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2007-4-26 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2007-4-26 72624]
R3 NgLog;Aventail VPN Logging;c:\windows\system32\drivers\nglog.sys [2011-5-18 27208]
R3 NgVpn;Aventail VPN Adapter;c:\windows\system32\drivers\ngvpn.sys [2011-5-18 81480]
S3 NgFilter;Aventail VPN Filter;c:\windows\system32\drivers\ngfilter.sys [2011-5-18 23112]
S3 NgWfp;Aventail VPN Callout;c:\windows\system32\drivers\ngwfp.sys [2011-5-18 25160]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-6-23 189792]
.
=============== Created Last 30 ================
.
2012-04-08 23:44:31 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-04 12:51:05 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
.
==================== Find3M ====================
.
2012-04-08 23:11:47 2786 ----a-w- c:\windows\system32\tmp.reg
2012-04-07 11:34:25 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-07 11:34:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-25 23:45:32 1409 ----a-w- c:\windows\QTFont.for
2012-02-25 13:11:13 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
.
============= FINISH: 7:58:13.98 ===============

Thanks again.

I'm meant that SpyBot does not detect a problem, not Spy Doctor. That was a typo. Thanks.

jeffce
2012-04-10, 19:31
Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Watch Topic button to the right of your topic title and then choosing the notification method ( Recommended: Inmediate Notification)
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.

IMPORTANT NOTE : Please do not delete anything unless instructed to.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.
Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.

Vista and Windows 7 users:
These tools MUST be run from the executable (.exe) every time you run them
with Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.
----------

**WARNING**Unfortunately one or more of the infections I have identified are Backdoor Trojans, IRCBots or other Malware capable of stealing very important information. You need to stop using all Internet Banking sites, change passwords to all sites with sensitive information from a clean computer and phone your bank to inform them that you may be a victim of identify theft. More often than not, we advise users that a full reinstallation of their Operating System is the only way to ensure that their computer will ever be 100% clean again.

Unfortunately I have found what is known as the ZeroAccess rootkit on your system. It is an especially nasty infection that can take quite some time to clean as well as may have damaged your system files itself. As a warning, during the cleaning (if you choose to do so) you may lose internet access with this computer and in the end we may need to reinstall the operating system anyway depending on the extent of the infection.

If you would like to format and reinstall your Operating System please let me know and we can assist you with that.

If you would like to continue with the cleaning, please continue with the following instructions and I will be more than happy to help. :)
----------

Please download aswMBR (http://public.avast.com/~gmerek/aswMBR.exe) to your desktop.

Double click the aswMBR icon to run it.
Click the Scan button to start scan.
When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

http://i1190.photobucket.com/albums/z454/Blottedisk/aswMBRscan-1.png (http://i1190.photobucket.com/albums/z454/Blottedisk/aswMBRscan.png)
Click the image to enlarge it
----------

Please read through these instructions to familarize yourself with what to expect when this tool runs

Download ComboFix from one of these locations:

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.infospyware.net/antimalware/combofix/)

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs (http://forums.whatthetech.com/How_to_Disable_your_Security_Programs_t96260.html)

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


http://img.photobucket.com/albums/v706/ried7/RCUpdate1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

http://img.photobucket.com/albums/v706/ried7/RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
----------

GreenWithEnvy
2012-04-11, 16:07
Well, my PC is pretty much toast after running Combofix. I have no connection to the Internet and my PC doesn't recognize my CD ROM Drives so I can't reload my drivers. Basically, Combofix deleting a lot of the files I need for my PC to function. I'm not sure what my next move is yet. It does recognize a memory stick if I put it in. If I can figure out how to get some of my drivers on the memory stick, I may be able to reload some drivers.

GreenWithEnvy
2012-04-11, 17:12
Is it possible to use that recovery tool that Combofix downloaded to get some of my system files back? I did try to do a system restore, but Windows doesn't make it through the process and says it cannot do a restore. I'm not sure that there are even restore files on my PC even though I have always had the system restore option set to yes.

GreenWithEnvy
2012-04-11, 19:14
Tomorrow, I will post the logs that were requested and then wait for your next instructions. I'll put the logs on a thumb drive and then post them from my work PC. I had to run Combofix three times, so there will be 3 of those logs.

jeffce
2012-04-11, 20:37
Hi,

Just so you know it isn't ComboFix that actually did anything. The symptoms that you are experiencing is fairly typical of the ZeroAccess rootkit. Unfortunately it infects every system differently and does varying levels of damage anywhere from minimal to needing a complete format of the system.

For the time being, see if you have the same problems while booting into Safe Mode.

Also if you are able to do so go ahead and use your USB drive to transfer the ComboFix logs that were created to another computer and post them here.

Don't worry about the infection jumping onto your USB drive as ZeroAccess doesn't do that. :)

GreenWithEnvy
2012-04-12, 15:58
Hi Jeff. I didn't see your post about booting in safe mode until now. Below are the logs. I thought combofix would create a differently named log for each run, but it just overwrote the same log file, so all I have is the last run.
I'll await your further instructions, and thank you very much.

Log 1:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-10 15:32:47
-----------------------------
15:32:47.812 OS Version: Windows 5.1.2600 Service Pack 3
15:32:47.812 Number of processors: 1 586 0x209
15:32:47.812 ComputerName: MJH UserName:
15:32:48.296 Initialize success
15:33:47.921 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:33:47.921 Disk 0 Vendor: WDC_WD800BB-75CAA0 16.06V16 Size: 76293MB BusType: 3
15:33:47.953 Disk 0 MBR read successfully
15:33:47.968 Disk 0 MBR scan
15:33:47.968 Disk 0 Windows XP default MBR code
15:33:47.968 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 39 MB offset 63
15:33:47.984 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76245 MB offset 80325
15:33:47.984 Disk 0 scanning sectors +156232125
15:33:48.078 Disk 0 scanning C:\WINDOWS\system32\drivers
15:34:08.234 Service scanning
15:34:29.750 Modules scanning
15:34:34.812 Module: C:\WINDOWS\system32\drivers\fwdrv.sys **SUSPICIOUS**
15:34:42.359 Disk 0 trace - called modules:
15:34:42.359 ntoskrnl.exe CLASSPNP.SYS DISK.SYS >>UNKNOWN [0x82bd2fd0]<<
15:34:42.375 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83359ab8]
15:34:42.375 3 CLASSPNP.SYS[f8886fd7] -> nt!IofCallDriver -> [0x8324b848]
15:34:42.375 \Driver\00001778[0x8303dd78] -> IRP_MJ_CREATE -> 0x82bd2fd0
15:34:42.375 Scan finished successfully
15:37:20.328 Disk 0 MBR has been saved successfully to "C:\Temp\MBR.dat"
15:37:20.343 The log file has been saved successfully to "C:\Temp\aswMBR.txt"

Log 2 from Combofix:

ComboFix 12-04-10.02 - Mike Hoover 04/10/2012 18:32:27.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.253 [GMT -4:00]
Running from: c:\temp\ComboFix.exe
FW: Sunbelt Personal Firewall *Enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-03-10 to 2012-04-10 )))))))))))))))))))))))))))))))
.
.
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\dllcache\afd.sys
2012-04-10 19:55 . 2007-04-26 14:21 302000 ----a-w- c:\windows\system32\drivers\fwdrv.sys
2012-04-08 23:44 . 2012-04-08 23:44 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-08 22:24 . 2008-12-12 06:57 78336 ----a-w- c:\windows\system32\Agent.OMZ.Fix.exe
2012-04-08 22:24 . 2008-11-29 23:58 82944 ----a-w- c:\windows\system32\IEDFix.C.exe
2012-04-08 22:24 . 2008-10-01 19:51 87552 ----a-w- c:\windows\system32\VACFix.exe
2012-04-08 22:24 . 2008-09-20 16:45 80384 ----a-w- c:\windows\system32\o4Patch.exe
2012-04-08 22:24 . 2008-08-18 16:19 82432 ----a-w- c:\windows\system32\404Fix.exe
2012-04-08 22:24 . 2009-06-02 15:17 75776 ----a-w- c:\windows\system32\WS2Fix.exe
2012-04-08 22:24 . 2008-05-19 01:40 82944 ----a-w- c:\windows\system32\IEDFix.exe
2012-04-08 22:24 . 2007-09-06 04:22 289144 ----a-w- c:\windows\system32\VCCLSID.exe
2012-04-08 22:24 . 2006-04-27 21:49 288417 ----a-w- c:\windows\system32\SrchSTS.exe
2012-04-08 22:24 . 2004-07-31 22:50 51200 ----a-w- c:\windows\system32\dumphive.exe
2012-04-08 22:24 . 2003-06-06 01:13 53248 ----a-w- c:\windows\system32\Process.exe
2012-04-08 20:26 . 2012-04-08 20:26 -------- d-----w- c:\program files\ERUNT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-08 23:11 . 2008-03-18 00:11 2786 ----a-w- c:\windows\system32\tmp.reg
2012-04-07 11:34 . 2008-03-18 23:50 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-07 11:34 . 2010-08-03 01:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 19:56 . 2010-05-01 12:23 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-25 23:45 . 2012-02-25 23:45 1409 ----a-w- c:\windows\QTFont.for
2012-02-25 13:11 . 2011-05-23 10:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:22 . 2002-08-29 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2001-02-27 00:16 . 2010-05-23 01:29 53295 ----a-w- c:\program files\opera\program\plugins\PlugDef.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-10_20.28.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-10 22:51 . 2012-04-10 22:51 16384 c:\windows\Temp\Perflib_Perfdata_234.dat
+ 2003-09-03 00:03 . 2012-04-10 22:55 72160 c:\windows\SYSTEM32\PERFC009.DAT
- 2003-09-03 00:03 . 2012-04-10 20:31 72160 c:\windows\SYSTEM32\PERFC009.DAT
+ 2003-09-03 00:03 . 2012-04-10 22:55 442894 c:\windows\SYSTEM32\PERFH009.DAT
- 2003-09-03 00:03 . 2012-04-10 20:31 442894 c:\windows\SYSTEM32\PERFH009.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-05-02 4640768]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-14 28672]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-09-26 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-11-26 296056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2003-9-2 24576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\program files\Qualcomm\Eudora\EuShlExt.dll" [2002-09-30 86016]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" /hide
"MoneyStartUp10.0"="c:\program files\Microsoft Money\System\Activation.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\WINDOWS\\SYSTEM32\\mmc.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 fwdrv;Firewall Driver;c:\windows\SYSTEM32\DRIVERS\fwdrv.sys [4/10/2012 3:55 PM 302000]
R1 khips;Kerio HIPS Driver;c:\windows\SYSTEM32\DRIVERS\khips.sys [4/26/2007 10:21 AM 72624]
R2 NgVpnMgr;Aventail VPN Client;c:\windows\SYSTEM32\ngvpnmgr.exe [5/18/2011 2:48 AM 290472]
R3 NgLog;Aventail VPN Logging;c:\windows\SYSTEM32\DRIVERS\nglog.sys [5/18/2011 2:11 AM 27208]
R3 NgVpn;Aventail VPN Adapter;c:\windows\SYSTEM32\DRIVERS\ngvpn.sys [5/18/2011 2:11 AM 81480]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [4/26/2007 10:21 AM 1234480]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [4/10/2010 5:05 PM 266544]
S3 NgFilter;Aventail VPN Filter;c:\windows\SYSTEM32\DRIVERS\ngfilter.sys [5/18/2011 2:11 AM 23112]
S3 NgWfp;Aventail VPN Callout;c:\windows\SYSTEM32\DRIVERS\ngwfp.sys [5/18/2011 2:11 AM 25160]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
efs
aegisp
nsm1bus
MRENDIS5
NWADI
w70n51
s117bus
ctaud2k
netdevio
rchost
houdiniserver
HFACSVC
ctdvda2k
atikmdag
pciSd
racsvc
defwatch
vpcnfltr
Subsonic
GT680x
sskbfd
aaksrv
zntport
vstor2-ws60
lanusb
procmon10
w810bus
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
2012-04-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: highmark.com\www
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Mike Hoover\Application Data\Mozilla\Firefox\Profiles\h1ofpo0d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Myibidder (Myibay) Bid Sniper for eBay: firefox1@myibay.com - %profile%\extensions\firefox1@myibay.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-10 18:51
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2428)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\System32\SCardSvr.exe
c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\sessmgr.exe
c:\windows\System32\locator.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
.
**************************************************************************
.
Completion time: 2012-04-10 19:00:44 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-10 23:00
ComboFix2.txt 2012-04-10 21:53
ComboFix3.txt 2012-04-10 20:36
.
Pre-Run: 50,996,711,424 bytes free
Post-Run: 50,989,498,368 bytes free
.
- - End Of File - - 1B2623B40C0EF9DFAC34C6D17C9F0054

jeffce
2012-04-12, 17:29
Hi,



Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:


ClearJavaCache::

DDS::
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
TB: {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
Trusted Zone: highmark.com\www

Firefox::
FF - ProfilePath - c:\documents and settings\mike hoover\application data\mozilla\firefox\profiles\h1ofpo0d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

File::
c:\windows\system32\dds_trash_log.cmd
c:\windows\system32\WS2Fix.exe

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"=-


Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

http://img.photobucket.com/albums/v706/ried7/CFScriptB-4.gif

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------

GreenWithEnvy
2012-04-12, 18:08
Thank you Jeff. I have created the txt file on my thumbdrive and will transfer it to my home PC tonight as instructed. I will bring my work laptop home with me tonight and maybe I can get on the Internet through that to save time.

Thanks once again for your guidance and effort.

jeffce
2012-04-12, 19:52
Sounds good. :)

GreenWithEnvy
2012-04-13, 18:29
First, here is my Combofix log:

ComboFix 12-04-10.02 - Mike Hoover 04/13/2012 1:14.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.236 [GMT -4:00]
Running from: c:\temp\ComboFix.exe
Command switches used :: c:\documents and settings\Mike Hoover\Desktop\CFScript.txt
FW: Sunbelt Personal Firewall *Enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
FILE ::
"c:\windows\system32\dds_trash_log.cmd"
"c:\windows\system32\WS2Fix.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-03-13 to 2012-04-13 )))))))))))))))))))))))))))))))
.
.
2012-04-11 12:00 . 2012-04-11 12:00 1409 ----a-w- c:\windows\QTFont.for
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-10 19:55 . 2007-04-26 14:21 302000 ----a-w- c:\windows\system32\drivers\fwdrv.sys
2012-04-08 23:44 . 2012-04-08 23:44 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-08 22:24 . 2008-12-12 06:57 78336 ----a-w- c:\windows\system32\Agent.OMZ.Fix.exe
2012-04-08 22:24 . 2008-11-29 23:58 82944 ----a-w- c:\windows\system32\IEDFix.C.exe
2012-04-08 22:24 . 2008-10-01 19:51 87552 ----a-w- c:\windows\system32\VACFix.exe
2012-04-08 22:24 . 2008-09-20 16:45 80384 ----a-w- c:\windows\system32\o4Patch.exe
2012-04-08 22:24 . 2008-08-18 16:19 82432 ----a-w- c:\windows\system32\404Fix.exe
2012-04-08 22:24 . 2009-06-02 15:17 75776 ----a-w- c:\windows\system32\WS2Fix.exe
2012-04-08 22:24 . 2008-05-19 01:40 82944 ----a-w- c:\windows\system32\IEDFix.exe
2012-04-08 22:24 . 2007-09-06 04:22 289144 ----a-w- c:\windows\system32\VCCLSID.exe
2012-04-08 22:24 . 2006-04-27 21:49 288417 ----a-w- c:\windows\system32\SrchSTS.exe
2012-04-08 22:24 . 2004-07-31 22:50 51200 ----a-w- c:\windows\system32\dumphive.exe
2012-04-08 22:24 . 2003-06-06 01:13 53248 ----a-w- c:\windows\system32\Process.exe
2012-04-08 20:26 . 2012-04-08 20:26 -------- d-----w- c:\program files\ERUNT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-08 23:11 . 2008-03-18 00:11 2786 ----a-w- c:\windows\system32\tmp.reg
2012-04-07 11:34 . 2008-03-18 23:50 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-07 11:34 . 2010-08-03 01:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 19:56 . 2010-05-01 12:23 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-25 13:11 . 2011-05-23 10:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:22 . 2002-08-29 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2001-02-27 00:16 . 2010-05-23 01:29 53295 ----a-w- c:\program files\opera\program\plugins\PlugDef.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-10_20.28.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-13 05:59 . 2012-04-13 05:59 16384 c:\windows\Temp\Perflib_Perfdata_170.dat
+ 2003-09-03 00:03 . 2012-04-11 12:05 72160 c:\windows\SYSTEM32\PERFC009.DAT
- 2003-09-03 00:03 . 2012-04-10 20:31 72160 c:\windows\SYSTEM32\PERFC009.DAT
+ 2003-09-03 00:03 . 2012-04-11 12:05 442894 c:\windows\SYSTEM32\PERFH009.DAT
- 2003-09-03 00:03 . 2012-04-10 20:31 442894 c:\windows\SYSTEM32\PERFH009.DAT
+ 2012-04-10 23:13 . 2012-04-10 22:20 248742 c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1033.dat
+ 2010-05-22 23:53 . 2012-04-10 23:45 1157376 c:\windows\SYSTEM32\Restore\rstrlog.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-05-02 4640768]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-14 28672]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-09-26 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-11-26 296056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2003-9-2 24576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\program files\Qualcomm\Eudora\EuShlExt.dll" [2002-09-30 86016]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" /hide
"MoneyStartUp10.0"="c:\program files\Microsoft Money\System\Activation.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\WINDOWS\\SYSTEM32\\mmc.exe"=
.
R1 fwdrv;Firewall Driver;c:\windows\SYSTEM32\DRIVERS\fwdrv.sys [4/10/2012 3:55 PM 302000]
R1 khips;Kerio HIPS Driver;c:\windows\SYSTEM32\DRIVERS\khips.sys [4/26/2007 10:21 AM 72624]
R2 NgVpnMgr;Aventail VPN Client;c:\windows\SYSTEM32\ngvpnmgr.exe [5/18/2011 2:48 AM 290472]
R3 NgLog;Aventail VPN Logging;c:\windows\SYSTEM32\DRIVERS\nglog.sys [5/18/2011 2:11 AM 27208]
R3 NgVpn;Aventail VPN Adapter;c:\windows\SYSTEM32\DRIVERS\ngvpn.sys [5/18/2011 2:11 AM 81480]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [4/26/2007 10:21 AM 1234480]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [4/10/2010 5:05 PM 266544]
S3 NgFilter;Aventail VPN Filter;c:\windows\SYSTEM32\DRIVERS\ngfilter.sys [5/18/2011 2:11 AM 23112]
S3 NgWfp;Aventail VPN Callout;c:\windows\SYSTEM32\DRIVERS\ngwfp.sys [5/18/2011 2:11 AM 25160]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
efs
aegisp
nsm1bus
MRENDIS5
NWADI
w70n51
s117bus
ctaud2k
netdevio
rchost
houdiniserver
HFACSVC
ctdvda2k
atikmdag
pciSd
racsvc
defwatch
vpcnfltr
Subsonic
GT680x
sskbfd
aaksrv
zntport
vstor2-ws60
lanusb
procmon10
w810bus
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
2012-04-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Mike Hoover\Application Data\Mozilla\Firefox\Profiles\h1ofpo0d.default\
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Myibidder (Myibay) Bid Sniper for eBay: firefox1@myibay.com - %profile%\extensions\firefox1@myibay.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-13 02:00
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1832)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\System32\SCardSvr.exe
c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\System32\locator.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
.
**************************************************************************
.
Completion time: 2012-04-13 02:10:48 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-13 06:10
ComboFix2.txt 2012-04-10 23:00
ComboFix3.txt 2012-04-10 21:53
ComboFix4.txt 2012-04-10 20:36
.
Pre-Run: 50,752,536,576 bytes free
Post-Run: 50,768,814,080 bytes free
.
- - End Of File - - 1D99D33CC6784A9802FE519B092F9A36

GreenWithEnvy
2012-04-13, 18:37
You asked me if I could access the Internet in safe mode. The answer is no. I tried safemode with networking and I still could not access the Internet. I looks like it's loading a bunch of drivers in safe mode, but apparently, not all of the drivers I need.

My LAN or Network connection (broadband access) appears to be working, but the connection does not appear to be able to access ip address info. I try to "repair" the connection and it says it can not get the ip address because it could not access tcpip information. I did try to enter the ip address info manually, but that didn't help.

Outside of the Internet Access issue, there are a lot of applications that do not work, presumably because the drivers are not accessible. The PC can see a floppy drive, an external hard drive, and a thumb drive, but cannot see my 2 DVD drives.

At the moment, I have a work laptop next to the desk top, and I can access the Internet through the laptop. I will have the laptop all weekend, so I should be able to download things from the laptop, but it on the thumbdrive and move to my desk top.

jeffce
2012-04-13, 22:02
Hi,

While I am looking over your ComboFix log please do the following:

Please download Farbar Service Scanner (http://download.bleepingcomputer.com/farbar/FSS.exe) and run it on the computer with the issue.
Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

GreenWithEnvy
2012-04-13, 22:13
Here it is Jeff:

Farbar Service Scanner Version: 01-03-2012
Ran by Mike Hoover (administrator) on 13-04-2012 at 15:12:05
Running from "C:\Temp"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returend error: Yahoo IP is unreachable


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Bridge(14) BridgeMP(13) DNE(8) Gpc(6) IPSec(4) NetBT(5) NwlnkIpx(10) NwlnkNb(11) PSched(7) Tcpip(3)
0x0F0000000400000001000000020000000300000009000000050000000600000007000000080000000A0000000B0000000C0000000D0000000E0000000F000000
IpSec Tag value is correct.

**** End of log ****

jeffce
2012-04-13, 23:04
Hi,

Go to Start >> Run >> type CMD and this will open the command prompt.

In the command prompt type the following:

IPCONFIG /RELEASE (press Enter)

IPCONFIG /FLUSHDNS (press Enter)

IPCONFIG /RENEW (press Enter)

Close out of the command prompt and reboot.

Try to connect to the internet now and let me know if that helped.

GreenWithEnvy
2012-04-13, 23:43
I did as you instructed and it didn't help. The "local area connection" is connected but I cannot get the system to pull my ip address. I had tried the ipconfig /renew previously to see if that would help.

When I look at Device Manager, under Network Adapters, it looks like it giving and indication that certain drivers are missing,

I did find a place on the computer manufacturer's website where I can download drivers allegedly specific to my PC. I've never done it before, so I'm not exactly sure what I'm doing.

jeffce
2012-04-14, 17:23
Please run Farbar Service Scanner.
Type the following in the search box:

netbt

Click "Export Service" and post the log it makes (FSS.txt).

GreenWithEnvy
2012-04-14, 18:33
OK Jeff. I will do that.

Just to let you know, even though I don't know what I'm doing, I have the PC now recognizing my two CD/DVD drives and I can run them. Also, I have my PC's audio back, which was gone. Still no Internet Access.

GreenWithEnvy
2012-04-14, 18:39
Here is FSS.txt:


Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt]
"Type"=dword:00000001
"Start"=dword:00000001
"ErrorControl"=dword:00000001
"Tag"=dword:00000005
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,6e,00,65,00,74,00,62,00,74,00,2e,\
00,73,00,79,00,73,00,00,00
"DisplayName"="NetBios over Tcpip"
"Group"="PNP_TDI"
"DependOnService"=hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00
"DependOnGroup"=hex(7):00,00
"Description"="NetBios over Tcpip"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Linkage]
"OtherDependencies"=hex(7):54,00,63,00,70,00,69,00,70,00,00,00,00,00
"Bind"=hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,\
00,69,00,70,00,36,00,5f,00,7b,00,33,00,36,00,43,00,42,00,37,00,44,00,46,00,\
46,00,2d,00,34,00,39,00,31,00,32,00,2d,00,34,00,45,00,44,00,42,00,2d,00,39,\
00,41,00,43,00,42,00,2d,00,34,00,42,00,46,00,35,00,44,00,39,00,32,00,32,00,\
30,00,46,00,35,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,\
00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,46,00,37,00,33,00,\
32,00,37,00,46,00,37,00,38,00,2d,00,45,00,34,00,46,00,43,00,2d,00,34,00,32,\
00,45,00,45,00,2d,00,41,00,32,00,30,00,44,00,2d,00,36,00,33,00,30,00,38,00,\
35,00,34,00,34,00,34,00,42,00,44,00,45,00,43,00,7d,00,00,00,5c,00,44,00,65,\
00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,\
7b,00,39,00,46,00,32,00,30,00,34,00,34,00,31,00,41,00,2d,00,36,00,43,00,44,\
00,32,00,2d,00,34,00,39,00,36,00,46,00,2d,00,42,00,36,00,43,00,30,00,2d,00,\
32,00,37,00,42,00,30,00,46,00,35,00,34,00,34,00,38,00,32,00,38,00,42,00,7d,\
00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,\
69,00,70,00,36,00,5f,00,7b,00,32,00,35,00,34,00,39,00,38,00,32,00,35,00,35,\
00,2d,00,30,00,31,00,35,00,39,00,2d,00,34,00,44,00,35,00,36,00,2d,00,41,00,\
38,00,46,00,34,00,2d,00,35,00,45,00,46,00,38,00,35,00,30,00,30,00,36,00,43,\
00,35,00,31,00,46,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,\
5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,39,00,46,00,32,00,30,00,34,\
00,34,00,31,00,41,00,2d,00,36,00,43,00,44,00,32,00,2d,00,34,00,39,00,36,00,\
46,00,2d,00,42,00,36,00,43,00,30,00,2d,00,32,00,37,00,42,00,30,00,46,00,35,\
00,34,00,34,00,38,00,32,00,38,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,\
69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,46,00,37,\
00,33,00,32,00,37,00,46,00,37,00,38,00,2d,00,45,00,34,00,46,00,43,00,2d,00,\
34,00,32,00,45,00,45,00,2d,00,41,00,32,00,30,00,44,00,2d,00,36,00,33,00,30,\
00,38,00,35,00,34,00,34,00,34,00,42,00,44,00,45,00,43,00,7d,00,00,00,5c,00,\
44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,\
00,7b,00,41,00,45,00,36,00,31,00,34,00,41,00,36,00,39,00,2d,00,45,00,31,00,\
33,00,41,00,2d,00,34,00,35,00,36,00,38,00,2d,00,42,00,32,00,30,00,46,00,2d,\
00,42,00,43,00,30,00,44,00,30,00,33,00,36,00,42,00,46,00,30,00,31,00,35,00,\
7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,\
00,69,00,70,00,5f,00,7b,00,33,00,36,00,43,00,42,00,37,00,44,00,46,00,46,00,\
2d,00,34,00,39,00,31,00,32,00,2d,00,34,00,45,00,44,00,42,00,2d,00,39,00,41,\
00,43,00,42,00,2d,00,34,00,42,00,46,00,35,00,44,00,39,00,32,00,32,00,30,00,\
46,00,35,00,37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,\
00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,31,00,38,00,32,00,30,00,\
43,00,37,00,46,00,2d,00,31,00,46,00,32,00,44,00,2d,00,34,00,45,00,43,00,36,\
00,2d,00,41,00,43,00,35,00,32,00,2d,00,34,00,41,00,41,00,34,00,43,00,35,00,\
43,00,45,00,39,00,35,00,36,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,\
00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,45,00,35,00,\
45,00,43,00,30,00,41,00,36,00,37,00,2d,00,37,00,45,00,45,00,41,00,2d,00,34,\
00,38,00,44,00,36,00,2d,00,42,00,46,00,33,00,30,00,2d,00,39,00,30,00,46,00,\
35,00,43,00,31,00,33,00,41,00,42,00,43,00,41,00,33,00,7d,00,00,00,5c,00,44,\
00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,69,00,70,00,5f,00,\
7b,00,35,00,45,00,39,00,45,00,39,00,31,00,42,00,41,00,2d,00,31,00,43,00,32,\
00,44,00,2d,00,34,00,37,00,30,00,31,00,2d,00,38,00,44,00,41,00,43,00,2d,00,\
34,00,43,00,46,00,35,00,31,00,36,00,44,00,44,00,36,00,35,00,43,00,33,00,7d,\
00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,54,00,63,00,70,00,\
69,00,70,00,5f,00,7b,00,30,00,46,00,44,00,30,00,42,00,39,00,36,00,31,00,2d,\
00,44,00,45,00,33,00,38,00,2d,00,34,00,33,00,44,00,35,00,2d,00,41,00,43,00,\
35,00,36,00,2d,00,45,00,41,00,34,00,32,00,46,00,30,00,41,00,41,00,43,00,36,\
00,35,00,31,00,7d,00,00,00,00,00
"Route"=hex(7):22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,33,00,36,00,43,00,42,00,37,00,44,00,46,00,46,00,2d,00,34,00,39,00,31,00,\
32,00,2d,00,34,00,45,00,44,00,42,00,2d,00,39,00,41,00,43,00,42,00,2d,00,34,\
00,42,00,46,00,35,00,44,00,39,00,32,00,32,00,30,00,46,00,35,00,37,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,46,00,37,00,33,00,32,00,37,00,46,00,37,00,38,00,2d,00,45,00,34,00,46,00,\
43,00,2d,00,34,00,32,00,45,00,45,00,2d,00,41,00,32,00,30,00,44,00,2d,00,36,\
00,33,00,30,00,38,00,35,00,34,00,34,00,34,00,42,00,44,00,45,00,43,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,39,00,46,00,32,00,30,00,34,00,34,00,31,00,41,00,2d,00,36,00,43,00,44,00,\
32,00,2d,00,34,00,39,00,36,00,46,00,2d,00,42,00,36,00,43,00,30,00,2d,00,32,\
00,37,00,42,00,30,00,46,00,35,00,34,00,34,00,38,00,32,00,38,00,42,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,36,00,22,00,20,00,22,00,7b,\
00,32,00,35,00,34,00,39,00,38,00,32,00,35,00,35,00,2d,00,30,00,31,00,35,00,\
39,00,2d,00,34,00,44,00,35,00,36,00,2d,00,41,00,38,00,46,00,34,00,2d,00,35,\
00,45,00,46,00,38,00,35,00,30,00,30,00,36,00,43,00,35,00,31,00,46,00,7d,00,\
22,00,00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,39,\
00,46,00,32,00,30,00,34,00,34,00,31,00,41,00,2d,00,36,00,43,00,44,00,32,00,\
2d,00,34,00,39,00,36,00,46,00,2d,00,42,00,36,00,43,00,30,00,2d,00,32,00,37,\
00,42,00,30,00,46,00,35,00,34,00,34,00,38,00,32,00,38,00,42,00,7d,00,22,00,\
00,00,22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,46,00,37,\
00,33,00,32,00,37,00,46,00,37,00,38,00,2d,00,45,00,34,00,46,00,43,00,2d,00,\
34,00,32,00,45,00,45,00,2d,00,41,00,32,00,30,00,44,00,2d,00,36,00,33,00,30,\
00,38,00,35,00,34,00,34,00,34,00,42,00,44,00,45,00,43,00,7d,00,22,00,00,00,\
22,00,54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,41,00,45,00,36,\
00,31,00,34,00,41,00,36,00,39,00,2d,00,45,00,31,00,33,00,41,00,2d,00,34,00,\
35,00,36,00,38,00,2d,00,42,00,32,00,30,00,46,00,2d,00,42,00,43,00,30,00,44,\
00,30,00,33,00,36,00,42,00,46,00,30,00,31,00,35,00,7d,00,22,00,00,00,22,00,\
54,00,63,00,70,00,69,00,70,00,22,00,20,00,22,00,7b,00,33,00,36,00,43,00,42,\
00,37,00,44,00,46,00,46,00,2d,00,34,00,39,00,31,00,32,00,2d,00,34,00,45,00,\
44,00,42,00,2d,00,39,00,41,00,43,00,42,00,2d,00,34,00,42,00,46,00,35,00,44,\
00,39,00,32,00,32,00,30,00,46,00,35,00,37,00,7d,00,22,00,00,00,22,00,54,00,\
63,00,70,00,69,00,70,00,22,00,20,00,22,00,4e,00,64,00,69,00,73,00,57,00,61,\
00,6e,00,49,00,70,00,22,00,00,00,00,00
"Export"=hex(7):5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,\
00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,33,00,\
36,00,43,00,42,00,37,00,44,00,46,00,46,00,2d,00,34,00,39,00,31,00,32,00,2d,\
00,34,00,45,00,44,00,42,00,2d,00,39,00,41,00,43,00,42,00,2d,00,34,00,42,00,\
46,00,35,00,44,00,39,00,32,00,32,00,30,00,46,00,35,00,37,00,7d,00,00,00,5c,\
00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,\
5f,00,54,00,63,00,70,00,69,00,70,00,36,00,5f,00,7b,00,46,00,37,00,33,00,32,\
00,37,00,46,00,37,00,38,00,2d,00,45,00,34,00,46,00,43,00,2d,00,34,00,32,00,\
45,00,45,00,2d,00,41,00,32,00,30,00,44,00,2d,00,36,00,33,00,30,00,38,00,35,\
00,34,00,34,00,34,00,42,00,44,00,45,00,43,00,7d,00,00,00,5c,00,44,00,65,00,\
76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,\
00,70,00,69,00,70,00,36,00,5f,00,7b,00,39,00,46,00,32,00,30,00,34,00,34,00,\
31,00,41,00,2d,00,36,00,43,00,44,00,32,00,2d,00,34,00,39,00,36,00,46,00,2d,\
00,42,00,36,00,43,00,30,00,2d,00,32,00,37,00,42,00,30,00,46,00,35,00,34,00,\
34,00,38,00,32,00,38,00,42,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,\
00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,\
70,00,36,00,5f,00,7b,00,32,00,35,00,34,00,39,00,38,00,32,00,35,00,35,00,2d,\
00,30,00,31,00,35,00,39,00,2d,00,34,00,44,00,35,00,36,00,2d,00,41,00,38,00,\
46,00,34,00,2d,00,35,00,45,00,46,00,38,00,35,00,30,00,30,00,36,00,43,00,35,\
00,31,00,46,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,\
4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,\
00,39,00,46,00,32,00,30,00,34,00,34,00,31,00,41,00,2d,00,36,00,43,00,44,00,\
32,00,2d,00,34,00,39,00,36,00,46,00,2d,00,42,00,36,00,43,00,30,00,2d,00,32,\
00,37,00,42,00,30,00,46,00,35,00,34,00,34,00,38,00,32,00,38,00,42,00,7d,00,\
00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,\
00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,46,00,37,00,33,00,\
32,00,37,00,46,00,37,00,38,00,2d,00,45,00,34,00,46,00,43,00,2d,00,34,00,32,\
00,45,00,45,00,2d,00,41,00,32,00,30,00,44,00,2d,00,36,00,33,00,30,00,38,00,\
35,00,34,00,34,00,34,00,42,00,44,00,45,00,43,00,7d,00,00,00,5c,00,44,00,65,\
00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,\
63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,45,00,36,00,31,00,34,00,41,00,36,\
00,39,00,2d,00,45,00,31,00,33,00,41,00,2d,00,34,00,35,00,36,00,38,00,2d,00,\
42,00,32,00,30,00,46,00,2d,00,42,00,43,00,30,00,44,00,30,00,33,00,36,00,42,\
00,46,00,30,00,31,00,35,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,\
65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,\
00,5f,00,7b,00,33,00,36,00,43,00,42,00,37,00,44,00,46,00,46,00,2d,00,34,00,\
39,00,31,00,32,00,2d,00,34,00,45,00,44,00,42,00,2d,00,39,00,41,00,43,00,42,\
00,2d,00,34,00,42,00,46,00,35,00,44,00,39,00,32,00,32,00,30,00,46,00,35,00,\
37,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,\
00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,\
31,00,38,00,32,00,30,00,43,00,37,00,46,00,2d,00,31,00,46,00,32,00,44,00,2d,\
00,34,00,45,00,43,00,36,00,2d,00,41,00,43,00,35,00,32,00,2d,00,34,00,41,00,\
41,00,34,00,43,00,35,00,43,00,45,00,39,00,35,00,36,00,42,00,7d,00,00,00,5c,\
00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,\
5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,45,00,35,00,45,00,43,00,30,\
00,41,00,36,00,37,00,2d,00,37,00,45,00,45,00,41,00,2d,00,34,00,38,00,44,00,\
36,00,2d,00,42,00,46,00,33,00,30,00,2d,00,39,00,30,00,46,00,35,00,43,00,31,\
00,33,00,41,00,42,00,43,00,41,00,33,00,7d,00,00,00,5c,00,44,00,65,00,76,00,\
69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,\
00,69,00,70,00,5f,00,7b,00,35,00,45,00,39,00,45,00,39,00,31,00,42,00,41,00,\
2d,00,31,00,43,00,32,00,44,00,2d,00,34,00,37,00,30,00,31,00,2d,00,38,00,44,\
00,41,00,43,00,2d,00,34,00,43,00,46,00,35,00,31,00,36,00,44,00,44,00,36,00,\
35,00,43,00,33,00,7d,00,00,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,\
00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,\
7b,00,30,00,46,00,44,00,30,00,42,00,39,00,36,00,31,00,2d,00,44,00,45,00,33,\
00,38,00,2d,00,34,00,33,00,44,00,35,00,2d,00,41,00,43,00,35,00,36,00,2d,00,\
45,00,41,00,34,00,32,00,46,00,30,00,41,00,41,00,43,00,36,00,35,00,31,00,7d,\
00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters]
"NbProvider"="_tcp"
"NameServerPort"=dword:00000089
"CacheTimeout"=dword:000927c0
"BcastNameQueryCount"=dword:00000003
"BcastQueryTimeout"=dword:000002ee
"NameSrvQueryCount"=dword:00000003
"NameSrvQueryTimeout"=dword:000005dc
"Size/Small/Medium/Large"=dword:00000001
"SessionKeepAlive"=dword:0036ee80
"TransportBindName"="\\Device\\"
"EnableLMHOSTS"=dword:00000001
"DhcpNodeType"=dword:00000008
"EnableProxy"=dword:00000002

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces\Tcpip_{0FD0B961-DE38-43D5-AC56-EA42F0AAC651}]
"NameServerList"=hex(7):00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces\Tcpip_{36CB7DFF-4912-4EDB-9ACB-4BF5D9220F57}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces\Tcpip_{5E9E91BA-1C2D-4701-8DAC-4CF516DD65C3}]
"NameServerList"=hex(7):00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces\Tcpip_{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}]
"NameServerList"=hex(7):00,00,00,00
"RASFlags"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces\Tcpip_{9F20441A-6CD2-496F-B6C0-27B0F544828B}]
"NameServerList"=hex(7):00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"NetbiosOptions"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces\Tcpip_{AE614A69-E13A-4568-B20F-BC0D036BF015}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces\Tcpip_{E5EC0A67-7EEA-48D6-BF30-90F5C13ABCA3}]
"NameServerList"=hex(7):00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Parameters\Interfaces\Tcpip_{F7327F78-E4FC-42EE-A20D-63085444BDEC}]
"NameServerList"=hex(7):00,00
"NetbiosOptions"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Security]
"Security"=hex:01,00,14,80,e8,00,00,00,f4,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,b8,00,08,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,\
05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,\
23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,\
00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,14,\
00,40,00,00,00,01,01,00,00,00,00,00,05,13,00,00,00,00,00,14,00,40,00,00,00,\
01,01,00,00,00,00,00,05,14,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,\
00,00,05,20,00,00,00,2c,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt\Enum]
"0"="Root\\LEGACY_NETBT\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_netbt]
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_netbt\0000]
"Service"="NetBT"
"Legacy"=dword:00000001
"ConfigFlags"=dword:00000000
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"DeviceDesc"="NetBios over Tcpip"
"Capabilities"=dword:00000000
"Driver"="{8ECC055D-047F-11D1-A537-0000F8753ED1}\\0026"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_netbt\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_netbt\0000\Control]
"ActiveService"="NetBT"

GreenWithEnvy
2012-04-15, 00:56
Well, I worked on trying to restore the internet connection for about 11 hours straight. No luck. I've tried all kinds of things, including uninstalling and reinstalling the tcp/in driver. But I still cannot generate the ip address.

GreenWithEnvy
2012-04-15, 19:15
Oh my god, I just got my Internet Access back. This is momentous! I've been working on this for a day and a half.

Awaiting further instructions.

jeffce
2012-04-15, 20:44
Hi,

What was it you did so that others can see what steps you took. :)
----------

Run a new scan with ComboFix and post that new log so we can see what we have still. :)

GreenWithEnvy
2012-04-16, 04:57
First of all, my internet access may be a bit shaky yet. Just now I had to renew my ip address again.

I tried about 50 different things over the last day and half. And then I unplugged my modem and waited for a couple of minutes and then plugged it back in and boom, I got access. But, I had unplugged my modem so that it would reset a couple times before and tried to renew the ip address and it didn't work. I did something that fixed things over the course of the many things I tried, but until I reset the modem, the fix help. So, sadly, I am unable to pinpoint the one thing that I did to get my access back. But something I did worked.

I can tell you that I even after downloading my drivers from the vendor site, I still had no audio and my drives were not recognized and i worked on that for quite a while. I ran a utility that was on my PC for years called Microsoft Fixit Center. When I ran that, it fixed my audio driver and the two CD drives. That's a microsoft free utility that you can download that will try to correct certain problems you are having.

jeffce
2012-04-16, 14:48
Hi,

LOL!! Of course...reset the router hahahaha!! Sometimes the most obvious and easy fix is the one overlooked. Great Job!! :D

When you get a chance be sure to run a new scan with ComboFix and post the new log. :)

GreenWithEnvy
2012-04-16, 15:10
Well, trust me, it wasn't just resetting the modem, because I tried that a number of times. It was a combination of one of the other fixes I implemented and then resetting the modem that finally gave me my access back. The connection is working really well right now.

If I recall correctly, a Combofix "scan" does more than scan if it detects a problem. So, I'd like to figure out how to force a system backup so that I can restore in case Combofix decides to start deleting things again. So, I will create a restore point and then run Combofix and post. One thing I notice is that there are suspicious processes in my process list, but they are disabled and don't run. I'd like to delete the processes completely but not sure if I should. I say suspicious because there are no descriptions of the processes, they have seemingly random names and they have no dependencies. But like I said, they are set as manual and disabled.

jeffce
2012-04-16, 16:29
Hi,

Ok I will wait for the ComboFix log. The infection you had on your system was the real deal and there is no telling what damage it may have done while running around in your computer. It seems like it has been neutralized but we may be dealing with the damage control now.

GreenWithEnvy
2012-04-16, 16:46
Hi,

Ok I will wait for the ComboFix log. The infection you had on your system was the real deal and there is no telling what damage it may have done while running around in your computer. It seems like it has been neutralized but we may be dealing with the damage control now.

I did set a restore point this morning. Truthfully, I'm not sure if that's the same as a complete back-up or not. I hope that it is.

It does seem that the infection was neutralized. I don't see any of the symptoms that I saw before. There are still drivers that don't seem to be in place. There is software that doesn't work anymore. This infection in combination with the fix definitely left a trail of destruction. All of the essentials of the PC are working again, though. And I can always reload software that no longer works if I need to, so I'm in a much happier place now.

I will run the combofix tonight and post here even though it scares me to death to do it.

And once again, Jeff, thank you so much for your assistance through this process.

Mike

jeffce
2012-04-16, 21:07
Hi,


I'm not sure if that's the same as a complete back-up or not.Well it isn't a backup but at least we can get your system back to the same point it is in now. :)

When you get the new ComboFix log post that. :)


And once again, Jeff, thank you so much for your assistance through this process.You are more than welcome

GreenWithEnvy
2012-04-17, 12:44
Hi Jeff, I don't want you to think that I'm deathly afraid of Combofix, but I purchased an external harddrive and backed up my C drive before running it. So when you see Seagate and Memeo in the logs, that's what that it.

Also, I should note that when I ran combofix, a message popped up that said it was out of date and would run with reduced functionality.

A quick spot check seems to indicate that my basic PC functions are intact. The only thing I notice is that my Firewall won't start. I'm going to reboot the PC to see if that resolves it.

Here are the logs:


ComboFix 12-04-10.02 - Mike Hoover 04/17/2012 5:05.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.270 [GMT -4:00]
Running from: c:\temp\ComboFix.exe
FW: Sunbelt Personal Firewall *Enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
- REDUCED FUNCTIONALITY MODE -
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\drivers\fad.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll
F:\Autorun.inf
G:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-03-17 to 2012-04-17 )))))))))))))))))))))))))))))))
.
.
2012-04-17 09:12 . 2012-04-17 09:12 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Seagate
2012-04-17 01:48 . 2012-04-17 01:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MemeoCommon
2012-04-17 01:47 . 2012-04-17 09:13 -------- d-----w- c:\documents and settings\Mike Hoover\Application Data\Memeo
2012-04-17 01:47 . 2012-04-17 01:47 -------- d-----w- c:\documents and settings\Mike Hoover\Application Data\Seagate
2012-04-17 01:47 . 2012-04-17 01:47 -------- d-----w- c:\documents and settings\LocalService\Application Data\Seagate
2012-04-17 01:45 . 2012-04-17 01:45 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ServiceTest
2012-04-17 01:45 . 2012-04-17 01:47 -------- d-----w- c:\program files\Common Files\Memeo
2012-04-17 01:45 . 2012-04-17 01:46 -------- d-----w- c:\program files\Memeo
2012-04-17 01:45 . 2012-04-17 01:45 -------- d-----w- c:\documents and settings\Mike Hoover\Local Settings\Application Data\temp
2012-04-15 15:39 . 2012-04-15 15:39 -------- d-----w- c:\windows\system32\wbem\Repository
2012-04-15 12:15 . 2012-04-17 09:13 -------- d-----w- c:\windows\system32\CatRoot2
2012-04-15 12:03 . 2001-08-18 02:36 32256 ----a-w- c:\windows\system32\dllcache\diapi2NT.dll
2012-04-15 12:02 . 2008-04-13 18:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
2012-04-15 12:02 . 2001-08-17 18:55 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
2012-04-15 12:02 . 2001-08-17 16:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2012-04-15 12:02 . 2001-08-17 18:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
2012-04-15 12:02 . 2001-08-17 17:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
2012-04-14 18:48 . 2012-04-15 12:38 -------- d-----w- C:\ERDNT
2012-04-14 17:34 . 2012-04-14 17:34 -------- d-----w- c:\program files\Broadcom
2012-04-14 17:26 . 2002-08-29 10:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2012-04-14 13:55 . 2012-04-14 13:55 -------- d-----w- c:\program files\CONEXANT
2012-04-14 13:55 . 2002-10-07 16:29 11027 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2012-04-14 13:55 . 2002-10-07 16:17 69632 ----a-w- c:\windows\system32\mdmxsdk.dll
2012-04-14 13:55 . 2002-10-09 17:50 170499 ----a-w- c:\windows\system32\drivers\HSFHWBS2.sys
2012-04-14 13:55 . 2002-10-09 17:50 1175536 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2012-04-14 13:55 . 2002-10-09 17:44 604240 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2012-04-14 13:46 . 2002-09-26 22:04 27786 ----a-w- c:\windows\system32\HSFCI004.dll
2012-04-14 13:45 . 2001-08-22 12:42 13632 ----a-w- c:\windows\system32\drivers\omci.sys
2012-04-13 22:34 . 2006-03-02 00:30 618880 ----a-w- c:\windows\system32\drivers\IntelC52.sys
2012-04-13 22:34 . 2005-05-06 18:42 1339776 ----a-w- c:\windows\system32\drivers\IntelC51.sys
2012-04-13 22:34 . 2005-05-06 18:40 47360 ----a-w- c:\windows\system32\drivers\IntelC53.sys
2012-04-13 22:34 . 2005-05-06 18:40 36880 ----a-w- c:\windows\system32\drivers\mohfilt.sys
2012-04-13 22:34 . 2005-05-06 18:39 172032 ----a-w- c:\windows\system32\intelmoh.dll
2012-04-13 22:34 . 2005-05-06 18:39 49152 ----a-w- c:\windows\system32\mhwt.dll
2012-04-11 12:00 . 2012-04-11 12:00 1409 ----a-w- c:\windows\QTFont.for
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\dllcache\afd.sys
2012-04-10 19:55 . 2007-04-26 14:21 302000 ----a-w- c:\windows\system32\drivers\fwdrv.sys
2012-04-08 23:44 . 2012-04-08 23:44 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-08 20:26 . 2012-04-08 20:26 -------- d-----w- c:\program files\ERUNT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-07 11:34 . 2008-03-18 23:50 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-07 11:34 . 2010-08-03 01:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 19:56 . 2010-05-01 12:23 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 01:25 . 2004-08-24 00:32 832512 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 01:25 . 2010-06-24 23:50 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-03-01 01:25 . 2002-08-29 10:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-03-01 01:25 . 2002-08-29 10:00 17408 ----a-w- c:\windows\system32\corpol.dll
2012-02-29 14:10 . 2002-08-29 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2002-08-29 10:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-25 13:11 . 2011-05-23 10:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:22 . 2002-08-29 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2001-02-27 00:16 . 2010-05-23 01:29 53295 ----a-w- c:\program files\opera\program\plugins\PlugDef.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-05-02 4640768]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-14 28672]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-09-26 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-11-26 296056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Memeo Instant Backup"="c:\program files\Memeo\AutoBackup\MemeoLauncher2.exe" [2010-04-23 136416]
"Memeo AutoSync"="c:\program files\Memeo\AutoSync\MemeoLauncher2.exe" [2010-04-16 144608]
"Memeo Send"="c:\program files\Memeo\Memeo Send\MemeoLauncher.exe" [2009-11-05 236816]
"Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2010-04-30 79112]
.
c:\documents and settings\Mike Hoover\Start Menu\Programs\Startup\
Seagate Product Registration.lnk - c:\documents and settings\Mike Hoover\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe [2012-4-16 1731736]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2003-9-2 24576]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ %I
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" /hide
"MoneyStartUp10.0"="c:\program files\Microsoft Money\System\Activation.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
.
R1 fwdrv;Firewall Driver;c:\windows\SYSTEM32\DRIVERS\fwdrv.sys [4/10/2012 3:55 PM 302000]
R1 khips;Kerio HIPS Driver;c:\windows\SYSTEM32\DRIVERS\khips.sys [4/26/2007 10:21 AM 72624]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackup\MemeoBackgroundService.exe [4/22/2010 8:33 PM 25824]
R2 NgVpnMgr;Aventail VPN Client;c:\windows\SYSTEM32\ngvpnmgr.exe [5/18/2011 2:48 AM 290472]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [4/30/2010 10:47 AM 14088]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [4/26/2007 10:21 AM 1234480]
R3 NgLog;Aventail VPN Logging;c:\windows\SYSTEM32\DRIVERS\nglog.sys [5/18/2011 2:11 AM 27208]
R3 NgVpn;Aventail VPN Adapter;c:\windows\SYSTEM32\DRIVERS\ngvpn.sys [5/18/2011 2:11 AM 81480]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [4/10/2010 5:05 PM 266544]
S3 MTK;Media Technology Kernel Driver;c:\windows\system32\Drivers\mtk.sys --> c:\windows\system32\Drivers\mtk.sys [?]
S3 NgFilter;Aventail VPN Filter;c:\windows\SYSTEM32\DRIVERS\ngfilter.sys [5/18/2011 2:11 AM 23112]
S3 NgWfp;Aventail VPN Callout;c:\windows\SYSTEM32\DRIVERS\ngwfp.sys [5/18/2011 2:11 AM 25160]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
efs
aegisp
nsm1bus
MRENDIS5
NWADI
w70n51
s117bus
ctaud2k
netdevio
rchost
houdiniserver
HFACSVC
ctdvda2k
atikmdag
pciSd
racsvc
defwatch
vpcnfltr
Subsonic
GT680x
sskbfd
aaksrv
zntport
vstor2-ws60
lanusb
procmon10
w810bus
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-17 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
2012-04-15 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
FF - ProfilePath - c:\documents and settings\Mike Hoover\Application Data\Mozilla\Firefox\Profiles\h1ofpo0d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Myibidder (Myibay) Bid Sniper for eBay: firefox1@myibay.com - %profile%\extensions\firefox1@myibay.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-17 05:13
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\sskbfd]
"ImagePath"=""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(6760)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\System32\SCardSvr.exe
c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\System32\locator.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Seagate\Seagate Dashboard\MemeoDashboard.exe
c:\program files\Memeo\Memeo Send\MemeoSend.exe
c:\program files\Memeo\AutoBackup\InstantBackup.exe
c:\program files\Memeo\AutoBackup\MemeoUpdater.exe
.
**************************************************************************
.
Completion time: 2012-04-17 05:27:08 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-17 09:26
ComboFix2.txt 2012-04-13 06:10
ComboFix3.txt 2012-04-10 23:00
ComboFix4.txt 2012-04-10 21:53
ComboFix5.txt 2012-04-17 08:58
.
Pre-Run: 51,769,405,440 bytes free
Post-Run: 51,755,446,272 bytes free
.
- - End Of File - - 877757EEFF49AC6F3E2FA2BC0BB5A2D6

GreenWithEnvy
2012-04-17, 13:33
My firewall started up on reboot.

I have a number of suspicious processes/services and I'm going to list them. If you know if I can delete them with no ill affects, please let me know. None have descriptions or the descriptions match the display name. Some are listed as automatic, but only one process is actually running.

I just now realize that I don't know how to delete a process, but I could disable them. I was going to delete the last one on the list because it references an exe file that doesn't exist, but it seems all I can do is disable it.


Service name: pcscnsrv Displayname Asusgsb
Service name: vstor2-ws60 Displayname CTEDSPSY.DLL
Service name: ctdvda2k Display name: Cwcspud
Service name: houdiniserver Display name: Dot4ufd
Service name: HFACSVC Display name: Dvpapi
Service name: atikmdag Display name: Hcf_msft
Service name: aegisp Display name: RIOUNIV
Service name: efs Display name: Szserver
Service name: wscsvc Display name: wscsvc (this one is running. When I click on properties, a message says Configuration Manager: The specified device instance handle does not correspond to a present device)
Service name: ZipToA Display name: ZipToA

jeffce
2012-04-17, 17:49
Hi...Did you used to have Webroot by chance?

None of the process/services are malware related that I see.

GreenWithEnvy
2012-04-17, 17:54
I don't know what webroot is, so the odds are that I didn't have it.

jeffce
2012-04-17, 18:07
Ok...that is what I was wanting to know. :)

Please delete the current version of Combofix.exe from your desktop and download a new version from here (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) to your desktop.

Disable your AntiVirus and AntiSpyware applications.



Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:


ClearJavaCache::

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet004\Services\sskbfd]

RegLock::
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]


Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

http://img.photobucket.com/albums/v706/ried7/CFScriptB-4.gif

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------
---------

GreenWithEnvy
2012-04-17, 18:10
I see that webroot is an antil-malware program. No, I definitely never used that.

I do have an issue where I cannot run Microsoft Fixit Center anymore. Or download and install the latest version. When other people reported the same issue I'm having, they say:

The presence of the registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf" is one of the confirmed causes of this particular error. May I ask what anti-virus/anti-malware software you have ever tried on this computer? I believe the registry key has been previously added to your computer to thwart malware on removable devices. But the registry key unconditionally block both illegitimate and legitimate programs, including setup program for the Fix it Center application.

This is me talking again. So it appears that maybe combo fix set a registry entry to try to protect me in the future? But it may also cause me not to be able to install or run certain software anymore. Do you have any info on this?

jeffce
2012-04-17, 20:18
Hi,


So it appears that maybe combo fix set a registry entry to try to protect me in the future?Yes ComboFix will automatically set it to where the autorun feature will be disabled for USB drives so that malware cannot automatically load onto a system.

If you are not comfortable using ComboFix then we can use another tool. Just let me know.

GreenWithEnvy
2012-04-17, 20:34
I will follow your instructions tonight and post the Combofix log.

I'm running the Microsoft Fixit Center downloader off my C drive, not off of a USB drive of any kind, so I'm not understanding exactly. It sounds like a good feature. I'm just not understanding why it prevents a legit program from running from my C drive and also wondering if it's going to effect other attempts at loading software. I can alter the registry, load the program and then put the registry back. Maybe it's just the dumb way microsoft decided to have you load this app, not using it's own installer software.

jeffce
2012-04-18, 01:03
No that is not from ComboFix at all.

What you are describing seems like it could be more problems created by the infection that was on your system. I understand your desire to get your computer back and in working order but please don't run any programs without being told. Even having the best of intentions, something may accidentally get removed that we did not want removed yet. With this infection, if there are certain files removed improperly or out of order, your computer could turn into a very nice paper weight and neither of us want that. :)

Just run ComboFix and post the log created.

GreenWithEnvy
2012-04-18, 15:17
Hello Jeff. I have not attempted to load software or in any way alter the computer. I only ran Combofix as instructed. The site is telling me the text is too long. I cut it in half and it was still too long. I tried to attach the log as a file and it says it's too big. So I'll have to post multiple posts until the entire log is here.

