Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rkill, MBAM, FixExe and TDSS all fail


  • This topic is locked This topic is locked
26 replies to this topic

#1 g0dsweed

g0dsweed

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 11 August 2011 - 07:39 PM

Have been working on this problem for 3 days. Trouble shooting started in this post:

http://www.bleepingcomputer.com/forums/topic413677.html/page__gopid__2367311#entry2367311

GMER fails, as detailed in above posting.
.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Run by ramon somoano at 1:09:40 on 2004-08-29
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.212 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\3308045974:1765397306.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k termsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://start.facemoods.com/?a=fmtm&s={searchTerms}&f=4
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {0848225A-8181-42FC-8C68-F0A543B12967} - No File
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\program files\autocompletepro\AutocompletePro.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: myYearbook Toolbar BHO: {180e37b8-072d-48e4-800d-f353ee800672} - c:\program files\myyearbook toolbar\Toolbar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Ploose Engine: {4728c29f-7ff4-4fa1-9d34-199451b03bd3} - mscoree.dll
BHO: Surf Canyon Search Engine Assistant: {5ab7104a-b71f-49ad-9154-f7f8806ae848} - c:\program files\surf canyon\surfcanyon.dll
BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: myYearbook Toolbar: {b05caba4-89f3-410b-8471-6bc0edc8c91f} - c:\program files\myyearbook toolbar\Toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [tgcmd] "c:\program files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf
mRun: [CTSysVol] c:\program files\creative\sbaudigy2\surround mixer\CTSysVol.exe
mRun: [CTDVDDet] c:\program files\creative\sbaudigy2\dvdaudio\CTDVDDet.EXE
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
LSP: mswsock.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_Win32.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - hxxp://jcs.chat.dcn.yahoo.com/v45/yacscom.cab
DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - hxxp://musicstore.connect.com/XSL/mb_us//html/activexplayer/SMALStreaming.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} - hxxp://www-cdn.freerealms.com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab?v=1044
DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123909949515
DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab
DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} - hxxp://chat.yahoo.com/cab/yuplapp.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} - hxxps://ediagnostics.lexmark.com/serval.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/SU/SU1.5/ocx/15034/CTPID.cab
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: ter1mw32 - ter1mw32.dll
Notify: termsvces - ter1mw32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\ramon somoano\application data\mozilla\firefox\profiles\ddbon1ht.default\
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=fmtm
FF - prefs.js: keyword.URL - hxxp://search.alot.com/web?&src_id=12286&client_id=58846838bae80c3fbc1e8858&camp_id=2585&install_time=2004-08-26T06:49:48Z&tb_version=2.4.11000%28F%29&pr=auto&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\sony online entertainment\npsoe.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\c2mp\npdivx32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2004-8-26 64288]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-8 121216]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-19 54760]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2011-4-3 10384]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdnserv.exe [2009-7-25 94208]
R2 TermServices;Remote Desktop Service;c:\windows\system32\svchost.exe -k termsvc [2002-8-29 14336]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]
S0 72241172;72241172;c:\windows\system32\drivers\75181833.sys --> c:\windows\system32\drivers\75181833.sys [?]
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys --> c:\windows\system32\drivers\ehdrv.sys [?]
S1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys --> c:\windows\system32\drivers\epfwtdir.sys [?]
S2 ekrn;ESET Service;"c:\program files\eset\eset nod32 antivirus\ekrn.exe" --> c:\program files\eset\eset nod32 antivirus\ekrn.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-28 130560]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-28 130560]
.
=============== File Associations ===============
.
regfile="regedit.exe" "%1"
.
=============== Created Last 30 ================
.
2011-08-06 23:54:55 -------- dc----w- C:\946c50e7d51d913ea1b3b6fbb2
2011-07-29 18:14:55 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\WinZip
2011-07-25 23:10:47 218624 ----a-w- c:\windows\system32\termlw32.dll
2011-07-25 23:10:46 35840 ----a-w- c:\windows\system32\ter1mw32.dll
2011-07-25 08:40:54 0 ----a-w- c:\documents and settings\ramon somoano\local settings\application data\xnxg.exe
2011-07-25 08:40:54 0 ----a-w- c:\documents and settings\all users\application data\tnyp.exe
2011-07-25 08:40:53 0 ----a-w- c:\documents and settings\ramon somoano\local settings\application data\food.exe
2011-07-25 08:40:53 0 ----a-w- c:\documents and settings\all users\application data\fbhq.exe
2011-07-25 08:40:52 0 ----a-w- c:\documents and settings\ramon somoano\local settings\application data\cwvt.exe
