Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Log


  • This topic is locked This topic is locked
4 replies to this topic

#1 sooner52313

sooner52313

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 25 February 2009 - 09:37 PM

DDS (Ver_09-02-01.01) - FAT32x86
Run by James at 20:34:29.76 on Wed 02/25/2009
Internet Explorer: 8.0.6001.18372
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1537 [GMT -6:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
svchost.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Aspire Arcade\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\IObit\Advanced SystemCare 3\Awc.exe
D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\James\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJxdm128NJUS&fl=0&ptb=KEN9749LfuhtMk2_205OFA&url=http://www.ask.com/web&q={searchTerms}&l=zj&o=sb
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uInternet Settings,ProxyOverride = 127.0.0.1
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: NoExplorer - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: SpeedRunner Bar: {cafb2180-ba09-11dc-95ff-0800200c9a66} - %SystemRoot%\system32\shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Advanced SystemCare 3] "d:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [lxczbmgr.exe] "c:\program files\lexmark 1200 series\lxczbmgr.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} - hxxp://www.worldwinner.com/games/v41/mines/mines.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} - hxxp://www.worldwinner.com/games/v48/brickout/brickout.cab
DPF: {41D1977F-4161-4720-800F-EA4903983A38} - hxxp://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab
DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} - hxxp://www.worldwinner.com/games/v52/wwhearts/wwhearts.cab
DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} - hxxp://www.worldwinner.com/games/v63/bjattack/bja.cab
DPF: {61900274-3323-4446-BDCD-91548D32AF1B} - hxxp://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab
DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} - hxxp://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxps://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {94299420-321F-4FF9-A247-62A23EBB640B} - hxxp://www.worldwinner.com/games/v46/wordmojo/wordmojo.cab
DPF: {A9FDC7FD-FE81-4910-8CF2-FA59EEFE11EC} - hxxp://www.zoo-games.com/ClientSite/ZooInstaller.cab
DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} - hxxp://www.worldwinner.com/games/v41/hangman/hangman.cab
DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} - hxxp://www.worldwinner.com/games/v45/royal/royal.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-text-express-2-deluxe/zylomplayer.cab
DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} - hxxp://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} - hxxp://www.worldwinner.com/games/v53/wwspades/wwspades.cab
DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} - hxxp://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab
AppInit_DLLs: lhdoey.dll ,c:\windows\system32\notabage.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli c:\windows\system32\notabage.dll

============= SERVICES / DRIVERS ===============

R2 lxcz_device;lxcz_device;c:\windows\system32\lxczcoms.exe -service --> c:\windows\system32\lxczcoms.exe -service [?]
R2 osaio;osaio;c:\windows\system32\drivers\osaio.sys [2004-6-1 10594]
R2 osanbm;osanbm;c:\windows\system32\drivers\osanbm.sys [2004-6-1 4054]
R3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [1980-1-1 155392]
S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-1-22 33752]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-2-26 29183504]