GreenWithEnvy
2012-04-18, 15:24
ComboFix 12-04-17.01 - Mike Hoover 04/18/2012 7:28.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.76 [GMT -4:00]
Running from: c:\temp\ComboFix.exe
Command switches used :: c:\documents and settings\Mike Hoover\Desktop\CFScript.txt
FW: Sunbelt Personal Firewall *Enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\dllcache\qedit.dll.new
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-03-18 to 2012-04-18 )))))))))))))))))))))))))))))))
.
.
2012-04-17 09:12 . 2012-04-17 09:12 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Seagate
2012-04-17 01:48 . 2012-04-17 01:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MemeoCommon
2012-04-17 01:47 . 2012-04-17 09:13 -------- d-----w- c:\documents and settings\Mike Hoover\Application Data\Memeo
2012-04-17 01:47 . 2012-04-17 01:47 -------- d-----w- c:\documents and settings\Mike Hoover\Application Data\Seagate
2012-04-17 01:47 . 2012-04-17 01:47 -------- d-----w- c:\documents and settings\LocalService\Application Data\Seagate
2012-04-17 01:45 . 2012-04-17 01:45 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ServiceTest
2012-04-17 01:45 . 2012-04-17 01:47 -------- d-----w- c:\program files\Common Files\Memeo
2012-04-17 01:45 . 2012-04-17 01:46 -------- d-----w- c:\program files\Memeo
2012-04-17 01:45 . 2012-04-17 01:45 -------- d-----w- c:\documents and settings\Mike Hoover\Local Settings\Application Data\temp
2012-04-15 15:39 . 2012-04-15 15:39 -------- d-----w- c:\windows\system32\wbem\Repository
2012-04-15 12:15 . 2012-04-18 11:23 -------- d-----w- c:\windows\system32\CatRoot2
2012-04-15 12:08 . 2001-08-18 02:36 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2012-04-15 12:08 . 2001-08-18 02:36 12288 ----a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2012-04-15 12:08 . 2001-08-18 02:36 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll
2012-04-15 12:08 . 2001-08-18 02:36 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2012-04-15 12:08 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe
2012-04-15 12:07 . 2001-08-18 02:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2012-04-15 12:06 . 2001-08-18 02:36 65536 ----a-w- c:\windows\system32\dllcache\EXCH_mailmsg.dll
2012-04-15 12:04 . 2001-08-17 17:28 595647 ----a-w- c:\windows\system32\dllcache\es56cvmp.sys
2012-04-15 12:03 . 2001-08-18 02:36 32256 ----a-w- c:\windows\system32\dllcache\diapi2NT.dll
2012-04-15 12:02 . 2008-04-13 18:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
2012-04-15 12:02 . 2001-08-17 18:55 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
2012-04-15 12:02 . 2001-08-17 16:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2012-04-15 12:02 . 2001-08-17 18:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
2012-04-15 12:02 . 2001-08-17 17:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
2012-04-14 18:48 . 2012-04-15 12:38 -------- d-----w- C:\ERDNT
2012-04-14 17:34 . 2012-04-14 17:34 -------- d-----w- c:\program files\Broadcom
2012-04-14 17:26 . 2002-08-29 10:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2012-04-14 13:55 . 2012-04-14 13:55 -------- d-----w- c:\program files\CONEXANT
2012-04-14 13:55 . 2002-10-07 16:29 11027 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2012-04-14 13:55 . 2002-10-07 16:17 69632 ----a-w- c:\windows\system32\mdmxsdk.dll
2012-04-14 13:55 . 2002-10-09 17:50 170499 ----a-w- c:\windows\system32\drivers\HSFHWBS2.sys
2012-04-14 13:55 . 2002-10-09 17:50 1175536 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2012-04-14 13:55 . 2002-10-09 17:44 604240 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2012-04-14 13:46 . 2002-09-26 22:04 27786 ----a-w- c:\windows\system32\HSFCI004.dll
2012-04-14 13:45 . 2001-08-22 12:42 13632 ----a-w- c:\windows\system32\drivers\omci.sys
2012-04-13 22:34 . 2006-03-02 00:30 618880 ----a-w- c:\windows\system32\drivers\IntelC52.sys
2012-04-13 22:34 . 2005-05-06 18:42 1339776 ----a-w- c:\windows\system32\drivers\IntelC51.sys
2012-04-13 22:34 . 2005-05-06 18:40 47360 ----a-w- c:\windows\system32\drivers\IntelC53.sys
2012-04-13 22:34 . 2005-05-06 18:40 36880 ----a-w- c:\windows\system32\drivers\mohfilt.sys
2012-04-13 22:34 . 2005-05-06 18:39 172032 ----a-w- c:\windows\system32\intelmoh.dll
2012-04-13 22:34 . 2005-05-06 18:39 49152 ----a-w- c:\windows\system32\mhwt.dll
2012-04-11 12:00 . 2012-04-11 12:00 1409 ----a-w- c:\windows\QTFont.for
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\dllcache\afd.sys
2012-04-10 19:55 . 2007-04-26 14:21 302000 ----a-w- c:\windows\system32\drivers\fwdrv.sys
2012-04-08 23:44 . 2012-04-08 23:44 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-08 20:26 . 2012-04-08 20:26 -------- d-----w- c:\program files\ERUNT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-07 11:34 . 2008-03-18 23:50 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-07 11:34 . 2010-08-03 01:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 19:56 . 2010-05-01 12:23 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 01:25 . 2004-08-24 00:32 832512 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 01:25 . 2010-06-24 23:50 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-03-01 01:25 . 2002-08-29 10:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-03-01 01:25 . 2002-08-29 10:00 17408 ----a-w- c:\windows\system32\corpol.dll
2012-02-29 14:10 . 2002-08-29 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2002-08-29 10:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-25 13:11 . 2011-05-23 10:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:22 . 2002-08-29 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2001-02-27 00:16 . 2010-05-23 01:29 53295 ----a-w- c:\program files\opera\program\plugins\PlugDef.dll
.
.

GreenWithEnvy
2012-04-18, 15:28
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-05-02 4640768]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-14 28672]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-09-26 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-11-26 296056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Memeo Instant Backup"="c:\program files\Memeo\AutoBackup\MemeoLauncher2.exe" [2010-04-23 136416]
"Memeo AutoSync"="c:\program files\Memeo\AutoSync\MemeoLauncher2.exe" [2010-04-16 144608]
"Memeo Send"="c:\program files\Memeo\Memeo Send\MemeoLauncher.exe" [2009-11-05 236816]
"Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
.
c:\documents and settings\Mike Hoover\Start Menu\Programs\Startup\
Seagate Product Registration.lnk - c:\documents and settings\Mike Hoover\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe [2012-4-16 1731736]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2003-9-2 24576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\program files\Qualcomm\Eudora\EuShlExt.dll" [2002-09-30 86016]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" /hide
"MoneyStartUp10.0"="c:\program files\Microsoft Money\System\Activation.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Seagate\\Seagate Dashboard\\HipServAgent\\HipServAgent.exe"=
.
R1 fwdrv;Firewall Driver;c:\windows\SYSTEM32\DRIVERS\fwdrv.sys [4/10/2012 3:55 PM 302000]
R1 khips;Kerio HIPS Driver;c:\windows\SYSTEM32\DRIVERS\khips.sys [4/26/2007 10:21 AM 72624]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackup\MemeoBackgroundService.exe [4/22/2010 8:33 PM 25824]
R2 NgVpnMgr;Aventail VPN Client;c:\windows\SYSTEM32\ngvpnmgr.exe [5/18/2011 2:48 AM 290472]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [6/1/2011 12:42 PM 14088]
R3 NgLog;Aventail VPN Logging;c:\windows\SYSTEM32\DRIVERS\nglog.sys [5/18/2011 2:11 AM 27208]
R3 NgVpn;Aventail VPN Adapter;c:\windows\SYSTEM32\DRIVERS\ngvpn.sys [5/18/2011 2:11 AM 81480]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [4/26/2007 10:21 AM 1234480]
S3 MTK;Media Technology Kernel Driver;c:\windows\system32\Drivers\mtk.sys --> c:\windows\system32\Drivers\mtk.sys [?]
S3 NgFilter;Aventail VPN Filter;c:\windows\SYSTEM32\DRIVERS\ngfilter.sys [5/18/2011 2:11 AM 23112]
S3 NgWfp;Aventail VPN Callout;c:\windows\SYSTEM32\DRIVERS\ngwfp.sys [5/18/2011 2:11 AM 25160]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
efs
aegisp
nsm1bus
MRENDIS5
NWADI
w70n51
s117bus
ctaud2k
netdevio
rchost
houdiniserver
HFACSVC
ctdvda2k
atikmdag
pciSd
racsvc
defwatch
vpcnfltr
Subsonic
GT680x
sskbfd
aaksrv
zntport
vstor2-ws60
lanusb
procmon10
w810bus
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
2012-04-17 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Mike Hoover\Application Data\Mozilla\Firefox\Profiles\h1ofpo0d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Myibidder (Myibay) Bid Sniper for eBay: firefox1@myibay.com - %profile%\extensions\firefox1@myibay.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-18 07:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(5948)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\System32\SCardSvr.exe
c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\System32\locator.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\Memeo\AutoBackup\InstantBackup.exe
c:\program files\Memeo\AutoBackup\MemeoUpdater.exe
c:\program files\Seagate\Seagate Dashboard\MemeoDashboard.exe
c:\program files\Memeo\Memeo Send\MemeoSend.exe
c:\program files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-04-18 07:59:13 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-18 11:59
ComboFix2.txt 2012-04-17 09:27
ComboFix3.txt 2012-04-13 06:10
ComboFix4.txt 2012-04-10 23:00
ComboFix5.txt 2012-04-18 11:22
.
Pre-Run: 51,664,289,792 bytes free
Post-Run: 51,639,357,440 bytes free
.
- - End Of File - - B972C41E6B8F496FE49C89E063498EB0

GreenWithEnvy
2012-04-18, 15:31
((((((((((((((((((((((((((((( SnapShot@2012-04-10_20.28.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-18 11:48 . 2012-04-18 11:48 16384 c:\windows\Temp\Perflib_Perfdata_1f4.dat
+ 2012-04-13 19:08 . 2002-10-07 14:17 69632 c:\windows\SYSTEM32\ReinstallBackups\000A\DriverFiles\MDMXSDK.DLL
+ 2012-04-13 19:08 . 2002-10-29 22:33 27786 c:\windows\SYSTEM32\ReinstallBackups\000A\DriverFiles\HSFCI005.DLL
- 2002-08-29 10:00 . 2011-12-19 08:13 44544 c:\windows\SYSTEM32\pngfilt.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 44544 c:\windows\SYSTEM32\pngfilt.dll
+ 2003-09-03 00:03 . 2012-04-15 16:04 72380 c:\windows\SYSTEM32\PERFC009.DAT
- 2006-11-08 02:03 . 2011-12-19 08:13 52224 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2006-11-08 02:03 . 2012-03-01 01:25 52224 c:\windows\SYSTEM32\msfeedsbs.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 27648 c:\windows\SYSTEM32\jsproxy.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 27648 c:\windows\SYSTEM32\jsproxy.dll
+ 2006-11-07 08:26 . 2012-02-29 12:16 13824 c:\windows\SYSTEM32\ieudinit.exe
- 2006-11-07 08:26 . 2011-12-16 12:22 13824 c:\windows\SYSTEM32\ieudinit.exe
- 2002-08-29 10:00 . 2011-12-19 08:13 44544 c:\windows\SYSTEM32\iernonce.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 44544 c:\windows\SYSTEM32\iernonce.dll
+ 2002-08-29 10:00 . 2012-02-29 12:16 70656 c:\windows\SYSTEM32\ie4uinit.exe
- 2002-08-29 10:00 . 2011-12-16 12:22 70656 c:\windows\SYSTEM32\ie4uinit.exe
+ 2006-10-17 16:58 . 2012-03-01 01:25 63488 c:\windows\SYSTEM32\icardie.dll
- 2006-10-17 16:58 . 2011-12-19 08:13 63488 c:\windows\SYSTEM32\icardie.dll
+ 2012-04-15 12:10 . 2002-08-29 10:00 13894 c:\windows\SYSTEM32\DLLCACHE\zonelibm.dll
+ 2012-04-15 12:10 . 2002-08-29 10:00 29760 c:\windows\SYSTEM32\DLLCACHE\znetm.dll
+ 2012-04-15 12:10 . 2002-08-29 10:00 41029 c:\windows\SYSTEM32\DLLCACHE\zcorem.dll
+ 2012-04-15 12:10 . 2002-08-29 10:00 36937 c:\windows\SYSTEM32\DLLCACHE\zclientm.exe
+ 2012-04-15 12:10 . 2001-08-18 02:36 23040 c:\windows\SYSTEM32\DLLCACHE\xrxwbtmp.dll
+ 2012-04-15 12:10 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\xrxscnui.dll
+ 2012-04-15 12:10 . 2001-08-18 02:37 27648 c:\windows\SYSTEM32\DLLCACHE\xrxftplt.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 11776 c:\windows\SYSTEM32\DLLCACHE\xolehlp.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 50176 c:\windows\SYSTEM32\DLLCACHE\xmlprovi.dll
+ 2012-04-15 12:10 . 2001-08-18 02:37 99865 c:\windows\SYSTEM32\DLLCACHE\xlog.exe
+ 2012-04-15 12:10 . 2001-08-17 16:11 16970 c:\windows\SYSTEM32\DLLCACHE\xem336n5.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 30720 c:\windows\SYSTEM32\DLLCACHE\xcopy.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 91648 c:\windows\SYSTEM32\DLLCACHE\xactsrv.dll
+ 2003-03-10 17:25 . 2008-04-14 00:12 52736 c:\windows\SYSTEM32\DLLCACHE\wzcsapi.dll
+ 2012-04-15 12:10 . 2004-08-04 05:29 19455 c:\windows\SYSTEM32\DLLCACHE\wvchntxx.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 32256 c:\windows\SYSTEM32\DLLCACHE\wupdmgr.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 18432 c:\windows\SYSTEM32\DLLCACHE\wtsapi32.dll
+ 2003-09-03 00:03 . 2008-04-14 00:12 50688 c:\windows\SYSTEM32\DLLCACHE\wstdecod.dll
+ 2003-09-03 00:03 . 2008-04-13 18:46 19200 c:\windows\SYSTEM32\DLLCACHE\wstcodec.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 22528 c:\windows\SYSTEM32\DLLCACHE\wsock32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 41984 c:\windows\SYSTEM32\DLLCACHE\wsnmp32.dll
+ 2012-04-15 12:10 . 2004-08-04 05:29 12063 c:\windows\SYSTEM32\DLLCACHE\wsiintxx.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 19456 c:\windows\SYSTEM32\DLLCACHE\wshtcpip.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 11264 c:\windows\SYSTEM32\DLLCACHE\wshrm.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 11776 c:\windows\SYSTEM32\DLLCACHE\wshisn.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 14336 c:\windows\SYSTEM32\DLLCACHE\wship6.dll
+ 2002-08-29 10:00 . 2008-05-09 10:53 90112 c:\windows\SYSTEM32\DLLCACHE\wshext.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\SYSTEM32\DLLCACHE\wshext.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 36864 c:\windows\SYSTEM32\DLLCACHE\wshcon.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 80896 c:\windows\SYSTEM32\DLLCACHE\wscsvc.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 13824 c:\windows\SYSTEM32\DLLCACHE\wscntfy.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 12032 c:\windows\SYSTEM32\DLLCACHE\ws2ifsl.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 19968 c:\windows\SYSTEM32\DLLCACHE\ws2help.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 82432 c:\windows\SYSTEM32\DLLCACHE\ws2_32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 11264 c:\windows\SYSTEM32\DLLCACHE\wpnpinst.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 32256 c:\windows\SYSTEM32\DLLCACHE\wpabaln.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 13824 c:\windows\SYSTEM32\DLLCACHE\wowfaxui.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 10368 c:\windows\SYSTEM32\DLLCACHE\wowexec.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 20480 c:\windows\SYSTEM32\DLLCACHE\wmpui.dll
+ 2002-08-29 10:00 . 2006-10-19 02:47 99840 c:\windows\SYSTEM32\DLLCACHE\wmpshell.dll
+ 2003-04-11 19:11 . 2006-10-19 02:46 64000 c:\windows\SYSTEM32\DLLCACHE\wmplayer.exe
+ 2003-09-18 11:53 . 2008-04-14 00:12 20480 c:\windows\SYSTEM32\DLLCACHE\wmpcore.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 20480 c:\windows\SYSTEM32\DLLCACHE\wmpcd.dll
+ 2004-08-04 07:56 . 2006-10-19 02:47 96256 c:\windows\SYSTEM32\DLLCACHE\wmpband.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 95232 c:\windows\SYSTEM32\DLLCACHE\wmiutils.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 52224 c:\windows\SYSTEM32\DLLCACHE\wmitimep.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 41472 c:\windows\SYSTEM32\DLLCACHE\wmipsess.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 18944 c:\windows\SYSTEM32\DLLCACHE\wmiprop.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 62464 c:\windows\SYSTEM32\DLLCACHE\wmipjobj.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 61952 c:\windows\SYSTEM32\DLLCACHE\wmipiprt.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 75264 c:\windows\SYSTEM32\DLLCACHE\wmipicmp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 61440 c:\windows\SYSTEM32\DLLCACHE\wmimsg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 60928 c:\windows\SYSTEM32\DLLCACHE\wmicookr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 88576 c:\windows\SYSTEM32\DLLCACHE\wmiaprpl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 45568 c:\windows\SYSTEM32\DLLCACHE\wmi2xml.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 51200 c:\windows\SYSTEM32\DLLCACHE\wmerrenu.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 92672 c:\windows\SYSTEM32\DLLCACHE\wlnotify.dll
+ 2012-04-15 12:10 . 2001-08-17 16:12 34890 c:\windows\SYSTEM32\DLLCACHE\wlandrv2.sys
+ 2008-07-21 00:30 . 2008-04-14 00:12 69120 c:\windows\SYSTEM32\DLLCACHE\wlanapi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 25088 c:\windows\SYSTEM32\DLLCACHE\wisc10.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 18944 c:\windows\SYSTEM32\DLLCACHE\winstrm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 53760 c:\windows\SYSTEM32\DLLCACHE\winsta.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 17408 c:\windows\SYSTEM32\DLLCACHE\winshfhc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 99328 c:\windows\SYSTEM32\DLLCACHE\winscard.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 16896 c:\windows\SYSTEM32\DLLCACHE\winrnr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 11776 c:\windows\SYSTEM32\DLLCACHE\winmsd.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\winmgmtr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 13312 c:\windows\SYSTEM32\DLLCACHE\winmgmt.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 32256 c:\windows\SYSTEM32\DLLCACHE\winipsec.dll
+ 2003-09-06 01:37 . 2002-08-29 10:00 35328 c:\windows\SYSTEM32\DLLCACHE\winchat.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 13312 c:\windows\SYSTEM32\DLLCACHE\win87em.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 75776 c:\windows\SYSTEM32\DLLCACHE\wiascr.dll
+ 2012-04-15 12:10 . 2001-08-18 02:36 53760 c:\windows\SYSTEM32\DLLCACHE\wiamsmud.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 13600 c:\windows\SYSTEM32\DLLCACHE\wfwnet.drv
+ 2002-08-29 10:00 . 2008-04-14 00:12 65024 c:\windows\SYSTEM32\DLLCACHE\wextract.exe
+ 2012-04-15 12:10 . 2002-08-29 10:00 31232 c:\windows\SYSTEM32\DLLCACHE\weitekp9.sys
+ 2012-04-15 12:10 . 2002-08-29 10:00 41600 c:\windows\SYSTEM32\DLLCACHE\weitekp9.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 40448 c:\windows\SYSTEM32\DLLCACHE\webhits.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 68096 c:\windows\SYSTEM32\DLLCACHE\webclnt.dll
+ 2003-09-03 00:01 . 2008-04-13 19:17 83072 c:\windows\SYSTEM32\DLLCACHE\wdmaud.sys
- 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\DLLCACHE\wdigest.dll
+ 2002-08-29 10:00 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\DLLCACHE\wdigest.dll
+ 2012-04-15 12:09 . 2004-08-04 05:29 23615 c:\windows\SYSTEM32\DLLCACHE\wch7xxnt.sys
+ 2012-04-15 12:09 . 2008-04-13 18:45 31744 c:\windows\SYSTEM32\DLLCACHE\wceusbsh.sys
+ 2012-04-15 12:09 . 2001-08-17 16:10 35871 c:\windows\SYSTEM32\DLLCACHE\wbfirdma.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 43520 c:\windows\SYSTEM32\DLLCACHE\wbemsvc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\wbemprox.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 43008 c:\windows\SYSTEM32\DLLCACHE\wbemperf.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 71680 c:\windows\SYSTEM32\DLLCACHE\wbemcons.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12288 c:\windows\SYSTEM32\DLLCACHE\wbemads.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12288 c:\windows\SYSTEM32\DLLCACHE\wb32.exe
+ 2012-04-15 12:09 . 2004-08-04 05:29 25471 c:\windows\SYSTEM32\DLLCACHE\watv10nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 22271 c:\windows\SYSTEM32\DLLCACHE\watv06nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 33599 c:\windows\SYSTEM32\DLLCACHE\watv04nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 19551 c:\windows\SYSTEM32\DLLCACHE\watv02nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 29311 c:\windows\SYSTEM32\DLLCACHE\watv01nt.sys
+ 2002-08-29 10:00 . 2008-04-13 18:44 17664 c:\windows\SYSTEM32\DLLCACHE\watchdog.sys
+ 2002-08-29 10:00 . 2008-04-13 18:57 34560 c:\windows\SYSTEM32\DLLCACHE\wanarp.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 11935 c:\windows\SYSTEM32\DLLCACHE\wadv11nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 11871 c:\windows\SYSTEM32\DLLCACHE\wadv09nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 11295 c:\windows\SYSTEM32\DLLCACHE\wadv08nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 11807 c:\windows\SYSTEM32\DLLCACHE\wadv07nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 11775 c:\windows\SYSTEM32\DLLCACHE\wadv05nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 12127 c:\windows\SYSTEM32\DLLCACHE\wadv02nt.sys
+ 2012-04-15 12:09 . 2004-08-04 05:29 12415 c:\windows\SYSTEM32\DLLCACHE\wadv01nt.sys
+ 2004-08-04 06:04 . 2008-04-13 18:43 14208 c:\windows\SYSTEM32\DLLCACHE\wacompen.sys
+ 2003-03-03 20:57 . 2008-04-14 00:12 30208 c:\windows\SYSTEM32\DLLCACHE\wabmig.exe
+ 2003-03-03 20:57 . 2008-04-14 00:12 85504 c:\windows\SYSTEM32\DLLCACHE\wabimp.dll
+ 2003-03-03 20:57 . 2008-04-14 00:12 32768 c:\windows\SYSTEM32\DLLCACHE\wabfind.dll
- 2010-12-17 00:24 . 2010-10-11 14:59 45568 c:\windows\SYSTEM32\DLLCACHE\wab.exe
+ 2003-03-03 20:57 . 2010-10-11 14:59 45568 c:\windows\SYSTEM32\DLLCACHE\wab.exe
+ 2012-04-15 12:09 . 2001-08-17 16:13 16925 c:\windows\SYSTEM32\DLLCACHE\w940nd.sys
+ 2012-04-15 12:09 . 2001-08-17 16:13 19016 c:\windows\SYSTEM32\DLLCACHE\w926nd.sys
+ 2012-04-15 12:09 . 2001-08-17 16:13 19528 c:\windows\SYSTEM32\DLLCACHE\w840nd.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 15872 c:\windows\SYSTEM32\DLLCACHE\w3ssl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 22016 c:\windows\SYSTEM32\DLLCACHE\w32topl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 49664 c:\windows\SYSTEM32\DLLCACHE\w32tm.exe
+ 2012-04-15 12:09 . 2002-08-29 10:00 48256 c:\windows\SYSTEM32\DLLCACHE\w32.dll
+ 2012-04-15 12:09 . 2001-08-17 17:28 64605 c:\windows\SYSTEM32\DLLCACHE\vvoice.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 33792 c:\windows\SYSTEM32\DLLCACHE\vssadmin.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 16896 c:\windows\SYSTEM32\DLLCACHE\vss_ps.dll
+ 2002-08-29 10:00 . 2008-04-13 18:41 52352 c:\windows\SYSTEM32\DLLCACHE\volsnap.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 18944 c:\windows\SYSTEM32\DLLCACHE\vmmreg32.dll
+ 2002-08-29 10:00 . 2008-04-13 18:44 81664 c:\windows\SYSTEM32\DLLCACHE\videoprt.sys
+ 2012-04-15 12:09 . 2001-08-17 17:49 24576 c:\windows\SYSTEM32\DLLCACHE\viairda.sys
+ 2001-08-17 18:58 . 2008-04-13 18:36 42240 c:\windows\SYSTEM32\DLLCACHE\viaagp.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 18176 c:\windows\SYSTEM32\DLLCACHE\vga64k.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 51456 c:\windows\SYSTEM32\DLLCACHE\vga256.dll
+ 2002-08-29 10:00 . 2008-04-13 18:44 20992 c:\windows\SYSTEM32\DLLCACHE\vga.sys
+ 2005-03-26 13:21 . 2008-04-14 00:12 53760 c:\windows\SYSTEM32\DLLCACHE\vfwwdm32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\version.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 98304 c:\windows\SYSTEM32\DLLCACHE\verifier.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 26624 c:\windows\SYSTEM32\DLLCACHE\verifier.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 51712 c:\windows\SYSTEM32\DLLCACHE\vdmredir.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 58112 c:\windows\SYSTEM32\DLLCACHE\vdmindvd.sys
+ 2004-06-17 17:58 . 2008-04-14 00:12 26112 c:\windows\SYSTEM32\DLLCACHE\vdmdbg.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 11325 c:\windows\SYSTEM32\DLLCACHE\vchnt5.dll
+ 2004-04-19 03:13 . 2008-04-14 00:12 30749 c:\windows\SYSTEM32\DLLCACHE\vbajet32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 50176 c:\windows\SYSTEM32\DLLCACHE\utilman.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 25600 c:\windows\SYSTEM32\DLLCACHE\utildll.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 49211 c:\windows\SYSTEM32\DLLCACHE\usrvpa.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 45116 c:\windows\SYSTEM32\DLLCACHE\usrvoica.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 49209 c:\windows\SYSTEM32\DLLCACHE\usrv80a.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 41019 c:\windows\SYSTEM32\DLLCACHE\usrsvpia.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 69700 c:\windows\SYSTEM32\DLLCACHE\usrshuta.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 49211 c:\windows\SYSTEM32\DLLCACHE\usrsdpia.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 77883 c:\windows\SYSTEM32\DLLCACHE\usrrtosa.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 61508 c:\windows\SYSTEM32\DLLCACHE\usrprbda.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 77891 c:\windows\SYSTEM32\DLLCACHE\usrmlnka.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 53305 c:\windows\SYSTEM32\DLLCACHE\usrlbva.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 86073 c:\windows\SYSTEM32\DLLCACHE\usrfaxa.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 77890 c:\windows\SYSTEM32\DLLCACHE\usrdpa.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 69699 c:\windows\SYSTEM32\DLLCACHE\usrcoina.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 61500 c:\windows\SYSTEM32\DLLCACHE\usrcntra.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 26112 c:\windows\SYSTEM32\DLLCACHE\userinit.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 47872 c:\windows\SYSTEM32\DLLCACHE\user.exe
+ 2003-09-18 21:18 . 2008-04-13 18:45 26368 c:\windows\SYSTEM32\DLLCACHE\usbstor.sys
+ 2012-04-15 12:09 . 2008-04-13 18:45 26112 c:\windows\SYSTEM32\DLLCACHE\usbser.sys
+ 2003-09-16 01:23 . 2008-04-13 18:45 15104 c:\windows\SYSTEM32\DLLCACHE\usbscan.sys
+ 2004-07-09 17:27 . 2008-04-13 18:47 25856 c:\windows\SYSTEM32\DLLCACHE\usbprint.sys
+ 2012-04-15 12:09 . 2008-04-13 18:45 17152 c:\windows\SYSTEM32\DLLCACHE\usbohci.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 16896 c:\windows\SYSTEM32\DLLCACHE\usbmon.dll
+ 2002-08-29 10:00 . 2008-04-13 18:45 15872 c:\windows\SYSTEM32\DLLCACHE\usbintel.sys
+ 2003-09-03 00:00 . 2008-04-13 18:45 30208 c:\windows\SYSTEM32\DLLCACHE\usbehci.sys
+ 2002-08-29 10:00 . 2008-04-13 18:45 25728 c:\windows\SYSTEM32\DLLCACHE\usbcamd2.sys
+ 2002-08-29 10:00 . 2008-04-13 18:45 25600 c:\windows\SYSTEM32\DLLCACHE\usbcamd.sys
+ 2004-08-04 06:04 . 2008-04-13 18:56 12800 c:\windows\SYSTEM32\DLLCACHE\usb8023x.sys
+ 2002-08-29 10:00 . 2008-04-13 18:56 12800 c:\windows\SYSTEM32\DLLCACHE\usb8023.sys
+ 2012-04-15 12:09 . 2002-08-29 02:59 32384 c:\windows\SYSTEM32\DLLCACHE\usb101et.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 17920 c:\windows\SYSTEM32\DLLCACHE\ureg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 18432 c:\windows\SYSTEM32\DLLCACHE\ups.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 16896 c:\windows\SYSTEM32\DLLCACHE\upnpcont.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 16896 c:\windows\SYSTEM32\DLLCACHE\unsecapp.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 13824 c:\windows\SYSTEM32\DLLCACHE\uniplat.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 74240 c:\windows\SYSTEM32\DLLCACHE\unimdmat.dll
+ 2012-04-15 12:09 . 2002-08-29 10:00 32339 c:\windows\SYSTEM32\DLLCACHE\uniansi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 13312 c:\windows\SYSTEM32\DLLCACHE\umdmxfrm.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 94720 c:\windows\SYSTEM32\DLLCACHE\umaxud32.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 28160 c:\windows\SYSTEM32\DLLCACHE\umaxu40.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 26624 c:\windows\SYSTEM32\DLLCACHE\umaxu22.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 69632 c:\windows\SYSTEM32\DLLCACHE\umaxu12.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 50688 c:\windows\SYSTEM32\DLLCACHE\umaxscan.dll
+ 2012-04-15 12:09 . 2001-08-17 17:58 22912 c:\windows\SYSTEM32\DLLCACHE\umaxpcls.sys
+ 2012-04-15 12:09 . 2001-08-18 02:36 50176 c:\windows\SYSTEM32\DLLCACHE\umaxp60.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 47616 c:\windows\SYSTEM32\DLLCACHE\umaxcam.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 35840 c:\windows\SYSTEM32\DLLCACHE\umandlg.dll
+ 2001-08-17 18:52 . 2001-08-17 18:52 36736 c:\windows\SYSTEM32\DLLCACHE\ultra.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 82432 c:\windows\SYSTEM32\DLLCACHE\ufat.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 26624 c:\windows\SYSTEM32\DLLCACHE\udhisapi.dll
+ 2002-08-29 10:00 . 2008-04-13 18:32 66048 c:\windows\SYSTEM32\DLLCACHE\udfs.sys
+ 2004-08-04 06:07 . 2008-04-13 18:36 44672 c:\windows\SYSTEM32\DLLCACHE\uagp35.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 25600 c:\windows\SYSTEM32\DLLCACHE\twunk_32.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 49680 c:\windows\SYSTEM32\DLLCACHE\twunk_16.exe
+ 2012-04-15 12:09 . 2001-08-17 17:48 11520 c:\windows\SYSTEM32\DLLCACHE\twotrack.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 57856 c:\windows\SYSTEM32\DLLCACHE\twext.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 50688 c:\windows\SYSTEM32\DLLCACHE\twain_32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 94784 c:\windows\SYSTEM32\DLLCACHE\twain.dll
+ 2002-08-29 10:00 . 2008-04-13 18:56 12288 c:\windows\SYSTEM32\DLLCACHE\tunmp.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 16896 c:\windows\SYSTEM32\DLLCACHE\tsshutdn.exe
+ 2012-04-15 12:09 . 2002-08-29 10:00 14336 c:\windows\SYSTEM32\DLLCACHE\tsprof.exe
+ 2008-07-21 00:30 . 2008-04-14 00:12 50688 c:\windows\SYSTEM32\DLLCACHE\tspkg.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\tskill.exe
+ 2008-07-21 00:30 . 2008-04-14 00:12 53248 c:\windows\SYSTEM32\DLLCACHE\tsgqec.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\tsdiscon.exe
+ 2002-08-29 10:00 . 2008-04-14 00:13 12168 c:\windows\SYSTEM32\DLLCACHE\tsddd.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 15360 c:\windows\SYSTEM32\DLLCACHE\tsd32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\tscon.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 93696 c:\windows\SYSTEM32\DLLCACHE\tscfgwmi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 21376 c:\windows\SYSTEM32\DLLCACHE\tsbvcap.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 52224 c:\windows\SYSTEM32\DLLCACHE\tsappcmp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 59904 c:\windows\SYSTEM32\DLLCACHE\trnsprov.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 90112 c:\windows\SYSTEM32\DLLCACHE\trkwks.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 40960 c:\windows\SYSTEM32\DLLCACHE\trialoc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 31232 c:\windows\SYSTEM32\DLLCACHE\traffic.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 31744 c:\windows\SYSTEM32\DLLCACHE\tracert6.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 12288 c:\windows\SYSTEM32\DLLCACHE\tracert.exe
+ 2012-04-15 12:09 . 2001-08-17 16:12 34375 c:\windows\SYSTEM32\DLLCACHE\tpro4.sys
+ 2012-04-15 12:09 . 2001-08-18 02:35 42496 c:\windows\SYSTEM32\DLLCACHE\tp4res.dll
+ 2012-04-15 12:09 . 2008-04-14 00:12 82944 c:\windows\SYSTEM32\DLLCACHE\tp4mon.exe
+ 2012-04-15 12:09 . 2001-08-18 02:36 31744 c:\windows\SYSTEM32\DLLCACHE\tp4.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 51712 c:\windows\SYSTEM32\DLLCACHE\tosdvd.sys
+ 2012-04-15 12:09 . 2001-08-17 16:10 28232 c:\windows\SYSTEM32\DLLCACHE\tos4mo.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 13888 c:\windows\SYSTEM32\DLLCACHE\toolhelp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 61952 c:\windows\SYSTEM32\DLLCACHE\tmplprov.dll
+ 2012-04-15 12:09 . 2001-08-17 18:56 81408 c:\windows\SYSTEM32\DLLCACHE\tgiul50.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16896 c:\windows\SYSTEM32\DLLCACHE\tftp.exe
+ 2002-08-29 08:46 . 2008-04-14 00:13 40840 c:\windows\SYSTEM32\DLLCACHE\termdd.sys
+ 2002-08-29 10:00 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe
- 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe
+ 2002-08-29 10:00 . 2008-04-14 00:13 21896 c:\windows\SYSTEM32\DLLCACHE\tdtcp.sys
+ 2012-04-15 12:09 . 2002-08-29 10:00 19464 c:\windows\SYSTEM32\DLLCACHE\tdspx.sys
+ 2002-08-29 10:00 . 2008-04-14 00:13 12040 c:\windows\SYSTEM32\DLLCACHE\tdpipe.sys
+ 2012-04-15 12:09 . 2001-08-17 16:13 17129 c:\windows\SYSTEM32\DLLCACHE\tdkcd31.sys
+ 2012-04-15 12:09 . 2001-08-17 16:13 37961 c:\windows\SYSTEM32\DLLCACHE\tdk100b.sys
+ 2012-04-15 12:09 . 2002-08-29 10:00 21896 c:\windows\SYSTEM32\DLLCACHE\tdipx.sys
+ 2002-08-29 10:00 . 2008-04-13 19:00 19072 c:\windows\SYSTEM32\DLLCACHE\tdi.sys
+ 2012-04-15 12:09 . 2002-08-29 10:00 13192 c:\windows\SYSTEM32\DLLCACHE\tdasync.sys
+ 2004-08-04 07:56 . 2007-04-02 16:36 16384 c:\windows\SYSTEM32\DLLCACHE\tcptsat.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 32827 c:\windows\SYSTEM32\DLLCACHE\tcptest.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 19456 c:\windows\SYSTEM32\DLLCACHE\tcpsvcs.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 45568 c:\windows\SYSTEM32\DLLCACHE\tcpmonui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 45568 c:\windows\SYSTEM32\DLLCACHE\tcpmon.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 14848 c:\windows\SYSTEM32\DLLCACHE\tcpmib.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12288 c:\windows\SYSTEM32\DLLCACHE\tcmsetup.exe
+ 2012-04-15 12:09 . 2001-08-17 17:49 30464 c:\windows\SYSTEM32\DLLCACHE\tbatm155.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 15360 c:\windows\SYSTEM32\DLLCACHE\taskman.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 19200 c:\windows\SYSTEM32\DLLCACHE\tapi.dll
+ 2002-08-29 10:00 . 2008-04-13 18:40 14976 c:\windows\SYSTEM32\DLLCACHE\tape.sys
+ 2012-04-15 12:09 . 2001-08-17 16:50 36640 c:\windows\SYSTEM32\DLLCACHE\t2r4mini.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 36864 c:\windows\SYSTEM32\DLLCACHE\syskey.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 15872 c:\windows\SYSTEM32\DLLCACHE\sysinv.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 18896 c:\windows\SYSTEM32\DLLCACHE\sysedit.exe
+ 2003-09-03 00:01 . 2008-04-13 19:15 60800 c:\windows\SYSTEM32\DLLCACHE\sysaudio.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 57856 c:\windows\SYSTEM32\DLLCACHE\synceng.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 51200 c:\windows\SYSTEM32\DLLCACHE\syncapp.exe
+ 2001-08-17 19:07 . 2001-08-17 19:07 32640 c:\windows\SYSTEM32\DLLCACHE\symc8xx.sys
+ 2001-08-17 19:07 . 2001-08-17 19:07 16256 c:\windows\SYSTEM32\DLLCACHE\symc810.sys
+ 2001-08-17 19:07 . 2001-08-17 19:07 30688 c:\windows\SYSTEM32\DLLCACHE\sym_u3.sys
+ 2001-08-17 19:07 . 2001-08-17 19:07 28384 c:\windows\SYSTEM32\DLLCACHE\sym_hi.sys
+ 2012-04-15 12:09 . 2001-08-18 02:36 94293 c:\windows\SYSTEM32\DLLCACHE\sxports.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 10240 c:\windows\SYSTEM32\DLLCACHE\swpidflt.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 10240 c:\windows\SYSTEM32\DLLCACHE\swpdflt2.dll
+ 2003-09-03 00:01 . 2008-04-13 18:45 56576 c:\windows\SYSTEM32\DLLCACHE\swmidi.sys
+ 2012-04-15 12:09 . 2001-08-18 02:36 53760 c:\windows\SYSTEM32\DLLCACHE\sw_wheel.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 41472 c:\windows\SYSTEM32\DLLCACHE\sw_effct.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 14336 c:\windows\SYSTEM32\DLLCACHE\svchost.exe
+ 2004-08-04 07:56 . 2009-10-21 05:38 75776 c:\windows\SYSTEM32\DLLCACHE\strmfilt.dll
- 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\SYSTEM32\DLLCACHE\strmfilt.dll
+ 2003-09-03 00:03 . 2008-04-13 18:46 15232 c:\windows\SYSTEM32\DLLCACHE\streamip.sys
+ 2002-08-29 08:41 . 2008-04-14 00:12 74752 c:\windows\SYSTEM32\DLLCACHE\storprop.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 53248 c:\windows\SYSTEM32\DLLCACHE\stlncoin.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 14848 c:\windows\SYSTEM32\DLLCACHE\stimon.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 68096 c:\windows\SYSTEM32\DLLCACHE\sti.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 86528 c:\windows\SYSTEM32\DLLCACHE\stdprov.dll
+ 2012-04-15 12:09 . 2001-08-17 17:51 16896 c:\windows\SYSTEM32\DLLCACHE\stcusb.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 59392 c:\windows\SYSTEM32\DLLCACHE\stclient.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 26624 c:\windows\SYSTEM32\DLLCACHE\startoc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 33280 c:\windows\SYSTEM32\DLLCACHE\sstub.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 14336 c:\windows\SYSTEM32\DLLCACHE\ssstars.scr
+ 2002-08-29 10:00 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\ssmyst.scr
+ 2002-08-29 10:00 . 2008-04-14 00:12 47104 c:\windows\SYSTEM32\DLLCACHE\ssmypics.scr
+ 2002-08-29 10:00 . 2008-04-14 00:12 20992 c:\windows\SYSTEM32\DLLCACHE\ssmarque.scr
+ 2002-08-29 10:00 . 2008-04-14 00:12 71680 c:\windows\SYSTEM32\DLLCACHE\ssdpsrv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 34816 c:\windows\SYSTEM32\DLLCACHE\ssdpapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 19968 c:\windows\SYSTEM32\DLLCACHE\ssbezier.scr
+ 2012-04-15 12:09 . 2001-08-17 16:11 48736 c:\windows\SYSTEM32\DLLCACHE\srwlnd5.sys
+ 2002-08-29 10:00 . 2010-08-27 05:57 99840 c:\windows\SYSTEM32\DLLCACHE\srvsvc.dll
- 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\SYSTEM32\DLLCACHE\srvsvc.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 99328 c:\windows\SYSTEM32\DLLCACHE\srusd.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 47104 c:\windows\SYSTEM32\DLLCACHE\srdiag.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 67584 c:\windows\SYSTEM32\DLLCACHE\srclient.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 58434 c:\windows\SYSTEM32\DLLCACHE\srchctls.dll
+ 2002-08-29 10:00 . 2008-04-13 18:36 73472 c:\windows\SYSTEM32\DLLCACHE\sr.sys
+ 2012-04-15 12:08 . 2001-08-18 02:36 24660 c:\windows\SYSTEM32\DLLCACHE\spxupchk.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 24661 c:\windows\SYSTEM32\DLLCACHE\spxcoins.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 72192 c:\windows\SYSTEM32\DLLCACHE\sprio800.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 70656 c:\windows\SYSTEM32\DLLCACHE\sprio600.dll
+ 2002-08-29 10:00 . 2010-08-17 13:17 58880 c:\windows\SYSTEM32\DLLCACHE\spoolsv.exe
- 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\SYSTEM32\DLLCACHE\spoolsv.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 75264 c:\windows\SYSTEM32\DLLCACHE\spoolss.dll
+ 2004-10-31 14:13 . 2008-04-14 09:42 11264 c:\windows\SYSTEM32\DLLCACHE\spnpinst.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 69632 c:\windows\SYSTEM32\DLLCACHE\spnike.dll
+ 2002-08-29 10:00 . 2008-04-13 16:43 62976 c:\windows\SYSTEM32\DLLCACHE\spgrmr.dll
+ 2012-04-15 12:08 . 2001-08-17 17:51 61824 c:\windows\SYSTEM32\DLLCACHE\speed.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 61440 c:\windows\SYSTEM32\DLLCACHE\spcplui.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 77824 c:\windows\SYSTEM32\DLLCACHE\spcommon.dll
+ 2001-08-17 19:07 . 2001-08-17 19:07 19072 c:\windows\SYSTEM32\DLLCACHE\sparrow.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 24576 c:\windows\SYSTEM32\DLLCACHE\sort.exe
+ 2012-04-15 12:08 . 2001-08-17 16:51 37040 c:\windows\SYSTEM32\DLLCACHE\sonypi.sys
+ 2012-04-15 12:08 . 2001-08-17 16:51 20752 c:\windows\SYSTEM32\DLLCACHE\sonync.sys
+ 2002-08-29 10:00 . 2008-04-13 18:46 25344 c:\windows\SYSTEM32\DLLCACHE\sonydcam.sys
+ 2003-09-06 01:36 . 2002-08-29 10:00 56832 c:\windows\SYSTEM32\DLLCACHE\sol.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 39936 c:\windows\SYSTEM32\DLLCACHE\snmpthrd.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 10240 c:\windows\SYSTEM32\DLLCACHE\snmpstup.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\snmpapi.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 33280 c:\windows\SYSTEM32\DLLCACHE\snmp.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 34816 c:\windows\SYSTEM32\DLLCACHE\sniffpol.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 40960 c:\windows\SYSTEM32\DLLCACHE\smtpcons.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 50688 c:\windows\SYSTEM32\DLLCACHE\smss.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 89600 c:\windows\SYSTEM32\DLLCACHE\smlogsvc.exe
+ 2012-04-15 12:08 . 2001-08-17 16:51 58368 c:\windows\SYSTEM32\DLLCACHE\smiminib.sys
+ 2012-04-15 12:08 . 2002-08-29 10:00 15872 c:\windows\SYSTEM32\DLLCACHE\smierrsm.dll
+ 2012-04-15 12:08 . 2001-08-17 16:12 25034 c:\windows\SYSTEM32\DLLCACHE\smcpwr2n.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 14592 c:\windows\SYSTEM32\DLLCACHE\smclib.sys
+ 2012-04-15 12:08 . 2001-08-17 16:10 35913 c:\windows\SYSTEM32\DLLCACHE\smcirda.sys
+ 2012-04-15 12:08 . 2001-08-17 16:12 24576 c:\windows\SYSTEM32\DLLCACHE\smc8000n.sys
+ 2012-04-15 12:08 . 2008-04-13 18:36 16000 c:\windows\SYSTEM32\DLLCACHE\smbbatt.sys
+ 2012-04-15 12:08 . 2002-08-29 10:00 31744 c:\windows\SYSTEM32\DLLCACHE\smb6w.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 45568 c:\windows\SYSTEM32\DLLCACHE\smb3w.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 33792 c:\windows\SYSTEM32\DLLCACHE\smb0w.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 31744 c:\windows\SYSTEM32\DLLCACHE\sma3w.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 28672 c:\windows\SYSTEM32\DLLCACHE\sma0w.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 38912 c:\windows\SYSTEM32\DLLCACHE\sm9aw.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 26624 c:\windows\SYSTEM32\DLLCACHE\sm93w.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 26624 c:\windows\SYSTEM32\DLLCACHE\sm92w.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 28160 c:\windows\SYSTEM32\DLLCACHE\sm91w.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 26112 c:\windows\SYSTEM32\DLLCACHE\sm90w.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 26112 c:\windows\SYSTEM32\DLLCACHE\sm8dw.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 29184 c:\windows\SYSTEM32\DLLCACHE\sm8cw.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 26112 c:\windows\SYSTEM32\DLLCACHE\sm8aw.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 26112 c:\windows\SYSTEM32\DLLCACHE\sm89w.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 30208 c:\windows\SYSTEM32\DLLCACHE\sm87w.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 30208 c:\windows\SYSTEM32\DLLCACHE\sm81w.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 25088 c:\windows\SYSTEM32\DLLCACHE\sm59w.dll
+ 2012-04-15 12:08 . 2004-08-04 05:41 13240 c:\windows\SYSTEM32\DLLCACHE\slwdmsup.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 73796 c:\windows\SYSTEM32\DLLCACHE\slserv.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 32866 c:\windows\SYSTEM32\DLLCACHE\slrundll.exe
+ 2012-04-15 12:08 . 2004-08-04 05:41 95424 c:\windows\SYSTEM32\DLLCACHE\slnthal.sys
+ 2003-09-03 00:03 . 2008-04-13 18:46 11136 c:\windows\SYSTEM32\DLLCACHE\slip.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 73832 c:\windows\SYSTEM32\DLLCACHE\slcoinst.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\slbrccsp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 98304 c:\windows\SYSTEM32\DLLCACHE\slbiop.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 25088 c:\windows\SYSTEM32\DLLCACHE\slayerxp.dll
+ 2012-04-15 12:08 . 2002-08-29 02:59 63547 c:\windows\SYSTEM32\DLLCACHE\sla30nd5.sys
+ 2012-04-15 12:08 . 2001-08-17 16:12 91294 c:\windows\SYSTEM32\DLLCACHE\skfpwin.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 26112 c:\windows\SYSTEM32\DLLCACHE\skeys.exe
+ 2012-04-15 12:08 . 2001-08-17 16:12 94698 c:\windows\SYSTEM32\DLLCACHE\sk98xwin.sys
+ 2012-04-15 12:08 . 2001-08-17 16:50 50432 c:\windows\SYSTEM32\DLLCACHE\sisv.sys
+ 2012-04-15 12:08 . 2004-08-04 05:31 32768 c:\windows\SYSTEM32\DLLCACHE\sisnic.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 13824 c:\windows\SYSTEM32\DLLCACHE\sisbkup.dll
+ 2001-08-17 18:58 . 2008-04-13 18:36 40960 c:\windows\SYSTEM32\DLLCACHE\sisagp.sys
+ 2012-04-15 12:08 . 2001-08-17 16:50 68608 c:\windows\SYSTEM32\DLLCACHE\sis6306p.sys
+ 2012-04-14 17:26 . 2002-08-29 10:00 18944 c:\windows\SYSTEM32\DLLCACHE\simptcp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 70144 c:\windows\SYSTEM32\DLLCACHE\sigverif.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 13312 c:\windows\SYSTEM32\DLLCACHE\sigtab.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 42573 c:\windows\SYSTEM32\DLLCACHE\shvlzm.exe
+ 2012-04-15 12:08 . 2002-08-29 10:00 66113 c:\windows\SYSTEM32\DLLCACHE\shvl.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 19456 c:\windows\SYSTEM32\DLLCACHE\shutdown.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 16437 c:\windows\SYSTEM32\DLLCACHE\shtml.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 20536 c:\windows\SYSTEM32\DLLCACHE\shtml.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 27648 c:\windows\SYSTEM32\DLLCACHE\shscrap.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 77824 c:\windows\SYSTEM32\DLLCACHE\shrpubw.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 45056 c:\windows\SYSTEM32\DLLCACHE\shmgrate.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 65024 c:\windows\SYSTEM32\DLLCACHE\shimeng.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 68096 c:\windows\SYSTEM32\DLLCACHE\shgina.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 25088 c:\windows\SYSTEM32\DLLCACHE\shfolder.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\shadow.exe
+ 2012-04-15 12:08 . 2001-07-21 18:29 18400 c:\windows\SYSTEM32\DLLCACHE\sgsmld.sys
+ 2012-04-15 12:08 . 2001-08-17 16:51 98080 c:\windows\SYSTEM32\DLLCACHE\sgiulnt5.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 23552 c:\windows\SYSTEM32\DLLCACHE\sfmapi.dll
+ 2012-04-15 12:08 . 2001-08-17 16:19 36480 c:\windows\SYSTEM32\DLLCACHE\sfmanm.sys
+ 2002-08-29 10:00 . 2008-04-13 18:40 11392 c:\windows\SYSTEM32\DLLCACHE\sfloppy.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 11008 c:\windows\SYSTEM32\DLLCACHE\sffp_sd.sys
+ 2004-08-04 05:59 . 2008-04-13 18:40 11904 c:\windows\SYSTEM32\DLLCACHE\sffdisk.sys
+ 2008-07-21 00:29 . 2008-04-14 00:12 32768 c:\windows\SYSTEM32\DLLCACHE\setupn.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 73216 c:\windows\SYSTEM32\DLLCACHE\setup50.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 23040 c:\windows\SYSTEM32\DLLCACHE\setup.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 31232 c:\windows\SYSTEM32\DLLCACHE\sethc.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\serwvdrv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 56320 c:\windows\SYSTEM32\DLLCACHE\servdeps.dll
+ 2012-04-15 12:08 . 2001-08-17 17:48 17664 c:\windows\SYSTEM32\DLLCACHE\sermouse.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 14336 c:\windows\SYSTEM32\DLLCACHE\serialui.dll
+ 2002-08-29 10:00 . 2008-04-13 19:15 64512 c:\windows\SYSTEM32\DLLCACHE\serial.sys
+ 2002-08-29 10:00 . 2008-04-13 18:40 15744 c:\windows\SYSTEM32\DLLCACHE\serenum.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 13824 c:\windows\SYSTEM32\DLLCACHE\senscfg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 39424 c:\windows\SYSTEM32\DLLCACHE\sens.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 54784 c:\windows\SYSTEM32\DLLCACHE\sendmail.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 29184 c:\windows\SYSTEM32\DLLCACHE\sendcmsg.dll
+ 2002-08-29 10:00 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\DLLCACHE\secur32.dll
- 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\DLLCACHE\secur32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\seclogon.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 29184 c:\windows\SYSTEM32\DLLCACHE\sdhcinst.dll
+ 2004-08-04 06:07 . 2008-04-13 18:36 79232 c:\windows\SYSTEM32\DLLCACHE\sdbus.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 77312 c:\windows\SYSTEM32\DLLCACHE\sdbinst.exe
+ 2012-04-15 12:08 . 2008-04-13 18:45 11520 c:\windows\SYSTEM32\DLLCACHE\scsiscan.sys
+ 2012-04-15 12:08 . 2001-08-17 17:52 11648 c:\windows\SYSTEM32\DLLCACHE\scsiprnt.sys
+ 2002-08-29 10:00 . 2008-04-13 18:40 96384 c:\windows\SYSTEM32\DLLCACHE\scsiport.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 26624 c:\windows\SYSTEM32\DLLCACHE\scredir.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 36352 c:\windows\SYSTEM32\DLLCACHE\scrcons.exe
+ 2012-04-15 12:08 . 2001-08-17 17:51 17280 c:\windows\SYSTEM32\DLLCACHE\scr111.sys
+ 2012-04-15 12:08 . 2001-08-17 17:51 16640 c:\windows\SYSTEM32\DLLCACHE\scmstcs.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 20480 c:\windows\SYSTEM32\DLLCACHE\sclgntfy.dll
+ 2012-04-15 12:08 . 2001-08-17 17:51 23936 c:\windows\SYSTEM32\DLLCACHE\sccmusbm.sys
+ 2012-04-15 12:08 . 2001-08-17 17:51 23936 c:\windows\SYSTEM32\DLLCACHE\sccmn50m.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 95744 c:\windows\SYSTEM32\DLLCACHE\scardsvr.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 69632 c:\windows\SYSTEM32\DLLCACHE\scarddlg.dll
+ 2002-08-29 10:00 . 2009-02-06 10:39 35328 c:\windows\SYSTEM32\DLLCACHE\sc.exe
- 2009-04-15 22:16 . 2009-02-06 10:39 35328 c:\windows\SYSTEM32\DLLCACHE\sc.exe
+ 2012-04-15 12:08 . 2008-04-13 18:40 43904 c:\windows\SYSTEM32\DLLCACHE\sbp2port.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 13312 c:\windows\SYSTEM32\DLLCACHE\savedump.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 36864 c:\windows\SYSTEM32\DLLCACHE\sapisvr.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 64000 c:\windows\SYSTEM32\DLLCACHE\samlib.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 45568 c:\windows\SYSTEM32\DLLCACHE\safrslv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 29696 c:\windows\SYSTEM32\DLLCACHE\safrdm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 43520 c:\windows\SYSTEM32\DLLCACHE\safrcdlg.dll
+ 2012-04-15 12:08 . 2001-08-17 16:50 75392 c:\windows\SYSTEM32\DLLCACHE\s3savmxm.sys
+ 2012-04-15 12:08 . 2001-08-17 16:50 77824 c:\windows\SYSTEM32\DLLCACHE\s3sav4m.sys
+ 2012-04-15 12:08 . 2001-08-17 16:50 61504 c:\windows\SYSTEM32\DLLCACHE\s3sav3dm.sys
+ 2012-04-15 12:08 . 2001-08-18 02:36 62496 c:\windows\SYSTEM32\DLLCACHE\s3mtrio.dll
+ 2012-04-15 12:08 . 2001-08-17 16:50 41216 c:\windows\SYSTEM32\DLLCACHE\s3mt3d.sys
+ 2012-04-15 12:08 . 2001-08-17 17:57 65664 c:\windows\SYSTEM32\DLLCACHE\s3legacy.sys
+ 2012-04-15 12:02 . 2001-08-17 18:56 66048 c:\windows\SYSTEM32\DLLCACHE\s3legacy.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 15872 c:\windows\SYSTEM32\DLLCACHE\rwinsta.exe
+ 2012-04-15 12:08 . 2001-08-18 02:36 82432 c:\windows\SYSTEM32\DLLCACHE\rwia450.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 79872 c:\windows\SYSTEM32\DLLCACHE\rwia430.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 79872 c:\windows\SYSTEM32\DLLCACHE\rwia330.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 79872 c:\windows\SYSTEM32\DLLCACHE\rwia001.dll
+ 2012-04-15 12:08 . 2008-04-14 00:12 29696 c:\windows\SYSTEM32\DLLCACHE\rw450ext.dll
+ 2012-04-15 12:08 . 2008-04-14 00:12 27648 c:\windows\SYSTEM32\DLLCACHE\rw430ext.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 29184 c:\windows\SYSTEM32\DLLCACHE\rw330ext.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 27648 c:\windows\SYSTEM32\DLLCACHE\rw001ext.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 42574 c:\windows\SYSTEM32\DLLCACHE\rvsezm.exe
+ 2012-04-15 12:08 . 2002-08-29 10:00 48706 c:\windows\SYSTEM32\DLLCACHE\rvse.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 14336 c:\windows\SYSTEM32\DLLCACHE\runonce.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 33280 c:\windows\SYSTEM32\DLLCACHE\rundll32.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\runas.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 44032 c:\windows\SYSTEM32\DLLCACHE\rtutils.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 98304 c:\windows\SYSTEM32\DLLCACHE\rtm.dll
+ 2012-04-15 12:08 . 2004-08-04 05:31 20992 c:\windows\SYSTEM32\DLLCACHE\rtl8139.sys
+ 2012-04-15 12:08 . 2001-08-17 16:12 19017 c:\windows\SYSTEM32\DLLCACHE\rtl8029.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 31744 c:\windows\SYSTEM32\DLLCACHE\rtipxmib.dll
+ 2012-04-15 12:08 . 2001-08-17 16:19 30720 c:\windows\SYSTEM32\DLLCACHE\rthwcls.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 77312 c:\windows\SYSTEM32\DLLCACHE\rtcshare.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 92672 c:\windows\SYSTEM32\DLLCACHE\rsvpsp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 23552 c:\windows\SYSTEM32\DLLCACHE\rsvpmsg.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 49152 c:\windows\SYSTEM32\DLLCACHE\rsmui.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 24576 c:\windows\SYSTEM32\DLLCACHE\rsmsink.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\rsmps.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 49152 c:\windows\SYSTEM32\DLLCACHE\rsm.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 39936 c:\windows\SYSTEM32\DLLCACHE\rshx32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 14848 c:\windows\SYSTEM32\DLLCACHE\rsh.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 61440 c:\windows\SYSTEM32\DLLCACHE\rrcm.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 22016 c:\windows\SYSTEM32\DLLCACHE\rpcns4.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 25600 c:\windows\SYSTEM32\DLLCACHE\routemon.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 19968 c:\windows\SYSTEM32\DLLCACHE\route.exe
+ 2012-04-15 12:08 . 2008-04-13 18:40 79104 c:\windows\SYSTEM32\DLLCACHE\rocket.sys
+ 2004-08-04 06:04 . 2008-04-13 18:56 30592 c:\windows\SYSTEM32\DLLCACHE\rndismpx.sys
+ 2002-08-29 10:00 . 2008-04-13 18:56 30592 c:\windows\SYSTEM32\DLLCACHE\rndismp.sys
+ 2012-04-15 12:08 . 2001-08-17 16:12 37563 c:\windows\SYSTEM32\DLLCACHE\rlnet5.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 12032 c:\windows\SYSTEM32\DLLCACHE\riodrv.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 12032 c:\windows\SYSTEM32\DLLCACHE\rio8drv.sys
+ 2004-08-04 06:10 . 2008-04-13 18:46 59136 c:\windows\SYSTEM32\DLLCACHE\rfcomm.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 13824 c:\windows\SYSTEM32\DLLCACHE\rexec.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 58880 c:\windows\SYSTEM32\DLLCACHE\resutils.dll

