Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got a browser hijacker


  • This topic is locked This topic is locked
2 replies to this topic

#1 PeterBee

PeterBee

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:18 PM

Posted 28 December 2008 - 12:55 PM

Picked up an annoying browser hijacker today (I use Firefox 3) and can't figure out how to remove it. Hoping someone on this wonderful forum will be able to assist.

Google changed appearance slightly with Adwords removed (but replaced with regular entries under the heading of Sponsored Links) and clicking on search results sends to random pages, but not malicious sites.

Lavasoft Adaware and Spybot show nothing and Kaspersky site is unusable also.

Hope you can help

Peter

DDS.txt file is as follows:


DDS (Version 1.1.0) - NTFSx86
Run by Peter at 17:33:38.92 on 28/12/2008
Internet Explorer: 7.0.5730.13
AV: avast! antivirus 4.8.1296 [VPS 081227-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============


============== Pseudo HJT Report ===============

uStart Page = hxxp://search.orbitdownloader.com
uInternet Settings,ProxyOverride = *.local
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagItBHO.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
BHO: EWPP - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagItIEAddin.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [SpybotDeletingB2477] command /c del "c:\resycled\boot.com"
uRunOnce: [SpybotDeletingD5542] cmd /c del "c:\resycled\boot.com"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [OrderReminder] c:\program files\hewlett-packard\orderreminder\OrderReminder.exe
mRun: [EPSON Stylus Photo R220 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAIE.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB002" /M "Stylus Photo R220"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRunOnce: [SpybotDeletingA9405] command /c del "c:\resycled\boot.com"
mRunOnce: [SpybotDeletingC7782] cmd /c del "c:\resycled\boot.com"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\peter~1.pet\startm~1\programs\startup\mailwa~1.lnk - c:\program files\firetrust\mailwasher pro\MailWasher.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\orbit.lnk - c:\program files\orbitdownloader\orbitdm.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\perstray.lnk - c:\program files\persono\perstray.exe
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\peter~1.pet\applic~1\mozilla\firefox\profiles\r2nzo9g6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll

============= SERVICES / DRIVERS ===============

RSPR?S?C?P?P?01234RSPR?S?C?P?P?01234

=============== Created Last 30 ================

2008-12-28 16:35 <DIR> --dshr-- C:\resycled
2008-12-28 16:35 255 ---shr-- C:\autorun.inf
2008-12-28 16:34 79 a------- c:\windows\wininit.ini
2008-12-28 16:15 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2008-12-28 16:15 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Spybot - Search & Destroy
2008-12-28 15:56 <DIR> --d----- c:\program files\Lavasoft
2008-12-28 14:54 <DIR> --d----- C:\my dvd
2008-12-28 14:52 67 a------- c:\windows\Easy DVD Creator.INI
2008-12-28 14:52 <DIR> --d----- c:\program files\Easy DVD Creator
2008-12-28 14:49 <DIR> --d----- c:\program files\ImTOO
2008-12-28 08:11 <DIR> --d----- c:\program files\MSXML 4.0
2008-12-27 15:29 <DIR> --d----- c:\docume~1\peter~1.pet\applic~1\DVD Flick
2008-12-27 15:29 662,288 a------- c:\windows\system32\mscomct2.ocx
2008-12-27 15:29 609,824 a------- c:\windows\system32\comctl32.ocx
2008-12-27 15:29 212,240 a------- c:\windows\system32\richtx32.ocx
2008-12-27 15:29 164,144 a------- c:\windows\system32\comct232.ocx
2008-12-27 15:29 40,960 a------- c:\windows\system32\ssubtmr6.dll
2008-12-27 15:29 36,864 a------- c:\windows\system32\trayicon_handler.ocx
2008-12-27 15:29 28,672 a------- c:\windows\system32\mousewheel.ocx
2008-12-27 15:29 <DIR> --d----- c:\program files\DVD Flick
2008-12-27 15:01 <DIR> --d----- c:\docume~1\peter~1.pet\applic~1\Video DVD Maker FREE
2008-12-27 14:22 <DIR> --d----- c:\windows\pss
2008-12-27 12:57 <DIR> --d----- c:\program files\CCleaner
2008-12-26 18:10 <DIR> --d----- c:\program files\Siber Systems
2008-12-16 14:47 146,650 a------- c:\windows\system32\BuzzingBee.wav
2008-12-16 14:47 940,794 a------- c:\windows\system32\LoopyMusic.wav
2008-12-16 14:47 60,416 a------- c:\windows\ALCFDRTM.VER
2008-12-16 14:47 60,416 a------- c:\windows\ALCFDRTM.EXE
2008-12-16 14:47 <DIR> --d----- c:\windows\system32\Lang
2008-12-16 10:16 <DIR> --d----- c:\program files\Orbitdownloader
2008-12-15 14:11 <DIR> --d----- c:\program files\Splat
2008-12-11 18:09 22,880 a------- c:\docume~1\peter~1.pet\applic~1\GDIPFONTCACHEV1.DAT
2008-12-10 20:28 <DIR> --d----- c:\docume~1\peter~1.pet\applic~1\GrabPro
2008-12-09 11:11 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2008-12-09 11:11 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2008-12-09 11:11 87,040 ac------ c:\windows\system32\dllcache\wiafbdrv.dll
2008-12-09 11:11 87,040 a------- c:\windows\system32\wiafbdrv.dll
2008-12-09 11:10 <DIR> --d----- c:\program files\42 Bit Scanner
2008-12-08 08:29 <DIR> --d----- c:\program files\EPSON Print CD
2008-12-08 08:28 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\UDL
2008-12-08 08:28 483,328 a------- c:\windows\system32\PICSDK.dll
2008-12-08 08:27 49,152 a------- c:\windows\system32\E_DCINST.DLL
2008-12-08 08:27 79,679 a------- c:\windows\system32\E_FLMAIE.DLL
2008-12-08 08:27 64,000 a------- c:\windows\system32\E_FBCBAIE.DLL
2008-12-08 08:27 34,304 a------- c:\windows\system32\E_FBCHAIE.DLL
2008-12-08 08:26 <DIR> --d----- c:\program files\EPSON
2008-12-08 08:26 25 a------- c:\windows\CDER220.ini
2008-12-06 09:11 <DIR> --d----- C:\Downloads
2008-12-05 23:38 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2008-12-05 23:19 107,864 a------- c:\windows\system32\tsccvid.dll
2008-12-05 23:19 <DIR> --d----- c:\program files\common files\TechSmith Shared
2008-12-05 17:45 24,064 -------- c:\windows\system32\msxml3a.dll
2008-12-05 17:05 <DIR> --d----- c:\program files\MagicISO
2008-12-01 18:26 56 a---h--- c:\windows\system32\ezsidmv.dat
2008-12-01 18:24 <DIR> --d----- c:\program files\Skype
2008-12-01 12:57 376 a------- c:\windows\ODBC.INI
2008-12-01 12:56 <DIR> --d----- c:\program files\Microsoft ActiveSync
2008-12-01 12:55 <DIR> --d----- c:\windows\ShellNew
