Oregonaird

about 48 hours ago, Avast started reporting a trojan horse at c:\users\...\temp\nsif337.tmp\downloader.exe\$appdata\microsoft\Googleupdate.exe

I tried quarenteen & delete but both times just kept saying, cannot process "c:\users\...\temp\nsif337.tmp\downloader.exe\$appdata\microsoft\Googleupdate.exe file"

I then scheduled a boot scan which found and supposedly removed the trojan. for that session things were good. But soon as I reboot the computer (this time with no boot scan scheduled) up pops the warning again.

I have not noticed any malicious activity on my pc, Its running fine ant normal speeds, CPU memory and internet activity all seem to be as normal.

here are the files you requested in your start here thread.


DDS (Ver_09-10-13.01) - NTFSx86
Run by Paul Chambers at 10:16:28.84 on 13/10/2009
Internet Explorer: 8.0.7100.0
Microsoft Windows 7 Ultimate 6.1.7100.0.1252.44.1033.18.3327.1958 [GMT 1:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Dwm.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Paul Chambers\AppData\Local\Meebo\Meebo Notifier\MeeboNotifier.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\Speech\Common\sapisvr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Nettalk6\Nettalk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\WindowsMobile\WmdHost.exe
C:\Users\Paul Chambers\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paul Chambers\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paul Chambers\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Paul Chambers\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.daemon-search.com/startpage
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Meebo Notifier] "c:\users\paul chambers\appdata\local\meebo\meebo notifier\MeeboNotifier.exe" /startup
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [Speech Recognition] "c:\windows\speech\common\sapisvr.exe" -SpeechUX -Startup
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
StartupFolder: c:\users\paulch~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\mumble.lnk - c:\program files\mumble\mumble.exe
StartupFolder: c:\users\paulch~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\mymobi~1.lnk - c:\users\paul chambers\appdata\roaming\microsoft\windows\start menu\programs\my mobile\mymobiler\MyMobiler.exe
StartupFolder: c:\users\paulch~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\nettalk.lnk - c:\program files\nettalk6\Nettalk.exe
StartupFolder: c:\users\paulch~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\window~1.lnk - c:\windows\installer\{904ccf62-818d-4675-bc76-d37eb399f917}\wmdc.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
IFEO: taskmgr.exe - "c:\users\paul chambers\downloads\PROCEXP.EXE"

============= SERVICES / DRIVERS ===============

R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2007-8-29 116264]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-5-14 114768]
R1 EIO_XP;EIO_XP;c:\windows\system32\drivers\EIO_XP.sys [2006-6-14 12288]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-5-14 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-5-14 53328]
R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2009-8-21 6656]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-8-11 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-10-8 47640]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-5-17 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-7-14 239648]
R3 SaiH0464;SaiH0464;c:\windows\system32\drivers\SaiH0464.sys [2008-3-31 136832]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-4-22 229888]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-4-22 311296]

