Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hotlean.com redirect from google search page [Solved]

Started by megadez , Feb 09 2009 05:30 PM

  • This topic is locked This topic is locked

#151
emeraldnzl
Posted 01 March 2009 - 07:10 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Lets leave that one for now. That CLSID showed up as a very old infection but I see on later use it can be legitimate too.

Another diagnostic tool now:

Posted Image
Please download DDS and save it to your desktop from here
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
Save both reports to your desktop & post them here.
  • 0

Advertisements

#152
megadez
Posted 01 March 2009 - 08:36 PM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
DDS (Ver_09-02-01.01) - NTFSx86
Run by Yuriy Horokhivskyy at 20:52:24.00 on Sun 03/01/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1061 [GMT -5:00]

AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated)
FW: Symantec Endpoint Protection *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\ABBYY Lingvo x3\LvAgent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PoivY.com\PoivY\PoivY.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ABBYY Lingvo x3\Lingvo.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Yuriy Horokhivskyy\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [PoivY] "c:\program files\poivy.com\poivy\PoivY.exe" -nosplash -minimized
uRun: [EPSON Stylus CX4600 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /M "Stylus CX4600" /EF "HKCU"
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [EPSON Stylus CX4600 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"
mRun: [Lingvo Launcher] "c:\program files\abbyy lingvo x3\LvAgent.exe" /STARTUP
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1227683328000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
TCP: {9F917EED-07A2-43F2-B2EE-DDD93B0857B7} = 208.67.222.222,208.67.220.220
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\yuriyh~1\applic~1\mozilla\firefox\profiles\sos6lio5.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\documents and settings\yuriy horokhivskyy\application data\mozilla\firefox\profiles\sos6lio5.default\extensions\[email protected]\components\coolirisstub.dll
FF - plugin: c:\documents and settings\yuriy horokhivskyy\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

============= SERVICES / DRIVERS ===============

R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};c:\program files\cyberlink\powerdvd\000.fcl [2007-11-3 41456]
R2 ABBYY.Licensing.Lingvo.Desktop.14.0;ABBYY Lingvo x3 Licensing Service;c:\program files\common files\abbyy\lingvo\14.0\licensing\NetworkLicenseServer.exe [2008-7-14 808224]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-8-14 108392]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-8-14 108392]
R2 PD91Agent;PD91Agent;c:\program files\raxco\perfectdisk2008\PD91Agent.exe [2008-1-16 664840]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2008-9-11 2436536]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-2-25 101936]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090301.024\NAVENG.SYS [2009-3-1 89104]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090301.024\NAVEX15.SYS [2009-3-1 876144]
S1 vdmymjk3;AVZ-BC Kernel Driver;\??\c:\windows\system32\drivers\vdmymjk3.sys --> c:\windows\system32\drivers\vdmymjk3.sys [?]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]
S3 PD91Engine;PD91Engine;c:\program files\raxco\perfectdisk2008\PD91Engine.exe [2008-1-16 894216]
S3 rootrepeal;rootrepeal;\??\c:\windows\system32\drivers\rootrepeal.sys --> c:\windows\system32\drivers\rootrepeal.sys [?]