2008-12-01 12:55 <DIR> --d----- c:\program files\common files\L&H
2008-12-01 12:45 <DIR> --d----- c:\windows\system32\scripting
2008-12-01 12:45 <DIR> --d----- c:\windows\system32\en
2008-12-01 12:45 <DIR> --d----- c:\windows\system32\bits
2008-12-01 12:45 <DIR> --d----- c:\windows\l2schemas
2008-12-01 12:44 <DIR> --d----- c:\windows\ServicePackFiles
2008-12-01 11:46 <DIR> --d----- c:\windows\network diagnostic
2008-12-01 11:36 <DIR> --d----- c:\docume~1\peter~1.pet\applic~1\MailWasherPro
2008-12-01 11:36 <DIR> --d----- c:\program files\FireTrust
2008-12-01 10:54 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2008-12-01 10:54 272,128 -------- c:\windows\system32\drivers\bthport.sys
2008-12-01 10:53 138,496 -c------ c:\windows\system32\dllcache\afd.sys
2008-12-01 10:53 333,824 -c------ c:\windows\system32\dllcache\srv.sys
2008-12-01 10:53 1,846,400 -c------ c:\windows\system32\dllcache\win32k.sys
2008-12-01 10:51 2,189,184 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-01 10:51 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2008-12-01 10:51 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-01 10:51 2,066,048 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-01 10:49 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2008-12-01 10:49 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2008-12-01 10:48 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2008-12-01 10:48 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2008-12-01 10:41 26,488 a------- c:\windows\system32\spupdsvc.exe
2008-12-01 10:41 <DIR> --d----- c:\windows\system32\PreInstall
2008-12-01 10:41 <DIR> --d-h--- c:\windows\$hf_mig$
2008-11-30 22:48 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2008-11-30 22:48 13,646 a------- c:\windows\system32\wpa.bak
2008-11-30 17:12 40,960 -----r-- c:\windows\system32\ChCfg.exe
2008-11-30 17:12 18,776,064 -----r-- c:\windows\system32\alsndmgr.cpl
2008-11-30 17:12 10,459,648 -----r-- c:\windows\system32\RTLCPL.exe
2008-11-30 17:12 157,184 -----r-- c:\windows\system32\RtlCPAPI.dll
2008-11-30 17:12 141,016 -----r-- c:\windows\system32\alsndmgr.wav
2008-11-30 17:12 90,112 -----r-- c:\windows\soundman.exe
2008-11-30 17:12 3,786,944 -----r-- c:\windows\system32\drivers\alcxwdm.sys
2008-11-30 17:12 <DIR> --d----- c:\program files\Realtek Sound Manager
2008-11-30 17:12 <DIR> --d----- c:\program files\AvRack
2008-11-30 17:12 164 -----r-- c:\windows\avrack.ini
2008-11-30 17:12 <DIR> --d----- c:\program files\Realtek AC97
2008-11-30 17:11 307,200 -----r-- c:\windows\alcupd.exe
2008-11-30 17:11 217,088 -----r-- c:\windows\alcrmv.exe
2008-11-30 17:11 434,252 a------- c:\windows\system32\MSVCRTD.DLL
2008-11-30 17:11 962,612 a------- c:\windows\system32\mfc42d.dll
2008-11-30 17:11 24,576 a----r-- c:\windows\system32\AsIO.dll
2008-11-30 17:11 5,685 a----r-- c:\windows\system32\drivers\AsIO.sys
2008-11-30 17:11 5,120 a------- c:\windows\system32\drivers\AsInsHelp64.sys
2008-11-30 17:11 3,328 a------- c:\windows\system32\drivers\AsInsHelp32.sys
2008-11-30 17:11 <DIR> --d----- c:\program files\ASUS
2008-11-30 17:06 810,054 a----r-- c:\windows\system32\A8N-SLI.bmp
2008-11-30 17:06 269 a----r-- c:\windows\system32\raidmgmt.ini
2008-11-30 17:06 5,810 a----r-- c:\windows\system32\drivers\ASACPI.sys
2008-11-30 17:06 6,591 a------- c:\windows\Ascd_tmp.ini
2008-11-30 17:06 5,824 a------- c:\windows\system32\drivers\ASUSHWIO.SYS
2008-11-30 13:15 81,587 a------- c:\windows\system32\nvapps.xml
2008-11-30 13:15 208,896 a------- c:\windows\system32\nvudisp.exe
2008-11-30 13:15 17,056 a------- c:\windows\system32\nvdisp.nvu
2008-11-30 13:14 208,896 a------- c:\windows\system32\NVUNINST.EXE
2008-11-30 00:26 <DIR> --d----- c:\documents and settings\Peter.PETER-29E949065
2008-11-30 00:25 8,192 a------- c:\windows\REGLOCS.OLD
