Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help! Infected with virus


  • This topic is locked This topic is locked
3 replies to this topic

#1 waymore72

waymore72

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 11 September 2010 - 01:39 AM

I keep getting popups that will not go away. At first they were the "crush" popup. Now I am getting dozens of popups from Lynksys. I occasionally get the blue screen, too. My computer is running extremely slowly.

I am also seeing the aawservice.exe on my Task Manager, and it is taking up all of the memory.



DDS (Ver_10-03-17.01) - NTFSx86
Run by George H at 17:30:32.06 on Sat 10/11/2003
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1279.687 [GMT -7:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

svchost.exe 4
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
svchost.exe 4
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
svchost.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\George H\My Documents\Downloads\Defogger.exe
C:\Documents and Settings\George H\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uWindow Title = Windows Internet Explorer provided by Comcast
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {fdd3b846-8d59-4ffb-8758-209b6ad74acc} - c:\program files\microsoft money\system\mnyviewer.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: MoneySide: {9404901d-06da-4b23-a0ee-3ea4f64ec9b3} - c:\program files\microsoft money\system\mnyviewer.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021}
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {301DA1EE-F65C-4188-A417-9E915CC8FBFA} - c:\program files\microsoft money\system\mnyviewer.dll
Trusted Zone: bestbuy.com\www
Trusted Zone: cycletrader.com\www
Trusted Zone: microsoft.com\windowsupdate
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/23.30/uploader2.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\george~1\applic~1\mozilla\firefox\profiles\tpqhplui.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\documents and settings\george h\application data\mozilla\firefox\profiles\tpqhplui.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa2.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-8-21 214664]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-10-5 93320]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-8-21 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2008-8-21 144704]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2008-8-21 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-8-21 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-8-21 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-8-21 40552]
S2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-8-21 34248]