=============== Created Last 30 ================

2009-02-28 23:13 <DIR> --d----- C:\_OTMoveIt
2009-02-28 04:49 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll
2009-02-28 04:49 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll
2009-02-28 04:49 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll
2009-02-28 04:49 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe
2009-02-28 04:48 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe
2009-02-28 04:48 99,865 ac------ c:\windows\system32\dllcache\xlog.exe
2009-02-28 04:48 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys
2009-02-28 04:48 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys
2009-02-28 04:48 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys
2009-02-28 04:48 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-02-28 04:47 8,832 ac------ c:\windows\system32\dllcache\wmiacpi.sys
2009-02-28 04:47 154,624 ac------ c:\windows\system32\dllcache\wlluc48.sys
2009-02-28 04:47 34,890 ac------ c:\windows\system32\dllcache\wlandrv2.sys
2009-02-28 04:46 771,581 ac------ c:\windows\system32\dllcache\winacisa.sys
2009-02-28 04:46 53,760 ac------ c:\windows\system32\dllcache\wiamsmud.dll
2009-02-28 04:46 87,040 ac------ c:\windows\system32\dllcache\wiafbdrv.dll
2009-02-28 04:46 701,386 ac------ c:\windows\system32\dllcache\wdhaalba.sys
2009-02-28 04:46 23,615 ac------ c:\windows\system32\dllcache\wch7xxnt.sys
2009-02-28 04:46 31,744 ac------ c:\windows\system32\dllcache\wceusbsh.sys
2009-02-28 04:45 35,871 ac------ c:\windows\system32\dllcache\wbfirdma.sys
2009-02-28 04:45 33,599 ac------ c:\windows\system32\dllcache\watv04nt.sys
2009-02-28 04:45 19,551 ac------ c:\windows\system32\dllcache\watv02nt.sys
2009-02-28 04:45 29,311 ac------ c:\windows\system32\dllcache\watv01nt.sys
2009-02-28 04:45 11,775 ac------ c:\windows\system32\dllcache\wadv05nt.sys
2009-02-28 04:45 12,127 ac------ c:\windows\system32\dllcache\wadv02nt.sys
2009-02-28 04:45 12,415 ac------ c:\windows\system32\dllcache\wadv01nt.sys
2009-02-28 04:45 16,925 ac------ c:\windows\system32\dllcache\w940nd.sys
2009-02-28 04:45 19,016 ac------ c:\windows\system32\dllcache\w926nd.sys
2009-02-28 04:44 19,528 ac------ c:\windows\system32\dllcache\w840nd.sys
2009-02-28 04:44 64,605 ac------ c:\windows\system32\dllcache\vvoice.sys
2009-02-28 04:44 397,502 ac------ c:\windows\system32\dllcache\vpctcom.sys
2009-02-28 04:44 604,253 ac------ c:\windows\system32\dllcache\vmodem.sys
2009-02-28 04:43 249,402 ac------ c:\windows\system32\dllcache\vinwm.sys
2009-02-28 04:43 24,576 ac------ c:\windows\system32\dllcache\viairda.sys
2009-02-28 04:43 5,376 ac------ c:\windows\system32\dllcache\viaide.sys
2009-02-28 04:43 687,999 ac------ c:\windows\system32\dllcache\usrwdxjs.sys
2009-02-28 04:43 765,884 ac------ c:\windows\system32\dllcache\usrti.sys
2009-02-28 04:43 113,762 ac------ c:\windows\system32\dllcache\usrpda.sys
2009-02-28 04:42 7,556 ac------ c:\windows\system32\dllcache\usroslba.sys
2009-02-28 04:42 224,802 ac------ c:\windows\system32\dllcache\usr1807a.sys
2009-02-28 04:42 794,399 ac------ c:\windows\system32\dllcache\usr1806v.sys
2009-02-28 04:42 793,598 ac------ c:\windows\system32\dllcache\usr1806.sys
2009-02-28 04:42 794,654 ac------ c:\windows\system32\dllcache\usr1801.sys
2009-02-28 04:41 26,112 ac------ c:\windows\system32\dllcache\usbser.sys
2009-02-28 04:41 17,152 ac------ c:\windows\system32\dllcache\usbohci.sys
2009-02-28 04:41 60,032 ac------ c:\windows\system32\dllcache\usbaudio.sys
2009-02-28 04:41 32,384 ac------ c:\windows\system32\dllcache\usb101et.sys
2009-02-28 04:41 94,720 ac------ c:\windows\system32\dllcache\umaxud32.dll
2009-02-28 04:41 28,160 ac------ c:\windows\system32\dllcache\umaxu40.dll
2009-02-28 04:41 26,624 ac------ c:\windows\system32\dllcache\umaxu22.dll
2009-02-28 04:40 69,632 ac------ c:\windows\system32\dllcache\umaxu12.dll
2009-02-28 04:40 50,688 ac------ c:\windows\system32\dllcache\umaxscan.dll
2009-02-28 04:40 22,912 ac------ c:\windows\system32\dllcache\umaxpcls.sys
2009-02-28 04:40 50,176 ac------ c:\windows\system32\dllcache\umaxp60.dll
2009-02-28 04:40 47,616 ac------ c:\windows\system32\dllcache\umaxcam.dll
2009-02-28 04:39 211,968 ac------ c:\windows\system32\dllcache\um54scan.dll
2009-02-28 04:39 216,064 ac------ c:\windows\system32\dllcache\um34scan.dll
2009-02-28 04:39 36,736 ac------ c:\windows\system32\dllcache\ultra.sys
2009-02-28 04:39 11,520 ac------ c:\windows\system32\dllcache\twotrack.sys
2009-02-28 04:39 166,784 ac------ c:\windows\system32\dllcache\tridxpm.sys
2009-02-28 04:38 525,568 ac------ c:\windows\system32\dllcache\tridxp.dll
2009-02-28 04:38 159,232 ac------ c:\windows\system32\dllcache\tridkbm.sys
2009-02-28 04:38 440,576 ac------ c:\windows\system32\dllcache\tridkb.dll
2009-02-28 04:38 222,336 ac------ c:\windows\system32\dllcache\trid3dm.sys
2009-02-28 04:38 315,520 ac------ c:\windows\system32\dllcache\trid3d.dll
2009-02-28 04:37 34,375 ac------ c:\windows\system32\dllcache\tpro4.sys
2009-02-28 04:37 42,496 ac------ c:\windows\system32\dllcache\tp4res.dll
2009-02-28 04:37 82,944 ac------ c:\windows\system32\dllcache\tp4mon.exe
2009-02-28 04:37 31,744 ac------ c:\windows\system32\dllcache\tp4.dll
2009-02-28 04:37 4,992 ac------ c:\windows\system32\dllcache\toside.sys
2009-02-28 04:36 230,912 ac------ c:\windows\system32\dllcache\tosdvd03.sys
2009-02-28 04:36 241,664 ac------ c:\windows\system32\dllcache\tosdvd02.sys
2009-02-28 04:36 28,232 ac------ c:\windows\system32\dllcache\tos4mo.sys
2009-02-28 04:36 123,995 ac------ c:\windows\system32\dllcache\tjisdn.sys
2009-02-28 04:36 138,528 ac------ c:\windows\system32\dllcache\tgiulnt5.sys
2009-02-28 04:35 81,408 ac------ c:\windows\system32\dllcache\tgiul50.dll
2009-02-28 04:35 149,376 ac------ c:\windows\system32\dllcache\tffsport.sys
2009-02-28 04:35 17,129 ac------ c:\windows\system32\dllcache\tdkcd31.sys
2009-02-28 04:35 37,961 ac------ c:\windows\system32\dllcache\tdk100b.sys
2009-02-28 04:35 30,464 ac------ c:\windows\system32\dllcache\tbatm155.sys
2009-02-28 04:34 7,040 ac------ c:\windows\system32\dllcache\tandqic.sys
2009-02-28 04:34 36,640 ac------ c:\windows\system32\dllcache\t2r4mini.sys
2009-02-28 04:34 172,768 ac------ c:\windows\system32\dllcache\t2r4disp.dll
2009-02-28 04:34 32,640 ac------ c:\windows\system32\dllcache\symc8xx.sys
2009-02-28 04:34 16,256 ac------ c:\windows\system32\dllcache\symc810.sys
2009-02-28 04:33 30,688 ac------ c:\windows\system32\dllcache\sym_u3.sys
2009-02-28 04:33 28,384 ac------ c:\windows\system32\dllcache\sym_hi.sys
2009-02-28 04:33 94,293 ac------ c:\windows\system32\dllcache\sxports.dll
2009-02-28 04:33 103,936 ac------ c:\windows\system32\dllcache\sx.sys
2009-02-28 04:33 3,968 ac------ c:\windows\system32\dllcache\swusbflt.sys
2009-02-28 04:33 10,240 ac------ c:\windows\system32\dllcache\swpidflt.dll
2009-02-28 04:32 10,240 ac------ c:\windows\system32\dllcache\swpdflt2.dll
2009-02-28 04:32 53,760 ac------ c:\windows\system32\dllcache\sw_wheel.dll
2009-02-28 04:32 41,472 ac------ c:\windows\system32\dllcache\sw_effct.dll
2009-02-28 04:32 155,648 ac------ c:\windows\system32\dllcache\stlnprop.dll
2009-02-28 04:32 53,248 ac------ c:\windows\system32\dllcache\stlncoin.dll
2009-02-28 04:31 285,760 ac------ c:\windows\system32\dllcache\stlnata.sys
2009-02-28 04:31 16,896 ac------ c:\windows\system32\dllcache\stcusb.sys
2009-02-28 04:31 48,736 ac------ c:\windows\system32\dllcache\srwlnd5.sys
2009-02-28 04:31 99,328 ac------ c:\windows\system32\dllcache\srusd.dll
2009-02-28 04:31 24,660 ac------ c:\windows\system32\dllcache\spxupchk.dll
2009-02-28 04:30 61,824 ac------ c:\windows\system32\dllcache\speed.sys
2009-02-28 04:30 106,584 ac------ c:\windows\system32\dllcache\spdports.dll
2009-02-28 04:30 19,072 ac------ c:\windows\system32\dllcache\sparrow.sys
2009-02-28 04:30 7,552 ac------ c:\windows\system32\dllcache\sonypvu1.sys
2009-02-28 04:30 37,040 ac------ c:\windows\system32\dllcache\sonypi.sys
2009-02-28 04:29 114,688 ac------ c:\windows\system32\dllcache\sonypi.dll
2009-02-28 04:29 20,752 ac------ c:\windows\system32\dllcache\sonync.sys
2009-02-28 04:29 9,600 ac------ c:\windows\system32\dllcache\sonymc.sys
2009-02-28 04:29 7,552 ac------ c:\windows\system32\dllcache\sonyait.sys
2009-02-28 04:29 7,040 ac------ c:\windows\system32\dllcache\snyaitmc.sys
2009-02-28 04:28 58,368 ac------ c:\windows\system32\dllcache\smiminib.sys
2009-02-28 04:28 147,200 ac------ c:\windows\system32\dllcache\smidispb.dll
2009-02-28 04:28 25,034 ac------ c:\windows\system32\dllcache\smcpwr2n.sys
2009-02-28 04:28 35,913 ac------ c:\windows\system32\dllcache\smcirda.sys
2009-02-28 04:28 24,576 ac------ c:\windows\system32\dllcache\smc8000n.sys
2009-02-28 04:28 6,784 ac------ c:\windows\system32\dllcache\smbhc.sys
2009-02-28 04:27 6,912 ac------ c:\windows\system32\dllcache\smbclass.sys
2009-02-28 04:27 16,000 ac------ c:\windows\system32\dllcache\smbbatt.sys
2009-02-28 04:27 45,568 ac------ c:\windows\system32\dllcache\smb3w.dll
2009-02-28 04:27 33,792 ac------ c:\windows\system32\dllcache\smb0w.dll
2009-02-28 04:27 28,672 ac------ c:\windows\system32\dllcache\sma0w.dll
2009-02-28 04:27 28,160 ac------ c:\windows\system32\dllcache\sm91w.dll
2009-02-28 04:26 63,547 ac------ c:\windows\system32\dllcache\sla30nd5.sys
2009-02-28 04:26 91,294 ac------ c:\windows\system32\dllcache\skfpwin.sys
2009-02-28 04:26 94,698 ac------ c:\windows\system32\dllcache\sk98xwin.sys
2009-02-28 04:26 157,696 ac------ c:\windows\system32\dllcache\sisv256.dll
2009-02-28 04:26 50,432 ac------ c:\windows\system32\dllcache\sisv.sys
2009-02-28 04:26 32,768 ac------ c:\windows\system32\dllcache\sisnic.sys
2009-02-28 04:25 238,592 ac------ c:\windows\system32\dllcache\sisgrv.dll
2009-02-28 04:25 104,064 ac------ c:\windows\system32\dllcache\sisgrp.sys
2009-02-28 04:25 150,144 ac------ c:\windows\system32\dllcache\sis6306v.dll
2009-02-28 04:25 68,608 ac------ c:\windows\system32\dllcache\sis6306p.sys
2009-02-28 04:25 252,032 ac------ c:\windows\system32\dllcache\sis300iv.dll
2009-02-28 04:25 101,760 ac------ c:\windows\system32\dllcache\sis300ip.sys
2009-02-28 04:24 161,568 ac------ c:\windows\system32\dllcache\sgsmusb.sys
2009-02-28 04:24 18,400 ac------ c:\windows\system32\dllcache\sgsmld.sys
2009-02-28 04:24 98,080 ac------ c:\windows\system32\dllcache\sgiulnt5.sys
2009-02-28 04:24 386,560 ac------ c:\windows\system32\dllcache\sgiul50.dll
2009-02-28 04:23 36,480 ac------ c:\windows\system32\dllcache\sfmanm.sys
2009-02-28 04:23 6,784 ac------ c:\windows\system32\dllcache\serscan.sys
2009-02-28 04:23 17,664 ac------ c:\windows\system32\dllcache\sermouse.sys
2009-02-28 04:23 6,912 ac------ c:\windows\system32\dllcache\seaddsmc.sys
2009-02-28 04:23 11,520 ac------ c:\windows\system32\dllcache\scsiscan.sys
2009-02-28 04:23 11,648 ac------ c:\windows\system32\dllcache\scsiprnt.sys
2009-02-28 04:22 17,280 ac------ c:\windows\system32\dllcache\scr111.sys
2009-02-28 04:22 16,640 ac------ c:\windows\system32\dllcache\scmstcs.sys
2009-02-28 04:22 23,936 ac------ c:\windows\system32\dllcache\sccmusbm.sys
2009-02-28 04:22 23,936 ac------ c:\windows\system32\dllcache\sccmn50m.sys
2009-02-28 04:22 43,904 ac------ c:\windows\system32\dllcache\sbp2port.sys
2009-02-28 04:22 495,616 ac------ c:\windows\system32\dllcache\sblfx.dll
2009-02-28 04:21 75,392 ac------ c:\windows\system32\dllcache\s3savmxm.sys
2009-02-28 04:21 245,632 ac------ c:\windows\system32\dllcache\s3savmx.dll
2009-02-28 04:21 77,824 ac------ c:\windows\system32\dllcache\s3sav4m.sys
2009-02-28 04:21 198,400 ac------ c:\windows\system32\dllcache\s3sav4.dll
2009-02-28 04:21 61,504 ac------ c:\windows\system32\dllcache\s3sav3dm.sys
2009-02-28 04:20 179,264 ac------ c:\windows\system32\dllcache\s3sav3d.dll
2009-02-28 04:20 210,496 ac------ c:\windows\system32\dllcache\s3mvirge.dll
2009-02-28 04:20 62,496 ac------ c:\windows\system32\dllcache\s3mtrio.dll
2009-02-28 04:20 41,216 ac------ c:\windows\system32\dllcache\s3mt3d.sys
2009-02-28 04:20 182,272 ac------ c:\windows\system32\dllcache\s3mt3d.dll
2009-02-28 04:20 166,720 ac------ c:\windows\system32\dllcache\s3m.sys
2009-02-28 04:19 65,664 ac------ c:\windows\system32\dllcache\s3legacy.sys
2009-02-28 04:19 82,432 ac------ c:\windows\system32\dllcache\rwia450.dll
2009-02-28 04:19 79,872 ac------ c:\windows\system32\dllcache\rwia430.dll
2009-02-28 04:19 29,696 ac------ c:\windows\system32\dllcache\rw450ext.dll
2009-02-28 04:19 27,648 ac------ c:\windows\system32\dllcache\rw430ext.dll
2009-02-28 04:19 20,992 ac------ c:\windows\system32\dllcache\rtl8139.sys
2009-02-28 04:19 19,017 ac------ c:\windows\system32\dllcache\rtl8029.sys
2009-02-28 04:18 30,720 ac------ c:\windows\system32\dllcache\rthwcls.sys
2009-02-28 04:18 9,216 ac------ c:\windows\system32\dllcache\rsmgrstr.dll
2009-02-28 04:18 3,840 ac------ c:\windows\system32\dllcache\rpfun.sys
2009-02-28 04:18 79,104 ac------ c:\windows\system32\dllcache\rocket.sys
2009-02-28 04:18 37,563 ac------ c:\windows\system32\dllcache\rlnet5.sys
2009-02-28 04:18 86,097 ac------ c:\windows\system32\dllcache\reslog32.dll
2009-02-28 04:17 19,584 ac------ c:\windows\system32\dllcache\rasirda.sys
2009-02-28 04:17 714,762 ac------ c:\windows\system32\dllcache\r2mdmkxx.sys
2009-02-28 04:17 899,146 ac------ c:\windows\system32\dllcache\r2mdkxga.sys
2009-02-28 04:17 41,472 ac------ c:\windows\system32\dllcache\qvusd.dll
2009-02-28 04:17 3,328 ac------ c:\windows\system32\dllcache\qv2kux.sys
2009-02-28 04:16 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys
2009-02-28 04:16 40,448 ac------ c:\windows\system32\dllcache\ql1240.sys
2009-02-28 04:16 45,312 ac------ c:\windows\system32\dllcache\ql12160.sys
2009-02-28 04:16 33,152 ac------ c:\windows\system32\dllcache\ql10wnt.sys
2009-02-28 04:16 40,320 ac------ c:\windows\system32\dllcache\ql1080.sys
2009-02-28 04:15 6,016 ac------ c:\windows\system32\dllcache\qic157.sys
2009-02-28 04:15 130,942 ac------ c:\windows\system32\dllcache\ptserlv.sys
2009-02-28 04:15 112,574 ac------ c:\windows\system32\dllcache\ptserlp.sys
2009-02-28 04:15 128,286 ac------ c:\windows\system32\dllcache\ptserli.sys
2009-02-28 04:15 159,232 ac------ c:\windows\system32\dllcache\ptpusd.dll
2009-02-28 04:15 5,632 ac------ c:\windows\system32\dllcache\ptpusb.dll
2009-02-28 04:15 33,280 ac------ c:\windows\system32\dllcache\psisrndr.ax
2009-02-28 04:15 35,328 ac------ c:\windows\system32\dllcache\psisload.dll
2009-02-28 04:14 363,520 ac------ c:\windows\system32\dllcache\psisdecd.dll
2009-02-28 04:14 16,128 ac------ c:\windows\system32\dllcache\pscr.sys
2009-02-28 04:14 17,664 ac------ c:\windows\system32\dllcache\ppa3.sys
2009-02-28 04:14 17,792 ac------ c:\windows\system32\dllcache\ppa.sys
2009-02-28 04:14 8,832 ac------ c:\windows\system32\dllcache\powerfil.sys
2009-02-28 04:14 7,168 ac------ c:\windows\system32\dllcache\pnrmc.sys
2009-02-28 04:13 121,344 ac------ c:\windows\system32\dllcache\phvfwext.dll
2009-02-28 04:13 19,840 ac------ c:\windows\system32\dllcache\philtune.sys
2009-02-28 04:13 92,416 ac------ c:\windows\system32\dllcache\phildec.sys
2009-02-28 04:13 173,696 ac------ c:\windows\system32\dllcache\philcam2.sys
2009-02-28 04:13 75,776 ac------ c:\windows\system32\dllcache\philcam1.sys
2009-02-28 04:13 16,384 ac------ c:\windows\system32\dllcache\philcam1.dll
2009-02-28 04:12 105,984 ac------ c:\windows\system32\dllcache\phdsext.ax
2009-02-28 04:12 259,328 ac------ c:\windows\system32\dllcache\perm3dd.dll
2009-02-28 04:12 28,032 ac------ c:\windows\system32\dllcache\perm3.sys
2009-02-28 04:12 211,584 ac------ c:\windows\system32\dllcache\perm2dll.dll
2009-02-28 04:12 27,904 ac------ c:\windows\system32\dllcache\perm2.sys
2009-02-28 04:12 5,504 ac------ c:\windows\system32\dllcache\perc2hib.sys
2009-02-28 04:12 27,296 ac------ c:\windows\system32\dllcache\perc2.sys
2009-02-28 04:12 169,984 ac------ c:\windows\system32\dllcache\pcx500.sys
2009-02-28 04:12 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe
2009-02-28 04:11 35,328 ac------ c:\windows\system32\dllcache\pcntpci5.sys
2009-02-28 04:11 29,769 ac------ c:\windows\system32\dllcache\pcntn5m.sys
2009-02-28 04:11 30,282 ac------ c:\windows\system32\dllcache\pcntn5hl.sys
2009-02-28 04:11 26,153 ac------ c:\windows\system32\dllcache\pcmlm56.sys
2009-02-28 04:11 29,502 ac------ c:\windows\system32\dllcache\pca200e.sys
2009-02-28 04:11 30,495 ac------ c:\windows\system32\dllcache\pc100nds.sys
2009-02-28 04:10 41,984 ac------ c:\windows\system32\dllcache\ovui2rc.dll
2009-02-28 04:10 44,544 ac------ c:\windows\system32\dllcache\ovui2.dll
2009-02-28 04:10 25,216 ac------ c:\windows\system32\dllcache\ovsound2.sys
2009-02-28 04:10 39,424 ac------ c:\windows\system32\dllcache\ovcoms.exe
2009-02-28 04:10 20,480 ac------ c:\windows\system32\dllcache\ovcomc.dll
2009-02-28 04:10 351,616 ac------ c:\windows\system32\dllcache\ovcodek2.sys
2009-02-28 04:09 116,736 ac------ c:\windows\system32\dllcache\ovcodec2.dll
2009-02-28 04:09 31,872 ac------ c:\windows\system32\dllcache\ovce.sys
2009-02-28 04:09 28,032 ac------ c:\windows\system32\dllcache\ovcd.sys
2009-02-28 04:09 48,000 ac------ c:\windows\system32\dllcache\ovcam2.sys
2009-02-28 04:09 25,088 ac------ c:\windows\system32\dllcache\ovca.sys
2009-02-28 04:09 54,186 ac------ c:\windows\system32\dllcache\otcsercb.sys
2009-02-28 04:08 43,689 ac------ c:\windows\system32\dllcache\otceth5.sys
2009-02-28 04:08 27,209 ac------ c:\windows\system32\dllcache\otc06x5.sys
2009-02-28 04:08 54,528 ac------ c:\windows\system32\dllcache\opl3sax.sys
2009-02-28 04:08 61,696 ac------ c:\windows\system32\dllcache\ohci1394.sys
2009-02-28 04:08 198,144 ac------ c:\windows\system32\dllcache\nv3.sys
2009-02-28 04:08 123,776 ac------ c:\windows\system32\dllcache\nv3.dll
2009-02-28 04:07 51,552 ac------ c:\windows\system32\dllcache\ntgrip.sys