2008-11-30 00:24 28,288 ac------ c:\windows\system32\dllcache\xjis.nls
2008-11-30 00:24 221,184 ac------ c:\windows\system32\dllcache\wmpns.dll
2008-11-30 00:24 156,672 ac------ c:\windows\system32\dllcache\winzm.ime
2008-11-30 00:24 156,672 ac------ c:\windows\system32\dllcache\winsp.ime
2008-11-30 00:24 156,672 ac------ c:\windows\system32\dllcache\winpy.ime
2008-11-30 00:24 79,360 ac------ c:\windows\system32\dllcache\winar30.ime
2008-11-30 00:24 72,704 ac------ c:\windows\system32\dllcache\wingb.ime
2008-11-30 00:24 65,536 ac------ c:\windows\system32\dllcache\winime.ime
2008-11-30 00:24 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll
2008-11-30 00:24 31,232 ac------ c:\windows\system32\dllcache\weitekp9.sys
2008-11-30 00:24 9,216 ac------ c:\windows\system32\dllcache\wamps51.dll
2008-11-30 00:22 60,928 ac------ c:\windows\system32\dllcache\iisclex4.dll
2008-11-30 00:21 6,144 ac------ c:\windows\system32\dllcache\admxprox.dll
2008-11-30 00:21 10,240 ac------ c:\windows\system32\dllcache\npwmsdrm.dll
2008-11-30 00:21 364,544 ac------ c:\windows\system32\dllcache\npdsplay.dll
2008-11-30 00:21 4,639 ac------ c:\windows\system32\dllcache\mplayer2.exe
2008-11-30 00:21 7,168 ac------ c:\windows\system32\dllcache\wamregps.dll
2008-11-30 00:21 19,968 ac------ c:\windows\system32\dllcache\inetsloc.dll
2008-11-30 00:21 7,680 ac------ c:\windows\system32\dllcache\inetmgr.exe
2008-11-30 00:21 169,984 ac------ c:\windows\system32\dllcache\iisui.dll
2008-11-30 00:21 5,632 ac------ c:\windows\system32\dllcache\iisrstap.dll
2008-11-30 00:21 14,336 ac------ c:\windows\system32\dllcache\iisreset.exe
2008-11-30 00:21 6,144 ac------ c:\windows\system32\dllcache\ftpsapi2.dll
2008-11-30 00:21 94,720 ac------ c:\windows\system32\dllcache\certmap.ocx
2008-11-30 00:20 2,626 a------- c:\windows\system32\CONFIG.NT
2008-11-30 00:20 0 a------- c:\windows\control.ini
2008-11-30 00:20 23,392 a------- c:\windows\system32\nscompat.tlb
2008-11-30 00:20 16,832 a------- c:\windows\system32\amcompat.tlb
2008-11-30 00:20 316,640 a------- c:\windows\WMSysPr9.prx
2008-11-30 00:20 <DIR> --dsh--- c:\documents and settings\all users.windows\DRM
2008-11-30 00:19 488 a---hr-- c:\windows\system32\WindowsLogon.manifest
2008-11-30 00:19 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2008-11-30 00:19 749 a---hr-- c:\windows\WindowsShell.Manifest
2008-11-30 00:19 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2008-11-30 00:19 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2008-11-30 00:19 749 a---hr-- c:\windows\system32\nwc.cpl.manifest
2008-11-30 00:19 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2008-11-30 00:19 749 a---hr-- c:\windows\system32\cdplayer.exe.manifest
2008-11-30 00:19 4,399,505 ac------ c:\windows\system32\dllcache\nls302en.lex
2008-11-30 00:16 11,264 ac------ c:\windows\system32\dllcache\atrace.dll
2008-11-30 00:16 11,264 a------- c:\windows\system32\atrace.dll
2008-11-30 00:16 35,328 ac------ c:\windows\system32\dllcache\notiflag.exe
2008-11-30 00:16 21,504 ac------ c:\windows\system32\dllcache\brpinfo.dll
2008-11-30 00:16 99,840 ac------ c:\windows\system32\dllcache\helphost.exe
2008-11-30 00:16 6,656 ac------ c:\windows\system32\dllcache\hcappres.dll
2008-11-30 00:16 2 a------- c:\windows\system32\desktop.ini
2008-11-30 00:16 2 a------- c:\windows\desktop.ini
2008-11-30 00:16 48,680 ---sh--- c:\windows\winnt256.bmp
2008-11-30 00:16 48,680 ---sh--- c:\windows\winnt.bmp
2008-11-30 00:15 47,104 ac------ c:\windows\system32\dllcache\srdiag.exe
2008-11-30 00:15 12,288 ac------ c:\windows\system32\dllcache\nmevtmsg.dll
2008-11-30 00:15 984 ac------ c:\windows\system32\dllcache\srframe.mmf
2008-11-30 00:15 12,288 a------- c:\windows\system32\nmevtmsg.dll
2008-11-30 00:15 118,784 a------- c:\windows\system32\msg723.acm