2011-07-25 08:40:52 0 ----a-w- c:\documents and settings\all users\application data\ncfo.exe
2011-07-25 08:40:51 0 ----a-w- c:\documents and settings\all users\application data\hnjg.exe
2011-07-25 08:40:50 0 ----a-w- c:\documents and settings\ramon somoano\local settings\application data\tvyc.exe
2011-07-15 00:26:47 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Real
2011-07-15 00:25:20 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2011-07-15 00:24:41 -------- d-----w- c:\program files\common files\xing shared
2011-07-15 00:24:11 150712 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2011-07-15 00:23:56 105472 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2011-07-10 02:55:02 -------- d-----w- c:\program files\getdislike
2011-07-09 23:48:20 -------- d-----w- c:\documents and settings\ramon somoano\application data\facemoods.com
2011-07-09 22:42:48 -------- d-----w- c:\program files\Setup Support for RelevantKnowledge
2011-07-09 22:41:47 -------- d-----w- c:\program files\Ploose
2011-07-09 22:40:38 -------- d-----w- c:\program files\UltimaDownloads
2011-07-09 22:30:05 -------- d-----w- c:\documents and settings\ramon somoano\application data\com.adobe.downloadassistant.AdobeDownloadAssistant
2011-07-09 22:29:41 -------- d-----w- c:\program files\Adobe Download Assistant
2011-07-09 17:38:46 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2011-07-09 17:38:46 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2011-07-04 04:36:24 -------- d-----w- c:\documents and settings\ramon somoano\application data\FCTB000059563
2011-07-04 04:35:42 -------- d-----w- c:\program files\myYearbook Toolbar
2011-07-03 02:48:38 -------- d-----w- c:\program files\CouponAlert_2pEI
2011-07-02 20:36:55 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\assembly
2011-06-16 01:09:22 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-15 14:38:14 105472 ------w- c:\windows\system32\dllcache\mup.sys
2011-06-02 04:43:54 -------- d-----w- c:\documents and settings\ramon somoano\application data\PriceGong
2011-06-02 02:12:12 20124 ----a-w- c:\documents and settings\all users\SPLC.tmp
2011-06-02 00:18:59 20124 ----a-w- c:\documents and settings\all users\SPLA.tmp
2011-06-01 18:18:56 20124 ----a-w- c:\documents and settings\all users\SPL9.tmp
2011-06-01 04:06:20 49904 ----a-r- c:\windows\system32\drivers\BVRPMPR5.SYS
2011-06-01 04:04:57 -------- dc----w- C:\Netgear
2011-06-01 03:29:41 20124 ----a-w- c:\documents and settings\all users\SPL8.tmp
2011-05-31 16:38:31 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2011-05-31 16:38:22 -------- d-----w- c:\program files\W3i
2011-05-31 13:42:37 20124 ----a-w- c:\documents and settings\all users\SPL7.tmp
2011-05-31 00:02:40 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\ESET
2011-05-30 20:29:43 20124 ----a-w- c:\documents and settings\all users\SPL6.tmp
2011-05-30 20:21:17 -------- dc-h--w- c:\windows\ie8
2011-05-30 20:11:35 20124 ----a-w- c:\documents and settings\all users\SPLB.tmp
2011-05-30 20:05:29 20124 ----a-w- c:\documents and settings\all users\SPLE.tmp
2011-05-30 19:41:09 20124 ----a-w- c:\documents and settings\all users\SPL5.tmp
2011-05-30 14:55:52 20124 ----a-w- c:\documents and settings\all users\SPL13.tmp
2011-05-30 01:52:37 -------- d-----w- c:\documents and settings\ramon somoano\application data\IMVU
2011-05-30 01:50:33 -------- d-----w- c:\documents and settings\ramon somoano\application data\IMVUClient
2011-05-29 01:30:02 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-28 22:46:33 20124 ----a-w- c:\documents and settings\all users\SPL4.tmp
2011-05-28 15:41:27 20124 ----a-w- c:\documents and settings\all users\SPL2.tmp
2011-05-27 16:25:33 20124 ----a-w- c:\documents and settings\all users\SPL3.tmp
2011-05-23 19:46:26 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Microsoft Help
2011-05-23 19:34:20 -------- d-----w- c:\program files\PowerISO
2011-05-23 18:51:36 20124 ----a-w- c:\documents and settings\all users\SPLD.tmp
2011-05-15 19:55:28 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-05-14 01:11:54 641536 ----a-w- c:\program files\common files\microsoft shared\vc\msdia80.dll
2011-04-19 08:47:04 670032 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
2011-04-03 08:14:47 10384 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2011-04-03 08:12:33 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2011-04-03 08:12:18 84496 ----a-w- c:\windows\system32\KemXML.dll
2011-04-03 08:12:18 170512 ----a-w- c:\windows\system32\kemutb.dll
2011-04-03 08:12:18 145936 ----a-w- c:\windows\system32\KemUtil.dll
2011-04-03 08:12:18 117264 ----a-w- c:\windows\system32\KemWnd.dll
2011-03-20 09:40:44 1079144 ----a-w- c:\program files\common files\microsoft shared\office12\RICHED20.DLL
2011-03-02 02:33:13 -------- d-----w- c:\documents and settings\ramon somoano\.thumbnails
2011-03-02 02:13:24 -------- d-----w- c:\documents and settings\ramon somoano\.gimp-2.6
2011-03-02 02:12:26 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Yahoo
2011-03-02 02:12:25 -------- d-----w- c:\documents and settings\ramon somoano\.gegl-0.0
2011-03-02 02:04:53 -------- d-----w- c:\documents and settings\all users\application data\W3i
2011-03-02 02:00:07 -------- d-----w- c:\program files\Surf Canyon
2011-03-02 02:00:02 -------- d-----w- c:\program files\Free Offers from Freeze.com
2011-02-25 15:52:28 -------- d-sh--w- C:\found.000
2011-02-16 23:00:38 17370496 ----a-w- c:\program files\common files\microsoft shared\office12\MSO.DLL