=============== Created Last 30 ================

2010-08-11 04:45:17 0 d-----w- c:\program files\CCleaner
2010-07-14 01:55:48 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-06-03 02:41:44 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-04-20 05:30:08 285696 ------w- c:\windows\system32\dllcache\atmfd.dll
2010-03-10 11:06:37 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-08 18:08:25 81 ----a-w- C:\CTX.DAT
2010-03-08 18:08:18 0 d-----w- c:\documents and settings\george h\Citrix
2010-03-05 14:37:40 65536 ------w- c:\windows\system32\dllcache\asycfilt.dll
2010-02-21 02:14:21 0 d-----w- c:\program files\iTunes
2010-02-21 02:14:21 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-02-12 04:33:11 100864 ------w- c:\windows\system32\dllcache\6to4svc.dll
2010-01-13 14:01:25 86016 ------w- c:\windows\system32\dllcache\cabview.dll
2010-01-12 19:42:53 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2009-12-30 03:04:00 644400 ----a-w- c:\windows\system32\mscomct2.ocx
2009-12-24 06:59:40 177664 ------w- c:\windows\system32\dllcache\wintrust.dll
2009-12-16 18:43:27 343040 ------w- c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:08:23 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll
2009-12-08 09:23:28 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll
2009-11-27 19:56:51 0 d-----w- c:\program files\Flip Video
2009-11-27 19:56:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Flip Video
2009-11-27 17:11:44 17920 ------w- c:\windows\system32\dllcache\msyuv.dll
2009-11-27 16:07:35 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll
2009-11-27 16:07:35 28672 ------w- c:\windows\system32\dllcache\msvidc32.dll
2009-11-27 16:07:34 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll
2009-11-27 16:07:34 11264 ------w- c:\windows\system32\dllcache\msrle32.dll
2009-11-13 22:57:16 922112 ------w- c:\windows\system32\imapi2fs.dll
2009-11-13 22:57:16 922112 ------w- c:\windows\system32\dllcache\imapi2fs.dll
2009-11-13 22:57:16 62592 ------w- c:\windows\system32\dllcache\cdrom.sys
2009-11-13 22:57:16 426496 ------w- c:\windows\system32\imapi2.dll
2009-11-13 22:57:16 426496 ------w- c:\windows\system32\dllcache\imapi2.dll
2009-11-11 07:08:24 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2009-11-11 07:08:24 69632 ----a-w- c:\windows\system32\QuickTime.qts
2009-10-21 05:38:36 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll
2009-10-21 05:38:36 25088 ------w- c:\windows\system32\dllcache\httpapi.dll
2009-10-20 16:20:16 265728 ------w- c:\windows\system32\dllcache\http.sys
2009-10-13 10:30:16 270336 ------w- c:\windows\system32\dllcache\oakley.dll
2009-10-12 13:38:19 149504 ------w- c:\windows\system32\dllcache\rastls.dll
2009-10-12 13:38:18 79872 ------w- c:\windows\system32\dllcache\raschap.dll
2009-09-09 19:26:40 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2009-09-09 02:40:08 0 d-----w- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-12 23:16:39 128512 ------w- c:\windows\system32\dllcache\dhtmled.ocx
2009-08-12 23:16:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-05 09:01:48 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-02 17:09:17 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-08-02 17:09:17 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-07-21 08:05:40 1348432 ----a-w- c:\windows\system32\msxml4.dll
2009-07-17 19:01:06 58880 ------w- c:\windows\system32\dllcache\atl.dll
2009-07-17 16:22:18 1435648 ------w- c:\windows\system32\dllcache\query.dll
2009-07-02 20:40:08 127852 ----a-w- c:\windows\hpqins00.dat
2009-06-29 16:12:14 17408 ------w- c:\windows\system32\dllcache\corpol.dll
2009-06-25 08:25:26 54272 ------w- c:\windows\system32\dllcache\wdigest.dll
2009-06-25 08:25:26 301568 ------w- c:\windows\system32\dllcache\kerberos.dll
2009-06-25 08:25:26 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-06-24 11:18:41 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys
2009-06-16 14:36:30 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2009-06-16 14:36:30 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2009-06-12 12:31:39 76288 ------w- c:\windows\system32\dllcache\telnet.exe
2009-06-10 16:19:38 2066432 ------w- c:\windows\system32\dllcache\mstscax.dll
2009-06-10 14:13:29 84992 ------w- c:\windows\system32\dllcache\avifil32.dll
2009-06-10 06:14:49 132096 ------w- c:\windows\system32\dllcache\wkssvc.dll
2009-05-08 01:56:22 8138 ------w- c:\windows\hpomdl21.dat
2009-05-08 01:56:22 147619 ----a-w- c:\windows\hpoins21.dat
2009-05-07 15:32:35 345600 ------w- c:\windows\system32\dllcache\localspl.dll
2009-04-25 22:58:40 0 d-----w- c:\docume~1\alluse~1\applic~1\Pure Digital Technologies
2009-04-19 14:10:32 0 d-----w- c:\docume~1\george~1\applic~1\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
2009-04-16 22:15:53 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2009-04-16 22:15:52 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2009-04-16 22:15:52 35328 ------w- c:\windows\system32\dllcache\sc.exe
2009-04-16 22:15:52 110592 ------w- c:\windows\system32\dllcache\services.exe
2009-04-16 22:15:51 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2009-04-16 22:15:51 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 22:15:51 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 22:15:50 730112 ------w- c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 22:15:50 714752 ------w- c:\windows\system32\dllcache\ntdll.dll
2009-04-16 22:15:50 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2009-04-16 22:14:54 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-04-16 22:14:54 1206508 ------w- c:\windows\system32\dllcache\sysmain.sdb
2009-04-16 22:14:53 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2009-04-15 14:51:25 585216 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2009-04-15 00:49:42 0 d-----w- c:\docume~1\alluse~1\applic~1\espionServerData
2009-04-15 00:39:46 0 d-----w- c:\program files\common files\Macrovision Shared
