Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WinFixer2005ScannerInstall.cab. / possible others


  • This topic is locked This topic is locked
2 replies to this topic

#1 stanpatpick

stanpatpick

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SouthEast US
  • Local time:12:38 PM

Posted 27 December 2008 - 09:48 AM

BackGround
=================
The following was posted in the Am I infected section of the forums

Topic referenced is here: http://www.bleepingcomputer.com/forums/t/187963/spybot-s-d-says-that-3-entries-of-wildtangent-stll-remain/ Please read to see specifics of what's been done. ~ OB

Dueto a blue screen error involving the logon process( I would give exact details but it was several days ago and I didn't take good enough notes), winxp media center 2005 has been reloaded( on top of itself) and updated completely. All drivers have been located by xpmce except for a touchpad driver which was downloaded and installed. Malwarebytes, avast,spybot SD, and adaware have all been allowed to go throught the hard drive and all problem files/entries were deleted/fixed.
Programs seem to all be working, the laptop is responding smoothly and there are no pop ups or error messages at the moment. This is a dell inspirion e1505/centrinto duo 1.67g/1gb memory/120gb HD.

My concern is that the last run of spybot listed 3 remaining instances of wildtangent. I allowed spybot to scan on boot up but the items remain unfixed. So I am unsure if the pc is 100% healthy.

Since then I have used ATF cleaner, reran malwarebytes, reran spybot.

I was last told that the log Iposted indicated

WinFixer2005ScannerInstall.cab. and that I should now post here.

The PC is responding much better but I have noticed that IE7 must be shut down using task panel and picture and fax viewer doesn't seem to be opening

files that other photo software will.

I would like to be sure that all bad stuff has been removed.

Any help will be appreciated.

I have gone through the prep steps and the needed logs are included and attached to this post

DDS
============


DDS (Version 1.1.0) - NTFSx86
Run by ROSALYN at 9:25:29.54 on Sat 12/27/2008
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.527 [GMT -5:00]

AV: avast! antivirus 4.8.1296 [VPS 081226-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Sonic\Product\Media Experience\DMXLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Jaman Player\jamtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Jaman Player\jamdownloader.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ROSALYN\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! uC: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Yahoo! IE Suggest: {5a263cf7-56a6-4d68-a8cf-345be45bc911} - c:\program files\yahoo!\search\YSearchSuggest.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: : {665da531-196e-4e9e-ab43-43e4f29c545a} - c:\program files\messenger\meroxec:\windows\system32\cp1\dode83122.exe.dll
BHO: {6a30f876-d40a-48e4-acea-01390f1c511c} - No File
BHO: {72CE66D7-9D26-45ED-8E17-5368E9078A96} - No File
BHO: {8348304d-863a-47dc-aaac-67a3f1074442} - c:\windows\system32\byXRjGay.dll
BHO: : {92654055-609c-454a-8b5b-04c5bf3ff60b} - c:\program files\messenger\meroxec:\windows\system32\b0\mwspasrt83122.exe.dll
BHO: MYPOINTS: {a057a204-bacc-4d26-cec4-75a487fd6484} - c:\progra~1\mypoints\mypoints.dll
BHO: {A801EE25-AEC5-40D9-BB38-781322551246} - No File
TB: Yahoo! uC: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
TB: MYPOINTS: {a057a204-bacc-4d26-cec4-75a487fd6484} - c:\progra~1\mypoints\mypoints.dll
TB: {CB25FC2F-305D-4538-9462-18A2CA4130D5} - No File
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [Pando] "c:\program files\pando networks\pando\Pando.exe" /Minimized
uRun: []
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [jamtray] C:/Program Files/Jaman Player/jamtray.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: []
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [DMXLauncher] "c:\program files\sonic\product\media experience\DMXLauncher.exe"
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [UPAS] c:\windows\downloaded program files\UPAS_0001_N93M1306NetInstaller.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: xkefqtgs - {AA0E383F-84D9-4AA0-8B96-9101799BF7B7} - No File
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 nwprovau c:\windows\system32\byXRjGay