2011-02-11 13:25:52 229888 ------w- c:\windows\system32\dllcache\fxscover.exe
2011-02-09 13:53:52 270848 ------w- c:\windows\system32\dllcache\sbe.dll
2011-02-09 13:53:52 186880 ------w- c:\windows\system32\dllcache\encdec.dll
2011-02-02 07:58:35 2067456 ------w- c:\windows\system32\dllcache\lhmstscx.dll
2011-01-27 11:57:06 677888 ------w- c:\windows\system32\dllcache\lhmstsc.exe
2011-01-24 21:03:58 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-01-24 21:03:58 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys
2011-01-23 21:19:04 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Geckofx
2011-01-23 21:19:03 -------- d-----w- c:\documents and settings\ramon somoano\application data\Red Kawa
2011-01-22 17:59:35 -------- d-----w- c:\program files\Yontoo Layers Client
2011-01-21 14:44:37 439296 ------w- c:\windows\system32\dllcache\shimgvw.dll
2011-01-12 03:14:07 -------- d-----w- c:\program files\iPod
2011-01-12 03:13:50 -------- d-----w- c:\program files\iTunes
2011-01-12 03:13:50 -------- d-----w- c:\documents and settings\all users\application data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-01-12 03:08:06 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-01-12 03:06:17 -------- d-----w- c:\program files\Bonjour
2011-01-06 02:36:53 -------- d-----w- c:\documents and settings\ramon somoano\application data\BitTorrent
2011-01-01 01:24:47 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2011-01-01 01:24:47 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll
2011-01-01 01:24:47 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2011-01-01 01:24:46 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2011-01-01 01:24:46 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2011-01-01 01:24:46 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2011-01-01 01:24:46 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2011-01-01 01:24:46 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2011-01-01 01:24:46 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2011-01-01 01:24:46 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2011-01-01 01:24:42 -------- d-----w- c:\program files\Free Audio Editor
2010-12-29 03:13:12 -------- d-----w- c:\program files\VstPlugins
2010-12-29 03:06:03 -------- d-----w- c:\program files\Image-Line
2010-12-20 17:32:15 551936 ------w- c:\windows\system32\dllcache\oleaut32.dll
2010-12-15 21:11:11 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 21:06:34 45568 ------w- c:\windows\system32\dllcache\wab.exe
2010-11-29 22:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12:44 81920 ------w- c:\windows\system32\dllcache\isign32.dll
2010-11-14 18:01:34 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Temp
2010-11-13 02:04:39 -------- d-----w- c:\windows\system32\20-20 Technologies
2010-11-09 14:52:35 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2010-11-09 14:52:35 249856 ------w- c:\windows\system32\dllcache\odbc32.dll
2010-11-09 14:52:35 200704 ------w- c:\windows\system32\dllcache\msadox.dll
2010-11-09 14:52:35 180224 ------w- c:\windows\system32\dllcache\msadomd.dll
2010-11-09 14:52:35 143360 ------w- c:\windows\system32\dllcache\msadco.dll
2010-11-09 14:52:35 102400 ------w- c:\windows\system32\dllcache\msjro.dll
2010-11-08 16:38:32 -------- d-----w- c:\program files\BitTorrent
2010-11-01 18:06:12 -------- d-----w- c:\program files\AutocompletePro
2010-11-01 18:06:00 -------- d-----w- c:\program files\VDownloader
2010-10-15 00:16:48 978944 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-15 00:16:48 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-15 00:16:48 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-15 00:16:36 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-07 17:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 17:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 17:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-09-26 17:40:53 -------- d-----w- c:\documents and settings\ramon somoano\application data\vShare
2010-09-26 17:40:03 -------- d-----w- c:\program files\vShare
2010-09-26 15:51:09 -------- d-----w- c:\program files\GMI
2010-09-26 15:49:30 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2010-09-26 15:49:29 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2010-09-26 15:49:29 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2010-09-26 15:49:29 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2010-09-26 15:49:27 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2010-09-26 15:48:41 -------- d-----w- c:\documents and settings\ramon somoano\application data\ZiggyTV
2010-09-26 15:48:36 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2010-09-26 15:48:29 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2010-09-26 15:48:17 -------- d-----w- c:\program files\ZiggyTV
2010-08-27 05:57:43 99840 ------w- c:\windows\system32\dllcache\srvsvc.dll
2010-08-17 13:17:06 58880 ------w- c:\windows\system32\dllcache\spoolsv.exe
2010-07-25 03:01:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-25 03:01:07 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-07-22 12:58:54 119160 ----a-w- c:\program files\common files\microsoft shared\textconv\MSCONV97.DLL
2010-07-16 12:05:55 1288192 ------w- c:\windows\system32\dllcache\ole32.dll
2010-07-14 21:11:22 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Conduit
2010-07-14 17:34:25 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-06-18 17:45:17 293376 ------w- c:\windows\system32\dllcache\winsrv.dll