2009-04-15 00:30:30 129784 ------w- c:\windows\system32\pxafs.dll
2009-03-24 23:31:58 0 d-----w- c:\docume~1\alluse~1\applic~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-21 14:06:58 989696 ------w- c:\windows\system32\dllcache\kernel32.dll
2009-03-15 14:28:32 40496 ----a-w- c:\windows\system32\drivers\hotcore3.sys
2009-03-15 14:27:32 0 d-----w- c:\program files\Paragon Software
2009-02-20 18:09:38 78336 ------w- c:\windows\system32\dllcache\ieencode.dll
2009-02-03 19:59:07 56832 ------w- c:\windows\system32\dllcache\secur32.dll
2009-02-01 16:06:30 106 ----a-w- c:\windows\ViewNX.INI
2009-02-01 15:35:56 20 ---h--w- c:\docume~1\alluse~1\applic~1\PKP_DLdw.DAT
2009-02-01 15:35:56 0 d-----w- c:\docume~1\alluse~1\applic~1\Command Line Utility
2009-02-01 15:34:07 0 d-----w- c:\program files\common files\muvee Technologies
2009-02-01 15:33:47 0 d-----w- c:\program files\common files\Nikon
2009-02-01 15:33:38 0 d-----w- c:\program files\Nikon
2009-02-01 15:32:53 20 ---h--w- c:\docume~1\alluse~1\applic~1\PKP_DLdu.DAT
2009-02-01 15:32:53 0 d-----w- c:\docume~1\alluse~1\applic~1\Carbon
2009-01-23 23:07:35 0 d-----w- c:\program files\Bonjour
2009-01-14 11:05:03 1046498 ----a-w- c:\windows\setupapi.log.3.old
2008-12-27 15:13:26 0 d-----w- c:\windows\system32\IOSUBSYS
2008-12-16 12:30:34 354816 ------w- c:\windows\system32\dllcache\winhttp.dll
2008-12-12 19:18:16 87336 ----a-w- c:\windows\system32\dns-sd.exe
2008-12-12 19:11:46 61440 ----a-w- c:\windows\system32\dnssd.dll
2008-12-05 06:54:55 149504 ------w- c:\windows\system32\dllcache\schannel.dll
2008-11-20 19:19:06 43872 ----a-w- c:\windows\system32\drivers\pxhelp20.sys
2008-11-12 21:28:09 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 21:13:10 455680 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-05 12:59:36 4248848 ----a-w- c:\windows\system32\qtp-mt334.dll
2008-11-05 12:59:22 248592 ----a-w- c:\windows\system32\prgiso.dll
2008-11-01 00:26:53 0 d-----w- c:\program files\common files\Wise Installation Wizard
2008-10-31 23:54:44 0 d-----w- c:\program files\Trend Micro
2008-10-25 02:31:36 19500 ----a-w- c:\windows\hpqins13.dat
2008-10-23 19:41:31 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2008-10-23 12:36:14 286720 ------w- c:\windows\system32\dllcache\gdi32.dll
2008-10-14 18:30:14 354304 ------w- c:\windows\system32\dllcache\srv.sys
2008-10-14 18:29:30 1851904 ------w- c:\windows\system32\dllcache\win32k.sys
2008-10-14 18:29:27 2146304 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-14 18:29:26 2189952 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-14 18:29:25 2024448 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-14 18:29:24 2066816 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-09-15 14:01:54 0 d-----w- c:\program files\The Weather Channel FW
2008-09-10 12:37:16 0 d-----w- c:\windows\system32\scripting
2008-09-10 12:37:14 0 d-----w- c:\windows\l2schemas
2008-09-10 12:37:13 0 d-----w- c:\windows\system32\en
2008-09-08 02:24:36 276992 ------w- c:\windows\system32\wmphoto.dll
2008-09-08 02:24:32 69120 ------w- c:\windows\system32\wlanapi.dll
2008-09-08 02:24:27 712704 ------w- c:\windows\system32\windowscodecs.dll
2008-09-08 02:24:27 346112 ------w- c:\windows\system32\windowscodecsext.dll
2008-09-08 02:24:10 53248 ------w- c:\windows\system32\tsgqec.dll
2008-09-08 02:24:10 50688 ------w- c:\windows\system32\tspkg.dll
2008-09-08 02:22:54 37376 ------w- c:\windows\system32\l2gpstore.dll
2008-08-21 15:13:26 25195 ----a-w- c:\windows\system32\Config.MPF
2008-08-21 15:09:09 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2008-08-21 15:09:04 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2008-08-21 15:09:04 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2008-08-21 15:09:04 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2008-08-21 15:09:03 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2008-08-21 15:08:54 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2008-08-21 15:07:36 0 d-----w- c:\program files\McAfee
2008-08-21 15:07:24 0 d-----w- c:\program files\common files\McAfee
2008-08-13 02:32:13 0 d-----w- c:\docume~1\alluse~1\applic~1\Comcast
2008-08-12 19:51:44 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2008-08-12 19:49:00 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll
2008-07-18 20:13:20 52736 ----a-w- c:\windows\system32\HPZIPM12.DLL
2008-07-18 20:13:20 49152 ----a-w- c:\windows\system32\HPZIDR12.DLL
2008-07-18 20:13:20 43520 ----a-w- c:\windows\system32\HPZINW12.DLL
2008-07-18 20:13:20 33792 ----a-w- c:\windows\system32\HPZIPR12.DLL
2008-07-18 20:13:20 30208 ----a-w- c:\windows\system32\HPZIPT12.DLL
2008-07-18 20:13:20 20480 ----a-w- c:\windows\system32\HPZISN12.DLL
2008-07-07 20:26:58 253952 ------w- c:\windows\system32\dllcache\es.dll
2008-06-24 16:43:16 74240 ------w- c:\windows\system32\dllcache\mscms.dll
2008-06-20 17:46:57 245248 ------w- c:\windows\system32\dllcache\mswsock.dll
2008-06-20 17:46:57 147968 ------w- c:\windows\system32\dllcache\dnsapi.dll
2008-06-20 11:51:12 361600 ------w- c:\windows\system32\dllcache\tcpip.sys
2008-06-20 11:40:08 138496 ------w- c:\windows\system32\dllcache\afd.sys
2008-06-20 11:08:27 226880 ------w- c:\windows\system32\dllcache\tcpip6.sys
2008-06-17 19:02:19 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
2008-06-12 14:23:32 956928 ------w- c:\windows\system32\dllcache\msdtctm.dll
2008-06-12 14:23:32 91648 ------w- c:\windows\system32\dllcache\mtxoci.dll
2008-06-12 14:23:32 66560 ------w- c:\windows\system32\dllcache\mtxclu.dll
2008-06-12 14:23:32 58880 ------w- c:\windows\system32\dllcache\msdtclog.dll
2008-06-12 14:23:32 428032 ------w- c:\windows\system32\dllcache\msdtcprx.dll
2008-06-12 14:23:32 161792 ------w- c:\windows\system32\dllcache\msdtcuiu.dll
2008-06-10 22:50:37 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2008-06-10 22:28:12 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2008-05-16 18:58:04 12632 ----a-w- c:\windows\system32\lsdelete.exe