2009-02-28 04:07 9,344 ac------ c:\windows\system32\dllcache\ntapm.sys
2009-02-28 04:07 7,552 ac------ c:\windows\system32\dllcache\nsmmc.sys
2009-02-28 04:07 28,672 ac------ c:\windows\system32\dllcache\nscirda.sys
2009-02-28 04:07 87,040 ac------ c:\windows\system32\dllcache\nm6wdm.sys
2009-02-28 04:07 126,080 ac------ c:\windows\system32\dllcache\nm5a2wdm.sys
2009-02-28 04:06 32,840 ac------ c:\windows\system32\dllcache\ngrpci.sys
2009-02-28 04:06 132,695 ac------ c:\windows\system32\dllcache\netwlan5.sys
2009-02-28 04:06 65,278 ac------ c:\windows\system32\dllcache\netflx3.sys
2009-02-28 04:06 39,264 ac------ c:\windows\system32\dllcache\neo20xx.sys
2009-02-28 04:06 60,480 ac------ c:\windows\system32\dllcache\neo20xx.dll
2009-02-28 04:06 15,872 ac------ c:\windows\system32\dllcache\ne2000.sys
2009-02-28 04:05 91,488 ac------ c:\windows\system32\dllcache\n9i3disp.dll
2009-02-28 04:05 27,936 ac------ c:\windows\system32\dllcache\n9i3d.sys
2009-02-28 04:05 33,088 ac------ c:\windows\system32\dllcache\n9i128v2.sys
2009-02-28 04:05 59,104 ac------ c:\windows\system32\dllcache\n9i128v2.dll
2009-02-28 04:05 13,664 ac------ c:\windows\system32\dllcache\n9i128.sys
2009-02-28 04:05 35,392 ac------ c:\windows\system32\dllcache\n9i128.dll
2009-02-28 04:04 128,000 ac------ c:\windows\system32\dllcache\n100325.sys
2009-02-28 04:04 52,255 ac------ c:\windows\system32\dllcache\n1000nt5.sys
2009-02-28 04:04 75,520 ac------ c:\windows\system32\dllcache\mxport.sys
2009-02-28 04:04 7,168 ac------ c:\windows\system32\dllcache\mxport.dll
2009-02-28 04:04 19,968 ac------ c:\windows\system32\dllcache\mxnic.sys
2009-02-28 04:04 19,968 ac------ c:\windows\system32\dllcache\mxicfg.dll
2009-02-28 04:04 21,888 ac------ c:\windows\system32\dllcache\mxcard.sys
2009-02-28 04:03 103,296 ac------ c:\windows\system32\dllcache\mtxvideo.sys
2009-02-28 04:03 49,024 ac------ c:\windows\system32\dllcache\mstape.sys
2009-02-28 04:03 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys
2009-02-28 04:03 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys
2009-02-28 04:03 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys
2009-02-28 04:02 35,200 ac------ c:\windows\system32\dllcache\msgame.sys
2009-02-28 04:02 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys
2009-02-28 04:02 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax
2009-02-28 04:02 51,200 ac------ c:\windows\system32\dllcache\msdv.sys
2009-02-28 04:02 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys
2009-02-28 04:02 15,232 ac------ c:\windows\system32\dllcache\mpe.sys
2009-02-28 04:01 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys
2009-02-28 04:01 6,528 ac------ c:\windows\system32\dllcache\miniqic.sys
2009-02-28 04:01 320,384 ac------ c:\windows\system32\dllcache\mgaum.sys
2009-02-28 04:01 235,648 ac------ c:\windows\system32\dllcache\mgaud.dll
2009-02-28 04:01 26,112 ac------ c:\windows\system32\dllcache\memstpci.sys
2009-02-28 04:00 47,616 ac------ c:\windows\system32\dllcache\memgrp.dll
2009-02-28 04:00 8,320 ac------ c:\windows\system32\dllcache\memcard.sys
2009-02-28 04:00 164,586 ac------ c:\windows\system32\dllcache\mdgndis5.sys
2009-02-28 04:00 7,424 ac------ c:\windows\system32\dllcache\mammoth.sys
2009-02-28 04:00 48,768 ac------ c:\windows\system32\dllcache\maestro.sys
2009-02-28 03:59 58,880 ac------ c:\windows\system32\dllcache\m3092dc.dll
2009-02-28 03:59 58,368 ac------ c:\windows\system32\dllcache\m3091dc.dll
2009-02-28 03:59 22,848 ac------ c:\windows\system32\dllcache\lwusbhid.sys
2009-02-28 03:59 20,864 ac------ c:\windows\system32\dllcache\lwadihid.sys
2009-02-28 03:59 797,500 ac------ c:\windows\system32\dllcache\ltsmt.sys
2009-02-28 03:59 802,683 ac------ c:\windows\system32\dllcache\ltsm.sys
2009-02-28 03:59 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys
2009-02-28 03:59 420,992 ac------ c:\windows\system32\dllcache\ltmdmntt.sys
2009-02-28 03:59 576,746 ac------ c:\windows\system32\dllcache\ltmdmntl.sys
2009-02-28 03:59 606,684 ac------ c:\windows\system32\dllcache\ltmdmnt.sys
2009-02-28 03:58 727,786 ac------ c:\windows\system32\dllcache\ltck000c.sys
2009-02-28 03:58 4,992 ac------ c:\windows\system32\dllcache\loop.sys
2009-02-28 03:58 70,730 ac------ c:\windows\system32\dllcache\lne100tx.sys
2009-02-28 03:58 20,573 ac------ c:\windows\system32\dllcache\lne100.sys
2009-02-28 03:58 25,065 ac------ c:\windows\system32\dllcache\lmndis3.sys
2009-02-28 03:57 15,744 ac------ c:\windows\system32\dllcache\lit220p.sys
2009-02-28 03:57 34,688 ac------ c:\windows\system32\dllcache\lbrtfdc.sys
2009-02-28 03:57 26,442 ac------ c:\windows\system32\dllcache\lanepic5.sys
2009-02-28 03:57 19,016 ac------ c:\windows\system32\dllcache\ktc111.sys
2009-02-28 03:57 37,376 ac------ c:\windows\system32\dllcache\kousd.dll
2009-02-28 03:57 253,952 ac------ c:\windows\system32\dllcache\kdsusd.dll
2009-02-28 03:57 48,640 ac------ c:\windows\system32\dllcache\kdsui.dll
2009-02-28 03:56 8,192 ac------ c:\windows\system32\dllcache\kbdkor.dll
2009-02-28 03:56 8,704 ac------ c:\windows\system32\dllcache\kbdjpn.dll
2009-02-28 03:56 14,592 ac------ c:\windows\system32\dllcache\kbdhid.sys
2009-02-28 03:56 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll
2009-02-28 03:56 5,632 ac------ c:\windows\system32\dllcache\kbd103.dll
2009-02-28 03:55 6,144 ac------ c:\windows\system32\dllcache\kbd101c.dll
2009-02-28 03:55 6,144 ac------ c:\windows\system32\dllcache\kbd101b.dll
2009-02-28 03:55 26,624 ac------ c:\windows\system32\dllcache\irstusb.sys
2009-02-28 03:55 18,688 ac------ c:\windows\system32\dllcache\irsir.sys
2009-02-28 03:55 28,160 ac------ c:\windows\system32\dllcache\irmon.dll
2009-02-28 03:55 23,552 ac------ c:\windows\system32\dllcache\irmk7.sys
2009-02-28 03:55 151,552 ac------ c:\windows\system32\dllcache\irftp.exe
2009-02-28 03:55 88,192 ac------ c:\windows\system32\dllcache\irda.sys
2009-02-28 03:54 45,632 ac------ c:\windows\system32\dllcache\ip5515.sys
2009-02-28 03:54 90,200 ac------ c:\windows\system32\dllcache\io8ports.dll
2009-02-28 03:54 38,784 ac------ c:\windows\system32\dllcache\io8.sys
2009-02-28 03:54 13,056 ac------ c:\windows\system32\dllcache\inport.sys
2009-02-28 03:54 16,000 ac------ c:\windows\system32\dllcache\ini910u.sys
2009-02-28 03:53 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll
2009-02-28 03:53 100,992 ac------ c:\windows\system32\dllcache\icam5usb.sys
2009-02-28 03:53 20,480 ac------ c:\windows\system32\dllcache\icam5ext.dll
2009-02-28 03:53 45,056 ac------ c:\windows\system32\dllcache\icam5com.dll
2009-02-28 03:52 154,496 ac------ c:\windows\system32\dllcache\icam4usb.sys
2009-02-28 03:52 61,952 ac------ c:\windows\system32\dllcache\icam4ext.dll
2009-02-28 03:52 91,136 ac------ c:\windows\system32\dllcache\icam4com.dll
2009-02-28 03:52 26,624 ac------ c:\windows\system32\dllcache\icam3ext.dll
2009-02-28 03:52 141,056 ac------ c:\windows\system32\dllcache\icam3.sys
2009-02-28 03:52 38,528 ac------ c:\windows\system32\dllcache\ibmvcap.sys
2009-02-28 03:52 109,085 ac------ c:\windows\system32\dllcache\ibmtrp.sys
2009-02-28 03:51 100,936 ac------ c:\windows\system32\dllcache\ibmtok.sys
2009-02-28 03:51 9,216 ac------ c:\windows\system32\dllcache\ibmsgnet.dll
2009-02-28 03:51 28,700 ac------ c:\windows\system32\dllcache\ibmexmp.sys
2009-02-28 03:51 161,020 ac------ c:\windows\system32\dllcache\i81xnt5.sys
2009-02-28 03:51 702,845 ac------ c:\windows\system32\dllcache\i81xdnt5.dll
2009-02-28 03:51 58,592 ac------ c:\windows\system32\dllcache\i740nt5.sys
2009-02-28 03:51 353,184 ac------ c:\windows\system32\dllcache\i740dnt5.dll
2009-02-28 03:51 18,560 ac------ c:\windows\system32\dllcache\i2omp.sys
2009-02-28 03:51 8,576 ac------ c:\windows\system32\dllcache\i2omgmt.sys
2009-02-28 03:50 488,383 ac------ c:\windows\system32\dllcache\hsf_v124.sys
2009-02-28 03:50 50,751 ac------ c:\windows\system32\dllcache\hsf_tone.sys
2009-02-28 03:50 73,279 ac------ c:\windows\system32\dllcache\hsf_spkp.sys
2009-02-28 03:50 44,863 ac------ c:\windows\system32\dllcache\hsf_soar.sys
2009-02-28 03:50 57,471 ac------ c:\windows\system32\dllcache\hsf_samp.sys
2009-02-28 03:49 542,879 ac------ c:\windows\system32\dllcache\hsf_msft.sys
2009-02-28 03:49 391,199 ac------ c:\windows\system32\dllcache\hsf_k56k.sys
2009-02-28 03:49 9,759 ac------ c:\windows\system32\dllcache\hsf_inst.dll
2009-02-28 03:49 115,807 ac------ c:\windows\system32\dllcache\hsf_fsks.sys
2009-02-28 03:49 199,711 ac------ c:\windows\system32\dllcache\hsf_faxx.sys
2009-02-28 03:49 289,887 ac------ c:\windows\system32\dllcache\hsf_fall.sys
2009-02-28 03:49 67,167 ac------ c:\windows\system32\dllcache\hsf_bsc2.sys
2009-02-28 03:48 150,239 ac------ c:\windows\system32\dllcache\hsf_amos.sys
2009-02-28 03:48 19,456 ac------ c:\windows\system32\dllcache\hr1w.dll
2009-02-28 03:48 5,760 ac------ c:\windows\system32\dllcache\hpt4qic.sys
2009-02-28 03:48 13,312 ac------ c:\windows\system32\dllcache\hpsjmcro.dll
2009-02-28 03:48 324,608 ac------ c:\windows\system32\dllcache\hpojwia.dll
2009-02-28 03:48 25,952 ac------ c:\windows\system32\dllcache\hpn.sys
2009-02-28 03:48 32,768 ac------ c:\windows\system32\dllcache\hpgtmcro.dll
2009-02-28 03:48 68,608 ac------ c:\windows\system32\dllcache\hpgt53tk.dll
2009-02-28 03:47 165,888 ac------ c:\windows\system32\dllcache\hpgt53.dll
2009-02-28 03:47 31,232 ac------ c:\windows\system32\dllcache\hpgt42tk.dll
2009-02-28 03:47 93,696 ac------ c:\windows\system32\dllcache\hpgt42.dll
2009-02-28 03:47 126,976 ac------ c:\windows\system32\dllcache\hpgt34tk.dll
2009-02-28 03:47 101,376 ac------ c:\windows\system32\dllcache\hpgt34.dll
2009-02-28 03:47 48,128 ac------ c:\windows\system32\dllcache\hpgt33tk.dll
2009-02-28 03:47 89,088 ac------ c:\windows\system32\dllcache\hpgt33.dll
2009-02-28 03:47 123,392 ac------ c:\windows\system32\dllcache\hpgt21tk.dll
2009-02-28 03:46 83,968 ac------ c:\windows\system32\dllcache\hpgt21.dll
2009-02-28 03:46 119,296 ac------ c:\windows\system32\dllcache\hpdigwia.dll
2009-02-28 03:46 2,688 ac------ c:\windows\system32\dllcache\hidswvd.sys
2009-02-28 03:46 8,576 ac------ c:\windows\system32\dllcache\hidgame.sys
2009-02-28 03:46 20,352 ac------ c:\windows\system32\dllcache\hidbatt.sys
2009-02-28 03:46 907,456 ac------ c:\windows\system32\dllcache\hcf_msft.sys
2009-02-28 03:46 28,288 ac------ c:\windows\system32\dllcache\grserial.sys
2009-02-28 03:46 82,304 ac------ c:\windows\system32\dllcache\grclass.sys
2009-02-28 03:45 17,408 ac------ c:\windows\system32\dllcache\gpr400.sys
2009-02-28 03:45 59,136 ac------ c:\windows\system32\dllcache\gckernel.sys
2009-02-28 03:45 10,624 ac------ c:\windows\system32\dllcache\gameenum.sys
2009-02-28 03:45 322,432 ac------ c:\windows\system32\dllcache\g400m.sys
2009-02-28 03:45 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll
2009-02-28 03:45 320,384 ac------ c:\windows\system32\dllcache\g200m.sys
2009-02-28 03:45 470,144 ac------ c:\windows\system32\dllcache\g200d.dll
2009-02-28 03:45 454,912 ac------ c:\windows\system32\dllcache\fxusbase.sys
2009-02-28 03:44 92,160 ac------ c:\windows\system32\dllcache\fuusd.dll
2009-02-28 03:44 455,296 ac------ c:\windows\system32\dllcache\fusbbase.sys
2009-02-28 03:44 455,680 ac------ c:\windows\system32\dllcache\fus2base.sys
2009-02-28 03:44 442,240 ac------ c:\windows\system32\dllcache\fpnpbase.sys
2009-02-28 03:44 441,728 ac------ c:\windows\system32\dllcache\fpcmbase.sys
2009-02-28 03:44 444,416 ac------ c:\windows\system32\dllcache\fpcibase.sys
2009-02-28 03:44 34,173 ac------ c:\windows\system32\dllcache\forehe.sys
2009-02-28 03:44 71,680 ac------ c:\windows\system32\dllcache\fnfilter.dll
2009-02-28 03:43 27,165 ac------ c:\windows\system32\dllcache\fetnd5.sys
2009-02-28 03:43 22,090 ac------ c:\windows\system32\dllcache\fem556n5.sys
2009-02-28 03:43 24,618 ac------ c:\windows\system32\dllcache\fa410nd5.sys
2009-02-28 03:43 16,074 ac------ c:\windows\system32\dllcache\fa312nd5.sys
2009-02-28 03:43 11,850 ac------ c:\windows\system32\dllcache\f3ab18xj.sys
2009-02-28 03:43 12,362 ac------ c:\windows\system32\dllcache\f3ab18xi.sys
2009-02-28 03:42 7,040 ac------ c:\windows\system32\dllcache\exabyte2.sys
2009-02-28 03:42 16,998 ac------ c:\windows\system32\dllcache\ex10.sys
2009-02-28 03:42 45,568 ac------ c:\windows\system32\dllcache\esunib.dll
2009-02-28 03:42 45,568 ac------ c:\windows\system32\dllcache\esuni.dll
2009-02-28 03:42 34,816 ac------ c:\windows\system32\dllcache\esuimg.dll
2009-02-28 03:42 43,008 ac------ c:\windows\system32\dllcache\esucm.dll
2009-02-28 03:42 137,088 ac------ c:\windows\system32\dllcache\essm2e.sys
2009-02-28 03:42 63,360 ac------ c:\windows\system32\dllcache\ess.sys
2009-02-28 03:42 347,550 ac------ c:\windows\system32\dllcache\es56tpi.sys
2009-02-28 03:41 594,238 ac------ c:\windows\system32\dllcache\es56hpi.sys
2009-02-28 03:41 595,647 ac------ c:\windows\system32\dllcache\es56cvmp.sys
2009-02-28 03:41 174,464 ac------ c:\windows\system32\dllcache\es198x.sys
2009-02-28 03:41 72,192 ac------ c:\windows\system32\dllcache\es1969.sys
2009-02-28 03:41 40,704 ac------ c:\windows\system32\dllcache\es1371mp.sys
2009-02-28 03:41 37,120 ac------ c:\windows\system32\dllcache\es1370mp.sys
2009-02-28 03:41 61,952 ac------ c:\windows\system32\dllcache\eqnloop.exe
2009-02-28 03:41 51,200 ac------ c:\windows\system32\dllcache\eqnlogr.exe
2009-02-28 03:41 53,248 ac------ c:\windows\system32\dllcache\eqndiag.exe
2009-02-28 03:40 629,952 ac------ c:\windows\system32\dllcache\eqn.sys
2009-02-28 03:40 114,944 ac------ c:\windows\system32\dllcache\epstw2k.sys
2009-02-28 03:40 18,503 ac------ c:\windows\system32\dllcache\epro4.sys
2009-02-28 03:40 144,896 ac------ c:\windows\system32\dllcache\epcfw2k.sys
2009-02-28 03:40 6,400 ac------ c:\windows\system32\dllcache\enum1394.sys
2009-02-28 03:40 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys
2009-02-28 03:40 19,996 ac------ c:\windows\system32\dllcache\em556n4.sys
2009-02-28 03:40 25,159 ac------ c:\windows\system32\dllcache\elnk3.sys
2009-02-28 03:40 7,296 ac------ c:\windows\system32\dllcache\elmsmc.sys
2009-02-28 03:40 171,520 ac------ c:\windows\system32\dllcache\el99xn51.sys
2009-02-28 03:40 70,174 ac------ c:\windows\system32\dllcache\el98xn5.sys
2009-02-28 03:38 117,760 ac------ c:\windows\system32\dllcache\e100b325.sys
2009-02-28 03:38 50,719 ac------ c:\windows\system32\dllcache\e1000nt5.sys
2009-02-28 03:38 20,992 ac------ c:\windows\system32\dllcache\dshowext.ax
2009-02-28 03:38 334,208 ac------ c:\windows\system32\dllcache\ds1wdm.sys
2009-02-28 03:38 20,192 ac------ c:\windows\system32\dllcache\dpti2o.sys
2009-02-28 03:38 28,062 ac------ c:\windows\system32\dllcache\dp83820.sys
2009-02-28 03:38 23,808 ac------ c:\windows\system32\dllcache\dot4usb.sys
2009-02-28 03:38 8,704 ac------ c:\windows\system32\dllcache\dot4scan.sys
2009-02-28 03:38 12,928 ac------ c:\windows\system32\dllcache\dot4prt.sys
2009-02-28 03:38 206,976 ac------ c:\windows\system32\dllcache\dot4.sys
2009-02-28 03:38 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys
2009-02-28 03:38 8,320 ac------ c:\windows\system32\dllcache\dlttape.sys
2009-02-28 03:38 26,698 ac------ c:\windows\system32\dllcache\dlh5xnd5.sys
2009-02-28 03:36 229,462 ac------ c:\windows\system32\dllcache\digifwrk.dll
2009-02-28 03:35 86,016 ac------ c:\windows\system32\dllcache\dc240usd.dll
2009-02-28 03:34 93,952 ac------ c:\windows\system32\dllcache\cwcwdm.sys
2009-02-28 03:33 14,976 ac------ c:\windows\system32\dllcache\cpqarray.sys
2009-02-28 03:33 39,936 ac------ c:\windows\system32\dllcache\cnxt1803.sys
2009-02-28 03:33 44,032 ac------ c:\windows\system32\dllcache\cnusd.dll
2009-02-28 03:33 6,656 ac------ c:\windows\system32\dllcache\cmdide.sys
2009-02-28 03:33 20,736 ac------ c:\windows\system32\dllcache\cmbp0wdm.sys
2009-02-28 03:33 248,064 ac------ c:\windows\system32\dllcache\cl546xm.sys
2009-02-28 03:33 170,880 ac------ c:\windows\system32\dllcache\cl546x.dll
2009-02-28 03:33 111,232 ac------ c:\windows\system32\dllcache\cl5465.dll
2009-02-28 03:33 45,696 ac------ c:\windows\system32\dllcache\cirrus.sys
2009-02-28 03:33 91,264 ac------ c:\windows\system32\dllcache\cirrus.dll
2009-02-28 03:33 272,640 ac------ c:\windows\system32\dllcache\cinemclc.sys
2009-02-28 03:33 980,034 ac------ c:\windows\system32\dllcache\cicap.sys
2009-02-28 03:33 8,192 ac------ c:\windows\system32\dllcache\changer.sys
2009-02-28 03:30 13,824 ac------ c:\windows\system32\dllcache\bulltlp3.sys
2009-02-28 03:29 871,388 ac------ c:\windows\system32\dllcache\bcmdm.sys
2009-02-28 03:28 268,160 ac------ c:\windows\system32\dllcache\atidvai.dll
2009-02-28 03:16 101,888 ac------ c:\windows\system32\dllcache\adpu160m.sys
2009-02-28 03:15 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll
2009-02-27 22:07 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-02-27 22:07 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-25 21:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\OpenDNS Updater
2009-02-25 21:18 <DIR> --d----- c:\program files\OpenDNS Updater
2009-02-25 21:13 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-02-25 21:12 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-02-25 21:12 <DIR> --d----- c:\docume~1\yuriyh~1\applic~1\SUPERAntiSpyware.com
2009-02-25 16:18 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat
2009-02-23 22:57 <DIR> --d----- c:\program files\Windows Desktop Search
2009-02-23 02:02 <DIR> --d----- c:\program files\Shape Collage
2009-02-20 10:56 <DIR> --d----- c:\windows\ERUNT
2009-02-17 18:15 <DIR> --d----- c:\documents and settings\yuriy horokhivskyy\.housecall6.6
2009-02-16 23:44 73,728 a------- c:\windows\system32\javacpl.cpl
2009-02-15 15:43 <DIR> --d----- c:\documents and settings\yuriy horokhivskyy\DoctorWeb
2009-02-12 18:25 <DIR> a-dshr-- C:\cmdcons