2010-06-12 17:44:10 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-05-16 22:53:41 -------- d-----w- c:\documents and settings\ramon somoano\application data\Vivox
2010-04-20 05:30:08 290432 ------w- c:\windows\system32\dllcache\atmfd.dll
2010-04-17 04:04:40 306032 -c--a-w- c:\windows\WLXPGSS.SCR
2010-04-16 15:36:56 406016 ------w- c:\windows\system32\dllcache\usp10.dll
2010-04-12 08:44:34 59388 ----a-w- c:\windows\system32\drivers\scdemu.sys
2010-04-01 23:26:15 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-31 04:16:34 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-03-31 04:10:40 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-03-30 16:24:40 317440 ------w- c:\windows\system32\dllcache\mp4sdecd.dll
2010-03-07 03:04:40 3335916 ----a-w- c:\windows\system32\nv4_disp.dll
2010-03-07 03:04:40 3335916 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-03-05 14:37:40 65536 ------w- c:\windows\system32\dllcache\asycfilt.dll
2010-02-28 05:31:37 1346281 ----a-w- c:\documents and settings\all users\SPL332.tmp
2010-02-12 04:33:11 100864 ------w- c:\windows\system32\dllcache\6to4svc.dll
2010-01-17 15:14:29 311043 ----a-w- c:\documents and settings\all users\SPL63.tmp
2010-01-14 02:11:01 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\SCE
2010-01-14 02:05:29 -------- d-----w- c:\documents and settings\ramon somoano\application data\Sony Online Entertainment
2010-01-14 02:05:27 -------- d-----w- c:\program files\Sony Online Entertainment
2010-01-13 14:01:25 86016 ------w- c:\windows\system32\dllcache\cabview.dll
2010-01-12 23:15:00 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2009-12-24 06:59:40 177664 ------w- c:\windows\system32\dllcache\wintrust.dll
2009-12-16 18:43:27 343040 ------w- c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:08:23 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll
2009-12-12 06:47:03 -------- d-----w- c:\documents and settings\all users\application data\PCSettings
2009-12-12 06:46:25 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2009-12-03 22:54:28 -------- d-----w- c:\documents and settings\all users\application data\Norton
2009-12-02 14:14:52 2804125 ----a-w- c:\documents and settings\all users\SPLC8.tmp
2009-11-27 17:11:44 17920 ------w- c:\windows\system32\dllcache\msyuv.dll
2009-11-27 16:07:35 28672 ------w- c:\windows\system32\dllcache\msvidc32.dll
2009-11-27 16:07:34 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll
2009-11-27 16:07:34 11264 ------w- c:\windows\system32\dllcache\msrle32.dll
2009-11-22 18:54:17 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\RobloxDownloads
2009-11-22 18:53:34 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\RobloxVersions
2009-11-07 05:07:08 49488 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-07 05:07:04 297808 ----a-w- c:\windows\system32\mscoree.dll
2009-11-07 05:06:46 1130824 ----a-w- c:\windows\system32\dfshim.dll
2009-10-21 05:38:36 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll
2009-10-21 05:38:36 25088 ------w- c:\windows\system32\dllcache\httpapi.dll
2009-10-20 16:20:16 265728 ------w- c:\windows\system32\dllcache\http.sys
2009-10-13 10:30:16 270336 ------w- c:\windows\system32\dllcache\oakley.dll
2009-10-12 13:38:19 149504 ------w- c:\windows\system32\dllcache\rastls.dll
2009-10-12 13:38:18 79872 ------w- c:\windows\system32\dllcache\raschap.dll
2009-10-10 03:10:46 2594632 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBE6.DLL
2009-09-16 01:10:49 2245737 ----a-w- c:\documents and settings\all users\SPL9E.tmp
2009-09-13 03:07:56 3772412 ----a-w- c:\documents and settings\all users\SPL7F9.tmp
2009-09-10 00:16:24 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2009-09-07 03:14:20 3085912 ----a-w- c:\documents and settings\all users\SPL84.tmp
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-18 03:33:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-17 02:19:04 -------- d-----w- c:\program files\KingsIsle Entertainment
2009-08-13 00:15:03 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-09 21:08:17 1133668 ----a-w- c:\documents and settings\all users\SPL9D.tmp
2009-08-05 09:01:48 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-03 03:04:13 -------- d-----w- c:\windows\nview
2009-08-03 02:50:49 -------- d-----w- C:\NVIDIA
2009-08-02 17:02:54 52568404 ----a-w- c:\documents and settings\all users\SPL1.tmp
2009-08-02 02:46:21 52568404 ----a-w- c:\documents and settings\all users\SPL94.tmp
2009-08-02 00:13:09 -------- d-----w- c:\documents and settings\ramon somoano\application data\2K Sports
2009-08-01 23:51:17 -------- d-----w- c:\program files\2K Sports
2009-08-01 03:54:04 -------- d-----w- c:\windows\Logs
2009-07-29 22:24:18 -------- d-----w- c:\windows\LMI72.tmp
2009-07-29 22:18:24 -------- d-----w- c:\documents and settings\all users\application data\Lexmark 2600 Series
2009-07-27 23:17:41 135168 ------w- c:\windows\system32\dllcache\shsvcs.dll
2009-07-27 02:30:39 -------- d-----w- c:\windows\system32\XPSViewer
2009-07-27 02:30:01 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-07-27 02:27:15 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-07-27 02:27:15 117760 ------w- c:\windows\system32\prntvpt.dll
2009-07-27 02:27:14 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-07-27 02:27:14 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-07-27 02:27:14 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-07-27 02:27:14 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-07-27 02:27:11 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-07-27 02:27:11 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-07-27 02:27:07 -------- d-----w- C:\e5ab88d121551d5de3b11a90611c