GreenWithEnvy
2012-04-18, 15:32
+ 2012-04-15 12:08 . 2001-08-18 02:36 86097 c:\windows\SYSTEM32\DLLCACHE\reslog32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12800 c:\windows\SYSTEM32\DLLCACHE\replace.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 60416 c:\windows\SYSTEM32\DLLCACHE\remotepg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 11776 c:\windows\SYSTEM32\DLLCACHE\regsvr32.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 59904 c:\windows\SYSTEM32\DLLCACHE\regsvc.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\register.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 33792 c:\windows\SYSTEM32\DLLCACHE\regini.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 49664 c:\windows\SYSTEM32\DLLCACHE\regapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 50176 c:\windows\SYSTEM32\DLLCACHE\reg.exe
+ 2002-08-29 06:27 . 2008-04-13 18:40 57600 c:\windows\SYSTEM32\DLLCACHE\redbook.sys
+ 2012-04-15 12:07 . 2004-08-04 05:41 13776 c:\windows\SYSTEM32\DLLCACHE\recagent.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 67072 c:\windows\SYSTEM32\DLLCACHE\rdshost.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 13824 c:\windows\SYSTEM32\DLLCACHE\rdsaddin.exe
+ 2002-08-29 10:00 . 2008-04-14 00:13 87176 c:\windows\SYSTEM32\DLLCACHE\rdpwsx.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 19968 c:\windows\SYSTEM32\DLLCACHE\rdpsnd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:13 92424 c:\windows\SYSTEM32\DLLCACHE\rdpdd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 62976 c:\windows\SYSTEM32\DLLCACHE\rdpclip.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 21504 c:\windows\SYSTEM32\DLLCACHE\rcp.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 35840 c:\windows\SYSTEM32\DLLCACHE\rcimlby.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 34432 c:\windows\SYSTEM32\DLLCACHE\rawwan.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 58368 c:\windows\SYSTEM32\DLLCACHE\rastapi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12800 c:\windows\SYSTEM32\DLLCACHE\rasser.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 16384 c:\windows\SYSTEM32\DLLCACHE\rassapi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 23552 c:\windows\SYSTEM32\DLLCACHE\rasrad.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 61952 c:\windows\SYSTEM32\DLLCACHE\rasqec.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16512 c:\windows\SYSTEM32\DLLCACHE\raspti.sys
+ 2002-08-29 10:00 . 2008-04-13 19:19 48384 c:\windows\SYSTEM32\DLLCACHE\raspptp.sys
+ 2002-08-29 10:00 . 2008-04-13 18:57 41472 c:\windows\SYSTEM32\DLLCACHE\raspppoe.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 56832 c:\windows\SYSTEM32\DLLCACHE\rasphone.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 22528 c:\windows\SYSTEM32\DLLCACHE\rasmxs.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 61440 c:\windows\SYSTEM32\DLLCACHE\rasman.dll
+ 2002-08-29 10:00 . 2008-04-13 19:19 51328 c:\windows\SYSTEM32\DLLCACHE\rasl2tp.sys
+ 2012-04-15 12:07 . 2001-08-17 17:51 19584 c:\windows\SYSTEM32\DLLCACHE\rasirda.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 11264 c:\windows\SYSTEM32\DLLCACHE\rasdial.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 11776 c:\windows\SYSTEM32\DLLCACHE\rasctrs.dll
- 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\SYSTEM32\DLLCACHE\raschap.dll
+ 2002-08-29 10:00 . 2009-10-12 13:38 79872 c:\windows\SYSTEM32\DLLCACHE\raschap.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 11776 c:\windows\SYSTEM32\DLLCACHE\rasautou.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 88576 c:\windows\SYSTEM32\DLLCACHE\rasauto.dll
+ 2004-08-04 06:00 . 2008-04-13 18:41 20736 c:\windows\SYSTEM32\DLLCACHE\ramdisk.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 43520 c:\windows\SYSTEM32\DLLCACHE\racpldlg.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 22016 c:\windows\SYSTEM32\DLLCACHE\qwinsta.exe
+ 2012-04-15 12:07 . 2001-08-18 02:36 41472 c:\windows\SYSTEM32\DLLCACHE\qvusd.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 76800 c:\windows\SYSTEM32\DLLCACHE\qutil.dll
+ 2012-04-15 12:07 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\quser.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 19968 c:\windows\SYSTEM32\DLLCACHE\qprocess.exe
+ 2004-07-22 02:20 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\qmgrprxy.dll
+ 2001-08-17 18:52 . 2001-08-17 18:52 49024 c:\windows\SYSTEM32\DLLCACHE\ql1280.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 40448 c:\windows\SYSTEM32\DLLCACHE\ql1240.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 45312 c:\windows\SYSTEM32\DLLCACHE\ql12160.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 33152 c:\windows\SYSTEM32\DLLCACHE\ql10wnt.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 40320 c:\windows\SYSTEM32\DLLCACHE\ql1080.sys
+ 2008-07-21 00:29 . 2008-04-14 00:12 62464 c:\windows\SYSTEM32\DLLCACHE\qcliprov.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16896 c:\windows\SYSTEM32\DLLCACHE\qappsrv.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 17792 c:\windows\SYSTEM32\DLLCACHE\ptilink.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 34304 c:\windows\SYSTEM32\DLLCACHE\pstorsvc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 43520 c:\windows\SYSTEM32\DLLCACHE\pstorec.dll
+ 2012-04-15 12:07 . 2001-08-18 02:36 35328 c:\windows\SYSTEM32\DLLCACHE\psisload.dll
+ 2012-04-15 12:07 . 2001-08-17 17:51 16128 c:\windows\SYSTEM32\DLLCACHE\pscr.sys
+ 2002-08-29 10:00 . 2008-04-13 18:56 69120 c:\windows\SYSTEM32\DLLCACHE\psched.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 10752 c:\windows\SYSTEM32\DLLCACHE\pschdprf.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 96768 c:\windows\SYSTEM32\DLLCACHE\psbase.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 23040 c:\windows\SYSTEM32\DLLCACHE\psapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 50176 c:\windows\SYSTEM32\DLLCACHE\proquota.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 27648 c:\windows\SYSTEM32\DLLCACHE\profmap.dll
+ 2002-08-29 10:00 . 2008-04-13 18:31 35840 c:\windows\SYSTEM32\DLLCACHE\processr.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\prflbmsg.dll
+ 2012-04-15 12:07 . 2008-04-13 18:41 17664 c:\windows\SYSTEM32\DLLCACHE\ppa3.sys
+ 2012-04-15 12:07 . 2001-08-17 17:53 17792 c:\windows\SYSTEM32\DLLCACHE\ppa.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 17408 c:\windows\SYSTEM32\DLLCACHE\powrprof.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 49152 c:\windows\SYSTEM32\DLLCACHE\powercfg.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 58880 c:\windows\SYSTEM32\DLLCACHE\pnrpnsp.dll
- 2006-05-10 05:23 . 2011-12-19 08:13 44544 c:\windows\SYSTEM32\DLLCACHE\pngfilt.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 44544 c:\windows\SYSTEM32\DLLCACHE\pngfilt.dll
+ 2012-04-15 12:07 . 2002-08-29 10:00 11264 c:\windows\SYSTEM32\DLLCACHE\pmxmcro.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 46592 c:\windows\SYSTEM32\DLLCACHE\pmspl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 30720 c:\windows\SYSTEM32\DLLCACHE\plustab.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 15360 c:\windows\SYSTEM32\DLLCACHE\pjlmon.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 33280 c:\windows\SYSTEM32\DLLCACHE\ping6.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 17920 c:\windows\SYSTEM32\DLLCACHE\ping.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 35328 c:\windows\SYSTEM32\DLLCACHE\pifmgr.dll
+ 2002-08-29 10:00 . 2008-04-13 18:35 24064 c:\windows\SYSTEM32\DLLCACHE\pidgen.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 35328 c:\windows\SYSTEM32\DLLCACHE\pid.dll
+ 2012-04-15 12:07 . 2001-08-17 18:07 19840 c:\windows\SYSTEM32\DLLCACHE\philtune.sys
+ 2012-04-15 12:07 . 2001-08-17 18:04 92416 c:\windows\SYSTEM32\DLLCACHE\phildec.sys
+ 2012-04-15 12:07 . 2001-08-17 18:04 75776 c:\windows\SYSTEM32\DLLCACHE\philcam1.sys
+ 2012-04-15 12:07 . 2001-08-18 02:36 16384 c:\windows\SYSTEM32\DLLCACHE\philcam1.dll
+ 2012-04-15 12:07 . 2008-04-13 18:44 28032 c:\windows\SYSTEM32\DLLCACHE\perm3.sys
+ 2012-04-15 12:07 . 2008-04-13 18:44 27904 c:\windows\SYSTEM32\DLLCACHE\perm2.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 12288 c:\windows\SYSTEM32\DLLCACHE\perfts.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 34816 c:\windows\SYSTEM32\DLLCACHE\perfproc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 25088 c:\windows\SYSTEM32\DLLCACHE\perfos.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 17920 c:\windows\SYSTEM32\DLLCACHE\perfnet.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 15872 c:\windows\SYSTEM32\DLLCACHE\perfmon.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 26624 c:\windows\SYSTEM32\DLLCACHE\perfdisk.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 39936 c:\windows\SYSTEM32\DLLCACHE\perfctrs.dll
+ 2001-08-17 19:07 . 2001-08-17 19:07 27296 c:\windows\SYSTEM32\DLLCACHE\perc2.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 15360 c:\windows\SYSTEM32\DLLCACHE\pentnt.exe
+ 2012-04-15 12:07 . 2001-08-18 02:36 86016 c:\windows\SYSTEM32\DLLCACHE\pctspk.exe
+ 2012-04-15 12:07 . 2001-08-17 16:11 35328 c:\windows\SYSTEM32\DLLCACHE\pcntpci5.sys
+ 2012-04-15 12:07 . 2001-08-17 16:11 29769 c:\windows\SYSTEM32\DLLCACHE\pcntn5m.sys
+ 2012-04-15 12:07 . 2001-08-17 16:11 30282 c:\windows\SYSTEM32\DLLCACHE\pcntn5hl.sys
+ 2012-04-15 12:07 . 2001-08-17 16:12 26153 c:\windows\SYSTEM32\DLLCACHE\pcmlm56.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 38400 c:\windows\SYSTEM32\DLLCACHE\pchsvc.dll
+ 2012-04-15 12:07 . 2004-08-04 05:31 29502 c:\windows\SYSTEM32\DLLCACHE\pca200e.sys
+ 2012-04-15 12:07 . 2001-08-17 16:12 30495 c:\windows\SYSTEM32\DLLCACHE\pc100nds.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 67584 c:\windows\SYSTEM32\DLLCACHE\pautoenr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 21504 c:\windows\SYSTEM32\DLLCACHE\pathping.exe
+ 2002-08-29 10:00 . 2008-04-13 18:40 19712 c:\windows\SYSTEM32\DLLCACHE\partmgr.sys
+ 2002-08-29 10:00 . 2008-04-13 18:40 80128 c:\windows\SYSTEM32\DLLCACHE\parport.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 10240 c:\windows\SYSTEM32\DLLCACHE\panmap.dll
- 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\SYSTEM32\DLLCACHE\packager.exe
+ 2002-08-29 10:00 . 2011-11-18 12:35 60416 c:\windows\SYSTEM32\DLLCACHE\packager.exe
+ 2002-08-29 10:00 . 2008-04-13 18:31 42752 c:\windows\SYSTEM32\DLLCACHE\p3.sys
+ 2012-04-15 12:07 . 2001-08-18 02:36 41984 c:\windows\SYSTEM32\DLLCACHE\ovui2rc.dll
+ 2012-04-15 12:07 . 2001-08-18 02:36 44544 c:\windows\SYSTEM32\DLLCACHE\ovui2.dll
+ 2012-04-15 12:07 . 2001-08-17 18:05 25216 c:\windows\SYSTEM32\DLLCACHE\ovsound2.sys
+ 2012-04-15 12:07 . 2001-08-18 02:36 39424 c:\windows\SYSTEM32\DLLCACHE\ovcoms.exe
+ 2012-04-15 12:07 . 2001-08-18 02:36 20480 c:\windows\SYSTEM32\DLLCACHE\ovcomc.dll
+ 2012-04-15 12:07 . 2001-08-17 18:05 31872 c:\windows\SYSTEM32\DLLCACHE\ovce.sys
+ 2012-04-15 12:07 . 2001-08-17 18:05 28032 c:\windows\SYSTEM32\DLLCACHE\ovcd.sys
+ 2012-04-15 12:07 . 2001-08-17 18:05 48000 c:\windows\SYSTEM32\DLLCACHE\ovcam2.sys
+ 2012-04-15 12:07 . 2001-08-17 18:05 25088 c:\windows\SYSTEM32\DLLCACHE\ovca.sys
+ 2012-04-15 12:07 . 2001-08-17 17:28 54186 c:\windows\SYSTEM32\DLLCACHE\otcsercb.sys
+ 2012-04-15 12:07 . 2001-08-17 16:12 43689 c:\windows\SYSTEM32\DLLCACHE\otceth5.sys
+ 2012-04-15 12:07 . 2001-08-17 16:12 27209 c:\windows\SYSTEM32\DLLCACHE\otc06x5.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 40448 c:\windows\SYSTEM32\DLLCACHE\osuninst.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 67584 c:\windows\SYSTEM32\DLLCACHE\osuninst.dll
+ 2012-04-15 12:07 . 2001-08-17 16:20 54528 c:\windows\SYSTEM32\DLLCACHE\opl3sax.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 51200 c:\windows\SYSTEM32\DLLCACHE\oobebaln.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 69120 c:\windows\SYSTEM32\DLLCACHE\olethk32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 22016 c:\windows\SYSTEM32\DLLCACHE\olesvr32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 24064 c:\windows\SYSTEM32\DLLCACHE\olesvr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 84992 c:\windows\SYSTEM32\DLLCACHE\olepro32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 65536 c:\windows\SYSTEM32\DLLCACHE\oledb32r.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 37376 c:\windows\SYSTEM32\DLLCACHE\olecnv32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 74752 c:\windows\SYSTEM32\DLLCACHE\olecli32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 82944 c:\windows\SYSTEM32\DLLCACHE\olecli.dll
- 2011-09-26 15:41 . 2011-09-26 15:41 20480 c:\windows\SYSTEM32\DLLCACHE\oleaccrc.dll
+ 2002-08-29 10:00 . 2011-09-26 15:41 20480 c:\windows\SYSTEM32\DLLCACHE\oleaccrc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 39744 c:\windows\SYSTEM32\DLLCACHE\ole2.dll
+ 2003-09-03 00:00 . 2008-04-13 18:46 61696 c:\windows\SYSTEM32\DLLCACHE\ohci1394.sys
+ 2003-03-03 20:57 . 2008-04-14 00:12 35328 c:\windows\SYSTEM32\DLLCACHE\oemiglib.dll
+ 2003-03-03 20:57 . 2008-04-14 00:12 60416 c:\windows\SYSTEM32\DLLCACHE\oemig50.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 20511 c:\windows\SYSTEM32\DLLCACHE\odtext32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 20510 c:\windows\SYSTEM32\DLLCACHE\odpdx32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 20510 c:\windows\SYSTEM32\DLLCACHE\odfox32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 20510 c:\windows\SYSTEM32\DLLCACHE\odexl32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 20511 c:\windows\SYSTEM32\DLLCACHE\oddbse32.dll
+ 2002-08-29 10:00 . 2008-04-13 17:26 12288 c:\windows\SYSTEM32\DLLCACHE\odbcp32r.dll
+ 2002-08-29 10:00 . 2008-04-14 00:10 53279 c:\windows\SYSTEM32\DLLCACHE\odbcji32.dll
+ 2002-08-29 10:00 . 2008-04-13 17:26 94208 c:\windows\SYSTEM32\DLLCACHE\odbcint.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 65536 c:\windows\SYSTEM32\DLLCACHE\odbccu32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 65536 c:\windows\SYSTEM32\DLLCACHE\odbccr32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 69632 c:\windows\SYSTEM32\DLLCACHE\odbcconf.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 32768 c:\windows\SYSTEM32\DLLCACHE\odbcad32.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 16384 c:\windows\SYSTEM32\DLLCACHE\odbc32gt.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 26224 c:\windows\SYSTEM32\DLLCACHE\odbc16gt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 17408 c:\windows\SYSTEM32\DLLCACHE\ocmsn.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 67584 c:\windows\SYSTEM32\DLLCACHE\ocmanage.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 15360 c:\windows\SYSTEM32\DLLCACHE\ocgen.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 55936 c:\windows\SYSTEM32\DLLCACHE\nwlnkspx.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 63232 c:\windows\SYSTEM32\DLLCACHE\nwlnknb.sys
+ 2002-08-29 10:00 . 2008-04-13 18:56 88320 c:\windows\SYSTEM32\DLLCACHE\nwlnkipx.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 32512 c:\windows\SYSTEM32\DLLCACHE\nwlnkfwd.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 12416 c:\windows\SYSTEM32\DLLCACHE\nwlnkflt.sys
+ 2004-06-17 17:58 . 2008-04-14 00:12 15360 c:\windows\SYSTEM32\DLLCACHE\ntvdmd.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 36864 c:\windows\SYSTEM32\DLLCACHE\ntsdexts.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 31744 c:\windows\SYSTEM32\DLLCACHE\ntsd.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 91136 c:\windows\SYSTEM32\DLLCACHE\ntprint.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 62976 c:\windows\SYSTEM32\DLLCACHE\ntoc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 36864 c:\windows\SYSTEM32\DLLCACHE\ntmsevt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 40960 c:\windows\SYSTEM32\DLLCACHE\ntmsapi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 14336 c:\windows\SYSTEM32\DLLCACHE\ntlanui2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 57856 c:\windows\SYSTEM32\DLLCACHE\ntlanui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 44032 c:\windows\SYSTEM32\DLLCACHE\ntlanman.dll
+ 2004-05-17 22:43 . 2004-05-17 22:43 34560 c:\windows\SYSTEM32\DLLCACHE\ntio804.sys
+ 2004-05-17 22:43 . 2004-05-17 22:43 35424 c:\windows\SYSTEM32\DLLCACHE\ntio412.sys
+ 2004-05-17 22:43 . 2004-05-17 22:43 35648 c:\windows\SYSTEM32\DLLCACHE\ntio411.sys
+ 2004-05-17 22:43 . 2004-05-17 22:43 34560 c:\windows\SYSTEM32\DLLCACHE\ntio404.sys
+ 2004-05-17 22:43 . 2004-05-17 22:43 33840 c:\windows\SYSTEM32\DLLCACHE\ntio.sys
+ 2012-04-15 12:07 . 2001-08-17 16:49 51552 c:\windows\SYSTEM32\DLLCACHE\ntgrip.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 67072 c:\windows\SYSTEM32\DLLCACHE\ntdsapi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 29146 c:\windows\SYSTEM32\DLLCACHE\ntdos804.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 29274 c:\windows\SYSTEM32\DLLCACHE\ntdos412.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 29370 c:\windows\SYSTEM32\DLLCACHE\ntdos411.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 29146 c:\windows\SYSTEM32\DLLCACHE\ntdos404.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 27866 c:\windows\SYSTEM32\DLLCACHE\ntdos.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 76800 c:\windows\SYSTEM32\DLLCACHE\nslookup.exe
+ 2012-04-15 12:07 . 2008-04-13 18:54 28672 c:\windows\SYSTEM32\DLLCACHE\nscirda.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 10240 c:\windows\SYSTEM32\DLLCACHE\npwmsdrm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 54784 c:\windows\SYSTEM32\DLLCACHE\npptools.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 15360 c:\windows\SYSTEM32\DLLCACHE\nppagent.exe
+ 2002-08-29 10:00 . 2008-04-13 18:32 30848 c:\windows\SYSTEM32\DLLCACHE\npfs.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 35328 c:\windows\SYSTEM32\DLLCACHE\notiflag.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 69120 c:\windows\SYSTEM32\DLLCACHE\notepad.exe
+ 2002-08-29 10:00 . 2008-04-13 18:53 40320 c:\windows\SYSTEM32\DLLCACHE\nmnt.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 28672 c:\windows\SYSTEM32\DLLCACHE\nmmkcert.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12288 c:\windows\SYSTEM32\DLLCACHE\nmevtmsg.dll
+ 2004-04-19 03:14 . 2008-04-14 00:12 77824 c:\windows\SYSTEM32\DLLCACHE\nmcom.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 81920 c:\windows\SYSTEM32\DLLCACHE\nmchat.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 28672 c:\windows\SYSTEM32\DLLCACHE\nmasnt.dll
+ 2012-04-15 12:07 . 2001-08-17 16:20 87040 c:\windows\SYSTEM32\DLLCACHE\nm6wdm.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 98304 c:\windows\SYSTEM32\DLLCACHE\nlhtml.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12032 c:\windows\SYSTEM32\DLLCACHE\nikedrv.sys
+ 2002-08-29 10:00 . 2008-04-13 18:51 61824 c:\windows\SYSTEM32\DLLCACHE\nic1394.sys
+ 2012-04-15 12:07 . 2001-08-17 16:12 32840 c:\windows\SYSTEM32\DLLCACHE\ngrpci.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 80896 c:\windows\SYSTEM32\DLLCACHE\netui0.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 36864 c:\windows\SYSTEM32\DLLCACHE\netstat.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 86016 c:\windows\SYSTEM32\DLLCACHE\netsh.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 11776 c:\windows\SYSTEM32\DLLCACHE\netrap.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 77312 c:\windows\SYSTEM32\DLLCACHE\netoc.dll
+ 2012-04-15 12:07 . 2001-08-17 16:11 65278 c:\windows\SYSTEM32\DLLCACHE\netflx3.sys
+ 2002-08-29 10:00 . 2008-04-13 18:56 34688 c:\windows\SYSTEM32\DLLCACHE\netbios.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 42496 c:\windows\SYSTEM32\DLLCACHE\net.exe
+ 2012-04-15 12:07 . 2001-08-17 16:50 39264 c:\windows\SYSTEM32\DLLCACHE\neo20xx.sys
+ 2012-04-15 12:07 . 2001-08-18 02:36 60480 c:\windows\SYSTEM32\DLLCACHE\neo20xx.dll
+ 2012-04-15 12:07 . 2001-08-17 17:49 15872 c:\windows\SYSTEM32\DLLCACHE\ne2000.sys
- 2010-12-17 00:25 . 2010-11-02 15:17 40960 c:\windows\SYSTEM32\DLLCACHE\ndproxy.sys
+ 2002-08-29 10:00 . 2010-11-02 15:17 40960 c:\windows\SYSTEM32\DLLCACHE\ndproxy.sys
+ 2002-08-29 10:00 . 2008-04-13 19:20 91520 c:\windows\SYSTEM32\DLLCACHE\ndiswan.sys
+ 2002-08-29 10:00 . 2008-04-13 18:55 14592 c:\windows\SYSTEM32\DLLCACHE\ndisuio.sys
- 2011-08-10 11:35 . 2011-07-08 14:02 10496 c:\windows\SYSTEM32\DLLCACHE\ndistapi.sys
+ 2002-08-29 10:00 . 2011-07-08 14:02 10496 c:\windows\SYSTEM32\DLLCACHE\ndistapi.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 57344 c:\windows\SYSTEM32\DLLCACHE\ndisnpp.dll
+ 2003-09-03 00:03 . 2008-04-13 18:46 10880 c:\windows\SYSTEM32\DLLCACHE\ndisip.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 18944 c:\windows\SYSTEM32\DLLCACHE\nddenb32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 17920 c:\windows\SYSTEM32\DLLCACHE\nddeapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 47104 c:\windows\SYSTEM32\DLLCACHE\ncprov.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 36352 c:\windows\SYSTEM32\DLLCACHE\ncobjapi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 20480 c:\windows\SYSTEM32\DLLCACHE\nbtstat.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 35840 c:\windows\SYSTEM32\DLLCACHE\narrhook.dll
+ 2002-11-20 15:50 . 2008-04-14 00:12 53760 c:\windows\SYSTEM32\DLLCACHE\narrator.exe
+ 2008-07-21 00:29 . 2008-04-14 00:12 30208 c:\windows\SYSTEM32\DLLCACHE\napipsec.dll
+ 2003-09-03 00:03 . 2008-04-13 18:46 85248 c:\windows\SYSTEM32\DLLCACHE\nabtsfec.sys
+ 2012-04-15 12:07 . 2001-08-17 18:56 91488 c:\windows\SYSTEM32\DLLCACHE\n9i3disp.dll
+ 2012-04-15 12:07 . 2001-08-17 16:50 27936 c:\windows\SYSTEM32\DLLCACHE\n9i3d.sys
+ 2012-04-15 12:07 . 2001-08-17 16:50 33088 c:\windows\SYSTEM32\DLLCACHE\n9i128v2.sys
+ 2012-04-15 12:07 . 2001-08-18 02:36 59104 c:\windows\SYSTEM32\DLLCACHE\n9i128v2.dll
+ 2012-04-15 12:07 . 2001-08-17 16:50 13664 c:\windows\SYSTEM32\DLLCACHE\n9i128.sys
+ 2012-04-15 12:07 . 2001-08-17 18:56 35392 c:\windows\SYSTEM32\DLLCACHE\n9i128.dll
+ 2012-04-15 12:07 . 2001-08-17 16:11 52255 c:\windows\SYSTEM32\DLLCACHE\n1000nt5.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 90624 c:\windows\SYSTEM32\DLLCACHE\mydocs.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 90112 c:\windows\SYSTEM32\DLLCACHE\mycomput.dll
+ 2012-04-15 12:07 . 2001-08-17 17:50 75520 c:\windows\SYSTEM32\DLLCACHE\mxport.sys
+ 2012-04-15 12:07 . 2001-08-17 17:49 19968 c:\windows\SYSTEM32\DLLCACHE\mxnic.sys
+ 2012-04-15 12:07 . 2001-08-18 02:36 19968 c:\windows\SYSTEM32\DLLCACHE\mxicfg.dll
+ 2012-04-15 12:07 . 2001-08-17 17:50 21888 c:\windows\SYSTEM32\DLLCACHE\mxcard.sys
+ 2004-08-04 06:04 . 2008-04-13 18:43 12672 c:\windows\SYSTEM32\DLLCACHE\mutohpen.sys
+ 2004-04-19 03:14 . 2008-06-12 14:23 91648 c:\windows\SYSTEM32\DLLCACHE\mtxoci.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\SYSTEM32\DLLCACHE\mtxoci.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 34304 c:\windows\SYSTEM32\DLLCACHE\mtxlegih.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 30720 c:\windows\SYSTEM32\DLLCACHE\mtxdm.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\SYSTEM32\DLLCACHE\mtxclu.dll
+ 2004-04-19 03:14 . 2008-06-12 14:23 66560 c:\windows\SYSTEM32\DLLCACHE\mtxclu.dll
- 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\SYSTEM32\DLLCACHE\msyuv.dll
+ 2003-09-03 00:03 . 2009-11-27 17:11 17920 c:\windows\SYSTEM32\DLLCACHE\msyuv.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 26624 c:\windows\SYSTEM32\DLLCACHE\msxmlr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 37916 c:\windows\SYSTEM32\DLLCACHE\msxml2r.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 24576 c:\windows\SYSTEM32\DLLCACHE\msxactps.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 72704 c:\windows\SYSTEM32\DLLCACHE\msw3prt.dll
- 2009-11-27 16:07 . 2009-11-27 16:07 28672 c:\windows\SYSTEM32\DLLCACHE\msvidc32.dll
+ 2002-08-29 10:00 . 2009-11-27 16:07 28672 c:\windows\SYSTEM32\DLLCACHE\msvidc32.dll
+ 2002-08-29 10:00 . 2008-04-13 18:30 61440 c:\windows\SYSTEM32\DLLCACHE\msvcrt40.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 57344 c:\windows\SYSTEM32\DLLCACHE\msvcirt.dll
+ 2004-07-22 02:20 . 2008-04-14 00:12 12288 c:\windows\SYSTEM32\DLLCACHE\mstinit.exe
+ 2012-04-15 12:06 . 2008-04-13 18:46 49024 c:\windows\SYSTEM32\DLLCACHE\mstape.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 57344 c:\windows\SYSTEM32\DLLCACHE\mst123.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 13312 c:\windows\SYSTEM32\DLLCACHE\msswch.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 23552 c:\windows\SYSTEM32\DLLCACHE\mssoapr.dll
+ 2004-08-04 06:07 . 2008-04-13 18:36 15488 c:\windows\SYSTEM32\DLLCACHE\mssmbios.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 35840 c:\windows\SYSTEM32\DLLCACHE\mssign32.dll
+ 2008-07-21 00:29 . 2008-04-13 18:14 76800 c:\windows\SYSTEM32\DLLCACHE\msshamsg.dll
+ 2002-08-29 10:00 . 2009-11-27 16:07 11264 c:\windows\SYSTEM32\DLLCACHE\msrle32.dll
- 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\SYSTEM32\DLLCACHE\msrle32.dll
+ 2012-04-15 12:06 . 2001-08-17 17:48 12416 c:\windows\SYSTEM32\DLLCACHE\msriffwv.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 60416 c:\windows\SYSTEM32\DLLCACHE\msratelc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 69632 c:\windows\SYSTEM32\DLLCACHE\msr2c.dll
+ 2002-08-29 10:00 . 2008-04-13 16:23 48128 c:\windows\SYSTEM32\DLLCACHE\msprivs.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 41984 c:\windows\SYSTEM32\DLLCACHE\msports.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 29696 c:\windows\SYSTEM32\DLLCACHE\mspatcha.dll
+ 2002-08-29 10:00 . 2008-04-13 17:24 20480 c:\windows\SYSTEM32\DLLCACHE\msorc32r.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 29184 c:\windows\SYSTEM32\DLLCACHE\msoobe.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 19456 c:\windows\SYSTEM32\DLLCACHE\msobweb.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 30720 c:\windows\SYSTEM32\DLLCACHE\msobshel.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 33280 c:\windows\SYSTEM32\DLLCACHE\msobjs.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 16384 c:\windows\SYSTEM32\DLLCACHE\msobdl.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 39936 c:\windows\SYSTEM32\DLLCACHE\mslwvtts.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 25088 c:\windows\SYSTEM32\DLLCACHE\mslbui.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 60192 c:\windows\SYSTEM32\DLLCACHE\msjter40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 60192 c:\windows\SYSTEM32\DLLCACHE\msjter40.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 15360 c:\windows\SYSTEM32\DLLCACHE\msisip.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 40960 c:\windows\SYSTEM32\DLLCACHE\msiregmv.exe
+ 2012-04-15 12:06 . 2008-04-13 18:54 22016 c:\windows\SYSTEM32\DLLCACHE\msircomm.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 39936 c:\windows\SYSTEM32\DLLCACHE\msinfo32.exe
+ 2003-03-03 20:57 . 2008-04-14 00:12 60416 c:\windows\SYSTEM32\DLLCACHE\msimn.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 78848 c:\windows\SYSTEM32\DLLCACHE\msiexec.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\msidntld.dll
+ 2003-03-03 20:57 . 2008-04-14 00:11 51712 c:\windows\SYSTEM32\DLLCACHE\msident.dll
- 2006-10-17 16:28 . 2007-08-13 23:01 48128 c:\windows\SYSTEM32\DLLCACHE\mshtmler.dll
+ 2002-08-29 10:00 . 2007-08-13 23:01 48128 c:\windows\SYSTEM32\DLLCACHE\mshtmler.dll
+ 2002-08-29 10:00 . 2007-08-13 23:32 45568 c:\windows\SYSTEM32\DLLCACHE\mshta.exe
- 2006-10-17 16:56 . 2007-08-13 23:32 45568 c:\windows\SYSTEM32\DLLCACHE\mshta.exe
+ 2004-02-26 17:25 . 2008-04-14 00:11 33792 c:\windows\SYSTEM32\DLLCACHE\msgsvc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 15360 c:\windows\SYSTEM32\DLLCACHE\msgrocm.dll
+ 2002-08-29 10:00 . 2008-04-13 18:56 35072 c:\windows\SYSTEM32\DLLCACHE\msgpc.sys
+ 2012-04-15 12:06 . 2001-08-17 18:02 35200 c:\windows\SYSTEM32\DLLCACHE\msgame.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 20992 c:\windows\SYSTEM32\DLLCACHE\msg.exe
+ 2002-08-29 10:00 . 2008-04-13 18:32 19072 c:\windows\SYSTEM32\DLLCACHE\msfs.sys
+ 2012-03-01 01:25 . 2012-03-01 01:25 52224 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
- 2007-05-09 10:44 . 2011-12-19 08:13 52224 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
+ 2003-09-03 00:03 . 2008-04-13 18:46 51200 c:\windows\SYSTEM32\DLLCACHE\msdv.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 90112 c:\windows\SYSTEM32\DLLCACHE\msdtcstp.dll
+ 2002-08-29 10:00 . 2008-06-12 14:23 58880 c:\windows\SYSTEM32\DLLCACHE\msdtclog.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 58880 c:\windows\SYSTEM32\DLLCACHE\msdtclog.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 14336 c:\windows\SYSTEM32\DLLCACHE\msdmo.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 36864 c:\windows\SYSTEM32\DLLCACHE\msdfmap.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 20480 c:\windows\SYSTEM32\DLLCACHE\msdatt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 94208 c:\windows\SYSTEM32\DLLCACHE\msdatl3.dll
+ 2002-08-29 10:00 . 2008-04-13 17:26 16384 c:\windows\SYSTEM32\DLLCACHE\msdasqlr.dll
+ 2002-08-29 10:00 . 2008-04-13 17:25 16384 c:\windows\SYSTEM32\DLLCACHE\msdaremr.dll
+ 2002-08-29 10:00 . 2008-04-13 17:25 16384 c:\windows\SYSTEM32\DLLCACHE\msdaprsr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 77824 c:\windows\SYSTEM32\DLLCACHE\msdaosp.dll
+ 2002-08-29 10:00 . 2008-04-13 17:24 16384 c:\windows\SYSTEM32\DLLCACHE\msdaorar.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 68608 c:\windows\SYSTEM32\DLLCACHE\msctfp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 36864 c:\windows\SYSTEM32\DLLCACHE\mscpxl32.dll
+ 2002-08-29 10:00 . 2008-04-13 17:26 12288 c:\windows\SYSTEM32\DLLCACHE\mscpx32r.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 69632 c:\windows\SYSTEM32\DLLCACHE\msconf.dll
- 2008-06-24 16:43 . 2008-06-24 16:43 74240 c:\windows\SYSTEM32\DLLCACHE\mscms.dll
+ 2002-08-29 10:00 . 2008-06-24 16:43 74240 c:\windows\SYSTEM32\DLLCACHE\mscms.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 65024 c:\windows\SYSTEM32\DLLCACHE\msaudite.dll
- 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\SYSTEM32\DLLCACHE\msasn1.dll
+ 2002-08-29 10:00 . 2009-09-04 21:03 58880 c:\windows\SYSTEM32\DLLCACHE\msasn1.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 86016 c:\windows\SYSTEM32\DLLCACHE\msapsspc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 57344 c:\windows\SYSTEM32\DLLCACHE\msadrh15.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 57344 c:\windows\SYSTEM32\DLLCACHE\msador15.dll
+ 2002-08-29 10:00 . 2008-04-13 17:26 24576 c:\windows\SYSTEM32\DLLCACHE\msader15.dll
+ 2002-08-29 10:00 . 2008-04-13 17:25 24576 c:\windows\SYSTEM32\DLLCACHE\msaddsr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 53248 c:\windows\SYSTEM32\DLLCACHE\msadcs.dll
+ 2002-08-29 10:00 . 2008-04-13 17:25 16384 c:\windows\SYSTEM32\DLLCACHE\msadcor.dll
+ 2002-08-29 10:00 . 2008-04-13 17:25 16384 c:\windows\SYSTEM32\DLLCACHE\msadcfr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 61440 c:\windows\SYSTEM32\DLLCACHE\msadcf.dll
+ 2002-08-29 10:00 . 2008-04-13 17:25 20480 c:\windows\SYSTEM32\DLLCACHE\msadcer.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 71680 c:\windows\SYSTEM32\DLLCACHE\msacm32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 61168 c:\windows\SYSTEM32\DLLCACHE\msacm.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12800 c:\windows\SYSTEM32\DLLCACHE\mrinfo.exe
+ 2001-08-17 18:52 . 2001-08-17 18:52 17280 c:\windows\SYSTEM32\DLLCACHE\mraid35x.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 47104 c:\windows\SYSTEM32\DLLCACHE\mprui.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 99840 c:\windows\SYSTEM32\DLLCACHE\mprmsg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 53248 c:\windows\SYSTEM32\DLLCACHE\mprdim.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 69120 c:\windows\SYSTEM32\DLLCACHE\mprddm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 87040 c:\windows\SYSTEM32\DLLCACHE\mprapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 59904 c:\windows\SYSTEM32\DLLCACHE\mpr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 22016 c:\windows\SYSTEM32\DLLCACHE\mpnotify.exe
+ 2003-09-03 00:03 . 2008-04-13 18:46 15232 c:\windows\SYSTEM32\DLLCACHE\mpe.sys
+ 2002-08-29 10:00 . 2008-04-13 18:39 42368 c:\windows\SYSTEM32\DLLCACHE\mountmgr.sys
+ 2012-04-15 12:06 . 2001-08-17 17:48 12160 c:\windows\SYSTEM32\DLLCACHE\mouhid.sys
+ 2002-08-29 06:27 . 2008-04-13 18:39 23040 c:\windows\SYSTEM32\DLLCACHE\mouclass.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 16384 c:\windows\SYSTEM32\DLLCACHE\mofcomp.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 10112 c:\windows\SYSTEM32\DLLCACHE\modex.dll
+ 2012-04-15 12:06 . 2001-08-17 17:57 16128 c:\windows\SYSTEM32\DLLCACHE\modemcsa.sys
+ 2002-08-29 10:00 . 2008-04-13 19:00 30080 c:\windows\SYSTEM32\DLLCACHE\modem.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 32768 c:\windows\SYSTEM32\DLLCACHE\mnmsrvc.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 34560 c:\windows\SYSTEM32\DLLCACHE\mnmdd.dll
+ 2002-08-29 10:00 . 2004-08-04 05:51 68768 c:\windows\SYSTEM32\DLLCACHE\mmsystem.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 17408 c:\windows\SYSTEM32\DLLCACHE\mmfutil.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12288 c:\windows\SYSTEM32\DLLCACHE\mmdrv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 61440 c:\windows\SYSTEM32\DLLCACHE\mmcshext.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 33792 c:\windows\SYSTEM32\DLLCACHE\mmcperf.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 29696 c:\windows\SYSTEM32\DLLCACHE\mimefilt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 60928 c:\windows\SYSTEM32\DLLCACHE\miglibnt.dll
+ 2012-04-15 12:06 . 2002-08-29 10:00 34304 c:\windows\SYSTEM32\DLLCACHE\migisol.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 18944 c:\windows\SYSTEM32\DLLCACHE\midimap.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 14848 c:\windows\SYSTEM32\DLLCACHE\mgmtapi.dll
+ 2012-04-15 12:06 . 2002-08-29 10:00 92416 c:\windows\SYSTEM32\DLLCACHE\mga.sys
+ 2012-04-15 12:06 . 2002-08-29 10:00 92032 c:\windows\SYSTEM32\DLLCACHE\mga.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 22528 c:\windows\SYSTEM32\DLLCACHE\mfcsubs.dll
+ 2004-04-19 03:14 . 2008-04-14 00:11 40960 c:\windows\SYSTEM32\DLLCACHE\mf3216.dll
+ 2002-08-29 10:00 . 2008-04-13 18:36 63744 c:\windows\SYSTEM32\DLLCACHE\mf.sys
+ 2012-04-15 12:06 . 2008-04-13 18:41 26112 c:\windows\SYSTEM32\DLLCACHE\memstpci.sys
+ 2012-04-15 12:06 . 2001-08-18 02:36 47616 c:\windows\SYSTEM32\DLLCACHE\memgrp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 39274 c:\windows\SYSTEM32\DLLCACHE\mem.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 50176 c:\windows\SYSTEM32\DLLCACHE\mdhcp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 28160 c:\windows\SYSTEM32\DLLCACHE\mciwave.drv