==================== Find3M ====================

2009-02-16 23:43 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-20 20:44 149,760 a------- c:\windows\system32\drivers\WpsHelper.sys
2009-01-05 17:33 3,751,995 a------- c:\windows\system32\GPhotos.scr
2009-01-04 20:31 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-01-04 20:31 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01000_Coinstaller_Critical.Wdf
2009-01-01 19:53 123,952 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-01 19:53 60,800 a------- c:\windows\system32\S32EVNT1.DLL
2009-01-01 19:53 10,563 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-01 19:53 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2008-12-20 18:15 826,368 a------- c:\windows\system32\wininet.dll
2008-12-17 00:12 356,352 a------- c:\windows\eSellerateEngine.dll
2008-12-10 23:36 29,480 a------- c:\windows\system32\msxml3a.dll

============= FINISH: 20:53:28.68 ===============





UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/25/2008 5:02:01 PM
System Uptime: 3/1/2009 8:55:39 AM (12 hours ago)

Motherboard: Dell Inc. | | 0RJ272
Processor: Intel® Pentium® M processor 1.70GHz | Microprocessor | 593/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 39 GiB total, 6.313 GiB free.
D: is FIXED (NTFS) - 17 GiB total, 1.644 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 233 GiB total, 112.805 GiB free.
I: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA

==== System Restore Points ===================

RP59: 2/28/2009 4:55:33 PM - System Checkpoint

==== Installed Programs ======================

µTorrent
2007 Microsoft Office Suite Service Pack 1 (SP1)
ABBYY Lingvo x3
AC-3 ACM Codec
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Software Update
Aurora
Broadcom 440x 10/100 Integrated Controller
Calculator Powertoy for Windows XP
CCleaner (remove only)
CDBurnerXP
Cisco Systems VPN Client 5.0.02.0090
ClearType Tuning Control Panel Applet
Conexant HDA D110 MDC V.92 Modem
Dell Wireless WLAN Card
Drive Manager
EPSON Printer Software
EPSON Scan
foobar2000 v0.9.5.6
G-Force
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Image Resizer Powertoy for Windows XP
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PROSet/Wireless Software
InterVideo DeviceService
Java™ 6 Update 11
LiveUpdate 3.3 (Symantec Corporation)
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech Video Enumerator
Logitech® Camera Driver
Malwarebytes' Anti-Malware
MATLAB R2008b
mCore
mDriver
mDrWiFi
Medieval CUE Splitter
mHlpDell
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework 1.0
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote
  • 0

#153
megadez
Posted 01 March 2009 - 08:37 PM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
mIWA
mLogView
mMHouse
Mozilla Firefox (3.0.6)
mPfMgr
mPfWiz
mProSafe
mSCfg
mSSO
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser
MVision
mWlsSafe
mWMI
mZConfig
Netflix Movie Viewer
Octoshape add-in for Adobe Flash Player
Open PLS in Windows Media Player 2.3.0
OpenDNS Updater 1.3.0.187
Opera 9.63
PerfectDisk 2008 Professional
Photo Story 3 for Windows
Picasa 3
PoivY
PowerDVD
PowerDVD Ultra
PowerISO
QuickSet
QuickTime
Sansa Updater
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
Shape Collage
SigmaTel Audio
Skype™ 3.8
SmartSound Quicktracks Plugin
SSH Secure Shell
Stat/Transfer Nine
Stata 10
Symantec Endpoint Protection
Synaptics Pointing Device Driver
The Rosetta Stone
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb959634)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VLC media player 0.9.6
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver

==== Event Viewer Messages From Past Week ========

2/24/2009 10:09:36 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
2/23/2009 9:36:42 PM, error: w29n51 [5010] - Intel® PRO/Wireless 2200BG Network Connection : The adapter has returned an invalid value to the driver.
2/23/2009 9:36:42 PM, error: w29n51 [5031] - Intel® PRO/Wireless 2200BG Network Connection : The adapter has detected an Adapter Check as a result of some unrecoverable hardware of software error. Please contact your service provider.
2/26/2009 2:08:19 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SrtETmp' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
2/28/2009 1:45:27 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service.
2/28/2009 1:45:27 AM, error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: All pipe instances are busy.
2/28/2009 3:15:11 AM, information: Windows File Protection [64016] - Windows File Protection file scan was started.
2/28/2009 4:49:40 AM, information: Windows File Protection [64017] - Windows File Protection file scan completed successfully.

==== End Of File ===========================
  • 0

#154
emeraldnzl
Posted 01 March 2009 - 10:19 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please download ComboFix from one of these locations:

NOTE: If you are guest watching this topic. ComboFix is a very powerful tool. The disclaimer clearly states that you should not use it without supervision. There is good reason for this as ComboFix can, and sometimes does, run into conflict on a computer and render it unusable.

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop

----------------------------------------------------------------------------------------------------------

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

----------------------------------------------------------------------------------------------------------

Open notepad and copy/paste the text in the quotebox below into it:

DDS::
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab


Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt. Please post that here for further review.
  • 0

#155
megadez
Posted 01 March 2009 - 11:24 PM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
ComboFix 09-03-01.01 - Yuriy Horokhivskyy 2009-03-02 0:10:23.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1200 [GMT -5:00]
Running from: c:\documents and settings\Yuriy Horokhivskyy\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Yuriy Horokhivskyy\Desktop\CFScript.txt
AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated)
FW: Symantec Endpoint Protection *disabled*
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-02-02 to 2009-03-02 )))))))))))))))))))))))))))))))
.

2009-02-28 23:13 . 2009-02-28 23:13 <DIR> d-------- C:\_OTMoveIt
2009-02-28 17:16 . 2009-02-28 17:16 <DIR> d-------- C:\rsit
2009-02-28 04:49 . 2008-04-13 19:12 116,224 --a--c--- c:\windows\system32\dllcache\xrxwiadr.dll
2009-02-28 04:49 . 2001-08-17 22:37 27,648 --a--c--- c:\windows\system32\dllcache\xrxftplt.exe
2009-02-28 04:49 . 2001-08-17 22:36 23,040 --a--c--- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-02-28 04:49 . 2008-04-13 19:12 18,944 --a--c--- c:\windows\system32\dllcache\xrxscnui.dll
2009-02-28 04:48 . 2001-08-17 22:37 99,865 --a--c--- c:\windows\system32\dllcache\xlog.exe
2009-02-28 04:48 . 2004-08-03 22:29 19,455 --a--c--- c:\windows\system32\dllcache\wvchntxx.sys
2009-02-28 04:48 . 2001-08-17 12:11 16,970 --a--c--- c:\windows\system32\dllcache\xem336n5.sys
2009-02-28 04:48 . 2004-08-03 22:29 12,063 --a--c--- c:\windows\system32\dllcache\wsiintxx.sys
2009-02-28 04:48 . 2008-04-13 19:12 8,192 --a--c--- c:\windows\system32\dllcache\wshirda.dll
2009-02-28 04:48 . 2001-08-17 22:37 4,608 --a--c--- c:\windows\system32\dllcache\xrxflnch.exe
2009-02-28 04:47 . 2004-08-03 22:31 154,624 --a--c--- c:\windows\system32\dllcache\wlluc48.sys
2009-02-28 04:47 . 2001-08-17 12:12 34,890 --a--c--- c:\windows\system32\dllcache\wlandrv2.sys
2009-02-28 04:47 . 2008-04-13 13:36 8,832 --a--c--- c:\windows\system32\dllcache\wmiacpi.sys
2009-02-28 04:46 . 2001-08-17 13:28 771,581 --a--c--- c:\windows\system32\dllcache\winacisa.sys
2009-02-28 04:46 . 2001-08-17 13:28 701,386 --a--c--- c:\windows\system32\dllcache\wdhaalba.sys
2009-02-28 04:46 . 2001-08-17 22:36 87,040 --a--c--- c:\windows\system32\dllcache\wiafbdrv.dll
2009-02-28 04:46 . 2001-08-17 22:36 53,760 --a--c--- c:\windows\system32\dllcache\wiamsmud.dll
2009-02-28 04:46 . 2008-04-13 13:45 31,744 --a--c--- c:\windows\system32\dllcache\wceusbsh.sys
2009-02-28 04:46 . 2004-08-03 22:29 23,615 --a--c--- c:\windows\system32\dllcache\wch7xxnt.sys
2009-02-28 04:45 . 2001-08-17 12:10 35,871 --a--c--- c:\windows\system32\dllcache\wbfirdma.sys
2009-02-28 04:45 . 2004-08-03 22:29 33,599 --a--c--- c:\windows\system32\dllcache\watv04nt.sys
2009-02-28 04:45 . 2004-08-03 22:29 29,311 --a--c--- c:\windows\system32\dllcache\watv01nt.sys
2009-02-28 04:45 . 2004-08-03 22:29 19,551 --a--c--- c:\windows\system32\dllcache\watv02nt.sys
2009-02-28 04:45 . 2001-08-17 12:13 19,016 --a--c--- c:\windows\system32\dllcache\w926nd.sys
2009-02-28 04:45 . 2001-08-17 12:13 16,925 --a--c--- c:\windows\system32\dllcache\w940nd.sys
2009-02-28 04:45 . 2004-08-03 22:29 12,415 --a--c--- c:\windows\system32\dllcache\wadv01nt.sys
2009-02-28 04:45 . 2004-08-03 22:29 12,127 --a--c--- c:\windows\system32\dllcache\wadv02nt.sys
2009-02-28 04:45 . 2004-08-03 22:29 11,775 --a--c--- c:\windows\system32\dllcache\wadv05nt.sys
2009-02-28 04:44 . 2001-08-17 13:28 604,253 --a--c--- c:\windows\system32\dllcache\vmodem.sys
2009-02-28 04:44 . 2001-08-17 13:28 397,502 --a--c--- c:\windows\system32\dllcache\vpctcom.sys
2009-02-28 04:44 . 2001-08-17 13:28 64,605 --a--c--- c:\windows\system32\dllcache\vvoice.sys
2009-02-28 04:44 . 2001-08-17 12:13 19,528 --a--c--- c:\windows\system32\dllcache\w840nd.sys
2009-02-28 04:43 . 2001-08-17 13:28 765,884 --a--c--- c:\windows\system32\dllcache\usrti.sys
2009-02-28 04:43 . 2001-08-17 13:28 687,999 --a--c--- c:\windows\system32\dllcache\usrwdxjs.sys
2009-02-28 04:43 . 2001-08-17 12:14 249,402 --a--c--- c:\windows\system32\dllcache\vinwm.sys
2009-02-28 04:43 . 2001-08-17 13:28 113,762 --a--c--- c:\windows\system32\dllcache\usrpda.sys
2009-02-28 04:43 . 2001-08-17 13:49 24,576 --a--c--- c:\windows\system32\dllcache\viairda.sys
2009-02-28 04:43 . 2008-04-13 13:40 5,376 --a--c--- c:\windows\system32\dllcache\viaide.sys
2009-02-28 04:42 . 2001-08-17 13:28 794,654 --a--c--- c:\windows\system32\dllcache\usr1801.sys
2009-02-28 04:42 . 2001-08-17 13:28 794,399 --a--c--- c:\windows\system32\dllcache\usr1806v.sys
2009-02-28 04:42 . 2001-08-17 13:28 793,598 --a--c--- c:\windows\system32\dllcache\usr1806.sys
2009-02-28 04:42 . 2001-08-17 13:28 224,802 --a--c--- c:\windows\system32\dllcache\usr1807a.sys
2009-02-28 04:42 . 2001-08-17 13:28 7,556 --a--c--- c:\windows\system32\dllcache\usroslba.sys
2009-02-28 04:41 . 2001-08-17 22:36 94,720 --a--c--- c:\windows\system32\dllcache\umaxud32.dll
2009-02-28 04:41 . 2008-04-13 13:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2009-02-28 04:41 . 2004-08-03 22:31 32,384 --a--c--- c:\windows\system32\dllcache\usb101et.sys
2009-02-28 04:41 . 2001-08-17 22:36 28,160 --a--c--- c:\windows\system32\dllcache\umaxu40.dll
2009-02-28 04:41 . 2001-08-17 22:36 26,624 --a--c--- c:\windows\system32\dllcache\umaxu22.dll
2009-02-28 04:41 . 2008-04-13 13:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2009-02-28 04:41 . 2008-04-13 13:45 17,152 --a--c--- c:\windows\system32\dllcache\usbohci.sys
2009-02-28 04:40 . 2001-08-17 22:36 69,632 --a--c--- c:\windows\system32\dllcache\umaxu12.dll
2009-02-28 04:40 . 2001-08-17 22:36 50,688 --a--c--- c:\windows\system32\dllcache\umaxscan.dll
2009-02-28 04:40 . 2001-08-17 22:36 50,176 --a--c--- c:\windows\system32\dllcache\umaxp60.dll
2009-02-28 04:40 . 2001-08-17 22:36 47,616 --a--c--- c:\windows\system32\dllcache\umaxcam.dll
2009-02-28 04:40 . 2001-08-17 13:58 22,912 --a--c--- c:\windows\system32\dllcache\umaxpcls.sys
2009-02-28 04:39 . 2001-08-17 22:36 216,064 --a--c--- c:\windows\system32\dllcache\um34scan.dll
2009-02-28 04:39 . 2001-08-17 22:36 211,968 --a--c--- c:\windows\system32\dllcache\um54scan.dll
2009-02-28 04:39 . 2001-08-17 12:51 166,784 --a--c--- c:\windows\system32\dllcache\tridxpm.sys
2009-02-28 04:39 . 2001-08-17 13:52 36,736 --a--c--- c:\windows\system32\dllcache\ultra.sys
2009-02-28 04:39 . 2001-08-17 13:48 11,520 --a--c--- c:\windows\system32\dllcache\twotrack.sys
2009-02-28 04:38 . 2001-08-17 22:36 525,568 --a--c--- c:\windows\system32\dllcache\tridxp.dll
2009-02-28 04:38 . 2001-08-17 14:56 440,576 --a--c--- c:\windows\system32\dllcache\tridkb.dll
2009-02-28 04:38 . 2001-08-17 14:56 315,520 --a--c--- c:\windows\system32\dllcache\trid3d.dll
2009-02-28 04:38 . 2001-08-17 12:51 222,336 --a--c--- c:\windows\system32\dllcache\trid3dm.sys
2009-02-28 04:38 . 2001-08-17 12:51 159,232 --a--c--- c:\windows\system32\dllcache\tridkbm.sys
2009-02-28 04:37 . 2008-04-13 19:12 82,944 --a--c--- c:\windows\system32\dllcache\tp4mon.exe
2009-02-28 04:37 . 2001-08-17 22:35 42,496 --a--c--- c:\windows\system32\dllcache\tp4res.dll
2009-02-28 04:37 . 2001-08-17 12:12 34,375 --a--c--- c:\windows\system32\dllcache\tpro4.sys
2009-02-28 04:37 . 2001-08-17 22:36 31,744 --a--c--- c:\windows\system32\dllcache\tp4.dll
2009-02-28 04:37 . 2001-08-17 13:51 4,992 --a--c--- c:\windows\system32\dllcache\toside.sys
2009-02-28 04:36 . 2001-08-17 14:01 241,664 --a--c--- c:\windows\system32\dllcache\tosdvd02.sys
2009-02-28 04:36 . 2001-08-17 14:02 230,912 --a--c--- c:\windows\system32\dllcache\tosdvd03.sys
2009-02-28 04:36 . 2001-08-17 12:51 138,528 --a--c--- c:\windows\system32\dllcache\tgiulnt5.sys
2009-02-28 04:36 . 2001-08-17 12:14 123,995 --a--c--- c:\windows\system32\dllcache\tjisdn.sys
2009-02-28 04:36 . 2001-08-17 12:10 28,232 --a--c--- c:\windows\system32\dllcache\tos4mo.sys
2009-02-28 04:35 . 2008-04-13 13:40 149,376 --a--c--- c:\windows\system32\dllcache\tffsport.sys
2009-02-28 04:35 . 2001-08-17 14:56 81,408 --a--c--- c:\windows\system32\dllcache\tgiul50.dll
2009-02-28 04:35 . 2001-08-17 12:13 37,961 --a--c--- c:\windows\system32\dllcache\tdk100b.sys
2009-02-28 04:35 . 2001-08-17 13:49 30,464 --a--c--- c:\windows\system32\dllcache\tbatm155.sys
2009-02-28 04:35 . 2001-08-17 12:13 17,129 --a--c--- c:\windows\system32\dllcache\tdkcd31.sys
2009-02-28 04:34 . 2001-08-17 14:56 172,768 --a--c--- c:\windows\system32\dllcache\t2r4disp.dll
2009-02-28 04:34 . 2001-08-17 12:50 36,640 --a--c--- c:\windows\system32\dllcache\t2r4mini.sys
2009-02-28 04:34 . 2001-08-17 14:07 32,640 --a--c--- c:\windows\system32\dllcache\symc8xx.sys
2009-02-28 04:34 . 2001-08-17 14:07 16,256 --a--c--- c:\windows\system32\dllcache\symc810.sys
2009-02-28 04:34 . 2001-08-17 13:52 7,040 --a--c--- c:\windows\system32\dllcache\tandqic.sys
2009-02-28 04:33 . 2001-08-17 13:50 103,936 --a--c--- c:\windows\system32\dllcache\sx.sys
2009-02-28 04:33 . 2001-08-17 22:36 94,293 --a--c--- c:\windows\system32\dllcache\sxports.dll
2009-02-28 04:33 . 2001-08-17 14:07 30,688 --a--c--- c:\windows\system32\dllcache\sym_u3.sys
2009-02-28 04:33 . 2001-08-17 14:07 28,384 --a--c--- c:\windows\system32\dllcache\sym_hi.sys
2009-02-28 04:33 . 2001-08-17 22:36 10,240 --a--c--- c:\windows\system32\dllcache\swpidflt.dll
2009-02-28 04:33 . 2001-08-17 14:02 3,968 --a--c--- c:\windows\system32\dllcache\swusbflt.sys
2009-02-28 04:32 . 2001-08-17 22:36 155,648 --a--c--- c:\windows\system32\dllcache\stlnprop.dll
2009-02-28 04:32 . 2001-08-17 22:36 53,760 --a--c--- c:\windows\system32\dllcache\sw_wheel.dll
2009-02-28 04:32 . 2001-08-17 22:36 53,248 --a--c--- c:\windows\system32\dllcache\stlncoin.dll
2009-02-28 04:32 . 2001-08-17 22:36 41,472 --a--c--- c:\windows\system32\dllcache\sw_effct.dll
2009-02-28 04:32 . 2001-08-17 22:36 10,240 --a--c--- c:\windows\system32\dllcache\swpdflt2.dll
2009-02-28 04:31 . 2001-08-17 12:18 285,760 --a--c--- c:\windows\system32\dllcache\stlnata.sys
2009-02-28 04:31 . 2001-08-17 22:36 99,328 --a--c--- c:\windows\system32\dllcache\srusd.dll
2009-02-28 04:31 . 2001-08-17 12:11 48,736 --a--c--- c:\windows\system32\dllcache\srwlnd5.sys
2009-02-28 04:31 . 2001-08-17 22:36 24,660 --a--c--- c:\windows\system32\dllcache\spxupchk.dll
2009-02-28 04:31 . 2001-08-17 13:51 16,896 --a--c--- c:\windows\system32\dllcache\stcusb.sys
2009-02-28 04:30 . 2001-08-17 22:36 106,584 --a--c--- c:\windows\system32\dllcache\spdports.dll
2009-02-28 04:30 . 2001-08-17 13:51 61,824 --a--c--- c:\windows\system32\dllcache\speed.sys
2009-02-28 04:30 . 2001-08-17 12:51 37,040 --a--c--- c:\windows\system32\dllcache\sonypi.sys
2009-02-28 04:30 . 2001-08-17 14:07 19,072 --a--c--- c:\windows\system32\dllcache\sparrow.sys
2009-02-28 04:30 . 2001-08-17 13:56 7,552 --a--c--- c:\windows\system32\dllcache\sonypvu1.sys
2009-02-28 04:29 . 2001-08-17 22:36 114,688 --a--c--- c:\windows\system32\dllcache\sonypi.dll
2009-02-28 04:29 . 2001-08-17 12:51 20,752 --a--c--- c:\windows\system32\dllcache\sonync.sys
2009-02-28 04:29 . 2001-08-17 13:53 9,600 --a--c--- c:\windows\system32\dllcache\sonymc.sys
2009-02-28 04:29 . 2008-04-13 13:40 7,552 --a--c--- c:\windows\system32\dllcache\sonyait.sys
2009-02-28 04:29 . 2001-08-17 13:53 7,040 --a--c--- c:\windows\system32\dllcache\snyaitmc.sys
2009-02-28 04:28 . 2001-08-17 14:56 147,200 --a--c--- c:\windows\system32\dllcache\smidispb.dll
2009-02-28 04:28 . 2001-08-17 12:51 58,368 --a--c--- c:\windows\system32\dllcache\smiminib.sys
2009-02-28 04:28 . 2001-08-17 12:10 35,913 --a--c--- c:\windows\system32\dllcache\smcirda.sys
2009-02-28 04:28 . 2001-08-17 12:12 25,034 --a--c--- c:\windows\system32\dllcache\smcpwr2n.sys
2009-02-28 04:28 . 2001-08-17 12:12 24,576 --a--c--- c:\windows\system32\dllcache\smc8000n.sys
2009-02-28 04:28 . 2001-08-17 13:57 6,784 --a--c--- c:\windows\system32\dllcache\smbhc.sys
2009-02-28 04:27 . 2001-08-17 22:36 45,568 --a--c--- c:\windows\system32\dllcache\smb3w.dll
2009-02-28 04:27 . 2001-08-17 22:36 33,792 --a--c--- c:\windows\system32\dllcache\smb0w.dll
2009-02-28 04:27 . 2001-08-17 22:36 28,672 --a--c--- c:\windows\system32\dllcache\sma0w.dll
2009-02-28 04:27 . 2001-08-17 22:36 28,160 --a--c--- c:\windows\system32\dllcache\sm91w.dll
2009-02-28 04:27 . 2008-04-13 13:36 16,000 --a--c--- c:\windows\system32\dllcache\smbbatt.sys
2009-02-28 04:27 . 2008-04-13 13:36 6,912 --a--c--- c:\windows\system32\dllcache\smbclass.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-02 04:57 --------- d-----w c:\documents and settings\Yuriy Horokhivskyy\Application Data\Skype
2009-03-02 04:19 --------- d-----w c:\documents and settings\Yuriy Horokhivskyy\Application Data\foobar2000
2009-02-28 06:35 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems
2009-02-28 06:34 --------- d-----w c:\documents and settings\Yuriy Horokhivskyy\Application Data\uTorrent
2009-02-28 03:07 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-22 00:07 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-21 23:58 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-17 04:46 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-02-17 04:43 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-14 18:20 --------- d-----w c:\program files\Opera
2009-02-12 07:07 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-24 01:29 --------- d-----w c:\program files\mp3DirectCut
2009-01-21 01:44 149,760 ----a-w c:\windows\system32\drivers\WpsHelper.sys
2009-01-17 22:00 --------- d-----w c:\program files\Google
2009-01-17 02:21 --------- d-----w c:\program files\Common Files\Macrovision Shared
2009-01-17 02:21 --------- d-----w c:\program files\Common Files\Adobe
2009-01-15 16:51 --------- d-----w c:\program files\Apple Software Update
2009-01-15 16:51 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-01-10 00:26 --------- d-----w c:\program files\EPSON
2009-01-09 07:10 --------- d-----w c:\documents and settings\Yuriy Horokhivskyy\Application Data\Apple Computer
2009-01-07 21:37 --------- d-----w c:\documents and settings\Yuriy Horokhivskyy\Application Data\dvdcss
2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr
2009-01-05 01:31 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01000_Coinstaller_Critical.Wdf
2009-01-05 01:31 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-01-05 01:27 --------- d-----w c:\program files\Synaptics
2009-01-04 18:28 --------- d-----w c:\program files\Java
2009-01-03 18:58 --------- d-----w c:\program files\My Skype Pictures
2009-01-02 01:53 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-01-02 00:54 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-02 00:53 805 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-02 00:53 60,800 ----a-w c:\windows\system32\S32EVNT1.DLL
2009-01-02 00:53 123,952 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-02 00:53 10,563 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-02 00:53 --------- d-----w c:\program files\Symantec
2008-12-20 23:15 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-17 05:12 356,352 ----a-w c:\windows\eSellerateEngine.dll
2008-12-11 04:36 29,480 ----a-w c:\windows\system32\msxml3a.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]
"PoivY"="c:\program files\PoivY.com\PoivY\PoivY.exe" [2008-09-26 9102112]
"EPSON Stylus CX4600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE" [2004-03-04 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-11-01 1392640]
"EPSON Stylus CX4600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE" [2004-03-04 98304]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"Lingvo Launcher"="c:\program files\ABBYY Lingvo x3\LvAgent.exe" [2008-07-16 1029408]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-08-14 115560]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-06-06 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-06-06 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-06-06 118784]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-16 136600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe"=
"c:\\Documents and Settings\\Yuriy Horokhivskyy\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Yuriy Horokhivskyy\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\SoundSpectrum\\G-Force\\G-Force Standalone.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Yuriy Horokhivskyy\\Desktop\\Soft\\Connection\\utorrent.exe"=
"c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"=
"c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"=
"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [2007-11-03 00:12:32 41456]
R2 ABBYY.Licensing.Lingvo.Desktop.14.0;ABBYY Lingvo x3 Licensing Service;c:\program files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe [2008-07-14 808224]
R2 PD91Agent;PD91Agent;c:\program files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-01-16 664840]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-25 101936]
S1 vdmymjk3;AVZ-BC Kernel Driver;\??\c:\windows\system32\Drivers\vdmymjk3.sys --> c:\windows\system32\Drivers\vdmymjk3.sys [?]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888]
S3 PD91Engine;PD91Engine;c:\program files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-01-16 894216]
.
Contents of the 'Scheduled Tasks' folder