2009-07-26 03:53:11 -------- d-----w- c:\documents and settings\ramon somoano\application data\Lexmark Productivity Studio
2009-07-26 02:56:53 -------- d-----w- c:\documents and settings\ramon somoano\application data\FaxCtr
2009-07-26 02:13:31 -------- d-----w- c:\documents and settings\all users\Lx_cats
2009-07-26 02:08:10 -------- d-----w- C:\logs
2009-07-26 02:05:19 40960 ----a-w- c:\windows\system32\lxdnvs.dll
2009-07-26 02:03:50 348160 ----a-w- c:\windows\system32\lxdncoin.dll
2009-07-26 02:03:47 115200 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\lxdndrpp.dll
2009-07-26 02:02:25 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-07-26 02:02:25 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2009-07-26 02:02:23 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2009-07-26 02:02:23 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-07-26 02:01:53 81920 ----a-w- c:\windows\system32\lxdncaps.dll
2009-07-26 02:01:53 782336 ----a-w- c:\windows\system32\lxdndrs.dll
2009-07-26 02:01:52 69632 ----a-w- c:\windows\system32\lxdncnv4.dll
2009-07-26 01:59:46 45056 ----a-w- c:\windows\system32\LXF3PMON.DLL
2009-07-26 01:59:46 32768 ----a-w- c:\windows\system32\LXF3FXPU.DLL
2009-07-26 01:59:25 53248 ----a-w- c:\windows\system32\lxf3oem.dll
2009-07-26 01:59:25 49152 ----a-w- c:\windows\system32\IM31IMG.DIL
2009-07-26 01:59:25 12288 ----a-w- c:\windows\system32\LXF3PMRC.DLL
2009-07-26 01:59:24 69632 ----a-w- c:\windows\system32\IM31XTIF.DEL
2009-07-26 01:59:23 98304 ----a-w- c:\windows\system32\IM31XPNG.DEL
2009-07-26 01:59:21 98345 ----a-w- c:\windows\system32\IMHOST32.DLL
2009-07-26 01:59:20 339968 ----a-w- c:\windows\system32\IMGMAN32.DLL
2009-07-26 01:58:48 -------- d-----w- c:\documents and settings\all users\application data\FaxCtr
2009-07-26 01:58:15 -------- d-----w- c:\program files\Lexmark Fax Solutions
2009-07-26 01:57:43 -------- d-----w- c:\program files\Abbyy FineReader 6.0 Sprint
2009-07-26 01:55:20 -------- d-----w- c:\program files\Lexmark Toolbar
2009-07-26 01:55:05 17064 ----a-w- c:\windows\system32\lxdnwupd.exe
2009-07-26 01:55:03 102400 ----a-w- c:\windows\system32\lxdnwupd.dll
2009-07-25 13:42:52 -------- d-----w- c:\program files\Disney
2009-07-21 05:05:40 1348432 ----a-w- c:\windows\system32\msxml4.dll
2009-07-17 19:01:06 58880 ------w- c:\windows\system32\dllcache\atl.dll
2009-07-17 16:22:18 1435648 ------w- c:\windows\system32\dllcache\query.dll
2009-07-14 03:43:24 10841088 ------w- c:\windows\system32\dllcache\wmp.dll
2009-06-25 08:25:26 54272 ------w- c:\windows\system32\dllcache\wdigest.dll
2009-06-25 08:25:26 301568 ------w- c:\windows\system32\dllcache\kerberos.dll
2009-06-25 08:25:26 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-06-24 11:18:41 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys
2009-06-17 16:56:32 28560 ----a-w- c:\windows\system32\drivers\LUsbFilt.sys
2009-06-17 16:56:24 79248 ----a-w- c:\windows\system32\drivers\LMouKE.Sys
2009-06-17 16:56:16 37392 ----a-w- c:\windows\system32\drivers\LMouFilt.Sys
2009-06-17 16:56:06 35472 ----a-w- c:\windows\system32\drivers\LHidFilt.Sys
2009-06-17 16:55:26 63248 ----a-w- c:\windows\system32\drivers\L8042mou.Sys
2009-06-17 16:55:18 20240 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys
2009-06-17 16:55:10 55824 ----a-w- c:\windows\KHALMNPR.Exe
2009-06-16 14:36:30 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2009-06-16 14:36:30 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2009-06-13 23:00:46 -------- d-sh--w- c:\documents and settings\ramon somoano\IECompatCache
2009-06-13 22:58:40 -------- d-sh--w- c:\documents and settings\ramon somoano\PrivacIE
2009-06-13 22:29:06 -------- d-sh--w- c:\documents and settings\ramon somoano\IETldCache
2009-06-13 05:15:00 1661792 ----a-w- c:\program files\common files\microsoft shared\office12\OGL.DLL
2009-06-12 12:31:39 76288 ------w- c:\windows\system32\dllcache\telnet.exe
2009-06-10 14:13:29 84992 ------w- c:\windows\system32\dllcache\avifil32.dll
2009-06-10 13:19:38 2066432 ------w- c:\windows\system32\dllcache\mstscax.dll
2009-06-10 06:14:49 132096 ------w- c:\windows\system32\dllcache\wkssvc.dll
2009-06-09 22:48:57 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-06-09 22:48:56 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-09 22:48:51 -------- d-----w- c:\windows\ie8updates
2009-06-09 22:47:49 7680 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-05-30 01:55:44 -------- d-----w- c:\documents and settings\ramon somoano\application data\BitZipper
2009-05-28 20:09:21 -------- d-----w- c:\program files\BitZipper
2009-05-07 15:32:35 345600 ------w- c:\windows\system32\dllcache\localspl.dll
2009-04-20 17:17:26 45568 ------w- c:\windows\system32\dllcache\dnsrslvr.dll
2009-04-18 01:07:48 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2009-04-18 01:07:41 35328 ------w- c:\windows\system32\dllcache\sc.exe
2009-04-18 01:07:37 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2009-04-18 01:07:22 110592 ------w- c:\windows\system32\dllcache\services.exe
2009-04-18 01:07:16 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2009-04-18 01:07:12 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-18 01:07:03 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-18 01:06:47 730112 ------w- c:\windows\system32\dllcache\lsasrv.dll