=============== Created Last 30 ================

2009-02-25 20:18 116,224 a------- c:\windows\system32\dllcache\xrxwiadr.dll
2009-02-25 20:18 23,040 a------- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-02-25 20:18 18,944 a------- c:\windows\system32\dllcache\xrxscnui.dll
2009-02-25 20:18 27,648 a------- c:\windows\system32\dllcache\xrxftplt.exe
2009-02-25 20:18 4,608 a------- c:\windows\system32\dllcache\xrxflnch.exe
2009-02-25 20:17 99,865 a------- c:\windows\system32\dllcache\xlog.exe
2009-02-25 20:17 16,970 a------- c:\windows\system32\dllcache\xem336n5.sys
2009-02-25 20:17 19,455 a------- c:\windows\system32\dllcache\wvchntxx.sys
2009-02-25 20:17 19,200 a------- c:\windows\system32\dllcache\wstcodec.sys
2009-02-25 20:17 12,063 a------- c:\windows\system32\dllcache\wsiintxx.sys
2009-02-25 20:14 8,832 a------- c:\windows\system32\dllcache\wmiacpi.sys
2009-02-25 20:14 154,624 a------- c:\windows\system32\dllcache\wlluc48.sys
2009-02-25 20:14 34,890 a------- c:\windows\system32\dllcache\wlandrv2.sys
2009-02-25 20:14 771,581 a------- c:\windows\system32\dllcache\winacisa.sys
2009-02-25 20:13 53,760 a------- c:\windows\system32\dllcache\wiamsmud.dll
2009-02-25 20:13 31,232 a------- c:\windows\system32\dllcache\OLD6CE.tmp
2009-02-25 20:13 41,600 a------- c:\windows\system32\dllcache\OLD6CB.tmp
2009-02-25 20:13 701,386 a------- c:\windows\system32\dllcache\wdhaalba.sys
2009-02-25 20:13 23,615 a------- c:\windows\system32\dllcache\wch7xxnt.sys
2009-02-25 20:13 31,744 a------- c:\windows\system32\dllcache\wceusbsh.sys
2009-02-25 20:13 35,871 a------- c:\windows\system32\dllcache\wbfirdma.sys
2009-02-25 20:13 33,599 a------- c:\windows\system32\dllcache\watv04nt.sys
2009-02-25 20:13 19,551 a------- c:\windows\system32\dllcache\watv02nt.sys
2009-02-25 20:13 29,311 a------- c:\windows\system32\dllcache\watv01nt.sys
2009-02-25 20:13 11,775 a------- c:\windows\system32\dllcache\wadv05nt.sys
2009-02-25 20:12 12,127 a------- c:\windows\system32\dllcache\wadv02nt.sys
2009-02-25 20:12 12,415 a------- c:\windows\system32\dllcache\wadv01nt.sys
2009-02-25 20:12 16,925 a------- c:\windows\system32\dllcache\w940nd.sys
2009-02-25 20:12 19,016 a------- c:\windows\system32\dllcache\w926nd.sys
2009-02-25 20:12 19,528 a------- c:\windows\system32\dllcache\w840nd.sys
2009-02-25 20:12 48,256 a------- c:\windows\system32\dllcache\OLD6AE.tmp
2009-02-25 20:12 64,605 a------- c:\windows\system32\dllcache\vvoice.sys
2009-02-25 20:12 397,502 a------- c:\windows\system32\dllcache\vpctcom.sys
2009-02-25 20:11 604,253 a------- c:\windows\system32\dllcache\vmodem.sys
2009-02-25 20:11 249,402 a------- c:\windows\system32\dllcache\vinwm.sys
2009-02-25 20:11 24,576 a------- c:\windows\system32\dllcache\viairda.sys
2009-02-25 20:11 5,376 a------- c:\windows\system32\dllcache\viaide.sys
2009-02-25 20:11 53,760 a------- c:\windows\system32\dllcache\vfwwdm32.dll
2009-02-25 20:11 687,999 a------- c:\windows\system32\dllcache\usrwdxjs.sys
2009-02-25 20:11 765,884 a------- c:\windows\system32\dllcache\usrti.sys
2009-02-25 20:11 113,762 a------- c:\windows\system32\dllcache\usrpda.sys
2009-02-25 20:10 7,556 a------- c:\windows\system32\dllcache\usroslba.sys
2009-02-25 20:10 224,802 a------- c:\windows\system32\dllcache\usr1807a.sys
2009-02-25 20:10 794,399 a------- c:\windows\system32\dllcache\usr1806v.sys
2009-02-25 20:10 793,598 a------- c:\windows\system32\dllcache\usr1806.sys
2009-02-25 20:10 794,654 a------- c:\windows\system32\dllcache\usr1801.sys
2009-02-25 20:10 26,112 a------- c:\windows\system32\dllcache\usbser.sys
2009-02-25 20:10 17,024 a------- c:\windows\system32\dllcache\usbohci.sys
2009-02-25 20:10 31,616 a------- c:\windows\system32\dllcache\usbccgp.sys
2009-02-25 20:10 60,032 a------- c:\windows\system32\dllcache\usbaudio.sys
2009-02-25 20:10 32,384 a------- c:\windows\system32\dllcache\usb101et.sys
2009-02-25 20:09 94,720 a------- c:\windows\system32\dllcache\umaxud32.dll
2009-02-25 20:09 28,160 a------- c:\windows\system32\dllcache\umaxu40.dll
2009-02-25 20:09 26,624 a------- c:\windows\system32\dllcache\umaxu22.dll
2009-02-25 20:09 69,632 a------- c:\windows\system32\dllcache\umaxu12.dll
2009-02-25 20:09 50,688 a------- c:\windows\system32\dllcache\umaxscan.dll
2009-02-25 20:09 22,912 a------- c:\windows\system32\dllcache\umaxpcls.sys
2009-02-25 20:09 50,176 a------- c:\windows\system32\dllcache\umaxp60.dll
2009-02-25 20:08 47,616 a------- c:\windows\system32\dllcache\umaxcam.dll
2009-02-25 20:08 211,968 a------- c:\windows\system32\dllcache\um54scan.dll
2009-02-25 20:08 216,064 a------- c:\windows\system32\dllcache\um34scan.dll
2009-02-25 20:08 36,736 a------- c:\windows\system32\dllcache\ultra.sys
2009-02-25 20:08 11,520 a------- c:\windows\system32\dllcache\twotrack.sys
2009-02-25 20:08 14,336 a------- c:\windows\system32\dllcache\OLD66F.tmp
2009-02-25 20:08 166,784 a------- c:\windows\system32\dllcache\tridxpm.sys
2009-02-25 20:08 525,568 a------- c:\windows\system32\dllcache\tridxp.dll
2009-02-25 20:08 159,232 a------- c:\windows\system32\dllcache\tridkbm.sys
2009-02-25 20:07 440,576 a------- c:\windows\system32\dllcache\tridkb.dll
2009-02-25 20:07 222,336 a------- c:\windows\system32\dllcache\trid3dm.sys
2009-02-25 20:07 315,520 a------- c:\windows\system32\dllcache\trid3d.dll
2009-02-25 20:07 34,375 a------- c:\windows\system32\dllcache\tpro4.sys
2009-02-25 20:07 42,496 a------- c:\windows\system32\dllcache\tp4res.dll
2009-02-25 20:07 82,944 a------- c:\windows\system32\dllcache\tp4mon.exe
2009-02-25 20:07 31,744 a------- c:\windows\system32\dllcache\tp4.dll
2009-02-25 20:07 4,992 a------- c:\windows\system32\dllcache\toside.sys
2009-02-25 20:06 230,912 a------- c:\windows\system32\dllcache\tosdvd03.sys
2009-02-25 20:06 241,664 a------- c:\windows\system32\dllcache\tosdvd02.sys