2008-05-09 23:23:42 135168 ------w- c:\windows\system32\dllcache\wshom.ocx
2008-05-09 10:53:40 90112 ------w- c:\windows\system32\dllcache\wshext.dll
2008-05-09 10:53:40 430080 ------w- c:\windows\system32\dllcache\vbscript.dll
2008-05-09 10:53:40 172032 ------w- c:\windows\system32\dllcache\scrrun.dll
2008-05-09 10:53:39 512000 ------w- c:\windows\system32\dllcache\jscript.dll
2008-05-09 10:53:39 180224 ------w- c:\windows\system32\dllcache\scrobj.dll
2008-05-08 11:24:44 155648 ------w- c:\windows\system32\dllcache\wscript.exe
2008-05-07 09:07:23 135168 ------w- c:\windows\system32\dllcache\cscript.exe
2008-05-07 05:12:40 1291776 ------w- c:\windows\system32\dllcache\quartz.dll
2008-04-29 18:20:00 15648 ----a-w- c:\windows\system32\drivers\NSDriver.sys
2008-04-29 18:19:54 15648 ----a-w- c:\windows\system32\drivers\Awrtrd.sys
2008-04-29 18:19:50 12960 ----a-w- c:\windows\system32\drivers\Awrtpd.sys
2008-04-26 10:00:31 0 d-----w- c:\program files\MSXML 4.0
2008-04-25 20:03:36 0 d-----w- c:\docume~1\alluse~1\applic~1\WEBREG
2008-04-25 20:01:39 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2008-04-25 20:01:28 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2008-04-25 20:00:45 267864 ----a-r- c:\windows\system32\hpzids01.dll
2008-04-25 20:00:38 94208 ----a-w- c:\windows\system32\HPJIPX1U.DLL
2008-04-25 20:00:38 18747 ----a-w- c:\windows\system32\HPCEAC06.HPI
2008-04-25 20:00:38 163840 ----a-w- c:\windows\system32\HPJCMN2U.DLL
2008-04-25 20:00:38 118272 ----a-w- c:\windows\system32\hpz3l5ha.dll
2008-04-25 20:00:37 49152 ----a-w- c:\windows\system32\HPBNRAC2.DLL
2008-04-25 20:00:36 241721 ----a-w- c:\windows\system32\HPBMINI.DLL
2008-04-25 20:00:18 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2008-04-25 19:59:39 954368 ----a-r- c:\windows\system32\hpotiop5.dll
2008-04-25 19:59:39 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2008-04-25 19:59:39 309760 ----a-r- c:\windows\system32\difxapi.dll
2008-04-25 19:59:39 303104 ----a-r- c:\windows\system32\hpovst12.dll
2008-04-25 19:59:38 675840 ----a-r- c:\windows\system32\hpowiax5.dll
2008-04-25 19:52:00 0 d-----w- c:\program files\common files\HP
2008-04-25 19:50:48 0 d-----w- c:\program files\common files\Hewlett-Packard
2008-04-25 19:49:07 0 d-----w- c:\program files\HP
2008-03-05 04:45:04 7680 ----a-w- c:\windows\system32\HPBOIDPS.DLL
2008-03-05 04:45:00 25600 ----a-w- c:\windows\system32\HPBOID.DLL
2008-03-05 04:44:58 39424 ----a-w- c:\windows\system32\HPBPRO.DLL
2008-03-05 04:44:52 24576 ----a-w- c:\windows\system32\HPBMIAPI.DLL
2008-03-05 04:44:50 7680 ----a-w- c:\windows\system32\HPBPROPS.DLL
2008-01-02 04:01:42 251892 ----a-w- c:\documents and settings\george h\DMV Change of Address_01 Jan 08
2007-12-28 18:43:01 15086 ----a-w- c:\windows\ComcastWebmail.ico
2007-12-28 18:42:32 0 d-----w- c:\program files\Comcast
2007-12-28 18:17:12 0 d-----w- c:\program files\common files\SupportSoft
2007-10-20 02:07:56 0 d-----w- c:\program files\Windows Media Connect 2
2007-09-05 18:26:36 513149 ----a-w- c:\windows\system32\autorun.inf
2007-08-20 10:04:34 63488 ------w- c:\windows\system32\dllcache\icardie.dll
2007-08-15 10:00:59 221184 ----a-w- c:\windows\system32\wmpns.dll
2007-08-04 01:37:01 73728 ----a-w- c:\windows\system32\javacpl.cpl
2007-07-27 02:16:33 0 d-----w- C:\dj630
2007-07-27 02:11:20 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2007-06-18 23:40:35 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2007-06-18 23:40:35 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2007-06-18 23:40:35 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2007-06-18 23:40:34 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2007-06-08 02:46:44 86070 ----a-w- c:\windows\system32\pthreadVC2.dll
2007-05-09 11:52:25 991232 ------w- c:\windows\system32\dllcache\ieframe.dll.mui
2007-05-09 11:52:25 268288 ------w- c:\windows\system32\dllcache\iertutil.dll
2007-05-09 11:52:24 2452872 ------w- c:\windows\system32\dllcache\ieapfltr.dat
2007-05-09 11:52:23 459264 ------w- c:\windows\system32\dllcache\msfeeds.dll
2007-05-09 11:52:23 380928 ------w- c:\windows\system32\dllcache\ieapfltr.dll
2007-05-09 11:52:23 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2007-05-09 11:52:22 52224 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2007-05-09 11:52:21 6067200 ------w- c:\windows\system32\dllcache\ieframe.dll
2007-04-24 17:33:00 114688 ----a-w- c:\windows\system32\hplbdchn.dll
2007-04-24 03:11:18 287256 ----a-r- c:\windows\system32\AbaleZip.dll
2007-03-24 03:51:17 0 d-----w- c:\windows\system32\LogFiles
2007-03-14 05:57:35 0 d-----w- c:\program files\Tabwin43
2007-03-14 05:57:27 249856 ------w- c:\windows\Setup1.exe
2007-03-14 05:57:25 73216 ----a-w- c:\windows\ST6UNST.EXE
2007-03-12 10:35:12 12288 ----a-r- c:\windows\Twunk_32.dll
2007-03-12 10:35:12 12288 ----a-r- c:\windows\Twunk_16.dll
2007-03-09 03:38:58 82432 ----a-w- c:\windows\system32\msxml4r.dll
2007-02-18 11:01:22 1026305 ----a-w- c:\windows\setupapi.log.2.old
2007-01-20 21:20:08 21504 ----a-w- c:\windows\system32\hidserv.dll
2007-01-20 21:20:01 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2007-01-20 21:20:01 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2007-01-20 21:19:43 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2007-01-20 21:19:24 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2006-12-22 20:28:14 271360 ----a-w- c:\windows\system32\mscoree.dll
2006-12-09 21:42:23 0 d-----w- c:\windows\network diagnostic
2006-12-02 08:26:00 57856 ----a-w- c:\windows\system32\mfcm80u.dll
2006-12-02 08:25:58 69632 ----a-w- c:\windows\system32\mfcm80.dll
2006-12-02 08:25:56 1093120 ----a-w- c:\windows\system32\mfc80u.dll
2006-12-02 08:25:52 1101824 ----a-w- c:\windows\system32\mfc80.dll
2006-12-02 06:54:34 548864 ----a-w- c:\windows\system32\msvcp80.dll
2006-12-02 06:54:32 626688 ----a-w- c:\windows\system32\msvcr80.dll
2006-12-02 06:54:32 479232 ----a-w- c:\windows\system32\msvcm80.dll
2006-11-18 21:51:08 0 d-----w- c:\program files\Lavasoft