2009-04-18 01:06:39 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2009-04-18 01:06:33 718336 ------w- c:\windows\system32\dllcache\ntdll.dll
2009-04-18 01:04:55 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2009-04-18 01:04:53 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
2009-04-15 14:51:25 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2009-04-03 22:46:26 97640 ----a-w- c:\program files\common files\microsoft shared\office12\EXP_PDF.DLL
2009-04-03 21:59:44 79728 ----a-w- c:\program files\common files\microsoft shared\office12\1033\xlsrvintl.dll
2009-04-02 17:07:44 186240 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\office.en-us\OSETUPUI.DLL
2009-04-02 17:07:10 6540120 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUP.DLL
2009-04-02 17:06:52 439160 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\SETUP.EXE
2009-04-02 17:06:42 231848 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\ODEPLOY.EXE
2009-04-02 16:02:04 11632 ----a-w- c:\program files\common files\microsoft shared\office12\1033\OLBINTL.DLL
2009-04-02 16:02:04 10339712 ----a-w- c:\program files\common files\microsoft shared\office12\1033\MSOINTL.DLL
2009-04-02 16:02:02 45968 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUPPS.DLL
2009-04-02 16:02:02 14720 ----a-w- c:\program files\common files\microsoft shared\smart tag\SmartTagInstall.exe
2009-04-02 16:02:00 552816 ----a-w- c:\program files\common files\microsoft shared\office12\OFFLB.EXE
2009-04-02 16:02:00 17792 ----a-w- c:\program files\common files\microsoft shared\office12\OPHPROXY.DLL
2009-04-02 16:02:00 15760 ----a-w- c:\program files\common files\microsoft shared\office12\OPTINPS.DLL
2009-04-02 16:02:00 12616 ----a-w- c:\program files\common files\microsoft shared\office12\OFFREL.DLL
2009-04-02 16:01:58 6637936 ----a-w- c:\program files\common files\microsoft shared\office12\MSORES.DLL
2009-04-02 16:01:58 42864 ----a-w- c:\program files\common files\microsoft shared\office12\MSSH.DLL
2009-04-02 16:01:46 18816 ----a-w- c:\program files\common files\microsoft shared\office12\MSMH.DLL
2009-04-02 16:01:44 70000 ----a-w- c:\program files\common files\microsoft shared\office12\LBGHOST.DLL
2009-04-02 16:01:44 56680 ----a-w- c:\program files\common files\microsoft shared\office12\EXP_XPS.DLL
2009-04-02 16:01:44 177520 ----a-w- c:\program files\common files\microsoft shared\smart tag\IETAG.DLL
2009-03-27 02:02:46 -------- d-----w- c:\documents and settings\ramon somoano\Tracing
2009-03-21 14:06:58 989696 ------w- c:\windows\system32\dllcache\kernel32.dll
2009-03-19 23:46:06 54760 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-03-19 23:44:01 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-03-19 23:42:59 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-03-19 23:33:58 -------- d-----w- c:\program files\Microsoft
2009-03-19 23:33:39 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-03-19 23:32:17 4865408 ----a-w- c:\program files\common files\windows live\.cache\f10574901c9a8ea\Silverlight.2.0.exe
2009-03-19 23:30:42 74520 ----a-w- c:\program files\common files\windows live\.cache\b82a00461c9a8ea\DSETUP.dll
2009-03-19 23:30:42 484632 ----a-w- c:\program files\common files\windows live\.cache\b82a00461c9a8ea\DXSETUP.exe
2009-03-19 23:30:42 1670936 ----a-w- c:\program files\common files\windows live\.cache\b82a00461c9a8ea\dsetup32.dll
2009-03-19 23:30:09 1013800 ----a-w- c:\program files\common files\windows live\.cache\a4b7d2361c9a8ea\WindowsXP-KB954708-x86-ENU.exe
2009-03-19 23:28:38 36171640 ----a-w- c:\program files\common files\windows live\.cache\wlcAD.tmp
2009-03-19 23:27:52 -------- d-----w- c:\program files\common files\Windows Live
2009-03-08 18:22:30 49152 ------w- c:\windows\system32\msrating.dll.mui
2009-03-08 18:22:18 2560 ------w- c:\windows\system32\mshta.exe.mui
2009-03-08 18:21:06 4096 ------w- c:\windows\system32\ie4uinit.exe.mui
2009-03-08 18:20:54 81920 ------w- c:\windows\system32\iedkcs32.dll.mui
2009-03-08 08:35:32 743424 ------w- c:\program files\internet explorer\iedvtool.dll
2009-03-08 08:35:12 233984 ------w- c:\program files\internet explorer\jsprofilerui.dll
2009-03-08 08:35:04 7680 ------w- c:\program files\internet explorer\iecompat.dll
2009-03-08 08:35:04 144384 ------w- c:\program files\internet explorer\ExtExport.exe
2009-03-08 08:35:04 118272 ------w- c:\program files\internet explorer\JSProfilerCore.dll
2009-03-08 08:35:02 521216 ------w- c:\program files\internet explorer\jsdbgui.dll
2009-03-08 08:35:02 121344 ------w- c:\program files\internet explorer\jsdebuggeride.dll
2009-03-08 08:33:18 12800 ------w- c:\program files\internet explorer\xpshims.dll
2009-03-06 06:47:58 575416 ----a-w- c:\program files\common files\microsoft shared\office12\ACEDAO.DLL
2009-03-06 06:47:58 47008 ----a-w- c:\program files\common files\microsoft shared\office12\ACEERR.DLL
2009-03-06 06:47:58 190400 ----a-w- c:\program files\common files\microsoft shared\office12\ACEES.DLL
2009-03-06 06:47:56 1759136 ----a-w- c:\program files\common files\microsoft shared\office12\ACECORE.DLL
2009-03-03 22:11:02 -------- d-----w- c:\program files\vixy.net
2009-03-03 21:29:22 318976 ----a-w- c:\windows\system32\avisynth.dll
2009-03-03 21:29:18 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2009-03-03 21:29:18 70656 ----a-w- c:\windows\system32\i420vfw.dll
2009-03-03 21:29:18 27648 ----a-w- c:\windows\system32\AVSredirect.dll
2009-03-03 21:26:52 92672 --sh--r- c:\windows\system32\RLVorbisDec.ax
2009-03-03 21:26:51 67584 --sh--r- c:\windows\system32\RLTheoraDec.ax