2008-11-30 00:15 64,512 ac------ c:\windows\system32\dllcache\acctres.dll
2008-11-30 00:15 64,512 a------- c:\windows\system32\acctres.dll
2008-11-30 00:15 16,384 ac------ c:\windows\system32\dllcache\icfgnt5.dll
2008-11-30 00:15 16,384 a------- c:\windows\system32\icfgnt5.dll
2008-11-30 00:15 16,384 ac------ c:\windows\system32\dllcache\isignup.exe
2008-11-30 00:13 45,568 a------- c:\windows\system32\safrslv.dll
2008-11-30 00:11 5,632 ac------ c:\windows\system32\dllcache\write.exe
2008-11-30 00:11 5,632 a------- c:\windows\system32\write.exe
2008-11-30 00:11 138,752 ac------ c:\windows\system32\dllcache\sndvol32.exe
2008-11-30 00:11 138,752 a------- c:\windows\system32\sndvol32.exe
2008-11-30 00:11 44,544 a------- c:\windows\system32\hticons.dll
2008-11-30 00:11 227,840 ac------ c:\windows\system32\dllcache\avtapi.dll
2008-11-30 00:11 73,216 ac------ c:\windows\system32\dllcache\avwav.dll
2008-11-30 00:11 16,384 ac------ c:\windows\system32\dllcache\avmeter.dll
2008-11-30 00:11 227,840 a------- c:\windows\system32\avtapi.dll
2008-11-30 00:11 73,216 a------- c:\windows\system32\avwav.dll
2008-11-30 00:11 16,384 a------- c:\windows\system32\avmeter.dll
2008-11-30 00:11 35,328 ac------ c:\windows\system32\dllcache\winchat.exe
2008-11-30 00:11 35,328 a------- c:\windows\system32\winchat.exe
2008-11-30 00:08 75,264 ac------ c:\windows\system32\dllcache\wmipicmp.dll
2008-11-30 00:07 1,267,200 a------- c:\windows\system32\comsvcs.dll
2008-11-30 00:07 539,648 a------- c:\windows\system32\comuid.dll
2008-11-30 00:07 498,688 a------- c:\windows\system32\clbcatq.dll
2008-11-30 00:07 56,320 a------- c:\windows\system32\servdeps.dll
2008-11-30 00:07 185,344 a------- c:\windows\system32\cmprops.dll
2008-11-30 00:07 58,880 a------- c:\windows\system32\licwmi.dll
2008-11-30 00:07 17,408 a------- c:\windows\system32\mmfutil.dll
2008-11-30 00:07 40,840 a------- c:\windows\system32\drivers\termdd.sys
2008-11-30 00:07 196,224 a------- c:\windows\system32\drivers\rdpdr.sys
2008-11-29 23:53 21,504 a------- c:\windows\system32\hidserv.dll
2008-11-29 23:53 57,600 a------- c:\windows\system32\drivers\redbook.sys
2008-11-29 23:52 6,400 a------- c:\windows\system32\drivers\enum1394.sys
2008-11-29 23:52 74,240 a------- c:\windows\system32\usbui.dll
2008-11-29 23:52 10,624 a------- c:\windows\system32\drivers\gameenum.sys
2008-11-29 23:52 146,048 a------- c:\windows\system32\drivers\portcls.sys
2008-11-29 23:52 2,944 a------- c:\windows\system32\drivers\msmpu401.sys
2008-11-29 23:52 129,536 a------- c:\windows\system32\ksproxy.ax
2008-11-29 23:52 60,160 a------- c:\windows\system32\drivers\drmk.sys
2008-11-29 23:52 4,096 a------- c:\windows\system32\ksuser.dll
2008-11-29 23:51 324,494 a------- c:\windows\system32\PerfStringBackup.INI
2008-11-29 23:51 4,161 a------- c:\windows\ODBCINST.INI
2008-11-29 23:51 66,082 ac------ c:\windows\system32\dllcache\c_28603.nls
2008-11-29 23:51 66,082 a------- c:\windows\system32\c_28603.nls
2008-11-29 23:50 5,632 ac------ c:\windows\system32\dllcache\kbdazel.dll
2008-11-29 23:50 5,632 a----r-- c:\windows\system32\kbdazel.dll
2008-11-29 23:50 6,144 ac------ c:\windows\system32\dllcache\kbdtuq.dll
2008-11-29 23:50 6,144 a----r-- c:\windows\system32\kbdtuq.dll
2008-11-29 23:50 6,144 ac------ c:\windows\system32\dllcache\kbdtuf.dll
2008-11-29 23:50 6,144 a----r-- c:\windows\system32\kbdtuf.dll
2008-11-29 23:50 66,082 ac------ c:\windows\system32\dllcache\c_28599.nls
2008-11-29 23:50 66,082 a------- c:\windows\system32\c_28599.nls
2008-11-29 23:50 66,594 ac------ c:\windows\system32\dllcache\c_857.nls
2008-11-29 23:50 66,082 ac------ c:\windows\system32\dllcache\c_10081.nls
2008-11-29 23:50 66,594 a------- c:\windows\system32\c_857.nls
2008-11-29 23:50 66,082 a------- c:\windows\system32\c_10081.nls