2006-11-08 05:03:36 233472 ------w- c:\windows\system32\dllcache\webcheck.dll
2006-11-08 05:03:36 156160 ----a-w- c:\windows\system32\dllcache\msls31.dll
2006-11-07 11:27:10 385024 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2006-11-07 11:26:56 153088 ------w- c:\windows\system32\dllcache\ieakeng.dll
2006-11-07 11:26:44 71680 ----a-w- c:\windows\system32\dllcache\admparse.dll
2006-11-07 11:26:42 55296 ----a-w- c:\windows\system32\dllcache\iesetup.dll
2006-11-07 11:26:28 70656 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2006-11-07 11:26:28 44544 ------w- c:\windows\system32\dllcache\iernonce.dll
2006-11-07 11:26:24 124928 ------w- c:\windows\system32\dllcache\advpack.dll
2006-11-07 11:25:58 10240 ----a-w- c:\windows\system32\advpack.dll.mui
2006-11-07 11:25:14 161792 ------w- c:\windows\system32\dllcache\ieakui.dll
2006-10-19 03:00:46 249856 ------w- c:\windows\system32\drmupgds.exe
2006-10-19 03:00:14 17408 ------w- c:\windows\system32\wpdshextautoplay.exe
2006-10-17 20:05:48 1830912 ------w- c:\windows\system32\dllcache\inetcpl.cpl
2006-10-17 20:05:22 105984 ------w- c:\windows\system32\dllcache\url.dll
2006-10-17 20:05:10 40960 ----a-w- c:\windows\system32\dllcache\licmgr10.dll
2006-10-17 20:04:46 102912 ------w- c:\windows\system32\dllcache\occache.dll
2006-10-17 20:04:40 634656 ------w- c:\windows\system32\dllcache\iexplore.exe
2006-10-17 20:02:20 991232 ----a-w- c:\windows\system32\ieframe.dll.mui
2006-10-17 19:57:58 36352 ----a-w- c:\windows\system32\dllcache\imgutil.dll
2006-10-17 19:56:10 45568 ----a-w- c:\windows\system32\dllcache\mshta.exe
2006-10-17 19:55:56 66560 ----a-w- c:\windows\system32\dllcache\tdc.ocx
2006-10-17 19:44:36 60416 ----a-w- c:\windows\system32\dllcache\hmmapi.dll
2006-10-17 19:28:56 48128 ----a-w- c:\windows\system32\dllcache\mshtmler.dll
2006-10-17 19:19:54 1383424 ----a-w- c:\windows\system32\dllcache\mshtml.tlb
2006-10-14 08:13:25 981760 ------w- c:\windows\system32\dllcache\mfc42u.dll
2006-10-04 02:47:52 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2006-10-02 22:28:42 312128 ------w- c:\windows\system32\msdelta.dll
2006-09-29 03:13:26 95344 ------w- c:\windows\system32\WUDFCoinstaller.dll
2006-09-29 02:00:34 82944 ------w- c:\windows\system32\drivers\WudfRd.sys
2006-09-29 01:56:38 316416 ------w- c:\windows\system32\WUDFx.dll
2006-09-29 01:56:38 146432 ------w- c:\windows\system32\WudfHost.exe
2006-09-29 01:56:16 165376 ------w- c:\windows\system32\WudfPlatform.dll
2006-09-29 01:56:14 55808 ------w- c:\windows\system32\WudfSvc.dll
2006-09-29 01:55:50 77568 ------w- c:\windows\system32\drivers\WudfPf.sys
2006-09-29 00:37:08 0 d-----w- c:\program files\Audacity
2006-09-23 20:12:38 74715 ------w- c:\windows\system32\IE7Eula.rtf
2006-09-19 23:44:04 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2006-09-18 14:15:52 765952 ----a-w- c:\windows\system32\dllcache\vgx.dll
2006-09-01 15:44:04 8798 ----a-w- c:\windows\system32\icrav03.rat
2006-09-01 15:44:04 1988 ------w- c:\windows\system32\ticrf.rat
2006-06-29 16:05:44 26112 ------w- c:\windows\system32\idndl.dll
2006-06-29 16:05:44 23552 ------w- c:\windows\system32\normaliz.dll
2006-06-29 01:59:26 24576 ------w- c:\windows\system32\nlsdl.dll
2006-06-19 23:20:42 236928 ------w- c:\windows\system32\dllcache\WgaLogon.dll
2006-06-19 23:19:26 336768 ------w- c:\windows\system32\dllcache\WgaTray.exe
2006-06-08 20:06:50 66384 ------w- c:\windows\system32\normnfkc.nls
2006-06-08 20:06:50 60294 ------w- c:\windows\system32\normnfkd.nls
2006-06-08 20:06:50 59342 ------w- c:\windows\system32\normidna.nls
2006-06-08 20:06:50 45794 ------w- c:\windows\system32\normnfc.nls
2006-06-08 20:06:50 39284 ------w- c:\windows\system32\normnfd.nls
2006-05-19 15:08:32 3600896 ----a-w- c:\windows\system32\dllcache\mshtml.dll
2006-05-10 05:23:01 477696 ----a-w- c:\windows\system32\dllcache\mshtmled.dll
2006-05-10 05:23:01 44544 ----a-w- c:\windows\system32\dllcache\pngfilt.dll
2006-05-10 05:23:01 193024 ----a-w- c:\windows\system32\dllcache\msrating.dll
2006-05-10 05:22:59 92672 ----a-w- c:\windows\system32\dllcache\inseng.dll
2006-05-10 05:22:59 347136 ----a-w- c:\windows\system32\dllcache\dxtmsft.dll
2006-05-10 05:22:59 27648 ----a-w- c:\windows\system32\dllcache\jsproxy.dll
2006-05-10 05:22:59 214528 ----a-w- c:\windows\system32\dllcache\dxtrans.dll
2006-05-10 05:22:59 192512 ----a-w- c:\windows\system32\dllcache\iepeers.dll
2006-05-10 05:22:59 133120 ----a-w- c:\windows\system32\dllcache\extmgr.dll
2006-05-09 11:00:37 69120 ----a-w- c:\windows\system32\dllcache\iedw.exe
2006-03-17 00:38:01 28672 ------w- c:\windows\system32\verclsid.exe
2006-02-06 21:06:56 19915 ----a-w- c:\windows\system32\drivers\AegisP.sys
2006-02-06 21:06:55 7870 ----a-w- c:\windows\system32\rt2500.cat
2006-02-06 21:06:55 242176 ----a-w- c:\windows\system32\rt2500.sys
2006-02-06 21:06:52 17992 ----a-w- c:\windows\system32\bcm42rly.sys
2006-02-06 21:06:34 1155 ----a-w- c:\windows\system32\WLAN.INI
2006-01-31 05:37:53 4 ----a-w- c:\windows\system32\MediaMAX.~5~
2006-01-31 05:37:53 0 d-----w- c:\program files\common files\SunnComm Shared
2006-01-16 04:56:48 0 d-----w- c:\windows\system32\NtmsData
2006-01-15 00:41:13 0 d-----w- c:\docume~1\alluse~1\applic~1\RetroExp
2006-01-15 00:41:02 0 d-----w- c:\program files\Dantz
2005-10-26 05:05:28 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2005-10-25 01:16:27 99965 ----a-w- c:\windows\UninstallFirefox.exe
2005-10-25 01:16:07 4490 ----a-w- c:\windows\mozver.dat
2005-10-07 06:02:04 38229 ------w- c:\windows\system32\drivers\StMp3Rec.sys
2005-09-11 00:04:38 2359350 ----a-w- c:\windows\afs.bmp
2005-08-23 02:04:11 0 d-----w- c:\program files\common files\NSV
2005-08-23 02:04:02 0 d-----w- c:\program files\common files\Nullsoft
2005-07-30 23:59:28 94208 ----a-w- c:\windows\system32\GTW32N50.dll
2005-07-30 23:59:28 31930 ----a-w- c:\windows\system32\GTNDIS3.VXD
2005-07-30 23:59:28 242176 ----a-w- c:\windows\system32\drivers\RT2500.sys