=============== Created Last 30 ================

2009-10-11 12:42 <DIR> --d----- c:\users\paulch~1\appdata\roaming\MozillaControl
2009-10-11 12:42 <DIR> --d----- c:\program files\Mozilla ActiveX Control v1.7.12
2009-10-11 12:39 <DIR> --d----- c:\program files\Graboid
2009-10-08 18:43 <DIR> --d----- c:\programdata\FLEXnet
2009-10-08 17:36 <DIR> --d----- c:\programdata\LogMeIn
2009-10-08 17:36 <DIR> --d----- c:\progra~2\LogMeIn
2009-10-08 17:36 83,288 a------- c:\windows\system32\LMIRfsClientNP.dll
2009-10-08 17:36 28,984 a------- c:\windows\system32\LMIport.dll
2009-10-08 17:36 47,640 a------- c:\windows\system32\drivers\LMIRfsDriver.sys
2009-10-08 17:36 87,352 a------- c:\windows\system32\LMIinit.dll
2009-10-08 17:36 1,024 a------- C:\.rnd
2009-10-08 17:36 <DIR> --d----- c:\program files\LogMeIn
2009-10-08 17:29 <DIR> --d----- c:\program files\common files\Macrovision Shared
2009-10-07 18:41 <DIR> --d----- C:\FSDownloader
2009-10-03 13:21 <DIR> --d----- c:\users\paulch~1\appdata\roaming\Nettalk
2009-10-03 13:19 <DIR> --d----- c:\program files\Nettalk6
2009-10-03 06:35 195,440 -------- c:\windows\system32\MpSigStub.exe
2009-09-29 20:01 <DIR> --d----- c:\program files\uTorrent
2009-09-29 19:24 <DIR> --d----- c:\users\paulch~1\appdata\roaming\XemiComputers
2009-09-29 19:09 <DIR> --d----- c:\program files\XemiComputers
2009-09-26 18:05 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-09-26 17:08 <DIR> --d----- c:\program files\Mozilla Thunderbird 3.0 Beta 4
2009-09-25 23:31 <DIR> --d----- c:\program files\WSRMacros
2009-09-24 14:55 <DIR> --d----- c:\programdata\Hewlett-Packard
2009-09-22 15:09 81,200 a------- c:\windows\system32\drivers\btwavdt.sys
2009-09-22 15:09 16,432 a------- c:\windows\system32\drivers\btwrchid.sys
2009-09-22 15:09 79,664 a------- c:\windows\system32\drivers\btwaudio.sys
2009-09-22 15:09 229,376 a------- c:\windows\system32\BtwRSupport.dll
2009-09-22 15:09 <DIR> --d----- c:\windows\system32\es-MX
2009-09-22 15:09 <DIR> --d----- c:\windows\system32\es-AR
2009-09-21 17:51 <DIR> --d----- c:\programdata\doubleTwist Corporation
2009-09-21 17:51 <DIR> --d----- c:\progra~2\doubleTwist Corporation
2009-09-21 17:51 57,344 a------- c:\windows\system32\ff_vfw.dll
2009-09-21 17:51 60,273 a------- c:\windows\system32\pthreadGC2.dll
2009-09-21 17:51 <DIR> --d----- c:\program files\ffdshow
2009-09-21 17:50 563,712 a------- c:\windows\system32\Redemption.dll
2009-09-21 17:48 <DIR> --d----- c:\program files\doubleTwist 2.0
2009-09-21 12:07 <DIR> --d--r-- c:\program files\Skype
2009-09-21 10:39 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-09-20 17:48 <DIR> --d----- C:\temp
2009-09-20 17:41 <DIR> --d----- c:\programdata\Media Center Programs
2009-09-20 17:41 <DIR> --d----- c:\progra~2\Media Center Programs
2009-09-20 17:27 <DIR> --d----- c:\program files\THQ
2009-09-19 18:39 <DIR> --d----- c:\program files\Reality Gap
2009-09-19 12:51 <DIR> --d----- c:\users\paulch~1\appdata\roaming\Serif
2009-09-18 15:10 <DIR> --d----- c:\program files\Guild Wars
2009-09-17 15:56 <DIR> --d----- c:\users\paulch~1\appdata\roaming\shockvoice
2009-09-17 15:52 <DIR> --d----- c:\program files\Shockvoice
2009-09-16 22:33 <DIR> --d----- c:\programdata\InstallShield
2009-09-16 22:33 <DIR> a-d----- c:\programdata\TEMP
2009-09-16 21:30 <DIR> --d----- c:\program files\Sony Setup
2009-09-16 10:41 <DIR> --d----- c:\program files\Runes of Magic
2009-09-15 20:24 <DIR> --d----- c:\users\paulch~1\appdata\roaming\FOG Downloader
2009-09-15 17:45 <DIR> --d----- c:\users\paulch~1\appdata\roaming\Turbine
2009-09-14 22:33 <DIR> --d----- c:\users\paul chambers\.thumbnails
2009-09-14 22:07 <DIR> --d----- c:\users\paul chambers\.gimp-2.6
2009-09-14 22:07 <DIR> --d----- c:\program files\GIMP-2.0
2009-09-14 19:18 <DIR> --d----- C:\ViaVoice
2009-09-14 19:17 299,520 a------- c:\windows\uninst.exe
2009-09-14 12:39 <DIR> --d----- c:\users\paulch~1\appdata\roaming\Red Alert 3
2009-09-14 12:06 515,416 a------- c:\windows\system32\XAudio2_5.dll
2009-09-14 12:06 69,464 a------- c:\windows\system32\XAPOFX1_3.dll
2009-09-14 12:06 5,501,792 a------- c:\windows\system32\d3dcsx_42.dll
2009-09-14 12:06 1,974,616 a------- c:\windows\system32\D3DCompiler_42.dll
2009-09-14 12:06 238,936 a------- c:\windows\system32\xactengine3_5.dll
2009-09-14 12:06 1,892,184 a------- c:\windows\system32\D3DX9_42.dll
2009-09-14 12:06 453,456 a------- c:\windows\system32\d3dx10_42.dll
2009-09-14 12:06 235,344 a------- c:\windows\system32\d3dx11_42.dll
2009-09-14 11:40 <DIR> --d----- C:\Games
2009-09-13 20:16 <DIR> --d----- C:\CrashReport
2009-09-13 15:32 <DIR> --d----- c:\program files\Movie Maker 2.6
2009-09-13 14:45 <DIR> --d----- c:\users\paulch~1\appdata\roaming\Red Kawa
2009-09-13 13:00 <DIR> --d----- c:\users\paulch~1\appdata\roaming\SuperNZB
2009-09-13 13:00 <DIR> --d----- c:\program files\SuperNZB
2009-09-13 11:03 <DIR> --d----- c:\programdata\NCH Swift Sound
2009-09-13 11:03 <DIR> --d----- c:\program files\NCH Swift Sound
2009-09-13 10:48 <DIR> --d----- c:\programdata\NCH Software
2009-09-13 10:48 <DIR> --d----- c:\users\paulch~1\appdata\roaming\NCH Software
2009-09-13 10:47 <DIR> --d----- c:\program files\NCH Software