2009-02-25 20:06 28,232 a------- c:\windows\system32\dllcache\tos4mo.sys
2009-02-25 20:06 123,995 a------- c:\windows\system32\dllcache\tjisdn.sys
2009-02-25 20:06 138,528 a------- c:\windows\system32\dllcache\tgiulnt5.sys
2009-02-25 20:06 81,408 a------- c:\windows\system32\dllcache\tgiul50.dll
2009-02-25 20:06 149,376 a------- c:\windows\system32\dllcache\tffsport.sys
2009-02-25 20:06 19,464 a------- c:\windows\system32\dllcache\OLD64A.tmp
2009-02-25 20:06 17,129 a------- c:\windows\system32\dllcache\tdkcd31.sys
2009-02-25 20:05 37,961 a------- c:\windows\system32\dllcache\tdk100b.sys
2009-02-25 20:05 21,896 a------- c:\windows\system32\dllcache\OLD643.tmp
2009-02-25 20:05 13,192 a------- c:\windows\system32\dllcache\OLD640.tmp
2009-02-25 20:05 30,464 a------- c:\windows\system32\dllcache\tbatm155.sys
2009-02-25 20:05 7,040 a------- c:\windows\system32\dllcache\tandqic.sys
2009-02-25 20:05 36,640 a------- c:\windows\system32\dllcache\t2r4mini.sys
2009-02-25 20:05 172,768 a------- c:\windows\system32\dllcache\t2r4disp.dll
2009-02-25 20:05 32,640 a------- c:\windows\system32\dllcache\symc8xx.sys
2009-02-25 20:05 30,688 a------- c:\windows\system32\dllcache\sym_u3.sys
2009-02-25 20:05 16,256 a------- c:\windows\system32\dllcache\symc810.sys
2009-02-25 20:05 28,384 a------- c:\windows\system32\dllcache\sym_hi.sys
2009-02-25 20:05 94,293 a------- c:\windows\system32\dllcache\sxports.dll
2009-02-25 20:04 103,936 a------- c:\windows\system32\dllcache\sx.sys
2009-02-25 20:04 3,968 a------- c:\windows\system32\dllcache\swusbflt.sys
2009-02-25 20:04 10,240 a------- c:\windows\system32\dllcache\swpidflt.dll
2009-02-25 20:04 10,240 a------- c:\windows\system32\dllcache\swpdflt2.dll
2009-02-25 20:04 53,760 a------- c:\windows\system32\dllcache\sw_wheel.dll
2009-02-25 20:04 41,472 a------- c:\windows\system32\dllcache\sw_effct.dll
2009-02-25 20:04 15,360 a------- c:\windows\system32\dllcache\streamip.sys
2009-02-25 20:04 155,648 a------- c:\windows\system32\dllcache\stlnprop.dll
2009-02-25 20:04 53,248 a------- c:\windows\system32\dllcache\stlncoin.dll
2009-02-25 20:04 285,760 a------- c:\windows\system32\dllcache\stlnata.sys
2009-02-25 20:03 16,896 a------- c:\windows\system32\dllcache\stcusb.sys
2009-02-25 20:03 48,736 a------- c:\windows\system32\dllcache\srwlnd5.sys
2009-02-25 20:03 99,328 a------- c:\windows\system32\dllcache\srusd.dll
2009-02-25 20:03 101,376 a------- c:\windows\system32\dllcache\OLD616.tmp
2009-02-25 20:03 24,660 a------- c:\windows\system32\dllcache\spxupchk.dll
2009-02-25 20:03 61,824 a------- c:\windows\system32\dllcache\speed.sys
2009-02-25 20:03 106,584 a------- c:\windows\system32\dllcache\spdports.dll
2009-02-25 20:03 19,072 a------- c:\windows\system32\dllcache\sparrow.sys
2009-02-25 20:02 7,552 a------- c:\windows\system32\dllcache\sonypvu1.sys
2009-02-25 20:02 37,040 a------- c:\windows\system32\dllcache\sonypi.sys
2009-02-25 20:02 114,688 a------- c:\windows\system32\dllcache\sonypi.dll
2009-02-25 20:02 20,752 a------- c:\windows\system32\dllcache\sonync.sys
2009-02-25 20:02 9,600 a------- c:\windows\system32\dllcache\sonymc.sys
2009-02-25 20:02 7,552 a------- c:\windows\system32\dllcache\sonyait.sys
2009-02-25 20:02 7,040 a------- c:\windows\system32\dllcache\snyaitmc.sys
2009-02-25 20:02 7,168 a------- c:\windows\system32\dllcache\OLD5FE.tmp
2009-02-25 20:02 10,240 a------- c:\windows\system32\dllcache\OLD5F8.tmp
2009-02-25 20:02 12,288 a------- c:\windows\system32\dllcache\OLD5EF.tmp
2009-02-25 20:02 5,632 a------- c:\windows\system32\dllcache\OLD5EB.tmp
2009-02-25 20:00 28,160 a------- c:\windows\system32\dllcache\sm91w.dll
2009-02-25 19:59 150,144 a------- c:\windows\system32\dllcache\sis6306v.dll
2009-02-25 19:59 68,608 a------- c:\windows\system32\dllcache\sis6306p.sys
2009-02-25 19:59 252,032 a------- c:\windows\system32\dllcache\sis300iv.dll
2009-02-25 19:59 101,760 a------- c:\windows\system32\dllcache\sis300ip.sys
2009-02-25 19:59 18,944 a------- c:\windows\system32\dllcache\OLD58B.tmp
2009-02-25 19:58 161,568 a------- c:\windows\system32\dllcache\sgsmusb.sys
2009-02-25 19:58 18,400 a------- c:\windows\system32\dllcache\sgsmld.sys
2009-02-25 19:58 98,080 a------- c:\windows\system32\dllcache\sgiulnt5.sys
2009-02-25 19:58 386,560 a------- c:\windows\system32\dllcache\sgiul50.dll
2009-02-25 19:58 36,480 a------- c:\windows\system32\dllcache\sfmanm.sys
2009-02-25 19:57 6,784 a------- c:\windows\system32\dllcache\serscan.sys
2009-02-25 19:57 17,664 a------- c:\windows\system32\dllcache\sermouse.sys
2009-02-25 19:57 26,112 a------- c:\windows\system32\dllcache\OLD57A.tmp
2009-02-25 19:57 6,912 a------- c:\windows\system32\dllcache\seaddsmc.sys
2009-02-25 19:57 11,520 a------- c:\windows\system32\dllcache\scsiscan.sys
2009-02-25 19:57 11,648 a------- c:\windows\system32\dllcache\scsiprnt.sys
2009-02-25 19:57 57,856 a------- c:\windows\system32\dllcache\OLD570.tmp
2009-02-25 19:57 17,280 a------- c:\windows\system32\dllcache\scr111.sys
2009-02-25 19:57 16,640 a------- c:\windows\system32\dllcache\scmstcs.sys
2009-02-25 19:57 23,936 a------- c:\windows\system32\dllcache\sccmusbm.sys
2009-02-25 19:56 23,936 a------- c:\windows\system32\dllcache\sccmn50m.sys
2009-02-25 19:56 43,136 a------- c:\windows\system32\dllcache\sbp2port.sys
2009-02-25 19:56 495,616 a------- c:\windows\system32\dllcache\sblfx.dll
2009-02-25 19:56 75,392 a------- c:\windows\system32\dllcache\s3savmxm.sys
2009-02-25 19:56 245,632 a------- c:\windows\system32\dllcache\s3savmx.dll
2009-02-25 19:56 77,824 a------- c:\windows\system32\dllcache\s3sav4m.sys
2009-02-25 19:56 198,400 a------- c:\windows\system32\dllcache\s3sav4.dll
2009-02-25 19:56 61,504 a------- c:\windows\system32\dllcache\s3sav3dm.sys