2009-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1303643608-1801674531-1004.job
- c:\documents and settings\Yuriy Horokhivskyy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe []

2009-03-02 c:\windows\Tasks\User_Feed_Synchronization-{93B4AC6B-79E9-412B-8F86-2DE3E5F14F95}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 18:36]
.
.
------- Supplementary Scan -------
.
uStart Page =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: {9F917EED-07A2-43F2-B2EE-DDD93B0857B7} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\Yuriy Horokhivskyy\Application Data\Mozilla\Firefox\Profiles\sos6lio5.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\documents and settings\Yuriy Horokhivskyy\Application Data\Mozilla\Firefox\Profiles\sos6lio5.default\extensions\[email protected]\components\coolirisstub.dll
FF - plugin: c:\documents and settings\Yuriy Horokhivskyy\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-02 00:14:49
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1764)
c:\windows\System32\BCMLogon.dll
c:\windows\system32\igfxdev.dll
.
Completion time: 2009-03-02 0:18:32
ComboFix-quarantined-files.txt 2009-03-02 05:18:19

Pre-Run: 6,665,564,160 bytes free
Post-Run: 6,724,063,232 bytes free

284 --- E O F --- 2009-02-26 07:04:42
  • 0

#156
megadez
Posted 02 March 2009 - 12:13 AM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
I think I had a redirect

but!

I have to admit that something definitely changed after combofix. My computer became much more responsive.
It concerns both browsing, navigating quickly on the long page (like one on this forum), opening Microsoft Office
documents, navigating inside a big excel file. That's what I noticed right away. What was the matter? Is it something
due to mishap/virus/malware or some known issue I better be aware of in the future/working on other computers?
  • 0

#157
emeraldnzl
Posted 02 March 2009 - 12:14 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

What was the matter?


Hopefully we removed a couple of activex items that are usually legitmate but can also be used by malware.

Lets just check on that.
  • Double click dds.scr to run the tool.
  • When done, DDS.txt will open.
  • Save the report to your desktop.
Post the report back here.
  • 0

#158
megadez
Posted 02 March 2009 - 12:22 PM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
So yes, it helped computer in general but redirects remain immune to our efforts.

DDS (Ver_09-02-01.01) - NTFSx86
Run by Yuriy Horokhivskyy at 13:18:50.29 on Mon 03/02/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.928 [GMT -5:00]

AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated)
FW: Symantec Endpoint Protection *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\ABBYY Lingvo x3\LvAgent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PoivY.com\PoivY\PoivY.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ABBYY Lingvo x3\Lingvo.exe
C:\Documents and Settings\Yuriy Horokhivskyy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Yuriy Horokhivskyy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Yuriy Horokhivskyy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Yuriy Horokhivskyy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Yuriy Horokhivskyy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Yuriy Horokhivskyy\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [PoivY] "c:\program files\poivy.com\poivy\PoivY.exe" -nosplash -minimized
uRun: [EPSON Stylus CX4600 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /M "Stylus CX4600" /EF "HKCU"
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [EPSON Stylus CX4600 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"
mRun: [Lingvo Launcher] "c:\program files\abbyy lingvo x3\LvAgent.exe" /STARTUP
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1227683328000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
TCP: {9F917EED-07A2-43F2-B2EE-DDD93B0857B7} = 208.67.222.222,208.67.220.220
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\yuriyh~1\applic~1\mozilla\firefox\profiles\sos6lio5.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\documents and settings\yuriy horokhivskyy\application data\mozilla\firefox\profiles\sos6lio5.default\extensions\[email protected]\components\coolirisstub.dll
FF - plugin: c:\documents and settings\yuriy horokhivskyy\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

============= SERVICES / DRIVERS ===============

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-2-25 101936]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090301.024\NAVENG.SYS [2009-3-1 89104]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090301.024\NAVEX15.SYS [2009-3-1 876144]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]