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rosalyn\applic~1\mozilla\firefox\profiles\3ti2tnys.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - component: c:\documents and settings\rosalyn\application data\mozilla\firefox\profiles\3ti2tnys.default\extensions\{463f6ca5-ee3c-4be1-b7e6-7fee11953374}\platform\winnt\components\FoxyTunes.dll
FF - component: c:\program files\mozilla firefox\\components\jar50.dll
FF - component: c:\program files\mozilla firefox\\components\jsd3250.dll
FF - component: c:\program files\mozilla firefox\\components\myspell.dll
FF - component: c:\program files\mozilla firefox\\components\spellchk.dll
FF - component: c:\program files\mozilla firefox\\components\xpinstal.dll
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-4-6 111184]
R1 SASDIFSV;SASDIFSV;\??\c:\program files\superantispyware\SASDIFSV.SYS [2008-12-4 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\SASKUTIL.sys [2008-12-4 55024]
R2 aawservice;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" [2008-5-12 611664]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-4-6 20560]
R2 avast! Antivirus;avast! Antivirus;"c:\program files\alwil software\avast4\ashServ.exe" [2006-11-6 155160]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 avast! Mail Scanner;avast! Mail Scanner;"c:\program files\alwil software\avast4\ashMaiSv.exe" /service [2006-11-6 254040]
R3 avast! Web Scanner;avast! Web Scanner;"c:\program files\alwil software\avast4\ashWebSv.exe" /service [2006-11-6 352920]
S3 SASENUM;SASENUM;\??\c:\program files\superantispyware\SASENUM.SYS [2008-12-4 7408]

=============== Created Last 30 ================

2008-12-20 13:21 664 a------- c:\windows\system32\d3d9caps.dat
2008-12-20 12:58 --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2008-12-20 12:58 --d----- c:\program files\SUPERAntiSpyware
2008-12-20 12:58 --d----- c:\docume~1\rosalyn\applic~1\SUPERAntiSpyware.com
2008-12-20 09:24 --d----- c:\docume~1\rosalyn\applic~1\Windows Search
2008-12-18 16:25 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2008-12-18 16:25 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-18 16:25 --d----- c:\program files\DellTPad
2008-12-18 16:24 1,419,232 a------- c:\windows\system32\WdfCoInstaller01005.dll
2008-12-18 16:24 164,400 a------- c:\windows\system32\drivers\Apfiltr.sys
2008-12-18 16:24 100,542 a------- c:\windows\system32\Vxdif.dll
2008-12-18 06:56 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-18 06:56 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-18 06:56 --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-17 14:56 --d----- c:\docume~1\rosalyn\applic~1\Malwarebytes
2008-12-17 14:56 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-12-17 11:09 --d----- c:\docume~1\rosalyn\applic~1\Windows Desktop Search
2008-12-17 11:08 --d----- c:\windows\system32\GroupPolicy
2008-12-17 11:08 --d----- c:\program files\Windows Desktop Search
2008-12-17 11:07 192,000 -c------ c:\windows\system32\dllcache\offfilt.dll
2008-12-17 11:07 98,304 -c------ c:\windows\system32\dllcache\nlhtml.dll
2008-12-17 11:07 29,696 -c------ c:\windows\system32\dllcache\mimefilt.dll
2008-12-17 02:26 1,306,624 -c------ c:\windows\system32\dllcache\msxml6.dll
2008-12-17 02:26 79,872 -c------ c:\windows\system32\dllcache\msxml6r.dll
2008-12-17 02:25 19,569 a------- c:\windows\003509_.tmp
2008-12-17 01:11 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll
2008-12-17 01:11 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll
2008-12-17 01:11 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll
2008-12-17 01:11 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat
2008-12-17 01:11 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll
2008-12-17 01:11 63,488 -c------ c:\windows\system32\dllcache\icardie.dll
2008-12-17 01:11 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe
2008-12-17 01:11 991,232 -c------ c:\windows\system32\dllcache\ieframe.dll.mui
2008-12-17 01:11 6,066,176 -c------ c:\windows\system32\dllcache\ieframe.dll
2008-12-16 21:33 --d----- c:\windows\system32\vmm32
2008-12-16 20:44 --d----- c:\program files\CCleaner
2008-12-16 20:01 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2008-12-16 20:00 138,496 -c------ c:\windows\system32\dllcache\afd.sys
2008-12-16 19:56 333,824 -c------ c:\windows\system32\dllcache\srv.sys
2008-12-16 19:53 1,846,400 -c------ c:\windows\system32\dllcache\win32k.sys
2008-12-16 19:52 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2008-12-16 19:52 2,189,184 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-16 19:52 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-16 19:52 2,066,048 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-16 19:50 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2008-12-16 19:49 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2008-12-16 19:48 331,776 -c------ c:\windows\system32\dllcache\msadce.dll
2008-12-16 19:48 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2008-12-16 19:44 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2008-12-16 19:44 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2008-12-16 17:27 69,632 ac------ c:\windows\system32\dllcache\ehresko.dll
2008-12-16 17:27 73,728 ac------ c:\windows\system32\dllcache\ehresja.dll
2008-12-16 17:27 69,632 ac------ c:\windows\system32\dllcache\ehresfr.dll
2008-12-16 17:27 69,632 ac------ c:\windows\system32\dllcache\ehresde.dll
2008-12-16 17:25 143,422 ac------ c:\windows\system32\dllcache\softkey.dll
2008-12-16 17:24 92,416 ac------ c:\windows\system32\dllcache\mga.sys
2008-12-16 17:23 7,680 ac------ c:\windows\system32\dllcache\ftpctrs2.dll
2008-12-16 17:22 364,544 ac------ c:\windows\system32\dllcache\npdsplay.dll
2008-12-16 17:22 10,240 ac------ c:\windows\system32\dllcache\npwmsdrm.dll
2008-12-16 17:22 4,639 ac------ c:\windows\system32\dllcache\mplayer2.exe
2008-12-16 17:22 7,168 ac------ c:\windows\system32\dllcache\wamregps.dll
2008-12-16 17:22 169,984 ac------ c:\windows\system32\dllcache\iisui.dll
2008-12-16 17:22 19,968 ac------ c:\windows\system32\dllcache\inetsloc.dll
2008-12-16 17:22 7,680 ac------ c:\windows\system32\dllcache\inetmgr.exe
2008-12-16 17:22 14,336 ac------ c:\windows\system32\dllcache\iisreset.exe
2008-12-16 17:22 6,144 ac------ c:\windows\system32\dllcache\ftpsapi2.dll
2008-12-16 17:22 5,632 ac------ c:\windows\system32\dllcache\iisrstap.dll
2008-12-16 17:22 94,720 ac------ c:\windows\system32\dllcache\certmap.ocx
2008-12-16 17:19 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2008-12-16 17:19 749 a---hr-- c:\windows\WindowsShell.Manifest
2008-12-16 17:19 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2008-12-16 17:19 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2008-12-16 17:19 749 a---hr-- c:\windows\system32\nwc.cpl.manifest
2008-12-16 17:19 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2008-12-16 17:18 16,384 ac------ c:\windows\system32\dllcache\isignup.exe
2008-12-16 11:11 --d----- c:\windows\dell