2009-02-25 19:56 179,264 a------- c:\windows\system32\dllcache\s3sav3d.dll
2009-02-25 19:55 210,496 a------- c:\windows\system32\dllcache\s3mvirge.dll
2009-02-25 19:55 62,496 a------- c:\windows\system32\dllcache\s3mtrio.dll
2009-02-25 19:55 41,216 a------- c:\windows\system32\dllcache\s3mt3d.sys
2009-02-25 19:55 182,272 a------- c:\windows\system32\dllcache\s3mt3d.dll
2009-02-25 19:55 166,720 a------- c:\windows\system32\dllcache\s3m.sys
2009-02-25 19:55 65,664 a------- c:\windows\system32\dllcache\s3legacy.sys
2009-02-25 19:55 82,432 a------- c:\windows\system32\dllcache\rwia450.dll
2009-02-25 19:55 79,872 a------- c:\windows\system32\dllcache\rwia430.dll
2009-02-25 19:55 79,872 a------- c:\windows\system32\dllcache\OLD545.tmp
2009-02-25 19:55 79,872 a------- c:\windows\system32\dllcache\OLD542.tmp
2009-02-25 19:55 29,696 a------- c:\windows\system32\dllcache\rw450ext.dll
2009-02-25 19:55 27,648 a------- c:\windows\system32\dllcache\rw430ext.dll
2009-02-25 19:54 20,992 a------- c:\windows\system32\dllcache\rtl8139.sys
2009-02-25 19:54 19,017 a------- c:\windows\system32\dllcache\rtl8029.sys
2009-02-25 19:54 30,720 a------- c:\windows\system32\dllcache\rthwcls.sys
2009-02-25 19:54 9,216 a------- c:\windows\system32\dllcache\rsmgrstr.dll
2009-02-25 19:54 3,840 a------- c:\windows\system32\dllcache\rpfun.sys
2009-02-25 19:54 79,104 a------- c:\windows\system32\dllcache\rocket.sys
2009-02-25 19:54 37,563 a------- c:\windows\system32\dllcache\rlnet5.sys
2009-02-25 19:54 86,097 a------- c:\windows\system32\dllcache\reslog32.dll
2009-02-25 19:54 23,040 a------- c:\windows\system32\dllcache\OLD529.tmp
2009-02-25 19:54 14,848 a------- c:\windows\system32\dllcache\OLD525.tmp
2009-02-25 19:52 112,574 a------- c:\windows\system32\dllcache\ptserlp.sys
2009-02-25 19:52 128,286 a------- c:\windows\system32\dllcache\ptserli.sys
2009-02-25 19:52 159,232 a------- c:\windows\system32\dllcache\ptpusd.dll
2009-02-25 19:52 5,632 a------- c:\windows\system32\dllcache\ptpusb.dll
2009-02-25 19:52 33,280 a------- c:\windows\system32\dllcache\psisrndr.ax
2009-02-25 19:52 35,328 a------- c:\windows\system32\dllcache\psisload.dll
2009-02-25 19:52 363,520 a------- c:\windows\system32\dllcache\psisdecd.dll
2009-02-25 19:52 16,128 a------- c:\windows\system32\dllcache\pscr.sys
2009-02-25 19:52 17,664 a------- c:\windows\system32\dllcache\ppa3.sys
2009-02-25 19:52 17,792 a------- c:\windows\system32\dllcache\ppa.sys
2009-02-25 19:52 8,832 a------- c:\windows\system32\dllcache\powerfil.sys
2009-02-25 19:52 7,168 a------- c:\windows\system32\dllcache\pnrmc.sys
2009-02-25 19:50 169,984 a------- c:\windows\system32\dllcache\pcx500.sys
2009-02-25 19:50 86,016 a------- c:\windows\system32\dllcache\pctspk.exe
2009-02-25 19:50 35,328 a------- c:\windows\system32\dllcache\pcntpci5.sys
2009-02-25 19:50 29,769 a------- c:\windows\system32\dllcache\pcntn5m.sys
2009-02-25 19:50 30,282 a------- c:\windows\system32\dllcache\pcntn5hl.sys
2009-02-25 19:50 26,153 a------- c:\windows\system32\dllcache\pcmlm56.sys
2009-02-25 19:50 29,502 a------- c:\windows\system32\dllcache\pca200e.sys
2009-02-25 19:50 30,495 a------- c:\windows\system32\dllcache\pc100nds.sys
2009-02-25 19:50 41,984 a------- c:\windows\system32\dllcache\ovui2rc.dll
2009-02-25 19:49 44,544 a------- c:\windows\system32\dllcache\ovui2.dll
2009-02-25 19:49 25,216 a------- c:\windows\system32\dllcache\ovsound2.sys
2009-02-25 19:49 39,424 a------- c:\windows\system32\dllcache\ovcoms.exe
2009-02-25 19:49 20,480 a------- c:\windows\system32\dllcache\ovcomc.dll
2009-02-25 19:49 351,616 a------- c:\windows\system32\dllcache\ovcodek2.sys
2009-02-25 19:49 116,736 a------- c:\windows\system32\dllcache\ovcodec2.dll
2009-02-25 19:49 31,872 a------- c:\windows\system32\dllcache\ovce.sys
2009-02-25 19:49 28,032 a------- c:\windows\system32\dllcache\ovcd.sys
2009-02-25 19:49 48,000 a------- c:\windows\system32\dllcache\ovcam2.sys
2009-02-25 19:48 25,088 a------- c:\windows\system32\dllcache\ovca.sys
2009-02-25 19:48 54,186 a------- c:\windows\system32\dllcache\otcsercb.sys
2009-02-25 19:48 43,689 a------- c:\windows\system32\dllcache\otceth5.sys
2009-02-25 19:48 27,209 a------- c:\windows\system32\dllcache\otc06x5.sys
2009-02-25 19:48 54,528 a------- c:\windows\system32\dllcache\opl3sax.sys
2009-02-25 19:48 198,144 a------- c:\windows\system32\dllcache\nv3.sys
2009-02-25 19:47 123,776 a------- c:\windows\system32\dllcache\nv3.dll
2009-02-25 19:47 2,066,048 a------- c:\windows\system32\dllcache\OLD49F.tmp
2009-02-25 19:47 51,552 a------- c:\windows\system32\dllcache\ntgrip.sys
2009-02-25 19:47 38,912 a------- c:\windows\system32\dllcache\OLD49A.tmp
2009-02-25 19:47 9,344 a------- c:\windows\system32\dllcache\ntapm.sys
2009-02-25 19:47 7,552 a------- c:\windows\system32\dllcache\nsmmc.sys
2009-02-25 19:47 28,672 a------- c:\windows\system32\dllcache\nscirda.sys
2009-02-25 19:47 87,040 a------- c:\windows\system32\dllcache\nm6wdm.sys
2009-02-25 19:46 126,080 a------- c:\windows\system32\dllcache\nm5a2wdm.sys
2009-02-25 19:46 32,840 a------- c:\windows\system32\dllcache\ngrpci.sys
2009-02-25 19:46 132,695 a------- c:\windows\system32\dllcache\netwlan5.sys
2009-02-25 19:46 65,278 a------- c:\windows\system32\dllcache\netflx3.sys
2009-02-25 19:46 39,264 a------- c:\windows\system32\dllcache\neo20xx.sys
2009-02-25 19:46 60,480 a------- c:\windows\system32\dllcache\neo20xx.dll
2009-02-25 19:45 15,872 a------- c:\windows\system32\dllcache\ne2000.sys
2009-02-25 19:45 10,880 a------- c:\windows\system32\dllcache\ndisip.sys
2009-02-25 19:45 85,248 a------- c:\windows\system32\dllcache\nabtsfec.sys
2009-02-25 19:45 91,488 a------- c:\windows\system32\dllcache\n9i3disp.dll
2009-02-25 19:45 27,936 a------- c:\windows\system32\dllcache\n9i3d.sys