=============== Created Last 30 ================

2009-03-02 00:09 161,792 a------- c:\windows\SWREG.exe
2009-03-02 00:09 98,816 a------- c:\windows\sed.exe
2009-02-28 23:13 <DIR> --d----- C:\_OTMoveIt
2009-02-28 04:49 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll
2009-02-28 04:49 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll
2009-02-28 04:49 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll
2009-02-28 04:49 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe
2009-02-28 04:48 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe
2009-02-28 04:48 99,865 ac------ c:\windows\system32\dllcache\xlog.exe
2009-02-28 04:48 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys
2009-02-28 04:48 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys
2009-02-28 04:48 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys
2009-02-28 04:48 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-02-28 04:47 8,832 ac------ c:\windows\system32\dllcache\wmiacpi.sys
2009-02-28 04:47 154,624 ac------ c:\windows\system32\dllcache\wlluc48.sys
2009-02-28 04:47 34,890 ac------ c:\windows\system32\dllcache\wlandrv2.sys
2009-02-28 04:46 771,581 ac------ c:\windows\system32\dllcache\winacisa.sys
2009-02-28 04:46 53,760 ac------ c:\windows\system32\dllcache\wiamsmud.dll
2009-02-28 04:46 87,040 ac------ c:\windows\system32\dllcache\wiafbdrv.dll
2009-02-28 04:46 701,386 ac------ c:\windows\system32\dllcache\wdhaalba.sys
2009-02-28 04:46 23,615 ac------ c:\windows\system32\dllcache\wch7xxnt.sys
2009-02-28 04:46 31,744 ac------ c:\windows\system32\dllcache\wceusbsh.sys
2009-02-28 04:45 35,871 ac------ c:\windows\system32\dllcache\wbfirdma.sys
2009-02-28 04:45 33,599 ac------ c:\windows\system32\dllcache\watv04nt.sys
2009-02-28 04:45 19,551 ac------ c:\windows\system32\dllcache\watv02nt.sys
2009-02-28 04:45 29,311 ac------ c:\windows\system32\dllcache\watv01nt.sys
2009-02-28 04:45 11,775 ac------ c:\windows\system32\dllcache\wadv05nt.sys
2009-02-28 04:45 12,127 ac------ c:\windows\system32\dllcache\wadv02nt.sys
2009-02-28 04:45 12,415 ac------ c:\windows\system32\dllcache\wadv01nt.sys
2009-02-28 04:45 16,925 ac------ c:\windows\system32\dllcache\w940nd.sys
2009-02-28 04:45 19,016 ac------ c:\windows\system32\dllcache\w926nd.sys
2009-02-28 04:44 19,528 ac------ c:\windows\system32\dllcache\w840nd.sys
2009-02-28 04:44 64,605 ac------ c:\windows\system32\dllcache\vvoice.sys
2009-02-28 04:44 397,502 ac------ c:\windows\system32\dllcache\vpctcom.sys
2009-02-28 04:44 604,253 ac------ c:\windows\system32\dllcache\vmodem.sys
2009-02-28 04:43 249,402 ac------ c:\windows\system32\dllcache\vinwm.sys
2009-02-28 04:43 24,576 ac------ c:\windows\system32\dllcache\viairda.sys
2009-02-28 04:43 5,376 ac------ c:\windows\system32\dllcache\viaide.sys
2009-02-28 04:43 687,999 ac------ c:\windows\system32\dllcache\usrwdxjs.sys
2009-02-28 04:43 765,884 ac------ c:\windows\system32\dllcache\usrti.sys
2009-02-28 04:43 113,762 ac------ c:\windows\system32\dllcache\usrpda.sys
2009-02-28 04:42 7,556 ac------ c:\windows\system32\dllcache\usroslba.sys
2009-02-28 04:42 224,802 ac------ c:\windows\system32\dllcache\usr1807a.sys
2009-02-28 04:42 794,399 ac------ c:\windows\system32\dllcache\usr1806v.sys
2009-02-28 04:42 793,598 ac------ c:\windows\system32\dllcache\usr1806.sys
2009-02-28 04:42 794,654 ac------ c:\windows\system32\dllcache\usr1801.sys
2009-02-28 04:41 26,112 ac------ c:\windows\system32\dllcache\usbser.sys
2009-02-28 04:41 17,152 ac------ c:\windows\system32\dllcache\usbohci.sys
2009-02-28 04:41 60,032 ac------ c:\windows\system32\dllcache\usbaudio.sys
2009-02-28 04:41 32,384 ac------ c:\windows\system32\dllcache\usb101et.sys
2009-02-28 04:41 94,720 ac------ c:\windows\system32\dllcache\umaxud32.dll
2009-02-28 04:41 28,160 ac------ c:\windows\system32\dllcache\umaxu40.dll
2009-02-28 04:41 26,624 ac------ c:\windows\system32\dllcache\umaxu22.dll
2009-02-28 04:40 69,632 ac------ c:\windows\system32\dllcache\umaxu12.dll
2009-02-28 04:40 50,688 ac------ c:\windows\system32\dllcache\umaxscan.dll
2009-02-28 04:40 22,912 ac------ c:\windows\system32\dllcache\umaxpcls.sys
2009-02-28 04:40 50,176 ac------ c:\windows\system32\dllcache\umaxp60.dll
2009-02-28 04:40 47,616 ac------ c:\windows\system32\dllcache\umaxcam.dll
2009-02-28 04:39 211,968 ac------ c:\windows\system32\dllcache\um54scan.dll
2009-02-28 04:39 216,064 ac------ c:\windows\system32\dllcache\um34scan.dll
2009-02-28 04:39 36,736 ac------ c:\windows\system32\dllcache\ultra.sys
2009-02-28 04:39 11,520 ac------ c:\windows\system32\dllcache\twotrack.sys
2009-02-28 04:39 166,784 ac------ c:\windows\system32\dllcache\tridxpm.sys
2009-02-28 04:38 525,568 ac------ c:\windows\system32\dllcache\tridxp.dll
2009-02-28 04:38 159,232 ac------ c:\windows\system32\dllcache\tridkbm.sys
2009-02-28 04:38 440,576 ac------ c:\windows\system32\dllcache\tridkb.dll
2009-02-28 04:38 222,336 ac------ c:\windows\system32\dllcache\trid3dm.sys
2009-02-28 04:38 315,520 ac------ c:\windows\system32\dllcache\trid3d.dll
2009-02-28 04:37 34,375 ac------ c:\windows\system32\dllcache\tpro4.sys
2009-02-28 04:37 42,496 ac------ c:\windows\system32\dllcache\tp4res.dll
2009-02-28 04:37 82,944 ac------ c:\windows\system32\dllcache\tp4mon.exe
2009-02-28 04:37 31,744 ac------ c:\windows\system32\dllcache\tp4.dll
2009-02-28 04:37 4,992 ac------ c:\windows\system32\dllcache\toside.sys
2009-02-28 04:36 230,912 ac------ c:\windows\system32\dllcache\tosdvd03.sys
2009-02-28 04:36 241,664 ac------ c:\windows\system32\dllcache\tosdvd02.sys
2009-02-28 04:36 28,232 ac------ c:\windows\system32\dllcache\tos4mo.sys
2009-02-28 04:36 123,995 ac------ c:\windows\system32\dllcache\tjisdn.sys
2009-02-28 04:36 138,528 ac------ c:\windows\system32\dllcache\tgiulnt5.sys
2009-02-28 04:35 81,408 ac------ c:\windows\system32\dllcache\tgiul50.dll
2009-02-28 04:35 149,376 ac------ c:\windows\system32\dllcache\tffsport.sys
2009-02-28 04:35 17,129 ac------ c:\windows\system32\dllcache\tdkcd31.sys
2009-02-28 04:35 37,961 ac------ c:\windows\system32\dllcache\tdk100b.sys
2009-02-28 04:35 30,464 ac------ c:\windows\system32\dllcache\tbatm155.sys
2009-02-28 04:34 7,040 ac------ c:\windows\system32\dllcache\tandqic.sys
2009-02-28 04:34 36,640 ac------ c:\windows\system32\dllcache\t2r4mini.sys
2009-02-28 04:34 172,768 ac------ c:\windows\system32\dllcache\t2r4disp.dll
2009-02-28 04:34 32,640 ac------ c:\windows\system32\dllcache\symc8xx.sys
2009-02-28 04:34 16,256 ac------ c:\windows\system32\dllcache\symc810.sys
2009-02-28 04:33 30,688 ac------ c:\windows\system32\dllcache\sym_u3.sys
2009-02-28 04:33 28,384 ac------ c:\windows\system32\dllcache\sym_hi.sys
2009-02-28 04:33 94,293 ac------ c:\windows\system32\dllcache\sxports.dll
2009-02-28 04:33 103,936 ac------ c:\windows\system32\dllcache\sx.sys
2009-02-28 04:33 3,968 ac------ c:\windows\system32\dllcache\swusbflt.sys
2009-02-28 04:33 10,240 ac------ c:\windows\system32\dllcache\swpidflt.dll
2009-02-28 04:32 10,240 ac------ c:\windows\system32\dllcache\swpdflt2.dll
2009-02-28 04:32 53,760 ac------ c:\windows\system32\dllcache\sw_wheel.dll
2009-02-28 04:32 41,472 ac------ c:\windows\system32\dllcache\sw_effct.dll
2009-02-28 04:32 155,648 ac------ c:\windows\system32\dllcache\stlnprop.dll
2009-02-28 04:32 53,248 ac------ c:\windows\system32\dllcache\stlncoin.dll
2009-02-28 04:31 285,760 ac------ c:\windows\system32\dllcache\stlnata.sys
2009-02-28 04:31 16,896 ac------ c:\windows\system32\dllcache\stcusb.sys
2009-02-28 04:31 48,736 ac------ c:\windows\system32\dllcache\srwlnd5.sys
2009-02-28 04:31 99,328 ac------ c:\windows\system32\dllcache\srusd.dll
2009-02-28 04:31 24,660 ac------ c:\windows\system32\dllcache\spxupchk.dll
2009-02-28 04:30 61,824 ac------ c:\windows\system32\dllcache\speed.sys
2009-02-28 04:30 106,584 ac------ c:\windows\system32\dllcache\spdports.dll
2009-02-28 04:30 19,072 ac------ c:\windows\system32\dllcache\sparrow.sys
2009-02-28 04:30 7,552 ac------ c:\windows\system32\dllcache\sonypvu1.sys
2009-02-28 04:30 37,040 ac------ c:\windows\system32\dllcache\sonypi.sys
2009-02-28 04:29 114,688 ac------ c:\windows\system32\dllcache\sonypi.dll
2009-02-28 04:29 20,752 ac------ c:\windows\system32\dllcache\sonync.sys
2009-02-28 04:29 9,600 ac------ c:\windows\system32\dllcache\sonymc.sys
2009-02-28 04:29 7,552 ac------ c:\windows\system32\dllcache\sonyait.sys
2009-02-28 04:29 7,040 ac------ c:\windows\system32\dllcache\snyaitmc.sys
2009-02-28 04:28 58,368 ac------ c:\windows\system32\dllcache\smiminib.sys
2009-02-28 04:28 147,200 ac------ c:\windows\system32\dllcache\smidispb.dll
2009-02-28 04:28 25,034 ac------ c:\windows\system32\dllcache\smcpwr2n.sys
2009-02-28 04:28 35,913 ac------ c:\windows\system32\dllcache\smcirda.sys
2009-02-28 04:28 24,576 ac------ c:\windows\system32\dllcache\smc8000n.sys
2009-02-28 04:28 6,784 ac------ c:\windows\system32\dllcache\smbhc.sys
2009-02-28 04:27 6,912 ac------ c:\windows\system32\dllcache\smbclass.sys
2009-02-28 04:27 16,000 ac------ c:\windows\system32\dllcache\smbbatt.sys
2009-02-28 04:27 45,568 ac------ c:\windows\system32\dllcache\smb3w.dll
2009-02-28 04:27 33,792 ac------ c:\windows\system32\dllcache\smb0w.dll
2009-02-28 04:27 28,672 ac------ c:\windows\system32\dllcache\sma0w.dll
2009-02-28 04:27 28,160 ac------ c:\windows\system32\dllcache\sm91w.dll
2009-02-28 04:26 63,547 ac------ c:\windows\system32\dllcache\sla30nd5.sys
2009-02-28 04:26 91,294 ac------ c:\windows\system32\dllcache\skfpwin.sys
2009-02-28 04:26 94,698 ac------ c:\windows\system32\dllcache\sk98xwin.sys
2009-02-28 04:26 157,696 ac------ c:\windows\system32\dllcache\sisv256.dll
2009-02-28 04:26 50,432 ac------ c:\windows\system32\dllcache\sisv.sys
2009-02-28 04:26 32,768 ac------ c:\windows\system32\dllcache\sisnic.sys
2009-02-28 04:25 238,592 ac------ c:\windows\system32\dllcache\sisgrv.dll
2009-02-28 04:25 104,064 ac------ c:\windows\system32\dllcache\sisgrp.sys
2009-02-28 04:25 150,144 ac------ c:\windows\system32\dllcache\sis6306v.dll
2009-02-28 04:25 68,608 ac------ c:\windows\system32\dllcache\sis6306p.sys
2009-02-28 04:25 252,032 ac------ c:\windows\system32\dllcache\sis300iv.dll
2009-02-28 04:25 101,760 ac------ c:\windows\system32\dllcache\sis300ip.sys
2009-02-28 04:24 161,568 ac------ c:\windows\system32\dllcache\sgsmusb.sys
2009-02-28 04:24 18,400 ac------ c:\windows\system32\dllcache\sgsmld.sys
2009-02-28 04:24 98,080 ac------ c:\windows\system32\dllcache\sgiulnt5.sys
2009-02-28 04:24 386,560 ac------ c:\windows\system32\dllcache\sgiul50.dll
2009-02-28 04:23 36,480 ac------ c:\windows\system32\dllcache\sfmanm.sys
2009-02-28 04:23 6,784 ac------ c:\windows\system32\dllcache\serscan.sys
2009-02-28 04:23 17,664 ac------ c:\windows\system32\dllcache\sermouse.sys
2009-02-28 04:23 6,912 ac------ c:\windows\system32\dllcache\seaddsmc.sys
2009-02-28 04:23 11,520 ac------ c:\windows\system32\dllcache\scsiscan.sys
2009-02-28 04:23 11,648 ac------ c:\windows\system32\dllcache\scsiprnt.sys
2009-02-28 04:22 17,280 ac------ c:\windows\system32\dllcache\scr111.sys
2009-02-28 04:22 16,640 ac------ c:\windows\system32\dllcache\scmstcs.sys
2009-02-28 04:22 23,936 ac------ c:\windows\system32\dllcache\sccmusbm.sys
2009-02-28 04:22 23,936 ac------ c:\windows\system32\dllcache\sccmn50m.sys
2009-02-28 04:22 43,904 ac------ c:\windows\system32\dllcache\sbp2port.sys
2009-02-28 04:22 495,616 ac------ c:\windows\system32\dllcache\sblfx.dll
2009-02-28 04:21 75,392 ac------ c:\windows\system32\dllcache\s3savmxm.sys
2009-02-28 04:21 245,632 ac------ c:\windows\system32\dllcache\s3savmx.dll
2009-02-28 04:21 77,824 ac------ c:\windows\system32\dllcache\s3sav4m.sys
2009-02-28 04:21 198,400 ac------ c:\windows\system32\dllcache\s3sav4.dll
2009-02-28 04:21 61,504 ac------ c:\windows\system32\dllcache\s3sav3dm.sys
2009-02-28 04:20 179,264 ac------ c:\windows\system32\dllcache\s3sav3d.dll
2009-02-28 04:20 210,496 ac------ c:\windows\system32\dllcache\s3mvirge.dll
2009-02-28 04:20 62,496 ac------ c:\windows\system32\dllcache\s3mtrio.dll
2009-02-28 04:20 41,216 ac------ c:\windows\system32\dllcache\s3mt3d.sys
2009-02-28 04:20 182,272 ac------ c:\windows\system32\dllcache\s3mt3d.dll
2009-02-28 04:20 166,720 ac------ c:\windows\system32\dllcache\s3m.sys
2009-02-28 04:19 65,664 ac------ c:\windows\system32\dllcache\s3legacy.sys
2009-02-28 04:19 82,432 ac------ c:\windows\system32\dllcache\rwia450.dll
2009-02-28 04:19 79,872 ac------ c:\windows\system32\dllcache\rwia430.dll
2009-02-28 04:19 29,696 ac------ c:\windows\system32\dllcache\rw450ext.dll
2009-02-28 04:19 27,648 ac------ c:\windows\system32\dllcache\rw430ext.dll
2009-02-28 04:19 20,992 ac------ c:\windows\system32\dllcache\rtl8139.sys
2009-02-28 04:19 19,017 ac------ c:\windows\system32\dllcache\rtl8029.sys
2009-02-28 04:18 30,720 ac------ c:\windows\system32\dllcache\rthwcls.sys
2009-02-28 04:18 9,216 ac------ c:\windows\system32\dllcache\rsmgrstr.dll
2009-02-28 04:18 3,840 ac------ c:\windows\system32\dllcache\rpfun.sys
2009-02-28 04:18 79,104 ac------ c:\windows\system32\dllcache\rocket.sys
2009-02-28 04:18 37,563 ac------ c:\windows\system32\dllcache\rlnet5.sys
2009-02-28 04:18 86,097 ac------ c:\windows\system32\dllcache\reslog32.dll
2009-02-28 04:17 19,584 ac------ c:\windows\system32\dllcache\rasirda.sys
2009-02-28 04:17 714,762 ac------ c:\windows\system32\dllcache\r2mdmkxx.sys
2009-02-28 04:17 899,146 ac------ c:\windows\system32\dllcache\r2mdkxga.sys
2009-02-28 04:17 41,472 ac------ c:\windows\system32\dllcache\qvusd.dll
2009-02-28 04:17 3,328 ac------ c:\windows\system32\dllcache\qv2kux.sys
2009-02-28 04:16 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys
2009-02-28 04:16 40,448 ac------ c:\windows\system32\dllcache\ql1240.sys
2009-02-28 04:16 45,312 ac------ c:\windows\system32\dllcache\ql12160.sys
2009-02-28 04:16 33,152 ac------ c:\windows\system32\dllcache\ql10wnt.sys
2009-02-28 04:16 40,320 ac------ c:\windows\system32\dllcache\ql1080.sys
2009-02-28 04:15 6,016 ac------ c:\windows\system32\dllcache\qic157.sys
2009-02-28 04:15 130,942 ac------ c:\windows\system32\dllcache\ptserlv.sys
2009-02-28 04:15 112,574 ac------ c:\windows\system32\dllcache\ptserlp.sys
2009-02-28 04:15 128,286 ac------ c:\windows\system32\dllcache\ptserli.sys
2009-02-28 04:15 159,232 ac------ c:\windows\system32\dllcache\ptpusd.dll
2009-02-28 04:15 5,632 ac------ c:\windows\system32\dllcache\ptpusb.dll
2009-02-28 04:15 33,280 ac------ c:\windows\system32\dllcache\psisrndr.ax
2009-02-28 04:15 35,328 ac------ c:\windows\system32\dllcache\psisload.dll
2009-02-28 04:14 363,520 ac------ c:\windows\system32\dllcache\psisdecd.dll
2009-02-28 04:14 16,128 ac------ c:\windows\system32\dllcache\pscr.sys
2009-02-28 04:14 17,664 ac------ c:\windows\system32\dllcache\ppa3.sys
2009-02-28 04:14 17,792 ac------ c:\windows\system32\dllcache\ppa.sys
2009-02-28 04:14 8,832 ac------ c:\windows\system32\dllcache\powerfil.sys
2009-02-28 04:14 7,168 ac------ c:\windows\system32\dllcache\pnrmc.sys
2009-02-28 04:13 121,344 ac------ c:\windows\system32\dllcache\phvfwext.dll
2009-02-28 04:13 19,840 ac------ c:\windows\system32\dllcache\philtune.sys
2009-02-28 04:13 92,416 ac------ c:\windows\system32\dllcache\phildec.sys
2009-02-28 04:13 173,696 ac------ c:\windows\system32\dllcache\philcam2.sys
2009-02-28 04:13 75,776 ac------ c:\windows\system32\dllcache\philcam1.sys
2009-02-28 04:13 16,384 ac------ c:\windows\system32\dllcache\philcam1.dll
2009-02-28 04:12 105,984 ac------ c:\windows\system32\dllcache\phdsext.ax
2009-02-28 04:12 259,328 ac------ c:\windows\system32\dllcache\perm3dd.dll
2009-02-28 04:12 28,032 ac------ c:\windows\system32\dllcache\perm3.sys
2009-02-28 04:12 211,584 ac------ c:\windows\system32\dllcache\perm2dll.dll
2009-02-28 04:12 27,904 ac------ c:\windows\system32\dllcache\perm2.sys
2009-02-28 04:12 5,504 ac------ c:\windows\system32\dllcache\perc2hib.sys
2009-02-28 04:12 27,296 ac------ c:\windows\system32\dllcache\perc2.sys
2009-02-28 04:12 169,984 ac------ c:\windows\system32\dllcache\pcx500.sys
2009-02-28 04:12 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe
2009-02-28 04:11 35,328 ac------ c:\windows\system32\dllcache\pcntpci5.sys
2009-02-28 04:11 29,769 ac------ c:\windows\system32\dllcache\pcntn5m.sys
2009-02-28 04:11 30,282 ac------ c:\windows\system32\dllcache\pcntn5hl.sys
2009-02-28 04:11 26,153 ac------ c:\windows\system32\dllcache\pcmlm56.sys
2009-02-28 04:11 29,502 ac------ c:\windows\system32\dllcache\pca200e.sys
2009-02-28 04:11 30,495 ac------ c:\windows\system32\dllcache\pc100nds.sys
2009-02-28 04:10 41,984 ac------ c:\windows\system32\dllcache\ovui2rc.dll
2009-02-28 04:10 44,544 ac------ c:\windows\system32\dllcache\ovui2.dll
2009-02-28 04:10 25,216 ac------ c:\windows\system32\dllcache\ovsound2.sys
2009-02-28 04:10 39,424 ac------ c:\windows\system32\dllcache\ovcoms.exe
2009-02-28 04:10 20,480 ac------ c:\windows\system32\dllcache\ovcomc.dll
2009-02-28 04:10 351,616 ac------ c:\windows\system32\dllcache\ovcodek2.sys
2009-02-28 04:09 116,736 ac------ c:\windows\system32\dllcache\ovcodec2.dll
2009-02-28 04:09 31,872 ac------ c:\windows\system32\dllcache\ovce.sys
2009-02-28 04:09 28,032 ac------ c:\windows\system32\dllcache\ovcd.sys
2009-02-28 04:09 48,000 ac------ c:\windows\system32\dllcache\ovcam2.sys
2009-02-28 04:09 25,088 ac------ c:\windows\system32\dllcache\ovca.sys
2009-02-28 04:09 54,186 ac------ c:\windows\system32\dllcache\otcsercb.sys
2009-02-28 04:08 43,689 ac------ c:\windows\system32\dllcache\otceth5.sys
2009-02-28 04:08 27,209 ac------ c:\windows\system32\dllcache\otc06x5.sys
2009-02-28 04:08 54,528 ac------ c:\windows\system32\dllcache\opl3sax.sys
2009-02-28 04:08 61,696 ac------ c:\windows\system32\dllcache\ohci1394.sys
2009-02-28 04:08 198,144 ac------ c:\windows\system32\dllcache\nv3.sys
2009-02-28 04:08 123,776 ac------ c:\windows\system32\dllcache\nv3.dll