2008-11-29 23:48 6,144 ac------ c:\windows\system32\dllcache\kbdlv1.dll
2008-11-29 23:47 2,000 a------- c:\windows\system\KEYBOARD.DRV
2008-11-29 23:47 <DIR> --d--r-- c:\documents and settings\all users.windows\Documents
2008-11-29 23:45 797,189 ac------ c:\windows\system32\dllcache\NT5IIS.CAT
2008-11-29 23:45 399,645 ac------ c:\windows\system32\dllcache\MAPIMIG.CAT
2008-11-29 23:45 77,881 ac------ c:\windows\system32\dllcache\plus.cat
2008-11-29 23:45 37,484 ac------ c:\windows\system32\dllcache\MW770.CAT
2008-11-29 23:45 17,916 ac------ c:\windows\system32\dllcache\sonic.cat
2008-11-29 23:45 13,472 ac------ c:\windows\system32\dllcache\HPCRDP.CAT
2008-11-29 23:45 8,574 ac------ c:\windows\system32\dllcache\IASNT4.CAT
2008-11-29 23:45 7,382 ac------ c:\windows\system32\dllcache\OEMBIOS.CAT
2008-11-29 23:45 7,334 ac------ c:\windows\system32\dllcache\wmerrenu.cat
2008-11-29 23:45 106,147 ac------ c:\windows\system32\dllcache\SP2.CAT
2008-11-29 23:45 13,753 a----r-- c:\windows\SET8.tmp
2008-11-29 23:45 1,086,058 a----r-- c:\windows\SET4.tmp
2008-11-29 23:45 106,147 a----r-- c:\windows\SET3.tmp
2008-11-29 23:42 261 a------- c:\windows\system32\$winnt$.inf
2008-11-29 20:00 <DIR> --d----- c:\windows\nview
2008-11-29 18:35 36,352 a------- c:\windows\system32\drivers\AmdK8.sys
2008-11-29 18:35 <DIR> --d----- c:\program files\AMD
2008-11-29 17:49 <DIR> --d----- c:\windows\Downloaded Installations
2008-11-29 17:49 <DIR> --d----- c:\windows\system32\ReinstallBackups
2008-11-29 17:45 <DIR> --ds---- c:\windows\system32\Microsoft
2008-11-29 17:36 <DIR> --d----- c:\windows\system32\xircom
2008-11-29 17:35 <DIR> --ds---- c:\windows\Downloaded Program Files
2008-11-29 17:35 <DIR> --d--r-- c:\windows\Offline Web Pages
2008-11-29 17:35 <DIR> --d-h--- c:\program files\WindowsUpdate
2008-11-29 17:35 <DIR> --d----- c:\windows\Registration
2008-11-29 17:34 <DIR> --d----- c:\windows\system32\DirectX
2008-11-29 17:31 12,288 ac------ c:\windows\system32\dllcache\wb32.exe
2008-11-29 17:31 39,936 ac------ c:\windows\system32\dllcache\msinfo32.exe
2008-11-29 17:31 12,288 ac------ c:\windows\system32\dllcache\cb32.exe
2008-11-29 17:30 <DIR> --d----- c:\program files\common files\MSSoap
2008-11-29 16:56 <DIR> --d----- c:\program files\Messenger
2008-11-29 16:55 <DIR> --d----- c:\program files\MSN Gaming Zone
2008-11-29 16:51 <DIR> --d----- c:\program files\Windows NT
2008-11-29 15:32 <DIR> --d----- c:\program files\common files\ODBC
2008-11-29 15:32 <DIR> --d----- c:\program files\common files\SpeechEngines

==================== Find3M ====================

2008-12-01 12:46 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-10-23 12:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-16 20:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-03 10:02 247,326 a------- c:\windows\system32\strmdll.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2001-08-22 13:15 245,760 a------- c:\windows\inf\i386\viceo.dll
2001-08-22 13:13 32,768 a------- c:\windows\inf\i386\Pmicro.dll
2001-08-22 13:13 61,440 a------- c:\windows\inf\i386\gl.dll
2001-08-03 18:29 13,824 a------- c:\windows\inf\i386\Usbscan.sys

============= FINISH: 17:33:49.59 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 PeterBee

PeterBee
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:18 PM

Posted 28 December 2008 - 03:26 PM

After looking over the DDS.txt file I noticed 'resycled', I googled it and found this post Resycled/boot?

I followed the tips there and all seems to be OK just now.

Thanks to anyone who may have already checked out my post.

Peter

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:09:18 AM

Posted 08 January 2009 - 12:20 PM

Should you find other problems pleas start a new top and refer back to this one.

This thread is closed.

Good luck.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users