GreenWithEnvy
2012-04-18, 15:33
+ 2002-08-29 10:00 . 2008-04-14 00:11 23552 c:\windows\SYSTEM32\DLLCACHE\mciwave.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 25264 c:\windows\SYSTEM32\DLLCACHE\mciseq.drv
- 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\SYSTEM32\DLLCACHE\mciseq.dll
+ 2002-08-29 10:00 . 2011-10-14 14:47 23040 c:\windows\SYSTEM32\DLLCACHE\mciseq.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 35328 c:\windows\SYSTEM32\DLLCACHE\mciqtz32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 17408 c:\windows\SYSTEM32\DLLCACHE\mcicda.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 84480 c:\windows\SYSTEM32\DLLCACHE\mciavi32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 73376 c:\windows\SYSTEM32\DLLCACHE\mciavi.drv
+ 2002-08-29 10:00 . 2002-08-29 10:00 10496 c:\windows\SYSTEM32\DLLCACHE\mcdsrv32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 10240 c:\windows\SYSTEM32\DLLCACHE\mcd32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 14336 c:\windows\SYSTEM32\DLLCACHE\mcastmib.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 57344 c:\windows\SYSTEM32\DLLCACHE\makecab.exe
+ 2002-11-20 15:50 . 2008-04-14 00:12 72704 c:\windows\SYSTEM32\DLLCACHE\magnify.exe
+ 2012-04-15 12:06 . 2001-08-17 16:19 48768 c:\windows\SYSTEM32\DLLCACHE\maestro.sys
+ 2012-04-15 12:06 . 2001-08-18 02:36 58880 c:\windows\SYSTEM32\DLLCACHE\m3092dc.dll
+ 2012-04-15 12:06 . 2001-08-18 02:36 58368 c:\windows\SYSTEM32\DLLCACHE\m3091dc.dll
+ 2012-04-15 12:06 . 2001-08-17 16:49 22848 c:\windows\SYSTEM32\DLLCACHE\lwusbhid.sys
+ 2012-04-15 12:06 . 2002-08-29 03:16 20864 c:\windows\SYSTEM32\DLLCACHE\lwadihid.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 13312 c:\windows\SYSTEM32\DLLCACHE\lsass.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 18944 c:\windows\SYSTEM32\DLLCACHE\lprmon.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 10240 c:\windows\SYSTEM32\DLLCACHE\lprhelp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 22016 c:\windows\SYSTEM32\DLLCACHE\lpk.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 22528 c:\windows\SYSTEM32\DLLCACHE\lpdsvc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 15360 c:\windows\SYSTEM32\DLLCACHE\logoff.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 59392 c:\windows\SYSTEM32\DLLCACHE\logman.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 50176 c:\windows\SYSTEM32\DLLCACHE\loghours.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 19968 c:\windows\SYSTEM32\DLLCACHE\log.dll
+ 2002-12-03 22:50 . 2008-04-14 00:12 75264 c:\windows\SYSTEM32\DLLCACHE\locator.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 11776 c:\windows\SYSTEM32\DLLCACHE\localui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 97280 c:\windows\SYSTEM32\DLLCACHE\loadperf.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 25088 c:\windows\SYSTEM32\DLLCACHE\lnkstub.exe
+ 2012-04-15 12:06 . 2001-08-17 16:12 70730 c:\windows\SYSTEM32\DLLCACHE\lne100tx.sys
+ 2012-04-15 12:06 . 2001-08-17 16:12 20573 c:\windows\SYSTEM32\DLLCACHE\lne100.sys
+ 2012-04-15 12:06 . 2001-08-17 16:11 25065 c:\windows\SYSTEM32\DLLCACHE\lmndis3.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 33792 c:\windows\SYSTEM32\DLLCACHE\lmmib2.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 13824 c:\windows\SYSTEM32\DLLCACHE\lmhsvc.dll
+ 2012-04-15 12:06 . 2001-08-17 17:51 15744 c:\windows\SYSTEM32\DLLCACHE\lit220p.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 19968 c:\windows\SYSTEM32\DLLCACHE\linkinfo.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 29696 c:\windows\SYSTEM32\DLLCACHE\lights.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 58880 c:\windows\SYSTEM32\DLLCACHE\licwmi.dll
+ 2012-04-15 12:06 . 2008-04-13 18:40 34688 c:\windows\SYSTEM32\DLLCACHE\lbrtfdc.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 89600 c:\windows\SYSTEM32\DLLCACHE\langwrbk.dll
+ 2012-04-15 12:06 . 2001-08-17 16:12 26442 c:\windows\SYSTEM32\DLLCACHE\lanepic5.sys
+ 2008-07-21 00:29 . 2008-04-14 00:11 37376 c:\windows\SYSTEM32\DLLCACHE\l2store.dll
+ 2012-04-15 12:06 . 2001-08-17 16:12 19016 c:\windows\SYSTEM32\DLLCACHE\ktc111.sys
- 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DLLCACHE\ksecdd.sys
+ 2002-08-29 10:00 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DLLCACHE\ksecdd.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 24576 c:\windows\SYSTEM32\DLLCACHE\krnlprov.dll
+ 2004-05-17 22:48 . 2004-08-04 05:49 92224 c:\windows\SYSTEM32\DLLCACHE\krnl386.exe
+ 2012-04-15 12:06 . 2001-08-18 02:36 37376 c:\windows\SYSTEM32\DLLCACHE\kousd.dll
+ 2008-07-21 00:29 . 2008-04-14 00:11 61440 c:\windows\SYSTEM32\DLLCACHE\kmsvc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 42537 c:\windows\SYSTEM32\DLLCACHE\keyboard.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 42809 c:\windows\SYSTEM32\DLLCACHE\key01.sys
+ 2012-04-15 12:06 . 2008-04-14 00:11 48640 c:\windows\SYSTEM32\DLLCACHE\kdsui.dll
+ 2012-04-15 12:06 . 2008-04-13 18:39 14592 c:\windows\SYSTEM32\DLLCACHE\kbdhid.sys
+ 2002-08-29 06:27 . 2008-04-13 18:39 24576 c:\windows\SYSTEM32\DLLCACHE\kbdclass.sys
+ 2012-04-15 12:06 . 2002-08-29 10:00 18432 c:\windows\SYSTEM32\DLLCACHE\jupiw.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 27648 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
- 2006-05-10 05:22 . 2011-12-19 08:13 27648 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 47952 c:\windows\SYSTEM32\DLLCACHE\jobexec.dll
- 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\SYSTEM32\DLLCACHE\iyuv_32.dll
+ 2002-08-29 10:00 . 2009-11-27 16:07 48128 c:\windows\SYSTEM32\DLLCACHE\iyuv_32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 54272 c:\windows\SYSTEM32\DLLCACHE\ixsso.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 32768 c:\windows\SYSTEM32\DLLCACHE\isrdbg32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\isignup.exe
- 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\SYSTEM32\DLLCACHE\isign32.dll
+ 2002-08-29 10:00 . 2010-11-18 18:12 81920 c:\windows\SYSTEM32\DLLCACHE\isign32.dll
+ 2012-04-15 12:06 . 2001-08-17 17:49 26624 c:\windows\SYSTEM32\DLLCACHE\irstusb.sys
+ 2012-04-15 12:06 . 2001-08-17 17:51 18688 c:\windows\SYSTEM32\DLLCACHE\irsir.sys
+ 2012-04-15 12:06 . 2008-04-14 00:11 28160 c:\windows\SYSTEM32\DLLCACHE\irmon.dll
+ 2012-04-15 12:06 . 2001-08-17 17:49 23552 c:\windows\SYSTEM32\DLLCACHE\irmk7.sys
+ 2002-08-29 10:00 . 2008-04-13 18:54 11264 c:\windows\SYSTEM32\DLLCACHE\irenum.sys
+ 2012-04-15 12:06 . 2008-04-13 18:54 88192 c:\windows\SYSTEM32\DLLCACHE\irda.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 13312 c:\windows\SYSTEM32\DLLCACHE\irclass.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 22016 c:\windows\SYSTEM32\DLLCACHE\ipxwan.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 66560 c:\windows\SYSTEM32\DLLCACHE\ipxsap.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 39936 c:\windows\SYSTEM32\DLLCACHE\ipxrtmgr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 23552 c:\windows\SYSTEM32\DLLCACHE\ipxroute.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 21504 c:\windows\SYSTEM32\DLLCACHE\ipxrip.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 69120 c:\windows\SYSTEM32\DLLCACHE\ipxpromn.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 83968 c:\windows\SYSTEM32\DLLCACHE\ipxmontr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 59904 c:\windows\SYSTEM32\DLLCACHE\ipv6mon.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 53248 c:\windows\SYSTEM32\DLLCACHE\ipv6.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 44032 c:\windows\SYSTEM32\DLLCACHE\ipsec6.exe
+ 2002-08-29 10:00 . 2008-04-13 19:19 75264 c:\windows\SYSTEM32\DLLCACHE\ipsec.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 35328 c:\windows\SYSTEM32\DLLCACHE\iprip.dll
+ 2002-08-29 10:00 . 2008-04-13 18:57 20864 c:\windows\SYSTEM32\DLLCACHE\ipinip.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 94720 c:\windows\SYSTEM32\DLLCACHE\iphlpapi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 32896 c:\windows\SYSTEM32\DLLCACHE\ipfltdrv.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 55808 c:\windows\SYSTEM32\DLLCACHE\ipconfig.exe
+ 2004-08-04 06:00 . 2008-04-13 18:53 36608 c:\windows\SYSTEM32\DLLCACHE\ip6fw.sys
+ 2012-04-15 12:06 . 2001-08-17 16:12 45632 c:\windows\SYSTEM32\DLLCACHE\ip5515.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 30720 c:\windows\SYSTEM32\DLLCACHE\iologmsg.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 90200 c:\windows\SYSTEM32\DLLCACHE\io8ports.dll
+ 2012-04-15 12:05 . 2001-08-17 17:50 38784 c:\windows\SYSTEM32\DLLCACHE\io8.sys
+ 2004-08-04 05:59 . 2008-04-13 18:31 36352 c:\windows\SYSTEM32\DLLCACHE\intelppm.sys
+ 2012-04-15 12:05 . 2001-08-17 17:47 13056 c:\windows\SYSTEM32\DLLCACHE\inport.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 16000 c:\windows\SYSTEM32\DLLCACHE\ini910u.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 20480 c:\windows\SYSTEM32\DLLCACHE\inetwiz.exe
+ 2002-10-11 18:08 . 2008-04-13 16:22 48128 c:\windows\SYSTEM32\DLLCACHE\inetres.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 15872 c:\windows\SYSTEM32\DLLCACHE\inetppui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 75264 c:\windows\SYSTEM32\DLLCACHE\inetpp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 32768 c:\windows\SYSTEM32\DLLCACHE\inetmib1.dll
- 2006-10-17 16:57 . 2007-08-13 23:36 36352 c:\windows\SYSTEM32\DLLCACHE\imgutil.dll
+ 2002-08-29 10:00 . 2007-08-13 23:36 36352 c:\windows\SYSTEM32\DLLCACHE\imgutil.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 36921 c:\windows\SYSTEM32\DLLCACHE\imeshare.dll
+ 2002-08-29 10:00 . 2008-04-13 18:40 42112 c:\windows\SYSTEM32\DLLCACHE\imapi.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 81920 c:\windows\SYSTEM32\DLLCACHE\ils.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 70656 c:\windows\SYSTEM32\DLLCACHE\ifsutil.dll
- 2007-05-09 10:44 . 2011-12-16 12:22 13824 c:\windows\SYSTEM32\DLLCACHE\ieudinit.exe
+ 2012-02-29 12:16 . 2012-02-29 12:16 13824 c:\windows\SYSTEM32\DLLCACHE\ieudinit.exe
- 2006-11-07 08:26 . 2007-08-13 23:39 55296 c:\windows\SYSTEM32\DLLCACHE\iesetup.dll
+ 2002-08-29 10:00 . 2007-08-13 23:39 55296 c:\windows\SYSTEM32\DLLCACHE\iesetup.dll
- 2006-11-07 08:26 . 2011-12-19 08:13 44544 c:\windows\SYSTEM32\DLLCACHE\iernonce.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 44544 c:\windows\SYSTEM32\DLLCACHE\iernonce.dll
+ 2010-06-24 23:50 . 2012-03-01 01:25 78336 c:\windows\SYSTEM32\DLLCACHE\ieencode.dll
- 2010-06-24 23:50 . 2011-12-19 08:13 78336 c:\windows\SYSTEM32\DLLCACHE\ieencode.dll
+ 2004-08-04 07:56 . 2007-08-13 23:44 69120 c:\windows\SYSTEM32\DLLCACHE\iedw.exe
- 2006-05-09 11:00 . 2007-08-13 23:44 69120 c:\windows\SYSTEM32\DLLCACHE\iedw.exe
+ 2002-08-29 10:00 . 2012-02-29 12:16 70656 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
- 2006-11-07 08:26 . 2011-12-16 12:22 70656 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 49152 c:\windows\SYSTEM32\DLLCACHE\icwutil.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 73728 c:\windows\SYSTEM32\DLLCACHE\icwtutor.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 24576 c:\windows\SYSTEM32\DLLCACHE\icwrmind.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 61440 c:\windows\SYSTEM32\DLLCACHE\icwres.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 65536 c:\windows\SYSTEM32\DLLCACHE\icwphbk.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 32768 c:\windows\SYSTEM32\DLLCACHE\icwdl.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 73728 c:\windows\SYSTEM32\DLLCACHE\icwdial.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 86016 c:\windows\SYSTEM32\DLLCACHE\icwconn2.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 61440 c:\windows\SYSTEM32\DLLCACHE\icwconn.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 54784 c:\windows\SYSTEM32\DLLCACHE\icmui.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\icfgnt5.dll
- 2007-08-20 10:04 . 2011-12-19 08:13 63488 c:\windows\SYSTEM32\DLLCACHE\icardie.dll
+ 2012-03-01 01:25 . 2012-03-01 01:25 63488 c:\windows\SYSTEM32\DLLCACHE\icardie.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 20480 c:\windows\SYSTEM32\DLLCACHE\icam5ext.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 45056 c:\windows\SYSTEM32\DLLCACHE\icam5com.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 61952 c:\windows\SYSTEM32\DLLCACHE\icam4ext.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 91136 c:\windows\SYSTEM32\DLLCACHE\icam4com.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 26624 c:\windows\SYSTEM32\DLLCACHE\icam3ext.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 11264 c:\windows\SYSTEM32\DLLCACHE\icaapi.dll
+ 2012-04-15 12:05 . 2001-08-17 18:06 38528 c:\windows\SYSTEM32\DLLCACHE\ibmvcap.sys
+ 2012-04-15 12:05 . 2001-08-17 16:11 28700 c:\windows\SYSTEM32\DLLCACHE\ibmexmp.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 59392 c:\windows\SYSTEM32\DLLCACHE\iassvcs.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 86528 c:\windows\SYSTEM32\DLLCACHE\iassam.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 17920 c:\windows\SYSTEM32\DLLCACHE\iaspolcy.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 62464 c:\windows\SYSTEM32\DLLCACHE\iasnap.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 32256 c:\windows\SYSTEM32\DLLCACHE\iashlpr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 41472 c:\windows\SYSTEM32\DLLCACHE\iasads.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 23552 c:\windows\SYSTEM32\DLLCACHE\iasacct.dll
+ 2002-08-29 10:00 . 2008-04-13 19:18 52480 c:\windows\SYSTEM32\DLLCACHE\i8042prt.sys
+ 2012-04-15 12:05 . 2001-08-17 16:49 58592 c:\windows\SYSTEM32\DLLCACHE\i740nt5.sys
+ 2001-08-17 18:56 . 2008-04-13 18:41 18560 c:\windows\SYSTEM32\DLLCACHE\i2omp.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 41984 c:\windows\SYSTEM32\DLLCACHE\htui.dll
+ 2004-08-04 07:56 . 2009-10-21 05:38 25088 c:\windows\SYSTEM32\DLLCACHE\httpapi.dll
- 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\SYSTEM32\DLLCACHE\httpapi.dll
+ 2012-04-15 12:05 . 2002-08-29 10:00 13312 c:\windows\SYSTEM32\DLLCACHE\htrn_jis.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 32285 c:\windows\SYSTEM32\DLLCACHE\hsfcisp2.dll
+ 2012-04-15 12:05 . 2001-08-17 17:28 50751 c:\windows\SYSTEM32\DLLCACHE\hsf_tone.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 73279 c:\windows\SYSTEM32\DLLCACHE\hsf_spkp.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 44863 c:\windows\SYSTEM32\DLLCACHE\hsf_soar.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 57471 c:\windows\SYSTEM32\DLLCACHE\hsf_samp.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 67167 c:\windows\SYSTEM32\DLLCACHE\hsf_bsc2.sys
+ 2004-04-10 23:53 . 2008-04-14 00:12 18432 c:\windows\SYSTEM32\DLLCACHE\hscupd.exe
+ 2012-04-15 12:05 . 2002-08-29 10:00 42573 c:\windows\SYSTEM32\DLLCACHE\hrtzzm.exe
+ 2012-04-15 12:05 . 2002-08-29 10:00 57409 c:\windows\SYSTEM32\DLLCACHE\hrtz.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 19456 c:\windows\SYSTEM32\DLLCACHE\hr1w.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 13312 c:\windows\SYSTEM32\DLLCACHE\hpsjmcro.dll
+ 2001-08-17 19:07 . 2001-08-17 19:07 25952 c:\windows\SYSTEM32\DLLCACHE\hpn.sys
+ 2012-04-15 12:05 . 2001-08-18 02:36 68608 c:\windows\SYSTEM32\DLLCACHE\hpgt53tk.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 31232 c:\windows\SYSTEM32\DLLCACHE\hpgt42tk.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 93696 c:\windows\SYSTEM32\DLLCACHE\hpgt42.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 48128 c:\windows\SYSTEM32\DLLCACHE\hpgt33tk.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 89088 c:\windows\SYSTEM32\DLLCACHE\hpgt33.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 83968 c:\windows\SYSTEM32\DLLCACHE\hpgt21.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 39936 c:\windows\SYSTEM32\DLLCACHE\hostmib.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\hnetmon.dll
- 2006-10-17 16:44 . 2007-08-13 23:18 60416 c:\windows\SYSTEM32\DLLCACHE\hmmapi.dll
+ 2002-08-29 10:00 . 2007-08-13 23:18 60416 c:\windows\SYSTEM32\DLLCACHE\hmmapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 72704 c:\windows\SYSTEM32\DLLCACHE\hlink.dll
+ 2012-04-15 12:05 . 2008-04-13 18:45 10368 c:\windows\SYSTEM32\DLLCACHE\hidusb.sys
+ 2012-04-15 12:05 . 2008-04-14 00:11 21504 c:\windows\SYSTEM32\DLLCACHE\hidserv.dll
+ 2002-08-29 10:00 . 2008-04-13 18:45 24960 c:\windows\SYSTEM32\DLLCACHE\hidparse.sys
+ 2004-08-04 06:08 . 2008-04-13 18:45 19200 c:\windows\SYSTEM32\DLLCACHE\hidir.sys
+ 2002-08-29 10:00 . 2008-04-13 18:45 36864 c:\windows\SYSTEM32\DLLCACHE\hidclass.sys
+ 2004-08-04 06:10 . 2008-04-13 18:46 25600 c:\windows\SYSTEM32\DLLCACHE\hidbth.sys
+ 2012-04-15 12:05 . 2008-04-13 18:36 20352 c:\windows\SYSTEM32\DLLCACHE\hidbatt.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 20992 c:\windows\SYSTEM32\DLLCACHE\hid.dll
+ 2003-01-10 18:43 . 2008-04-14 00:11 41472 c:\windows\SYSTEM32\DLLCACHE\hhsetup.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 87552 c:\windows\SYSTEM32\DLLCACHE\hhctrlui.dll
+ 2002-12-17 22:43 . 2008-04-14 00:12 10752 c:\windows\SYSTEM32\DLLCACHE\hh.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 99840 c:\windows\SYSTEM32\DLLCACHE\helphost.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 15872 c:\windows\SYSTEM32\DLLCACHE\help.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 57344 c:\windows\SYSTEM32\DLLCACHE\h323cc.dll
+ 2012-04-15 12:05 . 2008-04-13 18:40 28288 c:\windows\SYSTEM32\DLLCACHE\grserial.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 39424 c:\windows\SYSTEM32\DLLCACHE\grpconv.exe
+ 2012-04-15 12:05 . 2001-08-17 17:51 82304 c:\windows\SYSTEM32\DLLCACHE\grclass.sys
+ 2012-04-15 12:05 . 2001-08-17 17:51 17408 c:\windows\SYSTEM32\DLLCACHE\gpr400.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 24576 c:\windows\SYSTEM32\DLLCACHE\gdi.exe
+ 2012-04-15 12:05 . 2008-04-13 18:45 59136 c:\windows\SYSTEM32\DLLCACHE\gckernel.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 76800 c:\windows\SYSTEM32\DLLCACHE\gcdef.dll
+ 2012-04-15 12:05 . 2008-04-13 18:45 10624 c:\windows\SYSTEM32\DLLCACHE\gameenum.sys
+ 2004-08-04 06:07 . 2008-04-13 18:36 46464 c:\windows\SYSTEM32\DLLCACHE\gagp30kx.sys
+ 2003-09-06 01:32 . 2002-08-29 10:00 11264 c:\windows\SYSTEM32\DLLCACHE\fxssend.exe
- 2003-09-03 00:03 . 2002-08-29 10:00 11264 c:\windows\SYSTEM32\DLLCACHE\fxssend.exe
+ 2003-09-06 01:32 . 2002-08-29 10:00 31744 c:\windows\SYSTEM32\DLLCACHE\fxsroute.dll
- 2003-09-03 00:03 . 2002-08-29 10:00 31744 c:\windows\SYSTEM32\DLLCACHE\fxsroute.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 23552 c:\windows\SYSTEM32\DLLCACHE\fxsmon.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 23552 c:\windows\SYSTEM32\DLLCACHE\fxsext32.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 55296 c:\windows\SYSTEM32\DLLCACHE\fxsevent.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 26624 c:\windows\SYSTEM32\DLLCACHE\fxsdrv.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 72192 c:\windows\SYSTEM32\DLLCACHE\fxscom.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 53248 c:\windows\SYSTEM32\DLLCACHE\fwdprov.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 60416 c:\windows\SYSTEM32\DLLCACHE\fwcfg.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 92160 c:\windows\SYSTEM32\DLLCACHE\fuusd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 42496 c:\windows\SYSTEM32\DLLCACHE\ftp.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 12160 c:\windows\SYSTEM32\DLLCACHE\fsvga.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 56320 c:\windows\SYSTEM32\DLLCACHE\fsutil.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 81408 c:\windows\SYSTEM32\DLLCACHE\fsusd.dll
+ 2003-09-06 01:33 . 2002-08-29 10:00 55296 c:\windows\SYSTEM32\DLLCACHE\freecell.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 20538 c:\windows\SYSTEM32\DLLCACHE\fpremadm.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 20541 c:\windows\SYSTEM32\DLLCACHE\fpexedll.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 94208 c:\windows\SYSTEM32\DLLCACHE\fpencode.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 20541 c:\windows\SYSTEM32\DLLCACHE\fpadmdll.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 24632 c:\windows\SYSTEM32\DLLCACHE\fpadmcgi.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 15120 c:\windows\SYSTEM32\DLLCACHE\fp98sadm.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 49212 c:\windows\SYSTEM32\DLLCACHE\fp4awebs.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 32826 c:\windows\SYSTEM32\DLLCACHE\fp4avss.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 41020 c:\windows\SYSTEM32\DLLCACHE\fp4avnb.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 49210 c:\windows\SYSTEM32\DLLCACHE\fp4areg.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 82035 c:\windows\SYSTEM32\DLLCACHE\fp4anscp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 32828 c:\windows\SYSTEM32\DLLCACHE\fp40ext.dll
+ 2012-04-15 12:05 . 2004-08-04 05:31 34173 c:\windows\SYSTEM32\DLLCACHE\forehe.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 20992 c:\windows\SYSTEM32\DLLCACHE\fontview.exe
- 2009-06-16 14:36 . 2009-10-15 16:28 81920 c:\windows\SYSTEM32\DLLCACHE\fontsub.dll
+ 2002-08-29 10:00 . 2009-10-15 16:28 81920 c:\windows\SYSTEM32\DLLCACHE\fontsub.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 71680 c:\windows\SYSTEM32\DLLCACHE\fnfilter.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\fmifs.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 23040 c:\windows\SYSTEM32\DLLCACHE\fltmc.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 16896 c:\windows\SYSTEM32\DLLCACHE\fltlib.dll
+ 2002-08-29 10:00 . 2008-04-13 18:40 20480 c:\windows\SYSTEM32\DLLCACHE\flpydisk.sys
+ 2004-07-22 02:21 . 2008-04-14 00:11 87552 c:\windows\SYSTEM32\DLLCACHE\fldrclnr.dll
+ 2012-04-15 12:05 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\flattemp.exe
+ 2002-08-29 10:00 . 2008-04-13 18:33 44544 c:\windows\SYSTEM32\DLLCACHE\fips.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 27136 c:\windows\SYSTEM32\DLLCACHE\findstr.exe
+ 2012-04-15 12:05 . 2001-08-17 16:13 27165 c:\windows\SYSTEM32\DLLCACHE\fetnd5.sys
+ 2012-04-15 12:05 . 2001-08-17 16:10 22090 c:\windows\SYSTEM32\DLLCACHE\fem556n5.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 21504 c:\windows\SYSTEM32\DLLCACHE\feclient.dll
+ 2002-08-29 10:00 . 2008-04-13 18:40 27392 c:\windows\SYSTEM32\DLLCACHE\fdc.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 14848 c:\windows\SYSTEM32\DLLCACHE\fc.exe
+ 2008-07-21 00:28 . 2008-04-14 00:11 80384 c:\windows\SYSTEM32\DLLCACHE\faultrep.dll
+ 2012-04-15 12:05 . 2001-08-17 16:12 24618 c:\windows\SYSTEM32\DLLCACHE\fa410nd5.sys
+ 2012-04-15 12:05 . 2001-08-17 16:12 16074 c:\windows\SYSTEM32\DLLCACHE\fa312nd5.sys
+ 2012-04-15 12:05 . 2001-08-17 16:11 11850 c:\windows\SYSTEM32\DLLCACHE\f3ab18xj.sys
+ 2012-04-15 12:05 . 2001-08-17 16:11 12362 c:\windows\SYSTEM32\DLLCACHE\f3ab18xi.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 24064 c:\windows\SYSTEM32\DLLCACHE\extrac32.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 15872 c:\windows\SYSTEM32\DLLCACHE\expand.exe
+ 2012-04-15 12:05 . 2001-08-18 02:36 43520 c:\windows\SYSTEM32\DLLCACHE\EXCH_fcachdll.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 45056 c:\windows\SYSTEM32\DLLCACHE\EXCH_aqadmin.dll
+ 2012-04-15 12:05 . 2001-08-17 16:12 16998 c:\windows\SYSTEM32\DLLCACHE\ex10.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 92160 c:\windows\SYSTEM32\DLLCACHE\evntwin.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 21504 c:\windows\SYSTEM32\DLLCACHE\evntrprv.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 24064 c:\windows\SYSTEM32\DLLCACHE\evntcmd.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 56320 c:\windows\SYSTEM32\DLLCACHE\eventlog.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 33280 c:\windows\SYSTEM32\DLLCACHE\eventcls.dll
+ 2012-04-15 12:05 . 2002-08-29 10:00 25856 c:\windows\SYSTEM32\DLLCACHE\et4000.sys
+ 2012-04-15 12:05 . 2002-08-29 10:00 45056 c:\windows\SYSTEM32\DLLCACHE\esunid.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 45568 c:\windows\SYSTEM32\DLLCACHE\esunib.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 45568 c:\windows\SYSTEM32\DLLCACHE\esuni.dll
+ 2012-04-15 12:05 . 2002-08-29 10:00 57856 c:\windows\SYSTEM32\DLLCACHE\esuimgd.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 34816 c:\windows\SYSTEM32\DLLCACHE\esuimg.dll
+ 2012-04-15 12:05 . 2002-08-29 10:00 31744 c:\windows\SYSTEM32\DLLCACHE\esucmd.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 43008 c:\windows\SYSTEM32\DLLCACHE\esucm.dll
+ 2012-04-15 12:05 . 2001-08-17 16:19 63360 c:\windows\SYSTEM32\DLLCACHE\ess.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 39424 c:\windows\SYSTEM32\DLLCACHE\esentutl.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 17408 c:\windows\SYSTEM32\DLLCACHE\esentprf.dll
+ 2012-04-15 12:04 . 2001-08-17 16:19 72192 c:\windows\SYSTEM32\DLLCACHE\es1969.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 40704 c:\windows\SYSTEM32\DLLCACHE\es1371mp.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 37120 c:\windows\SYSTEM32\DLLCACHE\es1370mp.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 23040 c:\windows\SYSTEM32\DLLCACHE\ersvc.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 61952 c:\windows\SYSTEM32\DLLCACHE\eqnloop.exe
+ 2012-04-15 12:04 . 2001-08-18 02:36 51200 c:\windows\SYSTEM32\DLLCACHE\eqnlogr.exe
+ 2012-04-15 12:04 . 2001-08-18 02:36 53248 c:\windows\SYSTEM32\DLLCACHE\eqndiag.exe
+ 2012-04-15 12:04 . 2001-08-17 16:12 18503 c:\windows\SYSTEM32\DLLCACHE\epro4.sys
+ 2002-12-12 05:14 . 2008-04-14 00:11 20480 c:\windows\SYSTEM32\DLLCACHE\encapi.dll
+ 2012-04-15 12:04 . 2001-08-17 16:10 19996 c:\windows\SYSTEM32\DLLCACHE\em556n4.sys
+ 2012-04-15 12:04 . 2001-08-17 16:10 25159 c:\windows\SYSTEM32\DLLCACHE\elnk3.sys
+ 2012-04-15 12:04 . 2001-08-17 16:11 70174 c:\windows\SYSTEM32\DLLCACHE\el98xn5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:11 66591 c:\windows\SYSTEM32\DLLCACHE\el90xbc5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:11 77386 c:\windows\SYSTEM32\DLLCACHE\el656nd5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:11 69194 c:\windows\SYSTEM32\DLLCACHE\el656cd5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:10 26141 c:\windows\SYSTEM32\DLLCACHE\el589nd5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:10 69692 c:\windows\SYSTEM32\DLLCACHE\el575nd5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:10 24653 c:\windows\SYSTEM32\DLLCACHE\el574nd4.sys
+ 2012-04-15 12:04 . 2001-08-17 16:10 55999 c:\windows\SYSTEM32\DLLCACHE\el556nd5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:10 44103 c:\windows\SYSTEM32\DLLCACHE\el515.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 12642 c:\windows\SYSTEM32\DLLCACHE\edlin.exe
+ 2008-07-21 00:28 . 2008-04-14 00:11 33792 c:\windows\SYSTEM32\DLLCACHE\eapsvc.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 59392 c:\windows\SYSTEM32\DLLCACHE\eapqec.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 40960 c:\windows\SYSTEM32\DLLCACHE\eappprxy.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 94208 c:\windows\SYSTEM32\DLLCACHE\eappgnui.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 30720 c:\windows\SYSTEM32\DLLCACHE\eapolqec.dll
+ 2012-04-15 12:04 . 2001-08-17 16:12 19594 c:\windows\SYSTEM32\DLLCACHE\e100isa4.sys
+ 2012-04-15 12:04 . 2001-08-17 16:12 50719 c:\windows\SYSTEM32\DLLCACHE\e1000nt5.sys
+ 2002-08-29 10:00 . 2008-04-13 18:38 71168 c:\windows\SYSTEM32\DLLCACHE\dxg.sys
- 2001-08-23 10:00 . 2001-08-23 10:00 10496 c:\windows\SYSTEM32\DLLCACHE\dxapi.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 10496 c:\windows\SYSTEM32\DLLCACHE\dxapi.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 55632 c:\windows\SYSTEM32\DLLCACHE\dwil1033.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 17920 c:\windows\SYSTEM32\DLLCACHE\dvdupgrd.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 55296 c:\windows\SYSTEM32\DLLCACHE\dvdplay.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 10752 c:\windows\SYSTEM32\DLLCACHE\dumprep.exe
+ 2002-12-12 05:14 . 2008-04-14 00:11 19456 c:\windows\SYSTEM32\DLLCACHE\dswave.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 51200 c:\windows\SYSTEM32\DLLCACHE\dssec.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 92672 c:\windows\SYSTEM32\DLLCACHE\dskquota.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 71680 c:\windows\SYSTEM32\DLLCACHE\dsdmoprp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 62976 c:\windows\SYSTEM32\DLLCACHE\dsauth.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 16384 c:\windows\SYSTEM32\DLLCACHE\ds32gt.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 45568 c:\windows\SYSTEM32\DLLCACHE\drwtsn32.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 28112 c:\windows\SYSTEM32\DLLCACHE\drwatson.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 14336 c:\windows\SYSTEM32\DLLCACHE\drprov.dll
+ 2004-04-13 03:11 . 2008-04-14 00:11 57344 c:\windows\SYSTEM32\DLLCACHE\dpwsockx.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 42768 c:\windows\SYSTEM32\DLLCACHE\dpwsock.dll
+ 2002-12-12 05:14 . 2008-04-14 00:12 83456 c:\windows\SYSTEM32\DLLCACHE\dpvsetup.exe
+ 2002-12-12 05:14 . 2008-04-14 00:11 21504 c:\windows\SYSTEM32\DLLCACHE\dpvacm.dll
+ 2001-08-17 19:07 . 2001-08-17 19:07 20192 c:\windows\SYSTEM32\DLLCACHE\dpti2o.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 53520 c:\windows\SYSTEM32\DLLCACHE\dpserial.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 61952 c:\windows\SYSTEM32\DLLCACHE\dpnwsock.dll
+ 2002-12-12 05:14 . 2008-04-14 00:12 17920 c:\windows\SYSTEM32\DLLCACHE\dpnsvr.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 62464 c:\windows\SYSTEM32\DLLCACHE\dpnmodem.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 60928 c:\windows\SYSTEM32\DLLCACHE\dpnhupnp.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 35328 c:\windows\SYSTEM32\DLLCACHE\dpnhpast.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 23552 c:\windows\SYSTEM32\DLLCACHE\dpmodemx.dll
+ 2002-12-12 05:14 . 2008-04-14 00:12 29696 c:\windows\SYSTEM32\DLLCACHE\dplaysvr.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 33040 c:\windows\SYSTEM32\DLLCACHE\dplay.dll
+ 2012-04-15 12:04 . 2001-08-17 16:12 28062 c:\windows\SYSTEM32\DLLCACHE\dp83820.sys
+ 2012-04-15 12:04 . 2001-08-17 17:47 23808 c:\windows\SYSTEM32\DLLCACHE\dot4usb.sys
+ 2012-04-15 12:04 . 2001-08-17 17:47 12928 c:\windows\SYSTEM32\DLLCACHE\dot4prt.sys
+ 2008-07-21 00:28 . 2008-04-14 00:11 56320 c:\windows\SYSTEM32\DLLCACHE\dot3msm.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 39936 c:\windows\SYSTEM32\DLLCACHE\dot3clnt.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 57856 c:\windows\SYSTEM32\DLLCACHE\dot3cfg.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 26112 c:\windows\SYSTEM32\DLLCACHE\dot3api.dll
+ 2002-08-29 10:00 . 2004-08-04 05:51 53840 c:\windows\SYSTEM32\DLLCACHE\dosx.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 10752 c:\windows\SYSTEM32\DLLCACHE\doskey.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 48128 c:\windows\SYSTEM32\DLLCACHE\docprop2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 46080 c:\windows\SYSTEM32\DLLCACHE\docprop.dll
+ 2002-08-29 10:00 . 2009-04-20 17:17 45568 c:\windows\SYSTEM32\DLLCACHE\dnsrslvr.dll
- 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\SYSTEM32\DLLCACHE\dnsrslvr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 52224 c:\windows\SYSTEM32\DLLCACHE\dmutil.dll
+ 2003-09-03 00:01 . 2008-04-13 18:45 52864 c:\windows\SYSTEM32\DLLCACHE\dmusic.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 23552 c:\windows\SYSTEM32\DLLCACHE\dmserver.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 82432 c:\windows\SYSTEM32\DLLCACHE\dmscript.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 15872 c:\windows\SYSTEM32\DLLCACHE\dmremote.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 19456 c:\windows\SYSTEM32\DLLCACHE\dmocx.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 35840 c:\windows\SYSTEM32\DLLCACHE\dmloader.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 18432 c:\windows\SYSTEM32\DLLCACHE\dmintf.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 61440 c:\windows\SYSTEM32\DLLCACHE\dmcompos.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 28672 c:\windows\SYSTEM32\DLLCACHE\dmband.dll
+ 2012-04-15 12:04 . 2001-08-17 16:11 29696 c:\windows\SYSTEM32\DLLCACHE\dm9pci5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:11 26698 c:\windows\SYSTEM32\DLLCACHE\dlh5xnd5.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 29768 c:\windows\SYSTEM32\DLLCACHE\divasu.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 37962 c:\windows\SYSTEM32\DLLCACHE\divaprop.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 38985 c:\windows\SYSTEM32\DLLCACHE\disrvsu.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 31305 c:\windows\SYSTEM32\DLLCACHE\disrvpp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 32768 c:\windows\SYSTEM32\DLLCACHE\dispex.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 17920 c:\windows\SYSTEM32\DLLCACHE\diskperf.exe
+ 2002-08-29 10:00 . 2008-04-13 18:40 14208 c:\windows\SYSTEM32\DLLCACHE\diskdump.sys
+ 2010-07-17 14:02 . 2010-07-17 14:02 36352 c:\windows\SYSTEM32\DLLCACHE\disk.sys
+ 2003-03-03 20:57 . 2008-04-14 00:11 86528 c:\windows\SYSTEM32\DLLCACHE\directdb.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 39936 c:\windows\SYSTEM32\DLLCACHE\dimsroam.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 19456 c:\windows\SYSTEM32\DLLCACHE\dimsntfy.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 44032 c:\windows\SYSTEM32\DLLCACHE\dimap.dll
- 2001-08-23 10:00 . 2001-08-23 10:00 44032 c:\windows\SYSTEM32\DLLCACHE\dimap.dll
+ 2012-04-15 12:04 . 2001-08-17 16:13 91305 c:\windows\SYSTEM32\DLLCACHE\dimaint.sys
+ 2012-04-15 12:04 . 2001-08-17 16:17 42432 c:\windows\SYSTEM32\DLLCACHE\digirlpt.sys
+ 2012-04-15 12:04 . 2001-08-17 16:14 21606 c:\windows\SYSTEM32\DLLCACHE\digiisdn.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 41046 c:\windows\SYSTEM32\DLLCACHE\digiisdn.dll
+ 2012-04-15 12:04 . 2001-08-17 16:17 90525 c:\windows\SYSTEM32\DLLCACHE\digifep5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:13 37735 c:\windows\SYSTEM32\DLLCACHE\digiasyn.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 65622 c:\windows\SYSTEM32\DLLCACHE\digiasyn.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 68608 c:\windows\SYSTEM32\DLLCACHE\digest.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 87040 c:\windows\SYSTEM32\DLLCACHE\diantz.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 74240 c:\windows\SYSTEM32\DLLCACHE\dhcpsapi.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 48640 c:\windows\SYSTEM32\DLLCACHE\dhcpqec.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 85020 c:\windows\SYSTEM32\DLLCACHE\dgsetup.dll
+ 2012-04-15 12:04 . 2001-08-17 16:17 29531 c:\windows\SYSTEM32\DLLCACHE\dgapci.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 28672 c:\windows\SYSTEM32\DLLCACHE\dfsshlex.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 39424 c:\windows\SYSTEM32\DLLCACHE\dfrgsnap.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 51200 c:\windows\SYSTEM32\DLLCACHE\dfrgres.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 82944 c:\windows\SYSTEM32\DLLCACHE\dfrgfat.exe
+ 2012-04-15 12:04 . 2001-08-17 16:11 24649 c:\windows\SYSTEM32\DLLCACHE\dfe650d.sys
+ 2012-04-15 12:04 . 2001-08-17 16:11 24648 c:\windows\SYSTEM32\DLLCACHE\dfe650.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 24064 c:\windows\SYSTEM32\DLLCACHE\devldr32.exe
+ 2002-12-12 05:14 . 2008-04-14 00:11 59904 c:\windows\SYSTEM32\DLLCACHE\devenum.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 18432 c:\windows\SYSTEM32\DLLCACHE\deskperf.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16896 c:\windows\SYSTEM32\DLLCACHE\deskmon.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\deskadp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 25088 c:\windows\SYSTEM32\DLLCACHE\defrag.exe
+ 2012-04-15 12:04 . 2001-08-17 16:11 20928 c:\windows\SYSTEM32\DLLCACHE\defpa.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 20634 c:\windows\SYSTEM32\DLLCACHE\debug.exe
+ 2002-12-12 05:14 . 2008-04-14 00:11 27136 c:\windows\SYSTEM32\DLLCACHE\ddrawex.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 30208 c:\windows\SYSTEM32\DLLCACHE\ddeshare.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 39424 c:\windows\SYSTEM32\DLLCACHE\ddeml.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 40960 c:\windows\SYSTEM32\DLLCACHE\dcap32.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 86016 c:\windows\SYSTEM32\DLLCACHE\dc240usd.dll
+ 2012-04-15 12:04 . 2001-08-17 16:12 63208 c:\windows\SYSTEM32\DLLCACHE\dc21x4.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 80896 c:\windows\SYSTEM32\DLLCACHE\dc210usd.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 25600 c:\windows\SYSTEM32\DLLCACHE\dc210_32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 25088 c:\windows\SYSTEM32\DLLCACHE\davclnt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 54272 c:\windows\SYSTEM32\DLLCACHE\dataclen.dll
+ 2001-08-17 18:52 . 2001-08-17 18:52 14720 c:\windows\SYSTEM32\DLLCACHE\dac960nt.sys
- 2001-08-23 10:00 . 2001-08-23 10:00 47616 c:\windows\SYSTEM32\DLLCACHE\d3dxof.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 47616 c:\windows\SYSTEM32\DLLCACHE\d3dxof.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 34816 c:\windows\SYSTEM32\DLLCACHE\d3dpmesh.dll
- 2001-08-23 10:00 . 2001-08-23 10:00 34816 c:\windows\SYSTEM32\DLLCACHE\d3dpmesh.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 27648 c:\windows\SYSTEM32\DLLCACHE\cyzports.dll
+ 2012-04-15 12:04 . 2001-08-17 17:50 49792 c:\windows\SYSTEM32\DLLCACHE\cyzport.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 27136 c:\windows\SYSTEM32\DLLCACHE\cyzcoins.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 27648 c:\windows\SYSTEM32\DLLCACHE\cyyports.dll
+ 2012-04-15 12:04 . 2001-08-17 17:50 50176 c:\windows\SYSTEM32\DLLCACHE\cyyport.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 28672 c:\windows\SYSTEM32\DLLCACHE\cyycoins.dll
+ 2012-04-15 12:04 . 2001-08-17 17:50 14848 c:\windows\SYSTEM32\DLLCACHE\cyclom-y.sys
+ 2012-04-15 12:04 . 2001-08-17 17:50 17152 c:\windows\SYSTEM32\DLLCACHE\cyclad-z.sys
+ 2012-04-15 12:04 . 2004-08-04 05:32 48640 c:\windows\SYSTEM32\DLLCACHE\cwrwdm.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 93952 c:\windows\SYSTEM32\DLLCACHE\cwcwdm.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 72832 c:\windows\SYSTEM32\DLLCACHE\cwbwdm.sys
+ 2004-08-04 07:56 . 2004-08-04 07:56 28672 c:\windows\SYSTEM32\DLLCACHE\custsat.dll
+ 2012-04-15 12:04 . 2001-08-17 16:19 96256 c:\windows\SYSTEM32\DLLCACHE\ctlsb16.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 27200 c:\windows\SYSTEM32\DLLCACHE\ctl3dv2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 27136 c:\windows\SYSTEM32\DLLCACHE\ctl3d32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 15360 c:\windows\SYSTEM32\DLLCACHE\ctfmon.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 73728 c:\windows\SYSTEM32\DLLCACHE\csseqchk.dll
+ 2002-08-29 10:00 . 2011-10-28 05:31 33280 c:\windows\SYSTEM32\DLLCACHE\csrsrv.dll
- 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\SYSTEM32\DLLCACHE\csrsrv.dll
+ 2003-03-25 20:40 . 2008-04-14 00:11 62464 c:\windows\SYSTEM32\DLLCACHE\cryptsvc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 64512 c:\windows\SYSTEM32\DLLCACHE\cryptnet.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 53760 c:\windows\SYSTEM32\DLLCACHE\cryptext.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 33280 c:\windows\SYSTEM32\DLLCACHE\cryptdll.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 74752 c:\windows\SYSTEM32\DLLCACHE\cryptdlg.dll
+ 2002-08-29 10:00 . 2008-04-13 18:31 36736 c:\windows\SYSTEM32\DLLCACHE\crusoe.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 42112 c:\windows\SYSTEM32\DLLCACHE\crtaud.sys
+ 2008-07-21 00:28 . 2008-04-14 00:11 12800 c:\windows\SYSTEM32\DLLCACHE\credssp.dll
+ 2012-04-15 12:04 . 2002-08-29 10:00 18944 c:\windows\SYSTEM32\DLLCACHE\cprofile.exe
+ 2012-04-15 12:04 . 2001-08-17 16:11 60970 c:\windows\SYSTEM32\DLLCACHE\cpqtrnd5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:13 21533 c:\windows\SYSTEM32\DLLCACHE\cpqndis5.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 11776 c:\windows\SYSTEM32\DLLCACHE\cpqdap01.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 14976 c:\windows\SYSTEM32\DLLCACHE\cpqarray.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 27097 c:\windows\SYSTEM32\DLLCACHE\country.sys
+ 2002-08-29 10:00 . 2012-03-01 01:25 17408 c:\windows\SYSTEM32\DLLCACHE\corpol.dll
- 2009-06-29 16:12 . 2011-12-19 08:13 17408 c:\windows\SYSTEM32\DLLCACHE\corpol.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 13824 c:\windows\SYSTEM32\DLLCACHE\convert.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 66560 c:\windows\SYSTEM32\DLLCACHE\console.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 27648 c:\windows\SYSTEM32\DLLCACHE\conime.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 45056 c:\windows\SYSTEM32\DLLCACHE\confmrsl.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 97792 c:\windows\SYSTEM32\DLLCACHE\comrepl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 30160 c:\windows\SYSTEM32\DLLCACHE\compobj.dll
+ 2012-04-15 12:04 . 2008-04-13 18:36 10240 c:\windows\SYSTEM32\DLLCACHE\compbatt.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 17408 c:\windows\SYSTEM32\DLLCACHE\compact.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 15872 c:\windows\SYSTEM32\DLLCACHE\comp.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 32816 c:\windows\SYSTEM32\DLLCACHE\commdlg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 28160 c:\windows\SYSTEM32\DLLCACHE\comaddin.dll
+ 2004-04-19 03:14 . 2008-04-14 00:11 60416 c:\windows\SYSTEM32\DLLCACHE\colbact.dll
+ 2008-07-21 00:28 . 2008-04-13 16:44 17920 c:\windows\SYSTEM32\DLLCACHE\cobramsg.dll
+ 2012-04-15 12:04 . 2001-08-17 16:11 39936 c:\windows\SYSTEM32\DLLCACHE\cnxt1803.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 26624 c:\windows\SYSTEM32\DLLCACHE\cnvfat.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 44032 c:\windows\SYSTEM32\DLLCACHE\cnusd.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 32768 c:\windows\SYSTEM32\DLLCACHE\cnetcfg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 47104 c:\windows\SYSTEM32\DLLCACHE\cnbjmon.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 39424 c:\windows\SYSTEM32\DLLCACHE\cmutil.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 63488 c:\windows\SYSTEM32\DLLCACHE\cmstp.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 13312 c:\windows\SYSTEM32\DLLCACHE\cmsetacl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 14336 c:\windows\SYSTEM32\DLLCACHE\cmpbk32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 39936 c:\windows\SYSTEM32\DLLCACHE\cmmon32.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 25600 c:\windows\SYSTEM32\DLLCACHE\cmdl32.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 15872 c:\windows\SYSTEM32\DLLCACHE\cmcfg32.dll
+ 2012-04-15 12:04 . 2001-08-17 17:51 20736 c:\windows\SYSTEM32\DLLCACHE\cmbp0wdm.sys
+ 2012-04-15 12:04 . 2008-04-13 18:36 13952 c:\windows\SYSTEM32\DLLCACHE\cmbatt.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 58368 c:\windows\SYSTEM32\DLLCACHE\clusapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 33280 c:\windows\SYSTEM32\DLLCACHE\clipsrv.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 64000 c:\windows\SYSTEM32\DLLCACHE\cleanmgr.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 10752 c:\windows\SYSTEM32\DLLCACHE\clb.dll
+ 2002-08-29 10:00 . 2008-04-13 19:16 49536 c:\windows\SYSTEM32\DLLCACHE\classpnp.sys
+ 2012-04-15 12:04 . 2001-08-17 17:57 45696 c:\windows\SYSTEM32\DLLCACHE\cirrus.sys
+ 2012-04-15 12:04 . 2001-08-17 18:56 91264 c:\windows\SYSTEM32\DLLCACHE\cirrus.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 69120 c:\windows\SYSTEM32\DLLCACHE\ciodm.dll
+ 2012-04-15 12:04 . 2002-08-29 10:00 42575 c:\windows\SYSTEM32\DLLCACHE\chkrzm.exe
+ 2012-04-15 12:04 . 2002-08-29 10:00 40515 c:\windows\SYSTEM32\DLLCACHE\chkr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 11264 c:\windows\SYSTEM32\DLLCACHE\chkntfs.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 11776 c:\windows\SYSTEM32\DLLCACHE\chkdsk.exe
+ 2012-04-15 12:04 . 2002-08-29 10:00 14336 c:\windows\SYSTEM32\DLLCACHE\chgusr.exe
+ 2012-04-15 12:04 . 2002-08-29 10:00 15872 c:\windows\SYSTEM32\DLLCACHE\chgport.exe
+ 2012-04-15 12:04 . 2002-08-29 10:00 13312 c:\windows\SYSTEM32\DLLCACHE\chglogon.exe
+ 2003-09-06 01:30 . 2002-08-29 10:00 80384 c:\windows\SYSTEM32\DLLCACHE\charmap.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 15423 c:\windows\SYSTEM32\DLLCACHE\ch7xxnt5.dll
+ 2002-08-29 10:00 . 2008-04-14 00:09 16896 c:\windows\SYSTEM32\DLLCACHE\cfgmgr32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 38912 c:\windows\SYSTEM32\DLLCACHE\cfgbkend.dll
+ 2012-04-15 12:04 . 2001-08-17 16:13 49182 c:\windows\SYSTEM32\DLLCACHE\cem56n5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:13 22044 c:\windows\SYSTEM32\DLLCACHE\cem33n5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:13 22044 c:\windows\SYSTEM32\DLLCACHE\cem28n5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:13 27164 c:\windows\SYSTEM32\DLLCACHE\ce3n5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:13 21530 c:\windows\SYSTEM32\DLLCACHE\ce2n5.sys
+ 2002-08-29 10:00 . 2008-04-13 18:40 62976 c:\windows\SYSTEM32\DLLCACHE\cdrom.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 15872 c:\windows\SYSTEM32\DLLCACHE\cdmodem.dll
+ 2002-08-29 10:00 . 2008-04-13 19:14 63744 c:\windows\SYSTEM32\DLLCACHE\cdfs.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 18688 c:\windows\SYSTEM32\DLLCACHE\cdaudio.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 27648 c:\windows\SYSTEM32\DLLCACHE\ccfgnt.dll
+ 2003-09-03 00:03 . 2008-04-13 18:46 17024 c:\windows\SYSTEM32\DLLCACHE\ccdecode.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 13952 c:\windows\SYSTEM32\DLLCACHE\cbidf2k.sys
+ 2012-04-15 12:04 . 2001-08-17 16:13 46108 c:\windows\SYSTEM32\DLLCACHE\cben5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:12 39680 c:\windows\SYSTEM32\DLLCACHE\cb325.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 12288 c:\windows\SYSTEM32\DLLCACHE\cb32.exe
+ 2012-04-15 12:03 . 2001-08-17 16:12 37916 c:\windows\SYSTEM32\DLLCACHE\cb102.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 85504 c:\windows\SYSTEM32\DLLCACHE\catsrvps.dll
+ 2012-04-15 12:03 . 2002-08-29 10:00 54528 c:\windows\SYSTEM32\DLLCACHE\cap7146.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 50688 c:\windows\SYSTEM32\DLLCACHE\camocx.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 74240 c:\windows\SYSTEM32\DLLCACHE\camexo20.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 19968 c:\windows\SYSTEM32\DLLCACHE\cacls.exe
+ 2002-08-29 10:00 . 2010-01-13 14:01 86016 c:\windows\SYSTEM32\DLLCACHE\cabview.dll
- 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\SYSTEM32\DLLCACHE\cabview.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 60416 c:\windows\SYSTEM32\DLLCACHE\cabinet.dll
+ 2012-04-15 12:03 . 2002-08-29 10:00 10752 c:\windows\SYSTEM32\DLLCACHE\c_iscii.dll
+ 2012-04-15 12:03 . 2001-08-17 17:51 13824 c:\windows\SYSTEM32\DLLCACHE\bulltlp3.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 50688 c:\windows\SYSTEM32\DLLCACHE\btpanui.dll
+ 2004-08-04 06:10 . 2008-04-13 18:46 18944 c:\windows\SYSTEM32\DLLCACHE\bthusb.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 30208 c:\windows\SYSTEM32\DLLCACHE\bthserv.dll
+ 2004-08-04 06:10 . 2008-04-13 18:46 36480 c:\windows\SYSTEM32\DLLCACHE\bthprint.sys
+ 2004-08-04 06:10 . 2008-04-13 18:46 37888 c:\windows\SYSTEM32\DLLCACHE\bthmodem.sys
+ 2004-08-04 06:10 . 2008-04-13 18:46 17024 c:\windows\SYSTEM32\DLLCACHE\bthenum.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 20992 c:\windows\SYSTEM32\DLLCACHE\bthci.dll
+ 2012-04-15 12:03 . 2001-08-17 16:11 31529 c:\windows\SYSTEM32\DLLCACHE\brzwlan.sys
+ 2012-04-15 12:03 . 2001-08-17 17:12 10368 c:\windows\SYSTEM32\DLLCACHE\brusbscn.sys
+ 2012-04-15 12:03 . 2001-08-17 17:12 11008 c:\windows\SYSTEM32\DLLCACHE\brusbmdm.sys
+ 2012-04-15 12:03 . 2001-08-17 17:12 60416 c:\windows\SYSTEM32\DLLCACHE\brserwdm.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 21504 c:\windows\SYSTEM32\DLLCACHE\brpinfo.dll
+ 2012-04-15 12:03 . 2001-08-17 17:12 39552 c:\windows\SYSTEM32\DLLCACHE\brparwdm.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 78336 c:\windows\SYSTEM32\DLLCACHE\browsewm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 77824 c:\windows\SYSTEM32\DLLCACHE\browser.dll
+ 2002-08-29 10:00 . 2008-04-13 17:03 63488 c:\windows\SYSTEM32\DLLCACHE\browselc.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 41472 c:\windows\SYSTEM32\DLLCACHE\brmfusb.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 32256 c:\windows\SYSTEM32\DLLCACHE\brmfrsmg.exe
+ 2012-04-15 12:03 . 2001-08-18 02:36 29696 c:\windows\SYSTEM32\DLLCACHE\brmflpt.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 81408 c:\windows\SYSTEM32\DLLCACHE\brmfcwia.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 15360 c:\windows\SYSTEM32\DLLCACHE\brmfbidi.dll
+ 2002-08-29 10:00 . 2008-04-13 18:53 71552 c:\windows\SYSTEM32\DLLCACHE\bridge.sys
+ 2012-04-15 12:03 . 2001-08-17 17:12 12160 c:\windows\SYSTEM32\DLLCACHE\brfiltlo.sys
+ 2012-04-15 12:03 . 2001-08-18 02:36 12800 c:\windows\SYSTEM32\DLLCACHE\brevif.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 19456 c:\windows\SYSTEM32\DLLCACHE\brbidiif.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 12288 c:\windows\SYSTEM32\DLLCACHE\bootvid.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 71680 c:\windows\SYSTEM32\DLLCACHE\blastcln.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 17408 c:\windows\SYSTEM32\DLLCACHE\bidispl.dll
+ 2003-09-03 00:03 . 2008-04-13 18:46 11776 c:\windows\SYSTEM32\DLLCACHE\bdasup.sys
+ 2012-04-15 12:03 . 2001-08-17 16:11 26568 c:\windows\SYSTEM32\DLLCACHE\bcm4e5.sys
+ 2012-04-15 12:03 . 2001-08-17 16:11 54271 c:\windows\SYSTEM32\DLLCACHE\bcm42xx5.sys
+ 2012-04-15 12:03 . 2001-08-17 16:11 66557 c:\windows\SYSTEM32\DLLCACHE\bcm42u.sys
+ 2012-04-15 12:03 . 2002-08-29 10:00 42577 c:\windows\SYSTEM32\DLLCACHE\bckgzm.exe
+ 2012-04-15 12:03 . 2002-08-29 10:00 82501 c:\windows\SYSTEM32\DLLCACHE\bckg.dll
+ 2012-04-15 12:03 . 2008-04-13 18:36 14208 c:\windows\SYSTEM32\DLLCACHE\battc.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 29184 c:\windows\SYSTEM32\DLLCACHE\batmeter.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 52736 c:\windows\SYSTEM32\DLLCACHE\basesrv.dll
+ 2012-04-15 12:03 . 2001-08-17 16:48 36128 c:\windows\SYSTEM32\DLLCACHE\banshee.sys
+ 2012-04-15 12:03 . 2001-08-17 16:11 96640 c:\windows\SYSTEM32\DLLCACHE\b57xp32.sys
+ 2012-04-15 12:03 . 2001-08-17 16:13 89952 c:\windows\SYSTEM32\DLLCACHE\b1cbase.sys
+ 2012-04-15 12:03 . 2001-08-17 16:19 36992 c:\windows\SYSTEM32\DLLCACHE\aztw2320.sys
+ 2003-09-06 01:30 . 2002-08-29 10:00 73216 c:\windows\SYSTEM32\DLLCACHE\avwav.dll
+ 2012-04-15 12:03 . 2001-08-17 16:13 37568 c:\windows\SYSTEM32\DLLCACHE\avmwan.sys
+ 2003-09-06 01:30 . 2002-08-29 10:00 16384 c:\windows\SYSTEM32\DLLCACHE\avmeter.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 87552 c:\windows\SYSTEM32\DLLCACHE\avmcoxp.dll
+ 2002-08-29 10:00 . 2009-11-27 16:07 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll
- 2009-06-10 14:13 . 2009-11-27 16:07 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 64000 c:\windows\SYSTEM32\DLLCACHE\avicap32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 69584 c:\windows\SYSTEM32\DLLCACHE\avicap.dll
+ 2012-04-15 12:03 . 2008-04-13 18:46 13696 c:\windows\SYSTEM32\DLLCACHE\avcstrm.sys
+ 2012-04-15 12:03 . 2001-08-17 18:01 36096 c:\windows\SYSTEM32\DLLCACHE\avcaudio.sys
+ 2012-04-15 12:03 . 2008-04-13 18:46 38912 c:\windows\SYSTEM32\DLLCACHE\avc.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 11264 c:\windows\SYSTEM32\DLLCACHE\autolfn.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 80384 c:\windows\SYSTEM32\DLLCACHE\autodisc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 62464 c:\windows\SYSTEM32\DLLCACHE\authz.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 16439 c:\windows\SYSTEM32\DLLCACHE\author.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 20540 c:\windows\SYSTEM32\DLLCACHE\author.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 14336 c:\windows\SYSTEM32\DLLCACHE\auditusr.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 42496 c:\windows\SYSTEM32\DLLCACHE\audiosrv.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 17279 c:\windows\SYSTEM32\DLLCACHE\atv10nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 14143 c:\windows\SYSTEM32\DLLCACHE\atv06nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 25471 c:\windows\SYSTEM32\DLLCACHE\atv04nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 11359 c:\windows\SYSTEM32\DLLCACHE\atv02nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 21183 c:\windows\SYSTEM32\DLLCACHE\atv01nt5.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 12288 c:\windows\SYSTEM32\DLLCACHE\attrib.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 11264 c:\windows\SYSTEM32\DLLCACHE\atrace.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 34816 c:\windows\SYSTEM32\DLLCACHE\atmpvcno.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 30208 c:\windows\SYSTEM32\DLLCACHE\atmlib.dll
+ 2002-08-29 10:00 . 2008-04-13 18:51 55808 c:\windows\SYSTEM32\DLLCACHE\atmlane.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 31360 c:\windows\SYSTEM32\DLLCACHE\atmepvc.sys
+ 2002-08-29 10:00 . 2008-04-13 18:51 59904 c:\windows\SYSTEM32\DLLCACHE\atmarpc.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 11264 c:\windows\SYSTEM32\DLLCACHE\atmadm.exe
+ 2002-08-29 10:00 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll
- 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 13312 c:\windows\SYSTEM32\DLLCACHE\atkctrs.dll
+ 2012-04-15 12:03 . 2001-08-17 16:49 23552 c:\windows\SYSTEM32\DLLCACHE\atixbar.sys
+ 2012-04-15 12:03 . 2001-08-17 16:49 26624 c:\windows\SYSTEM32\DLLCACHE\ativxbar.sys
+ 2012-04-15 12:03 . 2001-08-17 16:49 19456 c:\windows\SYSTEM32\DLLCACHE\ativttxx.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 32768 c:\windows\SYSTEM32\DLLCACHE\ativtmxx.dll
+ 2012-04-15 12:03 . 2001-08-17 16:49 17152 c:\windows\SYSTEM32\DLLCACHE\atitvsnd.sys
+ 2012-04-15 12:03 . 2001-08-17 16:49 17152 c:\windows\SYSTEM32\DLLCACHE\atitunep.sys
+ 2012-04-15 12:03 . 2001-08-17 16:49 26880 c:\windows\SYSTEM32\DLLCACHE\atirtsnd.sys
+ 2012-04-15 12:03 . 2001-08-17 16:49 49920 c:\windows\SYSTEM32\DLLCACHE\atirtcap.sys
+ 2012-04-15 12:03 . 2001-08-17 16:48 70528 c:\windows\SYSTEM32\DLLCACHE\atiragem.sys
+ 2012-04-15 12:03 . 2001-08-17 16:49 10240 c:\windows\SYSTEM32\DLLCACHE\atipcxxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 63488 c:\windows\SYSTEM32\DLLCACHE\atinxsxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 31744 c:\windows\SYSTEM32\DLLCACHE\atinxbxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 73216 c:\windows\SYSTEM32\DLLCACHE\atintuxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 13824 c:\windows\SYSTEM32\DLLCACHE\atinttxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 28672 c:\windows\SYSTEM32\DLLCACHE\atinsnxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 52224 c:\windows\SYSTEM32\DLLCACHE\atinraxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 14336 c:\windows\SYSTEM32\DLLCACHE\atinpdxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 13824 c:\windows\SYSTEM32\DLLCACHE\atinmdxx.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 57856 c:\windows\SYSTEM32\DLLCACHE\atinbtxx.sys
+ 2012-04-15 12:03 . 2001-08-17 16:49 75136 c:\windows\SYSTEM32\DLLCACHE\atimpae.sys
+ 2012-04-15 12:03 . 2001-08-18 02:36 37376 c:\windows\SYSTEM32\DLLCACHE\atievxx.exe
+ 2012-04-15 12:03 . 2001-08-17 16:49 46464 c:\windows\SYSTEM32\DLLCACHE\atibt829.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 34735 c:\windows\SYSTEM32\DLLCACHE\ati1xsxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 29455 c:\windows\SYSTEM32\DLLCACHE\ati1xbxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 36463 c:\windows\SYSTEM32\DLLCACHE\ati1tuxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 21343 c:\windows\SYSTEM32\DLLCACHE\ati1ttxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 26367 c:\windows\SYSTEM32\DLLCACHE\ati1snxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 63663 c:\windows\SYSTEM32\DLLCACHE\ati1rvxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 30671 c:\windows\SYSTEM32\DLLCACHE\ati1raxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 12047 c:\windows\SYSTEM32\DLLCACHE\ati1pdxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 11615 c:\windows\SYSTEM32\DLLCACHE\ati1mdxx.sys
+ 2012-04-15 12:03 . 2004-08-04 05:29 56623 c:\windows\SYSTEM32\DLLCACHE\ati1btxx.sys
+ 2012-04-15 12:03 . 2001-08-17 17:57 77568 c:\windows\SYSTEM32\DLLCACHE\ati.sys
+ 2012-04-15 12:03 . 2001-08-17 18:55 96128 c:\windows\SYSTEM32\DLLCACHE\ati.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 25088 c:\windows\SYSTEM32\DLLCACHE\at.exe
+ 2002-08-29 10:00 . 2008-04-13 18:57 14336 c:\windows\SYSTEM32\DLLCACHE\asyncmac.sys
+ 2002-08-29 10:00 . 2010-03-05 14:37 65536 c:\windows\SYSTEM32\DLLCACHE\asycfilt.dll
- 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\SYSTEM32\DLLCACHE\asycfilt.dll
+ 2012-04-15 12:03 . 2001-08-17 16:12 97354 c:\windows\SYSTEM32\DLLCACHE\aspndis3.sys
+ 2001-08-17 18:51 . 2001-08-17 18:51 14848 c:\windows\SYSTEM32\DLLCACHE\asc3550.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 22400 c:\windows\SYSTEM32\DLLCACHE\asc3350p.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 26496 c:\windows\SYSTEM32\DLLCACHE\asc.sys
+ 2002-08-29 10:00 . 2008-04-13 18:51 60800 c:\windows\SYSTEM32\DLLCACHE\arp1394.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 19456 c:\windows\SYSTEM32\DLLCACHE\arp.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 12498 c:\windows\SYSTEM32\DLLCACHE\append.exe
+ 2012-04-15 12:03 . 2002-08-29 02:59 36224 c:\windows\SYSTEM32\DLLCACHE\an983.sys
+ 2002-12-12 05:14 . 2008-04-14 00:11 70656 c:\windows\SYSTEM32\DLLCACHE\amstream.dll