2009-03-03 21:26:51 51712 --sh--r- c:\windows\system32\RLSpeexDec.ax
2009-03-03 21:26:50 186880 --sh--r- c:\windows\system32\RLOgg.ax
2009-03-03 21:26:44 179200 --sh--r- c:\windows\system32\DiracSplitter.ax
2009-03-03 05:23:58 303616 ----a-w- c:\windows\box.exe
2009-02-17 21:14:40 117640 ----a-w- c:\program files\common files\microsoft shared\windows live\WLLoginProxy.exe
2009-02-17 21:11:04 408440 ----a-w- c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
2009-02-17 21:09:02 95128 ----a-w- c:\program files\common files\microsoft shared\windows live\LogicalDevice.dll
2009-02-17 21:09:00 236936 ----a-w- c:\program files\common files\microsoft shared\windows live\HWDeviceLogin.dll
2009-02-17 21:09:00 1141640 ----a-w- c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
2009-02-14 09:04:38 756040 ----a-w- c:\program files\common files\microsoft shared\office12\MSPTLS.DLL
2009-02-05 15:37:00 1117568 ----a-w- c:\program files\common files\microsoft shared\filters\offfiltx.dll
2009-02-03 19:59:07 56832 ------w- c:\windows\system32\dllcache\secur32.dll
2009-01-11 14:33:04 -------- d-----w- c:\documents and settings\all users\application data\Electronic Arts
2009-01-07 22:20:54 134144 ------w- c:\windows\system32\dllcache\sqmapi.dll
2009-01-07 22:20:54 134144 ------w- c:\program files\internet explorer\sqmapi.dll
2009-01-07 22:20:18 355832 ------w- c:\program files\internet explorer\pdm.dll
2009-01-07 22:20:18 265720 ----a-w- c:\windows\system32\msdbg2.dll
2008-12-24 15:24:06 -------- d-----w- c:\windows\system32\custom matrices
2008-12-24 15:23:09 -------- d-----w- c:\windows\system32\C2MP
2008-12-16 12:30:34 354816 ------w- c:\windows\system32\dllcache\winhttp.dll
2008-12-05 06:54:55 149504 ------w- c:\windows\system32\dllcache\schannel.dll
2008-12-04 09:00:58 969552 ----a-r- c:\program files\common files\microsoft shared\textconv\wkcvqd01.dll
2008-12-04 09:00:58 279904 ----a-r- c:\program files\common files\microsoft shared\textconv\wkls31.dll
2008-12-04 09:00:58 162640 ----a-r- c:\program files\common files\microsoft shared\textconv\wkcvqr01.dll
2008-11-25 20:41:36 324976 -c--a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2008-11-25 02:17:18 983944 ----a-w- c:\program files\common files\microsoft shared\web server extensions\12\bin\FPWEC.DLL
2008-11-21 04:02:30 988040 ----a-w- c:\program files\common files\microsoft shared\office12\msoshext.dll
2008-11-21 03:58:22 972632 ----a-w- c:\program files\common files\microsoft shared\web folders\MSONSEXT.DLL
2008-11-21 03:58:20 1011544 ----a-w- c:\program files\common files\system\ole db\MSDAIPP.DLL
2008-11-16 05:52:12 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2008-11-12 20:28:21 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 20:26:28 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2008-11-10 15:38:42 27000 ----a-w- c:\program files\common files\microsoft shared\euro\MSOEURO.DLL
2008-11-10 06:27:52 31592 ----a-w- c:\program files\common files\microsoft shared\filters\msgfilt.dll
2008-11-06 22:57:11 21504 ----a-w- c:\windows\system32\drivers\motmodem.sys
2008-11-06 22:57:11 1419232 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2008-11-06 22:55:01 -------- d-----w- c:\program files\common files\Motorola Shared
2008-11-06 22:46:41 -------- d-----w- c:\program files\Avanquest update
2008-11-06 22:45:46 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2008-11-06 22:45:46 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys
2008-11-06 22:44:04 -------- d-----w- c:\program files\Motorola Phone Tools
2008-11-06 22:41:52 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll
2008-11-06 22:41:52 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll
2008-11-06 22:41:51 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll
2008-11-06 22:41:51 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll
2008-11-06 22:41:51 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe
2008-11-06 22:41:49 323716 -c--a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll
2008-11-06 22:41:49 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll
2008-11-06 22:23:29 -------- d-----w- c:\program files\PQDVD
2008-11-04 05:44:24 814464 ----a-w- c:\program files\common files\microsoft shared\dw\DW20.EXE
2008-11-04 05:44:24 439632 ----a-w- c:\program files\common files\microsoft shared\dw\DWDCW20.DLL
2008-11-04 05:44:24 435096 ----a-w- c:\program files\common files\microsoft shared\dw\DWTRIG20.EXE
2008-11-04 05:06:30 2872688 ----a-w- c:\program files\common files\microsoft shared\office12\OFFDIAG.EXE
2008-11-04 05:06:28 441712 ----a-w- c:\program files\common files\microsoft shared\office12\ODSERV.EXE
2008-11-04 03:39:44 179128 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACEINTL.DLL
2008-10-26 09:42:18 16216 ----a-w- c:\program files\common files\microsoft shared\portal\1033\PortalConnect.dll
2008-10-26 09:42:16 482656 ----a-w- c:\program files\common files\microsoft shared\portal\PortalConnectCore.dll
2008-10-25 13:27:54 44408 ----a-w- c:\program files\common files\microsoft shared\office12\MSOXMLMF.DLL
2008-10-25 10:38:38 145224 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ALRTINTL.DLL
2008-10-25 10:18:52 89464 ----a-w- c:\program files\common files\microsoft shared\smart tag\METCONV.DLL
2008-10-25 09:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODTXT.DLL
2008-10-25 09:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODPDX.DLL
2008-10-25 09:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODEXL.DLL