2009-02-28 04:07 51,552 ac------ c:\windows\system32\dllcache\ntgrip.sys
2009-02-28 04:07 9,344 ac------ c:\windows\system32\dllcache\ntapm.sys
2009-02-28 04:07 7,552 ac------ c:\windows\system32\dllcache\nsmmc.sys
2009-02-28 04:07 28,672 ac------ c:\windows\system32\dllcache\nscirda.sys
2009-02-28 04:07 87,040 ac------ c:\windows\system32\dllcache\nm6wdm.sys
2009-02-28 04:07 126,080 ac------ c:\windows\system32\dllcache\nm5a2wdm.sys
2009-02-28 04:06 32,840 ac------ c:\windows\system32\dllcache\ngrpci.sys
2009-02-28 04:06 132,695 ac------ c:\windows\system32\dllcache\netwlan5.sys
2009-02-28 04:06 65,278 ac------ c:\windows\system32\dllcache\netflx3.sys
2009-02-28 04:06 39,264 ac------ c:\windows\system32\dllcache\neo20xx.sys
2009-02-28 04:06 60,480 ac------ c:\windows\system32\dllcache\neo20xx.dll
2009-02-28 04:06 15,872 ac------ c:\windows\system32\dllcache\ne2000.sys
2009-02-28 04:05 91,488 ac------ c:\windows\system32\dllcache\n9i3disp.dll
2009-02-28 04:05 27,936 ac------ c:\windows\system32\dllcache\n9i3d.sys
2009-02-28 04:05 33,088 ac------ c:\windows\system32\dllcache\n9i128v2.sys
2009-02-28 04:05 59,104 ac------ c:\windows\system32\dllcache\n9i128v2.dll
2009-02-28 04:05 13,664 ac------ c:\windows\system32\dllcache\n9i128.sys
2009-02-28 04:05 35,392 ac------ c:\windows\system32\dllcache\n9i128.dll
2009-02-28 04:04 128,000 ac------ c:\windows\system32\dllcache\n100325.sys
2009-02-28 04:04 52,255 ac------ c:\windows\system32\dllcache\n1000nt5.sys
2009-02-28 04:04 75,520 ac------ c:\windows\system32\dllcache\mxport.sys
2009-02-28 04:04 7,168 ac------ c:\windows\system32\dllcache\mxport.dll
2009-02-28 04:04 19,968 ac------ c:\windows\system32\dllcache\mxnic.sys
2009-02-28 04:04 19,968 ac------ c:\windows\system32\dllcache\mxicfg.dll
2009-02-28 04:04 21,888 ac------ c:\windows\system32\dllcache\mxcard.sys
2009-02-28 04:03 103,296 ac------ c:\windows\system32\dllcache\mtxvideo.sys
2009-02-28 04:03 49,024 ac------ c:\windows\system32\dllcache\mstape.sys
2009-02-28 04:03 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys
2009-02-28 04:03 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys
2009-02-28 04:03 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys
2009-02-28 04:02 35,200 ac------ c:\windows\system32\dllcache\msgame.sys
2009-02-28 04:02 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys
2009-02-28 04:02 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax
2009-02-28 04:02 51,200 ac------ c:\windows\system32\dllcache\msdv.sys
2009-02-28 04:02 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys
2009-02-28 04:02 15,232 ac------ c:\windows\system32\dllcache\mpe.sys
2009-02-28 04:01 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys
2009-02-28 04:01 6,528 ac------ c:\windows\system32\dllcache\miniqic.sys
2009-02-28 04:01 320,384 ac------ c:\windows\system32\dllcache\mgaum.sys
2009-02-28 04:01 235,648 ac------ c:\windows\system32\dllcache\mgaud.dll
2009-02-28 04:01 26,112 ac------ c:\windows\system32\dllcache\memstpci.sys
2009-02-28 04:00 47,616 ac------ c:\windows\system32\dllcache\memgrp.dll
2009-02-28 04:00 8,320 ac------ c:\windows\system32\dllcache\memcard.sys
2009-02-28 04:00 164,586 ac------ c:\windows\system32\dllcache\mdgndis5.sys
2009-02-28 04:00 7,424 ac------ c:\windows\system32\dllcache\mammoth.sys
2009-02-28 04:00 48,768 ac------ c:\windows\system32\dllcache\maestro.sys
2009-02-28 03:59 58,880 ac------ c:\windows\system32\dllcache\m3092dc.dll
2009-02-28 03:59 58,368 ac------ c:\windows\system32\dllcache\m3091dc.dll
2009-02-28 03:59 22,848 ac------ c:\windows\system32\dllcache\lwusbhid.sys
2009-02-28 03:59 20,864 ac------ c:\windows\system32\dllcache\lwadihid.sys
2009-02-28 03:59 797,500 ac------ c:\windows\system32\dllcache\ltsmt.sys
2009-02-28 03:59 802,683 ac------ c:\windows\system32\dllcache\ltsm.sys
2009-02-28 03:59 7,040 ac------ c:\windows\system32\dllcache\ltotape.sys
2009-02-28 03:59 420,992 ac------ c:\windows\system32\dllcache\ltmdmntt.sys
2009-02-28 03:59 576,746 ac------ c:\windows\system32\dllcache\ltmdmntl.sys
2009-02-28 03:59 606,684 ac------ c:\windows\system32\dllcache\ltmdmnt.sys
2009-02-28 03:58 727,786 ac------ c:\windows\system32\dllcache\ltck000c.sys
2009-02-28 03:58 4,992 ac------ c:\windows\system32\dllcache\loop.sys
2009-02-28 03:58 70,730 ac------ c:\windows\system32\dllcache\lne100tx.sys
2009-02-28 03:58 20,573 ac------ c:\windows\system32\dllcache\lne100.sys
2009-02-28 03:58 25,065 ac------ c:\windows\system32\dllcache\lmndis3.sys
2009-02-28 03:57 15,744 ac------ c:\windows\system32\dllcache\lit220p.sys
2009-02-28 03:57 34,688 ac------ c:\windows\system32\dllcache\lbrtfdc.sys
2009-02-28 03:57 26,442 ac------ c:\windows\system32\dllcache\lanepic5.sys
2009-02-28 03:57 19,016 ac------ c:\windows\system32\dllcache\ktc111.sys
2009-02-28 03:57 37,376 ac------ c:\windows\system32\dllcache\kousd.dll
2009-02-28 03:57 253,952 ac------ c:\windows\system32\dllcache\kdsusd.dll
2009-02-28 03:57 48,640 ac------ c:\windows\system32\dllcache\kdsui.dll
2009-02-28 03:56 8,192 ac------ c:\windows\system32\dllcache\kbdkor.dll
2009-02-28 03:56 8,704 ac------ c:\windows\system32\dllcache\kbdjpn.dll
2009-02-28 03:56 14,592 ac------ c:\windows\system32\dllcache\kbdhid.sys
2009-02-28 03:56 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll
2009-02-28 03:56 5,632 ac------ c:\windows\system32\dllcache\kbd103.dll
2009-02-28 03:55 6,144 ac------ c:\windows\system32\dllcache\kbd101c.dll
2009-02-28 03:55 6,144 ac------ c:\windows\system32\dllcache\kbd101b.dll
2009-02-28 03:55 26,624 ac------ c:\windows\system32\dllcache\irstusb.sys
2009-02-28 03:55 18,688 ac------ c:\windows\system32\dllcache\irsir.sys
2009-02-28 03:55 28,160 ac------ c:\windows\system32\dllcache\irmon.dll
2009-02-28 03:55 23,552 ac------ c:\windows\system32\dllcache\irmk7.sys
2009-02-28 03:55 151,552 ac------ c:\windows\system32\dllcache\irftp.exe
2009-02-28 03:55 88,192 ac------ c:\windows\system32\dllcache\irda.sys
2009-02-28 03:54 45,632 ac------ c:\windows\system32\dllcache\ip5515.sys
2009-02-28 03:54 90,200 ac------ c:\windows\system32\dllcache\io8ports.dll
2009-02-28 03:54 38,784 ac------ c:\windows\system32\dllcache\io8.sys
2009-02-28 03:54 13,056 ac------ c:\windows\system32\dllcache\inport.sys
2009-02-28 03:54 16,000 ac------ c:\windows\system32\dllcache\ini910u.sys
2009-02-28 03:53 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll
2009-02-28 03:53 100,992 ac------ c:\windows\system32\dllcache\icam5usb.sys
2009-02-28 03:53 20,480 ac------ c:\windows\system32\dllcache\icam5ext.dll
2009-02-28 03:53 45,056 ac------ c:\windows\system32\dllcache\icam5com.dll
2009-02-28 03:52 154,496 ac------ c:\windows\system32\dllcache\icam4usb.sys
2009-02-28 03:52 61,952 ac------ c:\windows\system32\dllcache\icam4ext.dll
2009-02-28 03:52 91,136 ac------ c:\windows\system32\dllcache\icam4com.dll
2009-02-28 03:52 26,624 ac------ c:\windows\system32\dllcache\icam3ext.dll
2009-02-28 03:52 141,056 ac------ c:\windows\system32\dllcache\icam3.sys
2009-02-28 03:52 38,528 ac------ c:\windows\system32\dllcache\ibmvcap.sys
2009-02-28 03:52 109,085 ac------ c:\windows\system32\dllcache\ibmtrp.sys
2009-02-28 03:51 100,936 ac------ c:\windows\system32\dllcache\ibmtok.sys
2009-02-28 03:51 9,216 ac------ c:\windows\system32\dllcache\ibmsgnet.dll
2009-02-28 03:51 28,700 ac------ c:\windows\system32\dllcache\ibmexmp.sys
2009-02-28 03:51 161,020 ac------ c:\windows\system32\dllcache\i81xnt5.sys
2009-02-28 03:51 702,845 ac------ c:\windows\system32\dllcache\i81xdnt5.dll
2009-02-28 03:51 58,592 ac------ c:\windows\system32\dllcache\i740nt5.sys
2009-02-28 03:51 353,184 ac------ c:\windows\system32\dllcache\i740dnt5.dll
2009-02-28 03:51 18,560 ac------ c:\windows\system32\dllcache\i2omp.sys
2009-02-28 03:51 8,576 ac------ c:\windows\system32\dllcache\i2omgmt.sys
2009-02-28 03:50 488,383 ac------ c:\windows\system32\dllcache\hsf_v124.sys
2009-02-28 03:50 50,751 ac------ c:\windows\system32\dllcache\hsf_tone.sys
2009-02-28 03:50 73,279 ac------ c:\windows\system32\dllcache\hsf_spkp.sys
2009-02-28 03:50 44,863 ac------ c:\windows\system32\dllcache\hsf_soar.sys
2009-02-28 03:50 57,471 ac------ c:\windows\system32\dllcache\hsf_samp.sys
2009-02-28 03:49 542,879 ac------ c:\windows\system32\dllcache\hsf_msft.sys
2009-02-28 03:49 391,199 ac------ c:\windows\system32\dllcache\hsf_k56k.sys
2009-02-28 03:49 9,759 ac------ c:\windows\system32\dllcache\hsf_inst.dll
2009-02-28 03:49 115,807 ac------ c:\windows\system32\dllcache\hsf_fsks.sys
2009-02-28 03:49 199,711 ac------ c:\windows\system32\dllcache\hsf_faxx.sys
2009-02-28 03:49 289,887 ac------ c:\windows\system32\dllcache\hsf_fall.sys
2009-02-28 03:49 67,167 ac------ c:\windows\system32\dllcache\hsf_bsc2.sys
2009-02-28 03:48 150,239 ac------ c:\windows\system32\dllcache\hsf_amos.sys
2009-02-28 03:48 19,456 ac------ c:\windows\system32\dllcache\hr1w.dll
2009-02-28 03:48 5,760 ac------ c:\windows\system32\dllcache\hpt4qic.sys
2009-02-28 03:48 13,312 ac------ c:\windows\system32\dllcache\hpsjmcro.dll
2009-02-28 03:48 324,608 ac------ c:\windows\system32\dllcache\hpojwia.dll
2009-02-28 03:48 25,952 ac------ c:\windows\system32\dllcache\hpn.sys
2009-02-28 03:48 32,768 ac------ c:\windows\system32\dllcache\hpgtmcro.dll
2009-02-28 03:48 68,608 ac------ c:\windows\system32\dllcache\hpgt53tk.dll
2009-02-28 03:47 165,888 ac------ c:\windows\system32\dllcache\hpgt53.dll
2009-02-28 03:47 31,232 ac------ c:\windows\system32\dllcache\hpgt42tk.dll
2009-02-28 03:47 93,696 ac------ c:\windows\system32\dllcache\hpgt42.dll
2009-02-28 03:47 126,976 ac------ c:\windows\system32\dllcache\hpgt34tk.dll
2009-02-28 03:47 101,376 ac------ c:\windows\system32\dllcache\hpgt34.dll
2009-02-28 03:47 48,128 ac------ c:\windows\system32\dllcache\hpgt33tk.dll
2009-02-28 03:47 89,088 ac------ c:\windows\system32\dllcache\hpgt33.dll
2009-02-28 03:47 123,392 ac------ c:\windows\system32\dllcache\hpgt21tk.dll
2009-02-28 03:46 83,968 ac------ c:\windows\system32\dllcache\hpgt21.dll
2009-02-28 03:46 119,296 ac------ c:\windows\system32\dllcache\hpdigwia.dll
2009-02-28 03:46 2,688 ac------ c:\windows\system32\dllcache\hidswvd.sys
2009-02-28 03:46 8,576 ac------ c:\windows\system32\dllcache\hidgame.sys
2009-02-28 03:46 20,352 ac------ c:\windows\system32\dllcache\hidbatt.sys
2009-02-28 03:46 907,456 ac------ c:\windows\system32\dllcache\hcf_msft.sys
2009-02-28 03:46 28,288 ac------ c:\windows\system32\dllcache\grserial.sys
2009-02-28 03:46 82,304 ac------ c:\windows\system32\dllcache\grclass.sys
2009-02-28 03:45 17,408 ac------ c:\windows\system32\dllcache\gpr400.sys
2009-02-28 03:45 59,136 ac------ c:\windows\system32\dllcache\gckernel.sys
2009-02-28 03:45 10,624 ac------ c:\windows\system32\dllcache\gameenum.sys
2009-02-28 03:45 322,432 ac------ c:\windows\system32\dllcache\g400m.sys
2009-02-28 03:45 1,733,120 ac------ c:\windows\system32\dllcache\g400d.dll
2009-02-28 03:45 320,384 ac------ c:\windows\system32\dllcache\g200m.sys
2009-02-28 03:45 470,144 ac------ c:\windows\system32\dllcache\g200d.dll
2009-02-28 03:45 454,912 ac------ c:\windows\system32\dllcache\fxusbase.sys
2009-02-28 03:44 92,160 ac------ c:\windows\system32\dllcache\fuusd.dll
2009-02-28 03:44 455,296 ac------ c:\windows\system32\dllcache\fusbbase.sys
2009-02-28 03:44 455,680 ac------ c:\windows\system32\dllcache\fus2base.sys
2009-02-28 03:44 442,240 ac------ c:\windows\system32\dllcache\fpnpbase.sys
2009-02-28 03:44 441,728 ac------ c:\windows\system32\dllcache\fpcmbase.sys
2009-02-28 03:44 444,416 ac------ c:\windows\system32\dllcache\fpcibase.sys
2009-02-28 03:44 34,173 ac------ c:\windows\system32\dllcache\forehe.sys
2009-02-28 03:44 71,680 ac------ c:\windows\system32\dllcache\fnfilter.dll
2009-02-28 03:43 27,165 ac------ c:\windows\system32\dllcache\fetnd5.sys
2009-02-28 03:43 22,090 ac------ c:\windows\system32\dllcache\fem556n5.sys
2009-02-28 03:43 24,618 ac------ c:\windows\system32\dllcache\fa410nd5.sys
2009-02-28 03:43 16,074 ac------ c:\windows\system32\dllcache\fa312nd5.sys
2009-02-28 03:43 11,850 ac------ c:\windows\system32\dllcache\f3ab18xj.sys
2009-02-28 03:43 12,362 ac------ c:\windows\system32\dllcache\f3ab18xi.sys
2009-02-28 03:42 7,040 ac------ c:\windows\system32\dllcache\exabyte2.sys
2009-02-28 03:42 16,998 ac------ c:\windows\system32\dllcache\ex10.sys
2009-02-28 03:42 45,568 ac------ c:\windows\system32\dllcache\esunib.dll
2009-02-28 03:42 45,568 ac------ c:\windows\system32\dllcache\esuni.dll
2009-02-28 03:42 34,816 ac------ c:\windows\system32\dllcache\esuimg.dll
2009-02-28 03:42 43,008 ac------ c:\windows\system32\dllcache\esucm.dll
2009-02-28 03:42 137,088 ac------ c:\windows\system32\dllcache\essm2e.sys
2009-02-28 03:42 63,360 ac------ c:\windows\system32\dllcache\ess.sys
2009-02-28 03:42 347,550 ac------ c:\windows\system32\dllcache\es56tpi.sys
2009-02-28 03:41 594,238 ac------ c:\windows\system32\dllcache\es56hpi.sys
2009-02-28 03:41 595,647 ac------ c:\windows\system32\dllcache\es56cvmp.sys
2009-02-28 03:41 174,464 ac------ c:\windows\system32\dllcache\es198x.sys
2009-02-28 03:41 72,192 ac------ c:\windows\system32\dllcache\es1969.sys
2009-02-28 03:41 40,704 ac------ c:\windows\system32\dllcache\es1371mp.sys
2009-02-28 03:41 37,120 ac------ c:\windows\system32\dllcache\es1370mp.sys
2009-02-28 03:41 61,952 ac------ c:\windows\system32\dllcache\eqnloop.exe
2009-02-28 03:41 51,200 ac------ c:\windows\system32\dllcache\eqnlogr.exe
2009-02-28 03:41 53,248 ac------ c:\windows\system32\dllcache\eqndiag.exe
2009-02-28 03:40 629,952 ac------ c:\windows\system32\dllcache\eqn.sys
2009-02-28 03:40 114,944 ac------ c:\windows\system32\dllcache\epstw2k.sys
2009-02-28 03:40 18,503 ac------ c:\windows\system32\dllcache\epro4.sys
2009-02-28 03:40 144,896 ac------ c:\windows\system32\dllcache\epcfw2k.sys
2009-02-28 03:40 6,400 ac------ c:\windows\system32\dllcache\enum1394.sys
2009-02-28 03:40 283,904 ac------ c:\windows\system32\dllcache\emu10k1m.sys
2009-02-28 03:40 19,996 ac------ c:\windows\system32\dllcache\em556n4.sys
2009-02-28 03:40 25,159 ac------ c:\windows\system32\dllcache\elnk3.sys
2009-02-28 03:40 7,296 ac------ c:\windows\system32\dllcache\elmsmc.sys
2009-02-28 03:40 171,520 ac------ c:\windows\system32\dllcache\el99xn51.sys
2009-02-28 03:40 70,174 ac------ c:\windows\system32\dllcache\el98xn5.sys
2009-02-28 03:38 117,760 ac------ c:\windows\system32\dllcache\e100b325.sys
2009-02-28 03:38 50,719 ac------ c:\windows\system32\dllcache\e1000nt5.sys
2009-02-28 03:38 20,992 ac------ c:\windows\system32\dllcache\dshowext.ax
2009-02-28 03:38 334,208 ac------ c:\windows\system32\dllcache\ds1wdm.sys
2009-02-28 03:38 20,192 ac------ c:\windows\system32\dllcache\dpti2o.sys
2009-02-28 03:38 28,062 ac------ c:\windows\system32\dllcache\dp83820.sys
2009-02-28 03:38 23,808 ac------ c:\windows\system32\dllcache\dot4usb.sys
2009-02-28 03:38 8,704 ac------ c:\windows\system32\dllcache\dot4scan.sys
2009-02-28 03:38 12,928 ac------ c:\windows\system32\dllcache\dot4prt.sys
2009-02-28 03:38 206,976 ac------ c:\windows\system32\dllcache\dot4.sys
2009-02-28 03:38 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys
2009-02-28 03:38 8,320 ac------ c:\windows\system32\dllcache\dlttape.sys
2009-02-28 03:38 26,698 ac------ c:\windows\system32\dllcache\dlh5xnd5.sys
2009-02-28 03:36 229,462 ac------ c:\windows\system32\dllcache\digifwrk.dll
2009-02-28 03:35 86,016 ac------ c:\windows\system32\dllcache\dc240usd.dll
2009-02-28 03:34 93,952 ac------ c:\windows\system32\dllcache\cwcwdm.sys
2009-02-28 03:33 14,976 ac------ c:\windows\system32\dllcache\cpqarray.sys
2009-02-28 03:33 39,936 ac------ c:\windows\system32\dllcache\cnxt1803.sys
2009-02-28 03:33 44,032 ac------ c:\windows\system32\dllcache\cnusd.dll
2009-02-28 03:33 6,656 ac------ c:\windows\system32\dllcache\cmdide.sys
2009-02-28 03:33 20,736 ac------ c:\windows\system32\dllcache\cmbp0wdm.sys
2009-02-28 03:33 248,064 ac------ c:\windows\system32\dllcache\cl546xm.sys
2009-02-28 03:33 170,880 ac------ c:\windows\system32\dllcache\cl546x.dll
2009-02-28 03:33 111,232 ac------ c:\windows\system32\dllcache\cl5465.dll
2009-02-28 03:33 45,696 ac------ c:\windows\system32\dllcache\cirrus.sys
2009-02-28 03:33 91,264 ac------ c:\windows\system32\dllcache\cirrus.dll
2009-02-28 03:33 272,640 ac------ c:\windows\system32\dllcache\cinemclc.sys
2009-02-28 03:33 980,034 ac------ c:\windows\system32\dllcache\cicap.sys
2009-02-28 03:33 8,192 ac------ c:\windows\system32\dllcache\changer.sys
2009-02-28 03:30 13,824 ac------ c:\windows\system32\dllcache\bulltlp3.sys
2009-02-28 03:29 871,388 ac------ c:\windows\system32\dllcache\bcmdm.sys
2009-02-28 03:28 268,160 ac------ c:\windows\system32\dllcache\atidvai.dll
2009-02-28 03:16 101,888 ac------ c:\windows\system32\dllcache\adpu160m.sys
2009-02-28 03:15 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll
2009-02-27 22:07 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-02-27 22:07 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-25 21:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\OpenDNS Updater
2009-02-25 21:18 <DIR> --d----- c:\program files\OpenDNS Updater
2009-02-25 21:13 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-02-25 21:12 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-02-25 21:12 <DIR> --d----- c:\docume~1\yuriyh~1\applic~1\SUPERAntiSpyware.com
2009-02-25 16:18 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat
2009-02-23 22:57 <DIR> --d----- c:\program files\Windows Desktop Search
2009-02-23 02:02 <DIR> --d----- c:\program files\Shape Collage
2009-02-20 10:56 <DIR> --d----- c:\windows\ERUNT
2009-02-17 18:15 <DIR> --d----- c:\documents and settings\yuriy horokhivskyy\.housecall6.6
2009-02-16 23:44 73,728 a------- c:\windows\system32\javacpl.cpl
2009-02-15 15:43 <DIR> --d----- c:\documents and settings\yuriy horokhivskyy\DoctorWeb
2009-02-12 18:25 <DIR> a-dshr-- C:\cmdcons