GreenWithEnvy
2012-04-18, 15:34
+ 2001-08-17 18:52 . 2001-08-17 18:52 12032 c:\windows\SYSTEM32\DLLCACHE\amsint.sys
+ 2002-08-29 10:00 . 2008-04-13 18:31 37760 c:\windows\SYSTEM32\DLLCACHE\amdk7.sys
+ 2002-08-29 10:00 . 2008-04-13 18:31 37376 c:\windows\SYSTEM32\DLLCACHE\amdk6.sys
+ 2001-08-17 18:58 . 2008-04-13 18:36 43008 c:\windows\SYSTEM32\DLLCACHE\amdagp.sys
+ 2012-04-15 12:03 . 2001-08-17 16:11 16969 c:\windows\SYSTEM32\DLLCACHE\amb8002.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 17408 c:\windows\SYSTEM32\DLLCACHE\alrsvc.dll
+ 2001-08-17 18:58 . 2008-04-13 18:36 42752 c:\windows\SYSTEM32\DLLCACHE\alim1541.sys
+ 2012-04-15 12:03 . 2001-08-17 17:49 26624 c:\windows\SYSTEM32\DLLCACHE\alifir.sys
+ 2012-04-15 12:03 . 2001-08-17 16:11 27678 c:\windows\SYSTEM32\DLLCACHE\ali5261.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 44544 c:\windows\SYSTEM32\DLLCACHE\alg.exe
+ 2001-08-17 19:07 . 2001-08-17 19:07 56960 c:\windows\SYSTEM32\DLLCACHE\aic78xx.sys
+ 2001-08-17 19:07 . 2001-08-17 19:07 55168 c:\windows\SYSTEM32\DLLCACHE\aic78u2.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 98304 c:\windows\SYSTEM32\DLLCACHE\ahui.exe
+ 2001-08-17 18:52 . 2001-08-17 18:52 12800 c:\windows\SYSTEM32\DLLCACHE\aha154x.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 24064 c:\windows\SYSTEM32\DLLCACHE\agtintl.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 20480 c:\windows\SYSTEM32\DLLCACHE\agt0c0a.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 20992 c:\windows\SYSTEM32\DLLCACHE\agt0816.dll
+ 2005-10-21 01:50 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt0804.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt041f.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt041d.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt0419.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 20480 c:\windows\SYSTEM32\DLLCACHE\agt0416.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt0415.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt0414.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 20992 c:\windows\SYSTEM32\DLLCACHE\agt0413.dll
+ 2005-10-21 01:49 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt0412.dll
+ 2005-10-21 01:49 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt0411.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 20992 c:\windows\SYSTEM32\DLLCACHE\agt0410.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 19968 c:\windows\SYSTEM32\DLLCACHE\agt040e.dll
+ 2008-07-21 00:28 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt040d.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 21504 c:\windows\SYSTEM32\DLLCACHE\agt040c.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 19456 c:\windows\SYSTEM32\DLLCACHE\agt040b.dll
+ 2002-08-29 10:00 . 2008-04-13 17:32 19968 c:\windows\SYSTEM32\DLLCACHE\agt0409.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 22016 c:\windows\SYSTEM32\DLLCACHE\agt0408.dll
+ 2002-08-29 10:00 . 2007-04-02 18:26 21504 c:\windows\SYSTEM32\DLLCACHE\agt0407.dll
+ 2002-08-29 10:00 . 2007-04-02 18:25 19456 c:\windows\SYSTEM32\DLLCACHE\agt0406.dll
+ 2002-08-29 10:00 . 2007-04-02 18:25 19456 c:\windows\SYSTEM32\DLLCACHE\agt0405.dll
+ 2005-10-21 01:50 . 2007-04-02 18:25 19456 c:\windows\SYSTEM32\DLLCACHE\agt0404.dll
+ 2008-07-21 00:28 . 2007-04-02 18:25 19456 c:\windows\SYSTEM32\DLLCACHE\agt0401.dll
+ 2001-08-17 18:58 . 2008-04-13 18:36 44928 c:\windows\SYSTEM32\DLLCACHE\agpcpq.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 44032 c:\windows\SYSTEM32\DLLCACHE\agentsr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 24064 c:\windows\SYSTEM32\DLLCACHE\agentpsh.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 49152 c:\windows\SYSTEM32\DLLCACHE\agentmpx.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 57344 c:\windows\SYSTEM32\DLLCACHE\agentdpv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 42496 c:\windows\SYSTEM32\DLLCACHE\agentdp2.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 24064 c:\windows\SYSTEM32\DLLCACHE\agentanm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 68096 c:\windows\SYSTEM32\DLLCACHE\adsmsext.dll
+ 2012-04-15 12:03 . 2001-08-17 16:11 46112 c:\windows\SYSTEM32\DLLCACHE\adptsf50.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 26112 c:\windows\SYSTEM32\DLLCACHE\adptif.dll
+ 2002-08-29 10:00 . 2007-08-13 23:39 71680 c:\windows\SYSTEM32\DLLCACHE\admparse.dll
- 2006-11-07 08:26 . 2007-08-13 23:39 71680 c:\windows\SYSTEM32\DLLCACHE\admparse.dll
+ 2012-04-15 12:03 . 2002-08-29 03:00 10880 c:\windows\SYSTEM32\DLLCACHE\admjoy.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 16439 c:\windows\SYSTEM32\DLLCACHE\admin.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 20540 c:\windows\SYSTEM32\DLLCACHE\admin.dll
+ 2012-04-15 12:03 . 2001-08-17 16:11 20160 c:\windows\SYSTEM32\DLLCACHE\adm8511.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 98304 c:\windows\SYSTEM32\DLLCACHE\actxprxy.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 11648 c:\windows\SYSTEM32\DLLCACHE\acpiec.sys
+ 2012-04-15 12:03 . 2001-08-18 02:36 61440 c:\windows\SYSTEM32\DLLCACHE\acerscad.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 64512 c:\windows\SYSTEM32\DLLCACHE\acctres.dll
+ 2012-04-15 12:03 . 2002-08-29 03:00 84480 c:\windows\SYSTEM32\DLLCACHE\ac97via.sys
+ 2012-04-15 12:03 . 2001-08-17 16:20 96256 c:\windows\SYSTEM32\DLLCACHE\ac97intc.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 23552 c:\windows\SYSTEM32\DLLCACHE\abp480n5.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 25600 c:\windows\SYSTEM32\DLLCACHE\aaaamon.dll
+ 2012-04-15 12:03 . 2001-08-17 18:55 38400 c:\windows\SYSTEM32\DLLCACHE\8514a.dll
+ 2012-04-15 12:03 . 2008-04-13 18:46 48128 c:\windows\SYSTEM32\DLLCACHE\61883.sys
+ 2003-09-03 00:00 . 2008-04-13 18:46 53376 c:\windows\SYSTEM32\DLLCACHE\1394bus.sys
+ 2003-01-03 15:36 . 2003-01-03 15:36 20480 c:\windows\SYSTEM32\ControlSuite.exe
+ 2002-08-20 18:54 . 2002-08-20 18:54 94208 c:\windows\SYSTEM32\cabw32.dll
+ 2002-12-26 20:53 . 2002-12-26 20:53 36864 c:\windows\SYSTEM32\BSelList.dll
+ 2003-01-03 15:36 . 2003-01-03 15:36 98304 c:\windows\SYSTEM32\BacsTray.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 90112 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 90112 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 45056 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 45056 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 22528 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 22528 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 12800 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\pubs.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 12800 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\pubs.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 16384 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 16384 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 34304 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 34304 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2012-04-15 16:44 . 2011-12-19 08:13 44544 c:\windows\ie7updates\KB2675157-IE7\pngfilt.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 52224 c:\windows\ie7updates\KB2675157-IE7\msfeedsbs.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 27648 c:\windows\ie7updates\KB2675157-IE7\jsproxy.dll
+ 2012-04-15 16:44 . 2011-12-16 12:22 13824 c:\windows\ie7updates\KB2675157-IE7\ieudinit.exe
+ 2012-04-15 16:44 . 2011-12-19 08:13 44544 c:\windows\ie7updates\KB2675157-IE7\iernonce.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 78336 c:\windows\ie7updates\KB2675157-IE7\ieencode.dll
+ 2012-04-15 16:44 . 2011-12-16 12:22 70656 c:\windows\ie7updates\KB2675157-IE7\ie4uinit.exe
+ 2012-04-15 16:44 . 2011-12-19 08:13 63488 c:\windows\ie7updates\KB2675157-IE7\icardie.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 17408 c:\windows\ie7updates\KB2675157-IE7\corpol.dll
+ 2000-11-10 18:57 . 2000-11-10 18:57 5025 c:\windows\SYSTEM32\patterns.dat
+ 2010-05-23 00:49 . 2002-10-28 15:26 3744 c:\windows\SYSTEM32\DRIVERS\smsens.sys
+ 2002-03-13 19:20 . 2002-03-13 19:20 6057 c:\windows\SYSTEM32\DRIVERS\BASFND.sys
+ 2010-05-23 00:49 . 2002-04-01 17:15 4816 c:\windows\SYSTEM32\DRIVERS\aeaudio.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 8261 c:\windows\SYSTEM32\DLLCACHE\zoneoc.dll
+ 2012-04-15 12:10 . 2002-08-29 10:00 4677 c:\windows\SYSTEM32\DLLCACHE\zeeverm.dll
+ 2012-04-15 12:10 . 2001-08-18 02:37 4608 c:\windows\SYSTEM32\DLLCACHE\xrxflnch.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 6656 c:\windows\SYSTEM32\DLLCACHE\wuauserv.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7168 c:\windows\SYSTEM32\DLLCACHE\wshnetbs.dll
+ 2012-04-15 12:10 . 2008-04-14 00:12 8192 c:\windows\SYSTEM32\DLLCACHE\wshirda.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 9216 c:\windows\SYSTEM32\DLLCACHE\wshatm.dll
+ 2003-09-06 01:38 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\write.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 3200 c:\windows\SYSTEM32\DLLCACHE\wowfax.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 2736 c:\windows\SYSTEM32\DLLCACHE\wowdeb.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 5632 c:\windows\SYSTEM32\DLLCACHE\wmm2res2.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 7680 c:\windows\SYSTEM32\DLLCACHE\wmm2ext.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 4096 c:\windows\SYSTEM32\DLLCACHE\wmm2eres.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 4352 c:\windows\SYSTEM32\DLLCACHE\wmilib.sys
+ 2002-08-29 10:00 . 2008-04-13 17:10 6656 c:\windows\SYSTEM32\DLLCACHE\wmiapres.dll
+ 2012-04-15 12:10 . 2008-04-13 18:36 8832 c:\windows\SYSTEM32\DLLCACHE\wmiacpi.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 5632 c:\windows\SYSTEM32\DLLCACHE\wmi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 5632 c:\windows\SYSTEM32\DLLCACHE\winver.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 2112 c:\windows\SYSTEM32\DLLCACHE\winspool.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 2864 c:\windows\SYSTEM32\DLLCACHE\winsock.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5120 c:\windows\SYSTEM32\DLLCACHE\winnls.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\winhstb.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 9216 c:\windows\SYSTEM32\DLLCACHE\winfax.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 9216 c:\windows\SYSTEM32\DLLCACHE\wifeman.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 4608 c:\windows\SYSTEM32\DLLCACHE\vjoy.dll
+ 2002-08-29 06:27 . 2008-04-13 18:40 5376 c:\windows\SYSTEM32\DLLCACHE\viaide.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 2176 c:\windows\SYSTEM32\DLLCACHE\vga.drv
+ 2002-08-29 10:00 . 2002-08-29 10:00 9344 c:\windows\SYSTEM32\DLLCACHE\vga.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 9008 c:\windows\SYSTEM32\DLLCACHE\ver.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7680 c:\windows\SYSTEM32\DLLCACHE\vcdex.dll
+ 2012-04-15 12:09 . 2001-08-17 17:28 7556 c:\windows\SYSTEM32\DLLCACHE\usroslba.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 4736 c:\windows\SYSTEM32\DLLCACHE\usbd.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 4096 c:\windows\SYSTEM32\DLLCACHE\unlodctr.exe
+ 2002-08-29 10:00 . 2009-11-27 16:07 8704 c:\windows\SYSTEM32\DLLCACHE\tsbyuv.dll
- 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\SYSTEM32\DLLCACHE\tsbyuv.dll
+ 2001-08-17 18:51 . 2001-08-17 18:51 4992 c:\windows\SYSTEM32\DLLCACHE\toside.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 4048 c:\windows\SYSTEM32\DLLCACHE\timer.drv
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\tapiperf.dll
+ 2012-04-15 12:09 . 2001-08-17 17:52 7040 c:\windows\SYSTEM32\DLLCACHE\tandqic.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 3072 c:\windows\SYSTEM32\DLLCACHE\systray.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 3360 c:\windows\SYSTEM32\DLLCACHE\system.drv
+ 2012-04-15 12:09 . 2001-08-17 18:02 3968 c:\windows\SYSTEM32\DLLCACHE\swusbflt.sys
+ 2002-12-12 05:14 . 2008-04-13 18:39 4352 c:\windows\SYSTEM32\DLLCACHE\swenum.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\svcpack.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 9216 c:\windows\SYSTEM32\DLLCACHE\subst.exe
+ 2001-08-18 03:36 . 2001-08-18 03:36 8192 c:\windows\SYSTEM32\DLLCACHE\streamci.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 4208 c:\windows\SYSTEM32\DLLCACHE\storage.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 9728 c:\windows\SYSTEM32\DLLCACHE\sprestrt.exe
+ 2003-09-03 00:01 . 2008-04-13 18:45 6272 c:\windows\SYSTEM32\DLLCACHE\splitter.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 1744 c:\windows\SYSTEM32\DLLCACHE\sound.drv
+ 2012-04-15 12:08 . 2001-08-17 17:56 7552 c:\windows\SYSTEM32\DLLCACHE\sonypvu1.sys
+ 2012-04-15 12:08 . 2001-08-17 17:53 9600 c:\windows\SYSTEM32\DLLCACHE\sonymc.sys
+ 2012-04-15 12:08 . 2008-04-13 18:40 7552 c:\windows\SYSTEM32\DLLCACHE\sonyait.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\softpub.dll
+ 2012-04-15 12:08 . 2001-08-17 17:53 7040 c:\windows\SYSTEM32\DLLCACHE\snyaitmc.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 8704 c:\windows\SYSTEM32\DLLCACHE\snmptrap.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 6144 c:\windows\SYSTEM32\DLLCACHE\snmpmib.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\smimsgif.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\smierrsy.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 8192 c:\windows\SYSTEM32\DLLCACHE\smbinst.exe
+ 2012-04-15 12:08 . 2001-08-17 17:57 6784 c:\windows\SYSTEM32\DLLCACHE\smbhc.sys
+ 2012-04-15 12:08 . 2008-04-13 18:36 6912 c:\windows\SYSTEM32\DLLCACHE\smbclass.sys
+ 2004-08-04 06:07 . 2008-04-13 18:36 5888 c:\windows\SYSTEM32\DLLCACHE\smbali.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\skdll.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 3901 c:\windows\SYSTEM32\DLLCACHE\siint5.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5120 c:\windows\SYSTEM32\DLLCACHE\shell.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 9728 c:\windows\SYSTEM32\DLLCACHE\sfc.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 5120 c:\windows\SYSTEM32\DLLCACHE\sfc.dll
+ 2012-04-15 12:08 . 2001-08-17 17:53 6784 c:\windows\SYSTEM32\DLLCACHE\serscan.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 7168 c:\windows\SYSTEM32\DLLCACHE\sensapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 5632 c:\windows\SYSTEM32\DLLCACHE\security.dll
+ 2004-10-31 14:13 . 2004-08-02 18:20 4569 c:\windows\SYSTEM32\DLLCACHE\secupd.dat
+ 2012-04-15 12:08 . 2001-08-17 17:53 6912 c:\windows\SYSTEM32\DLLCACHE\seaddsmc.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 9216 c:\windows\SYSTEM32\DLLCACHE\scrnsave.scr
+ 2002-08-29 10:00 . 2002-08-29 10:00 9728 c:\windows\SYSTEM32\DLLCACHE\rsvpperf.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 9216 c:\windows\SYSTEM32\DLLCACHE\rsmgrstr.dll
+ 2012-04-15 12:08 . 2001-08-17 16:19 3840 c:\windows\SYSTEM32\DLLCACHE\rpfun.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\routetab.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5888 c:\windows\SYSTEM32\DLLCACHE\rootmdm.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 3072 c:\windows\SYSTEM32\DLLCACHE\rnr20.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 9728 c:\windows\SYSTEM32\DLLCACHE\reset.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 4608 c:\windows\SYSTEM32\DLLCACHE\regwiz.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 3584 c:\windows\SYSTEM32\DLLCACHE\regedt32.exe
+ 2002-08-29 10:00 . 2004-08-04 05:48 3338 c:\windows\SYSTEM32\DLLCACHE\redir.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 7168 c:\windows\SYSTEM32\DLLCACHE\recover.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 4096 c:\windows\SYSTEM32\DLLCACHE\rdpcfgex.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 4224 c:\windows\SYSTEM32\DLLCACHE\rdpcdd.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 7680 c:\windows\SYSTEM32\DLLCACHE\rasadhlp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 8832 c:\windows\SYSTEM32\DLLCACHE\rasacd.sys
+ 2012-04-15 12:07 . 2001-08-17 17:53 3328 c:\windows\SYSTEM32\DLLCACHE\qv2kux.sys
+ 2012-04-15 12:07 . 2002-08-29 10:00 9728 c:\windows\SYSTEM32\DLLCACHE\query.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\qosname.dll
+ 2012-04-15 12:07 . 2008-04-13 18:40 6016 c:\windows\SYSTEM32\DLLCACHE\qic157.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 3708 c:\windows\SYSTEM32\DLLCACHE\pubprn.vbs
+ 2012-04-15 12:07 . 2001-08-18 02:36 5632 c:\windows\SYSTEM32\DLLCACHE\ptpusb.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\psnppagn.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 9216 c:\windows\SYSTEM32\DLLCACHE\proxycfg.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 9216 c:\windows\SYSTEM32\DLLCACHE\print.exe
+ 2012-04-15 12:07 . 2008-04-13 18:40 8832 c:\windows\SYSTEM32\DLLCACHE\powerfil.sys
+ 2012-04-15 12:07 . 2001-08-17 17:53 7168 c:\windows\SYSTEM32\DLLCACHE\pnrmc.sys
+ 2012-04-15 12:07 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\pmxgl.dll
+ 2001-08-17 19:07 . 2001-08-17 19:07 5504 c:\windows\SYSTEM32\DLLCACHE\perc2hib.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 6784 c:\windows\SYSTEM32\DLLCACHE\parvdm.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 3456 c:\windows\SYSTEM32\DLLCACHE\oprghdlr.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 2944 c:\windows\SYSTEM32\DLLCACHE\null.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 8192 c:\windows\SYSTEM32\DLLCACHE\ntlsapi.dll
+ 2012-04-15 12:07 . 2001-08-17 17:47 9344 c:\windows\SYSTEM32\DLLCACHE\ntapm.sys
+ 2012-04-15 12:07 . 2001-08-17 17:53 7552 c:\windows\SYSTEM32\DLLCACHE\nsmmc.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 7052 c:\windows\SYSTEM32\DLLCACHE\nlsfunc.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 4096 c:\windows\SYSTEM32\DLLCACHE\nddeapir.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 7680 c:\windows\SYSTEM32\DLLCACHE\ncxpnt.dll
+ 2012-04-15 12:07 . 2001-08-18 02:36 7168 c:\windows\SYSTEM32\DLLCACHE\mxport.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 4096 c:\windows\SYSTEM32\DLLCACHE\mtxex.dll
+ 2002-12-12 05:14 . 2008-04-13 18:39 5504 c:\windows\SYSTEM32\DLLCACHE\mstee.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\msswchx.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 4608 c:\windows\SYSTEM32\DLLCACHE\mssip32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7168 c:\windows\SYSTEM32\DLLCACHE\msr2cenu.dll
+ 2001-08-23 10:00 . 2008-04-13 18:39 4992 c:\windows\SYSTEM32\DLLCACHE\mspqm.sys
+ 2002-12-12 05:14 . 2008-04-13 18:39 5376 c:\windows\SYSTEM32\DLLCACHE\mspclock.sys
+ 2012-04-15 12:06 . 2001-08-17 18:00 2944 c:\windows\SYSTEM32\DLLCACHE\msmpu401.sys
+ 2002-12-12 05:14 . 2008-04-13 18:39 7552 c:\windows\SYSTEM32\DLLCACHE\mskssrv.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 4608 c:\windows\SYSTEM32\DLLCACHE\msimg32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 6656 c:\windows\SYSTEM32\DLLCACHE\msidle.dll
+ 2012-04-15 12:06 . 2001-08-17 17:48 6016 c:\windows\SYSTEM32\DLLCACHE\msfsio.sys
+ 2002-08-29 10:00 . 2008-04-14 00:10 4126 c:\windows\SYSTEM32\DLLCACHE\msdxmlc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 6144 c:\windows\SYSTEM32\DLLCACHE\msdtc.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 4096 c:\windows\SYSTEM32\DLLCACHE\msdaurl.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 4096 c:\windows\SYSTEM32\DLLCACHE\msdasc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 4096 c:\windows\SYSTEM32\DLLCACHE\msdaer.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 4096 c:\windows\SYSTEM32\DLLCACHE\msdaenum.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 4096 c:\windows\SYSTEM32\DLLCACHE\msdadc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7168 c:\windows\SYSTEM32\DLLCACHE\mscat32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:10 3584 c:\windows\SYSTEM32\DLLCACHE\msafd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 4639 c:\windows\SYSTEM32\DLLCACHE\mplayer2.exe
+ 2002-08-29 10:00 . 2006-10-19 02:47 4096 c:\windows\SYSTEM32\DLLCACHE\mpg4dmod.dll
+ 2004-08-04 07:56 . 2006-10-19 02:47 4096 c:\windows\SYSTEM32\DLLCACHE\mp4sdmod.dll
+ 2004-08-04 07:56 . 2006-10-19 02:47 4096 c:\windows\SYSTEM32\DLLCACHE\mp43dmod.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 2032 c:\windows\SYSTEM32\DLLCACHE\mouse.drv
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\mountvol.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 4224 c:\windows\SYSTEM32\DLLCACHE\mnmdd.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\mll_qic.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7680 c:\windows\SYSTEM32\DLLCACHE\mll_mtf.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 3584 c:\windows\SYSTEM32\DLLCACHE\mll_hp.dll
+ 2012-04-15 12:06 . 2001-08-17 17:52 6528 c:\windows\SYSTEM32\DLLCACHE\miniqic.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 7680 c:\windows\SYSTEM32\DLLCACHE\migregdb.exe
+ 2012-04-15 12:06 . 2001-08-17 17:58 8320 c:\windows\SYSTEM32\DLLCACHE\memcard.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 7680 c:\windows\SYSTEM32\DLLCACHE\mciole32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\mciole16.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 4608 c:\windows\SYSTEM32\DLLCACHE\mchgrcoi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7680 c:\windows\SYSTEM32\DLLCACHE\mcd.sys
+ 2012-04-15 12:06 . 2001-08-17 17:52 7424 c:\windows\SYSTEM32\DLLCACHE\mammoth.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\mag_hook.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 9936 c:\windows\SYSTEM32\DLLCACHE\lzexpand.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 2560 c:\windows\SYSTEM32\DLLCACHE\lz32.dll
+ 2012-04-15 12:06 . 2008-04-13 18:40 7040 c:\windows\SYSTEM32\DLLCACHE\ltotape.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 9216 c:\windows\SYSTEM32\DLLCACHE\lprmonui.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\lpr.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\lpq.exe
+ 2012-04-15 12:06 . 2001-08-17 17:53 4992 c:\windows\SYSTEM32\DLLCACHE\loop.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 5120 c:\windows\SYSTEM32\DLLCACHE\lodctr.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 9728 c:\windows\SYSTEM32\DLLCACHE\label.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 2000 c:\windows\SYSTEM32\DLLCACHE\keyboard.drv
+ 2002-08-29 10:00 . 2002-08-29 10:00 7040 c:\windows\SYSTEM32\DLLCACHE\kdcom.dll
+ 2002-08-29 10:00 . 2008-04-13 18:31 7424 c:\windows\SYSTEM32\DLLCACHE\kd1394.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdycl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdycc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdvntc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbduzb.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdusx.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdusr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdusl.dll
+ 2012-04-15 12:06 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdusa.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdus.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdurdu.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdur.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 7168 c:\windows\SYSTEM32\DLLCACHE\kbdukx.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbduk.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdtuq.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdtuf.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdth3.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdth2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdth1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdth0.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdtat.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdsyr2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdsyr1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdsw.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdsp.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 7680 c:\windows\SYSTEM32\DLLCACHE\kbdsmsno.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 7680 c:\windows\SYSTEM32\DLLCACHE\kbdsmsfi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdsl1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdsl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdsg.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdsf.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdru1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdru.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdro.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdpo.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdpl1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdpl.dll
+ 2008-07-21 00:29 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdpash.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 7168 c:\windows\SYSTEM32\DLLCACHE\kbdno1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdno.dll
+ 2008-07-21 00:29 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdnepr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:09 7168 c:\windows\SYSTEM32\DLLCACHE\kbdnec.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdne.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdmon.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdmlt48.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdmlt47.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 5632 c:\windows\SYSTEM32\DLLCACHE\kbdmaori.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdmac.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdlv1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdlv.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdlt1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdlt.dll
+ 2005-10-21 01:49 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdlk41j.dll
+ 2005-10-21 01:49 . 2008-04-14 00:09 6656 c:\windows\SYSTEM32\DLLCACHE\kbdlk41a.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdla.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdkyr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdkaz.dll
+ 2008-07-21 00:29 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdiultn.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdit142.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdit.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdir.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdintel.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdintam.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdinpun.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdinmar.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 6656 c:\windows\SYSTEM32\DLLCACHE\kbdinmal.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdinkan.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdinhin.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdinguj.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdindev.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdinben.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdinbe1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdic.dll
+ 2005-10-21 01:49 . 2008-04-14 00:09 7168 c:\windows\SYSTEM32\DLLCACHE\kbdibm02.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdhu1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdhu.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\kbdhept.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdhela3.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdhela2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdheb.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdhe319.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdhe220.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdhe.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdgr1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdgr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdgkl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5120 c:\windows\SYSTEM32\DLLCACHE\kbdgeo.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdgae.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdfr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdfo.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 7168 c:\windows\SYSTEM32\DLLCACHE\kbdfi1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdfi.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdfc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdfa.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdest.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdes.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5120 c:\windows\SYSTEM32\DLLCACHE\kbddv.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbddiv2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbddiv1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdda.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdcz2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdcz1.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7168 c:\windows\SYSTEM32\DLLCACHE\kbdcz.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdcr.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7680 c:\windows\SYSTEM32\DLLCACHE\kbdcan.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdca.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdbu.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdbr.dll

GreenWithEnvy
2012-04-18, 15:35
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdblr.dll
+ 2008-07-21 00:29 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdbhc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdbene.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\kbdbe.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdazel.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdaze.dll
+ 2005-10-21 01:49 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdax2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5120 c:\windows\SYSTEM32\DLLCACHE\kbdarmw.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5120 c:\windows\SYSTEM32\DLLCACHE\kbdarme.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\kbdal.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbda3.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbda2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbda1.dll
+ 2005-10-21 01:49 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbd106n.dll
+ 2005-10-21 01:49 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbd106.dll
+ 2005-10-21 01:49 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbd101.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 4096 c:\windows\SYSTEM32\DLLCACHE\iprtprio.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 3584 c:\windows\SYSTEM32\DLLCACHE\iprop.dll
+ 2002-08-29 06:27 . 2008-04-13 18:40 5504 c:\windows\SYSTEM32\DLLCACHE\intelide.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 8192 c:\windows\SYSTEM32\DLLCACHE\igmpagnt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:09 3584 c:\windows\SYSTEM32\DLLCACHE\icmp.dll
+ 2012-04-15 12:05 . 2001-08-18 02:34 9216 c:\windows\SYSTEM32\DLLCACHE\ibmsgnet.dll
+ 2001-08-17 18:56 . 2008-04-13 18:41 8576 c:\windows\SYSTEM32\DLLCACHE\i2omgmt.sys
+ 2012-04-15 12:05 . 2001-08-18 02:36 9759 c:\windows\SYSTEM32\DLLCACHE\hsf_inst.dll
+ 2012-04-15 12:05 . 2001-08-17 17:52 5760 c:\windows\SYSTEM32\DLLCACHE\hpt4qic.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 7680 c:\windows\SYSTEM32\DLLCACHE\hostname.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 4768 c:\windows\SYSTEM32\DLLCACHE\himem.sys
+ 2012-04-15 12:05 . 2001-08-17 18:02 2688 c:\windows\SYSTEM32\DLLCACHE\hidswvd.sys
+ 2012-04-15 12:05 . 2001-08-17 18:02 8576 c:\windows\SYSTEM32\DLLCACHE\hidgame.sys
+ 2003-09-03 00:00 . 2008-04-14 00:11 7168 c:\windows\SYSTEM32\DLLCACHE\hccoin.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6656 c:\windows\SYSTEM32\DLLCACHE\hcappres.dll
+ 2002-08-29 10:00 . 2006-12-31 01:26 9728 c:\windows\SYSTEM32\DLLCACHE\gpkrsrc.dll
+ 2004-08-04 07:56 . 2008-04-14 00:09 6656 c:\windows\SYSTEM32\DLLCACHE\fxsres.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 8704 c:\windows\SYSTEM32\DLLCACHE\fxsperf.dll
+ 2012-04-15 12:05 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\ftlx041e.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 6144 c:\windows\SYSTEM32\DLLCACHE\fsconins.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 7936 c:\windows\SYSTEM32\DLLCACHE\fs_rec.sys
+ 2002-08-29 10:00 . 2008-04-14 00:09 9344 c:\windows\SYSTEM32\DLLCACHE\framebuf.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 7680 c:\windows\SYSTEM32\DLLCACHE\forcedos.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 3072 c:\windows\SYSTEM32\DLLCACHE\fixmapi.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 9216 c:\windows\SYSTEM32\DLLCACHE\finger.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 9216 c:\windows\SYSTEM32\DLLCACHE\find.exe
+ 2005-10-21 01:49 . 2008-04-14 00:09 7168 c:\windows\SYSTEM32\DLLCACHE\f3ahvoas.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 8424 c:\windows\SYSTEM32\DLLCACHE\exe2bin.exe
+ 2012-04-15 12:03 . 2001-08-18 02:36 5632 c:\windows\SYSTEM32\DLLCACHE\EXCH_adsiisex.dll
+ 2012-04-15 12:05 . 2001-08-17 17:52 7040 c:\windows\SYSTEM32\DLLCACHE\exabyte2.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 8704 c:\windows\SYSTEM32\DLLCACHE\eventvwr.exe
+ 2003-09-03 00:00 . 2001-08-17 18:46 6400 c:\windows\SYSTEM32\DLLCACHE\enum1394.sys
+ 2012-04-15 12:04 . 2001-08-17 17:53 7296 c:\windows\SYSTEM32\DLLCACHE\elmsmc.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 3328 c:\windows\SYSTEM32\DLLCACHE\dxgthk.sys
+ 2002-08-29 10:00 . 2008-04-13 17:09 4096 c:\windows\SYSTEM32\DLLCACHE\dsprpres.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 4656 c:\windows\SYSTEM32\DLLCACHE\ds16gt.dll
+ 2003-09-03 00:01 . 2008-04-13 18:45 2944 c:\windows\SYSTEM32\DLLCACHE\drmkaud.sys
+ 2002-12-12 05:14 . 2008-04-14 00:09 3072 c:\windows\SYSTEM32\DLLCACHE\dpnlobby.dll
+ 2002-12-12 05:14 . 2008-04-14 00:09 3072 c:\windows\SYSTEM32\DLLCACHE\dpnaddr.dll
+ 2012-04-15 12:04 . 2001-08-17 17:47 8704 c:\windows\SYSTEM32\DLLCACHE\dot4scan.sys
+ 2008-07-21 00:28 . 2008-04-14 00:11 9216 c:\windows\SYSTEM32\DLLCACHE\dot3dlg.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5888 c:\windows\SYSTEM32\DLLCACHE\dmload.sys
+ 2012-04-15 12:04 . 2008-04-13 18:40 8320 c:\windows\SYSTEM32\DLLCACHE\dlttape.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 4608 c:\windows\SYSTEM32\DLLCACHE\dllhst3g.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 5120 c:\windows\SYSTEM32\DLLCACHE\dllhost.exe
+ 2012-04-15 12:04 . 2001-08-18 02:36 6216 c:\windows\SYSTEM32\DLLCACHE\divaci.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 6729 c:\windows\SYSTEM32\DLLCACHE\disrvci.dll
+ 2012-04-15 12:04 . 2001-08-17 17:52 7424 c:\windows\SYSTEM32\DLLCACHE\ddsmc.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 6144 c:\windows\SYSTEM32\DLLCACHE\dcomcnfg.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 8704 c:\windows\SYSTEM32\DLLCACHE\dciman32.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 8192 c:\windows\SYSTEM32\DLLCACHE\d3d8thk.dll
+ 2012-04-15 12:04 . 2001-08-17 16:19 3584 c:\windows\SYSTEM32\DLLCACHE\cwcosnt5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 3072 c:\windows\SYSTEM32\DLLCACHE\cwbmidi.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 3072 c:\windows\SYSTEM32\DLLCACHE\cwbase.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 4096 c:\windows\SYSTEM32\DLLCACHE\ctwdm32.dll
+ 2012-04-15 12:04 . 2001-08-17 16:19 3712 c:\windows\SYSTEM32\DLLCACHE\ctljystk.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 6912 c:\windows\SYSTEM32\DLLCACHE\ctlfacem.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 6144 c:\windows\SYSTEM32\DLLCACHE\csrss.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\control.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 6144 c:\windows\SYSTEM32\DLLCACHE\comrereg.exe
+ 2004-04-19 03:14 . 2008-04-14 00:12 9728 c:\windows\SYSTEM32\DLLCACHE\comrepl.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 3584 c:\windows\SYSTEM32\DLLCACHE\comcat.dll
+ 2001-08-17 18:51 . 2001-08-17 18:51 6656 c:\windows\SYSTEM32\DLLCACHE\cmdide.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 7680 c:\windows\SYSTEM32\DLLCACHE\ckcnv.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 5632 c:\windows\SYSTEM32\DLLCACHE\cisvc.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 8192 c:\windows\SYSTEM32\DLLCACHE\cidaemon.exe
+ 2012-04-15 12:04 . 2008-04-13 18:40 8192 c:\windows\SYSTEM32\DLLCACHE\changer.sys
+ 2012-04-15 12:04 . 2002-08-29 10:00 9728 c:\windows\SYSTEM32\DLLCACHE\change.exe
+ 2001-08-17 18:52 . 2001-08-17 18:52 7680 c:\windows\SYSTEM32\DLLCACHE\cd20xrnt.sys
+ 2012-04-15 12:03 . 2001-08-18 02:36 9728 c:\windows\SYSTEM32\DLLCACHE\brserif.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 5120 c:\windows\SYSTEM32\DLLCACHE\brscnrsm.dll
+ 2012-04-15 12:03 . 2001-08-17 17:12 3168 c:\windows\SYSTEM32\DLLCACHE\brparimg.sys
+ 2012-04-15 12:03 . 2001-08-17 17:12 3968 c:\windows\SYSTEM32\DLLCACHE\brfiltup.sys
+ 2012-04-15 12:03 . 2001-08-17 17:12 2944 c:\windows\SYSTEM32\DLLCACHE\brfilt.sys
+ 2012-04-15 12:03 . 2001-08-18 02:36 9728 c:\windows\SYSTEM32\DLLCACHE\brcoinst.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 5120 c:\windows\SYSTEM32\DLLCACHE\bootvrfy.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 4608 c:\windows\SYSTEM32\DLLCACHE\bootok.exe
+ 2008-07-21 00:28 . 2008-04-14 00:11 7168 c:\windows\SYSTEM32\DLLCACHE\bitsprx4.dll
+ 2004-07-22 02:20 . 2008-04-14 00:11 7168 c:\windows\SYSTEM32\DLLCACHE\bitsprx3.dll
+ 2004-07-22 02:20 . 2008-04-14 00:11 8192 c:\windows\SYSTEM32\DLLCACHE\bitsprx2.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 4224 c:\windows\SYSTEM32\DLLCACHE\beep.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 8704 c:\windows\SYSTEM32\DLLCACHE\batt.dll
+ 2001-08-17 18:59 . 2001-08-17 18:59 3072 c:\windows\SYSTEM32\DLLCACHE\audstub.sys
+ 2012-04-15 12:03 . 2001-08-17 16:49 9472 c:\windows\SYSTEM32\DLLCACHE\ativmdcd.sys
+ 2002-08-29 10:00 . 2006-10-19 02:47 7168 c:\windows\SYSTEM32\DLLCACHE\asferror.dll
+ 2012-04-15 12:03 . 2001-08-17 17:47 6272 c:\windows\SYSTEM32\DLLCACHE\apmbatt.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 9029 c:\windows\SYSTEM32\DLLCACHE\ansi.sys
+ 2001-08-17 18:51 . 2001-08-17 18:51 5248 c:\windows\SYSTEM32\DLLCACHE\aliide.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 3775 c:\windows\SYSTEM32\DLLCACHE\adv11nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3711 c:\windows\SYSTEM32\DLLCACHE\adv09nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3135 c:\windows\SYSTEM32\DLLCACHE\adv08nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3647 c:\windows\SYSTEM32\DLLCACHE\adv07nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3615 c:\windows\SYSTEM32\DLLCACHE\adv05nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 3967 c:\windows\SYSTEM32\DLLCACHE\adv02nt5.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 4255 c:\windows\SYSTEM32\DLLCACHE\adv01nt5.dll
+ 2012-04-15 12:03 . 2001-08-17 17:53 7424 c:\windows\SYSTEM32\DLLCACHE\adicvls.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 4096 c:\windows\SYSTEM32\DLLCACHE\actmovie.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 3584 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 3584 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 8192 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 8192 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 2560 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 2560 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2002-08-29 10:00 . 2011-12-19 08:13 233472 c:\windows\SYSTEM32\webcheck.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 233472 c:\windows\SYSTEM32\webcheck.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 106496 c:\windows\SYSTEM32\url.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 106496 c:\windows\SYSTEM32\url.dll
+ 2012-04-13 19:08 . 2002-10-08 00:27 303104 c:\windows\SYSTEM32\ReinstallBackups\000A\DriverFiles\HXFSETUP.EXE
+ 2003-09-03 00:03 . 2012-04-15 16:04 443114 c:\windows\SYSTEM32\PERFH009.DAT
- 2002-08-29 10:00 . 2011-12-19 08:13 102912 c:\windows\SYSTEM32\occache.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 102912 c:\windows\SYSTEM32\occache.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 671232 c:\windows\SYSTEM32\mstime.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 671232 c:\windows\SYSTEM32\mstime.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 193024 c:\windows\SYSTEM32\msrating.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 193024 c:\windows\SYSTEM32\msrating.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 478720 c:\windows\SYSTEM32\mshtmled.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 478720 c:\windows\SYSTEM32\mshtmled.dll
+ 2006-11-08 02:03 . 2012-03-01 01:25 468480 c:\windows\SYSTEM32\msfeeds.dll
- 2006-11-08 02:03 . 2011-12-19 08:13 468480 c:\windows\SYSTEM32\msfeeds.dll
- 2006-10-17 16:57 . 2011-12-19 08:13 268288 c:\windows\SYSTEM32\iertutil.dll
+ 2006-10-17 16:57 . 2012-03-01 01:25 268288 c:\windows\SYSTEM32\iertutil.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 192512 c:\windows\SYSTEM32\iepeers.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 192512 c:\windows\SYSTEM32\iepeers.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 384512 c:\windows\SYSTEM32\iedkcs32.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 384512 c:\windows\SYSTEM32\iedkcs32.dll
- 2006-10-17 16:27 . 2011-12-19 08:13 380928 c:\windows\SYSTEM32\ieapfltr.dll
+ 2006-10-17 16:27 . 2012-03-01 01:25 380928 c:\windows\SYSTEM32\ieapfltr.dll
+ 2002-08-29 10:00 . 2012-02-29 10:59 161792 c:\windows\SYSTEM32\ieakui.dll
- 2002-08-29 10:00 . 2011-12-16 10:58 161792 c:\windows\SYSTEM32\ieakui.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 230400 c:\windows\SYSTEM32\ieaksie.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 230400 c:\windows\SYSTEM32\ieaksie.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 153088 c:\windows\SYSTEM32\ieakeng.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 153088 c:\windows\SYSTEM32\ieakeng.dll
+ 2004-08-04 07:56 . 2012-03-01 01:25 133120 c:\windows\SYSTEM32\extmgr.dll
- 2004-08-04 07:56 . 2011-12-19 08:13 133120 c:\windows\SYSTEM32\extmgr.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 214528 c:\windows\SYSTEM32\dxtrans.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 214528 c:\windows\SYSTEM32\dxtrans.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 347136 c:\windows\SYSTEM32\dxtmsft.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 347136 c:\windows\SYSTEM32\dxtmsft.dll
+ 2012-04-15 12:10 . 2002-08-29 10:00 113222 c:\windows\SYSTEM32\DLLCACHE\zoneclim.dll
+ 2003-03-03 17:17 . 2008-04-14 00:12 338432 c:\windows\SYSTEM32\DLLCACHE\zipfldr.dll
+ 2012-04-15 12:10 . 2008-04-14 00:12 116224 c:\windows\SYSTEM32\DLLCACHE\xrxwiadr.dll
+ 2005-05-17 00:25 . 2008-04-13 17:39 689152 c:\windows\SYSTEM32\DLLCACHE\xpsp3res.dll
+ 2002-08-29 10:00 . 2008-04-13 17:39 187392 c:\windows\SYSTEM32\DLLCACHE\xpsp1res.dll
+ 2004-07-22 02:20 . 2008-04-13 17:39 438784 c:\windows\SYSTEM32\DLLCACHE\xpob2res.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 129024 c:\windows\SYSTEM32\DLLCACHE\xmlprov.dll
+ 2002-08-29 10:00 . 2004-07-17 18:39 174200 c:\windows\SYSTEM32\DLLCACHE\xenroll.dll
+ 2003-03-10 17:25 . 2008-04-14 00:12 483840 c:\windows\SYSTEM32\DLLCACHE\wzcsvc.dll
+ 2003-03-10 17:25 . 2008-04-14 00:12 383488 c:\windows\SYSTEM32\DLLCACHE\wzcdlg.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 108032 c:\windows\SYSTEM32\DLLCACHE\wshbth.dll
- 2008-05-08 11:24 . 2008-05-08 11:24 155648 c:\windows\SYSTEM32\DLLCACHE\wscript.exe
+ 2002-08-29 10:00 . 2008-05-08 11:24 155648 c:\windows\SYSTEM32\DLLCACHE\wscript.exe
+ 2004-06-04 00:43 . 2008-04-14 00:12 264192 c:\windows\SYSTEM32\DLLCACHE\wow32.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 214528 c:\windows\SYSTEM32\DLLCACHE\wordpad.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 303616 c:\windows\SYSTEM32\DLLCACHE\wmstream.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 115200 c:\windows\SYSTEM32\DLLCACHE\wmsdmoe.dll
+ 2004-08-04 07:56 . 2004-08-04 07:56 221184 c:\windows\SYSTEM32\DLLCACHE\wmpns.dll
+ 2004-08-04 07:56 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll
- 2009-07-14 03:43 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll
+ 2004-08-04 07:56 . 2006-10-19 02:47 242688 c:\windows\SYSTEM32\DLLCACHE\wmpasf.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 325632 c:\windows\SYSTEM32\DLLCACHE\wmm2fxb.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 502272 c:\windows\SYSTEM32\DLLCACHE\wmm2fxa.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 402432 c:\windows\SYSTEM32\DLLCACHE\wmm2filt.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 167936 c:\windows\SYSTEM32\DLLCACHE\wmm2ae.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 144896 c:\windows\SYSTEM32\DLLCACHE\wmisvc.dll
- 2009-04-15 22:16 . 2009-02-06 10:10 227840 c:\windows\SYSTEM32\DLLCACHE\wmiprvse.exe
+ 2002-08-29 10:00 . 2009-02-06 10:10 227840 c:\windows\SYSTEM32\DLLCACHE\wmiprvse.exe
+ 2002-08-29 10:00 . 2009-02-09 12:10 453120 c:\windows\SYSTEM32\DLLCACHE\wmiprvsd.dll
- 2009-04-15 22:16 . 2009-02-09 12:10 453120 c:\windows\SYSTEM32\DLLCACHE\wmiprvsd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 144896 c:\windows\SYSTEM32\DLLCACHE\wmiprov.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 132096 c:\windows\SYSTEM32\DLLCACHE\wmipdskq.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 156672 c:\windows\SYSTEM32\DLLCACHE\wmipcima.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 140800 c:\windows\SYSTEM32\DLLCACHE\wmidcprv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 126464 c:\windows\SYSTEM32\DLLCACHE\wmiapsrv.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 196608 c:\windows\SYSTEM32\DLLCACHE\wmiadap.exe
+ 2004-08-04 07:56 . 2006-10-19 02:47 227328 c:\windows\SYSTEM32\DLLCACHE\wmerror.dll
+ 2012-04-15 12:10 . 2002-08-29 02:59 154624 c:\windows\SYSTEM32\DLLCACHE\wlluc48.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 172032 c:\windows\SYSTEM32\DLLCACHE\wldap32.dll
+ 2002-08-29 10:00 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll
- 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll
- 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\SYSTEM32\DLLCACHE\wintrust.dll
+ 2002-08-29 10:00 . 2012-02-29 14:10 177664 c:\windows\SYSTEM32\DLLCACHE\wintrust.dll
- 2010-06-18 17:45 . 2011-11-25 21:57 293376 c:\windows\SYSTEM32\DLLCACHE\winsrv.dll
+ 2002-08-29 10:00 . 2011-11-25 21:57 293376 c:\windows\SYSTEM32\DLLCACHE\winsrv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 146432 c:\windows\SYSTEM32\DLLCACHE\winspool.drv
+ 2002-08-29 10:00 . 2008-04-14 00:11 756224 c:\windows\SYSTEM32\DLLCACHE\winntbbu.dll
+ 2002-08-29 10:00 . 2011-10-14 14:47 176128 c:\windows\SYSTEM32\DLLCACHE\winmm.dll
- 2011-10-14 14:47 . 2011-10-14 14:47 176128 c:\windows\SYSTEM32\DLLCACHE\winmm.dll
+ 2003-09-06 01:37 . 2002-08-29 10:00 119808 c:\windows\SYSTEM32\DLLCACHE\winmine.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 507904 c:\windows\SYSTEM32\DLLCACHE\winlogon.exe
+ 2004-08-24 00:32 . 2012-03-01 01:25 832512 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
- 2004-08-24 00:32 . 2011-12-19 08:13 832512 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2004-07-22 02:20 . 2011-11-16 14:21 354816 c:\windows\SYSTEM32\DLLCACHE\winhttp.dll
- 2008-12-16 12:30 . 2011-11-16 14:21 354816 c:\windows\SYSTEM32\DLLCACHE\winhttp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 283648 c:\windows\SYSTEM32\DLLCACHE\winhlp32.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 256192 c:\windows\SYSTEM32\DLLCACHE\winhelp.exe
+ 2012-04-15 12:10 . 2001-08-17 17:28 771581 c:\windows\SYSTEM32\DLLCACHE\winacisa.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 102400 c:\windows\SYSTEM32\DLLCACHE\win32spl.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 145408 c:\windows\SYSTEM32\DLLCACHE\wiavusd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 111104 c:\windows\SYSTEM32\DLLCACHE\wiavideo.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 589312 c:\windows\SYSTEM32\DLLCACHE\wiashext.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 333824 c:\windows\SYSTEM32\DLLCACHE\wiaservc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 124416 c:\windows\SYSTEM32\DLLCACHE\wiadss.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 463360 c:\windows\SYSTEM32\DLLCACHE\wiadefui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 433664 c:\windows\SYSTEM32\DLLCACHE\wiaacmgr.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 135680 c:\windows\SYSTEM32\DLLCACHE\webvw.dll
- 2006-11-08 02:03 . 2011-12-19 08:13 233472 c:\windows\SYSTEM32\DLLCACHE\webcheck.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 233472 c:\windows\SYSTEM32\DLLCACHE\webcheck.dll
+ 2012-04-15 12:09 . 2001-08-17 17:28 701386 c:\windows\SYSTEM32\DLLCACHE\wdhaalba.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 197120 c:\windows\SYSTEM32\DLLCACHE\wbemupgd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 116224 c:\windows\SYSTEM32\DLLCACHE\wbemtest.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 273920 c:\windows\SYSTEM32\DLLCACHE\wbemess.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 178176 c:\windows\SYSTEM32\DLLCACHE\wbemdisp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 531456 c:\windows\SYSTEM32\DLLCACHE\wbemcore.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 214528 c:\windows\SYSTEM32\DLLCACHE\wbemcomn.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 196608 c:\windows\SYSTEM32\DLLCACHE\wbemcntl.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 215552 c:\windows\SYSTEM32\DLLCACHE\wavemsp.dll
+ 2002-08-29 10:00 . 2008-04-13 16:21 249856 c:\windows\SYSTEM32\DLLCACHE\wab32res.dll
+ 2004-06-24 19:54 . 2008-04-14 00:12 510976 c:\windows\SYSTEM32\DLLCACHE\wab32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 175104 c:\windows\SYSTEM32\DLLCACHE\w32time.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 289792 c:\windows\SYSTEM32\DLLCACHE\vssvc.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 430592 c:\windows\SYSTEM32\DLLCACHE\vssapi.dll
+ 2012-04-15 12:09 . 2001-08-17 17:28 397502 c:\windows\SYSTEM32\DLLCACHE\vpctcom.sys
+ 2012-04-15 12:09 . 2001-08-17 17:28 604253 c:\windows\SYSTEM32\DLLCACHE\vmodem.sys
+ 2012-04-15 12:09 . 2001-08-17 16:14 249402 c:\windows\SYSTEM32\DLLCACHE\vinwm.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 131584 c:\windows\SYSTEM32\DLLCACHE\viewprov.dll
- 2006-09-18 14:15 . 2011-04-30 08:50 766464 c:\windows\SYSTEM32\DLLCACHE\vgx.dll
+ 2002-08-29 10:00 . 2011-04-30 08:50 766464 c:\windows\SYSTEM32\DLLCACHE\vgx.dll
+ 2002-08-29 10:00 . 2011-03-04 06:45 434176 c:\windows\SYSTEM32\DLLCACHE\vbscript.dll
- 2008-05-09 10:53 . 2011-03-04 06:45 434176 c:\windows\SYSTEM32\DLLCACHE\vbscript.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 218624 c:\windows\SYSTEM32\DLLCACHE\uxtheme.dll
+ 2012-04-15 12:09 . 2001-08-17 17:28 687999 c:\windows\SYSTEM32\DLLCACHE\usrwdxjs.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 102457 c:\windows\SYSTEM32\DLLCACHE\usrv42a.dll
+ 2012-04-15 12:09 . 2001-08-17 17:28 765884 c:\windows\SYSTEM32\DLLCACHE\usrti.sys
+ 2012-04-15 12:09 . 2001-08-17 17:28 113762 c:\windows\SYSTEM32\DLLCACHE\usrpda.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 323641 c:\windows\SYSTEM32\DLLCACHE\usrdtea.dll
+ 2012-04-15 12:09 . 2001-08-17 17:28 224802 c:\windows\SYSTEM32\DLLCACHE\usr1807a.sys
+ 2012-04-15 12:09 . 2001-08-17 17:28 794399 c:\windows\SYSTEM32\DLLCACHE\usr1806v.sys
+ 2012-04-15 12:09 . 2001-08-17 17:28 793598 c:\windows\SYSTEM32\DLLCACHE\usr1806.sys
+ 2012-04-15 12:09 . 2001-08-17 17:28 794654 c:\windows\SYSTEM32\DLLCACHE\usr1801.sys
- 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\SYSTEM32\DLLCACHE\usp10.dll
+ 2002-08-29 10:00 . 2010-04-16 15:36 406016 c:\windows\SYSTEM32\DLLCACHE\usp10.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 727040 c:\windows\SYSTEM32\DLLCACHE\userenv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 578560 c:\windows\SYSTEM32\DLLCACHE\user32.dll
+ 2004-08-04 06:10 . 2008-04-13 18:46 121984 c:\windows\SYSTEM32\DLLCACHE\usbvideo.sys
- 2002-08-29 10:00 . 2011-12-19 08:13 106496 c:\windows\SYSTEM32\DLLCACHE\url.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 106496 c:\windows\SYSTEM32\DLLCACHE\url.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 239616 c:\windows\SYSTEM32\DLLCACHE\upnpui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 185856 c:\windows\SYSTEM32\DLLCACHE\upnphost.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 133632 c:\windows\SYSTEM32\DLLCACHE\upnp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 150528 c:\windows\SYSTEM32\DLLCACHE\uploadm.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 116224 c:\windows\SYSTEM32\DLLCACHE\updprov.dll
+ 2002-08-29 10:00 . 2008-04-13 18:39 384768 c:\windows\SYSTEM32\DLLCACHE\update.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 316416 c:\windows\SYSTEM32\DLLCACHE\untfs.dll
+ 2002-08-29 10:00 . 2007-06-27 02:10 317440 c:\windows\SYSTEM32\DLLCACHE\unregmp2.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 123392 c:\windows\SYSTEM32\DLLCACHE\umpnpmgr.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 211968 c:\windows\SYSTEM32\DLLCACHE\um54scan.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 216064 c:\windows\SYSTEM32\DLLCACHE\um34scan.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 275456 c:\windows\SYSTEM32\DLLCACHE\ulib.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 177856 c:\windows\SYSTEM32\DLLCACHE\typelib.dll
+ 2004-04-19 03:14 . 2008-04-14 00:12 101376 c:\windows\SYSTEM32\DLLCACHE\txflog.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 130048 c:\windows\SYSTEM32\DLLCACHE\tsoc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 279040 c:\windows\SYSTEM32\DLLCACHE\tshoot.dll
+ 2002-08-29 10:00 . 2009-06-21 21:44 153088 c:\windows\SYSTEM32\DLLCACHE\triedit.dll
- 2009-09-09 17:56 . 2009-06-21 21:44 153088 c:\windows\SYSTEM32\DLLCACHE\triedit.dll
+ 2012-04-15 12:09 . 2001-08-17 16:51 166784 c:\windows\SYSTEM32\DLLCACHE\tridxpm.sys
+ 2012-04-15 12:09 . 2001-08-18 02:36 525568 c:\windows\SYSTEM32\DLLCACHE\tridxp.dll
+ 2012-04-15 12:09 . 2001-08-17 16:51 159232 c:\windows\SYSTEM32\DLLCACHE\tridkbm.sys
+ 2012-04-15 12:09 . 2001-08-17 18:56 440576 c:\windows\SYSTEM32\DLLCACHE\tridkb.dll
+ 2012-04-15 12:09 . 2001-08-17 16:51 222336 c:\windows\SYSTEM32\DLLCACHE\trid3dm.sys
+ 2012-04-15 12:09 . 2001-08-17 18:56 315520 c:\windows\SYSTEM32\DLLCACHE\trid3d.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 347136 c:\windows\SYSTEM32\DLLCACHE\tourstrt.exe
+ 2012-04-15 12:09 . 2001-08-17 18:02 230912 c:\windows\SYSTEM32\DLLCACHE\tosdvd03.sys
+ 2012-04-15 12:09 . 2001-08-17 18:01 241664 c:\windows\SYSTEM32\DLLCACHE\tosdvd02.sys
+ 2012-04-15 12:09 . 2001-08-17 16:14 123995 c:\windows\SYSTEM32\DLLCACHE\tjisdn.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 385536 c:\windows\SYSTEM32\DLLCACHE\themeui.dll
+ 2012-04-15 12:09 . 2002-08-29 10:00 185344 c:\windows\SYSTEM32\DLLCACHE\thawbrkr.dll
+ 2012-04-15 12:09 . 2001-08-17 16:51 138528 c:\windows\SYSTEM32\DLLCACHE\tgiulnt5.sys
+ 2012-04-15 12:09 . 2008-04-13 18:40 149376 c:\windows\SYSTEM32\DLLCACHE\tffsport.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 295424 c:\windows\SYSTEM32\DLLCACHE\termsrv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 358400 c:\windows\SYSTEM32\DLLCACHE\termmgr.dll
- 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\SYSTEM32\DLLCACHE\tcpip6.sys
+ 2002-08-29 10:00 . 2010-02-11 12:02 226880 c:\windows\SYSTEM32\DLLCACHE\tcpip6.sys
- 2008-06-20 11:51 . 2008-06-20 11:51 361600 c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
+ 2002-08-29 10:00 . 2008-06-20 11:51 361600 c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 135680 c:\windows\SYSTEM32\DLLCACHE\taskmgr.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 249856 c:\windows\SYSTEM32\DLLCACHE\tapisrv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 181760 c:\windows\SYSTEM32\DLLCACHE\tapi32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 858624 c:\windows\SYSTEM32\DLLCACHE\tapi3.dll
+ 2012-04-15 12:09 . 2001-08-17 18:56 172768 c:\windows\SYSTEM32\DLLCACHE\t2r4disp.dll
- 2009-06-16 14:36 . 2010-08-27 08:02 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
+ 2002-08-29 10:00 . 2010-08-27 08:02 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 990208 c:\windows\SYSTEM32\DLLCACHE\syssetup.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 106496 c:\windows\SYSTEM32\DLLCACHE\sysocmgr.exe
+ 2008-07-21 00:30 . 2008-04-14 00:12 173568 c:\windows\SYSTEM32\DLLCACHE\sysmoda.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 193024 c:\windows\SYSTEM32\DLLCACHE\sysmod.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 191488 c:\windows\SYSTEM32\DLLCACHE\syncui.dll
+ 2004-07-22 02:21 . 2008-04-14 00:12 713216 c:\windows\SYSTEM32\DLLCACHE\sxs.dll
+ 2012-04-15 12:09 . 2001-08-17 17:50 103936 c:\windows\SYSTEM32\DLLCACHE\sx.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 138752 c:\windows\SYSTEM32\DLLCACHE\swprv.dll
+ 2002-08-29 10:00 . 2009-08-26 08:00 247326 c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
- 2006-08-21 14:52 . 2009-08-26 08:00 247326 c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 121856 c:\windows\SYSTEM32\DLLCACHE\stobject.dll
+ 2012-04-15 12:09 . 2001-08-18 02:36 155648 c:\windows\SYSTEM32\DLLCACHE\stlnprop.dll
+ 2012-04-15 12:09 . 2001-08-17 16:18 285760 c:\windows\SYSTEM32\DLLCACHE\stlnata.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 136704 c:\windows\SYSTEM32\DLLCACHE\sti_ci.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 679936 c:\windows\SYSTEM32\DLLCACHE\sstext3d.scr
+ 2002-08-29 10:00 . 2008-04-14 00:12 610304 c:\windows\SYSTEM32\DLLCACHE\sspipes.scr
+ 2002-08-29 10:00 . 2008-04-14 00:12 393216 c:\windows\SYSTEM32\DLLCACHE\ssflwbox.scr
+ 2002-08-29 10:00 . 2008-04-14 00:12 704512 c:\windows\SYSTEM32\DLLCACHE\ss3dfo.scr
+ 2002-08-29 10:00 . 2011-02-17 13:18 357888 c:\windows\SYSTEM32\DLLCACHE\srv.sys
- 2008-10-15 19:12 . 2011-02-17 13:18 357888 c:\windows\SYSTEM32\DLLCACHE\srv.sys
+ 2012-04-15 12:09 . 2002-08-29 10:00 101376 c:\windows\SYSTEM32\DLLCACHE\srusbusd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 171008 c:\windows\SYSTEM32\DLLCACHE\srsvc.dll
+ 2003-10-06 22:06 . 2008-04-14 00:12 239104 c:\windows\SYSTEM32\DLLCACHE\srrstr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 726078 c:\windows\SYSTEM32\DLLCACHE\srchui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 217088 c:\windows\SYSTEM32\DLLCACHE\sqlxmlx.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 180800 c:\windows\SYSTEM32\DLLCACHE\sqlunirl.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 110592 c:\windows\SYSTEM32\DLLCACHE\sqlse20.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 462848 c:\windows\SYSTEM32\DLLCACHE\sqlqp20.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 151552 c:\windows\SYSTEM32\DLLCACHE\sqldb20.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 774144 c:\windows\SYSTEM32\DLLCACHE\spttseng.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 250368 c:\windows\SYSTEM32\DLLCACHE\sptip.dll
+ 2008-07-21 00:30 . 2008-04-13 18:40 576512 c:\windows\SYSTEM32\DLLCACHE\sprc0424.dll
+ 2008-07-21 00:30 . 2008-04-13 18:40 577536 c:\windows\SYSTEM32\DLLCACHE\sprc041b.dll
+ 2004-08-04 07:56 . 2008-04-13 18:38 732160 c:\windows\SYSTEM32\DLLCACHE\sprb0424.dll
+ 2004-08-04 07:56 . 2008-04-13 18:38 757248 c:\windows\SYSTEM32\DLLCACHE\sprb041b.dll
+ 2004-08-04 07:56 . 2008-04-13 18:35 192512 c:\windows\SYSTEM32\DLLCACHE\spra0424.dll
+ 2004-08-04 07:56 . 2008-04-13 18:35 192512 c:\windows\SYSTEM32\DLLCACHE\spra041b.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 538624 c:\windows\SYSTEM32\DLLCACHE\spider.exe
+ 2012-04-15 12:08 . 2001-08-18 02:36 106584 c:\windows\SYSTEM32\DLLCACHE\spdports.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 114688 c:\windows\SYSTEM32\DLLCACHE\sonypi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 130048 c:\windows\SYSTEM32\DLLCACHE\softkbd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 182272 c:\windows\SYSTEM32\DLLCACHE\snmpsnap.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 188416 c:\windows\SYSTEM32\DLLCACHE\snmpsmir.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 358400 c:\windows\SYSTEM32\DLLCACHE\snmpincl.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 259072 c:\windows\SYSTEM32\DLLCACHE\snmpcl.dll
+ 2003-09-06 01:36 . 2002-08-29 10:00 138752 c:\windows\SYSTEM32\DLLCACHE\sndvol32.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 131584 c:\windows\SYSTEM32\DLLCACHE\sndrec32.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 456192 c:\windows\SYSTEM32\DLLCACHE\smtpsvc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 362496 c:\windows\SYSTEM32\DLLCACHE\smlogcfg.dll
+ 2012-04-15 12:08 . 2001-08-17 18:56 147200 c:\windows\SYSTEM32\DLLCACHE\smidispb.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 236544 c:\windows\SYSTEM32\DLLCACHE\smi2smir.exe
+ 2012-04-15 12:08 . 2004-08-04 05:41 404990 c:\windows\SYSTEM32\DLLCACHE\slntamr.sys
+ 2012-04-15 12:08 . 2004-08-04 05:41 129535 c:\windows\SYSTEM32\DLLCACHE\slnt7554.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 188508 c:\windows\SYSTEM32\DLLCACHE\slgen.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 286792 c:\windows\SYSTEM32\DLLCACHE\slextspk.dll
+ 2002-08-29 10:00 . 2004-08-04 05:31 306176 c:\windows\SYSTEM32\DLLCACHE\slbcsp.dll
+ 2012-04-15 12:08 . 2001-08-17 18:56 157696 c:\windows\SYSTEM32\DLLCACHE\sisv256.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 238592 c:\windows\SYSTEM32\DLLCACHE\sisgrv.dll
+ 2012-04-15 12:08 . 2001-08-17 16:50 104064 c:\windows\SYSTEM32\DLLCACHE\sisgrp.sys
+ 2012-04-15 12:08 . 2001-08-17 18:56 150144 c:\windows\SYSTEM32\DLLCACHE\sis6306v.dll
+ 2012-04-15 12:08 . 2001-08-17 18:56 252032 c:\windows\SYSTEM32\DLLCACHE\sis300iv.dll
+ 2012-04-15 12:08 . 2001-08-17 16:50 101760 c:\windows\SYSTEM32\DLLCACHE\sis300ip.sys
- 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\SYSTEM32\DLLCACHE\shsvcs.dll
+ 2002-08-29 10:00 . 2009-07-27 23:17 135168 c:\windows\SYSTEM32\DLLCACHE\shsvcs.dll
+ 2003-03-20 21:11 . 2008-04-14 00:12 152064 c:\windows\SYSTEM32\DLLCACHE\shmedia.dll
- 2009-12-08 09:23 . 2009-12-08 09:23 474112 c:\windows\SYSTEM32\DLLCACHE\shlwapi.dll
+ 2004-08-20 19:01 . 2009-12-08 09:23 474112 c:\windows\SYSTEM32\DLLCACHE\shlwapi.dll
- 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\SYSTEM32\DLLCACHE\shimgvw.dll
+ 2002-08-29 10:00 . 2011-01-21 14:44 439296 c:\windows\SYSTEM32\DLLCACHE\shimgvw.dll
+ 2002-08-29 10:00 . 2008-04-13 17:03 549376 c:\windows\SYSTEM32\DLLCACHE\shdoclc.dll
+ 2012-04-15 12:08 . 2001-07-21 18:29 161568 c:\windows\SYSTEM32\DLLCACHE\sgsmusb.sys
+ 2012-04-15 12:08 . 2001-08-18 02:36 386560 c:\windows\SYSTEM32\DLLCACHE\sgiul50.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 140288 c:\windows\SYSTEM32\DLLCACHE\sfc_os.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 101376 c:\windows\SYSTEM32\DLLCACHE\setupqry.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 414208 c:\windows\SYSTEM32\DLLCACHE\setupdll.dll
+ 2002-08-29 10:00 . 2008-04-14 09:42 985088 c:\windows\SYSTEM32\DLLCACHE\setupapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 141312 c:\windows\SYSTEM32\DLLCACHE\sessmgr.exe
- 2009-04-15 22:16 . 2009-02-06 11:11 110592 c:\windows\SYSTEM32\DLLCACHE\services.exe
+ 2002-08-29 10:00 . 2009-02-06 11:11 110592 c:\windows\SYSTEM32\DLLCACHE\services.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 130048 c:\windows\SYSTEM32\DLLCACHE\sdpblb.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 172032 c:\windows\SYSTEM32\DLLCACHE\scrrun.dll
+ 2002-08-29 10:00 . 2008-05-09 10:53 172032 c:\windows\SYSTEM32\DLLCACHE\scrrun.dll
+ 2002-08-29 10:00 . 2008-05-09 10:53 180224 c:\windows\SYSTEM32\DLLCACHE\scrobj.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 180224 c:\windows\SYSTEM32\DLLCACHE\scrobj.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 199680 c:\windows\SYSTEM32\DLLCACHE\scripta.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 215552 c:\windows\SYSTEM32\DLLCACHE\script.dll
+ 2004-07-22 02:20 . 2008-04-14 00:12 192512 c:\windows\SYSTEM32\DLLCACHE\schedsvc.dll
+ 2002-08-29 10:00 . 2011-11-16 14:21 152064 c:\windows\SYSTEM32\DLLCACHE\schannel.dll
- 2008-12-05 06:54 . 2011-11-16 14:21 152064 c:\windows\SYSTEM32\DLLCACHE\schannel.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 314880 c:\windows\SYSTEM32\DLLCACHE\scesrv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 181248 c:\windows\SYSTEM32\DLLCACHE\scecli.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 171008 c:\windows\SYSTEM32\DLLCACHE\sccsccp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 169984 c:\windows\SYSTEM32\DLLCACHE\sccbase.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 118784 c:\windows\SYSTEM32\DLLCACHE\scardssp.dll
+ 2012-04-15 12:08 . 2001-08-18 02:36 495616 c:\windows\SYSTEM32\DLLCACHE\sblfx.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 159232 c:\windows\SYSTEM32\DLLCACHE\sbeio.dll
- 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\SYSTEM32\DLLCACHE\sbe.dll
+ 2002-08-29 10:00 . 2011-02-09 13:53 270848 c:\windows\SYSTEM32\DLLCACHE\sbe.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 741376 c:\windows\SYSTEM32\DLLCACHE\sapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 415744 c:\windows\SYSTEM32\DLLCACHE\samsrv.dll
+ 2012-04-15 12:08 . 2001-08-17 18:56 245632 c:\windows\SYSTEM32\DLLCACHE\s3savmx.dll
+ 2012-04-15 12:08 . 2001-08-17 18:56 198400 c:\windows\SYSTEM32\DLLCACHE\s3sav4.dll
+ 2012-04-15 12:08 . 2001-08-17 18:56 179264 c:\windows\SYSTEM32\DLLCACHE\s3sav3d.dll
+ 2012-04-15 12:08 . 2001-08-17 18:56 210496 c:\windows\SYSTEM32\DLLCACHE\s3mvirge.dll
+ 2012-04-15 12:08 . 2001-08-17 18:56 182272 c:\windows\SYSTEM32\DLLCACHE\s3mt3d.dll
+ 2012-04-15 12:08 . 2001-08-17 16:50 166720 c:\windows\SYSTEM32\DLLCACHE\s3m.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 166912 c:\windows\SYSTEM32\DLLCACHE\s3gnbm.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 397056 c:\windows\SYSTEM32\DLLCACHE\s3gnb.dll
+ 2012-04-15 12:08 . 2002-08-29 10:00 753236 c:\windows\SYSTEM32\DLLCACHE\rvseres.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 132608 c:\windows\SYSTEM32\DLLCACHE\rsvp.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 380416 c:\windows\SYSTEM32\DLLCACHE\rstrui.exe
+ 2002-08-29 10:00 . 2008-04-13 17:37 208384 c:\windows\SYSTEM32\DLLCACHE\rsaenh.dll
- 2009-04-15 22:16 . 2009-02-09 12:10 401408 c:\windows\SYSTEM32\DLLCACHE\rpcss.dll
+ 2004-04-19 03:14 . 2009-02-09 12:10 401408 c:\windows\SYSTEM32\DLLCACHE\rpcss.dll
+ 2004-04-19 03:14 . 2010-08-16 08:45 590848 c:\windows\SYSTEM32\DLLCACHE\rpcrt4.dll
- 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\SYSTEM32\DLLCACHE\rpcrt4.dll
- 2008-06-11 00:31 . 2008-05-08 14:02 203136 c:\windows\SYSTEM32\DLLCACHE\rmcast.sys
+ 2002-08-29 10:00 . 2008-05-08 14:02 203136 c:\windows\SYSTEM32\DLLCACHE\rmcast.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 433664 c:\windows\SYSTEM32\DLLCACHE\riched20.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 290304 c:\windows\SYSTEM32\DLLCACHE\rhttpaa.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 178176 c:\windows\SYSTEM32\DLLCACHE\repdrvfs.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 107520 c:\windows\SYSTEM32\DLLCACHE\rend.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 397824 c:\windows\SYSTEM32\DLLCACHE\regwizc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 146432 c:\windows\SYSTEM32\DLLCACHE\regedit.exe
- 2011-08-10 11:36 . 2012-01-09 16:20 139784 c:\windows\SYSTEM32\DLLCACHE\rdpwd.sys
+ 2002-08-29 10:00 . 2012-01-09 16:20 139784 c:\windows\SYSTEM32\DLLCACHE\rdpwd.sys
+ 2002-08-29 06:06 . 2008-04-13 18:32 196224 c:\windows\SYSTEM32\DLLCACHE\rdpdr.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 147968 c:\windows\SYSTEM32\DLLCACHE\rdchost.dll
+ 2002-08-29 10:00 . 2008-04-13 19:28 175744 c:\windows\SYSTEM32\DLLCACHE\rdbss.sys