2005-07-30 23:59:28 15872 ----a-w- c:\windows\system32\GTNDIS5.sys
2005-07-30 23:59:11 0 d-----w- c:\program files\Linksys Wireless-G PCI Wireless Network Monitor
2005-07-19 04:34:20 1104 ----a-w- C:\net_save.dna
2005-07-19 04:33:57 0 d-----w- c:\program files\support.com
2005-07-13 01:04:22 23304 ----a-w- c:\windows\system32\GWFSPidGen.dll
2005-07-01 18:29:01 0 d-----w- c:\windows\system32\SoftwareDistribution
2005-06-29 10:00:59 0 d-----w- c:\windows\system32\PreInstall
2005-06-18 00:54:04 0 d-----w- c:\program files\common files\xing shared
2005-05-27 19:45:56 118520 ------w- c:\windows\system32\pxinsi64.exe
2005-05-27 19:45:56 116472 ------w- c:\windows\system32\pxcpyi64.exe
2005-04-16 12:00:10 0 ----a-w- c:\windows\smdat32a.sys
2005-04-16 12:00:09 10 ----a-w- c:\windows\smdat32m.sys
2005-03-20 20:41:03 33436 ----a-w- C:\iTrip.xml
2005-03-20 20:40:56 0 d-----w- c:\program files\Griffin Technology
2005-03-20 18:35:05 0 d-----w- C:\backup_script
2005-03-19 20:30:38 0 d-----w- c:\program files\iPod
2005-02-21 00:47:53 0 d-----w- c:\program files\DiscWizard for Windows
2004-11-30 02:34:08 0 d-----w- c:\program files\Ad Aware
2004-11-29 00:48:54 0 d-----w- c:\program files\Hijack This
2004-11-25 12:26:42 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2004-11-25 12:26:41 0 d-----w- c:\program files\Spybot - Search & Destroy
2004-11-24 11:40:08 0 d-----w- c:\windows\pss
2004-11-24 03:01:25 0 d-----w- c:\docume~1\george~1\applic~1\McAfee.com
2004-11-24 01:41:56 245408 -c--a-w- c:\windows\system32\unicows.dll
2004-11-23 01:59:34 2 -c--a-w- c:\windows\system32\cmdtm.dat
2004-11-23 01:58:37 4 -c--a-w- c:\windows\system32\cmd.dat
2004-10-22 02:04:02 0 d-----w- c:\program files\NoAdware
2004-10-13 01:20:34 0 d--h--w- c:\windows\$hf_mig$
2004-10-07 22:23:19 0 d-----w- c:\windows\system32\wbem\AutoRecover
2004-10-07 18:21:22 15360 ----a-w- c:\windows\system32\drivers\mxopswd.sys
2004-10-06 22:04:12 0 d-----w- c:\windows\peernet
2004-10-06 22:04:09 0 d-----w- c:\windows\provisioning
2004-10-06 21:59:14 0 d-----w- c:\windows\ServicePackFiles
2004-10-06 21:51:47 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2004-10-06 21:47:36 0 d-----w- c:\windows\EHome
2004-10-05 09:13:45 11264 ------w- c:\windows\system32\spnpinst.exe
2004-10-05 09:13:43 7208 -c----w- c:\windows\system32\secupd.sig
2004-10-05 09:13:43 7208 ----a-w- c:\windows\system32\dllcache\secupd.sig
2004-10-05 09:13:43 4569 -c----w- c:\windows\system32\secupd.dat
2004-10-05 09:13:43 4569 ----a-w- c:\windows\system32\dllcache\secupd.dat
2004-10-05 09:13:42 67866 -c----w- c:\windows\system32\drivers\netwlan5.img
2004-10-05 09:13:31 929 -c--a-w- c:\windows\system32\homepage.inf
2004-10-05 08:55:46 1506405 ----a-w- c:\windows\setupapi.log.1.old
2004-09-22 23:46:38 629760 ----a-w- c:\windows\system32\wpd_ci.dll
2004-09-22 23:45:44 232448 ----a-w- c:\windows\system32\l3codecp.acm
2004-09-22 23:45:36 276992 ----a-w- c:\windows\system32\audiodev.dll
2004-08-04 07:56:57 9728 ------w- c:\windows\system32\ativdaxx.ax
2004-08-04 06:10:39 59136 ------w- c:\windows\system32\drivers\rfcomm.sys
2004-08-04 06:10:38 37888 ------w- c:\windows\system32\drivers\bthmodem.sys
2004-08-04 06:10:38 17024 ------w- c:\windows\system32\drivers\bthenum.sys
2004-08-04 06:10:37 36480 ------w- c:\windows\system32\drivers\bthprint.sys
2004-08-04 06:10:37 272128 ------w- c:\windows\system32\drivers\bthport.sys
2004-08-04 06:10:36 25600 ------w- c:\windows\system32\drivers\hidbth.sys
2004-08-04 06:10:34 18944 ------w- c:\windows\system32\drivers\bthusb.sys
2004-08-04 06:10:10 121984 ------w- c:\windows\system32\drivers\usbvideo.sys
2004-08-04 06:08:18 19200 ------w- c:\windows\system32\drivers\hidir.sys
2004-08-04 06:07:47 79232 ------w- c:\windows\system32\drivers\sdbus.sys
2004-08-04 06:07:47 15488 ------w- c:\windows\system32\drivers\mssmbios.sys
2004-08-04 06:07:43 46464 ------w- c:\windows\system32\drivers\gagp30kx.sys
2004-08-04 06:07:43 44672 ------w- c:\windows\system32\drivers\uagp35.sys
2004-08-04 06:07:36 5888 ------w- c:\windows\system32\drivers\smbali.sys
2004-08-04 06:04:52 14208 ------w- c:\windows\system32\drivers\wacompen.sys
2004-08-04 06:04:51 12672 ------w- c:\windows\system32\drivers\mutohpen.sys
2004-08-04 06:04:33 12800 ------w- c:\windows\system32\drivers\usb8023x.sys
2004-08-04 06:04:31 30592 ------w- c:\windows\system32\drivers\rndismpx.sys
2004-08-04 06:01:19 129792 ------w- c:\windows\system32\drivers\fltmgr.sys
2004-08-04 06:00:13 265728 ------w- c:\windows\system32\drivers\http.sys
2004-08-04 06:00:06 36608 ------w- c:\windows\system32\drivers\ip6fw.sys
2004-08-04 05:59:57 389120 ----a-w- c:\windows\system32\html.iec
2004-08-04 05:59:54 11904 ------w- c:\windows\system32\drivers\sffdisk.sys
2004-08-04 05:59:54 11008 ------w- c:\windows\system32\drivers\sffp_sd.sys
2004-08-04 05:59:19 36352 ------w- c:\windows\system32\drivers\intelppm.sys
2004-08-04 05:58:38 101120 ------w- c:\windows\system32\drivers\bthpan.sys
2004-08-04 05:29:51 166912 ------w- c:\windows\system32\drivers\s3gnbm.sys
2004-08-04 05:22:24 56700 ----a-w- c:\windows\system32\ieuinit.inf
2004-07-31 11:08:55 724992 -c--a-w- c:\windows\iun6002.exe
2004-07-31 11:08:44 0 d-----w- c:\program files\SpyKiller
2004-07-30 23:47:36 348160 ------w- c:\windows\system32\msvcr71.dll
2004-07-30 23:47:36 344064 ----a-w- c:\windows\system32\msvcr70.dll
2004-07-25 12:26:11 713216 ----a-w- c:\windows\system32\sxs.dll
2004-07-25 12:26:09 87552 ----a-w- c:\windows\system32\fldrclnr.dll
2004-07-25 12:25:19 2897920 ------w- c:\windows\system32\xpsp2res.dll
2004-07-25 12:25:19 274944 ----a-w- c:\windows\system32\mstask.dll
2004-07-25 12:25:19 192512 ----a-w- c:\windows\system32\schedsvc.dll
2004-07-25 12:25:19 12288 ----a-w- c:\windows\system32\mstinit.exe
2004-07-25 12:15:46 0 d-----w- c:\windows\system32\bits
2004-07-25 12:15:29 8192 ------w- c:\windows\system32\bitsprx2.dll
2004-07-25 12:15:29 7168 ------w- c:\windows\system32\bitsprx3.dll