2009-02-25 19:45 33,088 a------- c:\windows\system32\dllcache\n9i128v2.sys
2009-02-25 19:45 59,104 a------- c:\windows\system32\dllcache\n9i128v2.dll
2009-02-25 19:45 13,664 a------- c:\windows\system32\dllcache\n9i128.sys
2009-02-25 19:45 35,392 a------- c:\windows\system32\dllcache\n9i128.dll
2009-02-25 19:45 128,000 a------- c:\windows\system32\dllcache\n100325.sys
2009-02-25 19:45 52,255 a------- c:\windows\system32\dllcache\n1000nt5.sys
2009-02-25 19:44 75,520 a------- c:\windows\system32\dllcache\mxport.sys
2009-02-25 19:44 7,168 a------- c:\windows\system32\dllcache\mxport.dll
2009-02-25 19:44 19,968 a------- c:\windows\system32\dllcache\mxnic.sys
2009-02-25 19:44 19,968 a------- c:\windows\system32\dllcache\mxicfg.dll
2009-02-25 19:44 21,888 a------- c:\windows\system32\dllcache\mxcard.sys
2009-02-25 19:44 103,296 a------- c:\windows\system32\dllcache\mtxvideo.sys
2009-02-25 19:43 5,504 a------- c:\windows\system32\dllcache\mstee.sys
2009-02-25 19:43 49,024 a------- c:\windows\system32\dllcache\mstape.sys
2009-02-25 19:43 12,416 a------- c:\windows\system32\dllcache\msriffwv.sys
2009-02-25 19:43 2,944 a------- c:\windows\system32\dllcache\msmpu401.sys
2009-02-25 19:43 22,016 a------- c:\windows\system32\dllcache\msircomm.sys
2009-02-25 19:42 35,200 a------- c:\windows\system32\dllcache\msgame.sys
2009-02-25 19:41 6,016 a------- c:\windows\system32\dllcache\msfsio.sys
2009-02-25 19:41 56,832 a------- c:\windows\system32\dllcache\msdvbnp.ax
2009-02-25 19:41 51,200 a------- c:\windows\system32\dllcache\msdv.sys
2009-02-25 19:41 17,280 a------- c:\windows\system32\dllcache\mraid35x.sys
2009-02-25 19:41 15,232 a------- c:\windows\system32\dllcache\mpe.sys
2009-02-25 19:41 16,128 a------- c:\windows\system32\dllcache\modemcsa.sys
2009-02-25 19:41 6,528 a------- c:\windows\system32\dllcache\miniqic.sys
2009-02-25 19:41 34,304 a------- c:\windows\system32\dllcache\OLD444.tmp
2009-02-25 19:40 320,384 a------- c:\windows\system32\dllcache\mgaum.sys
2009-02-25 19:40 235,648 a------- c:\windows\system32\dllcache\mgaud.dll
2009-02-25 19:40 92,416 a------- c:\windows\system32\dllcache\OLD43D.tmp
2009-02-25 19:40 92,032 a------- c:\windows\system32\dllcache\OLD43A.tmp
2009-02-25 19:40 26,112 a------- c:\windows\system32\dllcache\memstpci.sys
2009-02-25 19:40 47,616 a------- c:\windows\system32\dllcache\memgrp.dll
2009-02-25 19:40 8,320 a------- c:\windows\system32\dllcache\memcard.sys
2009-02-25 19:40 164,586 a------- c:\windows\system32\dllcache\mdgndis5.sys
2009-02-25 19:40 7,424 a------- c:\windows\system32\dllcache\mammoth.sys
2009-02-25 19:40 65,536 a------- c:\windows\system32\dllcache\OLD42D.tmp
2009-02-25 19:40 48,768 a------- c:\windows\system32\dllcache\maestro.sys
2009-02-25 19:40 58,880 a------- c:\windows\system32\dllcache\m3092dc.dll
2009-02-25 19:39 58,368 a------- c:\windows\system32\dllcache\m3091dc.dll
2009-02-25 19:39 22,848 a------- c:\windows\system32\dllcache\lwusbhid.sys
2009-02-25 19:39 20,864 a------- c:\windows\system32\dllcache\lwadihid.sys
2009-02-25 19:39 797,500 a------- c:\windows\system32\dllcache\ltsmt.sys
2009-02-25 19:39 802,683 a------- c:\windows\system32\dllcache\ltsm.sys
2009-02-25 19:39 7,040 a------- c:\windows\system32\dllcache\ltotape.sys
2009-02-25 19:39 420,992 a------- c:\windows\system32\dllcache\ltmdmntt.sys
2009-02-25 19:39 576,746 a------- c:\windows\system32\dllcache\ltmdmntl.sys
2009-02-25 19:39 606,684 a------- c:\windows\system32\dllcache\ltmdmnt.sys
2009-02-25 19:39 727,786 a------- c:\windows\system32\dllcache\ltck000c.sys
2009-02-25 19:39 4,992 a------- c:\windows\system32\dllcache\loop.sys
2009-02-25 19:39 70,730 a------- c:\windows\system32\dllcache\lne100tx.sys
2009-02-25 19:37 18,432 a------- c:\windows\system32\dllcache\OLD3F2.tmp
2009-02-25 19:37 26,624 a------- c:\windows\system32\dllcache\irstusb.sys
2009-02-25 19:37 18,688 a------- c:\windows\system32\dllcache\irsir.sys
2009-02-25 19:37 23,552 a------- c:\windows\system32\dllcache\irmk7.sys
2009-02-25 19:37 16,384 a------- c:\windows\system32\dllcache\ipsink.ax
2009-02-25 19:37 45,632 a------- c:\windows\system32\dllcache\ip5515.sys
2009-02-25 19:37 90,200 a------- c:\windows\system32\dllcache\io8ports.dll
2009-02-25 19:37 38,784 a------- c:\windows\system32\dllcache\io8.sys
2009-02-25 19:37 16,000 a------- c:\windows\system32\dllcache\ini910u.sys
2009-02-25 19:37 13,056 a------- c:\windows\system32\dllcache\inport.sys
2009-02-25 19:36 372,824 a------- c:\windows\system32\dllcache\iconf32.dll
2009-02-25 19:36 100,992 a------- c:\windows\system32\dllcache\icam5usb.sys
2009-02-25 19:35 20,480 a------- c:\windows\system32\dllcache\icam5ext.dll
2009-02-25 19:35 45,056 a------- c:\windows\system32\dllcache\icam5com.dll
2009-02-25 19:35 154,496 a------- c:\windows\system32\dllcache\icam4usb.sys
2009-02-25 19:35 61,952 a------- c:\windows\system32\dllcache\icam4ext.dll
2009-02-25 19:35 91,136 a------- c:\windows\system32\dllcache\icam4com.dll
2009-02-25 19:35 26,624 a------- c:\windows\system32\dllcache\icam3ext.dll
2009-02-25 19:35 141,056 a------- c:\windows\system32\dllcache\icam3.sys
2009-02-25 19:35 38,528 a------- c:\windows\system32\dllcache\ibmvcap.sys
2009-02-25 19:35 109,085 a------- c:\windows\system32\dllcache\ibmtrp.sys
2009-02-25 19:35 100,936 a------- c:\windows\system32\dllcache\ibmtok.sys
2009-02-25 19:35 9,216 a------- c:\windows\system32\dllcache\ibmsgnet.dll
2009-02-25 19:35 28,700 a------- c:\windows\system32\dllcache\ibmexmp.sys
2009-02-25 19:34 161,020 a------- c:\windows\system32\dllcache\i81xnt5.sys
2009-02-25 19:34 702,845 a------- c:\windows\system32\dllcache\i81xdnt5.dll
2009-02-25 19:34 58,592 a------- c:\windows\system32\dllcache\i740nt5.sys
2009-02-25 19:34 353,184 a------- c:\windows\system32\dllcache\i740dnt5.dll