GreenWithEnvy
2012-04-18, 15:36
+ 2002-08-29 10:00 . 2008-04-14 00:12 102400 c:\windows\SYSTEM32\DLLCACHE\rcbdyctl.dll
- 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\SYSTEM32\DLLCACHE\rastls.dll
+ 2002-08-29 10:00 . 2009-10-12 13:38 149504 c:\windows\SYSTEM32\DLLCACHE\rastls.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 210944 c:\windows\SYSTEM32\DLLCACHE\rasppp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 143360 c:\windows\SYSTEM32\DLLCACHE\rasmontr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 186368 c:\windows\SYSTEM32\DLLCACHE\rasmans.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 658432 c:\windows\SYSTEM32\DLLCACHE\rasdlg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 237056 c:\windows\SYSTEM32\DLLCACHE\rasapi32.dll
+ 2012-04-15 12:07 . 2001-08-17 17:28 714762 c:\windows\SYSTEM32\DLLCACHE\r2mdmkxx.sys
+ 2012-04-15 12:07 . 2001-08-17 17:28 899146 c:\windows\SYSTEM32\DLLCACHE\r2mdkxga.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 409088 c:\windows\SYSTEM32\DLLCACHE\qmgr.dll
+ 2002-12-12 05:14 . 2008-04-13 17:21 733696 c:\windows\SYSTEM32\DLLCACHE\qedwipes.dll
+ 2002-12-12 05:14 . 2011-11-03 15:28 386048 c:\windows\SYSTEM32\DLLCACHE\qdvd.dll
- 2011-11-03 15:28 . 2011-11-03 15:28 386048 c:\windows\SYSTEM32\DLLCACHE\qdvd.dll
+ 2002-12-12 05:14 . 2008-04-14 00:12 279040 c:\windows\SYSTEM32\DLLCACHE\qdv.dll
+ 2002-12-12 05:14 . 2008-04-14 00:12 192512 c:\windows\SYSTEM32\DLLCACHE\qcap.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 291328 c:\windows\SYSTEM32\DLLCACHE\qagentrt.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 150528 c:\windows\SYSTEM32\DLLCACHE\qagent.dll
+ 2012-04-15 12:07 . 2001-08-17 17:28 130942 c:\windows\SYSTEM32\DLLCACHE\ptserlv.sys
+ 2012-04-15 12:07 . 2001-08-17 17:28 112574 c:\windows\SYSTEM32\DLLCACHE\ptserlp.sys
+ 2012-04-15 12:07 . 2001-08-17 17:28 128286 c:\windows\SYSTEM32\DLLCACHE\ptserli.sys
+ 2012-04-15 12:07 . 2008-04-14 00:12 159232 c:\windows\SYSTEM32\DLLCACHE\ptpusd.dll
+ 2003-09-03 00:03 . 2008-04-14 00:12 363520 c:\windows\SYSTEM32\DLLCACHE\psisdecd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 237056 c:\windows\SYSTEM32\DLLCACHE\provthrd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 109568 c:\windows\SYSTEM32\DLLCACHE\progman.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 560640 c:\windows\SYSTEM32\DLLCACHE\printui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 105472 c:\windows\SYSTEM32\DLLCACHE\polstore.dll
+ 2012-04-15 12:07 . 2002-08-29 10:00 131584 c:\windows\SYSTEM32\DLLCACHE\pmxviceo.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 281088 c:\windows\SYSTEM32\DLLCACHE\pinball.exe
+ 2012-04-15 12:07 . 2001-08-18 02:36 121344 c:\windows\SYSTEM32\DLLCACHE\phvfwext.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 176128 c:\windows\SYSTEM32\DLLCACHE\photowiz.dll
+ 2012-04-15 12:07 . 2001-08-17 18:04 173696 c:\windows\SYSTEM32\DLLCACHE\philcam2.sys
+ 2012-04-15 12:07 . 2008-04-14 00:10 259328 c:\windows\SYSTEM32\DLLCACHE\perm3dd.dll
+ 2012-04-15 12:07 . 2008-04-14 00:10 211584 c:\windows\SYSTEM32\DLLCACHE\perm2dll.dll
- 2009-04-15 22:16 . 2009-03-06 14:22 284160 c:\windows\SYSTEM32\DLLCACHE\pdh.dll
+ 2002-08-29 10:00 . 2009-03-06 14:22 284160 c:\windows\SYSTEM32\DLLCACHE\pdh.dll
+ 2012-04-15 12:07 . 2002-08-29 02:59 169984 c:\windows\SYSTEM32\DLLCACHE\pcx500.sys
+ 2002-08-29 10:00 . 2008-04-13 18:36 120192 c:\windows\SYSTEM32\DLLCACHE\pcmcia.sys
+ 2002-11-27 15:50 . 2008-04-14 00:12 102912 c:\windows\SYSTEM32\DLLCACHE\pchshell.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 157696 c:\windows\SYSTEM32\DLLCACHE\paqsp.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 554496 c:\windows\SYSTEM32\DLLCACHE\p2psvc.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 115712 c:\windows\SYSTEM32\DLLCACHE\p2pnetsh.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 313856 c:\windows\SYSTEM32\DLLCACHE\p2pgraph.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 105472 c:\windows\SYSTEM32\DLLCACHE\p2pgasvc.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 153600 c:\windows\SYSTEM32\DLLCACHE\p2p.dll
+ 2012-04-15 12:07 . 2001-08-17 18:05 351616 c:\windows\SYSTEM32\DLLCACHE\ovcodek2.sys
+ 2012-04-15 12:07 . 2001-08-18 02:36 116736 c:\windows\SYSTEM32\DLLCACHE\ovcodec2.dll
+ 2003-02-10 15:58 . 2008-04-14 00:12 215552 c:\windows\SYSTEM32\DLLCACHE\osk.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 713728 c:\windows\SYSTEM32\DLLCACHE\opengl32.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 144384 c:\windows\SYSTEM32\DLLCACHE\onex.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 107008 c:\windows\SYSTEM32\DLLCACHE\oleprn.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 122880 c:\windows\SYSTEM32\DLLCACHE\oledlg.dll
+ 2003-10-28 01:10 . 2008-04-14 00:12 487424 c:\windows\SYSTEM32\DLLCACHE\oledb32.dll
- 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\SYSTEM32\DLLCACHE\oleaut32.dll
+ 2002-08-29 10:00 . 2010-12-20 17:32 551936 c:\windows\SYSTEM32\DLLCACHE\oleaut32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 153008 c:\windows\SYSTEM32\DLLCACHE\ole2nls.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 169520 c:\windows\SYSTEM32\DLLCACHE\ole2disp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 192000 c:\windows\SYSTEM32\DLLCACHE\offfilt.dll
+ 2003-03-03 20:57 . 2008-04-14 00:12 104448 c:\windows\SYSTEM32\DLLCACHE\oeimport.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 147456 c:\windows\SYSTEM32\DLLCACHE\odbctrac.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 278559 c:\windows\SYSTEM32\DLLCACHE\odbcjt32.dll
+ 2003-10-28 01:13 . 2008-04-14 00:12 106496 c:\windows\SYSTEM32\DLLCACHE\odbccp32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 135168 c:\windows\SYSTEM32\DLLCACHE\odbcconf.dll
- 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\SYSTEM32\DLLCACHE\odbc32.dll
+ 2003-10-28 01:09 . 2010-11-09 14:52 249856 c:\windows\SYSTEM32\DLLCACHE\odbc32.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 102912 c:\windows\SYSTEM32\DLLCACHE\occache.dll
- 2006-10-17 17:04 . 2011-12-19 08:13 102912 c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2004-08-04 07:56 . 2008-04-13 18:40 408576 c:\windows\SYSTEM32\DLLCACHE\obrb0424.dll
+ 2004-08-04 07:56 . 2008-04-13 18:40 405504 c:\windows\SYSTEM32\DLLCACHE\obrb041b.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 286208 c:\windows\SYSTEM32\DLLCACHE\objsel.dll
+ 2002-08-29 10:00 . 2009-10-13 10:30 270336 c:\windows\SYSTEM32\DLLCACHE\oakley.dll
- 2009-10-13 10:30 . 2009-10-13 10:30 270336 c:\windows\SYSTEM32\DLLCACHE\oakley.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 142336 c:\windows\SYSTEM32\DLLCACHE\nwprovau.dll
+ 2012-04-15 12:07 . 2001-08-17 16:50 198144 c:\windows\SYSTEM32\DLLCACHE\nv3.sys
+ 2012-04-15 12:07 . 2001-08-18 02:36 123776 c:\windows\SYSTEM32\DLLCACHE\nv3.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 420864 c:\windows\SYSTEM32\DLLCACHE\ntvdm.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 143360 c:\windows\SYSTEM32\DLLCACHE\ntshrui.dll
+ 2012-04-15 12:07 . 2004-08-04 05:41 180360 c:\windows\SYSTEM32\DLLCACHE\ntmtlfax.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 435200 c:\windows\SYSTEM32\DLLCACHE\ntmssvc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 488448 c:\windows\SYSTEM32\DLLCACHE\ntmsmgr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 179200 c:\windows\SYSTEM32\DLLCACHE\ntmsdba.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 118784 c:\windows\SYSTEM32\DLLCACHE\ntmarta.dll
+ 2002-08-29 10:00 . 2008-04-13 19:15 574976 c:\windows\SYSTEM32\DLLCACHE\ntfs.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 212992 c:\windows\SYSTEM32\DLLCACHE\ntevt.dll
+ 2002-08-29 10:00 . 2010-12-09 15:15 718336 c:\windows\SYSTEM32\DLLCACHE\ntdll.dll
- 2009-04-15 22:16 . 2010-12-09 15:15 718336 c:\windows\SYSTEM32\DLLCACHE\ntdll.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 364544 c:\windows\SYSTEM32\DLLCACHE\npdsplay.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 226816 c:\windows\SYSTEM32\DLLCACHE\npdrmv2.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 188416 c:\windows\SYSTEM32\DLLCACHE\nmwb.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 172032 c:\windows\SYSTEM32\DLLCACHE\nmoldwb.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 151552 c:\windows\SYSTEM32\DLLCACHE\nmft.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 229376 c:\windows\SYSTEM32\DLLCACHE\nmas.dll
+ 2012-04-15 12:07 . 2001-08-17 16:20 126080 c:\windows\SYSTEM32\DLLCACHE\nm5a2wdm.sys
+ 2003-01-31 20:46 . 2008-04-14 00:12 247808 c:\windows\SYSTEM32\DLLCACHE\newdev.dll
+ 2012-04-15 12:07 . 2002-08-29 02:59 132695 c:\windows\SYSTEM32\DLLCACHE\netwlan5.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 308224 c:\windows\SYSTEM32\DLLCACHE\netui2.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 245760 c:\windows\SYSTEM32\DLLCACHE\netui1.dll
+ 2002-08-29 10:00 . 2008-04-14 00:16 329728 c:\windows\SYSTEM32\DLLCACHE\netsetup.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 875008 c:\windows\SYSTEM32\DLLCACHE\netplwiz.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 171008 c:\windows\SYSTEM32\DLLCACHE\netmsg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 198144 c:\windows\SYSTEM32\DLLCACHE\netman.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 407040 c:\windows\SYSTEM32\DLLCACHE\netlogon.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 139264 c:\windows\SYSTEM32\DLLCACHE\netid.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 253952 c:\windows\SYSTEM32\DLLCACHE\neth.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 214016 c:\windows\SYSTEM32\DLLCACHE\netevent.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 111104 c:\windows\SYSTEM32\DLLCACHE\netdde.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 622592 c:\windows\SYSTEM32\DLLCACHE\netcfgx.dll
+ 2002-08-29 10:00 . 2008-04-13 19:21 162816 c:\windows\SYSTEM32\DLLCACHE\netbt.sys
- 2008-10-24 01:07 . 2008-10-15 16:34 337408 c:\windows\SYSTEM32\DLLCACHE\netapi32.dll
+ 2004-07-22 02:20 . 2008-10-15 16:34 337408 c:\windows\SYSTEM32\DLLCACHE\netapi32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 108464 c:\windows\SYSTEM32\DLLCACHE\netapi.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 124928 c:\windows\SYSTEM32\DLLCACHE\net1.exe
+ 2002-08-29 10:00 . 2008-04-13 19:20 182656 c:\windows\SYSTEM32\DLLCACHE\ndis.sys
+ 2008-07-21 00:29 . 2008-04-14 00:12 176640 c:\windows\SYSTEM32\DLLCACHE\napstat.exe
+ 2008-07-21 00:29 . 2008-04-14 00:12 193024 c:\windows\SYSTEM32\DLLCACHE\napmontr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 221184 c:\windows\SYSTEM32\DLLCACHE\nac.dll
+ 2012-04-15 12:07 . 2001-08-17 16:11 128000 c:\windows\SYSTEM32\DLLCACHE\n100325.sys
- 2011-06-16 10:59 . 2011-04-21 13:37 105472 c:\windows\SYSTEM32\DLLCACHE\mup.sys
+ 2002-08-29 10:00 . 2011-04-21 13:37 105472 c:\windows\SYSTEM32\DLLCACHE\mup.sys
+ 2012-04-15 12:07 . 2001-08-17 16:50 103296 c:\windows\SYSTEM32\DLLCACHE\mtxvideo.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 452736 c:\windows\SYSTEM32\DLLCACHE\mtxparhm.sys
+ 2008-07-21 00:29 . 2008-04-14 00:12 119808 c:\windows\SYSTEM32\DLLCACHE\mtstocom.exe
+ 2012-04-15 12:06 . 2004-08-04 05:41 126686 c:\windows\SYSTEM32\DLLCACHE\mtlmnt5.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 701440 c:\windows\SYSTEM32\DLLCACHE\msxml2.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 506368 c:\windows\SYSTEM32\DLLCACHE\msxml.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 355104 c:\windows\SYSTEM32\DLLCACHE\msxbde40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 355104 c:\windows\SYSTEM32\DLLCACHE\msxbde40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 621344 c:\windows\SYSTEM32\DLLCACHE\mswstr10.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 621344 c:\windows\SYSTEM32\DLLCACHE\mswstr10.dll
+ 2002-08-29 10:00 . 2008-06-20 16:02 245248 c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
- 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
+ 2002-12-12 05:14 . 2009-08-05 09:01 204800 c:\windows\SYSTEM32\DLLCACHE\mswebdvd.dll
- 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\SYSTEM32\DLLCACHE\mswebdvd.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 838432 c:\windows\SYSTEM32\DLLCACHE\mswdat10.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 838432 c:\windows\SYSTEM32\DLLCACHE\mswdat10.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 126912 c:\windows\SYSTEM32\DLLCACHE\msvideo.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 121344 c:\windows\SYSTEM32\DLLCACHE\msvfw32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 253952 c:\windows\SYSTEM32\DLLCACHE\msvcrt20.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 343040 c:\windows\SYSTEM32\DLLCACHE\msvcrt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 413696 c:\windows\SYSTEM32\DLLCACHE\msvcp60.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 565760 c:\windows\SYSTEM32\DLLCACHE\msvcp50.dll
- 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\SYSTEM32\DLLCACHE\msv1_0.dll
+ 2002-08-29 10:00 . 2009-09-11 14:18 136192 c:\windows\SYSTEM32\DLLCACHE\msv1_0.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 195072 c:\windows\SYSTEM32\DLLCACHE\msutb.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 116224 c:\windows\SYSTEM32\DLLCACHE\mstlsapi.dll
- 2006-05-10 05:23 . 2011-12-19 08:13 671232 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 671232 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 264992 c:\windows\SYSTEM32\DLLCACHE\mstext40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 264992 c:\windows\SYSTEM32\DLLCACHE\mstext40.dll
+ 2004-07-22 02:20 . 2008-04-14 00:12 274944 c:\windows\SYSTEM32\DLLCACHE\mstask.dll
+ 2004-04-19 03:14 . 2008-04-14 00:12 274432 c:\windows\SYSTEM32\DLLCACHE\mst120.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 235520 c:\windows\SYSTEM32\DLLCACHE\mssoap1.dll
+ 2008-07-21 00:29 . 2008-04-14 00:12 155136 c:\windows\SYSTEM32\DLLCACHE\mssha.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 134656 c:\windows\SYSTEM32\DLLCACHE\mssap.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 559904 c:\windows\SYSTEM32\DLLCACHE\msrepl40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 559904 c:\windows\SYSTEM32\DLLCACHE\msrepl40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 322336 c:\windows\SYSTEM32\DLLCACHE\msrd3x40.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 322336 c:\windows\SYSTEM32\DLLCACHE\msrd3x40.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 432928 c:\windows\SYSTEM32\DLLCACHE\msrd2x40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 432928 c:\windows\SYSTEM32\DLLCACHE\msrd2x40.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 193024 c:\windows\SYSTEM32\DLLCACHE\msrating.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 193024 c:\windows\SYSTEM32\DLLCACHE\msrating.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 355104 c:\windows\SYSTEM32\DLLCACHE\mspbde40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 355104 c:\windows\SYSTEM32\DLLCACHE\mspbde40.dll
- 2009-12-16 18:43 . 2009-12-16 18:43 343040 c:\windows\SYSTEM32\DLLCACHE\mspaint.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 343040 c:\windows\SYSTEM32\DLLCACHE\mspaint.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 143360 c:\windows\SYSTEM32\DLLCACHE\msorcl32.dll
+ 2003-03-03 19:57 . 2008-04-14 00:12 105984 c:\windows\SYSTEM32\DLLCACHE\msoert2.dll
+ 2003-03-03 20:57 . 2008-04-14 00:12 252928 c:\windows\SYSTEM32\DLLCACHE\msoeacct.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 565248 c:\windows\SYSTEM32\DLLCACHE\msobmain.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 122368 c:\windows\SYSTEM32\DLLCACHE\msobcomm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 290816 c:\windows\SYSTEM32\DLLCACHE\msnsspc.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 219936 c:\windows\SYSTEM32\DLLCACHE\msltus40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 219936 c:\windows\SYSTEM32\DLLCACHE\msltus40.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 248608 c:\windows\SYSTEM32\DLLCACHE\msjtes40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 248608 c:\windows\SYSTEM32\DLLCACHE\msjtes40.dll
+ 2002-08-29 10:00 . 2010-11-09 14:52 102400 c:\windows\SYSTEM32\DLLCACHE\msjro.dll
- 2010-11-09 14:52 . 2010-11-09 14:52 102400 c:\windows\SYSTEM32\DLLCACHE\msjro.dll
+ 2004-04-19 03:13 . 2008-04-14 00:12 151583 c:\windows\SYSTEM32\DLLCACHE\msjint40.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 273920 c:\windows\SYSTEM32\DLLCACHE\msiprov.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 376832 c:\windows\SYSTEM32\DLLCACHE\msinfo.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 159232 c:\windows\SYSTEM32\DLLCACHE\msimtf.dll
+ 2002-08-29 10:00 . 2008-04-13 15:39 884736 c:\windows\SYSTEM32\DLLCACHE\msimsg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 271360 c:\windows\SYSTEM32\DLLCACHE\msihnd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 248832 c:\windows\SYSTEM32\DLLCACHE\msieftp.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 478720 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 478720 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
+ 2003-09-06 01:34 . 2002-08-29 10:00 126976 c:\windows\SYSTEM32\DLLCACHE\mshearts.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 997376 c:\windows\SYSTEM32\DLLCACHE\msgina.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 539136 c:\windows\SYSTEM32\DLLCACHE\msftedit.dll
+ 2012-03-01 01:25 . 2012-03-01 01:25 468480 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
- 2007-05-09 10:44 . 2011-12-19 08:13 468480 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 326432 c:\windows\SYSTEM32\DLLCACHE\msexcl40.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 326432 c:\windows\SYSTEM32\DLLCACHE\msexcl40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 518944 c:\windows\SYSTEM32\DLLCACHE\msexch40.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 518944 c:\windows\SYSTEM32\DLLCACHE\msexch40.dll
+ 2004-04-19 03:14 . 2008-06-12 14:23 161792 c:\windows\SYSTEM32\DLLCACHE\msdtcuiu.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 161792 c:\windows\SYSTEM32\DLLCACHE\msdtcuiu.dll
+ 2004-04-19 03:14 . 2008-06-12 14:23 956928 c:\windows\SYSTEM32\DLLCACHE\msdtctm.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 956928 c:\windows\SYSTEM32\DLLCACHE\msdtctm.dll
+ 2004-04-19 03:14 . 2008-06-12 14:23 428032 c:\windows\SYSTEM32\DLLCACHE\msdtcprx.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 428032 c:\windows\SYSTEM32\DLLCACHE\msdtcprx.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 315392 c:\windows\SYSTEM32\DLLCACHE\msdasql.dll
+ 2003-10-28 01:09 . 2008-04-14 00:11 151552 c:\windows\SYSTEM32\DLLCACHE\msdart.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 118784 c:\windows\SYSTEM32\DLLCACHE\msdarem.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 204800 c:\windows\SYSTEM32\DLLCACHE\msdaps.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 200704 c:\windows\SYSTEM32\DLLCACHE\msdaprst.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 233472 c:\windows\SYSTEM32\DLLCACHE\msdaora.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 118784 c:\windows\SYSTEM32\DLLCACHE\msdadiag.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 297984 c:\windows\SYSTEM32\DLLCACHE\msctf.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 169984 c:\windows\SYSTEM32\DLLCACHE\msconfig.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 220160 c:\windows\SYSTEM32\DLLCACHE\mscandui.dll
- 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\SYSTEM32\DLLCACHE\msadox.dll
+ 2002-08-29 10:00 . 2010-11-09 14:52 200704 c:\windows\SYSTEM32\DLLCACHE\msadox.dll
- 2010-11-09 14:52 . 2010-11-09 14:52 180224 c:\windows\SYSTEM32\DLLCACHE\msadomd.dll
+ 2002-08-29 10:00 . 2010-11-09 14:52 180224 c:\windows\SYSTEM32\DLLCACHE\msadomd.dll
- 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\SYSTEM32\DLLCACHE\msado15.dll
+ 2002-08-29 10:00 . 2010-11-09 14:52 536576 c:\windows\SYSTEM32\DLLCACHE\msado15.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 155648 c:\windows\SYSTEM32\DLLCACHE\msadds.dll
+ 2002-08-29 10:00 . 2010-11-09 14:52 143360 c:\windows\SYSTEM32\DLLCACHE\msadco.dll
- 2010-11-09 14:52 . 2010-11-09 14:52 143360 c:\windows\SYSTEM32\DLLCACHE\msadco.dll
- 2008-08-13 10:55 . 2008-05-01 14:33 331776 c:\windows\SYSTEM32\DLLCACHE\msadce.dll
+ 2002-08-29 10:00 . 2008-05-01 14:33 331776 c:\windows\SYSTEM32\DLLCACHE\msadce.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 102912 c:\windows\SYSTEM32\DLLCACHE\msaatext.dll
+ 2002-08-29 10:00 . 2011-07-15 13:29 456320 c:\windows\SYSTEM32\DLLCACHE\mrxsmb.sys
- 2008-11-11 22:06 . 2011-07-15 13:29 456320 c:\windows\SYSTEM32\DLLCACHE\mrxsmb.sys
+ 2002-08-29 10:00 . 2008-04-13 18:32 180608 c:\windows\SYSTEM32\DLLCACHE\mrxdav.sys
+ 2004-08-04 07:56 . 2006-10-19 02:47 243712 c:\windows\SYSTEM32\DLLCACHE\mpvis.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 123392 c:\windows\SYSTEM32\DLLCACHE\mplay32.exe
+ 2002-08-29 10:00 . 2008-04-13 16:45 216064 c:\windows\SYSTEM32\DLLCACHE\moricons.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 123904 c:\windows\SYSTEM32\DLLCACHE\mofd.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 153600 c:\windows\SYSTEM32\DLLCACHE\modemui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 143360 c:\windows\SYSTEM32\DLLCACHE\mobsync.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 207360 c:\windows\SYSTEM32\DLLCACHE\mobsync.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 119808 c:\windows\SYSTEM32\DLLCACHE\mmutilse.dll
+ 2008-07-21 00:29 . 2008-04-14 00:11 106496 c:\windows\SYSTEM32\DLLCACHE\Mmcfxc.dll
+ 2008-07-21 00:29 . 2008-04-14 00:11 397312 c:\windows\SYSTEM32\DLLCACHE\mmcex.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 163328 c:\windows\SYSTEM32\DLLCACHE\mmcbase.dll
+ 2008-07-21 00:29 . 2008-04-14 00:11 184320 c:\windows\SYSTEM32\DLLCACHE\mmc30.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 586240 c:\windows\SYSTEM32\DLLCACHE\mlang.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 673088 c:\windows\SYSTEM32\DLLCACHE\mlang.dat
+ 2008-07-21 00:29 . 2008-04-14 00:12 241152 c:\windows\SYSTEM32\DLLCACHE\migwiza.exe
+ 2002-11-20 16:22 . 2008-04-14 00:12 245248 c:\windows\SYSTEM32\DLLCACHE\migwiz.exe
+ 2004-08-04 07:56 . 2004-08-04 07:56 786432 c:\windows\SYSTEM32\DLLCACHE\migrate.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 103936 c:\windows\SYSTEM32\DLLCACHE\migload.exe
+ 2008-07-21 00:29 . 2008-04-14 00:11 261120 c:\windows\SYSTEM32\DLLCACHE\migisma.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 274432 c:\windows\SYSTEM32\DLLCACHE\migism.dll
+ 2012-04-15 12:06 . 2001-08-17 16:50 320384 c:\windows\SYSTEM32\DLLCACHE\mgaum.sys
+ 2012-04-15 12:06 . 2001-08-17 18:56 235648 c:\windows\SYSTEM32\DLLCACHE\mgaud.dll
- 2006-10-14 08:13 . 2011-02-08 13:33 974848 c:\windows\SYSTEM32\DLLCACHE\mfc42u.dll
+ 2002-08-29 10:00 . 2011-02-08 13:33 974848 c:\windows\SYSTEM32\DLLCACHE\mfc42u.dll
- 2010-10-13 01:00 . 2011-02-08 13:33 978944 c:\windows\SYSTEM32\DLLCACHE\mfc42.dll
+ 2002-08-29 10:00 . 2011-02-08 13:33 978944 c:\windows\SYSTEM32\DLLCACHE\mfc42.dll
- 2010-10-13 01:00 . 2010-09-18 06:53 953856 c:\windows\SYSTEM32\DLLCACHE\mfc40u.dll
+ 2002-08-29 10:00 . 2010-09-18 06:53 953856 c:\windows\SYSTEM32\DLLCACHE\mfc40u.dll
+ 2002-08-29 10:00 . 2010-09-18 06:53 954368 c:\windows\SYSTEM32\DLLCACHE\mfc40.dll
- 2010-10-13 01:00 . 2010-09-18 06:53 954368 c:\windows\SYSTEM32\DLLCACHE\mfc40.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 362496 c:\windows\SYSTEM32\DLLCACHE\metal_ss.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 147968 c:\windows\SYSTEM32\DLLCACHE\mdwmdmsp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 118272 c:\windows\SYSTEM32\DLLCACHE\mdminst.dll
+ 2012-04-15 12:06 . 2001-08-17 16:12 164586 c:\windows\SYSTEM32\DLLCACHE\mdgndis5.sys
+ 2012-04-15 12:06 . 2001-08-17 17:28 797500 c:\windows\SYSTEM32\DLLCACHE\ltsmt.sys
+ 2012-04-15 12:06 . 2001-08-17 17:28 802683 c:\windows\SYSTEM32\DLLCACHE\ltsm.sys
+ 2012-04-15 12:06 . 2002-08-29 03:34 420992 c:\windows\SYSTEM32\DLLCACHE\ltmdmntt.sys
+ 2012-04-15 12:06 . 2001-08-17 17:28 576746 c:\windows\SYSTEM32\DLLCACHE\ltmdmntl.sys
+ 2012-04-15 12:06 . 2004-08-04 05:41 606684 c:\windows\SYSTEM32\DLLCACHE\ltmdmnt.sys
+ 2012-04-15 12:06 . 2001-08-17 17:28 727786 c:\windows\SYSTEM32\DLLCACHE\ltck000c.sys
+ 2002-08-29 10:00 . 2010-12-20 17:26 730112 c:\windows\SYSTEM32\DLLCACHE\lsasrv.dll
- 2009-04-15 22:16 . 2010-12-20 17:26 730112 c:\windows\SYSTEM32\DLLCACHE\lsasrv.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 514560 c:\windows\SYSTEM32\DLLCACHE\logonui.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 220672 c:\windows\SYSTEM32\DLLCACHE\logon.scr
- 2009-05-07 15:32 . 2009-05-07 15:32 345600 c:\windows\SYSTEM32\DLLCACHE\localspl.dll
+ 2002-08-29 10:00 . 2009-05-07 15:32 345600 c:\windows\SYSTEM32\DLLCACHE\localspl.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 221696 c:\windows\SYSTEM32\DLLCACHE\localsec.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 399872 c:\windows\SYSTEM32\DLLCACHE\lmrt.dll
+ 2002-08-29 10:00 . 2008-04-14 09:41 423936 c:\windows\SYSTEM32\DLLCACHE\licdll.dll
+ 2002-08-29 10:00 . 2011-01-27 11:57 677888 c:\windows\SYSTEM32\DLLCACHE\lhmstsc.exe
- 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\SYSTEM32\DLLCACHE\lhmstsc.exe
+ 2003-09-03 00:01 . 2008-04-13 18:45 172416 c:\windows\SYSTEM32\DLLCACHE\kmixer.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 150528 c:\windows\SYSTEM32\DLLCACHE\keymgr.dll
- 2009-03-21 14:06 . 2009-03-21 14:06 989696 c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
+ 2002-08-29 10:00 . 2009-03-21 14:06 989696 c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
- 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\SYSTEM32\DLLCACHE\kerberos.dll
+ 2002-08-29 10:00 . 2010-12-22 12:34 301568 c:\windows\SYSTEM32\DLLCACHE\kerberos.dll
+ 2012-04-15 12:06 . 2008-04-14 00:11 253952 c:\windows\SYSTEM32\DLLCACHE\kdsusd.dll
- 2008-05-09 10:53 . 2011-03-04 06:45 512000 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
+ 2003-01-13 18:57 . 2011-03-04 06:45 512000 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 362496 c:\windows\SYSTEM32\DLLCACHE\jet500.dll
+ 2004-07-22 02:20 . 2008-04-14 00:11 138240 c:\windows\SYSTEM32\DLLCACHE\itss.dll
+ 2003-08-28 13:57 . 2008-04-14 00:11 155136 c:\windows\SYSTEM32\DLLCACHE\itircl.dll
+ 2012-04-15 12:06 . 2008-04-14 00:12 151552 c:\windows\SYSTEM32\DLLCACHE\irftp.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 384000 c:\windows\SYSTEM32\DLLCACHE\ipsmsnap.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 183808 c:\windows\SYSTEM32\DLLCACHE\ipsecsvc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 349696 c:\windows\SYSTEM32\DLLCACHE\ipsecsnp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 177152 c:\windows\SYSTEM32\DLLCACHE\iprtrmgr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 330752 c:\windows\SYSTEM32\DLLCACHE\ippromon.dll
+ 2004-04-19 03:14 . 2008-04-14 00:11 331264 c:\windows\SYSTEM32\DLLCACHE\ipnathlp.dll
+ 2002-08-29 10:00 . 2008-04-13 18:57 152832 c:\windows\SYSTEM32\DLLCACHE\ipnat.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 161280 c:\windows\SYSTEM32\DLLCACHE\ipmontr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 123392 c:\windows\SYSTEM32\DLLCACHE\input.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 147456 c:\windows\SYSTEM32\DLLCACHE\initpki.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 450560 c:\windows\SYSTEM32\DLLCACHE\infosoft.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 110592 c:\windows\SYSTEM32\DLLCACHE\inetcplc.dll
+ 2004-06-07 18:19 . 2011-10-10 14:22 692736 c:\windows\SYSTEM32\DLLCACHE\inetcomm.dll
- 2008-08-13 10:54 . 2011-10-10 14:22 692736 c:\windows\SYSTEM32\DLLCACHE\inetcomm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 274432 c:\windows\SYSTEM32\DLLCACHE\inetcfg.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 123392 c:\windows\SYSTEM32\DLLCACHE\imsinsnt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 110080 c:\windows\SYSTEM32\DLLCACHE\imm32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 150528 c:\windows\SYSTEM32\DLLCACHE\imapi.exe
+ 2002-08-29 10:00 . 2012-02-29 14:10 148480 c:\windows\SYSTEM32\DLLCACHE\imagehlp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 505344 c:\windows\SYSTEM32\DLLCACHE\iis.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 135680 c:\windows\SYSTEM32\DLLCACHE\ifmon.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 114688 c:\windows\SYSTEM32\DLLCACHE\iexpress.exe
- 2002-08-29 10:00 . 2011-12-16 11:00 634680 c:\windows\SYSTEM32\DLLCACHE\iexplore.exe
+ 2002-08-29 10:00 . 2012-02-29 11:01 634680 c:\windows\SYSTEM32\DLLCACHE\iexplore.exe
+ 2012-03-01 01:25 . 2012-03-01 01:25 268288 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
- 2007-05-09 10:44 . 2011-12-19 08:13 268288 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 192512 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 192512 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 384512 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
- 2006-11-07 08:27 . 2011-12-19 08:13 384512 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
- 2007-05-09 10:44 . 2011-12-19 08:13 380928 c:\windows\SYSTEM32\DLLCACHE\ieapfltr.dll
+ 2012-03-01 01:25 . 2012-03-01 01:25 380928 c:\windows\SYSTEM32\DLLCACHE\ieapfltr.dll
+ 2002-08-29 10:00 . 2012-02-29 10:59 161792 c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
- 2006-11-07 08:25 . 2011-12-16 10:58 161792 c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 230400 c:\windows\SYSTEM32\DLLCACHE\ieaksie.dll
- 2006-11-07 08:27 . 2011-12-19 08:13 230400 c:\windows\SYSTEM32\DLLCACHE\ieaksie.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 153088 c:\windows\SYSTEM32\DLLCACHE\ieakeng.dll
- 2006-11-07 08:26 . 2011-12-19 08:13 153088 c:\windows\SYSTEM32\DLLCACHE\ieakeng.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 120832 c:\windows\SYSTEM32\DLLCACHE\idq.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 172032 c:\windows\SYSTEM32\DLLCACHE\icwhelp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 214528 c:\windows\SYSTEM32\DLLCACHE\icwconn1.exe
+ 2012-04-15 12:05 . 2001-08-18 02:36 372824 c:\windows\SYSTEM32\DLLCACHE\iconf32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 254976 c:\windows\SYSTEM32\DLLCACHE\icm32.dll
+ 2012-04-15 12:05 . 2001-08-17 18:06 100992 c:\windows\SYSTEM32\DLLCACHE\icam5usb.sys
+ 2012-04-15 12:05 . 2001-08-17 18:06 154496 c:\windows\SYSTEM32\DLLCACHE\icam4usb.sys
+ 2012-04-15 12:05 . 2001-08-17 18:05 141056 c:\windows\SYSTEM32\DLLCACHE\icam3.sys
+ 2012-04-15 12:05 . 2001-08-17 16:12 109085 c:\windows\SYSTEM32\DLLCACHE\ibmtrp.sys
+ 2012-04-15 12:05 . 2001-08-17 16:12 100936 c:\windows\SYSTEM32\DLLCACHE\ibmtok.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 247808 c:\windows\SYSTEM32\DLLCACHE\iassdo.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 141312 c:\windows\SYSTEM32\DLLCACHE\iasrecst.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 119808 c:\windows\SYSTEM32\DLLCACHE\iasrad.dll
+ 2012-04-15 12:05 . 2004-08-04 05:29 161020 c:\windows\SYSTEM32\DLLCACHE\i81xnt5.sys
+ 2001-08-18 03:36 . 2008-04-14 00:11 702845 c:\windows\SYSTEM32\DLLCACHE\i81xdnt5.dll
+ 2012-04-15 12:05 . 2001-08-17 18:56 353184 c:\windows\SYSTEM32\DLLCACHE\i740dnt5.dll
+ 2004-08-04 06:00 . 2009-10-20 16:20 265728 c:\windows\SYSTEM32\DLLCACHE\http.sys

GreenWithEnvy
2012-04-18, 15:37
- 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\SYSTEM32\DLLCACHE\http.sys
+ 2004-08-04 05:41 . 2004-08-04 05:41 685056 c:\windows\SYSTEM32\DLLCACHE\hsfcxts2.sys
+ 2004-08-04 05:41 . 2004-08-04 05:41 220032 c:\windows\SYSTEM32\DLLCACHE\hsfbs2s2.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 488383 c:\windows\SYSTEM32\DLLCACHE\hsf_v124.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 542879 c:\windows\SYSTEM32\DLLCACHE\hsf_msft.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 391199 c:\windows\SYSTEM32\DLLCACHE\hsf_k56k.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 115807 c:\windows\SYSTEM32\DLLCACHE\hsf_fsks.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 199711 c:\windows\SYSTEM32\DLLCACHE\hsf_faxx.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 289887 c:\windows\SYSTEM32\DLLCACHE\hsf_fall.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 150239 c:\windows\SYSTEM32\DLLCACHE\hsf_amos.sys
+ 2012-04-15 12:05 . 2001-08-18 02:36 324608 c:\windows\SYSTEM32\DLLCACHE\hpojwia.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 165888 c:\windows\SYSTEM32\DLLCACHE\hpgt53.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 123392 c:\windows\SYSTEM32\DLLCACHE\hpgt21tk.dll
+ 2012-04-15 12:05 . 2001-08-18 02:36 119296 c:\windows\SYSTEM32\DLLCACHE\hpdigwia.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 144896 c:\windows\SYSTEM32\DLLCACHE\hotplug.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 362496 c:\windows\SYSTEM32\DLLCACHE\home_ss.dll
+ 2003-04-24 21:27 . 2008-04-14 00:11 330752 c:\windows\SYSTEM32\DLLCACHE\hnetwiz.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 344064 c:\windows\SYSTEM32\DLLCACHE\hnetcfg.dll
- 2010-07-16 21:30 . 2010-06-14 14:31 744448 c:\windows\SYSTEM32\DLLCACHE\helpsvc.exe
+ 2002-08-29 10:00 . 2010-06-14 14:31 744448 c:\windows\SYSTEM32\DLLCACHE\helpsvc.exe
+ 2004-04-14 21:50 . 2008-04-14 00:12 769024 c:\windows\SYSTEM32\DLLCACHE\helpctr.exe
+ 2012-04-15 12:05 . 2001-08-17 17:28 907456 c:\windows\SYSTEM32\DLLCACHE\hcf_msft.sys
+ 2004-04-19 03:14 . 2008-04-14 00:11 614912 c:\windows\SYSTEM32\DLLCACHE\h323msp.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 115200 c:\windows\SYSTEM32\DLLCACHE\guitrna.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 133120 c:\windows\SYSTEM32\DLLCACHE\guitrn.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 101888 c:\windows\SYSTEM32\DLLCACHE\gpkcsp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 122880 c:\windows\SYSTEM32\DLLCACHE\glu32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 285184 c:\windows\SYSTEM32\DLLCACHE\glmf32.dll
+ 2003-09-06 01:33 . 2002-08-29 10:00 605696 c:\windows\SYSTEM32\DLLCACHE\getuname.dll
- 2008-10-23 12:36 . 2008-10-23 12:36 286720 c:\windows\SYSTEM32\DLLCACHE\gdi32.dll
+ 2002-08-29 10:00 . 2008-10-23 12:36 286720 c:\windows\SYSTEM32\DLLCACHE\gdi32.dll
+ 2012-04-15 12:05 . 2001-08-17 16:49 322432 c:\windows\SYSTEM32\DLLCACHE\g400m.sys
+ 2012-04-15 12:05 . 2001-08-17 16:49 320384 c:\windows\SYSTEM32\DLLCACHE\g200m.sys
+ 2012-04-15 12:05 . 2001-08-17 18:56 470144 c:\windows\SYSTEM32\DLLCACHE\g200d.dll
+ 2012-04-15 12:05 . 2001-08-17 16:15 454912 c:\windows\SYSTEM32\DLLCACHE\fxusbase.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 400384 c:\windows\SYSTEM32\DLLCACHE\fxsxp32.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 192512 c:\windows\SYSTEM32\DLLCACHE\fxswzrd.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 154112 c:\windows\SYSTEM32\DLLCACHE\fxsui.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 397312 c:\windows\SYSTEM32\DLLCACHE\fxstiff.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 246272 c:\windows\SYSTEM32\DLLCACHE\fxst30.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 267776 c:\windows\SYSTEM32\DLLCACHE\fxssvc.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 562176 c:\windows\SYSTEM32\DLLCACHE\fxsst.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 132608 c:\windows\SYSTEM32\DLLCACHE\fxsocm.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 229376 c:\windows\SYSTEM32\DLLCACHE\fxscover.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 285184 c:\windows\SYSTEM32\DLLCACHE\fxscomex.dll
+ 2003-09-06 01:32 . 2002-08-29 10:00 132608 c:\windows\SYSTEM32\DLLCACHE\fxsclntr.dll
- 2003-09-03 00:03 . 2002-08-29 10:00 132608 c:\windows\SYSTEM32\DLLCACHE\fxsclntr.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 142848 c:\windows\SYSTEM32\DLLCACHE\fxsclnt.exe
+ 2003-09-06 01:32 . 2002-08-29 10:00 111104 c:\windows\SYSTEM32\DLLCACHE\fxscfgwz.dll
- 2003-09-03 00:03 . 2002-08-29 10:00 111104 c:\windows\SYSTEM32\DLLCACHE\fxscfgwz.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 451584 c:\windows\SYSTEM32\DLLCACHE\fxsapi.dll
+ 2012-04-15 12:05 . 2001-08-17 16:15 455296 c:\windows\SYSTEM32\DLLCACHE\fusbbase.sys
+ 2012-04-15 12:05 . 2001-08-17 16:15 455680 c:\windows\SYSTEM32\DLLCACHE\fus2base.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 176128 c:\windows\SYSTEM32\DLLCACHE\ftsrch.dll
+ 2001-08-17 18:52 . 2001-08-17 18:52 125056 c:\windows\SYSTEM32\DLLCACHE\ftdisk.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 193024 c:\windows\SYSTEM32\DLLCACHE\fsquirt.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 185344 c:\windows\SYSTEM32\DLLCACHE\framedyn.dll
+ 2012-04-15 12:05 . 2001-08-17 16:15 442240 c:\windows\SYSTEM32\DLLCACHE\fpnpbase.sys
+ 2004-08-04 07:56 . 2007-04-02 16:36 208896 c:\windows\SYSTEM32\DLLCACHE\fpmmcsat.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 598071 c:\windows\SYSTEM32\DLLCACHE\fpmmc.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 188494 c:\windows\SYSTEM32\DLLCACHE\fpcount.exe
+ 2012-04-15 12:05 . 2001-08-17 16:14 441728 c:\windows\SYSTEM32\DLLCACHE\fpcmbase.sys
+ 2012-04-15 12:05 . 2001-08-17 16:14 444416 c:\windows\SYSTEM32\DLLCACHE\fpcibase.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 109840 c:\windows\SYSTEM32\DLLCACHE\fp98swin.exe
+ 2004-08-04 07:56 . 2008-04-14 00:11 876653 c:\windows\SYSTEM32\DLLCACHE\fp4awel.dll
+ 2002-05-14 17:08 . 2008-04-14 00:11 618605 c:\windows\SYSTEM32\DLLCACHE\fp4autl.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 102509 c:\windows\SYSTEM32\DLLCACHE\fp4atxt.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 147513 c:\windows\SYSTEM32\DLLCACHE\fp4apws.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 184435 c:\windows\SYSTEM32\DLLCACHE\fp4amsft.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 382976 c:\windows\SYSTEM32\DLLCACHE\fontext.dll
+ 2004-08-04 06:01 . 2008-04-13 18:32 129792 c:\windows\SYSTEM32\DLLCACHE\fltmgr.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 337920 c:\windows\SYSTEM32\DLLCACHE\filemgmt.dll
- 2009-04-15 22:16 . 2009-02-09 12:10 473600 c:\windows\SYSTEM32\DLLCACHE\fastprox.dll
+ 2002-08-29 10:00 . 2009-02-09 12:10 473600 c:\windows\SYSTEM32\DLLCACHE\fastprox.dll
+ 2002-08-29 10:00 . 2008-04-13 19:14 143744 c:\windows\SYSTEM32\DLLCACHE\fastfat.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 125952 c:\windows\SYSTEM32\DLLCACHE\exts.dll
- 2006-05-10 05:22 . 2011-12-19 08:13 133120 c:\windows\SYSTEM32\DLLCACHE\extmgr.dll
+ 2004-08-04 07:56 . 2012-03-01 01:25 133120 c:\windows\SYSTEM32\DLLCACHE\extmgr.dll
+ 2004-04-19 03:13 . 2008-04-14 00:11 380445 c:\windows\SYSTEM32\DLLCACHE\expsrv.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 101888 c:\windows\SYSTEM32\DLLCACHE\evntagnt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 193024 c:\windows\SYSTEM32\DLLCACHE\eudcedit.exe
+ 2012-04-15 12:05 . 2002-08-29 03:00 137088 c:\windows\SYSTEM32\DLLCACHE\essm2e.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 247808 c:\windows\SYSTEM32\DLLCACHE\esscli.dll
+ 2012-04-15 12:05 . 2001-08-17 17:28 347550 c:\windows\SYSTEM32\DLLCACHE\es56tpi.sys
+ 2012-04-15 12:05 . 2001-08-17 17:28 594238 c:\windows\SYSTEM32\DLLCACHE\es56hpi.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 174464 c:\windows\SYSTEM32\DLLCACHE\es198x.sys
- 2008-07-07 20:26 . 2008-07-07 20:26 253952 c:\windows\SYSTEM32\DLLCACHE\es.dll
+ 2004-04-19 03:14 . 2008-07-07 20:26 253952 c:\windows\SYSTEM32\DLLCACHE\es.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 103424 c:\windows\SYSTEM32\DLLCACHE\eqnclass.dll
+ 2012-04-15 12:04 . 2001-08-17 16:17 629952 c:\windows\SYSTEM32\DLLCACHE\eqn.sys
+ 2012-04-15 12:04 . 2001-08-17 17:50 114944 c:\windows\SYSTEM32\DLLCACHE\epstw2k.sys
+ 2012-04-15 12:04 . 2001-08-17 17:50 144896 c:\windows\SYSTEM32\DLLCACHE\epcfw2k.sys
- 2011-02-09 13:53 . 2011-10-18 11:13 186880 c:\windows\SYSTEM32\DLLCACHE\encdec.dll
+ 2002-08-29 10:00 . 2011-10-18 11:13 186880 c:\windows\SYSTEM32\DLLCACHE\encdec.dll
+ 2012-04-15 12:04 . 2001-08-17 16:19 283904 c:\windows\SYSTEM32\DLLCACHE\emu10k1m.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 183296 c:\windows\SYSTEM32\DLLCACHE\els.dll
+ 2012-04-15 12:04 . 2001-08-17 16:11 171520 c:\windows\SYSTEM32\DLLCACHE\el99xn51.sys
+ 2012-04-15 12:04 . 2001-08-17 16:11 455199 c:\windows\SYSTEM32\DLLCACHE\el985n51.sys
+ 2012-04-15 12:04 . 2001-08-17 16:11 153631 c:\windows\SYSTEM32\DLLCACHE\el90xnd5.sys
+ 2012-04-15 12:04 . 2001-08-17 17:28 241206 c:\windows\SYSTEM32\DLLCACHE\el656se5.sys
+ 2012-04-15 12:04 . 2001-08-17 17:28 634134 c:\windows\SYSTEM32\DLLCACHE\el656ct5.sys
+ 2012-04-15 12:04 . 2002-08-29 10:00 514587 c:\windows\SYSTEM32\DLLCACHE\edb500.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 180224 c:\windows\SYSTEM32\DLLCACHE\eapphost.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 126976 c:\windows\SYSTEM32\DLLCACHE\eappcfg.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 184832 c:\windows\SYSTEM32\DLLCACHE\eapp3hst.dll
- 2006-05-10 05:22 . 2011-12-19 08:13 214528 c:\windows\SYSTEM32\DLLCACHE\dxtrans.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 214528 c:\windows\SYSTEM32\DLLCACHE\dxtrans.dll
- 2006-05-10 05:22 . 2011-12-19 08:13 347136 c:\windows\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 347136 c:\windows\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 498742 c:\windows\SYSTEM32\DLLCACHE\dxmasf.dll
- 2006-08-22 09:05 . 2008-04-14 00:11 498742 c:\windows\SYSTEM32\DLLCACHE\dxmasf.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 619008 c:\windows\SYSTEM32\DLLCACHE\dx7vb.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 180224 c:\windows\SYSTEM32\DLLCACHE\dwwin.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 304128 c:\windows\SYSTEM32\DLLCACHE\duser.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 113152 c:\windows\SYSTEM32\DLLCACHE\dsuiext.dll
+ 2002-08-29 10:00 . 2008-04-13 17:37 138752 c:\windows\SYSTEM32\DLLCACHE\dssenh.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 239104 c:\windows\SYSTEM32\DLLCACHE\dsquery.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 120320 c:\windows\SYSTEM32\DLLCACHE\dsprov.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 142848 c:\windows\SYSTEM32\DLLCACHE\dsprop.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 367616 c:\windows\SYSTEM32\DLLCACHE\dsound.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 155648 c:\windows\SYSTEM32\DLLCACHE\dskquoui.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 181248 c:\windows\SYSTEM32\DLLCACHE\dsdmo.dll
+ 2012-04-15 12:04 . 2001-08-17 16:20 334208 c:\windows\SYSTEM32\DLLCACHE\ds1wdm.sys
+ 2002-12-12 05:14 . 2008-04-14 00:11 116736 c:\windows\SYSTEM32\DLLCACHE\dpvvox.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 212480 c:\windows\SYSTEM32\DLLCACHE\dpvoice.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 375296 c:\windows\SYSTEM32\DLLCACHE\dpnet.dll
+ 2004-04-14 18:56 . 2008-04-14 00:11 229888 c:\windows\SYSTEM32\DLLCACHE\dplayx.dll
+ 2002-08-29 10:00 . 2008-04-13 21:00 103424 c:\windows\SYSTEM32\DLLCACHE\dpcdll.dll
+ 2012-04-15 12:04 . 2008-04-13 18:39 206976 c:\windows\SYSTEM32\DLLCACHE\dot4.sys
+ 2008-07-21 00:28 . 2008-04-14 00:11 650752 c:\windows\SYSTEM32\DLLCACHE\dot3ui.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 132096 c:\windows\SYSTEM32\DLLCACHE\dot3svc.dll
- 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\SYSTEM32\DLLCACHE\dnsapi.dll
+ 2002-08-29 10:00 . 2011-03-03 06:55 149504 c:\windows\SYSTEM32\DLLCACHE\dnsapi.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 104448 c:\windows\SYSTEM32\DLLCACHE\dmusic.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 103424 c:\windows\SYSTEM32\DLLCACHE\dmsynth.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 105984 c:\windows\SYSTEM32\DLLCACHE\dmstyle.dll
+ 2002-08-29 10:00 . 2008-04-13 18:44 153344 c:\windows\SYSTEM32\DLLCACHE\dmio.sys
+ 2002-12-12 05:14 . 2008-04-14 00:11 181248 c:\windows\SYSTEM32\DLLCACHE\dmime.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 118784 c:\windows\SYSTEM32\DLLCACHE\dmdskres.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 200704 c:\windows\SYSTEM32\DLLCACHE\dmdskmgr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 285184 c:\windows\SYSTEM32\DLLCACHE\dmdlgs.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 330752 c:\windows\SYSTEM32\DLLCACHE\dmconfig.dll
+ 2002-08-29 10:00 . 2008-04-13 18:44 799744 c:\windows\SYSTEM32\DLLCACHE\dmboot.sys
+ 2002-08-29 10:00 . 2008-04-14 00:12 224768 c:\windows\SYSTEM32\DLLCACHE\dmadmin.exe
+ 2012-04-15 12:04 . 2001-08-17 16:14 952007 c:\windows\SYSTEM32\DLLCACHE\diwan.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 236060 c:\windows\SYSTEM32\DLLCACHE\ditrace.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 163840 c:\windows\SYSTEM32\DLLCACHE\diskpart.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 181760 c:\windows\SYSTEM32\DLLCACHE\dinput8.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 158720 c:\windows\SYSTEM32\DLLCACHE\dinput.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 614429 c:\windows\SYSTEM32\DLLCACHE\digiview.exe
+ 2012-04-15 12:04 . 2001-08-18 02:36 110621 c:\windows\SYSTEM32\DLLCACHE\digirlpt.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 102484 c:\windows\SYSTEM32\DLLCACHE\digiinf.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 159828 c:\windows\SYSTEM32\DLLCACHE\digihlc.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 229462 c:\windows\SYSTEM32\DLLCACHE\digifwrk.dll
+ 2012-04-15 12:04 . 2001-08-17 16:13 103044 c:\windows\SYSTEM32\DLLCACHE\digidxb.sys
+ 2012-04-15 12:04 . 2001-08-18 02:36 131156 c:\windows\SYSTEM32\DLLCACHE\digidbp.dll
+ 2012-04-15 12:03 . 2001-08-17 16:13 164923 c:\windows\SYSTEM32\DLLCACHE\diapi2.sys
+ 2004-08-04 07:56 . 2008-04-14 00:12 539136 c:\windows\SYSTEM32\DLLCACHE\dialer.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 394240 c:\windows\SYSTEM32\DLLCACHE\diactfrm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 379904 c:\windows\SYSTEM32\DLLCACHE\dhcpmon.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 126976 c:\windows\SYSTEM32\DLLCACHE\dhcpcsvc.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 176157 c:\windows\SYSTEM32\DLLCACHE\dgrpsetu.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 111104 c:\windows\SYSTEM32\DLLCACHE\dgnet.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 419357 c:\windows\SYSTEM32\DLLCACHE\dgconfig.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 124416 c:\windows\SYSTEM32\DLLCACHE\dfrgui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 105472 c:\windows\SYSTEM32\DLLCACHE\dfrgntfs.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 282624 c:\windows\SYSTEM32\DLLCACHE\devmgr.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 256512 c:\windows\SYSTEM32\DLLCACHE\devcon32.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 279552 c:\windows\SYSTEM32\DLLCACHE\ddraw.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 110592 c:\windows\SYSTEM32\DLLCACHE\dc260usd.dll
+ 2003-10-28 01:12 . 2008-04-14 00:11 110592 c:\windows\SYSTEM32\DLLCACHE\dbnetlib.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 640000 c:\windows\SYSTEM32\DLLCACHE\dbghelp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 847872 c:\windows\SYSTEM32\DLLCACHE\dbgeng.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 165376 c:\windows\SYSTEM32\DLLCACHE\datime.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 554008 c:\windows\SYSTEM32\DLLCACHE\dao360.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 554008 c:\windows\SYSTEM32\DLLCACHE\dao360.dll