2004-07-25 12:15:29 438784 ------w- c:\windows\system32\xpob2res.dll
2004-07-25 12:15:29 354816 ----a-w- c:\windows\system32\winhttp.dll
2004-07-25 12:15:29 18944 ----a-w- c:\windows\system32\qmgrprxy.dll
2004-07-25 12:15:12 138240 ----a-w- c:\windows\system32\itss.dll
2004-07-19 22:46:08 72976 -c--a-w- c:\docume~1\george~1\applic~1\GDIPFONTCACHEV1.DAT
2004-07-18 05:55:22 129045 -c----w- c:\windows\system32\drivers\cxthsfs2.cty
2004-07-17 18:43:49 1229 -c----w- c:\windows\system32\wbem\wscenter.mof
2004-07-17 18:40:21 19528 -c--a-w- c:\windows\002327_.tmp
2004-07-17 18:36:22 64352 -c----w- c:\windows\system32\drivers\ativmc20.cod
2004-07-15 07:34:06 16896 ----a-w- c:\windows\system32\mscorier.dll
2004-06-24 02:59:43 37027 ----a-w- c:\windows\atmoUn.exe
2004-06-24 02:59:37 0 d-----w- c:\docume~1\alluse~1\applic~1\Viewpoint
2004-06-24 02:58:40 0 d-----w- c:\windows\Downloaded Installations
2004-06-18 18:40:50 33280 ----a-w- c:\windows\muninst.exe
2004-06-13 11:42:30 0 d--h--w- c:\windows\msdownld.tmp
2004-06-13 11:42:25 0 d-----w- c:\windows\Windows Update Setup Files
2004-06-07 18:19:46 691712 ----a-w- c:\windows\system32\inetcomm.dll
2004-04-19 01:33:41 0 d-----w- c:\program files\D'Accord Music Software
2004-04-19 01:33:32 7883 -c--a-w- c:\windows\Eng_UK.gpl
2004-04-19 01:33:31 796672 -c--a-w- c:\windows\GPInstall.exe
2004-04-15 22:16:13 40960 ----a-w- c:\windows\system32\mf3216.dll
2004-04-15 22:16:13 40960 ------w- c:\windows\system32\dllcache\evtgprov.dll
2004-04-15 22:16:12 614912 ----a-w- c:\windows\system32\h323msp.dll
2004-04-15 22:16:12 331264 ----a-w- c:\windows\system32\ipnathlp.dll
2004-04-15 22:16:12 265728 ----a-w- c:\windows\system32\h323.tsp
2004-04-14 18:56:46 229888 ----a-w- c:\windows\system32\dplayx.dll
2004-04-13 03:11:26 57344 ----a-w- c:\windows\system32\dpwsockx.dll
2004-04-04 19:22:21 1635 -c-ha-w- c:\windows\xghet.exe.tmp
2004-04-04 15:24:13 1406 -c--a-w- c:\windows\button1.gif
2004-04-04 15:24:13 1406 -c--a-w- c:\windows\button0.gif
2004-04-04 15:24:09 1137500 -c--a-w- c:\windows\kwv2.dat
2004-04-04 14:56:56 1406 -c--a-w- c:\windows\button3.gif
2004-04-04 14:56:56 1406 -c--a-w- c:\windows\button2.gif
2004-04-04 14:56:56 1086 -c--a-w- c:\windows\logo.gif
2004-04-04 13:30:29 222208 ----a-w- c:\windows\system32\actskn43.ocx
2004-04-04 13:30:27 222208 ----a-w- c:\windows\system\actskn43.ocx
2004-04-04 13:29:04 0 d-----w- c:\docume~1\george~1\applic~1\Lycos
2004-04-03 12:55:16 0 d-----w- c:\windows\cache329
2004-04-03 12:51:03 0 d-----w- c:\program files\PerfectNav
2004-03-26 11:35:00 0 d--h--w- c:\windows\PIF
2004-03-16 23:36:46 114688 ------w- c:\windows\system32\mclsp.dll
2004-03-16 23:36:44 32768 ----a-w- c:\windows\system32\instlsp.exe
2004-03-13 23:31:41 149504 ----a-w- c:\windows\UNWISE.EXE
2004-03-11 11:30:12 30 -c--a-w- c:\windows\Morphexe.INI
2004-03-07 12:04:59 6334 -c--a-r- c:\windows\system32\DevMngr.vxd
2004-02-19 02:29:19 5632 ----a-w- c:\windows\system32\ptpusb.dll
2004-02-19 02:29:15 159232 ----a-w- c:\windows\system32\ptpusd.dll
2004-02-19 02:29:14 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2004-02-08 01:21:12 0 d-----w- c:\program files\directx
2004-02-08 01:20:49 38160 -c--a-w- c:\windows\system32\LMRTREND.dll
2004-02-08 01:20:48 140800 -c--a-w- c:\windows\system32\tm20dec.ax
2004-02-08 01:20:45 182032 -c--a-w- c:\windows\system32\dxtmsft3.dll
2004-02-08 01:20:39 63488 ----a-w- c:\windows\system32\unam4ie.exe
2004-02-08 01:20:36 5672 -c--a-w- c:\windows\system32\quartz.vxd
2004-02-08 01:20:36 194320 -c--a-w- c:\windows\system32\qcut.dll
2004-02-08 01:20:36 11776 ----a-w- c:\windows\system32\mciqtz.drv
2004-02-08 01:20:36 10240 ----a-w- c:\windows\system32\vidx16.dll
2004-02-08 01:20:34 4608 ----a-w- c:\windows\system32\w95inf32.dll
2004-02-08 01:20:34 2272 -c--a-w- c:\windows\system32\w95inf16.dll
2004-02-08 01:20:00 163840 ----a-w- c:\windows\system32\PhotoImpression Screen Saver.scr
2004-02-08 01:19:42 212480 -c--a-w- c:\windows\pcdlib32.dll
2004-02-08 01:19:42 21 -c--a-w- c:\windows\CS_setup.ini
2004-02-08 00:40:42 0 -c--a-w- c:\windows\OpPrintServer.INI
2004-02-08 00:40:20 0 d-----w- c:\documents and settings\george h\WINDOWS
2004-02-08 00:38:49 0 d-----w- c:\program files\Canon
2004-02-08 00:21:53 0 d-----w- C:\WUTemp
2004-02-06 22:05:06 832512 ----a-w- c:\windows\system32\wininet.dll
2004-02-06 22:05:06 832512 ----a-w- c:\windows\system32\dllcache\wininet.dll
2004-01-27 20:06:03 385024 ----a-w- c:\windows\system32\GeoCtl.dll
2004-01-21 21:20:40 1168384 ----a-w- c:\windows\system32\dllcache\urlmon.dll
2003-11-30 21:41:29 49210 -c----w- c:\windows\system32\vzServices.dll
2003-11-30 21:41:20 0 d-----w- c:\windows\system32\FinePointLib
2003-11-25 01:20:53 33792 ----a-w- c:\windows\system32\msgsvc.dll
2003-11-16 23:58:11 0 d-sh--w- c:\documents and settings\george h\UserData
2003-11-12 01:01:26 81 -c--a-w- c:\windows\wininit.ini
2003-11-12 01:01:02 2 -c--a-w- c:\windows\msoffice.ini
2003-10-31 20:35:19 26 -c--a-w- c:\windows\UP9ASP.INI
2003-10-28 01:13:16 24576 ----a-w- c:\windows\system32\odbcbcp.dll
2003-10-28 01:13:06 106496 ----a-w- c:\windows\system32\odbccp32.dll
2003-10-28 01:12:44 442368 ----a-w- c:\windows\system32\sqlsrv32.dll
2003-10-28 01:12:42 110592 ----a-w- c:\windows\system32\dbnetlib.dll
2003-10-28 01:09:50 151552 ----a-w- c:\windows\system32\msdart.dll
2003-10-28 01:09:44 249856 ----a-w- c:\windows\system32\odbc32.dll
2003-10-21 23:39:54 349760 ----a-w- c:\windows\system32\mcinsctl.dll
2003-10-12 00:24:19 0 ----a-w- c:\documents and settings\george h\defogger_reenable
2003-10-10 12:23:48 94208 ----a-w- c:\windows\MXOALDR.EXE
2003-10-10 12:23:48 32640 ----a-w- c:\windows\system32\drivers\MXOFX.SYS
2003-10-10 12:23:48 266240 ----a-w- c:\windows\MXONTTRY.EXE
2003-10-10 12:23:48 12382 ----a-w- c:\windows\system32\MXOUI32.DLL
2003-09-28 14:55:50 0 d-----w- c:\windows\system32\mclsphlr
2003-09-28 14:55:45 11264 ----a-w- c:\windows\system32\sporder.dll
2003-09-17 17:01:28 844314 ----a-w- c:\windows\system32\msdxm.ocx