==================== Find3M ====================

2009-09-11 00:53 1,896 a------- C:\data.bin
2009-09-07 23:40 281,760 a------- c:\windows\system32\drivers\atksgt.sys
2009-09-07 23:40 25,888 a------- c:\windows\system32\drivers\lirsgt.sys
2009-09-07 19:44 413,696 a------- c:\windows\system32\wrap_oal.dll
2009-09-07 19:44 110,592 a------- c:\windows\system32\OpenAL32.dll
2009-09-07 13:51 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-09-06 21:34 53,248 a------- c:\windows\system32\unrar.dll
2009-09-05 19:25 107,888 a------- c:\windows\system32\CmdLineExt.dll
2009-09-02 16:05 138,736 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-02 16:05 188,968 a------- c:\windows\system32\PnkBstrB.exe
2009-08-26 18:41 75,064 a------- c:\windows\system32\PnkBstrA.exe
2009-08-21 00:02 6,656 a------- c:\windows\system32\drivers\iPodDrv.sys
2009-08-17 17:05 53,328 a------- c:\windows\system32\drivers\aswMonFlt.sys
2009-08-14 13:36 70,936 a------- c:\windows\system32\PhysXLoader.dll
2009-08-07 19:51 15,308,424 a------- c:\windows\system32\xlive.dll
2009-08-07 19:51 13,642,888 a------- c:\windows\system32\xlivefnt.dll
2009-08-03 00:21 288,024 a------- c:\windows\system32\PhysXCplUI.exe
2009-08-03 00:21 288,024 a------- c:\windows\system32\PhysXCompatCplUI.exe
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelTraditionalChinese.dll
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelSwedish.dll
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelSpanish.dll
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelSimplifiedChinese.dll
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelPortugese.dll
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelKorean.dll
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelJapanese.dll
2009-08-03 00:21 23,320 a------- c:\windows\system32\PhysXDevice.dll
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelGerman.dll
2009-08-03 00:21 58,648 a------- c:\windows\system32\AgCPanelFrench.dll
2009-07-26 16:44 48,448 a------- c:\windows\system32\sirenacm.dll
2009-07-18 04:28 299,520 a------- c:\windows\system32\wmpdxm.dll
2009-04-22 10:01 291,294 a------- c:\windows\inf\perflib\0409\perfi.dat
2009-04-22 10:01 291,294 a------- c:\windows\inf\perflib\0409\perfh.dat
2009-04-22 10:01 31,548 a------- c:\windows\inf\perflib\0409\perfd.dat
2009-04-22 10:01 31,548 a------- c:\windows\inf\perflib\0409\perfc.dat
2009-04-22 09:14 174 a--sh--- c:\program files\desktop.ini
2009-04-22 05:38 291,294 a------- c:\windows\inf\perflib\0000\perfi.dat
2009-04-22 05:38 291,294 a------- c:\windows\inf\perflib\0000\perfh.dat
2009-04-22 05:38 31,548 a------- c:\windows\inf\perflib\0000\perfd.dat
2009-04-22 05:38 31,548 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-03-27 05:24 9,633,792 a--shr-- c:\windows\fonts\StaticCache.dat
2009-05-14 08:52 245,760 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 10:16:53.50 ===============

Attached Files

Attach.zip (4.4 KB, 1 views)

Oregonaird

Bump Please