GreenWithEnvy
2012-04-18, 15:38
+ 2001-08-17 18:52 . 2001-08-17 18:52 179584 c:\windows\SYSTEM32\DLLCACHE\dac2w2k.sys
- 2001-08-23 10:00 . 2001-08-23 10:00 350208 c:\windows\SYSTEM32\DLLCACHE\d3drm.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 350208 c:\windows\SYSTEM32\DLLCACHE\d3drm.dll
- 2001-08-23 10:00 . 2001-08-23 10:00 590336 c:\windows\SYSTEM32\DLLCACHE\d3dramp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 590336 c:\windows\SYSTEM32\DLLCACHE\d3dramp.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 824320 c:\windows\SYSTEM32\DLLCACHE\d3dim700.dll
- 2001-08-23 10:00 . 2001-08-23 10:00 436224 c:\windows\SYSTEM32\DLLCACHE\d3dim.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 436224 c:\windows\SYSTEM32\DLLCACHE\d3dim.dll
+ 2012-04-15 12:04 . 2001-08-17 16:12 117760 c:\windows\SYSTEM32\DLLCACHE\d100ib5.sys
+ 2012-04-15 12:04 . 2001-08-17 16:19 111872 c:\windows\SYSTEM32\DLLCACHE\cwcspud.sys
+ 2012-04-15 12:04 . 2008-04-14 00:11 249856 c:\windows\SYSTEM32\DLLCACHE\ctmasetp.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 326656 c:\windows\SYSTEM32\DLLCACHE\cscui.dll
+ 2002-08-29 10:00 . 2008-05-07 09:07 135168 c:\windows\SYSTEM32\DLLCACHE\cscript.exe
- 2008-05-07 09:07 . 2008-05-07 09:07 135168 c:\windows\SYSTEM32\DLLCACHE\cscript.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 101888 c:\windows\SYSTEM32\DLLCACHE\cscdll.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 175104 c:\windows\SYSTEM32\DLLCACHE\csamsp.dll
+ 2003-07-24 20:40 . 2008-04-14 00:11 512512 c:\windows\SYSTEM32\DLLCACHE\cryptui.dll
+ 2003-03-20 21:18 . 2011-09-28 07:06 599040 c:\windows\SYSTEM32\DLLCACHE\crypt32.dll
- 2011-09-03 10:17 . 2011-09-28 07:06 599040 c:\windows\SYSTEM32\DLLCACHE\crypt32.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 149019 c:\windows\SYSTEM32\DLLCACHE\crtdll.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 163840 c:\windows\SYSTEM32\DLLCACHE\credui.dll
+ 2012-04-15 12:04 . 2001-08-18 02:36 216064 c:\windows\SYSTEM32\DLLCACHE\cpscan.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 357888 c:\windows\SYSTEM32\DLLCACHE\confmsp.dll
+ 2004-04-19 03:14 . 2008-04-14 00:11 539648 c:\windows\SYSTEM32\DLLCACHE\comuid.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 167424 c:\windows\SYSTEM32\DLLCACHE\comsnap.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 274944 c:\windows\SYSTEM32\DLLCACHE\comsetup.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 792064 c:\windows\SYSTEM32\DLLCACHE\comres.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 229376 c:\windows\SYSTEM32\DLLCACHE\compstui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 252928 c:\windows\SYSTEM32\DLLCACHE\compatui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 276992 c:\windows\SYSTEM32\DLLCACHE\comdlg32.dll
+ 2002-08-29 10:00 . 2010-08-23 16:12 617472 c:\windows\SYSTEM32\DLLCACHE\comctl32.dll
- 2010-10-13 01:00 . 2010-08-23 16:12 617472 c:\windows\SYSTEM32\DLLCACHE\comctl32.dll
+ 2004-04-19 03:14 . 2008-04-14 00:11 195072 c:\windows\SYSTEM32\DLLCACHE\comadmin.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 185344 c:\windows\SYSTEM32\DLLCACHE\cmprops.dll
+ 2012-04-15 12:04 . 2002-08-29 10:00 217160 c:\windows\SYSTEM32\DLLCACHE\cmnclim.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 344064 c:\windows\SYSTEM32\DLLCACHE\cmdial32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 389120 c:\windows\SYSTEM32\DLLCACHE\cmd.exe
+ 2004-08-04 07:56 . 2008-04-14 00:12 102912 c:\windows\SYSTEM32\DLLCACHE\clipbrd.exe
+ 2004-04-19 03:14 . 2008-04-14 00:11 498688 c:\windows\SYSTEM32\DLLCACHE\clbcatq.dll
+ 2004-04-19 03:14 . 2008-04-14 00:11 110592 c:\windows\SYSTEM32\DLLCACHE\clbcatex.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 435712 c:\windows\SYSTEM32\DLLCACHE\class_ss.dll
+ 2012-04-15 12:04 . 2001-08-17 17:57 248064 c:\windows\SYSTEM32\DLLCACHE\cl546xm.sys
+ 2012-04-15 12:04 . 2001-08-17 18:56 170880 c:\windows\SYSTEM32\DLLCACHE\cl546x.dll
+ 2012-04-15 12:04 . 2001-08-17 18:56 111232 c:\windows\SYSTEM32\DLLCACHE\cl5465.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 262528 c:\windows\SYSTEM32\DLLCACHE\cinemst2.sys
+ 2012-04-15 12:04 . 2001-08-17 18:02 272640 c:\windows\SYSTEM32\DLLCACHE\cinemclc.sys
+ 2012-04-15 12:04 . 2001-08-17 16:13 980034 c:\windows\SYSTEM32\DLLCACHE\cicap.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 148480 c:\windows\SYSTEM32\DLLCACHE\cic.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 163328 c:\windows\SYSTEM32\DLLCACHE\ciadmin.dll
+ 2012-04-15 12:04 . 2002-08-29 10:00 780885 c:\windows\SYSTEM32\DLLCACHE\chkrres.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 188480 c:\windows\SYSTEM32\DLLCACHE\cfgwiz.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 457728 c:\windows\SYSTEM32\DLLCACHE\certmgr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 194560 c:\windows\SYSTEM32\DLLCACHE\certcli.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 151040 c:\windows\SYSTEM32\DLLCACHE\cdfview.dll
+ 2012-04-15 12:04 . 2001-08-17 17:28 714698 c:\windows\SYSTEM32\DLLCACHE\cbmdmkxx.sys
+ 2004-04-19 03:14 . 2008-04-14 00:11 625664 c:\windows\SYSTEM32\DLLCACHE\catsrvut.dll
+ 2004-04-19 03:14 . 2008-04-14 00:11 226304 c:\windows\SYSTEM32\DLLCACHE\catsrv.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 359936 c:\windows\SYSTEM32\DLLCACHE\cards.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 150016 c:\windows\SYSTEM32\DLLCACHE\capesnpn.dll
+ 2012-04-15 12:03 . 2008-04-14 00:11 121856 c:\windows\SYSTEM32\DLLCACHE\camext30.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 236032 c:\windows\SYSTEM32\DLLCACHE\camext20.dll
+ 2012-04-15 12:03 . 2001-08-17 18:04 171264 c:\windows\SYSTEM32\DLLCACHE\camdrv30.sys
+ 2012-04-15 12:03 . 2001-08-17 18:04 223232 c:\windows\SYSTEM32\DLLCACHE\camdrv21.sys
+ 2012-04-15 12:03 . 2001-08-17 18:05 314752 c:\windows\SYSTEM32\DLLCACHE\camdro21.sys
+ 2004-04-19 03:14 . 2008-04-14 00:11 385024 c:\windows\SYSTEM32\DLLCACHE\callcont.dll
+ 2003-09-06 01:30 . 2002-08-29 10:00 114688 c:\windows\SYSTEM32\DLLCACHE\calc.exe
+ 2005-10-21 01:50 . 2008-04-14 00:11 218112 c:\windows\SYSTEM32\DLLCACHE\c_g18030.dll
+ 2004-08-04 06:10 . 2008-06-13 11:05 272128 c:\windows\SYSTEM32\DLLCACHE\bthport.sys
- 2008-06-11 00:30 . 2008-06-13 11:05 272128 c:\windows\SYSTEM32\DLLCACHE\bthport.sys
+ 2004-08-04 05:58 . 2008-04-13 18:51 101120 c:\windows\SYSTEM32\DLLCACHE\bthpan.sys
+ 2002-08-29 10:00 . 2002-08-29 10:00 152576 c:\windows\SYSTEM32\DLLCACHE\bnts.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 361472 c:\windows\SYSTEM32\DLLCACHE\blue_ss.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 102400 c:\windows\SYSTEM32\DLLCACHE\binlsvc.dll
+ 2012-04-15 12:03 . 2001-08-17 17:28 871388 c:\windows\SYSTEM32\DLLCACHE\bcmdm.sys
+ 2012-04-15 12:03 . 2001-08-17 18:56 342336 c:\windows\SYSTEM32\DLLCACHE\banshee.dll
+ 2008-07-21 00:28 . 2008-04-14 00:11 233472 c:\windows\SYSTEM32\DLLCACHE\azroles.dll
+ 2003-09-06 01:30 . 2002-08-29 10:00 227840 c:\windows\SYSTEM32\DLLCACHE\avtapi.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 144384 c:\windows\SYSTEM32\DLLCACHE\avmenum.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 109456 c:\windows\SYSTEM32\DLLCACHE\avifile.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 580608 c:\windows\SYSTEM32\DLLCACHE\autofmt.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 602624 c:\windows\SYSTEM32\DLLCACHE\autoconv.exe
+ 2002-08-29 10:00 . 2008-04-14 00:12 588800 c:\windows\SYSTEM32\DLLCACHE\autochk.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 352256 c:\windows\SYSTEM32\DLLCACHE\atmuni.sys
- 2010-04-20 05:30 . 2011-02-15 12:56 290432 c:\windows\SYSTEM32\DLLCACHE\atmfd.dll
+ 2002-08-29 10:00 . 2011-02-15 12:56 290432 c:\windows\SYSTEM32\DLLCACHE\atmfd.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 516768 c:\windows\SYSTEM32\DLLCACHE\ativvaxx.dll
+ 2012-04-15 12:03 . 2001-08-17 18:56 104832 c:\windows\SYSTEM32\DLLCACHE\atiraged.dll
+ 2004-08-04 05:29 . 2004-08-04 05:29 104960 c:\windows\SYSTEM32\DLLCACHE\atinrvxx.sys
+ 2012-04-15 12:03 . 2001-08-17 16:48 281600 c:\windows\SYSTEM32\DLLCACHE\atimtai.sys
+ 2012-04-15 12:03 . 2001-08-17 16:48 289664 c:\windows\SYSTEM32\DLLCACHE\atimpab.sys
+ 2012-04-15 12:03 . 2001-08-17 18:56 268160 c:\windows\SYSTEM32\DLLCACHE\atidvai.dll
+ 2012-04-15 12:03 . 2001-08-17 18:56 137216 c:\windows\SYSTEM32\DLLCACHE\atidrae.dll
+ 2012-04-15 12:03 . 2001-08-17 18:55 382592 c:\windows\SYSTEM32\DLLCACHE\atidrab.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 870784 c:\windows\SYSTEM32\DLLCACHE\ati3d1ag.dll
+ 2004-08-04 05:29 . 2004-08-04 05:29 701440 c:\windows\SYSTEM32\DLLCACHE\ati2mtag.sys
+ 2004-08-04 05:29 . 2004-08-04 05:29 327040 c:\windows\SYSTEM32\DLLCACHE\ati2mtaa.sys
+ 2004-08-04 07:56 . 2008-04-14 00:11 201728 c:\windows\SYSTEM32\DLLCACHE\ati2dvag.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 377984 c:\windows\SYSTEM32\DLLCACHE\ati2dvaa.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 229376 c:\windows\SYSTEM32\DLLCACHE\ati2cqag.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 331264 c:\windows\SYSTEM32\DLLCACHE\aqueue.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 125952 c:\windows\SYSTEM32\DLLCACHE\apphelp.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 102912 c:\windows\SYSTEM32\DLLCACHE\apcups.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 256512 c:\windows\SYSTEM32\DLLCACHE\agentsvr.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 214016 c:\windows\SYSTEM32\DLLCACHE\agentctl.dll
+ 2003-09-03 00:01 . 2008-04-13 16:39 142592 c:\windows\SYSTEM32\DLLCACHE\aec.sys
- 2002-08-29 10:00 . 2011-12-19 08:13 124928 c:\windows\SYSTEM32\DLLCACHE\advpack.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 124928 c:\windows\SYSTEM32\DLLCACHE\advpack.dll
- 2009-04-15 22:16 . 2009-02-09 12:10 617472 c:\windows\SYSTEM32\DLLCACHE\advapi32.dll
+ 2002-08-29 10:00 . 2009-02-09 12:10 617472 c:\windows\SYSTEM32\DLLCACHE\advapi32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 263680 c:\windows\SYSTEM32\DLLCACHE\adsnt.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 143360 c:\windows\SYSTEM32\DLLCACHE\adsldpc.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 175616 c:\windows\SYSTEM32\DLLCACHE\adsldp.dll
+ 2001-08-17 19:07 . 2001-08-17 19:07 101888 c:\windows\SYSTEM32\DLLCACHE\adpu160m.sys
+ 2012-04-15 12:03 . 2001-08-17 16:19 747392 c:\windows\SYSTEM32\DLLCACHE\adm8830.sys
+ 2012-04-15 12:03 . 2001-08-17 16:19 553984 c:\windows\SYSTEM32\DLLCACHE\adm8820.sys
+ 2012-04-15 12:03 . 2001-08-17 16:19 584448 c:\windows\SYSTEM32\DLLCACHE\adm8810.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 116224 c:\windows\SYSTEM32\DLLCACHE\acxtrnal.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 193536 c:\windows\SYSTEM32\DLLCACHE\activeds.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 245248 c:\windows\SYSTEM32\DLLCACHE\acspecfc.dll
+ 2002-08-29 10:00 . 2008-04-13 18:36 187776 c:\windows\SYSTEM32\DLLCACHE\acpi.sys
+ 2002-08-29 10:00 . 2008-04-14 00:11 115712 c:\windows\SYSTEM32\DLLCACHE\aclui.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 141312 c:\windows\SYSTEM32\DLLCACHE\aclua.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 129536 c:\windows\SYSTEM32\DLLCACHE\acledit.dll
+ 2002-08-29 10:00 . 2009-11-21 15:51 471552 c:\windows\SYSTEM32\DLLCACHE\aclayers.dll
- 2010-01-13 11:15 . 2009-11-21 15:51 471552 c:\windows\SYSTEM32\DLLCACHE\aclayers.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 184320 c:\windows\SYSTEM32\DLLCACHE\accwiz.exe
+ 2012-04-15 12:03 . 2001-08-17 16:20 297728 c:\windows\SYSTEM32\DLLCACHE\ac97sis.sys
+ 2012-04-15 12:03 . 2002-08-29 03:00 231552 c:\windows\SYSTEM32\DLLCACHE\ac97ali.sys
+ 2008-07-21 00:27 . 2008-04-14 00:11 136192 c:\windows\SYSTEM32\DLLCACHE\aaclient.dll
+ 2012-04-15 12:03 . 2001-08-18 02:36 462848 c:\windows\SYSTEM32\DLLCACHE\a3dapi.dll
- 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\SYSTEM32\DLLCACHE\6to4svc.dll
+ 2002-08-29 10:00 . 2010-02-12 04:33 100864 c:\windows\SYSTEM32\DLLCACHE\6to4svc.dll
+ 2002-12-09 17:58 . 2002-12-09 17:58 393216 c:\windows\SYSTEM32\BMAPI.dll
- 2002-08-29 10:00 . 2011-12-19 08:13 124928 c:\windows\SYSTEM32\advpack.dll
+ 2002-08-29 10:00 . 2012-03-01 01:25 124928 c:\windows\SYSTEM32\advpack.dll
- 2004-08-04 07:56 . 2008-04-14 00:11 126976 c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2012-04-15 14:45 . 2008-04-14 00:11 126976 c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2012-04-14 23:53 . 2012-04-14 23:53 650240 c:\windows\Installer\32b5cf.msi

GreenWithEnvy
2012-04-18, 15:38
- 2003-09-03 00:25 . 2010-06-15 10:18 114688 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 114688 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2003-09-03 00:25 . 2012-04-14 14:49 155702 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\bcicon.exe
- 2003-09-03 00:25 . 2010-06-15 10:18 155702 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\bcicon.exe
+ 2012-04-15 16:44 . 2011-12-19 08:13 832512 c:\windows\ie7updates\KB2675157-IE7\wininet.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 233472 c:\windows\ie7updates\KB2675157-IE7\webcheck.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 106496 c:\windows\ie7updates\KB2675157-IE7\url.dll
+ 2012-04-15 16:44 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2675157-IE7\spuninst\updspapi.dll
+ 2012-04-15 16:44 . 2010-07-05 13:15 231288 c:\windows\ie7updates\KB2675157-IE7\spuninst\spuninst.exe
+ 2012-04-15 16:44 . 2011-12-19 08:13 102912 c:\windows\ie7updates\KB2675157-IE7\occache.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 671232 c:\windows\ie7updates\KB2675157-IE7\mstime.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 193024 c:\windows\ie7updates\KB2675157-IE7\msrating.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 478720 c:\windows\ie7updates\KB2675157-IE7\mshtmled.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 468480 c:\windows\ie7updates\KB2675157-IE7\msfeeds.dll
+ 2012-04-15 16:44 . 2011-12-16 11:00 634680 c:\windows\ie7updates\KB2675157-IE7\iexplore.exe
+ 2012-04-15 16:44 . 2011-12-19 08:13 268288 c:\windows\ie7updates\KB2675157-IE7\iertutil.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 192512 c:\windows\ie7updates\KB2675157-IE7\iepeers.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 384512 c:\windows\ie7updates\KB2675157-IE7\iedkcs32.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 380928 c:\windows\ie7updates\KB2675157-IE7\ieapfltr.dll
+ 2012-04-15 16:44 . 2011-12-16 10:58 161792 c:\windows\ie7updates\KB2675157-IE7\ieakui.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 230400 c:\windows\ie7updates\KB2675157-IE7\ieaksie.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 153088 c:\windows\ie7updates\KB2675157-IE7\ieakeng.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 133120 c:\windows\ie7updates\KB2675157-IE7\extmgr.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 214528 c:\windows\ie7updates\KB2675157-IE7\dxtrans.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 347136 c:\windows\ie7updates\KB2675157-IE7\dxtmsft.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 124928 c:\windows\ie7updates\KB2675157-IE7\advpack.dll
+ 2004-09-23 21:08 . 2012-03-01 01:25 1168896 c:\windows\SYSTEM32\urlmon.dll
- 2004-09-23 21:08 . 2011-12-19 08:13 1168896 c:\windows\SYSTEM32\urlmon.dll
+ 2010-05-22 23:53 . 2012-04-15 15:39 1467568 c:\windows\SYSTEM32\Restore\rstrlog.dat
- 2004-09-29 04:57 . 2011-12-19 08:13 3616768 c:\windows\SYSTEM32\mshtml.dll
+ 2004-09-29 04:57 . 2012-03-01 01:25 3616768 c:\windows\SYSTEM32\mshtml.dll
+ 2006-11-08 02:03 . 2012-03-01 01:25 6076928 c:\windows\SYSTEM32\ieframe.dll
+ 2004-07-22 02:20 . 2008-04-13 17:39 2897920 c:\windows\SYSTEM32\DLLCACHE\xpsp2res.dll
+ 2002-08-29 10:00 . 2006-10-19 02:47 8231936 c:\windows\SYSTEM32\DLLCACHE\wmploc.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 4256768 c:\windows\SYSTEM32\DLLCACHE\wmm2res.dll
+ 2002-08-29 10:00 . 2008-04-13 16:48 1647616 c:\windows\SYSTEM32\DLLCACHE\winbrand.dll
+ 2002-08-29 10:00 . 2012-02-03 09:22 1860096 c:\windows\SYSTEM32\DLLCACHE\win32k.sys
- 2008-10-15 19:11 . 2012-02-03 09:22 1860096 c:\windows\SYSTEM32\DLLCACHE\win32k.sys
+ 2004-09-23 21:08 . 2012-03-01 01:25 1168896 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
- 2004-09-23 21:08 . 2011-12-19 08:13 1168896 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2002-08-29 10:00 . 2002-08-29 10:00 3374640 c:\windows\SYSTEM32\DLLCACHE\tourP.exe
+ 2012-04-15 12:08 . 2002-08-29 10:00 2178131 c:\windows\SYSTEM32\DLLCACHE\shvlres.dll
- 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\SYSTEM32\DLLCACHE\shell32.dll
+ 2004-07-22 02:21 . 2011-01-21 14:44 8462336 c:\windows\SYSTEM32\DLLCACHE\shell32.dll
+ 2004-08-27 17:58 . 2008-04-14 00:12 1499136 c:\windows\SYSTEM32\DLLCACHE\shdocvw.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 1614848 c:\windows\SYSTEM32\DLLCACHE\sfcfiles.dll
+ 2002-08-29 10:00 . 2006-11-01 23:31 1669120 c:\windows\SYSTEM32\DLLCACHE\setup_wm.exe
+ 2002-08-29 10:00 . 2009-07-17 16:22 1435648 c:\windows\SYSTEM32\DLLCACHE\query.dll
- 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\SYSTEM32\DLLCACHE\query.dll
- 2008-05-07 05:12 . 2011-11-03 15:28 1292288 c:\windows\SYSTEM32\DLLCACHE\quartz.dll
+ 2003-05-30 13:00 . 2011-11-03 15:28 1292288 c:\windows\SYSTEM32\DLLCACHE\quartz.dll
+ 2004-04-19 03:14 . 2011-11-01 16:07 1288704 c:\windows\SYSTEM32\DLLCACHE\ole32.dll
- 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\SYSTEM32\DLLCACHE\ole32.dll
+ 2012-04-15 12:07 . 2004-08-04 05:29 1897408 c:\windows\SYSTEM32\DLLCACHE\nv4_mini.sys
+ 1980-01-01 05:00 . 2003-05-02 20:19 3180171 c:\windows\SYSTEM32\DLLCACHE\nv4_disp.dll
- 2008-10-15 19:11 . 2011-10-25 12:52 2027008 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
+ 1980-01-01 05:00 . 2011-10-25 12:52 2027008 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
+ 1980-01-01 05:00 . 2011-10-25 13:37 2148864 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
- 2008-10-15 19:11 . 2011-10-25 13:37 2148864 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
+ 2003-03-10 17:25 . 2008-04-14 00:12 1703936 c:\windows\SYSTEM32\DLLCACHE\netshell.dll
+ 2004-08-04 07:56 . 2008-04-14 00:12 1737856 c:\windows\SYSTEM32\DLLCACHE\mtxparhd.dll
+ 2012-04-15 12:07 . 2004-08-04 05:41 1309184 c:\windows\SYSTEM32\DLLCACHE\mtlstrm.sys
+ 2007-05-15 19:43 . 2009-07-31 15:05 1372672 c:\windows\SYSTEM32\DLLCACHE\msxml6.dll
- 2008-07-21 00:29 . 2009-07-31 15:05 1372672 c:\windows\SYSTEM32\DLLCACHE\msxml6.dll
- 2008-11-11 22:04 . 2010-06-14 07:41 1172480 c:\windows\SYSTEM32\DLLCACHE\msxml3.dll
+ 2002-08-29 10:00 . 2010-06-14 07:41 1172480 c:\windows\SYSTEM32\DLLCACHE\msxml3.dll
+ 2003-09-03 00:03 . 2008-04-14 00:12 1428992 c:\windows\SYSTEM32\DLLCACHE\msvidctl.dll
+ 2002-10-11 19:09 . 2008-04-13 16:23 2479616 c:\windows\SYSTEM32\DLLCACHE\msoeres.dll
- 2009-08-13 10:01 . 2010-01-29 15:01 1315328 c:\windows\SYSTEM32\DLLCACHE\msoe.dll
+ 2004-05-26 18:26 . 2010-01-29 15:01 1315328 c:\windows\SYSTEM32\DLLCACHE\msoe.dll
- 2008-03-25 04:50 . 2008-03-25 04:50 1516568 c:\windows\SYSTEM32\DLLCACHE\msjet40.dll
+ 2004-04-19 03:13 . 2008-03-25 04:50 1516568 c:\windows\SYSTEM32\DLLCACHE\msjet40.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 2843136 c:\windows\SYSTEM32\DLLCACHE\msi.dll
- 2004-09-29 04:57 . 2011-12-19 08:13 3616768 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2004-09-29 04:57 . 2012-03-01 01:25 3616768 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 3166208 c:\windows\SYSTEM32\DLLCACHE\msgr3en.dll
+ 2002-08-29 10:00 . 2010-06-18 13:36 3558912 c:\windows\SYSTEM32\DLLCACHE\moviemk.exe
- 2010-03-10 11:28 . 2010-06-18 13:36 3558912 c:\windows\SYSTEM32\DLLCACHE\moviemk.exe
+ 2002-08-29 10:00 . 2008-04-14 00:11 1872896 c:\windows\SYSTEM32\DLLCACHE\mmcndmgr.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 1414656 c:\windows\SYSTEM32\DLLCACHE\mmc.exe
+ 2002-08-29 10:00 . 2011-02-02 07:58 2067456 c:\windows\SYSTEM32\DLLCACHE\lhmstscx.dll
- 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\SYSTEM32\DLLCACHE\lhmstscx.dll
+ 2012-03-01 01:25 . 2012-03-01 01:25 6076928 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll
+ 2012-04-15 16:37 . 2009-06-29 08:33 2452872 c:\windows\SYSTEM32\DLLCACHE\ieapfltr.dat
- 2007-05-09 10:44 . 2009-06-29 08:33 2452872 c:\windows\SYSTEM32\DLLCACHE\ieapfltr.dat
+ 2004-08-04 05:41 . 2004-08-04 05:41 1041536 c:\windows\SYSTEM32\DLLCACHE\hsfdpsp2.sys
+ 2012-04-15 12:05 . 2002-08-29 10:00 1175635 c:\windows\SYSTEM32\DLLCACHE\hrtzres.dll
+ 2012-04-15 12:05 . 2001-08-17 18:56 1733120 c:\windows\SYSTEM32\DLLCACHE\g400d.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 1033728 c:\windows\SYSTEM32\DLLCACHE\explorer.exe
+ 2002-08-29 10:00 . 2002-08-29 10:00 1114896 c:\windows\SYSTEM32\DLLCACHE\esent97.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 1082368 c:\windows\SYSTEM32\DLLCACHE\esent.dll
+ 2003-03-26 22:35 . 2008-04-14 00:11 2113536 c:\windows\SYSTEM32\DLLCACHE\dxdiagn.dll
+ 2002-12-12 05:14 . 2008-04-14 00:12 1298432 c:\windows\SYSTEM32\DLLCACHE\dxdiag.exe
+ 2002-12-12 05:14 . 2008-04-14 00:11 1227264 c:\windows\SYSTEM32\DLLCACHE\dx8vb.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 1293824 c:\windows\SYSTEM32\DLLCACHE\dsound3d.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 1504256 c:\windows\SYSTEM32\DLLCACHE\diskcopy.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 1054208 c:\windows\SYSTEM32\DLLCACHE\danim.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 1689088 c:\windows\SYSTEM32\DLLCACHE\d3d9.dll
+ 2002-12-12 05:14 . 2008-04-14 00:11 1179648 c:\windows\SYSTEM32\DLLCACHE\d3d8.dll
+ 2002-08-29 10:00 . 2008-04-14 00:12 1032192 c:\windows\SYSTEM32\DLLCACHE\conf.exe
+ 2004-04-19 03:14 . 2008-04-14 00:11 1267200 c:\windows\SYSTEM32\DLLCACHE\comsvcs.dll
+ 2012-04-15 12:04 . 2002-08-29 10:00 1039955 c:\windows\SYSTEM32\DLLCACHE\cmnresm.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 1358848 c:\windows\SYSTEM32\DLLCACHE\cimwin32.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 2091520 c:\windows\SYSTEM32\DLLCACHE\cdosys.dll
+ 2004-08-22 23:34 . 2008-04-14 00:11 1025024 c:\windows\SYSTEM32\DLLCACHE\browseui.dll
+ 2012-04-15 12:03 . 2002-08-29 10:00 1817687 c:\windows\SYSTEM32\DLLCACHE\bckgres.dll
+ 2004-08-04 07:56 . 2008-04-14 00:11 1888992 c:\windows\SYSTEM32\DLLCACHE\ati3duag.dll
+ 2002-08-29 10:00 . 2008-04-14 00:11 1852928 c:\windows\SYSTEM32\DLLCACHE\acgenral.dll
+ 2012-04-15 02:55 . 2012-04-15 02:55 5564928 c:\windows\Installer\73725.msi
+ 2012-04-14 17:43 . 2012-04-14 17:43 5470208 c:\windows\Installer\28d1d.msi
+ 2012-04-15 16:44 . 2011-12-19 08:13 1168896 c:\windows\ie7updates\KB2675157-IE7\urlmon.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 3616768 c:\windows\ie7updates\KB2675157-IE7\mshtml.dll
+ 2012-04-15 16:44 . 2011-12-19 08:13 6076416 c:\windows\ie7updates\KB2675157-IE7\ieframe.dll
+ 2005-05-15 01:43 . 2012-04-15 16:44 55154568 c:\windows\SYSTEM32\MRT.exe
+ 2004-08-04 07:56 . 2010-08-26 03:36 10841088 c:\windows\SYSTEM32\DLLCACHE\wmp.dll
- 2009-07-14 03:43 . 2010-08-26 03:36 10841088 c:\windows\SYSTEM32\DLLCACHE\wmp.dll

GreenWithEnvy
2012-04-18, 15:40
I posted the beginning of the log first. Then the end of the log second, and then all of the stuff in the middle. It's all there.

Mike

jeffce
2012-04-18, 22:25
Hi,

Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip)

Extract it to your desktop
Double click TDSSKiller.exe
when the window opens, click on Change Parameters
under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
click OK
Press Start Scan

Only if Malicious objects are found then ensure Cure is selected
Then click Continue > Reboot now

Copy and paste the log in your next reply

A copy of the log will be saved automatically to the root of the drive (typically C:\)

GreenWithEnvy
2012-04-19, 11:41
Hi Jeff. Here is the log. The tool said it found a suspicious object, but not a malicious object, so I did not cure it as instructed.

04:31:42.0625 2772 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
04:31:43.0250 2772 ============================================================
04:31:43.0250 2772 Current date / time: 2012/04/19 04:31:43.0250
04:31:43.0250 2772 SystemInfo:
04:31:43.0250 2772
04:31:43.0250 2772 OS Version: 5.1.2600 ServicePack: 3.0
04:31:43.0250 2772 Product type: Workstation
04:31:43.0250 2772 ComputerName: MJH
04:31:43.0265 2772 UserName: Mike Hoover
04:31:43.0265 2772 Windows directory: C:\WINDOWS
04:31:43.0265 2772 System windows directory: C:\WINDOWS
04:31:43.0265 2772 Processor architecture: Intel x86
04:31:43.0265 2772 Number of processors: 1
04:31:43.0265 2772 Page size: 0x1000
04:31:43.0265 2772 Boot type: Normal boot
04:31:43.0265 2772 ============================================================
04:31:53.0296 2772 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
04:31:53.0328 2772 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
04:31:53.0328 2772 \Device\Harddisk0\DR0:
04:31:53.0328 2772 MBR partitions:
04:31:53.0328 2772 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x94EAFF8
04:31:53.0328 2772 \Device\Harddisk1\DR3:
04:31:53.0375 2772 MBR partitions:
04:31:53.0375 2772 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
04:31:53.0437 2772 C: <-> \Device\Harddisk0\DR0\Partition0
04:31:53.0484 2772 F: <-> \Device\Harddisk1\DR3\Partition0
04:31:53.0484 2772 Initialize success
04:31:53.0484 2772 ============================================================
04:33:20.0843 1792 ============================================================
04:33:20.0843 1792 Scan started
04:33:20.0843 1792 Mode: Manual; TDLFS;
04:33:20.0843 1792 ============================================================
04:33:21.0265 1792 6to4 (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll
04:33:21.0265 1792 6to4 - ok
04:33:21.0484 1792 Abiosdsk - ok
04:33:21.0718 1792 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
04:33:21.0718 1792 abp480n5 - ok
04:33:21.0968 1792 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
04:33:21.0968 1792 ACPI - ok
04:33:22.0234 1792 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
04:33:22.0234 1792 ACPIEC - ok
04:33:22.0484 1792 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
04:33:22.0484 1792 adpu160m - ok
04:33:22.0718 1792 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
04:33:22.0718 1792 aeaudio - ok
04:33:22.0953 1792 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
04:33:22.0953 1792 aec - ok
04:33:23.0125 1792 aegisp - ok
04:33:23.0359 1792 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
04:33:23.0359 1792 AFD - ok
04:33:23.0578 1792 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
04:33:23.0578 1792 agp440 - ok
04:33:23.0828 1792 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
04:33:23.0828 1792 agpCPQ - ok
04:33:24.0046 1792 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
04:33:24.0062 1792 Aha154x - ok
04:33:24.0296 1792 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
04:33:24.0296 1792 aic78u2 - ok
04:33:24.0515 1792 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
04:33:24.0515 1792 aic78xx - ok
04:33:24.0718 1792 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
04:33:24.0718 1792 Alerter - ok
04:33:24.0921 1792 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
04:33:24.0921 1792 ALG - ok
04:33:25.0156 1792 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
04:33:25.0156 1792 AliIde - ok
04:33:25.0375 1792 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
04:33:25.0390 1792 alim1541 - ok
04:33:25.0656 1792 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
04:33:25.0671 1792 amdagp - ok
04:33:26.0156 1792 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
04:33:26.0171 1792 amsint - ok
04:33:26.0562 1792 AppMgmt - ok
04:33:27.0062 1792 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
04:33:27.0078 1792 Arp1394 - ok
04:33:27.0593 1792 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
04:33:27.0609 1792 asc - ok
04:33:28.0125 1792 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
04:33:28.0125 1792 asc3350p - ok
04:33:28.0703 1792 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
04:33:28.0718 1792 asc3550 - ok
04:33:29.0218 1792 Aspi32 - ok
04:33:29.0578 1792 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
04:33:29.0781 1792 aspnet_state - ok
04:33:30.0328 1792 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
04:33:30.0343 1792 AsyncMac - ok
04:33:30.0890 1792 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
04:33:30.0890 1792 atapi - ok
04:33:34.0078 1792 Atdisk - ok
04:33:37.0812 1792 atikmdag - ok
04:33:45.0750 1792 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
04:33:45.0859 1792 Atmarpc - ok
04:33:50.0359 1792 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
04:33:50.0375 1792 AudioSrv - ok
04:33:54.0218 1792 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
04:33:54.0218 1792 audstub - ok
04:33:54.0468 1792 Basics Service (55fed228fe147ecb9c47a1c55388896e) C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
04:33:54.0484 1792 Basics Service - ok
04:33:55.0156 1792 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
04:33:55.0156 1792 Beep - ok
04:33:55.0656 1792 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
04:33:55.0796 1792 BITS - ok
04:33:56.0500 1792 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
04:33:56.0500 1792 Bridge - ok
04:33:56.0515 1792 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
04:33:56.0515 1792 BridgeMP - ok
04:33:56.0906 1792 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
04:33:56.0906 1792 Browser - ok
04:33:57.0125 1792 catchme - ok
04:33:57.0515 1792 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
04:33:57.0531 1792 cbidf - ok
04:33:57.0937 1792 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
04:33:57.0937 1792 cbidf2k - ok
04:33:58.0250 1792 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
04:33:58.0250 1792 CCDECODE - ok
04:33:58.0500 1792 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
04:33:58.0500 1792 cd20xrnt - ok
04:33:58.0812 1792 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
04:33:58.0812 1792 Cdaudio - ok
04:33:59.0171 1792 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
04:33:59.0187 1792 Cdfs - ok
04:33:59.0390 1792 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
04:33:59.0406 1792 Cdr4_xp - ok
04:33:59.0625 1792 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
04:33:59.0625 1792 Cdralw2k - ok
04:34:00.0031 1792 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
04:34:00.0031 1792 Cdrom - ok
04:34:00.0281 1792 cdudf_xp (cfd81f2140193fc7f1812e6d6eaf6795) C:\WINDOWS\system32\drivers\cdudf_xp.sys
04:34:00.0343 1792 cdudf_xp - ok
04:34:00.0546 1792 Changer - ok
04:34:00.0718 1792 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
04:34:00.0718 1792 CiSvc - ok
04:34:00.0937 1792 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
04:34:00.0937 1792 ClipSrv - ok
04:34:01.0156 1792 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:34:01.0312 1792 clr_optimization_v2.0.50727_32 - ok
04:34:03.0078 1792 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
04:34:03.0109 1792 CmdIde - ok
04:34:03.0968 1792 COMSysApp - ok
04:34:06.0062 1792 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
04:34:06.0062 1792 Cpqarray - ok
04:34:07.0281 1792 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
04:34:07.0281 1792 CryptSvc - ok
04:34:07.0453 1792 ctdvda2k - ok
04:34:07.0640 1792 CVirtA - ok
04:34:08.0046 1792 CVPND (7e1a89338d8b7e1fde676fc2df0b399f) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
04:34:08.0109 1792 CVPND - ok
04:34:08.0312 1792 CVPNDRVA - ok
04:34:08.0562 1792 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
04:34:08.0593 1792 dac2w2k - ok
04:34:09.0093 1792 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
04:34:09.0093 1792 dac960nt - ok
04:34:09.0296 1792 DCamUSBEMPIA - ok
04:34:09.0765 1792 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
04:34:09.0796 1792 DcomLaunch - ok
04:34:10.0203 1792 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
04:34:10.0203 1792 Dhcp - ok
04:34:10.0531 1792 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\DISK.SYS
04:34:10.0531 1792 Disk - ok
04:34:10.0687 1792 dmadmin - ok
04:34:11.0281 1792 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
04:34:11.0359 1792 dmboot - ok
04:34:11.0609 1792 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
04:34:11.0609 1792 dmio - ok
04:34:12.0046 1792 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
04:34:12.0046 1792 dmload - ok
04:34:12.0406 1792 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
04:34:12.0421 1792 dmserver - ok
04:34:12.0640 1792 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
04:34:12.0640 1792 DMusic - ok
04:34:13.0015 1792 DNE - ok
04:34:13.0734 1792 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
04:34:13.0734 1792 Dnscache - ok
04:34:13.0953 1792 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
04:34:13.0953 1792 Dot3svc - ok
04:34:14.0234 1792 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
04:34:14.0234 1792 dpti2o - ok
04:34:14.0468 1792 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
04:34:14.0468 1792 drmkaud - ok
04:34:14.0578 1792 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
04:34:14.0578 1792 DSBrokerService - ok
04:34:14.0640 1792 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
04:34:14.0640 1792 DSproct - ok
04:34:14.0906 1792 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
04:34:14.0906 1792 dsunidrv - ok
04:34:15.0109 1792 dvd_2K - ok
04:34:15.0328 1792 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
04:34:15.0328 1792 E100B - ok
04:34:15.0515 1792 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
04:34:15.0515 1792 EapHost - ok
04:34:15.0671 1792 efs - ok
04:34:15.0890 1792 EL90XBC - ok
04:34:16.0125 1792 emAudio (e63252dc23558bacadcd2d1767bd8c47) C:\WINDOWS\system32\drivers\emAudio.sys
04:34:16.0125 1792 emAudio - ok
04:34:16.0343 1792 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
04:34:16.0343 1792 ERSvc - ok
04:34:16.0546 1792 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
04:34:16.0562 1792 Eventlog - ok
04:34:16.0765 1792 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
04:34:16.0765 1792 EventSystem - ok
04:34:17.0015 1792 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
04:34:17.0015 1792 Fastfat - ok
04:34:17.0281 1792 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
04:34:17.0296 1792 FastUserSwitchingCompatibility - ok
04:34:17.0500 1792 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
04:34:17.0515 1792 Fdc - ok
04:34:17.0750 1792 FilterService (50104c5f1ee1e295781caf9521ca2e56) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
04:34:17.0750 1792 FilterService - ok
04:34:17.0953 1792 FiltUSBEMPIA - ok
04:34:18.0187 1792 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
04:34:18.0187 1792 Fips - ok
04:34:18.0406 1792 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
04:34:18.0406 1792 Flpydisk - ok
04:34:18.0640 1792 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
04:34:18.0656 1792 FltMgr - ok
04:34:18.0906 1792 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
04:34:18.0906 1792 FontCache3.0.0.0 - ok
04:34:19.0156 1792 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
04:34:19.0156 1792 Fs_Rec - ok
04:34:19.0390 1792 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
04:34:19.0390 1792 Ftdisk - ok
04:34:19.0609 1792 fwdrv (3a3929b7a0eeef83df3a6c81e43a1fa9) C:\WINDOWS\system32\drivers\fwdrv.sys
04:34:19.0640 1792 fwdrv - ok
04:34:19.0859 1792 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
04:34:19.0859 1792 Gpc - ok
04:34:20.0031 1792 GT680x - ok
04:34:20.0187 1792 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
04:34:20.0187 1792 helpsvc - ok
04:34:20.0343 1792 HFACSVC - ok
04:34:20.0484 1792 HidServ - ok
04:34:20.0640 1792 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
04:34:20.0656 1792 hkmsvc - ok
04:34:20.0796 1792 houdiniserver - ok
04:34:21.0031 1792 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
04:34:21.0031 1792 hpn - ok
04:34:21.0281 1792 HSFHWBS2 (96fae6dc24574b1cb08dcf9d984a5be4) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
04:34:21.0312 1792 HSFHWBS2 - ok
04:34:21.0578 1792 HSF_DP (2efa8dd8b0270a3a7202ce5f4da465b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
04:34:21.0640 1792 HSF_DP - ok
04:34:21.0859 1792 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
04:34:21.0875 1792 HTTP - ok
04:34:22.0078 1792 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
04:34:22.0078 1792 HTTPFilter - ok
04:34:22.0296 1792 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
04:34:22.0312 1792 i2omgmt - ok
04:34:22.0531 1792 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
04:34:22.0531 1792 i2omp - ok
04:34:22.0765 1792 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
04:34:22.0765 1792 i8042prt - ok
04:34:22.0968 1792 i81x - ok
04:34:23.0171 1792 iAimFP0 - ok
04:34:23.0375 1792 iAimFP1 - ok
04:34:23.0578 1792 iAimFP2 - ok
04:34:23.0781 1792 iAimFP3 - ok
04:34:23.0984 1792 iAimFP4 - ok
04:34:24.0187 1792 iAimTV0 - ok
04:34:24.0406 1792 iAimTV1 - ok
04:34:24.0593 1792 iAimTV2 - ok
04:34:24.0812 1792 iAimTV3 - ok
04:34:25.0015 1792 iAimTV4 - ok
04:34:25.0250 1792 icm10blk - ok
04:34:25.0406 1792 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
04:34:25.0406 1792 IDriverT - ok
04:34:25.0640 1792 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
04:34:25.0718 1792 idsvc - ok
04:34:26.0046 1792 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
04:34:26.0046 1792 Imapi - ok
04:34:26.0234 1792 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
04:34:26.0234 1792 ImapiService - ok
04:34:26.0468 1792 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
04:34:26.0468 1792 ini910u - ok
04:34:26.0718 1792 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
04:34:26.0718 1792 IntelIde - ok
04:34:27.0046 1792 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
04:34:27.0046 1792 intelppm - ok
04:34:27.0218 1792 IomegaAccess - ok
04:34:27.0406 1792 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
04:34:27.0406 1792 ip6fw - ok
04:34:27.0640 1792 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
04:34:27.0640 1792 IpFilterDriver - ok
04:34:27.0859 1792 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
04:34:27.0859 1792 IpInIp - ok
04:34:28.0093 1792 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
04:34:28.0093 1792 IpNat - ok
04:34:28.0343 1792 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
04:34:28.0343 1792 IPSec - ok
04:34:28.0593 1792 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
04:34:28.0593 1792 IRENUM - ok
04:34:28.0843 1792 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
04:34:28.0843 1792 isapnp - ok
04:34:29.0031 1792 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
04:34:29.0031 1792 JavaQuickStarterService - ok
04:34:29.0296 1792 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
04:34:29.0296 1792 Kbdclass - ok
04:34:29.0531 1792 khips (d44c0f4fc254344bad74581632339963) C:\WINDOWS\system32\drivers\khips.sys
04:34:29.0562 1792 khips - ok
04:34:29.0796 1792 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
04:34:29.0796 1792 kmixer - ok
04:34:30.0015 1792 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
04:34:30.0015 1792 KSecDD - ok
04:34:30.0203 1792 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
04:34:30.0218 1792 lanmanserver - ok
04:34:30.0421 1792 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
04:34:30.0453 1792 lanmanworkstation - ok
04:34:30.0609 1792 lanusb - ok
04:34:30.0796 1792 lbrtfdc - ok
04:34:31.0000 1792 LexBceS (adcc087837f30e257ba794a50817aa9e) C:\WINDOWS\system32\LEXBCES.EXE
04:34:31.0031 1792 LexBceS - ok
04:34:31.0234 1792 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
04:34:31.0234 1792 LmHosts - ok
04:34:31.0390 1792 LVCOMSer (38440fe1a65b1fe3d246c5c4cad22f53) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
04:34:31.0406 1792 LVCOMSer - ok
04:34:31.0640 1792 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
04:34:31.0640 1792 LVPr2Mon - ok
04:34:31.0781 1792 LVPrcSrv (28bd0e4b6c050b591b8cb35b9ad284e6) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
04:34:31.0796 1792 LVPrcSrv - ok
04:34:32.0046 1792 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
04:34:32.0078 1792 LVRS - ok
04:34:32.0312 1792 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys
04:34:32.0312 1792 LVUSBSta - ok
04:34:32.0703 1792 LVUVC (8bc0d5f6e3898f465a94c6d03afb5a20) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
04:34:32.0875 1792 LVUVC - ok
04:34:33.0125 1792 mdmxsdk (aeb54ef22cb7c7e3f405f69f048d696c) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
04:34:33.0125 1792 mdmxsdk - ok
04:34:33.0281 1792 MemeoBackgroundService (9547f37d0e899fd71b52b2afd4437c79) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
04:34:33.0281 1792 MemeoBackgroundService - ok
04:34:33.0484 1792 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
04:34:33.0484 1792 Messenger - ok
04:34:33.0671 1792 mmc_2K - ok
04:34:33.0921 1792 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
04:34:33.0921 1792 mnmdd - ok
04:34:34.0109 1792 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
04:34:34.0109 1792 mnmsrvc - ok
04:34:34.0312 1792 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
04:34:34.0312 1792 Modem - ok
04:34:34.0515 1792 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
04:34:34.0515 1792 Mouclass - ok
04:34:34.0734 1792 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
04:34:34.0734 1792 MountMgr - ok
04:34:34.0953 1792 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
04:34:34.0953 1792 mraid35x - ok
04:34:35.0218 1792 MRENDIS5 - ok
04:34:35.0671 1792 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
04:34:35.0687 1792 MRxDAV - ok
04:34:35.0968 1792 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
04:34:36.0000 1792 MRxSmb - ok
04:34:36.0296 1792 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
04:34:36.0296 1792 MSDTC - ok
04:34:36.0531 1792 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
04:34:36.0531 1792 Msfs - ok
04:34:36.0687 1792 MSIServer - ok
04:34:37.0281 1792 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
04:34:37.0296 1792 MSKSSRV - ok
04:34:38.0093 1792 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
04:34:38.0125 1792 MSPCLOCK - ok
04:34:38.0890 1792 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
04:34:38.0906 1792 MSPQM - ok
04:34:39.0671 1792 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
04:34:39.0703 1792 mssmbios - ok
04:34:40.0078 1792 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
04:34:40.0078 1792 MSTEE - ok
04:34:40.0265 1792 MTK - ok
04:34:40.0531 1792 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
04:34:40.0531 1792 Mup - ok
04:34:40.0796 1792 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
04:34:40.0796 1792 NABTSFEC - ok
04:34:41.0031 1792 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
04:34:41.0343 1792 napagent - ok
04:34:41.0843 1792 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
04:34:41.0843 1792 NDIS - ok
04:34:42.0093 1792 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
04:34:42.0093 1792 NdisIP - ok
04:34:42.0484 1792 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
04:34:42.0484 1792 NdisTapi - ok
04:34:42.0718 1792 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
04:34:42.0718 1792 Ndisuio - ok
04:34:42.0937 1792 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
04:34:42.0937 1792 NdisWan - ok
04:34:43.0250 1792 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
04:34:43.0281 1792 NDProxy - ok
04:34:43.0484 1792 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
04:34:43.0484 1792 NetBIOS - ok
04:34:43.0703 1792 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
04:34:43.0703 1792 NetBT - ok
04:34:43.0906 1792 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
04:34:43.0906 1792 NetDDE - ok
04:34:43.0921 1792 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
04:34:43.0921 1792 NetDDEdsdm - ok
04:34:44.0125 1792 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
04:34:44.0125 1792 Netlogon - ok
04:34:44.0312 1792 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
04:34:44.0312 1792 Netman - ok
04:34:44.0515 1792 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
04:34:44.0515 1792 NetTcpPortSharing - ok
04:34:44.0765 1792 NgFilter (19cadea89c6577315b76f016f6da802d) C:\WINDOWS\system32\DRIVERS\ngfilter.sys
04:34:44.0765 1792 NgFilter - ok
04:34:44.0984 1792 NgLog (3608c65f0db2fc2d73d859d1c192c575) C:\WINDOWS\system32\DRIVERS\nglog.sys
04:34:44.0984 1792 NgLog - ok
04:34:45.0218 1792 NgVpn (83d5bc84a9ab622170eea134c2087121) C:\WINDOWS\system32\DRIVERS\ngvpn.sys
04:34:45.0218 1792 NgVpn - ok
04:34:46.0453 1792 NgVpnMgr (891fe6fe51a495502d272e3c34627f65) C:\WINDOWS\system32\ngvpnmgr.exe
04:34:46.0640 1792 NgVpnMgr - ok
04:34:47.0781 1792 NgWfp (833fedde4a87a744d9400f6cda35737c) C:\WINDOWS\system32\DRIVERS\ngwfp.sys
04:34:47.0796 1792 NgWfp - ok
04:34:49.0031 1792 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
04:34:49.0031 1792 NIC1394 - ok
04:34:49.0765 1792 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
04:34:49.0781 1792 Nla - ok
04:34:50.0015 1792 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
04:34:50.0031 1792 nm - ok
04:34:50.0250 1792 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
04:34:50.0250 1792 Npfs - ok
04:34:50.0406 1792 nsm1bus - ok
04:34:50.0640 1792 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
04:34:50.0671 1792 Ntfs - ok
04:34:50.0890 1792 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
04:34:50.0890 1792 NtLmSsp - ok
04:34:51.0109 1792 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
04:34:51.0140 1792 NtmsSvc - ok
04:34:51.0375 1792 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
04:34:51.0375 1792 Null - ok
04:34:51.0578 1792 nv - ok
04:34:51.0781 1792 NVSvc (26712cf8be48bc767854927435c0b6a9) C:\WINDOWS\System32\nvsvc32.exe
04:34:51.0781 1792 NVSvc - ok
04:34:52.0000 1792 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
04:34:52.0000 1792 NwlnkFlt - ok
04:34:52.0234 1792 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
04:34:52.0234 1792 NwlnkFwd - ok
04:34:52.0453 1792 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
04:34:52.0453 1792 NwlnkIpx - ok
04:34:52.0687 1792 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
04:34:52.0687 1792 NwlnkNb - ok
04:34:52.0890 1792 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
04:34:52.0906 1792 NwlnkSpx - ok
04:34:53.0078 1792 NwSapAgent (4b83fcbbe72af5f99d109798653e8b78) C:\WINDOWS\System32\ipxsap.dll
04:34:53.0078 1792 NwSapAgent - ok
04:34:53.0265 1792 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
04:34:53.0281 1792 ohci1394 - ok
04:34:53.0515 1792 omci (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\system32\DRIVERS\omci.sys
04:34:53.0515 1792 omci - ok
04:34:53.0703 1792 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
04:34:53.0703 1792 P3 - ok
04:34:53.0937 1792 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
04:34:53.0937 1792 Parport - ok
04:34:57.0843 1792 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
04:34:57.0843 1792 PartMgr - ok
04:35:02.0890 1792 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
04:35:02.0953 1792 ParVdm - ok
04:35:03.0593 1792 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
04:35:03.0593 1792 PCI - ok
04:35:04.0234 1792 PCIDump - ok
04:35:04.0546 1792 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
04:35:04.0562 1792 PCIIde - ok
04:35:04.0859 1792 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
04:35:04.0859 1792 Pcmcia - ok
04:35:05.0093 1792 PDCOMP - ok
04:35:05.0328 1792 PDFRAME - ok
04:35:05.0500 1792 PDRELI - ok
04:35:05.0921 1792 PDRFRAME - ok
04:35:06.0296 1792 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
04:35:06.0296 1792 perc2 - ok
04:35:06.0500 1792 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
04:35:06.0500 1792 perc2hib - ok
04:35:06.0875 1792 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
04:35:06.0875 1792 pfc - ok
04:35:07.0265 1792 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
04:35:07.0265 1792 PlugPlay - ok
04:35:07.0500 1792 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
04:35:07.0500 1792 PolicyAgent - ok
04:35:07.0812 1792 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
04:35:07.0812 1792 PptpMiniport - ok
04:35:08.0062 1792 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
04:35:08.0078 1792 Processor - ok
04:35:08.0296 1792 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
04:35:08.0296 1792 ProtectedStorage - ok
04:35:08.0531 1792 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
04:35:08.0531 1792 PSched - ok
04:35:08.0906 1792 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
04:35:08.0906 1792 Ptilink - ok
04:35:09.0093 1792 pwd_2k - ok
04:35:09.0296 1792 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
04:35:09.0296 1792 PxHelp20 - ok
04:35:09.0531 1792 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
04:35:09.0531 1792 ql1080 - ok
04:35:09.0781 1792 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
04:35:09.0781 1792 Ql10wnt - ok
04:35:10.0062 1792 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
04:35:10.0093 1792 ql12160 - ok
04:35:10.0375 1792 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
04:35:10.0375 1792 ql1240 - ok
04:35:10.0625 1792 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
04:35:10.0625 1792 ql1280 - ok
04:35:11.0046 1792 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
04:35:11.0046 1792 RasAcd - ok
04:35:11.0265 1792 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
04:35:11.0281 1792 RasAuto - ok
04:35:11.0515 1792 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
04:35:11.0515 1792 Rasl2tp - ok
04:35:11.0859 1792 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
04:35:11.0859 1792 RasMan - ok
04:35:12.0234 1792 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
04:35:12.0234 1792 RasPppoe - ok
04:35:12.0468 1792 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
04:35:12.0468 1792 Raspti - ok
04:35:12.0671 1792 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
04:35:12.0671 1792 Rdbss - ok
04:35:13.0140 1792 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
04:35:13.0140 1792 RDPCDD - ok
04:35:13.0375 1792 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
04:35:13.0375 1792 rdpdr - ok
04:35:13.0625 1792 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
04:35:13.0625 1792 RDPWD - ok
04:35:13.0953 1792 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
04:35:13.0953 1792 RDSessMgr - ok
04:35:14.0250 1792 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
04:35:14.0250 1792 redbook - ok
04:35:14.0453 1792 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
04:35:14.0453 1792 RemoteAccess - ok
04:35:14.0671 1792 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
04:35:14.0671 1792 RpcLocator - ok
04:35:15.0390 1792 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
04:35:15.0390 1792 RpcSs - ok
04:35:15.0593 1792 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
04:35:15.0609 1792 RSVP - ok
04:35:16.0187 1792 s117bus - ok
04:35:16.0546 1792 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
04:35:16.0546 1792 SamSs - ok
04:35:17.0171 1792 SbcpHid (30d94039a729571146eb9d736ec1aadd) C:\WINDOWS\system32\Drivers\SbcpHid.sys
04:35:17.0171 1792 SbcpHid - ok
04:35:17.0437 1792 ScanUSBEMPIA - ok
04:35:17.0640 1792 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
04:35:17.0640 1792 SCardSvr - ok
04:35:18.0062 1792 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
04:35:18.0078 1792 Schedule - ok
04:35:18.0343 1792 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
04:35:18.0359 1792 SeagateDashboardService - ok
04:35:18.0593 1792 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
04:35:18.0593 1792 Secdrv - ok
04:35:19.0140 1792 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
04:35:19.0140 1792 seclogon - ok
04:35:19.0343 1792 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
04:35:19.0343 1792 SENS - ok
04:35:19.0562 1792 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
04:35:19.0562 1792 serenum - ok
04:35:19.0750 1792 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
04:35:19.0750 1792 Serial - ok
04:35:20.0218 1792 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
04:35:20.0218 1792 Sfloppy - ok
04:35:20.0437 1792 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
04:35:20.0468 1792 SharedAccess - ok
04:35:20.0703 1792 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
04:35:20.0703 1792 ShellHWDetection - ok
04:35:21.0406 1792 Simbad - ok
04:35:22.0468 1792 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
04:35:22.0484 1792 sisagp - ok
04:35:23.0875 1792 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
04:35:23.0968 1792 SLIP - ok
04:35:25.0515 1792 smwdm (31fd0707c7dbe715234f2823b27214fe) C:\WINDOWS\system32\drivers\smwdm.sys
04:35:25.0578 1792 smwdm - ok
04:35:25.0968 1792 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
04:35:25.0968 1792 Sparrow - ok
04:35:26.0093 1792 SPF4 (7234e4b852f8fa0c48ff0e4fd7394490) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
04:35:26.0156 1792 SPF4 - ok
04:35:26.0359 1792 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
04:35:26.0359 1792 splitter - ok
04:35:26.0593 1792 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
04:35:26.0593 1792 Spooler - ok
04:35:26.0703 1792 sprtsvc_dellsupportcenter - ok
04:35:26.0937 1792 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
04:35:26.0937 1792 sr - ok
04:35:27.0171 1792 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
04:35:27.0171 1792 srservice - ok
04:35:27.0718 1792 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
04:35:27.0750 1792 Srv - ok
04:35:27.0937 1792 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
04:35:27.0953 1792 SSDPSRV - ok
04:35:28.0140 1792 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
04:35:28.0171 1792 stisvc - ok
04:35:28.0406 1792 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
04:35:28.0406 1792 streamip - ok
04:35:28.0609 1792 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
04:35:28.0609 1792 swenum - ok
04:35:28.0859 1792 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
04:35:28.0859 1792 swmidi - ok
04:35:29.0000 1792 SwPrv - ok
04:35:29.0265 1792 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
04:35:29.0265 1792 symc810 - ok
04:35:29.0484 1792 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
04:35:29.0484 1792 symc8xx - ok
04:35:29.0703 1792 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
04:35:29.0703 1792 sym_hi - ok
04:35:29.0937 1792 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
04:35:29.0937 1792 sym_u3 - ok
04:35:30.0125 1792 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
04:35:30.0125 1792 sysaudio - ok
04:35:30.0312 1792 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
04:35:30.0328 1792 SysmonLog - ok
04:35:30.0515 1792 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
04:35:30.0531 1792 TapiSrv - ok
04:35:30.0781 1792 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
04:35:30.0812 1792 Tcpip - ok
04:35:31.0062 1792 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
04:35:31.0078 1792 Tcpip6 - ok
04:35:31.0296 1792 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
04:35:31.0296 1792 TDPIPE - ok
04:35:31.0515 1792 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
04:35:31.0515 1792 TDTCP - ok
04:35:31.0750 1792 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
04:35:31.0750 1792 TermDD - ok
04:35:31.0937 1792 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
04:35:31.0968 1792 TermService - ok
04:35:32.0187 1792 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
04:35:32.0187 1792 Themes - ok
04:35:32.0421 1792 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
04:35:32.0421 1792 TosIde - ok
04:35:32.0625 1792 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
04:35:32.0625 1792 TrkWks - ok
04:35:32.0843 1792 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
04:35:32.0843 1792 tunmp - ok
04:35:33.0078 1792 UdfReadr_xp (4e75005b74be901c30f2636df40b0c15) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
04:35:33.0093 1792 UdfReadr_xp - ok
04:35:33.0312 1792 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
04:35:33.0312 1792 Udfs - ok
04:35:33.0546 1792 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
04:35:33.0546 1792 ultra - ok
04:35:33.0812 1792 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
04:35:33.0859 1792 Update - ok
04:35:34.0078 1792 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
04:35:34.0078 1792 upnphost - ok
04:35:34.0265 1792 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
04:35:34.0265 1792 UPS - ok
04:35:34.0468 1792 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
04:35:34.0484 1792 usbaudio - ok
04:35:34.0703 1792 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
04:35:34.0718 1792 usbccgp - ok
04:35:34.0921 1792 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
04:35:34.0921 1792 usbehci - ok
04:35:35.0140 1792 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
04:35:35.0140 1792 usbhub - ok
04:35:35.0359 1792 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
04:35:35.0359 1792 usbprint - ok
04:35:35.0609 1792 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
04:35:35.0625 1792 usbscan - ok
04:35:35.0921 1792 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
04:35:35.0921 1792 USBSTOR - ok
04:35:36.0156 1792 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
04:35:36.0171 1792 usbuhci - ok
04:35:36.0421 1792 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
04:35:36.0421 1792 usbvideo - ok
04:35:36.0656 1792 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
04:35:36.0656 1792 VgaSave - ok
04:35:36.0890 1792 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
04:35:36.0890 1792 viaagp - ok
04:35:37.0109 1792 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
04:35:37.0109 1792 ViaIde - ok
04:35:37.0328 1792 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
04:35:37.0328 1792 VolSnap - ok
04:35:37.0515 1792 vsdatant (d658e49302c382b88c8e9a08e20b2e82) C:\WINDOWS\system32\vsdatant.sys
04:35:37.0531 1792 vsdatant - ok
04:35:37.0734 1792 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
04:35:37.0750 1792 VSS - ok
04:35:37.0906 1792 vstor2-ws60 - ok
04:35:38.0078 1792 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
04:35:38.0093 1792 w32time - ok
04:35:38.0234 1792 w810bus - ok
04:35:38.0437 1792 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
04:35:38.0437 1792 Wanarp - ok
04:35:38.0640 1792 wanatw - ok
04:35:38.0812 1792 WDICA - ok
04:35:39.0015 1792 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
04:35:39.0015 1792 wdmaud - ok
04:35:39.0562 1792 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
04:35:39.0562 1792 WebClient - ok
04:35:39.0796 1792 winachsf (b3133dc158e59e80f5498484b0c2d558) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
04:35:39.0828 1792 winachsf - ok
04:35:40.0046 1792 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
04:35:40.0046 1792 winmgmt - ok
04:35:40.0156 1792 winvnc - ok
04:35:40.0343 1792 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
04:35:40.0359 1792 WmdmPmSN - ok
04:35:40.0578 1792 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
04:35:40.0578 1792 WmiApSrv - ok
04:35:40.0703 1792 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
04:35:40.0750 1792 WMPNetworkSvc - ok
04:35:41.0000 1792 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
04:35:41.0000 1792 WS2IFSL - ok
04:35:41.0203 1792 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
04:35:41.0203 1792 wscsvc - ok
04:35:41.0437 1792 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
04:35:41.0437 1792 WSTCODEC - ok
04:35:41.0625 1792 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
04:35:41.0656 1792 wuauserv - ok
04:35:41.0921 1792 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
04:35:41.0921 1792 WudfPf - ok
04:35:42.0156 1792 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
04:35:42.0156 1792 WudfRd - ok
04:35:42.0390 1792 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
04:35:42.0406 1792 WudfSvc - ok
04:35:42.0609 1792 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
04:35:42.0640 1792 WZCSVC - ok
04:35:42.0843 1792 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
04:35:42.0843 1792 xmlprov - ok
04:35:42.0984 1792 ZipToA - ok
04:35:43.0140 1792 zntport - ok
04:35:43.0187 1792 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
04:35:43.0390 1792 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
04:35:43.0390 1792 \Device\Harddisk0\DR0 - detected TDSS File System (1)
04:35:43.0421 1792 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
04:35:43.0656 1792 \Device\Harddisk1\DR3 - ok
04:35:43.0656 1792 Boot (0x1200) (55cd1445d417b298309f5f2904f56d8e) \Device\Harddisk0\DR0\Partition0
04:35:43.0656 1792 \Device\Harddisk0\DR0\Partition0 - ok
04:35:43.0671 1792 Boot (0x1200) (c45049ff86f03609c04f2db21fe9b167) \Device\Harddisk1\DR3\Partition0
04:35:43.0671 1792 \Device\Harddisk1\DR3\Partition0 - ok
04:35:43.0671 1792 ============================================================
04:35:43.0671 1792 Scan finished
04:35:43.0671 1792 ============================================================
04:35:43.0703 4084 Detected object count: 1
04:35:43.0703 4084 Actual detected object count: 1
04:36:21.0593 4084 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
04:36:21.0593 4084 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
04:37:00.0796 2604 Deinitialize success

jeffce
2012-04-19, 14:39
Hi,

That was a bad one there. Run TDSSKiller again and then when you get to this entry >> \Device\Harddisk0\DR0 ( TDSS File System ) be sure to Delete that one. Then run a new scan with TDSSKiller.

GreenWithEnvy
2012-04-19, 15:03
I rescanned, chose delete, and then rebooted. Then I ran the scan again. Here is the log:

07:57:05.0140 2948 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
07:57:05.0625 2948 ============================================================
07:57:05.0625 2948 Current date / time: 2012/04/19 07:57:05.0625
07:57:05.0625 2948 SystemInfo:
07:57:05.0625 2948
07:57:05.0625 2948 OS Version: 5.1.2600 ServicePack: 3.0
07:57:05.0625 2948 Product type: Workstation
07:57:05.0625 2948 ComputerName: MJH
07:57:05.0625 2948 UserName: Mike Hoover
07:57:05.0625 2948 Windows directory: C:\WINDOWS
07:57:05.0625 2948 System windows directory: C:\WINDOWS
07:57:05.0625 2948 Processor architecture: Intel x86
07:57:05.0625 2948 Number of processors: 1
07:57:05.0625 2948 Page size: 0x1000
07:57:05.0625 2948 Boot type: Normal boot
07:57:05.0625 2948 ============================================================
07:57:09.0703 2948 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:57:09.0734 2948 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:57:09.0734 2948 \Device\Harddisk0\DR0:
07:57:09.0750 2948 MBR partitions:
07:57:09.0750 2948 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x94EAFF8
07:57:09.0750 2948 \Device\Harddisk1\DR3:
07:57:09.0750 2948 MBR partitions:
07:57:09.0750 2948 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
07:57:09.0906 2948 C: <-> \Device\Harddisk0\DR0\Partition0
07:57:09.0968 2948 F: <-> \Device\Harddisk1\DR3\Partition0
07:57:09.0968 2948 Initialize success
07:57:09.0968 2948 ============================================================
07:57:21.0062 3608 ============================================================
07:57:21.0062 3608 Scan started
07:57:21.0062 3608 Mode: Manual; TDLFS;
07:57:21.0062 3608 ============================================================
07:57:24.0218 3608 6to4 (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll
07:57:24.0312 3608 6to4 - ok
07:57:25.0296 3608 Abiosdsk - ok
07:57:27.0062 3608 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
07:57:27.0250 3608 abp480n5 - ok
07:57:28.0937 3608 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:57:29.0343 3608 ACPI - ok
07:57:30.0328 3608 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
07:57:30.0343 3608 ACPIEC - ok
07:57:31.0046 3608 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
07:57:31.0156 3608 adpu160m - ok
07:57:32.0171 3608 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
07:57:32.0203 3608 aeaudio - ok
07:57:33.0609 3608 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
07:57:33.0640 3608 aec - ok
07:57:34.0156 3608 aegisp - ok
07:57:35.0531 3608 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
07:57:35.0531 3608 AFD - ok
07:57:36.0390 3608 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
07:57:36.0421 3608 agp440 - ok
07:57:37.0093 3608 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
07:57:37.0156 3608 agpCPQ - ok
07:57:38.0437 3608 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
07:57:38.0484 3608 Aha154x - ok
07:57:39.0953 3608 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
07:57:40.0000 3608 aic78u2 - ok
07:57:40.0312 3608 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
07:57:40.0312 3608 aic78xx - ok
07:57:40.0515 3608 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
07:57:40.0515 3608 Alerter - ok
07:57:40.0734 3608 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
07:57:40.0734 3608 ALG - ok
07:57:41.0000 3608 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
07:57:41.0000 3608 AliIde - ok
07:57:41.0265 3608 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
07:57:41.0265 3608 alim1541 - ok
07:57:41.0531 3608 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
07:57:41.0546 3608 amdagp - ok
07:57:42.0078 3608 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
07:57:42.0078 3608 amsint - ok
07:57:42.0265 3608 AppMgmt - ok
07:57:42.0500 3608 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:57:42.0515 3608 Arp1394 - ok
07:57:42.0750 3608 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
07:57:42.0750 3608 asc - ok
07:57:43.0015 3608 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
07:57:43.0031 3608 asc3350p - ok
07:57:43.0296 3608 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
07:57:43.0296 3608 asc3550 - ok
07:57:43.0515 3608 Aspi32 - ok
07:57:43.0718 3608 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:57:43.0750 3608 aspnet_state - ok
07:57:44.0000 3608 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:57:44.0015 3608 AsyncMac - ok
07:57:44.0281 3608 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
07:57:44.0281 3608 atapi - ok
07:57:44.0484 3608 Atdisk - ok
07:57:44.0625 3608 atikmdag - ok
07:57:44.0968 3608 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:57:44.0968 3608 Atmarpc - ok
07:57:45.0312 3608 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
07:57:45.0328 3608 AudioSrv - ok
07:57:45.0781 3608 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
07:57:45.0796 3608 audstub - ok
07:57:45.0968 3608 Basics Service (55fed228fe147ecb9c47a1c55388896e) C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
07:57:46.0093 3608 Basics Service - ok
07:57:46.0484 3608 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
07:57:46.0484 3608 Beep - ok
07:57:47.0656 3608 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
07:57:48.0281 3608 BITS - ok
07:57:48.0656 3608 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
07:57:48.0671 3608 Bridge - ok
07:57:48.0687 3608 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
07:57:48.0687 3608 BridgeMP - ok
07:57:49.0062 3608 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
07:57:49.0078 3608 Browser - ok
07:57:49.0343 3608 catchme - ok
07:57:49.0890 3608 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
07:57:49.0921 3608 cbidf - ok
07:57:50.0562 3608 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
07:57:50.0562 3608 cbidf2k - ok
07:57:51.0078 3608 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
07:57:51.0109 3608 CCDECODE - ok
07:57:51.0875 3608 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
07:57:51.0937 3608 cd20xrnt - ok
07:57:52.0531 3608 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
07:57:52.0546 3608 Cdaudio - ok
07:57:52.0968 3608 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
07:57:53.0000 3608 Cdfs - ok
07:57:53.0578 3608 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
07:57:53.0578 3608 Cdr4_xp - ok
07:57:54.0078 3608 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
07:57:54.0078 3608 Cdralw2k - ok
07:57:54.0546 3608 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:57:54.0546 3608 Cdrom - ok
07:57:54.0906 3608 cdudf_xp (cfd81f2140193fc7f1812e6d6eaf6795) C:\WINDOWS\system32\drivers\cdudf_xp.sys
07:57:54.0937 3608 cdudf_xp - ok
07:57:55.0359 3608 Changer - ok
07:57:55.0906 3608 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
07:57:55.0968 3608 CiSvc - ok
07:57:56.0562 3608 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
07:57:56.0578 3608 ClipSrv - ok
07:57:56.0953 3608 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:57:57.0453 3608 clr_optimization_v2.0.50727_32 - ok
07:57:58.0031 3608 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
07:57:58.0031 3608 CmdIde - ok
07:57:58.0593 3608 COMSysApp - ok
07:57:59.0187 3608 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
07:57:59.0187 3608 Cpqarray - ok
07:57:59.0796 3608 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
07:57:59.0796 3608 CryptSvc - ok
07:58:00.0218 3608 ctdvda2k - ok
07:58:00.0593 3608 CVirtA - ok
07:58:01.0046 3608 CVPND (7e1a89338d8b7e1fde676fc2df0b399f) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
07:58:01.0312 3608 CVPND - ok
07:58:01.0593 3608 CVPNDRVA - ok
07:58:02.0328 3608 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
07:58:02.0375 3608 dac2w2k - ok
07:58:03.0500 3608 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
07:58:03.0515 3608 dac960nt - ok
07:58:03.0953 3608 DCamUSBEMPIA - ok
07:58:04.0421 3608 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
07:58:04.0453 3608 DcomLaunch - ok
07:58:04.0859 3608 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
07:58:04.0875 3608 Dhcp - ok
07:58:05.0578 3608 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\DISK.SYS
07:58:05.0593 3608 Disk - ok
07:58:06.0203 3608 dmadmin - ok
07:58:07.0265 3608 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
07:58:07.0484 3608 dmboot - ok
07:58:08.0109 3608 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
07:58:08.0125 3608 dmio - ok
07:58:08.0843 3608 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
07:58:08.0843 3608 dmload - ok
07:58:09.0312 3608 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
07:58:09.0328 3608 dmserver - ok
07:58:10.0031 3608 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
07:58:10.0046 3608 DMusic - ok
07:58:10.0453 3608 DNE - ok
07:58:11.0234 3608 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
07:58:11.0234 3608 Dnscache - ok
07:58:11.0656 3608 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
07:58:11.0687 3608 Dot3svc - ok
07:58:12.0281 3608 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
07:58:12.0328 3608 dpti2o - ok
07:58:12.0984 3608 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
07:58:12.0984 3608 drmkaud - ok
07:58:13.0328 3608 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
07:58:13.0437 3608 DSBrokerService - ok
07:58:13.0828 3608 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
07:58:13.0859 3608 DSproct - ok
07:58:14.0453 3608 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
07:58:14.0468 3608 dsunidrv - ok
07:58:14.0953 3608 dvd_2K - ok
07:58:15.0687 3608 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
07:58:15.0718 3608 E100B - ok
07:58:16.0359 3608 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
07:58:16.0359 3608 EapHost - ok
07:58:17.0000 3608 efs - ok
07:58:17.0750 3608 EL90XBC - ok
07:58:18.0375 3608 emAudio (e63252dc23558bacadcd2d1767bd8c47) C:\WINDOWS\system32\drivers\emAudio.sys
07:58:18.0390 3608 emAudio - ok
07:58:19.0140 3608 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
07:58:19.0140 3608 ERSvc - ok
07:58:19.0750 3608 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
07:58:19.0796 3608 Eventlog - ok
07:58:20.0562 3608 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
07:58:20.0625 3608 EventSystem - ok
07:58:21.0406 3608 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
07:58:21.0421 3608 Fastfat - ok
07:58:21.0812 3608 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:58:21.0843 3608 FastUserSwitchingCompatibility - ok
07:58:22.0296 3608 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
07:58:22.0296 3608 Fdc - ok
07:58:22.0718 3608 FilterService (50104c5f1ee1e295781caf9521ca2e56) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
07:58:22.0718 3608 FilterService - ok
07:58:23.0109 3608 FiltUSBEMPIA - ok
07:58:23.0515 3608 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
07:58:23.0515 3608 Fips - ok
07:58:23.0828 3608 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:58:23.0828 3608 Flpydisk - ok
07:58:24.0250 3608 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
07:58:24.0250 3608 FltMgr - ok
07:58:24.0937 3608 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:58:24.0968 3608 FontCache3.0.0.0 - ok
07:58:25.0640 3608 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:58:25.0640 3608 Fs_Rec - ok
07:58:26.0296 3608 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:58:26.0328 3608 Ftdisk - ok
07:58:26.0906 3608 fwdrv (3a3929b7a0eeef83df3a6c81e43a1fa9) C:\WINDOWS\system32\drivers\fwdrv.sys
07:58:26.0968 3608 fwdrv - ok
07:58:27.0593 3608 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:58:27.0609 3608 Gpc - ok
07:58:28.0000 3608 GT680x - ok
07:58:28.0375 3608 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:58:28.0390 3608 helpsvc - ok
07:58:28.0812 3608 HFACSVC - ok
07:58:29.0140 3608 HidServ - ok
07:58:29.0656 3608 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
07:58:29.0671 3608 hkmsvc - ok
07:58:30.0031 3608 houdiniserver - ok
07:58:30.0609 3608 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
07:58:30.0625 3608 hpn - ok
07:58:31.0109 3608 HSFHWBS2 (96fae6dc24574b1cb08dcf9d984a5be4) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
07:58:31.0140 3608 HSFHWBS2 - ok
07:58:31.0890 3608 HSF_DP (2efa8dd8b0270a3a7202ce5f4da465b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
07:58:32.0343 3608 HSF_DP - ok
07:58:32.0859 3608 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
07:58:32.0890 3608 HTTP - ok
07:58:33.0375 3608 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
07:58:33.0390 3608 HTTPFilter - ok
07:58:33.0937 3608 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
07:58:33.0937 3608 i2omgmt - ok
07:58:34.0421 3608 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
07:58:34.0437 3608 i2omp - ok
07:58:34.0906 3608 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:58:34.0921 3608 i8042prt - ok
07:58:35.0468 3608 i81x - ok
07:58:35.0984 3608 iAimFP0 - ok
07:58:36.0531 3608 iAimFP1 - ok
07:58:37.0140 3608 iAimFP2 - ok
07:58:37.0562 3608 iAimFP3 - ok
07:58:38.0046 3608 iAimFP4 - ok
07:58:38.0531 3608 iAimTV0 - ok
07:58:38.0890 3608 iAimTV1 - ok
07:58:39.0359 3608 iAimTV2 - ok
07:58:39.0906 3608 iAimTV3 - ok
07:58:40.0484 3608 iAimTV4 - ok
07:58:41.0015 3608 icm10blk - ok
07:58:41.0375 3608 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
07:58:41.0500 3608 IDriverT - ok
07:58:42.0203 3608 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:58:42.0437 3608 idsvc - ok
07:58:42.0953 3608 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
07:58:43.0000 3608 Imapi - ok
07:58:43.0546 3608 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
07:58:43.0562 3608 ImapiService - ok
07:58:44.0078 3608 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
07:58:44.0093 3608 ini910u - ok
07:58:45.0093 3608 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
07:58:45.0140 3608 IntelIde - ok
07:58:46.0500 3608 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:58:46.0531 3608 intelppm - ok
07:58:48.0375 3608 IomegaAccess - ok
07:58:52.0687 3608 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
07:58:52.0734 3608 ip6fw - ok
07:58:57.0312 3608 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:58:57.0343 3608 IpFilterDriver - ok
07:59:00.0843 3608 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:59:00.0859 3608 IpInIp - ok
07:59:01.0968 3608 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:59:01.0984 3608 IpNat - ok
07:59:02.0359 3608 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:59:02.0375 3608 IPSec - ok
07:59:02.0562 3608 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
07:59:02.0562 3608 IRENUM - ok
07:59:02.0765 3608 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:59:02.0765 3608 isapnp - ok
07:59:02.0953 3608 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
07:59:02.0953 3608 JavaQuickStarterService - ok
07:59:03.0218 3608 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:59:03.0218 3608 Kbdclass - ok
07:59:03.0406 3608 khips (d44c0f4fc254344bad74581632339963) C:\WINDOWS\system32\drivers\khips.sys
07:59:03.0406 3608 khips - ok
07:59:03.0843 3608 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
07:59:03.0859 3608 kmixer - ok
07:59:04.0265 3608 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
07:59:04.0265 3608 KSecDD - ok
07:59:04.0609 3608 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
07:59:04.0609 3608 lanmanserver - ok
07:59:05.0078 3608 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
07:59:05.0109 3608 lanmanworkstation - ok
07:59:05.0390 3608 lanusb - ok
07:59:05.0718 3608 lbrtfdc - ok
07:59:06.0046 3608 LexBceS (adcc087837f30e257ba794a50817aa9e) C:\WINDOWS\system32\LEXBCES.EXE
07:59:06.0046 3608 LexBceS - ok
07:59:06.0375 3608 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
07:59:06.0390 3608 LmHosts - ok
07:59:07.0203 3608 LVCOMSer (38440fe1a65b1fe3d246c5c4cad22f53) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
07:59:07.0218 3608 LVCOMSer - ok
07:59:07.0578 3608 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
07:59:07.0578 3608 LVPr2Mon - ok
07:59:07.0750 3608 LVPrcSrv (28bd0e4b6c050b591b8cb35b9ad284e6) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
07:59:07.0765 3608 LVPrcSrv - ok
07:59:08.0171 3608 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
07:59:08.0203 3608 LVRS - ok
07:59:08.0625 3608 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys
07:59:08.0640 3608 LVUSBSta - ok
07:59:09.0609 3608 LVUVC (8bc0d5f6e3898f465a94c6d03afb5a20) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
07:59:10.0796 3608 LVUVC - ok
07:59:11.0140 3608 mdmxsdk (aeb54ef22cb7c7e3f405f69f048d696c) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
07:59:11.0156 3608 mdmxsdk - ok
07:59:11.0734 3608 MemeoBackgroundService (9547f37d0e899fd71b52b2afd4437c79) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
07:59:11.0750 3608 MemeoBackgroundService - ok
07:59:12.0375 3608 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
07:59:12.0390 3608 Messenger - ok
07:59:13.0187 3608 mmc_2K - ok
07:59:14.0406 3608 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
07:59:14.0421 3608 mnmdd - ok
07:59:15.0531 3608 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
07:59:15.0578 3608 mnmsrvc - ok
07:59:16.0781 3608 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
07:59:16.0796 3608 Modem - ok
07:59:18.0812 3608 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:59:18.0828 3608 Mouclass - ok
07:59:19.0734 3608 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
07:59:19.0750 3608 MountMgr - ok
07:59:20.0109 3608 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
07:59:20.0125 3608 mraid35x - ok
07:59:20.0375 3608 MRENDIS5 - ok
07:59:20.0843 3608 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:59:20.0859 3608 MRxDAV - ok
07:59:21.0296 3608 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:59:21.0328 3608 MRxSmb - ok
07:59:21.0734 3608 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
07:59:21.0734 3608 MSDTC - ok
07:59:22.0125 3608 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
07:59:22.0125 3608 Msfs - ok
07:59:22.0437 3608 MSIServer - ok
07:59:22.0765 3608 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:59:22.0781 3608 MSKSSRV - ok
07:59:23.0062 3608 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:59:23.0062 3608 MSPCLOCK - ok
07:59:23.0375 3608 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
07:59:23.0375 3608 MSPQM - ok
07:59:23.0656 3608 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:59:23.0687 3608 mssmbios - ok
07:59:24.0046 3608 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
07:59:24.0046 3608 MSTEE - ok
07:59:24.0218 3608 MTK - ok
07:59:24.0406 3608 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
07:59:24.0406 3608 Mup - ok
07:59:24.0609 3608 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
07:59:24.0609 3608 NABTSFEC - ok
07:59:24.0921 3608 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
07:59:24.0953 3608 napagent - ok
07:59:25.0250 3608 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
07:59:25.0265 3608 NDIS - ok
07:59:25.0453 3608 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
07:59:25.0453 3608 NdisIP - ok
07:59:25.0640 3608 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:59:25.0640 3608 NdisTapi - ok
07:59:25.0843 3608 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:59:25.0843 3608 Ndisuio - ok
07:59:26.0062 3608 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:59:26.0062 3608 NdisWan - ok
07:59:26.0250 3608 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
07:59:26.0250 3608 NDProxy - ok
07:59:26.0468 3608 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
07:59:26.0468 3608 NetBIOS - ok
07:59:26.0656 3608 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
07:59:26.0656 3608 NetBT - ok
07:59:26.0843 3608 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
07:59:26.0843 3608 NetDDE - ok
07:59:26.0843 3608 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
07:59:26.0843 3608 NetDDEdsdm - ok
07:59:27.0046 3608 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:27.0046 3608 Netlogon - ok
07:59:27.0218 3608 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
07:59:27.0218 3608 Netman - ok
07:59:27.0359 3608 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:59:27.0359 3608 NetTcpPortSharing - ok
07:59:27.0562 3608 NgFilter (19cadea89c6577315b76f016f6da802d) C:\WINDOWS\system32\DRIVERS\ngfilter.sys
07:59:27.0562 3608 NgFilter - ok
07:59:27.0750 3608 NgLog (3608c65f0db2fc2d73d859d1c192c575) C:\WINDOWS\system32\DRIVERS\nglog.sys
07:59:27.0750 3608 NgLog - ok
07:59:27.0953 3608 NgVpn (83d5bc84a9ab622170eea134c2087121) C:\WINDOWS\system32\DRIVERS\ngvpn.sys
07:59:27.0968 3608 NgVpn - ok
07:59:28.0203 3608 NgVpnMgr (891fe6fe51a495502d272e3c34627f65) C:\WINDOWS\system32\ngvpnmgr.exe
07:59:28.0218 3608 NgVpnMgr - ok
07:59:28.0421 3608 NgWfp (833fedde4a87a744d9400f6cda35737c) C:\WINDOWS\system32\DRIVERS\ngwfp.sys
07:59:28.0421 3608 NgWfp - ok
07:59:28.0609 3608 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
07:59:28.0609 3608 NIC1394 - ok
07:59:28.0796 3608 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
07:59:28.0796 3608 Nla - ok
07:59:29.0000 3608 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
07:59:29.0000 3608 nm - ok
07:59:29.0203 3608 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
07:59:29.0203 3608 Npfs - ok
07:59:29.0312 3608 nsm1bus - ok
07:59:29.0546 3608 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
07:59:29.0593 3608 Ntfs - ok
07:59:29.0750 3608 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
07:59:29.0750 3608 NtLmSsp - ok
07:59:29.0937 3608 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
07:59:29.0968 3608 NtmsSvc - ok
07:59:30.0187 3608 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
07:59:30.0187 3608 Null - ok
07:59:30.0437 3608 nv (1685a86ce8dc5a70d307dca625fb50e7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
07:59:30.0515 3608 nv - ok
07:59:30.0703 3608 NVSvc (697a09635e30d3722e1124ec33face15) C:\WINDOWS\system32\nvsvc32.exe
07:59:30.0703 3608 NVSvc - ok
07:59:30.0921 3608 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:59:30.0921 3608 NwlnkFlt - ok
07:59:31.0140 3608 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:59:31.0140 3608 NwlnkFwd - ok
07:59:31.0343 3608 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
07:59:31.0343 3608 NwlnkIpx - ok
07:59:31.0546 3608 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
07:59:31.0546 3608 NwlnkNb - ok
07:59:31.0750 3608 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
07:59:31.0765 3608 NwlnkSpx - ok
07:59:31.0937 3608 NwSapAgent (4b83fcbbe72af5f99d109798653e8b78) C:\WINDOWS\System32\ipxsap.dll
07:59:31.0968 3608 NwSapAgent - ok
07:59:32.0187 3608 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
07:59:32.0187 3608 ohci1394 - ok
07:59:32.0359 3608 omci (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\system32\DRIVERS\omci.sys
07:59:32.0375 3608 omci - ok
07:59:32.0562 3608 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
07:59:32.0562 3608 P3 - ok
07:59:32.0765 3608 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
07:59:32.0765 3608 Parport - ok
07:59:32.0968 3608 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
07:59:32.0968 3608 PartMgr - ok
07:59:33.0171 3608 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
07:59:33.0171 3608 ParVdm - ok
07:59:33.0390 3608 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
07:59:33.0390 3608 PCI - ok
07:59:33.0546 3608 PCIDump - ok
07:59:33.0781 3608 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
07:59:33.0781 3608 PCIIde - ok
07:59:33.0984 3608 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
07:59:34.0000 3608 Pcmcia - ok
07:59:34.0203 3608 PDCOMP - ok
07:59:34.0406 3608 PDFRAME - ok
07:59:34.0593 3608 PDRELI - ok
07:59:34.0781 3608 PDRFRAME - ok
07:59:35.0015 3608 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
07:59:35.0031 3608 perc2 - ok
07:59:35.0218 3608 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
07:59:35.0218 3608 perc2hib - ok
07:59:35.0421 3608 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
07:59:35.0421 3608 pfc - ok
07:59:35.0593 3608 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
07:59:35.0593 3608 PlugPlay - ok
07:59:35.0781 3608 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:35.0781 3608 PolicyAgent - ok
07:59:36.0031 3608 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:59:36.0046 3608 PptpMiniport - ok
07:59:36.0250 3608 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
07:59:36.0250 3608 Processor - ok
07:59:36.0484 3608 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:36.0484 3608 ProtectedStorage - ok
07:59:36.0671 3608 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
07:59:36.0671 3608 PSched - ok
07:59:36.0828 3608 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:59:36.0843 3608 Ptilink - ok
07:59:37.0000 3608 pwd_2k - ok
07:59:37.0218 3608 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
07:59:37.0218 3608 PxHelp20 - ok
07:59:37.0437 3608 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
07:59:37.0437 3608 ql1080 - ok
07:59:37.0687 3608 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
07:59:37.0687 3608 Ql10wnt - ok
07:59:37.0937 3608 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
07:59:37.0937 3608 ql12160 - ok
07:59:38.0187 3608 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
07:59:38.0187 3608 ql1240 - ok
07:59:38.0406 3608 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
07:59:38.0406 3608 ql1280 - ok
07:59:38.0609 3608 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:59:38.0609 3608 RasAcd - ok
07:59:38.0765 3608 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
07:59:38.0765 3608 RasAuto - ok
07:59:38.0968 3608 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:59:38.0968 3608 Rasl2tp - ok
07:59:39.0125 3608 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
07:59:39.0140 3608 RasMan - ok
07:59:39.0343 3608 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:59:39.0359 3608 RasPppoe - ok
07:59:39.0546 3608 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
07:59:39.0546 3608 Raspti - ok
07:59:39.0781 3608 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:59:39.0781 3608 Rdbss - ok
07:59:40.0000 3608 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:59:40.0000 3608 RDPCDD - ok
07:59:40.0203 3608 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
07:59:40.0218 3608 rdpdr - ok
07:59:40.0453 3608 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
07:59:40.0453 3608 RDPWD - ok
07:59:40.0656 3608 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
07:59:40.0656 3608 RDSessMgr - ok
07:59:40.0875 3608 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
07:59:40.0875 3608 redbook - ok
07:59:41.0031 3608 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
07:59:41.0046 3608 RemoteAccess - ok
07:59:41.0234 3608 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
07:59:41.0234 3608 RpcLocator - ok
07:59:41.0453 3608 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
07:59:41.0500 3608 RpcSs - ok
07:59:41.0687 3608 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
07:59:41.0703 3608 RSVP - ok
07:59:41.0812 3608 s117bus - ok
07:59:42.0000 3608 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
07:59:42.0000 3608 SamSs - ok
07:59:42.0296 3608 SbcpHid (30d94039a729571146eb9d736ec1aadd) C:\WINDOWS\system32\Drivers\SbcpHid.sys
07:59:42.0296 3608 SbcpHid - ok
07:59:42.0468 3608 ScanUSBEMPIA - ok
07:59:42.0656 3608 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
07:59:42.0656 3608 SCardSvr - ok
07:59:42.0828 3608 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
07:59:42.0828 3608 Schedule - ok
07:59:42.0937 3608 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
07:59:42.0937 3608 SeagateDashboardService - ok
07:59:43.0156 3608 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:59:43.0156 3608 Secdrv - ok
07:59:43.0328 3608 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
07:59:43.0328 3608 seclogon - ok
07:59:43.0484 3608 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
07:59:43.0484 3608 SENS - ok
07:59:43.0656 3608 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
07:59:43.0656 3608 serenum - ok
07:59:43.0875 3608 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
07:59:43.0890 3608 Serial - ok
07:59:44.0078 3608 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
07:59:44.0078 3608 Sfloppy - ok
07:59:44.0234 3608 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
07:59:44.0281 3608 SharedAccess - ok
07:59:44.0468 3608 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:59:44.0484 3608 ShellHWDetection - ok
07:59:44.0656 3608 Simbad - ok
07:59:44.0921 3608 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
07:59:44.0921 3608 sisagp - ok
07:59:45.0140 3608 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
07:59:45.0140 3608 SLIP - ok
07:59:45.0375 3608 smwdm (31fd0707c7dbe715234f2823b27214fe) C:\WINDOWS\system32\drivers\smwdm.sys
07:59:45.0390 3608 smwdm - ok
07:59:45.0609 3608 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
07:59:45.0609 3608 Sparrow - ok
07:59:45.0750 3608 SPF4 (7234e4b852f8fa0c48ff0e4fd7394490) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
07:59:45.0781 3608 SPF4 - ok
07:59:46.0000 3608 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
07:59:46.0000 3608 splitter - ok
07:59:46.0203 3608 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
07:59:46.0203 3608 Spooler - ok
07:59:46.0296 3608 sprtsvc_dellsupportcenter - ok
07:59:46.0500 3608 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
07:59:46.0500 3608 sr - ok
07:59:46.0687 3608 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
07:59:46.0703 3608 srservice - ok
07:59:46.0921 3608 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
07:59:46.0953 3608 Srv - ok
07:59:47.0125 3608 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
07:59:47.0125 3608 SSDPSRV - ok
07:59:47.0296 3608 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
07:59:47.0343 3608 stisvc - ok
07:59:47.0562 3608 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
07:59:47.0562 3608 streamip - ok
07:59:47.0765 3608 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
07:59:47.0781 3608 swenum - ok
07:59:48.0000 3608 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
07:59:48.0000 3608 swmidi - ok
07:59:48.0187 3608 SwPrv - ok
07:59:48.0406 3608 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
07:59:48.0406 3608 symc810 - ok
07:59:48.0609 3608 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
07:59:48.0609 3608 symc8xx - ok
07:59:48.0812 3608 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
07:59:48.0812 3608 sym_hi - ok
07:59:49.0031 3608 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
07:59:49.0031 3608 sym_u3 - ok
07:59:49.0250 3608 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
07:59:49.0250 3608 sysaudio - ok
07:59:49.0437 3608 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
07:59:49.0437 3608 SysmonLog - ok
07:59:49.0625 3608 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
07:59:49.0656 3608 TapiSrv - ok
07:59:49.0937 3608 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:59:49.0984 3608 Tcpip - ok
07:59:50.0234 3608 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
07:59:50.0250 3608 Tcpip6 - ok
07:59:50.0515 3608 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
07:59:50.0515 3608 TDPIPE - ok
07:59:50.0718 3608 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
07:59:50.0718 3608 TDTCP - ok
07:59:50.0921 3608 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
07:59:50.0921 3608 TermDD - ok
07:59:51.0093 3608 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
07:59:51.0125 3608 TermService - ok
07:59:51.0328 3608 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
07:59:51.0343 3608 Themes - ok
07:59:51.0546 3608 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
07:59:51.0546 3608 TosIde - ok
07:59:51.0750 3608 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
07:59:51.0750 3608 TrkWks - ok
07:59:51.0968 3608 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
07:59:51.0968 3608 tunmp - ok
07:59:52.0203 3608 UdfReadr_xp (4e75005b74be901c30f2636df40b0c15) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
07:59:52.0218 3608 UdfReadr_xp - ok
07:59:52.0437 3608 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
07:59:52.0437 3608 Udfs - ok
07:59:52.0656 3608 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
07:59:52.0656 3608 ultra - ok
07:59:52.0906 3608 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
07:59:52.0937 3608 Update - ok
07:59:53.0125 3608 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
07:59:53.0140 3608 upnphost - ok
07:59:53.0328 3608 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
07:59:53.0343 3608 UPS - ok
07:59:53.0546 3608 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
07:59:53.0546 3608 usbaudio - ok
07:59:53.0765 3608 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:59:53.0765 3608 usbccgp - ok
07:59:53.0984 3608 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:59:53.0984 3608 usbehci - ok
07:59:54.0218 3608 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:59:54.0218 3608 usbhub - ok
07:59:54.0437 3608 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:59:54.0437 3608 usbprint - ok
07:59:54.0656 3608 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:59:54.0656 3608 usbscan - ok
07:59:54.0890 3608 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:59:54.0890 3608 USBSTOR - ok
07:59:55.0937 3608 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
07:59:55.0953 3608 usbuhci - ok
07:59:57.0000 3608 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
07:59:57.0046 3608 usbvideo - ok
07:59:58.0234 3608 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
07:59:58.0250 3608 VgaSave - ok
07:59:59.0421 3608 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
07:59:59.0421 3608 viaagp - ok
07:59:59.0640 3608 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
07:59:59.0640 3608 ViaIde - ok
07:59:59.0875 3608 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
07:59:59.0875 3608 VolSnap - ok
08:00:00.0062 3608 vsdatant (d658e49302c382b88c8e9a08e20b2e82) C:\WINDOWS\system32\vsdatant.sys
08:00:00.0062 3608 vsdatant - ok
08:00:00.0296 3608 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
08:00:00.0296 3608 VSS - ok
08:00:00.0453 3608 vstor2-ws60 - ok
08:00:00.0625 3608 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
08:00:00.0640 3608 w32time - ok
08:00:00.0781 3608 w810bus - ok
08:00:01.0031 3608 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:00:01.0031 3608 Wanarp - ok
08:00:01.0218 3608 wanatw - ok
08:00:01.0453 3608 WDICA - ok
08:00:01.0734 3608 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:00:01.0734 3608 wdmaud - ok
08:00:01.0890 3608 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
08:00:01.0906 3608 WebClient - ok
08:00:02.0125 3608 winachsf (b3133dc158e59e80f5498484b0c2d558) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
08:00:02.0171 3608 winachsf - ok
08:00:02.0421 3608 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:00:02.0437 3608 winmgmt - ok
08:00:02.0515 3608 winvnc - ok
08:00:02.0671 3608 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
08:00:02.0687 3608 WmdmPmSN - ok
08:00:02.0875 3608 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:00:02.0875 3608 WmiApSrv - ok
08:00:03.0000 3608 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
08:00:03.0046 3608 WMPNetworkSvc - ok
08:00:03.0281 3608 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:00:03.0281 3608 WS2IFSL - ok
08:00:03.0453 3608 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
08:00:03.0453 3608 wscsvc - ok
08:00:03.0656 3608 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
08:00:03.0656 3608 WSTCODEC - ok
08:00:03.0828 3608 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
08:00:03.0843 3608 wuauserv - ok
08:00:04.0046 3608 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:00:04.0046 3608 WudfPf - ok
08:00:04.0375 3608 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:00:04.0375 3608 WudfRd - ok
08:00:04.0546 3608 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
08:00:04.0546 3608 WudfSvc - ok
08:00:04.0750 3608 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
08:00:04.0781 3608 WZCSVC - ok
08:00:04.0984 3608 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
08:00:04.0984 3608 xmlprov - ok
08:00:05.0125 3608 ZipToA - ok
08:00:05.0281 3608 zntport - ok
08:00:05.0296 3608 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
08:00:05.0578 3608 \Device\Harddisk0\DR0 - ok
08:00:05.0578 3608 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
08:00:05.0781 3608 \Device\Harddisk1\DR3 - ok
08:00:05.0781 3608 Boot (0x1200) (55cd1445d417b298309f5f2904f56d8e) \Device\Harddisk0\DR0\Partition0
08:00:05.0781 3608 \Device\Harddisk0\DR0\Partition0 - ok
08:00:05.0796 3608 Boot (0x1200) (c45049ff86f03609c04f2db21fe9b167) \Device\Harddisk1\DR3\Partition0
08:00:05.0812 3608 \Device\Harddisk1\DR3\Partition0 - ok
08:00:05.0812 3608 ============================================================
08:00:05.0812 3608 Scan finished
08:00:05.0812 3608 ============================================================
08:00:05.0812 2248 Detected object count: 0
08:00:05.0812 2248 Actual detected object count: 0
08:00:57.0937 1780 Deinitialize success

jeffce
2012-04-19, 17:34
There we go...that is what I wanted to see.

How is your system behaving?

GreenWithEnvy
2012-04-19, 17:57
How is your system behaving?

It is behaving pretty well. The last two times I booted it this morning, it did not recognize my new external hard drive. I'm not sure what going on there. I had to unplug and replug the USB jack for the system to recognize it.

I'm getting a message from Outlook when I try to send email that someone is trying to access my Contact List and warns it could be a virus. I say continue anyway. This might be related to the new external harddrive software as well. It's very intrusive by default and somewhat obnoxious. I'll have to see if I can turn off some of the great features I have no interest in.

But yeah, everything's good. System performance is pretty good, internet access is good. I only have 3 drivers that aren't found and two relate to software that allows me to VPN into my work PC. I can always reload that software if I need to.

Overall, things are back to normal and running well.

jeffce
2012-04-19, 21:00
Glad to hear things are now running better. :)
----------

Let's check for anything else left hiding and get some updates.

I see that you have Malwarebytes on your computer. Please open Malwarebytes, update it and then run a Quick Scan. There will be a log created that I will need in your next reply.
----------

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here (http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.htmll).

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.



Please go here (http://www.eset.com/us/online-scanner/) then click on: http://i280.photobucket.com/albums/kk173/Dakeyras_album2/EOLS1.gif
[quote]Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
Select the option YES, I accept the Terms of Use then click on: http://i280.photobucket.com/albums/kk173/Dakeyras_album2/EOLS2.gif
When prompted allow the Add-On/Active X to install.
Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:


Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Now click on: http://i280.photobucket.com/albums/kk173/Dakeyras_album2/EOLS3.gif
The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
Now click on: http://i280.photobucket.com/albums/kk173/Dakeyras_album2/EOLS4.gif
Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
Copy and paste that log as a reply to this topic.


Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
----------


You have an older version of Adobe Reader. You can download the current version HERE (http://www.adobe.com/products/acrobat/readstep2.html)

You may want to consider Foxit Reader (http://www.foxitsoftware.com/downloads/index.php) instead. It may be a bit lighter on resources.

Visit their support forum
Foxit Forum (http://www.foxitsoftware.com/bbs/forumdisplay.php?f=3)

In either case you should uninstall Adobe Reader 8.3.1 first. Be sure to move any PDF documents to another folder first though.
----------

Please download JavaRa (http://raproducts.org/click/click.php?id=1) to your desktop and unzip it to its own
folder
Run JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista), pick the language of your choice and click Select. Then
click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista) again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest
Java Runtime Environment (JRE) version for your computer using the Offline version of either x86 (32bit operating system) or x64 (64bit operating system).
----------

In your next reply let me know if you had any problems with the instructions and also post the logs made by Malwarebytes and ESET online scanner.

GreenWithEnvy
2012-04-20, 02:22
Here is the Malwarebytes log and it was a full scan, not a quick scan:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.19.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Mike Hoover :: MJH [administrator]

4/19/2012 6:00:27 PM
mbam-log-2012-04-19 (18-00-27).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216194
Time elapsed: 2 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

jeffce
2012-04-20, 04:49
When you get the ESET scan please post that to your next reply. :)

GreenWithEnvy
2012-04-20, 05:25
This took a looooooooooooooong time to run:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17109 (vista_gdr.120227-1644)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c4da946094499c4ea077f3cf2f7c76bd
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-04-20 02:20:17
# local_time=2012-04-19 10:20:17 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=256 16777215 100 0 154057987 154057987 0 0
# compatibility_mode=512 16777215 100 0 128277821 128277821 0 0
# compatibility_mode=768 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=160479
# found=9
# cleaned=0
# scan_time=9696
C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix.exe multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\Process.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\restart.exe Win32/Shutdown.NAA application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\SmitfraudFix.zip multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\WINDOWS\system32\Process.exe.vir Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\afd.sys.vir a variant of Win32/Sirefef.DA trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\fwdrv.sys.vir a variant of Win32/Rootkit.Kryptik.KW trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP5\A0006858.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
C:\TDSSKiller_Quarantine\19.04.2012_07.44.28\tdlfs0000\tsk0004.dta a variant of Win32/Olmarik.ADZ trojan (unable to clean) 00000000000000000000000000000000 I

GreenWithEnvy
2012-04-20, 05:42
Adobe and Java were downloaded per instructions.

jeffce
2012-04-20, 14:58
Hi,

Good job getting all that done.



Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:


ClearJavaCache::

File::
C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix.exe
C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\Process.exe
C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\restart.exe
C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\SmitfraudFix.zip


Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

http://img.photobucket.com/albums/v706/ried7/CFScriptB-4.gif

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------

In your next reply post the new ComboFix log and let me know how your system is running. :)

GreenWithEnvy
2012-04-20, 16:05
ComboFix 12-04-17.01 - Mike Hoover 04/20/2012 8:18.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.284 [GMT -4:00]
Running from: c:\temp\ComboFix.exe
Command switches used :: c:\documents and settings\Mike Hoover\Desktop\CFScript.txt
FW: Sunbelt Personal Firewall *Enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
FILE ::
"c:\documents and settings\Mike Hoover\Desktop\SmitfraudFix.exe"
"c:\documents and settings\Mike Hoover\Desktop\SmitfraudFix\Process.exe"
"c:\documents and settings\Mike Hoover\Desktop\SmitfraudFix\restart.exe"
"c:\documents and settings\Mike Hoover\Desktop\SmitfraudFix\SmitfraudFix.zip"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-03-20 to 2012-04-20 )))))))))))))))))))))))))))))))
.
.
2012-04-20 10:52 . 2012-04-20 10:52 -------- d-----w- c:\documents and settings\Mike Hoover\Local Settings\Application Data\Sun
2012-04-20 02:38 . 2012-04-20 02:37 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-04-19 11:50 . 2012-04-19 11:50 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-19 11:25 . 2012-04-19 11:25 -------- d-----w- c:\windows\nview
2012-04-17 09:12 . 2012-04-17 09:12 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Seagate
2012-04-17 01:48 . 2012-04-17 01:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MemeoCommon
2012-04-17 01:47 . 2012-04-17 09:13 -------- d-----w- c:\documents and settings\Mike Hoover\Application Data\Memeo
2012-04-17 01:47 . 2012-04-17 01:47 -------- d-----w- c:\documents and settings\Mike Hoover\Application Data\Seagate
2012-04-17 01:47 . 2012-04-17 01:47 -------- d-----w- c:\documents and settings\LocalService\Application Data\Seagate
2012-04-17 01:45 . 2012-04-17 01:45 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ServiceTest
2012-04-17 01:45 . 2012-04-17 01:47 -------- d-----w- c:\program files\Common Files\Memeo
2012-04-17 01:45 . 2012-04-17 01:46 -------- d-----w- c:\program files\Memeo
2012-04-17 01:45 . 2012-04-20 11:07 -------- d-----w- c:\documents and settings\Mike Hoover\Local Settings\Application Data\temp
2012-04-15 15:39 . 2012-04-15 15:39 -------- d-----w- c:\windows\system32\wbem\Repository
2012-04-15 12:15 . 2012-04-20 12:12 -------- d-----w- c:\windows\system32\CatRoot2
2012-04-15 12:03 . 2001-08-18 02:36 32256 ----a-w- c:\windows\system32\dllcache\diapi2NT.dll
2012-04-15 12:02 . 2008-04-13 18:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
2012-04-15 12:02 . 2001-08-17 18:55 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
2012-04-15 12:02 . 2001-08-17 16:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2012-04-15 12:02 . 2001-08-17 18:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
2012-04-15 12:02 . 2001-08-17 17:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
2012-04-14 18:48 . 2012-04-15 12:38 -------- d-----w- C:\ERDNT
2012-04-14 17:34 . 2012-04-14 17:34 -------- d-----w- c:\program files\Broadcom
2012-04-14 17:26 . 2002-08-29 10:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2012-04-14 13:55 . 2012-04-14 13:55 -------- d-----w- c:\program files\CONEXANT
2012-04-14 13:55 . 2002-10-07 16:29 11027 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2012-04-14 13:55 . 2002-10-07 16:17 69632 ----a-w- c:\windows\system32\mdmxsdk.dll
2012-04-14 13:55 . 2002-10-09 17:50 170499 ----a-w- c:\windows\system32\drivers\HSFHWBS2.sys
2012-04-14 13:55 . 2002-10-09 17:50 1175536 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2012-04-14 13:55 . 2002-10-09 17:44 604240 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2012-04-14 13:46 . 2002-09-26 22:04 27786 ----a-w- c:\windows\system32\HSFCI004.dll
2012-04-14 13:45 . 2001-08-22 12:42 13632 ----a-w- c:\windows\system32\drivers\omci.sys
2012-04-13 22:34 . 2006-03-02 00:30 618880 ----a-w- c:\windows\system32\drivers\IntelC52.sys
2012-04-13 22:34 . 2005-05-06 18:42 1339776 ----a-w- c:\windows\system32\drivers\IntelC51.sys
2012-04-13 22:34 . 2005-05-06 18:40 47360 ----a-w- c:\windows\system32\drivers\IntelC53.sys
2012-04-13 22:34 . 2005-05-06 18:40 36880 ----a-w- c:\windows\system32\drivers\mohfilt.sys
2012-04-13 22:34 . 2005-05-06 18:39 172032 ----a-w- c:\windows\system32\intelmoh.dll
2012-04-13 22:34 . 2005-05-06 18:39 49152 ----a-w- c:\windows\system32\mhwt.dll
2012-04-11 12:00 . 2012-04-11 12:00 1409 ----a-w- c:\windows\QTFont.for
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-10 21:16 . 2011-08-17 13:49 138496 ----a-w- c:\windows\system32\dllcache\afd.sys
2012-04-10 19:55 . 2007-04-26 14:21 302000 ----a-w- c:\windows\system32\drivers\fwdrv.sys
2012-04-08 23:44 . 2012-04-08 23:44 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-04-08 20:26 . 2012-04-08 20:26 -------- d-----w- c:\program files\ERUNT
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-20 02:37 . 2010-08-03 01:12 567696 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-20 02:37 . 2008-03-18 23:50 141312 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-04 19:56 . 2010-05-01 12:23 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 01:25 . 2004-08-24 00:32 832512 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 01:25 . 2010-06-24 23:50 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-03-01 01:25 . 2002-08-29 10:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-03-01 01:25 . 2002-08-29 10:00 17408 ----a-w- c:\windows\system32\corpol.dll
2012-02-29 14:10 . 2002-08-29 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2002-08-29 10:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-25 13:11 . 2011-05-23 10:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:22 . 2002-08-29 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2001-02-27 00:16 . 2010-05-23 01:29 53295 ----a-w- c:\program files\opera\program\plugins\PlugDef.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-07-28 49152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-07-28 4841472]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-14 28672]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-09-26 98304]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-11-26 296056]
"Memeo Instant Backup"="c:\program files\Memeo\AutoBackup\MemeoLauncher2.exe" [2010-04-23 136416]
"Memeo AutoSync"="c:\program files\Memeo\AutoSync\MemeoLauncher2.exe" [2010-04-16 144608]
"Memeo Send"="c:\program files\Memeo\Memeo Send\MemeoLauncher.exe" [2009-11-05 236816]
"Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
"nwiz"="nwiz.exe" [2003-07-28 323584]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\documents and settings\Mike Hoover\Start Menu\Programs\Startup\
Seagate Product Registration.lnk - c:\documents and settings\Mike Hoover\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe [2012-4-16 1731736]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2003-9-2 24576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\program files\Qualcomm\Eudora\EuShlExt.dll" [2002-09-30 86016]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" /hide
"MoneyStartUp10.0"="c:\program files\Microsoft Money\System\Activation.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Seagate\\Seagate Dashboard\\HipServAgent\\HipServAgent.exe"=
.
R1 fwdrv;Firewall Driver;c:\windows\SYSTEM32\DRIVERS\fwdrv.sys [4/10/2012 3:55 PM 302000]
R1 khips;Kerio HIPS Driver;c:\windows\SYSTEM32\DRIVERS\khips.sys [4/26/2007 10:21 AM 72624]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackup\MemeoBackgroundService.exe [4/22/2010 8:33 PM 25824]
R2 NgVpnMgr;Aventail VPN Client;c:\windows\SYSTEM32\ngvpnmgr.exe [5/18/2011 2:48 AM 290472]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [6/1/2011 12:42 PM 14088]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [4/26/2007 10:21 AM 1234480]
R3 NgLog;Aventail VPN Logging;c:\windows\SYSTEM32\DRIVERS\nglog.sys [5/18/2011 2:11 AM 27208]
R3 NgVpn;Aventail VPN Adapter;c:\windows\SYSTEM32\DRIVERS\ngvpn.sys [5/18/2011 2:11 AM 81480]
S3 MTK;Media Technology Kernel Driver;c:\windows\system32\Drivers\mtk.sys --> c:\windows\system32\Drivers\mtk.sys [?]
S3 NgFilter;Aventail VPN Filter;c:\windows\SYSTEM32\DRIVERS\ngfilter.sys [5/18/2011 2:11 AM 23112]
S3 NgWfp;Aventail VPN Callout;c:\windows\SYSTEM32\DRIVERS\ngwfp.sys [5/18/2011 2:11 AM 25160]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
efs
aegisp
nsm1bus
MRENDIS5
NWADI
w70n51
s117bus
ctaud2k
netdevio
rchost
houdiniserver
HFACSVC
ctdvda2k
atikmdag
pciSd
racsvc
defwatch
vpcnfltr
Subsonic
GT680x
sskbfd
aaksrv
zntport
vstor2-ws60
lanusb
procmon10
w810bus
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
2012-04-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3448474522-3304514054-2523392379-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 21:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Mike Hoover\Application Data\Mozilla\Firefox\Profiles\h1ofpo0d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Myibidder (Myibay) Bid Sniper for eBay: firefox1@myibay.com - %profile%\extensions\firefox1@myibay.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-20 08:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(8032)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\System32\SCardSvr.exe
c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\windows\System32\locator.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Seagate\Seagate Dashboard\MemeoDashboard.exe
c:\program files\Memeo\AutoBackup\InstantBackup.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wscntfy.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
.
**************************************************************************
.
Completion time: 2012-04-20 09:02:36 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-20 13:02
ComboFix2.txt 2012-04-18 11:59
ComboFix3.txt 2012-04-17 09:27
ComboFix4.txt 2012-04-13 06:10
ComboFix5.txt 2012-04-20 12:12
.
Pre-Run: 51,302,764,544 bytes free
Post-Run: 51,291,750,400 bytes free
.
- - End Of File - - 348039502D412B9AABF1920D6A1699C5

GreenWithEnvy
2012-04-20, 17:15
Hi Jeff. My system is running well. I mentioned some of these things before. These are things that don't seem right to me.

When I send email, I get a pop-up window that someone is trying to access my email addresses or contact list or something and I have to "allow" it. This is driving me crazy. This may have something to do with the hard drive I added which embedded a toolbar into outlook (can you believe that?). And when I delete the toor bar, it shows up again the next time I reboot. I can't know for sure if this Outlook behavior is because of the external hard drive software or not.

When I boot up, the system no longer sees my harddrive for some reason. I could probably fix that by removing all of the software for the product and starting over again. I'm sure I could fix it myself.

I could problaby fix it by running Microsoft Fixit Center, but I cannot pull the software from Microsoft using their downloaded setup exe. And when I looked up this problem, they said it's usually caused by malware removal software that prevents certain exes from running on your PC. I can live without this, just don't know how often I'll encounter this sort of thing.

Outside of those non-serious issues, everything's running well and I'm not noticing any issues.

jeffce
2012-04-20, 19:31
Hi,


This may have something to do with the hard drive I added which embedded a toolbar into outlook (can you believe that?)I would say that sounds accurate.
----------

If your external hard drive is used through a USB port than it was ComboFix that stopped that. As a default action, ComboFix will stop all autorun features as a security measure. It is even recommended by Microsoft to not use the autorun feature any longer so that malware will not download and run automatically when you insert a USB drive or CD. If you want to access them you just need to manually run them.
----------

Providing there are no other malware related problems...

IT APPEARS THAT YOUR LOGS ARE NOW CLEAN :D SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!! :D

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.
----------

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following text into the Run box as shown and click OK.
Combofix /Uninstall
(Note: There is a space between the ..X and the /U that needs to be there.)

http://i1224.photobucket.com/albums/ee380/jeffce74/CF.jpg
----------

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:

1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
2. Enable Protected Mode in Internet Explorer. This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:
Open Internet Explorer
Click on Tools > Internet Options
Press Security tab
Select Internet zone then place check next to Enable Protected Mode if not already done
Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

4. Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here (http://www.bleepingcomputer.com/forums/tutorial60.html). **There are firewalls listed in this tutorial that could be downloaded and used but I would personally only recommend using one of the following two below:
Online Armor Free (http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html)
Agnitum Outpost Firewall Free (http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html)

5. Make sure you keep your Windows OS current. Windows XP users can visit Windows update (http://v4.windowsupdate.microsoft.com/en/default.asp) regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

6. WOT (http://www.mywot.com/) (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

7.Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place? (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

GreenWithEnvy
2012-04-21, 17:21
Hello Jeff:

I am confirming that my PC is in good shape and you can close this thread.

Thank you thank you thank you so much for assisting me in getting rid of this malware. Please post information on how I can show my gratitude further and can contribute to keeping this great forum up and running. It's such a valuable resource.

Thank you once again. I REALLY appreciate all of the help and assistance!

Mike

jeffce
2012-04-21, 18:45
Hi Mike,

Glad that it is back to running well. :) I am glad that we could be of help!


Please post information on how I can show my gratitude further and can contribute to keeping this great forum up and running. It's such a valuable resource.You can go here (http://www.safer-networking.org/en/donate/index.html) to contribute if that is what you would like to do. It is very much appreciated. :)

GreenWithEnvy
2012-04-21, 19:33
Hello Jeff:

My Outlook email is back to normal. The storage device had its hooks in it and I uninstalled all of the features I did not want, and that solved that one issue.

Also, I just made a donation through Paypal. I wanted to mention your name in there, but unfortunately, I didn't see a place to add a note. Sorry about that, but I did contribute.

Thanks again,

Mike

jeffce
2012-04-22, 02:50
Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you are the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
----------