==================== Find3M ====================

2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:15:27 671232 ----a-w- c:\windows\system32\dllcache\mstime.dll
2010-06-24 12:15:26 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15:26 230400 ----a-w- c:\windows\system32\dllcache\ieaksie.dll
2010-06-24 12:15:26 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27:11 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-04-28 02:25:02 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-27 13:05:00 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-06 11:52:46 2462720 ----a-w- c:\windows\system32\dllcache\WMVCore.dll
2010-03-09 11:09:18 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-03-05 14:37:40 65536 ----a-w- c:\windows\system32\asycfilt.dll
2010-02-24 13:11:07 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02:15 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 18:27:45 1291776 ----a-w- c:\windows\system32\quartz.dll
2010-01-13 14:01:25 86016 ----a-w- c:\windows\system32\cabview.dll
2009-12-24 06:59:40 177664 ----a-w- c:\windows\system32\wintrust.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08:23 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-11-27 17:11:44 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07:35 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07:35 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07:34 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07:34 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:07:34 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-15 16:28:26 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-10-15 16:28:26 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\dllcache\strmdll.dll
2009-08-07 02:24:18 327896 ----a-w- c:\windows\system32\dllcache\wucltui.dll
2009-08-07 02:24:18 209632 ----a-w- c:\windows\system32\dllcache\wuweb.dll
2009-08-07 02:24:10 35552 ----a-w- c:\windows\system32\dllcache\wups.dll
2009-08-07 02:24:06 53472 ----a-w- c:\windows\system32\dllcache\wuauclt.exe
2009-08-07 02:24:04 96480 ----a-w- c:\windows\system32\dllcache\cdm.dll
2009-08-07 02:23:54 575704 ----a-w- c:\windows\system32\dllcache\wuapi.dll
2009-08-07 02:23:46 1929952 ----a-w- c:\windows\system32\dllcache\wuaueng.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 18:05:44 1372672 ----a-w- c:\windows\system32\msxml6.dll
2009-07-31 18:05:44 1372672 ------w- c:\windows\system32\dllcache\msxml6.dll
2009-07-17 19:01:06 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22:18 1435648 ----a-w- c:\windows\system32\query.dll
2009-07-14 06:43:24 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 06:43:24 286208 ----a-w- c:\windows\system32\dllcache\wmpdxm.dll
2009-07-14 06:43:24 10841088 ----a-w- c:\windows\system32\dllcache\wmp.dll
2009-06-25 08:25:26 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25:26 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25:26 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25:26 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18:41 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-12 12:31:39 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 16:19:38 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:14:49 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-05-07 15:32:35 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-15 14:51:25 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-02 06:02:22 604160 ----a-w- c:\windows\system32\wmspdmod.dll
2009-04-02 06:02:22 604160 ----a-w- c:\windows\system32\dllcache\wmspdmod.dll
2009-03-06 14:22:18 284160 ----a-w- c:\windows\system32\pdh.dll
2009-02-09 12:10:48 714752 ----a-w- c:\windows\system32\ntdll.dll
2009-02-09 12:10:48 617472 ----a-w- c:\windows\system32\advapi32.dll
2009-02-09 12:10:48 473600 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-02-09 12:10:48 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll
2009-02-09 12:10:48 401408 ----a-w- c:\windows\system32\rpcss.dll
2009-02-06 11:11:05 110592 ----a-w- c:\windows\system32\services.exe
2009-02-06 10:39:08 35328 ----a-w- c:\windows\system32\sc.exe
2009-02-06 10:10:02 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe
2008-10-23 12:36:14 286720 ----a-w- c:\windows\system32\gdi32.dll
2008-09-16 19:02:30 99356 ----a-w- c:\windows\fonts\fonts\MyriadWebPro-Bold.ttf
2008-09-16 19:02:30 96588 ----a-w- c:\windows\fonts\fonts\MyriadWebPro-Condensed.ttf
2008-09-16 19:02:30 93552 ----a-w- c:\windows\fonts\fonts\MyriadWebPro-Italic.ttf
2008-09-16 19:02:30 93432 ----a-w- c:\windows\fonts\fonts\MyriadWebPro.ttf
2008-09-16 19:02:30 101128 ----a-w- c:\windows\fonts\fonts\MyriadWebPro-CondensedIt.ttf
2008-08-14 10:04:36 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2008-07-07 20:26:58 253952 ----a-w- c:\windows\system32\es.dll
2008-06-25 01:12:58 295936 ------w- c:\windows\system32\wmpeffects.dll
2008-06-24 16:43:16 74240 ----a-w- c:\windows\system32\mscms.dll
2008-06-20 17:46:57 245248 ----a-w- c:\windows\system32\mswsock.dll
2008-06-20 11:51:12 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2008-06-18 13:03:08 938496 ----a-w- c:\windows\system32\WMNetmgr.dll
2008-06-18 13:03:08 938496 ----a-w- c:\windows\system32\dllcache\WMNetmgr.dll
2008-06-18 09:09:22 100864 ----a-w- c:\windows\system32\logagent.exe
2008-06-18 09:09:22 100864 ----a-w- c:\windows\system32\dllcache\logagent.exe
2008-06-12 14:23:32 956928 ----a-w- c:\windows\system32\msdtctm.dll
2008-06-12 14:23:32 91648 ----a-w- c:\windows\system32\mtxoci.dll
2008-06-12 14:23:32 66560 ----a-w- c:\windows\system32\mtxclu.dll
2008-06-12 14:23:32 58880 ----a-w- c:\windows\system32\msdtclog.dll
2008-06-12 14:23:32 428032 ----a-w- c:\windows\system32\msdtcprx.dll
2008-06-12 14:23:32 161792 ----a-w- c:\windows\system32\msdtcuiu.dll
2008-05-09 10:53:40 90112 ----a-w- c:\windows\system32\wshext.dll
2008-05-09 10:53:40 172032 ----a-w- c:\windows\system32\scrrun.dll

============= FINISH: 17:32:48.73 ===============


Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:54 PM

Posted 16 September 2010 - 01:14 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.
  1. Do not run any other tool untill instructed to do so!
  2. Please Do not Attach logs or put in code boxes.
  3. Tell me about any problems that have occurred during the fix.
  4. Tell me of any other symptoms you may be having as these can help also.
  5. Do not run anything while running a fix.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:
    Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    • The application window will appear
    • Click the Disable button to disable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger may ask you to reboot the machine, if it does - click OK
    Do not re-enable these drivers until otherwise instructed.

Download DDS:
    Please download DDS by sUBs from one of the links below and save it to your desktop:


    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.
    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
      • DDS.txt
      • Attach.txt
    • A window will open instructing you save & post the logs
    • Save the logs to a convenient place such as your desktop
    • Copy the contents of both logs & post in your next reply

Scan With RKUnHooker
  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


information and logs:
    In your next post I need the following
      1.logs from DDS
      2.log from RKUnHooker
      3.let me know of any problems you may have had

Gringo


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:54 PM

Posted 18 September 2010 - 11:38 PM

Hello

three day bump

It has been Three days since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:54 PM

Posted 22 September 2010 - 09:11 AM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

The fixes and advice in this thread are for this machine only.
Do not apply the instructions from this thread to your own machine.
Please start a new thread describing your issue and someone will be along to assist you.


With Regards,
Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users