==================== Find3M ====================

2009-02-16 23:43 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-20 20:44 149,760 a------- c:\windows\system32\drivers\WpsHelper.sys
2009-01-05 17:33 3,751,995 a------- c:\windows\system32\GPhotos.scr
2009-01-04 20:31 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-01-04 20:31 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01000_Coinstaller_Critical.Wdf
2009-01-01 19:53 123,952 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-01 19:53 60,800 a------- c:\windows\system32\S32EVNT1.DLL
2009-01-01 19:53 10,563 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-01 19:53 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2008-12-20 18:15 826,368 a------- c:\windows\system32\wininet.dll
2008-12-17 00:12 356,352 a------- c:\windows\eSellerateEngine.dll
2008-12-10 23:36 29,480 a------- c:\windows\system32\msxml3a.dll

============= FINISH: 13:20:34.45 ===============
  • 0

#159
megadez
Posted 02 March 2009 - 12:23 PM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/25/2008 5:02:01 PM
System Uptime: 3/2/2009 11:30:36 AM (2 hours ago)

Motherboard: Dell Inc. | | 0RJ272
Processor: Intel® Pentium® M processor 1.70GHz | Microprocessor | 593/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 39 GiB total, 6.079 GiB free.
D: is FIXED (NTFS) - 17 GiB total, 1.644 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 233 GiB total, 112.805 GiB free.
I: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA

==== System Restore Points ===================

RP59: 2/28/2009 4:55:33 PM - System Checkpoint
RP60: 3/2/2009 12:09:38 AM - ComboFix created restore point

==== Installed Programs ======================

µTorrent
2007 Microsoft Office Suite Service Pack 1 (SP1)
ABBYY Lingvo x3
AC-3 ACM Codec
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Software Update
Aurora
Broadcom 440x 10/100 Integrated Controller
Calculator Powertoy for Windows XP
CCleaner (remove only)
CDBurnerXP
Cisco Systems VPN Client 5.0.02.0090
ClearType Tuning Control Panel Applet
Conexant HDA D110 MDC V.92 Modem
Dell Wireless WLAN Card
Drive Manager
EPSON Printer Software
EPSON Scan
foobar2000 v0.9.5.6
G-Force
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Image Resizer Powertoy for Windows XP
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PROSet/Wireless Software
InterVideo DeviceService
Java™ 6 Update 11
LiveUpdate 3.3 (Symantec Corporation)
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech Video Enumerator
Logitech® Camera Driver
Malwarebytes' Anti-Malware
MATLAB R2008b
mCore
mDriver
mDrWiFi
Medieval CUE Splitter
mHlpDell
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework 1.0
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
mIWA
mLogView
mMHouse
Mozilla Firefox (3.0.6)
mPfMgr
mPfWiz
mProSafe
mSCfg
mSSO
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser
MVision
mWlsSafe
mWMI
mZConfig
Netflix Movie Viewer
Octoshape add-in for Adobe Flash Player
Open PLS in Windows Media Player 2.3.0
OpenDNS Updater 1.3.0.187
Opera 9.63
PerfectDisk 2008 Professional
Photo Story 3 for Windows
Picasa 3
PoivY
PowerDVD
PowerDVD Ultra
PowerISO
QuickSet
QuickTime
Sansa Updater
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
Shape Collage
SigmaTel Audio
Skype™ 3.8
SmartSound Quicktracks Plugin
SSH Secure Shell
Stat/Transfer Nine
Stata 10
Symantec Endpoint Protection
Synaptics Pointing Device Driver
The Rosetta Stone
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb959634)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VLC media player 0.9.6
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver

==== Event Viewer Messages From Past Week ========

2/26/2009 2:08:19 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SrtETmp' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
2/26/2009 10:10:33 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
2/23/2009 9:36:42 PM, error: w29n51 [5010] - Intel® PRO/Wireless 2200BG Network Connection : The adapter has returned an invalid value to the driver.
2/23/2009 9:36:42 PM, error: w29n51 [5031] - Intel® PRO/Wireless 2200BG Network Connection : The adapter has detected an Adapter Check as a result of some unrecoverable hardware of software error. Please contact your service provider.
2/28/2009 1:45:27 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service.
2/28/2009 1:45:27 AM, error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: All pipe instances are busy.
3/2/2009 12:08:59 AM, error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).
3/2/2009 12:18:43 AM, error: PlugPlayManager [11] - The device Root\LEGACY_ROOTREPEAL\0000 disappeared from the system without first being prepared for removal.
2/28/2009 3:15:11 AM, information: Windows File Protection [64016] - Windows File Protection file scan was started.
2/28/2009 4:49:40 AM, information: Windows File Protection [64017] - Windows File Protection file scan completed successfully.

==== End Of File ===========================
  • 0

#160
emeraldnzl
Posted 02 March 2009 - 01:14 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Firstly: Please disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab

Close all windows other than HiJackThis, then click Fix Checked.

Close HiJackThis.

Reboot your machine.

Post a new HijackThis log back here.
  • 0

Advertisements

#161
megadez
Posted 02 March 2009 - 10:01 PM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:00 PM, on 3/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\ABBYY Lingvo x3\LvAgent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PoivY.com\PoivY\PoivY.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ABBYY Lingvo x3\Lingvo.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo x3\LvAgent.exe" /STARTUP
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
O4 - HKCU\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /M "Stylus CX4600" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1227683328000
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F917EED-07A2-43F2-B2EE-DDD93B0857B7}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY Lingvo x3 Licensing Service (ABBYY.Licensing.Lingvo.Desktop.14.0) - ABBYY Software Ltd - C:\Program Files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10870 bytes
  • 0

#162
megadez
Posted 02 March 2009 - 10:08 PM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
Actually, hijack log from previous post was before reboot. My apologies.

Here is one after reboot:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:44 PM, on 3/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\ABBYY Lingvo x3\LvAgent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PoivY.com\PoivY\PoivY.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files\ABBYY Lingvo x3\LvAgent.exe" /STARTUP
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
O4 - HKCU\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /M "Stylus CX4600" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1227683328000
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F917EED-07A2-43F2-B2EE-DDD93B0857B7}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY Lingvo x3 Licensing Service (ABBYY.Licensing.Lingvo.Desktop.14.0) - ABBYY Software Ltd - C:\Program Files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10961 bytes
  • 0

#163
emeraldnzl
Posted 03 March 2009 - 05:48 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hi megadez,

I take it that last solution didn't solve your problem.

I would like to run GooredFix again just to make sure we haven't missed anything.

Please download GooredFix and save it to your Desktop. Double-click Goored.exe to run it. Select 1. Find Goored (no fix) by typing 1 and pressing Enter. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt). Note: Do not run Option #2 yet.
  • 0

#164
megadez
Posted 03 March 2009 - 06:40 PM

megadez

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts
GooredFix v1.91 by jpshortstuff
Log created at 19:39 on 03/03/2009 running Option #1 (Yuriy Horokhivskyy)
Firefox version 3.0.6 (en-US)

=====Suspect Goored Entries=====

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"[email protected]"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff"
  • 0

#165
emeraldnzl
Posted 03 March 2009 - 06:55 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello megadez,

This is definitely still happening, and still happening across your IE and Firefox browsers?

Still not happening in Chrome and Opera or have I got that wrong?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP