Viruses, Spyware and...

Viruses, Spyware and other Nasties RSS

explorer.exe

•

Join Date: Dec 2007

Posts: 25

Reputation: ownedswax is an unknown quantity at this point

Solved Threads: 0

ownedswax

Offline

Light Poster

explorer.exe

Dec 11th, 2007

My explorer.exe seems to be flickering on and off... help please
I have no past experience with the hijackthis program so if i am doing something wrong please tell me.
any other log files i should "fix" also tell me about. Once again i have never used this program untill today so please elaborate on what you are telling me
thank you in advance

here is my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:57:58 PM, on 12/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [{6A-AA-A8-87-ZN}] C:\WINDOWS\system32\kpdsrngl.exe MSM002
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\swinqldq.exe MSM002
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://playgames.comcast.net/Gameshe...onGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - file://C:\Documents and Settings\Kevin\Local Settings\Application Data\Oberon Media\Oberon Games Host\popcaploader_v6.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activ...v2.0.0.10.cab?
O21 - SSODL: mssms - {C6F57800-110D-4959-AEAE-6F541A9E9AAD} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DomainService - - C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
O23 - Service: svchost - Unknown owner - C:\RECYCLER\S-1-5-21-606747145-1085031214-725345543-500\svchost.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

•

Join Date: Dec 2007

Posts: 25

Reputation: ownedswax is an unknown quantity at this point

Solved Threads: 0

ownedswax

Offline

Light Poster

Re: explorer.exe

Dec 11th, 2007

please help, i have this page bookmarked and will be refreshing it every 5-10 minutes

•

Join Date: May 2005

Posts: 3,204

Reputation: gerbil will become famous soon enough

Solved Threads: 188

gerbil

Offline

Nearly a Senior Poster

Re: explorer.exe

Dec 11th, 2007

Hiya, let's see what this does for you...
Start hijackthis, select Scan Only, place checkmarks against all the entries listed below that still exist, and then press Fix Checked.

O4 - HKLM\..\Run: [{6A-AA-A8-87-ZN}] C:\WINDOWS\system32\kpdsrngl.exe MSM002
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\swinqldq.exe MSM002
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe
O21 - SSODL: mssms - {C6F57800-110D-4959-AEAE-6F541A9E9AAD} - (no file)
O23 - Service: svchost - Unknown owner - C:\RECYCLER\S-1-5-21-606747145-1085031214-725345543-500\svchost.exe

Delete these files:
C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\swinqldq.exe

Now to remove that dud O23 service...
==Go Start, run, type services.msc -and press Enter. Maximise the window and at foot select Extended tab, scroll to the specific service [svchost], rclick it, select properties. Write down the exact Service Name. Press Stop if it is highlighted [you may have to set the service to Disable first]. Close Services, now type this line into the run text box and press Enter:
sc delete "exact Service Name" - don't be silly now....

System Restore Points Clearance:
==You SHOULD clear all your system restore points because some have been infected..... So go control panel > system > system restore tab, check Turn off sys res on all drives, Apply and OK. Do it all again but uncheck that box, Apply and OK.
[[a quick way in is Start > run, paste: control sysdm.cpl,,4 -and OK]]
Now make a fresh, clean restore point: Start > programs > accessories > system tools > system restore and create a restore point now!!
[[the quick way to System Restore is Start > run, paste: %systemroot%\system32\restore\rstrui.exe -and OK]]

Say how you get on...

Deep, deep in the woods, but walking about.

•

Join Date: Dec 2007

Posts: 25

Reputation: ownedswax is an unknown quantity at this point

Solved Threads: 0

ownedswax

Offline

Light Poster

Re: explorer.exe

Dec 12th, 2007

I did all of those except for deleting:
C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\swinqldq.exe
Is there any way i can delete these within 5 seconds of my explorer refreshing?

This problem is still occuring.
here is my new log.....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00:59 PM, on 12/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [{6A-AA-A8-87-ZN}] C:\WINDOWS\system32\kpdsrngl.exe MSM002
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\swinqldq.exe MSM002
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activ...v2.0.0.10.cab?
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DomainService - - C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4209 bytes

•

Join Date: May 2005

Posts: 3,204

Reputation: gerbil will become famous soon enough

Solved Threads: 188

gerbil

Offline

Nearly a Senior Poster

Re: explorer.exe

Dec 12th, 2007

Sure, use this tool:
==Download killbox from here:- http://www.downloads.subratam.org/KillBox.zip -unzip it onto your desktop.
Remove/fix the hijackthis entries that exist as I listed before:
O4 - HKLM\..\Run: [{6A-AA-A8-87-ZN}] C:\WINDOWS\system32\kpdsrngl.exe MSM002
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\swinqldq.exe MSM002
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe
Dclick killbox to start it.
>Highlight the pathnames in the following lines as one block and copy them into clipboard [press Ctrl+C] [ or rclick, copy...]:-

C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\swinqldq.exe

>In killbox, go File menu, choose Paste from clipboard.
Select "Delete on reboot", click the "all files" button.
Click the red and white X button, click Yes on the reboot prompt, click OK if a pendingfilerenameoperation box opens. [do not be concerned if it says it cannot find a file...]
If your computer does not reboot please restart it manually.

And if you do have trouble still, try deleting them in safe mode....

Last edited by gerbil; Dec 12th, 2007 at 1:18 am.

Deep, deep in the woods, but walking about.

•

Join Date: May 2005

Posts: 3,204

Reputation: gerbil will become famous soon enough

Solved Threads: 188

gerbil

Offline

Nearly a Senior Poster

Re: explorer.exe

Dec 12th, 2007

Further, this AS service will remove Think-Adz for you...
==GET AVG antispyware 7.5 here.. http://free.grisoft.com/doc/5390/lng/us/tpl/v5
or here.. http://free.grisoft.com/freeweb.php/...i-spyware-free
-Install it and UPDATE it.
Start AVG a-s 7.5;
-under Scanner/ Settings please change the default action from Recommended Actions to QUARANTINE, and run the complete system scan.
-press Apply all Actions and then Save the log file; post the log file.

Deep, deep in the woods, but walking about.

•

Join Date: Dec 2007

Posts: 25

Reputation: ownedswax is an unknown quantity at this point

Solved Threads: 0

ownedswax

Offline

Light Poster

Re: explorer.exe

Dec 12th, 2007

ok, i have had no luck what so ever on deleting
C:\WINDOWS\system32\ctfmon.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 User Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 User Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe (User 'Sherry')

also, my explorer.exe flickering problem has not been solved either.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:11:20 PM, on 12/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\taskmgr.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1004\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl (User 'Sherry')
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 User Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 User Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe (User 'Sherry')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activ...v2.0.0.10.cab?
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - - C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4871 bytes

any way I tried to update anti virus and it said error connecting to server... this is the report of what i got out of the antivirus scan that i cleaned if it haws any importance at all to what we are doing.

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 4:10:26 PM 12/12/2007

+ Scan result:

C:\WINDOWS\vtrrom.dll -> Adware.Virtumonde : Cleaned.
C:\RECYCLER\S-1-5-21-606747145-1085031214-725345543-500\a.reg -> Backdoor.Cloner.bi : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@oasc02.247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@buycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@comcast.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@saxosouthbend.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@saxotoledo.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@brightcove.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@saxosouthbend.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@usatoday1.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Sherry\Cookies\sherry@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@arn.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@getmusicfree.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@grouplotto.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@paidmarketingpanel.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@pan.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@prizeamerica.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@arn.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.abcsearch[2].txt -> TrackingCookie.Abcsearch : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@3.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@stats.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@3.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adbrite[3].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[3].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[5].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[6].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adengage[1].txt -> TrackingCookie.Adengage : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ads.adengage[2].txt -> TrackingCookie.Adengage : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adtech[1].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[10].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[8].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[9].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@ads.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@clickbank[2].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@cz6.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@connextra[2].txt -> TrackingCookie.Connextra : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[4].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[5].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[6].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@goclick[1].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@ehg-foxsports.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ehg-bestbuy.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ehg-speakeasy.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ehg-youtube.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@info[2].txt -> TrackingCookie.Info : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@search.live[2].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@search.live[2].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@server.lon.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@auto.search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ie.search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@www.paypal[2].txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Sherry\Cookies\sherry@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ad.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@stats2.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adopt.specificclick[3].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adopt.specificclick[4].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Sherry\Cookies\sherry@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@statcounter[3].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[10].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[11].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[12].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[13].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[14].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[15].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[4].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[5].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[6].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[7].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[8].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[9].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@reduxads.valuead[1].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Sherry\Cookies\sherry@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.

::Report end

•

Join Date: Dec 2007

Posts: 25

Reputation: ownedswax is an unknown quantity at this point

Solved Threads: 0

ownedswax

Offline

Light Poster

Re: explorer.exe

Dec 16th, 2007

bump...

•

Join Date: Feb 2004

Posts: 10,002

Reputation: crunchie is a splendid one to behold

Solved Threads: 757

crunchie

Offline

Spyware Killer

Re: explorer.exe

Dec 16th, 2007

Try this whilst Gerbil is offline;

Save it to your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields)
Click on your START button and choose Run. Then copy/paste the entire content of the following quotebox (Including the "" marks and the Symbols) into the run box.

•

•

•

•

"%userprofile%\desktop\ComboFix.exe" /KillAll

http://i5.photobucket.com/albums/y15...ox_KillAll.jpg
Click OK and this will start ComboFix.
When finished, it will produce a log. Please save that log to a Notepad File and include it in your next reply along with a fresh HJT log.

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

* Re-enable all the programs that were disabled prior to the running of ComboFix.

* Post the following logs/Reports:

ComboFix.txt
Fresh HijackThis log run after all the other tools have performed their cleanup.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Last edited by crunchie; Dec 21st, 2007 at 7:06 am.

Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster

•

Join Date: Dec 2007

Posts: 25

Reputation: ownedswax is an unknown quantity at this point

Solved Threads: 0

ownedswax

Offline

Light Poster

Re: explorer.exe

#10

Dec 18th, 2007

Thank you for picking up on my problem, here is my combofix log folowed by my HJT log.
ComboFix 07-12-12.3 - Kevin 2007-12-17 11:35:12.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.230 [GMT -5:00]
Running from: C:\Documents and Settings\Kevin\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\aycdd.bak1
C:\WINDOWS\system32\knnmp.bak1
C:\WINDOWS\system32\knnmp.ini
C:\WINDOWS\system32\knnmp.ini2
C:\WINDOWS\system32\knnmp.tmp
C:\WINDOWS\system32\nqtss.bak2
C:\WINDOWS\system32\nqtss.ini
C:\WINDOWS\system32\pmnnk.dll
C:\WINDOWS\system32\sstqn.dll

.
((((((((((((((((((((((((( Files Created from 2007-11-17 to 2007-12-17 )))))))))))))))))))))))))))))))
.

2007-12-17 11:39 . 2007-12-17 11:39 308,800 --a------ C:\WINDOWS\system32\vtsqq.dll
2007-12-17 11:39 . 2007-12-17 11:40 319 ---hs---- C:\WINDOWS\system32\qqstv.ini
2007-12-15 16:46 . 2007-12-15 16:46 5 --a------ C:\WINDOWS\system32\b0d6b8a6
2007-12-15 11:19 . 2007-12-15 11:19 12,328 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-12-15 11:18 . 2007-12-15 11:18 <DIR> d-------- C:\Documents and Settings\Dad\Application Data\Grisoft
2007-12-14 16:04 . 2007-12-14 16:04 94,208 --a------ C:\WINDOWS\ScUnin.exe
2007-12-14 16:04 . 2007-12-14 16:04 13,044 --a------ C:\WINDOWS\scunin.dat
2007-12-14 16:04 . 2007-12-14 16:04 967 --a------ C:\WINDOWS\ScUnin.pif
2007-12-14 15:28 . 2007-12-16 21:15 <DIR> d-------- C:\Program Files\Starcraft
2007-12-14 06:56 . 2007-12-14 06:56 <DIR> d-------- C:\Documents and Settings\Sherry\Application Data\Grisoft
2007-12-12 23:09 . 2001-08-17 13:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2007-12-12 23:08 . 2001-08-17 13:28 687,999 --a--c--- C:\WINDOWS\system32\dllcache\usrwdxjs.sys
2007-12-12 23:07 . 2001-08-17 13:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2007-12-12 23:06 . 2001-08-17 22:36 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
2007-12-12 23:05 . 2001-08-17 14:56 440,576 --a--c--- C:\WINDOWS\system32\dllcache\tridkb.dll
2007-12-12 23:04 . 2001-08-17 14:56 172,768 --a--c--- C:\WINDOWS\system32\dllcache\t2r4disp.dll
2007-12-12 23:03 . 2001-08-17 12:18 285,760 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2007-12-12 23:02 . 2001-08-17 14:56 147,200 --a--c--- C:\WINDOWS\system32\dllcache\smidispb.dll
2007-12-12 23:01 . 2004-08-03 22:41 404,990 --a--c--- C:\WINDOWS\system32\dllcache\slntamr.sys
2007-12-12 23:00 . 2001-08-17 22:36 386,560 --a--c--- C:\WINDOWS\system32\dllcache\sgiul50.dll
2007-12-12 22:59 . 2001-08-17 22:36 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2007-12-12 22:58 . 2004-08-04 00:56 397,056 --a--c--- C:\WINDOWS\system32\dllcache\s3gnb.dll
2007-12-12 22:57 . 2001-08-17 13:28 899,146 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2007-12-12 22:56 . 2004-08-04 00:56 363,520 --a--c--- C:\WINDOWS\system32\dllcache\psisdecd.dll
2007-12-12 22:55 . 2004-08-04 00:56 259,328 --a--c--- C:\WINDOWS\system32\dllcache\perm3dd.dll
2007-12-12 22:54 . 2001-08-17 14:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
2007-12-12 22:53 . 2004-08-04 00:56 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2007-12-12 22:52 . 2004-08-03 22:31 132,695 --a--c--- C:\WINDOWS\system32\dllcache\netwlan5.sys
2007-12-12 22:51 . 2004-08-04 00:56 1,737,856 --a--c--- C:\WINDOWS\system32\dllcache\mtxparhd.dll
2007-12-12 22:50 . 2001-08-17 12:50 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
2007-12-12 22:49 . 2001-08-17 13:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys
2007-12-12 22:48 . 2001-08-17 22:36 242,176 --a--c--- C:\WINDOWS\system32\dllcache\kdsusd.dll
2007-12-12 22:47 . 2004-08-04 00:56 152,576 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2007-12-12 22:46 . 2001-08-17 22:36 372,824 --a--c--- C:\WINDOWS\system32\dllcache\iconf32.dll
2007-12-12 22:46 . 2001-08-17 14:06 154,496 --a--c--- C:\WINDOWS\system32\dllcache\icam4usb.sys
2007-12-12 22:46 . 2001-08-17 14:05 141,056 --a--c--- C:\WINDOWS\system32\dllcache\icam3.sys
2007-12-12 22:46 . 2001-08-17 14:06 100,992 --a--c--- C:\WINDOWS\system32\dllcache\icam5usb.sys
2007-12-12 22:46 . 2001-08-17 22:36 91,136 --a--c--- C:\WINDOWS\system32\dllcache\icam4com.dll
2007-12-12 22:46 . 2001-08-17 22:36 61,952 --a--c--- C:\WINDOWS\system32\dllcache\icam4ext.dll
2007-12-12 22:46 . 2001-08-17 22:36 45,056 --a--c--- C:\WINDOWS\system32\dllcache\icam5com.dll
2007-12-12 22:46 . 2001-08-17 22:36 26,624 --a--c--- C:\WINDOWS\system32\dllcache\icam3ext.dll
2007-12-12 22:46 . 2001-08-17 22:36 20,480 --a--c--- C:\WINDOWS\system32\dllcache\icam5ext.dll
2007-12-12 22:44 . 2001-08-17 13:28 542,879 --a--c--- C:\WINDOWS\system32\dllcache\hsf_msft.sys
2007-12-12 22:43 . 2001-08-17 13:28 907,456 --a--c--- C:\WINDOWS\system32\dllcache\hcf_msft.sys
2007-12-12 22:42 . 2001-08-17 14:56 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2007-12-12 22:41 . 2001-08-17 13:28 595,647 --a--c--- C:\WINDOWS\system32\dllcache\es56cvmp.sys
2007-12-12 22:40 . 2001-08-17 13:28 634,134 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
2007-12-12 22:39 . 2001-08-17 12:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2007-12-12 22:38 . 2001-08-17 22:36 419,357 --a--c--- C:\WINDOWS\system32\dllcache\dgconfig.dll
2007-12-12 22:37 . 2001-08-17 12:13 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys
2007-12-12 22:36 . 2001-08-17 13:28 714,698 --a--c--- C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2007-12-12 22:35 . 2001-08-17 13:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2007-12-12 22:34 . 2004-08-04 00:56 1,888,992 --a--c--- C:\WINDOWS\system32\dllcache\ati3duag.dll
2007-12-12 22:33 . 2001-08-17 13:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2007-12-12 22:32 . 2001-08-17 14:56 66,048 --a--c--- C:\WINDOWS\system32\dllcache\s3legacy.dll
2007-12-12 22:07 . 2007-12-12 22:07 <DIR> d-------- C:\Deckard
2007-12-12 15:21 . 2007-12-12 15:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-11 16:40 . 2007-12-11 17:08 9,888 --ahs---- C:\WINDOWS\system32\rrqss.tmp
2007-12-07 17:44 . 2007-12-11 22:54 118 --a------ C:\WINDOWS\wininit.ini
2007-12-03 20:21 . 2007-12-08 00:24 10 --a------ C:\WINDOWS\system32\(null)id
2007-11-30 23:30 . 2007-10-10 18:55 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-11-30 23:30 . 2007-04-17 04:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-11-30 23:30 . 2007-03-08 00:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-11-30 23:30 . 2007-10-10 18:55 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-11-30 23:30 . 2007-10-10 18:55 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-11-30 23:30 . 2007-10-10 18:55 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-11-30 23:30 . 2007-10-10 18:55 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-11-30 23:30 . 2007-10-10 18:55 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-11-30 23:30 . 2007-10-10 05:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-11-26 22:14 . 2007-11-26 22:14 <DIR> d-------- C:\Program Files\Custom-Strike
2007-11-26 22:14 . 1998-06-18 00:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2007-11-19 16:22 . 2007-11-26 18:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-11-19 16:22 . 2007-11-19 16:22 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-17 16:32 --------- d-----w C:\Documents and Settings\Kevin\Application Data\mIRC
2007-12-17 04:28 --------- d-----w C:\Program Files\Google
2007-12-17 04:20 --------- d-s---w C:\Program Files\HLSW
2007-12-16 22:36 --------- d-----w C:\Program Files\Java
2007-12-11 23:57 --------- d-----w C:\Program Files\Trend Micro
2007-12-02 16:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2007-11-27 03:14 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-16 01:56 --------- d-----w C:\Documents and Settings\Kevin\Application Data\Ventrilo
2007-11-15 01:26 --------- d-----w C:\Program Files\Ventrilo
2007-11-15 01:26 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-11-13 10:25 20,480 ----a-r C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-10 16:41 --------- d-----w C:\Program Files\mIRC
2007-11-10 16:40 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-11-04 17:03 84,907 ----a-w C:\WINDOWS\ljkjji.dll
2007-10-31 18:03 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
2007-10-30 12:04 84,939 ----a-w C:\WINDOWS\ssqoml.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 22:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 17:40 --------- d-----w C:\Program Files\RegistryFix
2007-10-25 17:40 --------- d-----w C:\Program Files\HHD Software
2007-10-25 16:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\HHD Software
2007-10-24 11:25 308,800 ----a-w C:\WINDOWS\system32\vtsqo.dll
2007-10-23 00:20 308,800 ----a-w C:\WINDOWS\system32\ddabc.dll
2007-10-22 10:40 --------- d-----w C:\Documents and Settings\Dad\Application Data\ICAClient
2007-10-21 18:39 --------- d-----w C:\Documents and Settings\Sherry\Application Data\Lavasoft
2007-10-21 17:56 339,968 ----a-w C:\WINDOWS\system32\byxvuts.dll
2007-10-21 14:45 84,961 ----a-w C:\WINDOWS\rqpmml.dll
2007-10-21 14:40 --------- d-----w C:\Program Files\Speeditup Free
2007-10-20 16:09 --------- d-----w C:\Program Files\Workspace Macro 4.6
2007-10-20 15:42 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-06-14 14:25 55,196 ----a-w C:\Program Files\unrar.exe
2007-07-01 01:41 515,701 -csh--w C:\WINDOWS\ghhhkj.ini2
.