==================== Find3M ====================

2008-12-27 09:08 4,704 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-12-17 11:19 88,859 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-12-16 17:07 34,380 a------- c:\windows\system32\emptyregdb.dat
2008-11-29 00:36 90,112 a------- c:\windows\DUMP5d81.tmp
2008-10-23 07:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-16 15:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-03 05:02 247,326 a------- c:\windows\system32\strmdll.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-08-02 18:53 56 a--shr-- c:\windows\system32\2BE3C79924.sys
2007-11-18 21:02 438,980 a--sh--- c:\windows\system32\accdd.bak2
2007-10-21 17:50 613,932 a--sh--- c:\windows\system32\cbeeg.bak2
2007-11-08 20:00 6,473 a--sh--- c:\windows\system32\hhhkj.bak1
2008-01-01 18:33 392,028 a--sh--- c:\windows\system32\pqstv.bak1
2008-01-02 19:16 392,680 a--sh--- c:\windows\system32\pqstv.bak2
2007-11-05 20:45 6,473 a--sh--- c:\windows\system32\tttss.bak1
2007-11-05 20:33 381,334 a--sh--- c:\windows\system32\ttvwa.bak1
2007-11-04 19:09 6,738 a--sh--- c:\windows\system32\ttvwa.bak2
2007-10-28 15:13 411,885 a--sh--- c:\windows\system32\yycdd.bak1

============= FINISH: 9:26:15.62 ===============

Attached Files


Edited by Orange Blossom, 27 December 2008 - 01:57 PM.


BC AdBot (Login to Remove)

 


#2 stanpatpick

stanpatpick
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SouthEast US
  • Local time:12:38 PM

Posted 01 January 2009 - 01:01 PM

Please end this thread. I decided to reformat and reload the pc after saving any vital files. Thanks for all of the help.

#3 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:38 PM

Posted 01 January 2009 - 01:52 PM

Closed at the user's request. Thank you for letting us know.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users