2009-02-25 19:34 18,560 a------- c:\windows\system32\dllcache\i2omp.sys
2009-02-25 19:34 8,192 a------- c:\windows\system32\dllcache\i2omgmt.sys
2009-02-25 19:32 488,383 a------- c:\windows\system32\dllcache\hsf_v124.sys
2009-02-25 19:32 50,751 a------- c:\windows\system32\dllcache\hsf_tone.sys
2009-02-25 19:32 73,279 a------- c:\windows\system32\dllcache\hsf_spkp.sys
2009-02-25 19:32 44,863 a------- c:\windows\system32\dllcache\hsf_soar.sys
2009-02-25 19:32 57,471 a------- c:\windows\system32\dllcache\hsf_samp.sys
2009-02-25 19:32 542,879 a------- c:\windows\system32\dllcache\hsf_msft.sys
2009-02-25 19:32 391,199 a------- c:\windows\system32\dllcache\hsf_k56k.sys
2009-02-25 19:32 9,759 a------- c:\windows\system32\dllcache\hsf_inst.dll
2009-02-25 19:31 115,807 a------- c:\windows\system32\dllcache\hsf_fsks.sys
2009-02-25 19:31 199,711 a------- c:\windows\system32\dllcache\hsf_faxx.sys
2009-02-25 19:31 289,887 a------- c:\windows\system32\dllcache\hsf_fall.sys
2009-02-25 19:31 67,167 a------- c:\windows\system32\dllcache\hsf_bsc2.sys
2009-02-25 19:31 150,239 a------- c:\windows\system32\dllcache\hsf_amos.sys
2009-02-25 19:31 19,456 a------- c:\windows\system32\dllcache\hr1w.dll
2009-02-25 19:31 5,760 a------- c:\windows\system32\dllcache\hpt4qic.sys
2009-02-25 19:31 13,312 a------- c:\windows\system32\dllcache\hpsjmcro.dll
2009-02-25 19:31 324,608 a------- c:\windows\system32\dllcache\hpojwia.dll
2009-02-25 19:31 25,952 a------- c:\windows\system32\dllcache\hpn.sys
2009-02-25 19:31 32,768 a------- c:\windows\system32\dllcache\hpgtmcro.dll
2009-02-25 19:31 68,608 a------- c:\windows\system32\dllcache\hpgt53tk.dll
2009-02-25 19:29 20,352 a------- c:\windows\system32\dllcache\hidbatt.sys
2009-02-25 19:29 907,456 a------- c:\windows\system32\dllcache\hcf_msft.sys
2009-02-25 19:29 28,288 a------- c:\windows\system32\dllcache\grserial.sys
2009-02-25 19:29 82,304 a------- c:\windows\system32\dllcache\grclass.sys
2009-02-25 19:29 17,408 a------- c:\windows\system32\dllcache\gpr400.sys
2009-02-25 19:29 59,136 a------- c:\windows\system32\dllcache\gckernel.sys
2009-02-25 19:29 10,624 a------- c:\windows\system32\dllcache\gameenum.sys
2009-02-25 19:29 322,432 a------- c:\windows\system32\dllcache\g400m.sys
2009-02-25 19:29 1,733,120 a------- c:\windows\system32\dllcache\g400d.dll
2009-02-25 19:29 320,384 a------- c:\windows\system32\dllcache\g200m.sys
2009-02-25 19:29 470,144 a------- c:\windows\system32\dllcache\g200d.dll
2009-02-25 19:27 22,090 a------- c:\windows\system32\dllcache\fem556n5.sys
2009-02-25 19:26 347,550 a------- c:\windows\system32\dllcache\es56tpi.sys
2009-02-25 19:25 283,904 a------- c:\windows\system32\dllcache\emu10k1m.sys
2009-02-25 19:24 117,760 a------- c:\windows\system32\dllcache\e100b325.sys
2009-02-25 19:24 50,719 a------- c:\windows\system32\dllcache\e1000nt5.sys
2009-02-25 19:24 20,992 a------- c:\windows\system32\dllcache\dshowext.ax
2009-02-25 19:24 334,208 a------- c:\windows\system32\dllcache\ds1wdm.sys
2009-02-25 19:24 20,192 a------- c:\windows\system32\dllcache\dpti2o.sys
2009-02-25 19:24 28,062 a------- c:\windows\system32\dllcache\dp83820.sys
2009-02-25 19:24 23,808 a------- c:\windows\system32\dllcache\dot4usb.sys
2009-02-25 19:24 8,704 a------- c:\windows\system32\dllcache\dot4scan.sys
2009-02-25 19:24 12,928 a------- c:\windows\system32\dllcache\dot4prt.sys
2009-02-25 19:24 206,976 a------- c:\windows\system32\dllcache\dot4.sys
2009-02-25 19:22 37,735 a------- c:\windows\system32\dllcache\digiasyn.sys
2009-02-25 19:21 117,760 a------- c:\windows\system32\dllcache\d100ib5.sys
2009-02-25 19:20 60,970 a------- c:\windows\system32\dllcache\cpqtrnd5.sys
2009-02-25 19:19 15,872 a------- c:\windows\system32\dllcache\OLD214.tmp
2009-02-25 19:18 66,594 a------- c:\windows\system32\dllcache\OLD1D8.tmp
2009-02-25 19:17 5,120 a------- c:\windows\system32\dllcache\brscnrsm.dll
2009-02-25 19:16 23,552 a------- c:\windows\system32\dllcache\atixbar.sys
2009-02-25 19:15 24,576 a------- c:\windows\system32\dllcache\agcgauge.ax
2009-02-25 19:13 66,048 a------- c:\windows\system32\dllcache\s3legacy.dll
2009-02-25 19:13 2,189,184 a------- c:\windows\system32\dllcache\OLDA5.tmp
2009-02-25 18:30 53,248 a------- c:\windows\system32\CSVer.dll
2009-02-25 18:30 <DIR> --d----- C:\Intel
2009-02-25 18:20 <DIR> --d----- c:\docume~1\james\applic~1\IObit
2009-02-25 10:29 118 a------- c:\windows\system32\MRT.INI
2009-02-25 03:43 <DIR> --d----- c:\windows\SQL9_KB960089_ENU
2009-02-25 00:39 <DIR> --d----- c:\windows\system32\XPSViewer
2009-02-25 00:35 117,760 -------- c:\windows\system32\prntvpt.dll
2009-02-25 00:35 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-02-25 00:35 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-02-25 00:35 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-02-25 00:35 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-02-25 00:35 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-02-25 00:35 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
2009-02-24 23:34 <DIR> --dsh--- c:\documents and settings\james\PrivacIE
2009-02-24 23:33 <DIR> --dsh--- c:\documents and settings\james\IETldCache
2009-02-24 23:08 <DIR> --d-h--- c:\windows\ie8
2009-02-24 22:11 <DIR> --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-02-24 20:52 <DIR> --d----- c:\windows\system32\scripting
2009-02-24 20:52 <DIR> --d----- c:\windows\l2schemas
2009-02-24 20:52 <DIR> --d----- c:\windows\system32\en
2009-02-24 20:52 <DIR> --d----- c:\windows\system32\bits
2009-02-24 20:42 <DIR> --d----- c:\windows\ServicePackFiles
2009-02-24 20:19 <DIR> --d----- c:\windows\EHome
2009-02-23 21:17 <DIR> --dsh--- C:\FOUND.003
2009-02-13 00:12 <DIR> --dsh--- C:\FOUND.002
2009-02-05 00:16 53,051 a------- c:\windows\Sysvxd.exe
2009-02-05 00:11 <DIR> --d----- c:\windows\CAVTemp

==================== Find3M ====================

2009-02-24 20:58 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-02-22 12:03 4,212 ----h--- c:\windows\system32\zllictbl.dat
2009-01-15 02:17 636,264 a------- c:\windows\system32\dllcache\iexplore.exe
2009-01-15 02:17 392,040 a------- c:\windows\system32\dllcache\iedkcs32.dll
2009-01-15 02:13 5,888,512 a------- c:\windows\system32\dllcache\mshtml.dll
2009-01-15 02:12 10,963,968 a------- c:\windows\system32\dllcache\ieframe.dll
2009-01-15 02:06 1,182,720 a------- c:\windows\system32\dllcache\urlmon.dll
2009-01-15 02:06 236,544 a------- c:\windows\system32\dllcache\webcheck.dll
2009-01-15 02:06 105,984 a------- c:\windows\system32\dllcache\url.dll
2009-01-15 02:05 911,872 a------- c:\windows\system32\wininet.dll
2009-01-15 02:05 911,872 a------- c:\windows\system32\dllcache\wininet.dll
2009-01-15 02:05 193,536 a------- c:\windows\system32\dllcache\msrating.dll
2009-01-15 02:05 109,056 a------- c:\windows\system32\dllcache\occache.dll
2009-01-15 02:05 43,008 a------- c:\windows\system32\licmgr10.dll
2009-01-15 02:05 43,008 a------- c:\windows\system32\dllcache\licmgr10.dll
2009-01-15 02:04 755,200 a------- c:\windows\system32\dllcache\vgx.dll
2009-01-15 02:04 18,944 a------- c:\windows\system32\dllcache\corpol.dll
2009-01-15 02:04 18,944 a------- c:\windows\system32\corpol.dll
2009-01-15 02:04 25,600 a------- c:\windows\system32\dllcache\jsproxy.dll
2009-01-15 02:02 1,975,296 a------- c:\windows\system32\dllcache\iertutil.dll
2009-01-15 02:02 593,920 a------- c:\windows\system32\dllcache\msfeeds.dll
2009-01-15 02:02 611,840 a------- c:\windows\system32\dllcache\mstime.dll
2009-01-15 02:01 183,808 a------- c:\windows\system32\dllcache\iepeers.dll
2009-01-15 02:01 59,904 a------- c:\windows\system32\dllcache\icardie.dll
2009-01-15 02:01 54,272 a------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-01-15 02:01 34,304 a------- c:\windows\system32\imgutil.dll
2009-01-15 02:01 34,304 a------- c:\windows\system32\dllcache\imgutil.dll
2009-01-15 02:01 348,160 a------- c:\windows\system32\dllcache\dxtmsft.dll
2009-01-15 02:01 46,592 a------- c:\windows\system32\dllcache\pngfilt.dll
2009-01-15 02:01 216,064 a------- c:\windows\system32\dllcache\dxtrans.dll
2009-01-15 02:01 66,560 a------- c:\windows\system32\dllcache\mshtmled.dll
2009-01-15 02:00 48,128 a------- c:\windows\system32\mshtmler.dll
2009-01-15 02:00 48,128 a------- c:\windows\system32\dllcache\mshtmler.dll
2009-01-15 02:00 45,568 a------- c:\windows\system32\mshta.exe
2009-01-15 02:00 45,568 a------- c:\windows\system32\dllcache\mshta.exe
2009-01-15 01:53 68,608 a------- c:\windows\system32\dllcache\hmmapi.dll
2009-01-15 01:50 156,160 a------- c:\windows\system32\msls31.dll
2009-01-15 01:50 156,160 a------- c:\windows\system32\dllcache\msls31.dll
2009-01-15 01:35 445,440 a------- c:\windows\system32\dllcache\ieapfltr.dll
2009-01-08 19:02 67,338 a--sh--- c:\windows\system32\pinafadi.dll
2008-12-14 17:12 3,698,040 a------- c:\windows\system32\dllcache\ieapfltr.dat
2008-12-11 04:57 333,952 a------- c:\windows\system32\dllcache\srv.sys
2007-11-29 03:34 1,748,536 a------- c:\program files\MSOINTL.DLL
2007-09-30 00:55 774,144 a------- c:\program files\RngInterstitial.dll

============= FINISH: 20:34:46.67 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:26 PM

Posted 11 March 2009 - 09:19 AM

Welcome to the BleepingComputer Forums.

Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Please post the contents of log.txt.
Thank you for your patience.

Please see Preparation Guide for use before posting about your potential Malware problem.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so.

While we are working on your HijackThis log, please:
  • Reply to this thread; do not start another!
  • Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so.
  • Do not run any other tool until instructed to do so!
  • Let me know if any of the links do not work or if any of the tools do not work.
  • Tell me about problems or symptoms that occur during the fix.
  • Do not run any other programs or open any other windows while doing a fix.
  • Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.
Thanks.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 sooner52313

sooner52313
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 14 March 2009 - 12:14 AM

Logfile of random's system information tool 1.05 (written by random/random)
Run by James at 2009-03-13 23:03:04
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 41 GB (85%) free of 49 GB
Total RAM: 2046 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:03:05 PM, on 3/13/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Aspire Arcade\PCMService.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Documents and Settings\James\Desktop\RSIT.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\trend micro\James.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Aspire Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [RCScheduleCheck] C:\Program Files\VCOM\Recovery Commander\RCSCHED.EXE -CHECK
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF8A89C9-38FC-4E88-B0BA-627DA0B5C072}: NameServer = 85.255.112.139,85.255.112.136
O17 - HKLM\System\CCS\Services\Tcpip\..\{EDAB771C-8B80-4620-9179-C5D2D801161F}: NameServer = 85.255.112.139,85.255.112.136
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.139,85.255.112.136
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.139,85.255.112.136
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - D:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: Fix-It Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

--
End of file - 5713 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled Checkpoint.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-12 339968]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-04-13 88363]
"LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe [2003-03-19 184320]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-07 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-07 536576]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2004-08-10 471040]
"PCMService"=C:\Program Files\Aspire Arcade\PCMService.exe [2004-09-04 81920]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2004-08-18 94208]
"McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2004-08-06 139320]
"Network Associates Error Reporting Service"=C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe [2003-10-07 147514]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2004-08-04 110592]
"RCScheduleCheck"=C:\Program Files\VCOM\Recovery Commander\RCSCHED.EXE [2003-10-21 151552]
"Fix-It AV"=C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe [2003-06-10 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-08 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{a5780613-492e-4a2a-a7fd-549610edf6cc}"=C:\Program Files\VCOM\Recovery Commander\RCHOOK.DLL [2003-07-08 102400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\AVG\AVG8\avgemc.exe"="D:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"D:\Program Files\AVG\AVG8\avgupd.exe"="D:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"D:\Program Files\AVG\AVG8\avgnsx.exe"="D:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{09733cde-0c7c-11de-81e5-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-6-8-67-100023254-100008094-100023449-3687.com c:\
shell\Open\command - RECYCLER\S-6-8-67-100023254-100008094-100023449-3687.com c:\