((((((((((((((((((((((((((((( snapshot@2007-12-12_21.56.33.76 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:08:11 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:08:11 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:08:11 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:08:11 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:08:11 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:08:11 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:08:11 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:08:11 471,552 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:12:34 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-10-29 22:35:13 1,287,680 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-10 23:47:27 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:47:27 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:47:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:47:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:47:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:47:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:47:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:47:27 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:47:27 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:47:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:47:27 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:47:28 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:47:28 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:47:28 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:48:49 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:47:28 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:47:28 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:47:28 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:47:28 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:47:28 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:47:29 1,162,240 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:47:29 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:47:29 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2007-08-20 10:04:34 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 10:04:34 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 10:04:34 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:20:54 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 10:04:34 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 10:04:35 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 10:04:35 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 10:04:38 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 10:04:39 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 20:34:42 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 10:04:41 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 10:04:41 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 10:04:42 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 10:04:42 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 10:04:42 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 10:04:42 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 10:04:42 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 10:04:43 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
- 2007-08-20 10:04:34 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-10-10 23:55:51 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2004-08-04 04:10:08 53,248 -c--a-w C:\WINDOWS\system32\dllcache\1394bus.sys
+ 2001-08-17 19:06:48 11,264 -c--a-w C:\WINDOWS\system32\dllcache\1394vdbg.sys
+ 2001-08-17 19:55:58 689,216 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvs.dll
+ 2001-08-17 17:48:32 148,352 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvsm.sys
+ 2004-08-04 04:00:04 12,288 -c--a-w C:\WINDOWS\system32\dllcache\4mmdat.sys
+ 2004-08-04 04:10:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\61883.sys
+ 2001-08-17 19:55:58 38,400 -c--a-w C:\WINDOWS\system32\dllcache\8514a.dll
+ 2001-08-18 03:36:10 98,304 -c--a-w C:\WINDOWS\system32\dllcache\a3d.dll
+ 2001-08-18 03:36:10 462,848 -c--a-w C:\WINDOWS\system32\dllcache\a3dapi.dll
+ 2001-08-17 18:52:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\abp480n5.sys
+ 2004-08-04 03:32:22 231,552 -c--a-w C:\WINDOWS\system32\dllcache\ac97ali.sys
+ 2001-08-17 17:20:04 96,256 -c--a-w C:\WINDOWS\system32\dllcache\ac97intc.sys
+ 2001-08-17 17:20:16 297,728 -c--a-w C:\WINDOWS\system32\dllcache\ac97sis.sys
+ 2004-08-04 03:32:32 84,480 -c--a-w C:\WINDOWS\system32\dllcache\ac97via.sys
+ 2001-08-18 03:36:10 61,440 -c--a-w C:\WINDOWS\system32\dllcache\acerscad.dll
+ 2004-08-04 12:00:00 187,776 -c--a-w C:\WINDOWS\system32\dllcache\acpi.sys
+ 2001-08-17 18:53:02 7,424 -c--a-w C:\WINDOWS\system32\dllcache\adicvls.sys
+ 2001-08-17 17:11:18 20,160 -c--a-w C:\WINDOWS\system32\dllcache\adm8511.sys
+ 2001-08-17 17:19:10 584,448 -c--a-w C:\WINDOWS\system32\dllcache\adm8810.sys
+ 2001-08-17 17:19:14 553,984 -c--a-w C:\WINDOWS\system32\dllcache\adm8820.sys
+ 2001-08-17 17:19:14 747,392 -c--a-w C:\WINDOWS\system32\dllcache\adm8830.sys
+ 2004-08-04 03:32:24 10,880 -c--a-w C:\WINDOWS\system32\dllcache\admjoy.sys
+ 2001-08-17 17:11:16 46,112 -c--a-w C:\WINDOWS\system32\dllcache\adptsf50.sys
+ 2001-08-17 19:07:32 101,888 -c--a-w C:\WINDOWS\system32\dllcache\adpu160m.sys
+ 2004-08-04 05:56:42 4,255 -c--a-w C:\WINDOWS\system32\dllcache\adv01nt5.dll
+ 2004-08-04 05:56:42 3,967 -c--a-w C:\WINDOWS\system32\dllcache\adv02nt5.dll
+ 2004-08-04 05:56:42 3,615 -c--a-w C:\WINDOWS\system32\dllcache\adv05nt5.dll
+ 2004-08-04 05:56:42 3,647 -c--a-w C:\WINDOWS\system32\dllcache\adv07nt5.dll
+ 2004-08-04 05:56:42 3,135 -c--a-w C:\WINDOWS\system32\dllcache\adv08nt5.dll
+ 2004-08-04 05:56:42 3,711 -c--a-w C:\WINDOWS\system32\dllcache\adv09nt5.dll
+ 2004-08-04 05:56:42 3,775 -c--a-w C:\WINDOWS\system32\dllcache\adv11nt5.dll
- 2007-08-20 10:04:34 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-10-10 23:55:51 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2004-08-04 04:07:42 42,368 -c--a-w C:\WINDOWS\system32\dllcache\agp440.sys
+ 2004-08-04 04:07:44 44,928 -c--a-w C:\WINDOWS\system32\dllcache\agpcpq.sys
+ 2001-08-17 18:52:02 12,800 -c--a-w C:\WINDOWS\system32\dllcache\aha154x.sys
+ 2001-08-17 19:07:36 55,168 -c--a-w C:\WINDOWS\system32\dllcache\aic78u2.sys
+ 2001-08-17 19:07:38 56,960 -c--a-w C:\WINDOWS\system32\dllcache\aic78xx.sys
+ 2001-08-17 17:11:18 27,678 -c--a-w C:\WINDOWS\system32\dllcache\ali5261.sys
+ 2001-08-17 18:49:02 26,624 -c--a-w C:\WINDOWS\system32\dllcache\alifir.sys
+ 2001-08-17 18:51:56 5,248 -c--a-w C:\WINDOWS\system32\dllcache\aliide.sys
+ 2004-08-04 04:07:42 42,752 -c--a-w C:\WINDOWS\system32\dllcache\alim1541.sys
+ 2001-08-17 17:11:20 16,969 -c--a-w C:\WINDOWS\system32\dllcache\amb8002.sys
+ 2004-08-04 04:07:44 43,008 -c--a-w C:\WINDOWS\system32\dllcache\amdagp.sys
+ 2004-08-04 12:00:00 37,376 -c--a-w C:\WINDOWS\system32\dllcache\amdk7.sys
+ 2001-08-17 18:52:04 12,032 -c--a-w C:\WINDOWS\system32\dllcache\amsint.sys
+ 2004-08-04 03:31:20 36,224 -c--a-w C:\WINDOWS\system32\dllcache\an983.sys
+ 2001-08-17 18:47:22 6,272 -c--a-w C:\WINDOWS\system32\dllcache\apmbatt.sys
+ 2001-08-17 18:52:00 26,496 -c--a-w C:\WINDOWS\system32\dllcache\asc.sys
+ 2001-08-17 18:52:04 22,400 -c--a-w C:\WINDOWS\system32\dllcache\asc3350p.sys
+ 2001-08-17 18:51:58 14,848 -c--a-w C:\WINDOWS\system32\dllcache\asc3550.sys
+ 2001-08-17 17:12:34 97,354 -c--a-w C:\WINDOWS\system32\dllcache\aspndis3.sys
+ 2001-08-17 19:55:58 96,128 -c--a-w C:\WINDOWS\system32\dllcache\ati.dll
+ 2001-08-17 18:57:12 77,568 -c--a-w C:\WINDOWS\system32\dllcache\ati.sys
+ 2004-08-04 03:29:30 56,623 -c--a-w C:\WINDOWS\system32\dllcache\ati1btxx.sys
+ 2004-08-04 03:29:30 11,615 -c--a-w C:\WINDOWS\system32\dllcache\ati1mdxx.sys
+ 2004-08-04 03:29:30 12,047 -c--a-w C:\WINDOWS\system32\dllcache\ati1pdxx.sys
+ 2004-08-04 03:29:32 30,671 -c--a-w C:\WINDOWS\system32\dllcache\ati1raxx.sys
+ 2004-08-04 03:29:32 63,663 -c--a-w C:\WINDOWS\system32\dllcache\ati1rvxx.sys
+ 2004-08-04 03:29:32 26,367 -c--a-w C:\WINDOWS\system32\dllcache\ati1snxx.sys
+ 2004-08-04 03:29:32 21,343 -c--a-w C:\WINDOWS\system32\dllcache\ati1ttxx.sys
+ 2004-08-04 03:29:32 36,463 -c--a-w C:\WINDOWS\system32\dllcache\ati1tuxx.sys
+ 2004-08-04 03:29:32 29,455 -c--a-w C:\WINDOWS\system32\dllcache\ati1xbxx.sys
+ 2004-08-04 03:29:32 34,735 -c--a-w C:\WINDOWS\system32\dllcache\ati1xsxx.sys
+ 2004-08-04 05:56:42 229,376 -c--a-w C:\WINDOWS\system32\dllcache\ati2cqag.dll
+ 2004-08-04 05:56:42 377,984 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvaa.dll
+ 2004-08-04 05:56:42 201,728 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvag.dll
+ 2004-08-04 03:29:28 327,040 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtaa.sys
+ 2004-08-04 03:29:28 701,440 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
+ 2004-08-04 05:56:42 870,784 -c--a-w C:\WINDOWS\system32\dllcache\ati3d1ag.dll
+ 2001-08-17 17:49:04 46,464 -c--a-w C:\WINDOWS\system32\dllcache\atibt829.sys
+ 2001-08-17 19:55:58 382,592 -c--a-w C:\WINDOWS\system32\dllcache\atidrab.dll
+ 2001-08-17 19:56:00 137,216 -c--a-w C:\WINDOWS\system32\dllcache\atidrae.dll
+ 2001-08-17 19:56:00 268,160 -c--a-w C:\WINDOWS\system32\dllcache\atidvai.dll
+ 2001-08-18 03:36:38 37,376 -c--a-w C:\WINDOWS\system32\dllcache\atievxx.exe
+ 2001-08-17 17:48:56 289,664 -c--a-w C:\WINDOWS\system32\dllcache\atimpab.sys
+ 2001-08-17 17:49:00 75,136 -c--a-w C:\WINDOWS\system32\dllcache\atimpae.sys
+ 2001-08-17 17:48:40 281,600 -c--a-w C:\WINDOWS\system32\dllcache\atimtai.sys
+ 2004-08-04 03:29:28 57,856 -c--a-w C:\WINDOWS\system32\dllcache\atinbtxx.sys
+ 2004-08-04 03:29:30 13,824 -c--a-w C:\WINDOWS\system32\dllcache\atinmdxx.sys
+ 2004-08-04 03:29:30 14,336 -c--a-w C:\WINDOWS\system32\dllcache\atinpdxx.sys
+ 2004-08-04 03:29:30 52,224 -c--a-w C:\WINDOWS\system32\dllcache\atinraxx.sys
+ 2004-08-04 03:29:32 104,960 -c--a-w C:\WINDOWS\system32\dllcache\atinrvxx.sys
+ 2004-08-04 03:29:32 28,672 -c--a-w C:\WINDOWS\system32\dllcache\atinsnxx.sys
+ 2004-08-04 03:29:32 13,824 -c--a-w C:\WINDOWS\system32\dllcache\atinttxx.sys
+ 2004-08-04 03:29:32 73,216 -c--a-w C:\WINDOWS\system32\dllcache\atintuxx.sys
+ 2004-08-04 03:29:32 31,744 -c--a-w C:\WINDOWS\system32\dllcache\atinxbxx.sys
+ 2004-08-04 03:29:32 63,488 -c--a-w C:\WINDOWS\system32\dllcache\atinxsxx.sys
+ 2001-08-17 17:49:36 10,240 -c--a-w C:\WINDOWS\system32\dllcache\atipcxxx.sys
+ 2001-08-17 19:56:00 104,832 -c--a-w C:\WINDOWS\system32\dllcache\atiraged.dll
+ 2001-08-17 17:48:48 70,528 -c--a-w C:\WINDOWS\system32\dllcache\atiragem.sys
+ 2001-08-17 17:49:12 49,920 -c--a-w C:\WINDOWS\system32\dllcache\atirtcap.sys
+ 2001-08-17 17:49:18 26,880 -c--a-w C:\WINDOWS\system32\dllcache\atirtsnd.sys
+ 2001-08-17 17:49:22 17,152 -c--a-w C:\WINDOWS\system32\dllcache\atitunep.sys
+ 2001-08-17 17:49:28 17,152 -c--a-w C:\WINDOWS\system32\dllcache\atitvsnd.sys
+ 2001-08-17 17:49:38 9,472 -c--a-w C:\WINDOWS\system32\dllcache\ativmdcd.sys
+ 2004-08-04 05:56:42 32,768 -c--a-w C:\WINDOWS\system32\dllcache\ativtmxx.dll
+ 2001-08-17 17:49:44 19,456 -c--a-w C:\WINDOWS\system32\dllcache\ativttxx.sys
+ 2004-08-04 05:56:42 516,768 -c--a-w C:\WINDOWS\system32\dllcache\ativvaxx.dll
+ 2001-08-17 17:49:48 26,624 -c--a-w C:\WINDOWS\system32\dllcache\ativxbar.sys
+ 2001-08-17 17:49:34 23,552 -c--a-w C:\WINDOWS\system32\dllcache\atixbar.sys
+ 2004-08-04 05:56:42 21,183 -c--a-w C:\WINDOWS\system32\dllcache\atv01nt5.dll
+ 2004-08-04 05:56:42 11,359 -c--a-w C:\WINDOWS\system32\dllcache\atv02nt5.dll
+ 2004-08-04 05:56:42 25,471 -c--a-w C:\WINDOWS\system32\dllcache\atv04nt5.dll
+ 2004-08-04 05:56:42 14,143 -c--a-w C:\WINDOWS\system32\dllcache\atv06nt5.dll
+ 2004-08-04 05:56:42 17,279 -c--a-w C:\WINDOWS\system32\dllcache\atv10nt5.dll
+ 2001-08-17 13:59:44 3,072 -c--a-w C:\WINDOWS\system32\dllcache\audstub.sys
+ 2004-08-04 04:10:12 38,912 -c--a-w C:\WINDOWS\system32\dllcache\avc.sys
+ 2001-08-17 19:01:12 36,096 -c--a-w C:\WINDOWS\system32\dllcache\avcaudio.sys
+ 2004-08-04 04:10:00 13,696 -c--a-w C:\WINDOWS\system32\dllcache\avcstrm.sys
+ 2001-08-18 03:36:10 87,552 -c--a-w C:\WINDOWS\system32\dllcache\avmcoxp.dll
+ 2001-08-18 03:36:10 144,384 -c--a-w C:\WINDOWS\system32\dllcache\avmenum.dll
+ 2001-08-17 17:13:48 37,568 -c--a-w C:\WINDOWS\system32\dllcache\avmwan.sys
+ 2001-08-17 17:19:16 36,992 -c--a-w C:\WINDOWS\system32\dllcache\aztw2320.sys
+ 2001-08-17 17:13:56 89,952 -c--a-w C:\WINDOWS\system32\dllcache\b1cbase.sys
+ 2001-08-17 17:11:30 96,640 -c--a-w C:\WINDOWS\system32\dllcache\b57xp32.sys
+ 2001-08-17 19:56:00 342,336 -c--a-w C:\WINDOWS\system32\dllcache\banshee.dll
+ 2001-08-17 17:48:28 36,128 -c--a-w C:\WINDOWS\system32\dllcache\banshee.sys
+ 2001-08-17 18:57:54 14,080 -c--a-w C:\WINDOWS\system32\dllcache\battc.sys
+ 2001-08-17 17:11:28 66,557 -c--a-w C:\WINDOWS\system32\dllcache\bcm42u.sys
+ 2001-08-17 17:11:26 54,271 -c--a-w C:\WINDOWS\system32\dllcache\bcm42xx5.sys
+ 2001-08-17 17:11:30 26,568 -c--a-w C:\WINDOWS\system32\dllcache\bcm4e5.sys
+ 2004-08-04 04:10:14 11,776 -c--a-w C:\WINDOWS\system32\dllcache\bdasup.sys
+ 2001-08-18 03:36:10 102,400 -c--a-w C:\WINDOWS\system32\dllcache\binlsvc.dll
+ 2001-08-18 03:36:10 19,456 -c--a-w C:\WINDOWS\system32\dllcache\brbidiif.dll
+ 2001-08-18 03:36:10 9,728 -c--a-w C:\WINDOWS\system32\dllcache\brcoinst.dll
+ 2001-08-18 03:36:10 12,800 -c--a-w C:\WINDOWS\system32\dllcache\brevif.dll
+ 2001-08-17 18:12:22 12,160 -c--a-w C:\WINDOWS\system32\dllcache\brfiltlo.sys
+ 2001-08-17 18:12:24 3,968 -c--a-w C:\WINDOWS\system32\dllcache\brfiltup.sys
+ 2001-08-18 03:36:10 15,360 -c--a-w C:\WINDOWS\system32\dllcache\brmfbidi.dll
+ 2001-08-18 03:36:10 81,408 -c--a-w C:\WINDOWS\system32\dllcache\brmfcwia.dll
+ 2001-08-18 03:36:10 29,696 -c--a-w C:\WINDOWS\system32\dllcache\brmflpt.dll
+ 2001-08-18 03:36:38 32,256 -c--a-w C:\WINDOWS\system32\dllcache\brmfrsmg.exe
+ 2001-08-18 03:36:10 41,472 -c--a-w C:\WINDOWS\system32\dllcache\brmfusb.dll
+ 2001-08-17 18:12:24 3,168 -c--a-w C:\WINDOWS\system32\dllcache\brparimg.sys
+ 2001-08-17 18:12:18 39,552 -c--a-w C:\WINDOWS\system32\dllcache\brparwdm.sys
+ 2001-08-18 03:36:10 5,120 -c--a-w C:\WINDOWS\system32\dllcache\brscnrsm.dll
+ 2001-08-18 03:36:10 9,728 -c--a-w C:\WINDOWS\system32\dllcache\brserif.dll
+ 2001-08-17 18:12:20 60,416 -c--a-w C:\WINDOWS\system32\dllcache\brserwdm.sys
+ 2001-08-17 18:12:20 11,008 -c--a-w C:\WINDOWS\system32\dllcache\brusbmdm.sys
+ 2001-08-17 18:12:22 10,368 -c--a-w C:\WINDOWS\system32\dllcache\brusbscn.sys
+ 2001-08-17 17:11:24 31,529 -c--a-w C:\WINDOWS\system32\dllcache\brzwlan.sys
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\bthci.dll
+ 2004-08-04 04:10:40 17,024 -c--a-w C:\WINDOWS\system32\dllcache\bthenum.sys
+ 2004-08-04 04:10:40 38,016 -c--a-w C:\WINDOWS\system32\dllcache\bthmodem.sys
+ 2004-08-04 03:58:40 100,992 -c--a-w C:\WINDOWS\system32\dllcache\bthpan.sys
+ 2004-08-04 04:10:38 274,304 -c--a-w C:\WINDOWS\system32\dllcache\bthport.sys
+ 2004-08-04 04:10:38 35,456 -c--a-w C:\WINDOWS\system32\dllcache\bthprint.sys
+ 2004-08-04 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\bthserv.dll
+ 2004-08-04 04:10:36 18,944 -c--a-w C:\WINDOWS\system32\dllcache\bthusb.sys
+ 2001-08-17 18:51:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\bulltlp3.sys
+ 2001-08-17 19:05:48 314,752 -c--a-w C:\WINDOWS\system32\dllcache\camdro21.sys
+ 2001-08-17 19:04:46 223,232 -c--a-w C:\WINDOWS\system32\dllcache\camdrv21.sys
+ 2001-08-17 19:04:48 171,264 -c--a-w C:\WINDOWS\system32\dllcache\camdrv30.sys
+ 2001-08-18 03:36:10 74,240 -c--a-w C:\WINDOWS\system32\dllcache\camexo20.dll
+ 2001-08-18 03:36:10 236,032 -c--a-w C:\WINDOWS\system32\dllcache\camext20.dll
+ 2001-08-18 03:36:10 119,296 -c--a-w C:\WINDOWS\system32\dllcache\camext30.dll
+ 2001-08-17 17:12:16 37,916 -c--a-w C:\WINDOWS\system32\dllcache\cb102.sys
+ 2001-08-17 17:12:42 39,680 -c--a-w C:\WINDOWS\system32\dllcache\cb325.sys
+ 2001-08-17 17:13:14 46,108 -c--a-w C:\WINDOWS\system32\dllcache\cben5.sys
+ 2004-08-04 04:10:18 17,024 -c--a-w C:\WINDOWS\system32\dllcache\ccdecode.sys
+ 2001-08-17 18:52:06 7,680 -c--a-w C:\WINDOWS\system32\dllcache\cd20xrnt.sys
+ 2004-08-04 12:00:00 18,688 -c--a-w C:\WINDOWS\system32\dllcache\cdaudio.sys
+ 2004-08-04 12:00:00 49,536 -c--a-w C:\WINDOWS\system32\dllcache\cdrom.sys
+ 2001-08-17 17:13:12 21,530 -c--a-w C:\WINDOWS\system32\dllcache\ce2n5.sys
+ 2001-08-17 17:13:20 27,164 -c--a-w C:\WINDOWS\system32\dllcache\ce3n5.sys
+ 2001-08-17 17:13:18 22,044 -c--a-w C:\WINDOWS\system32\dllcache\cem28n5.sys
+ 2001-08-17 17:13:18 22,044 -c--a-w C:\WINDOWS\system32\dllcache\cem33n5.sys
+ 2001-08-17 17:13:20 49,182 -c--a-w C:\WINDOWS\system32\dllcache\cem56n5.sys
+ 2004-08-04 05:56:42 15,423 -c--a-w C:\WINDOWS\system32\dllcache\ch7xxnt5.dll
+ 2004-08-04 04:00:14 8,192 -c--a-w C:\WINDOWS\system32\dllcache\changer.sys
+ 2001-08-17 19:02:48 272,640 -c--a-w C:\WINDOWS\system32\dllcache\cinemclc.sys
+ 2001-08-17 19:56:00 91,264 -c--a-w C:\WINDOWS\system32\dllcache\cirrus.dll
+ 2001-08-17 18:57:16 45,696 -c--a-w C:\WINDOWS\system32\dllcache\cirrus.sys
+ 2001-08-17 19:56:00 111,232 -c--a-w C:\WINDOWS\system32\dllcache\cl5465.dll
+ 2001-08-17 19:56:00 170,880 -c--a-w C:\WINDOWS\system32\dllcache\cl546x.dll
+ 2001-08-17 18:57:36 248,064 -c--a-w C:\WINDOWS\system32\dllcache\cl546xm.sys
+ 2004-08-04 04:07:40 14,080 -c--a-w C:\WINDOWS\system32\dllcache\cmbatt.sys
+ 2001-08-17 18:51:04 20,736 -c--a-w C:\WINDOWS\system32\dllcache\cmbp0wdm.sys
+ 2001-08-17 18:51:54 6,656 -c--a-w C:\WINDOWS\system32\dllcache\cmdide.sys
+ 2004-08-04 12:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\cnbjmon.dll
+ 2001-08-18 03:36:10 44,032 -c--a-w C:\WINDOWS\system32\dllcache\cnusd.dll
+ 2001-08-17 17:11:42 39,936 -c--a-w C:\WINDOWS\system32\dllcache\cnxt1803.sys
+ 2001-08-17 18:58:00 9,344 -c--a-w C:\WINDOWS\system32\dllcache\compbatt.sys
+ 2001-08-17 18:52:06 14,976 -c--a-w C:\WINDOWS\system32\dllcache\cpqarray.sys
+ 2004-08-04 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\cpqdap01.sys
+ 2001-08-17 17:13:14 21,533 -c--a-w C:\WINDOWS\system32\dllcache\cpqndis5.sys
+ 2001-08-17 17:11:32 60,970 -c--a-w C:\WINDOWS\system32\dllcache\cpqtrnd5.sys
+ 2001-08-18 03:36:10 216,064 -c--a-w C:\WINDOWS\system32\dllcache\cpscan.dll
+ 2001-08-17 17:19:18 42,112 -c--a-w C:\WINDOWS\system32\dllcache\crtaud.sys
+ 2001-08-18 03:36:12 175,104 -c--a-w C:\WINDOWS\system32\dllcache\csamsp.dll
+ 2001-08-17 17:19:28 6,912 -c--a-w C:\WINDOWS\system32\dllcache\ctlfacem.sys
+ 2001-08-17 17:19:20 3,712 -c--a-w C:\WINDOWS\system32\dllcache\ctljystk.sys
+ 2001-08-17 17:19:20 96,256 -c--a-w C:\WINDOWS\system32\dllcache\ctlsb16.sys
+ 2004-08-04 05:56:42 249,856 -c--a-w C:\WINDOWS\system32\dllcache\ctmasetp.dll
+ 2001-08-18 03:36:12 4,096 -c--a-w C:\WINDOWS\system32\dllcache\ctwdm32.dll
- 2007-08-13 23:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2004-08-04 12:00:00 28,672 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2001-08-17 17:19:24 3,072 -c--a-w C:\WINDOWS\system32\dllcache\cwbase.sys
+ 2001-08-17 17:19:26 3,072 -c--a-w C:\WINDOWS\system32\dllcache\cwbmidi.sys
+ 2001-08-17 17:19:28 72,832 -c--a-w C:\WINDOWS\system32\dllcache\cwbwdm.sys
+ 2001-08-17 17:19:30 3,584 -c--a-w C:\WINDOWS\system32\dllcache\cwcosnt5.sys
+ 2001-08-17 17:19:36 111,872 -c--a-w C:\WINDOWS\system32\dllcache\cwcspud.sys
+ 2001-08-17 17:19:48 93,952 -c--a-w C:\WINDOWS\system32\dllcache\cwcwdm.sys
+ 2004-08-04 03:32:26 48,640 -c--a-w C:\WINDOWS\system32\dllcache\cwrwdm.sys
+ 2001-08-17 18:50:36 17,152 -c--a-w C:\WINDOWS\system32\dllcache\cyclad-z.sys
+ 2001-08-17 18:50:30 14,848 -c--a-w C:\WINDOWS\system32\dllcache\cyclom-y.sys
+ 2001-08-18 03:36:12 28,672 -c--a-w C:\WINDOWS\system32\dllcache\cyycoins.dll
+ 2001-08-17 18:50:38 50,176 -c--a-w C:\WINDOWS\system32\dllcache\cyyport.sys
+ 2001-08-18 03:36:12 27,648 -c--a-w C:\WINDOWS\system32\dllcache\cyyports.dll
+ 2001-08-18 03:36:12 27,136 -c--a-w C:\WINDOWS\system32\dllcache\cyzcoins.dll
+ 2001-08-17 18:50:40 49,792 -c--a-w C:\WINDOWS\system32\dllcache\cyzport.sys
+ 2001-08-18 03:36:12 27,648 -c--a-w C:\WINDOWS\system32\dllcache\cyzports.dll
+ 2001-08-17 17:12:02 117,760 -c--a-w C:\WINDOWS\system32\dllcache\d100ib5.sys
+ 2001-08-17 18:52:16 179,584 -c--a-w C:\WINDOWS\system32\dllcache\dac2w2k.sys
+ 2001-08-17 18:52:16 14,720 -c--a-w C:\WINDOWS\system32\dllcache\dac960nt.sys
+ 2001-08-18 03:36:12 25,600 -c--a-w C:\WINDOWS\system32\dllcache\dc210_32.dll
+ 2001-08-18 03:36:12 80,896 -c--a-w C:\WINDOWS\system32\dllcache\dc210usd.dll
+ 2001-08-17 17:12:02 63,208 -c--a-w C:\WINDOWS\system32\dllcache\dc21x4.sys
+ 2001-08-18 03:36:12 86,016 -c--a-w C:\WINDOWS\system32\dllcache\dc240usd.dll
+ 2001-08-18 03:36:12 110,592 -c--a-w C:\WINDOWS\system32\dllcache\dc260usd.dll
+ 2001-08-17 18:52:58 7,424 -c--a-w C:\WINDOWS\system32\dllcache\ddsmc.sys
+ 2001-08-17 17:11:44 20,928 -c--a-w C:\WINDOWS\system32\dllcache\defpa.sys
+ 2001-08-18 03:36:14 256,512 -c--a-w C:\WINDOWS\system32\dllcache\devcon32.dll
+ 2001-08-18 03:36:42 24,064 -c--a-w C:\WINDOWS\system32\dllcache\devldr32.exe
+ 2001-08-17 17:11:48 24,648 -c--a-w C:\WINDOWS\system32\dllcache\dfe650.sys
+ 2001-08-17 17:11:48 24,649 -c--a-w C:\WINDOWS\system32\dllcache\dfe650d.sys
+ 2001-08-17 17:17:20 29,531 -c--a-w C:\WINDOWS\system32\dllcache\dgapci.sys
+ 2001-08-17 17:13:48 164,923 -c--a-w C:\WINDOWS\system32\dllcache\diapi2.sys
+ 2001-08-18 03:36:14 32,256 -c--a-w C:\WINDOWS\system32\dllcache\diapi2NT.dll
+ 2001-08-18 03:36:14 65,622 -c--a-w C:\WINDOWS\system32\dllcache\digiasyn.dll
+ 2001-08-17 17:13:36 37,735 -c--a-w C:\WINDOWS\system32\dllcache\digiasyn.sys
+ 2001-08-18 03:36:14 131,156 -c--a-w C:\WINDOWS\system32\dllcache\digidbp.dll
+ 2001-08-17 17:13:52 103,044 -c--a-w C:\WINDOWS\system32\dllcache\digidxb.sys
+ 2001-08-17 17:17:40 90,525 -c--a-w C:\WINDOWS\system32\dllcache\digifep5.sys
+ 2001-08-18 03:36:14 229,462 -c--a-w C:\WINDOWS\system32\dllcache\digifwrk.dll
+ 2001-08-18 03:36:14 159,828 -c--a-w C:\WINDOWS\system32\dllcache\digihlc.dll
+ 2001-08-18 03:36:14 102,484 -c--a-w C:\WINDOWS\system32\dllcache\digiinf.dll
+ 2001-08-18 03:36:14 41,046 -c--a-w C:\WINDOWS\system32\dllcache\digiisdn.dll
+ 2001-08-17 17:14:44 21,606 -c--a-w C:\WINDOWS\system32\dllcache\digiisdn.sys
+ 2001-08-18 03:36:14 110,621 -c--a-w C:\WINDOWS\system32\dllcache\digirlpt.dll
+ 2001-08-17 17:17:44 42,432 -c--a-w C:\WINDOWS\system32\dllcache\digirlpt.sys
+ 2001-08-18 03:36:42 614,429 -c--a-w C:\WINDOWS\system32\dllcache\digiview.exe
+ 2001-08-17 17:13:52 91,305 -c--a-w C:\WINDOWS\system32\dllcache\dimaint.sys
+ 2004-08-04 12:00:00 36,352 -c--a-w C:\WINDOWS\system32\dllcache\disk.sys
+ 2001-08-18 03:36:14 6,729 -c--a-w C:\WINDOWS\system32\dllcache\disrvci.dll
+ 2001-08-18 03:36:14 31,305 -c--a-w C:\WINDOWS\system32\dllcache\disrvpp.dll
+ 2001-08-18 03:36:14 38,985 -c--a-w C:\WINDOWS\system32\dllcache\disrvsu.dll
+ 2001-08-18 03:36:42 236,060 -c--a-w C:\WINDOWS\system32\dllcache\ditrace.exe
+ 2001-08-18 03:36:14 6,216 -c--a-w C:\WINDOWS\system32\dllcache\divaci.dll
+ 2001-08-18 03:36:14 37,962 -c--a-w C:\WINDOWS\system32\dllcache\divaprop.dll
+ 2001-08-18 03:36:14 29,768 -c--a-w C:\WINDOWS\system32\dllcache\divasu.dll
+ 2001-08-17 17:11:44 26,698 -c--a-w C:\WINDOWS\system32\dllcache\dlh5xnd5.sys
+ 2004-08-04 04:00:06 8,320 -c--a-w C:\WINDOWS\system32\dllcache\dlttape.sys
+ 2001-08-17 17:11:42 29,696 -c--a-w C:\WINDOWS\system32\dllcache\dm9pci5.sys
+ 2004-08-04 12:00:00 52,224 -c--a-w C:\WINDOWS\system32\dllcache\dmutil.dll
+ 2004-08-04 03:58:30 207,360 -c--a-w C:\WINDOWS\system32\dllcache\dot4.sys
+ 2001-08-17 18:47:32 12,928 -c--a-w C:\WINDOWS\system32\dllcache\dot4prt.sys
+ 2001-08-17 18:47:32 8,704 -c--a-w C:\WINDOWS\system32\dllcache\dot4scan.sys
+ 2001-08-17 18:47:32 23,808 -c--a-w C:\WINDOWS\system32\dllcache\dot4usb.sys
+ 2001-08-17 17:12:32 28,062 -c--a-w C:\WINDOWS\system32\dllcache\dp83820.sys
+ 2001-08-17 19:07:44 20,192 -c--a-w C:\WINDOWS\system32\dllcache\dpti2o.sys
+ 2001-08-17 17:20:18 334,208 -c--a-w C:\WINDOWS\system32\dllcache\ds1wdm.sys
+ 2004-08-04 12:00:00 55,296 -c--a-w C:\WINDOWS\system32\dllcache\dvdplay.exe
+ 2004-08-04 12:00:00 71,040 -c--a-w C:\WINDOWS\system32\dllcache\dxg.sys
- 2007-08-20 10:04:34 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-10 23:55:51 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2001-08-17 17:12:08 50,719 -c--a-w C:\WINDOWS\system32\dllcache\e1000nt5.sys
+ 2001-08-17 17:12:12 19,594 -c--a-w C:\WINDOWS\system32\dllcache\e100isa4.sys
+ 2001-08-17 17:10:50 44,103 -c--a-w C:\WINDOWS\system32\dllcache\el515.sys
+ 2001-08-17 17:10:56 55,999 -c--a-w C:\WINDOWS\system32\dllcache\el556nd5.sys
+ 2001-08-17 17:10:56 24,653 -c--a-w C:\WINDOWS\system32\dllcache\el574nd4.sys
+ 2001-08-17 17:10:58 69,692 -c--a-w C:\WINDOWS\system32\dllcache\el575nd5.sys
+ 2001-08-17 17:10:52 26,141 -c--a-w C:\WINDOWS\system32\dllcache\el589nd5.sys
+ 2001-08-17 17:11:00 69,194 -c--a-w C:\WINDOWS\system32\dllcache\el656cd5.sys
+ 2001-08-17 17:11:00 77,386 -c--a-w C:\WINDOWS\system32\dllcache\el656nd5.sys
+ 2001-08-17 18:28:00 241,206 -c--a-w C:\WINDOWS\system32\dllcache\el656se5.sys
+ 2001-08-17 17:11:06 66,591 -c--a-w C:\WINDOWS\system32\dllcache\el90xbc5.sys
+ 2001-08-17 17:11:02 153,631 -c--a-w C:\WINDOWS\system32\dllcache\el90xnd5.sys
+ 2001-08-17 17:11:12 455,199 -c--a-w C:\WINDOWS\system32\dllcache\el985n51.sys
+ 2001-08-17 17:11:04 70,174 -c--a-w C:\WINDOWS\system32\dllcache\el98xn5.sys
+ 2001-08-17 17:11:08 171,520 -c--a-w C:\WINDOWS\system32\dllcache\el99xn51.sys
+ 2001-08-17 18:53:02 7,296 -c--a-w C:\WINDOWS\system32\dllcache\elmsmc.sys
+ 2001-08-17 17:10:52 25,159 -c--a-w C:\WINDOWS\system32\dllcache\elnk3.sys
+ 2001-08-17 17:10:54 19,996 -c--a-w C:\WINDOWS\system32\dllcache\em556n4.sys
+ 2001-08-17 17:19:26 283,904 -c--a-w C:\WINDOWS\system32\dllcache\emu10k1m.sys
+ 2001-08-17 18:46:40 6,400 -c--a-w C:\WINDOWS\system32\dllcache\enum1394.sys
+ 2001-08-17 18:50:20 144,896 -c--a-w C:\WINDOWS\system32\dllcache\epcfw2k.sys
+ 2001-08-17 17:12:08 18,503 -c--a-w C:\WINDOWS\system32\dllcache\epro4.sys
+ 2001-08-17 18:50:20 114,944 -c--a-w C:\WINDOWS\system32\dllcache\epstw2k.sys
+ 2001-08-17 17:17:40 629,952 -c--a-w C:\WINDOWS\system32\dllcache\eqn.sys
+ 2001-08-18 03:36:44 53,248 -c--a-w C:\WINDOWS\system32\dllcache\eqndiag.exe
+ 2001-08-18 03:36:44 51,200 -c--a-w C:\WINDOWS\system32\dllcache\eqnlogr.exe
+ 2001-08-18 03:36:44 61,952 -c--a-w C:\WINDOWS\system32\dllcache\eqnloop.exe
+ 2001-08-17 17:19:38 37,120 -c--a-w C:\WINDOWS\system32\dllcache\es1370mp.sys
+ 2001-08-17 17:19:34 40,704 -c--a-w C:\WINDOWS\system32\dllcache\es1371mp.sys
+ 2001-08-17 17:19:58 72,192 -c--a-w C:\WINDOWS\system32\dllcache\es1969.sys
+ 2001-08-17 17:19:48 174,464 -c--a-w C:\WINDOWS\system32\dllcache\es198x.sys
+ 2001-08-17 18:28:04 594,238 -c--a-w C:\WINDOWS\system32\dllcache\es56hpi.sys
+ 2001-08-17 18:28:04 347,550 -c--a-w C:\WINDOWS\system32\dllcache\es56tpi.sys
+ 2001-08-17 17:19:56 63,360 -c--a-w C:\WINDOWS\system32\dllcache\ess.sys
+ 2004-08-04 03:32:28 137,088 -c--a-w C:\WINDOWS\system32\dllcache\essm2e.sys
+ 2001-08-18 03:36:16 43,008 -c--a-w C:\WINDOWS\system32\dllcache\esucm.dll
+ 2001-08-18 03:36:16 34,816 -c--a-w C:\WINDOWS\system32\dllcache\esuimg.dll
+ 2001-08-18 03:36:16 45,568 -c--a-w C:\WINDOWS\system32\dllcache\esuni.dll
+ 2001-08-18 03:36:16 45,568 -c--a-w C:\WINDOWS\system32\dllcache\esunib.dll
+ 2001-08-17 17:12:08 16,998 -c--a-w C:\WINDOWS\system32\dllcache\ex10.sys
+ 2001-08-17 18:52:48 7,040 -c--a-w C:\WINDOWS\system32\dllcache\exabyte2.sys
- 2007-08-20 10:04:34 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-10 23:55:51 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2001-08-17 17:11:54 12,362 -c--a-w C:\WINDOWS\system32\dllcache\f3ab18xi.sys
+ 2001-08-17 17:11:56 11,850 -c--a-w C:\WINDOWS\system32\dllcache\f3ab18xj.sys
+ 2001-08-17 17:12:32 16,074 -c--a-w C:\WINDOWS\system32\dllcache\fa312nd5.sys
+ 2001-08-17 17:12:32 24,618 -c--a-w C:\WINDOWS\system32\dllcache\fa410nd5.sys
+ 2004-08-04 12:00:00 27,392 -c--a-w C:\WINDOWS\system32\dllcache\fdc.sys
+ 2001-08-17 17:10:54 22,090 -c--a-w C:\WINDOWS\system32\dllcache\fem556n5.sys
+ 2001-08-17 17:13:08 27,165 -c--a-w C:\WINDOWS\system32\dllcache\fetnd5.sys
+ 2004-08-04 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\flpydisk.sys
+ 2001-08-18 03:36:16 71,680 -c--a-w C:\WINDOWS\system32\dllcache\fnfilter.dll
+ 2004-08-04 03:31:24 34,173 -c--a-w C:\WINDOWS\system32\dllcache\forehe.sys
+ 2001-08-17 17:14:24 444,416 -c--a-w C:\WINDOWS\system32\dllcache\fpcibase.sys
+ 2001-08-17 17:14:44 441,728 -c--a-w C:\WINDOWS\system32\dllcache\fpcmbase.sys
+ 2001-08-17 17:15:02 442,240 -c--a-w C:\WINDOWS\system32\dllcache\fpnpbase.sys
+ 2004-08-04 12:00:00 193,024 -c--a-w C:\WINDOWS\system32\dllcache\fsquirt.exe
+ 2004-08-04 12:00:00 12,160 -c--a-w C:\WINDOWS\system32\dllcache\fsvga.sys
+ 2004-08-04 12:00:00 125,056 -c--a-w C:\WINDOWS\system32\dllcache\ftdisk.sys
+ 2001-08-17 17:15:22 455,680 -c--a-w C:\WINDOWS\system32\dllcache\fus2base.sys
+ 2001-08-17 17:15:38 455,296 -c--a-w C:\WINDOWS\system32\dllcache\fusbbase.sys
+ 2001-08-18 03:36:16 92,160 -c--a-w C:\WINDOWS\system32\dllcache\fuusd.dll
+ 2001-08-17 17:15:56 454,912 -c--a-w C:\WINDOWS\system32\dllcache\fxusbase.sys
+ 2001-08-17 19:56:00 470,144 -c--a-w C:\WINDOWS\system32\dllcache\g200d.dll
+ 2001-08-17 17:49:34 320,384 -c--a-w C:\WINDOWS\system32\dllcache\g200m.sys
+ 2001-08-17 17:49:42 322,432 -c--a-w C:\WINDOWS\system32\dllcache\g400m.sys
+ 2004-08-04 04:07:44 46,464 -c--a-w C:\WINDOWS\system32\dllcache\gagp30kx.sys
+ 2004-08-04 04:08:22 10,624 -c--a-w C:\WINDOWS\system32\dllcache\gameenum.sys
+ 2004-08-04 04:08:30 59,136 -c--a-w C:\WINDOWS\system32\dllcache\gckernel.sys
+ 2001-08-17 18:51:06 17,408 -c--a-w C:\WINDOWS\system32\dllcache\gpr400.sys
+ 2001-08-17 18:51:20 82,304 -c--a-w C:\WINDOWS\system32\dllcache\grclass.sys
+ 2004-08-04 03:59:20 28,288 -c--a-w C:\WINDOWS\system32\dllcache\grserial.sys
+ 2004-08-04 12:00:00 7,168 -c--a-w C:\WINDOWS\system32\dllcache\hccoin.dll
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\hid.dll
+ 2001-08-17 18:58:00 19,200 -c--a-w C:\WINDOWS\system32\dllcache\hidbatt.sys
+ 2004-08-04 04:10:38 25,600 -c--a-w C:\WINDOWS\system32\dllcache\hidbth.sys
+ 2004-08-04 12:00:00 36,224 -c--a-w C:\WINDOWS\system32\dllcache\hidclass.sys
+ 2001-08-17 19:02:32 8,576 -c--a-w C:\WINDOWS\system32\dllcache\hidgame.sys
+ 2004-08-04 04:08:20 15,104 -c--a-w C:\WINDOWS\system32\dllcache\hidir.sys
+ 2004-08-04 12:00:00 24,960 -c--a-w C:\WINDOWS\system32\dllcache\hidparse.sys
+ 2004-08-04 05:56:44 21,504 -c--a-w C:\WINDOWS\system32\dllcache\hidserv.dll
+ 2004-08-04 12:00:00 9,600 -c--a-w C:\WINDOWS\system32\dllcache\hidusb.sys
+ 2001-08-18 03:36:16 119,296 -c--a-w C:\WINDOWS\system32\dllcache\hpdigwia.dll
+ 2001-08-18 03:36:16 83,968 -c--a-w C:\WINDOWS\system32\dllcache\hpgt21.dll
+ 2001-08-18 03:36:16 123,392 -c--a-w C:\WINDOWS\system32\dllcache\hpgt21tk.dll
+ 2001-08-18 03:36:16 89,088 -c--a-w C:\WINDOWS\system32\dllcache\hpgt33.dll
+ 2001-08-18 03:36:16 48,128 -c--a-w C:\WINDOWS\system32\dllcache\hpgt33tk.dll
+ 2001-08-18 03:36:16 101,376 -c--a-w C:\WINDOWS\system32\dllcache\hpgt34.dll
+ 2001-08-18 03:36:16 126,976 -c--a-w C:\WINDOWS\system32\dllcache\hpgt34tk.dll
+ 2001-08-18 03:36:16 93,696 -c--a-w C:\WINDOWS\system32\dllcache\hpgt42.dll
+ 2001-08-18 03:36:16 31,232 -c--a-w C:\WINDOWS\system32\dllcache\hpgt42tk.dll
+ 2001-08-18 03:36:16 165,888 -c--a-w C:\WINDOWS\system32\dllcache\hpgt53.dll
+ 2001-08-18 03:36:16 68,608 -c--a-w C:\WINDOWS\system32\dllcache\hpgt53tk.dll
+ 2001-08-18 03:36:16 32,768 -c--a-w C:\WINDOWS\system32\dllcache\hpgtmcro.dll
+ 2001-08-17 19:07:44 25,952 -c--a-w C:\WINDOWS\system32\dllcache\hpn.sys
+ 2001-08-18 03:36:16 324,608 -c--a-w C:\WINDOWS\system32\dllcache\hpojwia.dll
+ 2001-08-18 03:36:16 13,312 -c--a-w C:\WINDOWS\system32\dllcache\hpsjmcro.dll
+ 2001-08-17 18:52:50 5,760 -c--a-w C:\WINDOWS\system32\dllcache\hpt4qic.sys
+ 2001-08-18 03:36:16 19,456 -c--a-w C:\WINDOWS\system32\dllcache\hr1w.dll
+ 2001-08-17 18:28:04 150,239 -c--a-w C:\WINDOWS\system32\dllcache\hsf_amos.sys
+ 2001-08-17 18:28:04 67,167 -c--a-w C:\WINDOWS\system32\dllcache\hsf_bsc2.sys
+ 2001-08-17 18:28:06 289,887 -c--a-w C:\WINDOWS\system32\dllcache\hsf_fall.sys
+ 2001-08-17 18:28:06 199,711 -c--a-w C:\WINDOWS\system32\dllcache\hsf_faxx.sys
+ 2001-08-17 18:28:06 115,807 -c--a-w C:\WINDOWS\system32\dllcache\hsf_fsks.sys
+ 2001-08-18 03:36:16 9,759 -c--a-w C:\WINDOWS\system32\dllcache\hsf_inst.dll
+ 2001-08-17 18:28:08 391,199 -c--a-w C:\WINDOWS\system32\dllcache\hsf_k56k.sys
+ 2001-08-17 18:28:10 57,471 -c--a-w C:\WINDOWS\system32\dllcache\hsf_samp.sys
+ 2001-08-17 18:28:10 44,863 -c--a-w C:\WINDOWS\system32\dllcache\hsf_soar.sys
+ 2001-08-17 18:28:10 73,279 -c--a-w C:\WINDOWS\system32\dllcache\hsf_spkp.sys
+ 2001-08-17 18:28:12 50,751 -c--a-w C:\WINDOWS\system32\dllcache\hsf_tone.sys
+ 2001-08-17 18:28:12 488,383 -c--a-w C:\WINDOWS\system32\dllcache\hsf_v124.sys
+ 2004-08-04 03:41:48 220,032 -c--a-w C:\WINDOWS\system32\dllcache\hsfbs2s2.sys
+ 2004-08-04 05:56:44 32,285 -c--a-w C:\WINDOWS\system32\dllcache\hsfcisp2.dll
+ 2004-08-04 03:41:50 685,056 -c--a-w C:\WINDOWS\system32\dllcache\hsfcxts2.sys
+ 2004-08-04 03:41:56 1,041,536 -c--a-w C:\WINDOWS\system32\dllcache\hsfdpsp2.sys
+ 2006-03-17 00:33:10 262,784 -c--a-w C:\WINDOWS\system32\dllcache\http.sys
+ 2004-08-04 04:00:52 8,192 -c--a-w C:\WINDOWS\system32\dllcache\i2omgmt.sys
+ 2004-08-04 04:00:52 18,560 -c--a-w C:\WINDOWS\system32\dllcache\i2omp.sys
+ 2001-08-17 19:56:00 353,184 -c--a-w C:\WINDOWS\system32\dllcache\i740dnt5.dll
+ 2001-08-17 17:49:06 58,592 -c--a-w C:\WINDOWS\system32\dllcache\i740nt5.sys
+ 2004-08-04 12:00:00 52,736 -c--a-w C:\WINDOWS\system32\dllcache\i8042prt.sys
+ 2004-08-04 05:56:44 702,845 -c--a-w C:\WINDOWS\system32\dllcache\i81xdnt5.dll
+ 2004-08-04 03:29:38 161,020 -c--a-w C:\WINDOWS\system32\dllcache\i81xnt5.sys
+ 2001-08-17 17:11:58 28,700 -c--a-w C:\WINDOWS\system32\dllcache\ibmexmp.sys
+ 2001-08-18 03:34:30 9,216 -c--a-w C:\WINDOWS\system32\dllcache\ibmsgnet.dll
+ 2001-08-17 17:12:00 100,936 -c--a-w C:\WINDOWS\system32\dllcache\ibmtok.sys
+ 2001-08-17 17:12:02 109,085 -c--a-w C:\WINDOWS\system32\dllcache\ibmtrp.sys
+ 2001-08-17 19:06:46 38,528 -c--a-w C:\WINDOWS\system32\dllcache\ibmvcap.sys
- 2007-08-17 10:20:54 63,488 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-10-10 10:59:40 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-10-10 23:55:51 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-08-20 10:04:35 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-10-10 23:55:51 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-10-10 05:46:55 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-08-20 10:04:35 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-10-10 23:55:52 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-20 10:04:38 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:55:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-10-10 10:59:52 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2004-08-04 12:00:00 41,856 -c--a-w C:\WINDOWS\system32\dllcache\imapi.sys
+ 2001-08-17 18:52:08 16,000 -c--a-w C:\WINDOWS\system32\dllcache\ini910u.sys
+ 2001-08-17 18:47:50 13,056 -c--a-w C:\WINDOWS\system32\dllcache\inport.sys
+ 2004-08-03 22:59:42 5,504 -c--a-w C:\WINDOWS\system32\dllcache\intelide.sys
+ 2004-08-04 12:00:00 36,096 -c--a-w C:\WINDOWS\system32\dllcache\intelppm.sys
+ 2001-08-17 18:50:56 38,784 -c--a-w C:\WINDOWS\system32\dllcache\io8.sys
+ 2001-08-18 03:36:18 90,200 -c--a-w C:\WINDOWS\system32\dllcache\io8ports.dll
+ 2001-08-17 17:12:12 45,632 -c--a-w C:\WINDOWS\system32\dllcache\ip5515.sys
+ 2004-08-04 04:08:34 40,832 -c--a-w C:\WINDOWS\system32\dllcache\irbus.sys
+ 2004-08-04 04:00:54 87,424 -c--a-w C:\WINDOWS\system32\dllcache\irda.sys
+ 2001-08-17 18:49:04 23,552 -c--a-w C:\WINDOWS\system32\dllcache\irmk7.sys
+ 2004-08-04 05:56:44 27,136 -c--a-w C:\WINDOWS\system32\dllcache\irmon.dll
+ 2001-08-17 18:51:32 18,688 -c--a-w C:\WINDOWS\system32\dllcache\irsir.sys
+ 2001-08-17 18:49:10 26,624 -c--a-w C:\WINDOWS\system32\dllcache\irstusb.sys
+ 2004-08-04 12:00:00 47,616 -c--a-w C:\WINDOWS\system32\dllcache\iyuv_32.dll
- 2007-08-20 10:04:39 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-10 23:55:56 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2001-08-17 19:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101b.dll
+ 2001-08-17 19:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101c.dll
+ 2001-08-17 19:55:56 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbd103.dll
+ 2001-08-17 19:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd106.dll
+ 2004-08-04 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\kbdclass.sys
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\kbdhid.sys
+ 2001-08-18 03:36:18 8,704 -c--a-w C:\WINDOWS\system32\dllcache\kbdjpn.dll
+ 2001-08-18 03:36:18 8,192 -c--a-w C:\WINDOWS\system32\dllcache\kbdkor.dll
+ 2001-08-18 03:36:18 45,568 -c--a-w C:\WINDOWS\system32\dllcache\kdsui.dll
+ 2001-08-18 03:36:18 37,376 -c--a-w C:\WINDOWS\system32\dllcache\kousd.dll
+ 2001-08-17 17:12:14 19,016 -c--a-w C:\WINDOWS\system32\dllcache\ktc111.sys
+ 2001-08-17 17:12:50 26,442 -c--a-w C:\WINDOWS\system32\dllcache\lanepic5.sys
+ 2004-08-04 03:59:34 34,688 -c--a-w C:\WINDOWS\system32\dllcache\lbrtfdc.sys
+ 2001-08-17 18:51:10 15,744 -c--a-w C:\WINDOWS\system32\dllcache\lit220p.sys
+ 2001-08-17 17:11:52 25,065 -c--a-w C:\WINDOWS\system32\dllcache\lmndis3.sys
+ 2001-08-17 17:12:20 20,573 -c--a-w C:\WINDOWS\system32\dllcache\lne100.sys
+ 2001-08-17 17:12:24 70,730 -c--a-w C:\WINDOWS\system32\dllcache\lne100tx.sys
+ 2001-08-17 18:53:42 4,992 -c--a-w C:\WINDOWS\system32\dllcache\loop.sys
+ 2001-08-17 18:28:18 727,786 -c--a-w C:\WINDOWS\system32\dllcache\ltck000c.sys
+ 2004-08-04 03:41:36 606,684 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmnt.sys
+ 2001-08-17 18:28:08 576,746 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmntl.sys
+ 2004-08-04 03:41:38 420,992 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmntt.sys
+ 2004-08-04 04:00:08 7,040 -c--a-w C:\WINDOWS\system32\dllcache\ltotape.sys
+ 2001-08-17 18:28:12 797,500 -c--a-w C:\WINDOWS\system32\dllcache\ltsmt.sys
+ 2004-08-04 03:39:32 20,864 -c--a-w C:\WINDOWS\system32\dllcache\lwadihid.sys
+ 2001-08-17 17:49:20 22,848 -c--a-w C:\WINDOWS\system32\dllcache\lwusbhid.sys
+ 2001-08-18 03:36:18 58,368 -c--a-w C:\WINDOWS\system32\dllcache\m3091dc.dll
+ 2001-08-18 03:36:18 58,880 -c--a-w C:\WINDOWS\system32\dllcache\m3092dc.dll
+ 2001-08-17 17:19:58 48,768 -c--a-w C:\WINDOWS\system32\dllcache\maestro.sys
+ 2001-08-17 18:52:50 7,424 -c--a-w C:\WINDOWS\system32\dllcache\mammoth.sys
+ 2001-08-17 17:12:26 164,586 -c--a-w C:\WINDOWS\system32\dllcache\mdgndis5.sys
+ 2004-08-04 12:00:00 147,968 -c--a-w C:\WINDOWS\system32\dllcache\mdwmdmsp.dll
+ 2001-08-17 18:58:04 8,320 -c--a-w C:\WINDOWS\system32\dllcache\memcard.sys
+ 2001-08-18 03:36:20 47,616 -c--a-w C:\WINDOWS\system32\dllcache\memgrp.dll
+ 2004-08-04 04:00:50 26,112 -c--a-w C:\WINDOWS\system32\dllcache\memstpci.sys
+ 2004-08-04 12:00:00 63,744 -c--a-w C:\WINDOWS\system32\dllcache\mf.sys
+ 2001-08-17 19:56:02 235,648 -c--a-w C:\WINDOWS\system32\dllcache\mgaud.dll
- 2005-07-25 23:46:57 7,680 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2004-08-04 12:00:00 7,680 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2001-08-17 18:52:50 6,528 -c--a-w C:\WINDOWS\system32\dllcache\miniqic.sys
+ 2004-08-04 12:00:00 30,080 -c--a-w C:\WINDOWS\system32\dllcache\modem.sys
+ 2004-08-04 12:00:00 23,040 -c--a-w C:\WINDOWS\system32\dllcache\mouclass.sys
+ 2004-08-04 12:00:00 12,160 -c--a-w C:\WINDOWS\system32\dllcache\mouhid.sys
+ 2004-08-04 04:10:14 15,360 -c--a-w C:\WINDOWS\system32\dllcache\mpe.sys
- 2004-08-04 12:00:00 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-04 12:00:00 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:46:59 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-04 12:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:46:59 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:46:59 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-04 12:00:00 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:46:59 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-04 12:00:00 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:46:59 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-04 12:00:00 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:46:59 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-04 12:00:00 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:46:59 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-04 12:00:00 471,552 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:46:59 471,552 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2001-08-17 18:52:12 17,280 -c--a-w C:\WINDOWS\system32\dllcache\mraid35x.sys
+ 2004-08-04 04:10:00 51,328 -c--a-w C:\WINDOWS\system32\dllcache\msdv.sys
+ 2001-08-17 18:48:36 6,016 -c--a-w C:\WINDOWS\system32\dllcache\msfsio.sys
+ 2001-08-17 19:02:40 35,200 -c--a-w C:\WINDOWS\system32\dllcache\msgame.sys
- 2007-08-20 20:34:42 3,584,512 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-30 23:42:28 3,590,656 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-20 10:04:41 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-10 23:55:58 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2004-08-04 04:00:48 22,016 -c--a-w C:\WINDOWS\system32\dllcache\msircomm.sys
- 2007-08-20 10:04:41 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-10 23:55:58 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2001-08-17 18:48:50 12,416 -c--a-w C:\WINDOWS\system32\dllcache\msriffwv.sys
+ 2004-08-04 12:00:00 15,488 -c--a-w C:\WINDOWS\system32\dllcache\mssmbios.sys
+ 2004-08-04 04:10:00 49,024 -c--a-w C:\WINDOWS\system32\dllcache\mstape.sys
+ 2004-08-04 03:58:40 5,504 -c--a-w C:\WINDOWS\system32\dllcache\mstee.sys
- 2007-08-20 10:04:42 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-10 23:55:59 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\msyuv.dll
+ 2004-08-04 03:41:40 126,686 -c--a-w C:\WINDOWS\system32\dllcache\mtlmnt5.sys
+ 2004-08-04 03:41:38 1,309,184 -c--a-w C:\WINDOWS\system32\dllcache\mtlstrm.sys
+ 2004-08-04 03:29:38 452,736 -c--a-w C:\WINDOWS\system32\dllcache\mtxparhm.sys
+ 2001-08-17 17:50:04 103,296 -c--a-w C:\WINDOWS\system32\dllcache\mtxvideo.sys
+ 2004-08-04 04:04:52 12,672 -c--a-w C:\WINDOWS\system32\dllcache\mutohpen.sys
+ 2001-08-17 18:50:48 21,888 -c--a-w C:\WINDOWS\system32\dllcache\mxcard.sys
+ 2001-08-18 03:36:26 19,968 -c--a-w C:\WINDOWS\system32\dllcache\mxicfg.dll
+ 2001-08-17 18:49:32 19,968 -c--a-w C:\WINDOWS\system32\dllcache\mxnic.sys
+ 2001-08-18 03:36:26 7,168 -c--a-w C:\WINDOWS\system32\dllcache\mxport.dll
+ 2001-08-17 18:50:54 75,520 -c--a-w C:\WINDOWS\system32\dllcache\mxport.sys
+ 2001-08-17 17:11:36 52,255 -c--a-w C:\WINDOWS\system32\dllcache\n1000nt5.sys
+ 2001-08-17 17:11:38 128,000 -c--a-w C:\WINDOWS\system32\dllcache\n100325.sys
+ 2001-08-17 19:56:02 35,392 -c--a-w C:\WINDOWS\system32\dllcache\n9i128.dll
+ 2001-08-17 17:50:06 13,664 -c--a-w C:\WINDOWS\system32\dllcache\n9i128.sys
+ 2001-08-18 03:36:02 59,104 -c--a-w C:\WINDOWS\system32\dllcache\n9i128v2.dll
+ 2001-08-17 17:50:08 33,088 -c--a-w C:\WINDOWS\system32\dllcache\n9i128v2.sys
+ 2001-08-17 17:50:10 27,936 -c--a-w C:\WINDOWS\system32\dllcache\n9i3d.sys
+ 2001-08-17 19:56:02 91,488 -c--a-w C:\WINDOWS\system32\dllcache\n9i3disp.dll
+ 2004-08-04 04:10:30 85,376 -c--a-w C:\WINDOWS\system32\dllcache\nabtsfec.sys
+ 2004-08-04 04:10:14 10,880 -c--a-w C:\WINDOWS\system32\dllcache\ndisip.sys
+ 2004-08-04 12:00:00 12,928 -c--a-w C:\WINDOWS\system32\dllcache\ndisuio.sys
+ 2001-08-17 18:49:14 15,872 -c--a-w C:\WINDOWS\system32\dllcache\ne2000.sys
+ 2001-08-18 03:36:02 60,480 -c--a-w C:\WINDOWS\system32\dllcache\neo20xx.dll
+ 2001-08-17 17:50:04 39,264 -c--a-w C:\WINDOWS\system32\dllcache\neo20xx.sys
+ 2001-08-17 17:11:36 65,278 -c--a-w C:\WINDOWS\system32\dllcache\netflx3.sys
+ 2001-08-17 17:12:20 32,840 -c--a-w C:\WINDOWS\system32\dllcache\ngrpci.sys
+ 2001-08-17 17:20:08 126,080 -c--a-w C:\WINDOWS\system32\dllcache\nm5a2wdm.sys
+ 2001-08-17 17:20:08 87,040 -c--a-w C:\WINDOWS\system32\dllcache\nm6wdm.sys
+ 2004-08-04 04:00:52 28,672 -c--a-w C:\WINDOWS\system32\dllcache\nscirda.sys
+ 2001-08-17 18:53:02 7,552 -c--a-w C:\WINDOWS\system32\dllcache\nsmmc.sys
+ 2001-08-17 18:47:22 9,344 -c--a-w C:\WINDOWS\system32\dllcache\ntapm.sys
+ 2001-08-17 17:49:04 51,552 -c--a-w C:\WINDOWS\system32\dllcache\ntgrip.sys
+ 2004-08-04 03:41:40 180,360 -c--a-w C:\WINDOWS\system32\dllcache\ntmtlfax.sys
+ 2001-08-18 03:36:02 123,776 -c--a-w C:\WINDOWS\system32\dllcache\nv3.dll
+ 2001-08-17 17:50:18 198,144 -c--a-w C:\WINDOWS\system32\dllcache\nv3.sys
+ 2004-08-04 03:29:56 1,897,408 -c--a-w C:\WINDOWS\system32\dllcache\nv4_mini.sys
- 2007-08-20 10:04:42 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-10 23:55:59 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2004-08-04 04:10:10 61,056 -c--a-w C:\WINDOWS\system32\dllcache\ohci1394.sys
+ 2001-08-17 17:20:16 54,528 -c--a-w C:\WINDOWS\system32\dllcache\opl3sax.sys
+ 2001-08-17 17:12:36 27,209 -c--a-w C:\WINDOWS\system32\dllcache\otc06x5.sys
+ 2001-08-17 17:12:36 43,689 -c--a-w C:\WINDOWS\system32\dllcache\otceth5.sys
+ 2001-08-17 18:28:12 54,186 -c--a-w C:\WINDOWS\system32\dllcache\otcsercb.sys
+ 2001-08-17 19:05:04 25,088 -c--a-w C:\WINDOWS\system32\dllcache\ovca.sys
+ 2001-08-17 19:05:12 48,000 -c--a-w C:\WINDOWS\system32\dllcache\ovcam2.sys
+ 2001-08-17 19:05:16 28,032 -c--a-w C:\WINDOWS\system32\dllcache\ovcd.sys
+ 2001-08-17 19:05:20 31,872 -c--a-w C:\WINDOWS\system32\dllcache\ovce.sys
+ 2001-08-18 03:36:28 116,736 -c--a-w C:\WINDOWS\system32\dllcache\ovcodec2.dll
+ 2001-08-18 03:36:28 20,480 -c--a-w C:\WINDOWS\system32\dllcache\ovcomc.dll
+ 2001-08-18 03:36:54 39,424 -c--a-w C:\WINDOWS\system32\dllcache\ovcoms.exe
+ 2001-08-17 19:05:06 25,216 -c--a-w C:\WINDOWS\system32\dllcache\ovsound2.sys
+ 2001-08-18 03:36:28 44,544 -c--a-w C:\WINDOWS\system32\dllcache\ovui2.dll
+ 2001-08-18 03:36:28 41,984 -c--a-w C:\WINDOWS\system32\dllcache\ovui2rc.dll
+ 2004-08-04 12:00:00 42,496 -c--a-w C:\WINDOWS\system32\dllcache\p3.sys
+ 2004-08-04 12:00:00 157,696 -c--a-w C:\WINDOWS\system32\dllcache\paqsp.dll
+ 2004-08-04 12:00:00 80,128 -c--a-w C:\WINDOWS\system32\dllcache\parport.sys
+ 2001-08-17 17:12:18 30,495 -c--a-w C:\WINDOWS\system32\dllcache\pc100nds.sys
+ 2004-08-04 03:31:24 29,502 -c--a-w C:\WINDOWS\system32\dllcache\pca200e.sys
+ 2001-08-17 17:12:18 26,153 -c--a-w C:\WINDOWS\system32\dllcache\pcmlm56.sys
+ 2001-08-17 17:11:22 30,282 -c--a-w C:\WINDOWS\system32\dllcache\pcntn5hl.sys
+ 2001-08-17 17:11:20 29,769 -c--a-w C:\WINDOWS\system32\dllcache\pcntn5m.sys
+ 2001-08-17 17:11:22 35,328 -c--a-w C:\WINDOWS\system32\dllcache\pcntpci5.sys
+ 2001-08-18 03:36:54 86,016 -c--a-w C:\WINDOWS\system32\dllcache\pctspk.exe
+ 2004-08-04 03:06:18 169,984 -c--a-w C:\WINDOWS\system32\dllcache\pcx500.sys
+ 2001-08-17 19:07:40 27,296 -c--a-w C:\WINDOWS\system32\dllcache\perc2.sys
+ 2001-08-17 19:07:42 5,504 -c--a-w C:\WINDOWS\system32\dllcache\perc2hib.sys
+ 2004-08-04 04:06:56 27,904 -c--a-w C:\WINDOWS\system32\dllcache\perm2.sys
+ 2004-08-04 05:56:24 211,712 -c--a-w C:\WINDOWS\system32\dllcache\perm2dll.dll
+ 2004-08-04 04:06:58 28,032 -c--a-w C:\WINDOWS\system32\dllcache\perm3.sys
+ 2001-08-18 03:36:28 16,384 -c--a-w C:\WINDOWS\system32\dllcache\philcam1.dll
+ 2001-08-17 19:04:50 75,776 -c--a-w C:\WINDOWS\system32\dllcache\philcam1.sys
+ 2001-08-17 19:04:08 173,696 -c--a-w C:\WINDOWS\system32\dllcache\philcam2.sys
+ 2001-08-17 19:04:04 92,416 -c--a-w C:\WINDOWS\system32\dllcache\phildec.sys
+ 2001-08-17 19:07:20 19,840 -c--a-w C:\WINDOWS\system32\dllcache\philtune.sys
+ 2001-08-18 03:36:28 121,344 -c--a-w C:\WINDOWS\system32\dllcache\phvfwext.dll
+ 2004-08-04 12:00:00 35,328 -c--a-w C:\WINDOWS\system32\dllcache\pid.dll
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\pjlmon.dll
+ 2001-08-17 18:53:04 7,168 -c--a-w C:\WINDOWS\system32\dllcache\pnrmc.sys
+ 2001-08-17 18:53:14 7,552 -c--a-w C:\WINDOWS\system32\dllcache\powerfil.sys
+ 2001-08-17 18:53:22 17,792 -c--a-w C:\WINDOWS\system32\dllcache\ppa.sys
+ 2004-08-04 04:00:18 17,664 -c--a-w C:\WINDOWS\system32\dllcache\ppa3.sys
+ 2004-08-04 12:00:00 35,328 -c--a-w C:\WINDOWS\system32\dllcache\processr.sys
+ 2001-08-17 18:51:08 16,128 -c--a-w C:\WINDOWS\system32\dllcache\pscr.sys
+ 2001-08-18 03:36:28 35,328 -c--a-w C:\WINDOWS\system32\dllcache\psisload.dll
+ 2001-08-18 03:36:30 5,632 -c--a-w C:\WINDOWS\system32\dllcache\ptpusb.dll
+ 2004-08-04 05:56:46 159,232 -c--a-w C:\WINDOWS\system32\dllcache\ptpusd.dll
+ 2001-08-17 18:28:12 128,286 -c--a-w C:\WINDOWS\system32\dllcache\ptserli.sys
+ 2001-08-17 18:28:14 112,574 -c--a-w C:\WINDOWS\system32\dllcache\ptserlp.sys
+ 2001-08-17 18:28:14 130,942 -c--a-w C:\WINDOWS\system32\dllcache\ptserlv.sys
- 2006-10-19 02:47:18 211,456 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
+ 2004-08-04 12:00:00 237,568 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
+ 2004-08-04 04:00:06 6,016 -c--a-w C:\WINDOWS\system32\dllcache\qic157.sys
+ 2001-08-17 18:52:20 40,320 -c--a-w C:\WINDOWS\system32\dllcache\ql1080.sys
+ 2001-08-17 18:52:16 33,152 -c--a-w C:\WINDOWS\system32\dllcache\ql10wnt.sys
+ 2001-08-17 18:52:20 45,312 -c--a-w C:\WINDOWS\system32\dllcache\ql12160.sys
+ 2001-08-17 18:52:16 40,448 -c--a-w C:\WINDOWS\system32\dllcache\ql1240.sys
+ 2001-08-17 18:52:18 49,024 -c--a-w C:\WINDOWS\system32\dllcache\ql1280.sys
- 2005-08-30 03:54:26 1,287,168 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2001-08-17 18:53:32 3,328 -c--a-w C:\WINDOWS\system32\dllcache\qv2kux.sys
+ 2001-08-18 03:36:30 41,472 -c--a-w C:\WINDOWS\system32\dllcache\qvusd.dll
+ 2001-08-17 18:28:20 714,762 -c--a-w C:\WINDOWS\system32\dllcache\r2mdmkxx.sys
+ 2001-08-17 18:51:32 19,584 -c--a-w C:\WINDOWS\system32\dllcache\rasirda.sys
+ 2004-08-04 04:01:16 196,864 -c--a-w C:\WINDOWS\system32\dllcache\rdpdr.sys
+ 2004-08-04 03:41:40 13,776 -c--a-w C:\WINDOWS\system32\dllcache\recagent.sys
+ 2004-08-03 22:59:38 57,472 -c--a-w C:\WINDOWS\system32\dllcache\redbook.sys
+ 2001-08-18 03:36:30 86,097 -c--a-w C:\WINDOWS\system32\dllcache\reslog32.dll
+ 2004-08-04 04:10:40 59,648 -c--a-w C:\WINDOWS\system32\dllcache\rfcomm.sys
+ 2001-08-17 17:12:36 37,563 -c--a-w C:\WINDOWS\system32\dllcache\rlnet5.sys
+ 2004-08-04 04:04:32 30,080 -c--a-w C:\WINDOWS\system32\dllcache\rndismpx.sys
+ 2004-08-04 03:59:12 79,104 -c--a-w C:\WINDOWS\system32\dllcache\rocket.sys
+ 2001-08-17 17:19:20 3,840 -c--a-w C:\WINDOWS\system32\dllcache\rpfun.sys
+ 2001-08-18 03:36:30 9,216 -c--a-w C:\WINDOWS\system32\dllcache\rsmgrstr.dll
+ 2001-08-17 17:19:22 30,720 -c--a-w C:\WINDOWS\system32\dllcache\rthwcls.sys
+ 2001-08-17 17:12:40 19,017 -c--a-w C:\WINDOWS\system32\dllcache\rtl8029.sys
+ 2004-08-04 03:31:34 20,992 -c--a-w C:\WINDOWS\system32\dllcache\rtl8139.sys
+ 2001-08-18 03:36:30 24,576 -c--a-w C:\WINDOWS\system32\dllcache\rw430ext.dll
+ 2001-08-18 03:36:30 26,624 -c--a-w C:\WINDOWS\system32\dllcache\rw450ext.dll
+ 2001-08-18 03:36:30 79,872 -c--a-w C:\WINDOWS\system32\dllcache\rwia430.dll
+ 2001-08-18 03:36:30 82,432 -c--a-w C:\WINDOWS\system32\dllcache\rwia450.dll
+ 2004-08-04 03:29:52 166,912 -c--a-w C:\WINDOWS\system32\dllcache\s3gnbm.sys
+ 2001-08-17 18:57:46 65,664 -c--a-w C:\WINDOWS\system32\dllcache\s3legacy.sys
+ 2001-08-17 17:50:34 166,720 -c--a-w C:\WINDOWS\system32\dllcache\s3m.sys
+ 2001-08-17 19:56:04 182,272 -c--a-w C:\WINDOWS\system32\dllcache\s3mt3d.dll
+ 2001-08-17 17:50:40 41,216 -c--a-w C:\WINDOWS\system32\dllcache\s3mt3d.sys
+ 2001-08-18 03:36:02 62,496 -c--a-w C:\WINDOWS\system32\dllcache\s3mtrio.dll
+ 2001-08-17 19:56:04 210,496 -c--a-w C:\WINDOWS\system32\dllcache\s3mvirge.dll
+ 2001-08-17 19:56:04 179,264 -c--a-w C:\WINDOWS\system32\dllcache\s3sav3d.dll
+ 2001-08-17 17:50:22 61,504 -c--a-w C:\WINDOWS\system32\dllcache\s3sav3dm.sys
+ 2001-08-17 19:56:04 198,400 -c--a-w C:\WINDOWS\system32\dllcache\s3sav4.dll
+ 2001-08-17 17:50:28 77,824 -c--a-w C:\WINDOWS\system32\dllcache\s3sav4m.sys
+ 2001-08-17 19:56:04 245,632 -c--a-w C:\WINDOWS\system32\dllcache\s3savmx.dll
+ 2001-08-17 17:50:34 75,392 -c--a-w C:\WINDOWS\system32\dllcache\s3savmxm.sys
+ 2004-08-04 03:59:58 43,136 -c--a-w C:\WINDOWS\system32\dllcache\sbp2port.sys
+ 2001-08-17 18:51:10 23,936 -c--a-w C:\WINDOWS\system32\dllcache\sccmn50m.sys
+ 2001-08-17 18:51:14 23,936 -c--a-w C:\WINDOWS\system32\dllcache\sccmusbm.sys
+ 2001-08-17 18:51:14 16,640 -c--a-w C:\WINDOWS\system32\dllcache\scmstcs.sys
+ 2001-08-17 18:51:16 17,280 -c--a-w C:\WINDOWS\system32\dllcache\scr111.sys
+ 2004-08-04 12:00:00 96,256 -c--a-w C:\WINDOWS\system32\dllcache\scsiport.sys
+ 2001-08-17 18:52:34 11,648 -c--a-w C:\WINDOWS\system32\dllcache\scsiprnt.sys
+ 2001-08-17 18:53:26 10,880 -c--a-w C:\WINDOWS\system32\dllcache\scsiscan.sys
+ 2004-08-04 12:00:00 67,584 -c--a-w C:\WINDOWS\system32\dllcache\sdbus.sys
+ 2004-08-04 12:00:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\sdhcinst.dll
+ 2001-08-17 18:53:10 6,912 -c--a-w C:\WINDOWS\system32\dllcache\seaddsmc.sys
+ 2004-08-04 12:00:00 15,488 -c--a-w C:\WINDOWS\system32\dllcache\serenum.sys
+ 2004-08-04 12:00:00 64,896 -c--a-w C:\WINDOWS\system32\dllcache\serial.sys
+ 2001-08-17 18:48:00 17,664 -c--a-w C:\WINDOWS\system32\dllcache\sermouse.sys
+ 2001-08-17 18:53:32 6,784 -c--a-w C:\WINDOWS\system32\dllcache\serscan.sys
+ 2004-08-04 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\sffp_sd.sys
+ 2004-08-04 12:00:00 11,392 -c--a-w C:\WINDOWS\system32\dllcache\sfloppy.sys
+ 2001-08-17 17:19:34 36,480 -c--a-w C:\WINDOWS\system32\dllcache\sfmanm.sys
+ 2001-08-17 17:51:04 98,080 -c--a-w C:\WINDOWS\system32\dllcache\sgiulnt5.sys
+ 2001-07-21 19:29:20 18,400 -c--a-w C:\WINDOWS\system32\dllcache\sgsmld.sys
+ 2001-07-21 19:29:20 161,568 -c--a-w C:\WINDOWS\system32\dllcache\sgsmusb.sys
+ 2004-08-04 05:56:46 3,901 -c--a-w C:\WINDOWS\system32\dllcache\siint5.dll
+ 2001-08-17 17:50:46 101,760 -c--a-w C:\WINDOWS\system32\dllcache\sis300ip.sys
+ 2001-08-17 19:56:04 252,032 -c--a-w C:\WINDOWS\system32\dllcache\sis300iv.dll
+ 2001-08-17 17:50:56 68,608 -c--a-w C:\WINDOWS\system32\dllcache\sis6306p.sys
+ 2001-08-17 19:56:04 150,144 -c--a-w C:\WINDOWS\system32\dllcache\sis6306v.dll
+ 2004-08-04 04:07:44 41,088 -c--a-w C:\WINDOWS\system32\dllcache\sisagp.sys
+ 2001-08-17 17:50:48 104,064 -c--a-w C:\WINDOWS\system32\dllcache\sisgrp.sys
+ 2001-08-18 03:36:32 238,592 -c--a-w C:\WINDOWS\system32\dllcache\sisgrv.dll
+ 2004-08-04 03:31:36 32,768 -c--a-w C:\WINDOWS\system32\dllcache\sisnic.sys
+ 2001-08-17 17:50:56 50,432 -c--a-w C:\WINDOWS\system32\dllcache\sisv.sys
+ 2001-08-17 19:56:04 157,696 -c--a-w C:\WINDOWS\system32\dllcache\sisv256.dll
+ 2001-08-17 17:12:52 94,698 -c--a-w C:\WINDOWS\system32\dllcache\sk98xwin.sys
+ 2001-08-17 17:12:52 91,294 -c--a-w C:\WINDOWS\system32\dllcache\skfpwin.sys
+ 2004-08-04 03:31:42 63,547 -c--a-w C:\WINDOWS\system32\dllcache\sla30nd5.sys
+ 2004-08-04 05:56:46 73,832 -c--a-w C:\WINDOWS\system32\dllcache\slcoinst.dll
+ 2004-08-04 05:56:46 286,792 -c--a-w C:\WINDOWS\system32\dllcache\slextspk.dll
+ 2004-08-04 05:56:46 188,508 -c--a-w C:\WINDOWS\system32\dllcache\slgen.dll
+ 2004-08-04 04:10:18 11,136 -c--a-w C:\WINDOWS\system32\dllcache\slip.sys
+ 2004-08-04 03:41:42 129,535 -c--a-w C:\WINDOWS\system32\dllcache\slnt7554.sys
+ 2004-08-04 03:41:46 95,424 -c--a-w C:\WINDOWS\system32\dllcache\slnthal.sys
+ 2004-08-04 05:56:58 32,866 -c--a-w C:\WINDOWS\system32\dllcache\slrundll.exe
+ 2004-08-04 05:56:58 73,796 -c--a-w C:\WINDOWS\system32\dllcache\slserv.exe
+ 2004-08-04 03:41:46 13,240 -c--a-w C:\WINDOWS\system32\dllcache\slwdmsup.sys
+ 2001-08-18 03:36:32 28,160 -c--a-w C:\WINDOWS\system32\dllcache\sm91w.dll
+ 2001-08-18 03:36:32 28,672 -c--a-w C:\WINDOWS\system32\dllcache\sma0w.dll
+ 2001-08-18 03:36:32 33,792 -c--a-w C:\WINDOWS\system32\dllcache\smb0w.dll
+ 2001-08-18 03:36:32 45,568 -c--a-w C:\WINDOWS\system32\dllcache\smb3w.dll
+ 2004-08-04 04:07:38 6,016 -c--a-w C:\WINDOWS\system32\dllcache\smbali.sys
+ 2004-08-04 04:07:36 16,128 -c--a-w C:\WINDOWS\system32\dllcache\smbbatt.sys
+ 2004-08-04 04:07:36 6,912 -c--a-w C:\WINDOWS\system32\dllcache\smbclass.sys
+ 2001-08-17 18:57:56 6,784 -c--a-w C:\WINDOWS\system32\dllcache\smbhc.sys
+ 2001-08-17 17:12:46 24,576 -c--a-w C:\WINDOWS\system32\dllcache\smc8000n.sys
+ 2001-08-17 17:10:28 35,913 -c--a-w C:\WINDOWS\system32\dllcache\smcirda.sys
+ 2001-08-17 17:12:48 25,034 -c--a-w C:\WINDOWS\system32\dllcache\smcpwr2n.sys
+ 2001-08-17 17:51:00 58,368 -c--a-w C:\WINDOWS\system32\dllcache\smiminib.sys
+ 2001-08-17 18:53:14 7,040 -c--a-w C:\WINDOWS\system32\dllcache\snyaitmc.sys
+ 2004-08-04 04:00:06 7,552 -c--a-w C:\WINDOWS\system32\dllcache\sonyait.sys
+ 2001-08-17 18:53:04 9,600 -c--a-w C:\WINDOWS\system32\dllcache\sonymc.sys
+ 2001-08-17 17:51:20 20,752 -c--a-w C:\WINDOWS\system32\dllcache\sonync.sys
+ 2001-08-18 03:36:32 114,688 -c--a-w C:\WINDOWS\system32\dllcache\sonypi.dll
+ 2001-08-17 17:51:22 37,040 -c--a-w C:\WINDOWS\system32\dllcache\sonypi.sys
+ 2001-08-17 18:56:16 7,552 -c--a-w C:\WINDOWS\system32\dllcache\sonypvu1.sys
+ 2001-08-17 19:07:44 19,072 -c--a-w C:\WINDOWS\system32\dllcache\sparrow.sys
+ 2001-08-18 03:36:32 106,584 -c--a-w C:\WINDOWS\system32\dllcache\spdports.dll
+ 2001-08-17 18:51:00 61,824 -c--a-w C:\WINDOWS\system32\dllcache\speed.sys
+ 2004-08-04 12:00:00 69,632 -c--a-w C:\WINDOWS\system32\dllcache\spnike.dll
+ 2004-08-04 12:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\sprio600.dll
+ 2004-08-04 12:00:00 72,192 -c--a-w C:\WINDOWS\system32\dllcache\sprio800.dll
+ 2001-08-18 03:36:32 24,660 -c--a-w C:\WINDOWS\system32\dllcache\spxupchk.dll
+ 2001-08-18 03:36:32 99,328 -c--a-w C:\WINDOWS\system32\dllcache\srusd.dll
+ 2001-08-17 17:11:08 48,736 -c--a-w C:\WINDOWS\system32\dllcache\srwlnd5.sys
+ 2001-08-17 18:51:20 16,896 -c--a-w C:\WINDOWS\system32\dllcache\stcusb.sys
+ 2001-08-18 03:36:32 53,248 -c--a-w C:\WINDOWS\system32\dllcache\stlncoin.dll
+ 2001-08-18 03:36:32 155,648 -c--a-w C:\WINDOWS\system32\dllcache\stlnprop.dll
+ 2004-08-04 00:56:46 74,752 -c--a-w C:\WINDOWS\system32\dllcache\storprop.dll
+ 2004-08-04 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\streamci.dll
+ 2004-08-04 04:10:14 15,360 -c--a-w C:\WINDOWS\system32\dllcache\streamip.sys
+ 2001-08-18 03:36:32 41,472 -c--a-w C:\WINDOWS\system32\dllcache\sw_effct.dll
+ 2001-08-18 03:36:32 53,760 -c--a-w C:\WINDOWS\system32\dllcache\sw_wheel.dll
+ 2004-08-04 12:00:00 4,352 -c--a-w C:\WINDOWS\system32\dllcache\swenum.sys
+ 2001-08-18 03:36:32 10,240 -c--a-w C:\WINDOWS\system32\dllcache\swpdflt2.dll
+ 2001-08-18 03:36:32 10,240 -c--a-w C:\WINDOWS\system32\dllcache\swpidflt.dll
+ 2001-08-17 19:02:56 3,968 -c--a-w C:\WINDOWS\system32\dllcache\swusbflt.sys
+ 2001-08-17 18:50:58 103,936 -c--a-w C:\WINDOWS\system32\dllcache\sx.sys
+ 2001-08-18 03:36:32 94,293 -c--a-w C:\WINDOWS\system32\dllcache\sxports.dll
+ 2001-08-17 19:07:40 28,384 -c--a-w C:\WINDOWS\system32\dllcache\sym_hi.sys
+ 2001-08-17 19:07:42 30,688 -c--a-w C:\WINDOWS\system32\dllcache\sym_u3.sys
+ 2001-08-17 19:07:34 16,256 -c--a-w C:\WINDOWS\system32\dllcache\symc810.sys
+ 2001-08-17 19:07:36 32,640 -c--a-w C:\WINDOWS\system32\dllcache\symc8xx.sys
+ 2001-08-17 17:50:12 36,640 -c--a-w C:\WINDOWS\system32\dllcache\t2r4mini.sys
+ 2001-08-17 18:52:54 7,040 -c--a-w C:\WINDOWS\system32\dllcache\tandqic.sys
+ 2001-08-17 18:49:46 30,464 -c--a-w C:\WINDOWS\system32\dllcache\tbatm155.sys
+ 2001-08-17 17:13:00 37,961 -c--a-w C:\WINDOWS\system32\dllcache\tdk100b.sys
+ 2001-08-17 17:13:00 17,129 -c--a-w C:\WINDOWS\system32\dllcache\tdkcd31.sys
+ 2004-08-04 06:01:08 40,840 -c--a-w C:\WINDOWS\system32\dllcache\termdd.sys
+ 2004-08-04 04:00:06 149,376 -c--a-w C:\WINDOWS\system32\dllcache\tffsport.sys
+ 2001-08-17 19:56:04 81,408 -c--a-w C:\WINDOWS\system32\dllcache\tgiul50.dll
+ 2001-08-17 17:51:10 138,528 -c--a-w C:\WINDOWS\system32\dllcache\tgiulnt5.sys
+ 2001-08-17 17:14:26 123,995 -c--a-w C:\WINDOWS\system32\dllcache\tjisdn.sys
+ 2001-08-17 17:10:26 28,232 -c--a-w C:\WINDOWS\system32\dllcache\tos4mo.sys
+ 2004-08-04 12:00:00 51,712 -c--a-w C:\WINDOWS\system32\dllcache\tosdvd.sys
+ 2001-08-17 19:01:52 241,664 -c--a-w C:\WINDOWS\system32\dllcache\tosdvd02.sys
+ 2001-08-17 19:02:00 230,912 -c--a-w C:\WINDOWS\system32\dllcache\tosdvd03.sys
+ 2001-08-17 18:51:56 4,992 -c--a-w C:\WINDOWS\system32\dllcache\toside.sys
+ 2001-08-18 03:36:32 31,744 -c--a-w C:\WINDOWS\system32\dllcache\tp4.dll
+ 2004-08-04 05:56:58 82,432 -c--a-w C:\WINDOWS\system32\dllcache\tp4mon.exe
+ 2001-08-18 03:35:42 42,496 -c--a-w C:\WINDOWS\system32\dllcache\tp4res.dll
+ 2001-08-17 17:12:12 34,375 -c--a-w C:\WINDOWS\system32\dllcache\tpro4.sys
+ 2001-08-17 19:56:06 315,520 -c--a-w C:\WINDOWS\system32\dllcache\trid3d.dll
+ 2001-08-17 17:51:16 222,336 -c--a-w C:\WINDOWS\system32\dllcache\trid3dm.sys
+ 2001-08-17 17:51:16 159,232 -c--a-w C:\WINDOWS\system32\dllcache\tridkbm.sys
+ 2001-08-17 17:51:22 166,784 -c--a-w C:\WINDOWS\system32\dllcache\tridxpm.sys
+ 2004-08-04 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\tsbyuv.dll
+ 2001-08-17 18:48:14 11,520 -c--a-w C:\WINDOWS\system32\dllcache\twotrack.sys
+ 2004-08-04 04:07:44 44,672 -c--a-w C:\WINDOWS\system32\dllcache\uagp35.sys
+ 2001-08-17 18:52:22 36,736 -c--a-w C:\WINDOWS\system32\dllcache\ultra.sys
+ 2001-08-18 03:36:34 216,064 -c--a-w C:\WINDOWS\system32\dllcache\um34scan.dll
+ 2001-08-18 03:36:34 211,968 -c--a-w C:\WINDOWS\system32\dllcache\um54scan.dll
+ 2001-08-18 03:36:34 47,616 -c--a-w C:\WINDOWS\system32\dllcache\umaxcam.dll
+ 2001-08-18 03:36:34 50,176 -c--a-w C:\WINDOWS\system32\dllcache\umaxp60.dll
+ 2001-08-17 18:58:12 22,912 -c--a-w C:\WINDOWS\system32\dllcache\umaxpcls.sys
+ 2001-08-18 03:36:34 50,688 -c--a-w C:\WINDOWS\system32\dllcache\umaxscan.dll
+ 2001-08-18 03:36:34 69,632 -c--a-w C:\WINDOWS\system32\dllcache\umaxu12.dll
+ 2001-08-18 03:36:34 26,624 -c--a-w C:\WINDOWS\system32\dllcache\umaxu22.dll
+ 2001-08-18 03:36:34 28,160 -c--a-w C:\WINDOWS\system32\dllcache\umaxu40.dll
+ 2001-08-18 03:36:34 94,720 -c--a-w C:\WINDOWS\system32\dllcache\umaxud32.dll
- 2007-08-20 10:04:42 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-10-10 23:55:59 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-20 10:04:42 1,152,000 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-10-10 23:56:00 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2004-08-04 03:31:26 32,384 -c--a-w C:\WINDOWS\system32\dllcache\usb101et.sys
+ 2004-08-04 04:04:34 12,672 -c--a-w C:\WINDOWS\system32\dllcache\usb8023x.sys
+ 2004-08-04 04:07:56 59,264 -c--a-w C:\WINDOWS\system32\dllcache\usbaudio.sys
+ 2004-08-04 12:00:00 23,936 -c--a-w C:\WINDOWS\system32\dllcache\usbcamd2.sys
+ 2004-08-04 12:00:00 4,736 -c--a-w C:\WINDOWS\system32\dllcache\usbd.sys
+ 2004-08-04 04:08:38 17,024 -c--a-w C:\WINDOWS\system32\dllcache\usbohci.sys
+ 2004-08-04 04:08:44 25,600 -c--a-w C:\WINDOWS\system32\dllcache\usbser.sys
+ 2004-08-04 04:10:12 78,464 -c--a-w C:\WINDOWS\system32\dllcache\usbvideo.sys
+ 2001-08-17 18:28:16 793,598 -c--a-w C:\WINDOWS\system32\dllcache\usr1806.sys
+ 2001-08-17 18:28:18 794,399 -c--a-w C:\WINDOWS\system32\dllcache\usr1806v.sys
+ 2001-08-17 18:28:24 224,802 -c--a-w C:\WINDOWS\system32\dllcache\usr1807a.sys
+ 2004-08-04 12:00:00 69,699 -c--a-w C:\WINDOWS\system32\dllcache\usrcoina.dll
+ 2004-08-04 12:00:00 86,073 -c--a-w C:\WINDOWS\system32\dllcache\usrfaxa.dll
+ 2001-08-17 18:28:24 7,556 -c--a-w C:\WINDOWS\system32\dllcache\usroslba.sys
+ 2001-08-17 18:28:26 113,762 -c--a-w C:\WINDOWS\system32\dllcache\usrpda.sys
+ 2001-08-17 18:28:14 765,884 -c--a-w C:\WINDOWS\system32\dllcache\usrti.sys
+ 2004-08-04 12:00:00 102,457 -c--a-w C:\WINDOWS\system32\dllcache\usrv42a.dll
+ 2004-08-04 05:56:48 11,325 -c--a-w C:\WINDOWS\system32\dllcache\vchnt5.dll
+ 2004-08-04 12:00:00 58,112 -c--a-w C:\WINDOWS\system32\dllcache\vdmindvd.sys
+ 2004-08-04 05:56:48 53,760 -c--a-w C:\WINDOWS\system32\dllcache\vfwwdm32.dll
+ 2004-08-04 04:07:44 42,240 -c--a-w C:\WINDOWS\system32\dllcache\viaagp.sys
+ 2004-08-04 03:59:44 5,376 -c--a-w C:\WINDOWS\system32\dllcache\viaide.sys
+ 2001-08-17 18:49:04 24,576 -c--a-w C:\WINDOWS\system32\dllcache\viairda.sys
+ 2001-08-17 17:14:12 249,402 -c--a-w C:\WINDOWS\system32\dllcache\vinwm.sys
+ 2001-08-17 18:28:14 604,253 -c--a-w C:\WINDOWS\system32\dllcache\vmodem.sys
+ 2001-08-17 18:28:16 397,502 -c--a-w C:\WINDOWS\system32\dllcache\vpctcom.sys
+ 2001-08-17 18:28:16 64,605 -c--a-w C:\WINDOWS\system32\dllcache\vvoice.sys
+ 2001-08-17 17:13:08 19,528 -c--a-w C:\WINDOWS\system32\dllcache\w840nd.sys
+ 2001-08-17 17:13:08 19,016 -c--a-w C:\WINDOWS\system32\dllcache\w926nd.sys
+ 2001-08-17 17:13:12 16,925 -c--a-w C:\WINDOWS\system32\dllcache\w940nd.sys
+ 2004-08-04 04:04:54 13,568 -c--a-w C:\WINDOWS\system32\dllcache\wacompen.sys
+ 2004-08-04 03:29:38 12,415 -c--a-w C:\WINDOWS\system32\dllcache\wadv01nt.sys
+ 2004-08-04 03:29:38 12,127 -c--a-w C:\WINDOWS\system32\dllcache\wadv02nt.sys
+ 2004-08-04 03:29:38 11,775 -c--a-w C:\WINDOWS\system32\dllcache\wadv05nt.sys
+ 2004-08-04 03:29:40 11,807 -c--a-w C:\WINDOWS\system32\dllcache\wadv07nt.sys
+ 2004-08-04 03:29:40 11,295 -c--a-w C:\WINDOWS\system32\dllcache\wadv08nt.sys
+ 2004-08-04 03:29:42 11,871 -c--a-w C:\WINDOWS\system32\dllcache\wadv09nt.sys
+ 2004-08-04 03:29:42 11,935 -c--a-w C:\WINDOWS\system32\dllcache\wadv11nt.sys
+ 2004-08-04 03:29:42 29,311 -c--a-w C:\WINDOWS\system32\dllcache\watv01nt.sys
+ 2004-08-04 03:29:44 19,551 -c--a-w C:\WINDOWS\system32\dllcache\watv02nt.sys
+ 2004-08-04 03:29:44 33,599 -c--a-w C:\WINDOWS\system32\dllcache\watv04nt.sys
+ 2004-08-04 03:29:46 22,271 -c--a-w C:\WINDOWS\system32\dllcache\watv06nt.sys
+ 2004-08-04 03:29:46 25,471 -c--a-w C:\WINDOWS\system32\dllcache\watv10nt.sys
+ 2001-08-17 17:10:30 35,871 -c--a-w C:\WINDOWS\system32\dllcache\wbfirdma.sys
+ 2004-08-04 04:08:48 31,744 -c--a-w C:\WINDOWS\system32\dllcache\wceusbsh.sys
+ 2004-08-04 03:29:46 23,615 -c--a-w C:\WINDOWS\system32\dllcache\wch7xxnt.sys
+ 2001-08-17 18:28:02 701,386 -c--a-w C:\WINDOWS\system32\dllcache\wdhaalba.sys
- 2007-08-20 10:04:42 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-10-10 23:56:00 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2001-08-18 03:36:34 87,040 -c--a-w C:\WINDOWS\system32\dllcache\wiafbdrv.dll
+ 2001-08-18 03:36:34 53,760 -c--a-w C:\WINDOWS\system32\dllcache\wiamsmud.dll
- 2007-08-20 10:04:43 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-10-10 23:56:00 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2001-08-17 17:12:38 34,890 -c--a-w C:\WINDOWS\system32\dllcache\wlandrv2.sys
+ 2004-08-04 03:31:28 154,624 -c--a-w C:\WINDOWS\system32\dllcache\wlluc48.sys
- 2006-10-19 02:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2007-10-27 22:40:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2004-08-04 04:07:42 8,832 -c--a-w C:\WINDOWS\system32\dllcache\wmiacpi.sys
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\wowfaxui.dll
+ 2004-08-04 12:00:00 108,032 -c--a-w C:\WINDOWS\system32\dllcache\wshbth.dll
+ 2004-08-04 05:56:48 8,192 -c--a-w C:\WINDOWS\system32\dllcache\wshirda.dll
+ 2004-08-04 03:29:48 12,063 -c--a-w C:\WINDOWS\system32\dllcache\wsiintxx.sys
+ 2004-08-04 04:10:22 19,328 -c--a-w C:\WINDOWS\system32\dllcache\wstcodec.sys
+ 2004-08-04 03:29:50 19,455 -c--a-w C:\WINDOWS\system32\dllcache\wvchntxx.sys
+ 2004-08-04 12:00:00 51,712 -c--a-w C:\WINDOWS\system32\dllcache\wzcsapi.dll
+ 2004-08-04 12:00:00 359,936 -c--a-w C:\WINDOWS\system32\dllcache\wzcsvc.dll
+ 2001-08-17 17:11:14 16,970 -c--a-w C:\WINDOWS\system32\dllcache\xem336n5.sys
+ 2001-08-18 03:37:02 99,865 -c--a-w C:\WINDOWS\system32\dllcache\xlog.exe
+ 2001-08-18 03:37:02 4,608 -c--a-w C:\WINDOWS\system32\dllcache\xrxflnch.exe
+ 2001-08-18 03:37:02 27,648 -c--a-w C:\WINDOWS\system32\dllcache\xrxftplt.exe
+ 2001-08-18 03:36:36 17,408 -c--a-w C:\WINDOWS\system32\dllcache\xrxscnui.dll
+ 2001-08-18 03:36:36 23,040 -c--a-w C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
+ 2004-08-04 05:56:48 116,224 -c--a-w C:\WINDOWS\system32\dllcache\xrxwiadr.dll
- 2004-08-04 12:00:00 72,960 -c--a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2007-08-20 10:04:34 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-10 23:55:51 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-20 10:04:34 132,608 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:55:51 132,608 ------w C:\WINDOWS\system32\extmgr.dll
- 2007-08-20 10:04:34 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2007-10-10 23:55:51 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-08-17 10:20:54 63,488 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-10-10 10:59:40 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2007-10-10 23:55:51 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2007-08-20 10:04:35 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2007-10-10 23:55:51 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2007-08-17 07:34:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-10-10 05:46:55 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2007-08-20 10:04:35 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2007-10-10 23:55:52 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-08-20 10:04:35 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-10-10 23:55:52 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2007-08-20 10:04:37 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2007-10-10 23:55:54 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-20 10:04:38 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:55:55 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2007-08-20 10:04:38 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2007-10-10 23:55:55 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-08-17 10:20:54 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-07-12 05:22:00 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2007-09-25 03:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-07-12 05:22:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2007-09-25 03:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-07-12 06:22:38 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2007-09-25 04:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-08-20 10:04:39 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-10 23:55:56 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-04 12:00:00 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:46:59 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-04 12:00:00 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:46:59 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:46:59 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-04 12:00:00 660,992 -c--a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:46:59 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-04 12:00:00 177,152 -c--a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:46:59 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-04 12:00:00 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:46:59 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-04 12:00:00 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:46:59 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-04 12:00:00 471,552 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:46:59 471,552 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-08-20 10:04:39 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-10-10 23:55:56 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-08-20 10:04:39 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-10-10 23:55:56 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-08-20 20:34:42 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 23:42:28 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-20 10:04:41 477,696 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-10 23:55:58 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-08-20 10:04:41 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-10-10 23:55:58 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2007-08-20 10:04:42 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2007-10-10 23:55:59 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2007-08-20 10:04:42 102,400 ------w C:\WINDOWS\system32\occache.dll
+ 2007-10-10 23:55:59 102,400 ------w C:\WINDOWS\system32\occache.dll
- 2007-11-10 16:42:06 16,531,296 -c--a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2007-12-14 11:47:24 415,040 -c--a-w C:\WINDOWS\system32\Restore\rstrlog.dat
- 2007-07-18 12:42:22 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2007-08-20 10:04:42 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-10-10 23:55:59 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-20 10:04:42 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-10 23:56:00 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-08-20 10:04:42 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-10-10 23:56:00 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2007-08-20 10:04:43 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-10 23:56:00 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2569C8A7-F5C9-4838-B2B9-E3CB00C1AB3A}]
2007-12-17 11:39 308800 --a------ C:\WINDOWS\system32\vtsqq.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
2007-10-21 12:56 339968 --a------ C:\WINDOWS\system32\byxvuts.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00]
"Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" []
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" []
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= C:\WINDOWS\system32\byxvuts.dll [2007-10-21 12:56 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byxvuts]
byxvuts.dll 2007-10-21 12:56 339968 C:\WINDOWS\system32\byxvuts.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\c_8500]
c_8500.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\\WINDOWS\\system32\\vtsqq

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kevin^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Kevin\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kevin^Start Menu^Programs^Startup^TA_Start.lnk]
path=C:\Documents and Settings\Kevin\Start Menu\Programs\Startup\TA_Start.lnk
backup=C:\WINDOWS\pss\TA_Start.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kevin^Start Menu^Programs^Startup^Think-Adz.lnk]
path=C:\Documents and Settings\Kevin\Start Menu\Programs\Startup\Think-Adz.lnk
backup=C:\WINDOWS\pss\Think-Adz.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kevin^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\Kevin\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sherry^Start Menu^Programs^Startup^TA_Start.lnk]
path=C:\Documents and Settings\Sherry\Start Menu\Programs\Startup\TA_Start.lnk
backup=C:\WINDOWS\pss\TA_Start.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2chkdsk]
rundll32.exe C:\WINDOWS\ljihij.dll,setvm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-05-11 02:06 40048 --a------ C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
C:\Program Files\AIM6\aim6.exe /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\b0d6aa28]
rundll32.exe C:\WINDOWS\ljkjji.dll,b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BootService]
rundll32.exe C:\WINDOWS\rqopqq.dll,realset

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo RX500]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2K1.EXE /P24 EPSON Stylus Photo RX500 /O6 USB001 /M Stylus Photo RX500

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExploreUpdSched]
C:\WINDOWS\system32\swinqldq.exe MSM002

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InfoData]
rundll32.exe C:\WINDOWS\rqrqqq.dll,realset

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2007-09-26 13:42 267064 --a------ C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark_X79-55]
C:\WINDOWS\system32\lsasss.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC-Checkup]
C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe -mini

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
C:\Program Files\Trend Micro\Antivirus\pccguide.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCClient.exe]
C:\Program Files\Trend Micro\Antivirus\PCClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\piwuii]
c:\documents and settings\kevin\local settings\application data\piwuii.exe piwuii

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\setup]
rundll32.exe C:\WINDOWS\iifddd.dll,realset

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Begone]
C:\begone-fs\SpywareBeGone.exe -FastScan

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-07-12 03:00 132496 --a--c--- C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysRestore]
C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp75.tmp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemOptimizer]
rundll32.exe C:\WINDOWS\qomkhg.dll,forkonce

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TM Outbreak Agent]
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe /run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsService]
rundll32.exe C:\WINDOWS\cbbccy.dll,realset

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winehq.org]
rundll32.exe C:\WINDOWS\xxvvvu.dll,realset

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{6A-AA-A8-87-ZN}]
C:\WINDOWS\system32\kpdsrngl.exe MSM002

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPod Service"=3 (0x3)

.
Contents of the 'Scheduled Tasks' folder
"2007-12-14 14:40:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-06 16:45:00 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.30.2.sxt _RegistrationOffer@16
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-17 11:40:03
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\byxvuts.dll
.
Completion time: 2007-12-17 11:43:11
C:\ComboFix2.txt ... 2007-12-12 21:59
.
2007-12-15 05:08:49 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:16 PM, on 12/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\explorer.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activ...v2.0.0.10.cab?
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4322 bytes