======List of files/folders created in the last 1 months======

2009-03-13 23:01:31 ----D---- C:\rsit
2009-03-13 23:01:31 ----D---- C:\Program Files\trend micro
2009-03-13 20:51:32 ----D---- C:\WINDOWS\AF9C41C1EC1D4FCD9C5D1AFEFCB67CD1.TMP
2009-03-13 20:51:07 ----SHD---- C:\VCOM
2009-03-13 20:50:23 ----D---- C:\Documents and Settings\James\Application Data\VCOM
2009-03-13 20:48:44 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-03-13 20:47:47 ----A---- C:\WINDOWS\RCUninstall.EXE
2009-03-13 20:47:47 ----A---- C:\RCINFO.TXT
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c009pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c009pr7.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c008pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c008pr7.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c007pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c007pr7.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c006pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c005pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c004pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c003pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c002pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c001pr8.txt
2009-03-13 20:47:40 ----A---- C:\WINDOWS\system32\c000pr8.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\cp.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c09pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c09p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c08pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c08p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c07pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c07p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c06pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c06p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c05pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c05p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c04pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c04p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c03pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c03p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c02pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c02p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c01pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c01p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c01.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c00pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c00p.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c009pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c008pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c007pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c006pr7.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c006pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c005pr7.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c005pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c004pr7.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c004pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c003pr7.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c003pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c002pr7.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c002pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c001pr7.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c001pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c000pr7.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c000pr.txt
2009-03-13 20:47:39 ----A---- C:\WINDOWS\system32\c00.txt
2009-03-13 20:47:39 ----A---- C:\SFCFILES.TXT
2009-03-13 20:47:15 ----D---- C:\Program Files\VCOM
2009-03-13 20:44:22 ----D---- C:\WINDOWS\pss
2009-03-13 20:07:11 ----D---- C:\WINDOWS\system32\NtmsData
2009-03-11 17:28:47 ----D---- C:\Documents and Settings\James\Application Data\aAvgApi
2009-03-11 17:27:19 ----AD---- C:\IObit
2009-03-11 17:27:17 ----D---- C:\AvRack
2009-03-11 17:27:10 ----D---- C:\AVG
2009-03-11 17:20:24 ----RASH---- C:\S-9-2-20-100032169-100014396-100008315-3748.com
2009-03-11 17:18:20 ----A---- C:\billing.txt
2009-03-11 17:18:18 ----A---- C:\Business 2033.txt
2009-03-11 17:18:02 ----AD---- C:\2006-12-02
2009-03-11 17:17:59 ----AD---- C:\2006-11-19
2009-03-11 17:17:22 ----AD---- C:\puerto rico
2009-03-11 17:16:29 ----AD---- C:\My Pictures
2009-03-10 21:08:14 ----D---- C:\Program Files\Common Files\Cisco Systems
2009-03-10 21:07:56 ----D---- C:\Documents and Settings\All Users\Application Data\Network Associates
2009-03-10 21:07:53 ----D---- C:\Program Files\Network Associates
2009-03-10 21:07:53 ----D---- C:\Program Files\Common Files\Network Associates
2009-03-10 20:46:51 ----D---- C:\Documents and Settings\James\Application Data\AdobeUM
2009-03-10 20:45:17 ----D---- C:\Documents and Settings\James\Application Data\Adobe
2009-03-10 20:45:15 ----D---- C:\Program Files\Common Files\Adobe
2009-03-09 17:14:54 ----D---- C:\WINDOWS\system32\DRVSTORE
2009-03-09 17:14:54 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-03-09 17:14:39 ----D---- C:\Intel
2009-03-09 00:17:28 ----D---- C:\Documents and Settings\James\Application Data\Help
2009-03-08 23:15:39 ----A---- C:\WINDOWS\imsins.BAK
2009-03-08 23:11:02 ----D---- C:\Documents and Settings\James\Application Data\IObit
2009-03-08 23:08:52 ----D---- C:\RECYCLER
2009-03-08 23:03:11 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-03-08 23:03:04 ----D---- C:\Documents and Settings\James\Application Data\AVGTOOLBAR
2009-03-08 23:02:59 ----D---- C:\Program Files\AVG
2009-03-08 23:02:58 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-03-08 22:48:57 ----D---- C:\Documents and Settings\James\Application Data\Macromedia
2009-03-08 22:44:59 ----ASH---- C:\Documents and Settings\James\Application Data\desktop.ini
2009-03-08 22:44:58 ----SD---- C:\Documents and Settings\James\Application Data\Microsoft
2009-03-08 22:44:58 ----D---- C:\Documents and Settings\James\Application Data\Identities

======List of files/folders modified in the last 1 months======

2009-03-13 22:26:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-13 22:24:46 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2009-03-09 16:56:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-09 01:09:58 ----A---- C:\WINDOWS\system.ini
2009-03-09 00:26:34 ----A---- C:\WINDOWS\HOTFIX.BAT
2009-03-09 00:26:34 ----A---- C:\WINDOWS\CLEANUP.CMD
2009-03-08 22:47:56 ----A---- C:\WINDOWS\ALaunch.ini
2009-03-08 22:45:22 ----A---- C:\WINDOWS\OEWABLog.txt
2009-03-08 22:37:16 ----A---- C:\WINDOWS\setuplog.txt
2009-03-08 22:37:08 ----ASH---- C:\boot.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-08 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-03-08 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-03-08 107912]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 NaiAvTdi1;NaiAvTdi1; C:\WINDOWS\system32\drivers\mvstdi5x.sys [2004-08-18 58016]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 tmpreflt;tmpreflt; \??\C:\PROGRA~1\VCOM\Fix-It\tmpreflt.sys []
R2 tmxpflt;tmxpflt; \??\C:\PROGRA~1\VCOM\Fix-It\tmxpflt.sys []
R2 Vsapint;Vsapint; \??\C:\PROGRA~1\VCOM\Fix-It\Vsapint.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-04-13 1266380]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-12 786944]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-11-21 113152]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2003-09-14 18838]
R3 EntDrv51;EntDrv51; \??\C:\WINDOWS\system32\drivers\EntDrv51.sys []
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-04 9600]
R3 IPN2220;acer IPN2220 Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-08-16 160896]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 mxDisk;mxDisk; \??\C:\PROGRA~1\VCOM\Fix-It\mxDisk.sys []
R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2004-08-18 108256]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2004-09-23 6912]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2002-04-23 35913]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-07 182688]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-04 274304]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-04 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-08-12 389120]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 Fix-It Task Manager;Fix-It Task Manager; C:\PROGRA~1\VCOM\Fix-It\mxtask.exe [2003-06-10 184320]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2004-08-06 102463]
R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2004-08-18 221191]
R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2004-08-18 28672]
S2 avg8emc;AVG Free8 E-mail Scanner; D:\PROGRA~1\AVG\AVG8\avgemc.exe []
S2 avg8wd;AVG Free8 WatchDog; D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 267776]
S2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

-----------------EOF-----------------

Attached Files

  • Attached File  log.txt   21.48KB   2 downloads


#4 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:26 PM

Posted 15 March 2009 - 09:16 AM

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.
  • Please download FixWareout or
    Alternative Link.
  • Save it to your desktop and run it. Click Next, then Install, make sure Run fixit is checked and click Finish.
  • The fix will begin; follow the prompts.
  • You will be asked to reboot your computer; please do so.
  • Your system may take longer than usual to load; this is normal.
  • After the desktop loads, please post the contents of the logfile C:\fixwareout\report.txt and a new HijackThis log.

You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#5 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:26 PM

Posted 24 March 2009 - 06:59 PM

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users