2008-10-25 09:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODDBS.DLL
2008-10-25 07:38:36 1682800 ----a-w- c:\program files\common files\microsoft shared\web server extensions\12\bin\FPSRVUTL.DLL
2008-10-25 02:50:52 436584 ----a-w- c:\program files\common files\microsoft shared\msorun\MSORUN.DLL
2008-10-25 02:21:26 505192 ----a-w- c:\program files\common files\microsoft shared\office12\MSSOAP30.DLL
2008-10-25 02:04:22 1409 ----a-w- c:\windows\QTFont.for
2008-10-25 01:14:58 1425912 ----a-w- c:\program files\common files\microsoft shared\office11\msxml5.dll
2008-10-24 14:27:52 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2008-10-23 15:52:11 -------- d-----w- c:\program files\ASIO4ALL v2
2008-10-23 15:52:01 225280 ----a-w- c:\windows\system32\rewire.dll
2008-10-23 15:50:33 1554944 ----a-w- c:\windows\system32\vorbis.acm
2008-10-23 15:49:35 -------- d-----w- c:\program files\Outsim
2008-10-23 12:36:14 286720 ------w- c:\windows\system32\dllcache\gdi32.dll
2008-10-16 00:34:43 357888 ------w- c:\windows\system32\dllcache\srv.sys
2008-10-16 00:34:17 1857920 ------w- c:\windows\system32\dllcache\win32k.sys
2008-10-16 00:34:12 2148864 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-16 00:34:11 2192768 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-16 00:34:11 2027008 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-16 00:34:10 2069376 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-09-17 20:29:12 20040 ----a-w- c:\documents and settings\all users\application data\microsoft\identitycrl\production\ppcrlconfig.dll
2008-08-27 23:32:34 -------- d-----w- c:\windows\system32\scripting
2008-08-27 23:32:31 -------- d-----w- c:\windows\l2schemas
2008-08-27 23:32:29 -------- d-----w- c:\windows\system32\en
2008-08-27 22:24:57 30208 ------w- c:\windows\system32\napipsec.dll
2008-08-27 22:23:54 7168 ------w- c:\windows\system32\bitsprx4.dll
2008-08-27 22:23:54 233472 ------w- c:\windows\system32\azroles.dll
2008-08-27 22:23:45 136192 ------w- c:\windows\system32\aaclient.dll
2008-08-26 02:50:22 155648 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\1033\VBE6INTL.DLL
2008-08-17 01:50:34 60 ----a-w- c:\windows\system32\E_S8E.tmp
2008-08-14 15:57:55 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2008-08-14 15:57:35 692736 ------w- c:\windows\system32\dllcache\inetcomm.dll
2008-08-10 03:22:44 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2008-08-03 16:24:49 -------- d-----w- c:\documents and settings\all users\Symantec Temporary Files
2008-07-30 01:10:04 73720 ----a-w- c:\windows\system32\dxva2.dll
2008-07-30 01:10:04 493048 ----a-w- c:\windows\system32\evr.dll
2008-07-30 01:10:04 26112 ----a-w- c:\windows\system32\TsWpfWrp.exe
2008-07-29 23:59:58 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2008-07-29 23:59:58 161296 ----a-w- c:\windows\system32\UIAutomationCore.dll
2008-07-29 23:59:58 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-29 23:24:50 97800 ----a-w- c:\windows\system32\infocardapi.dll
2008-07-29 23:24:50 622080 ----a-w- c:\windows\system32\icardagt.exe
2008-07-29 23:24:50 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2008-07-29 23:24:50 11264 ----a-w- c:\windows\system32\icardres.dll
2008-07-29 09:49:58 586240 ----a-w- c:\windows\system32\icardres.dll.mui
2008-07-25 15:16:58 83968 ----a-w- c:\windows\system32\mscories.dll
2008-07-25 15:16:58 158720 ----a-w- c:\windows\system32\mscorier.dll
2008-07-25 15:16:58 158720 ----a-w- c:\program files\internet explorer\mui\0409\mscorier.dll
2008-07-07 20:26:58 253952 ------w- c:\windows\system32\dllcache\es.dll
2008-06-24 16:43:16 74240 ------w- c:\windows\system32\dllcache\mscms.dll
2008-06-21 04:39:10 5524 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2008-06-20 17:46:57 245248 ------w- c:\windows\system32\dllcache\mswsock.dll
2008-06-20 17:46:57 149504 ------w- c:\windows\system32\dllcache\dnsapi.dll
2008-06-20 11:51:12 361600 ------w- c:\windows\system32\dllcache\tcpip.sys
2008-06-20 11:40:08 138496 ------w- c:\windows\system32\dllcache\afd.sys
2008-06-20 11:08:27 226880 ------w- c:\windows\system32\dllcache\tcpip6.sys
2008-06-17 19:02:19 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
2008-06-12 14:23:32 956928 ------w- c:\windows\system32\dllcache\msdtctm.dll
2008-06-12 14:23:32 91648 ------w- c:\windows\system32\dllcache\mtxoci.dll
2008-06-12 14:23:32 66560 ------w- c:\windows\system32\dllcache\mtxclu.dll
2008-06-12 14:23:32 58880 ------w- c:\windows\system32\dllcache\msdtclog.dll
2008-06-12 14:23:32 428032 ------w- c:\windows\system32\dllcache\msdtcprx.dll
2008-06-12 14:23:32 161792 ------w- c:\windows\system32\dllcache\msdtcuiu.dll
2008-06-11 23:33:04 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2008-06-11 23:32:53 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2008-05-31 18:07:53 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2008-05-09 10:53:40 90112 ------w- c:\windows\system32\dllcache\wshext.dll
2008-05-09 10:53:40 420864 ----a-w- c:\windows\system32\dllcache\vbscript.dll
2008-05-09 10:53:40 172032 ------w- c:\windows\system32\dllcache\scrrun.dll
2008-05-09 10:53:39 726528 ----a-w- c:\windows\system32\dllcache\jscript.dll
2008-05-09 10:53:39 180224 ------w- c:\windows\system32\dllcache\scrobj.dll
2008-05-07 09:07:23 135168 ------w- c:\windows\system32\dllcache\cscript.exe
2008-05-07 05:12:40 1291776 ------w- c:\windows\system32\dllcache\quartz.dll
2008-05-03 05:04:27 -------- d-----w- c:\documents and settings\all users\application data\MumboJumbo
2008-03-31 21:25:52 161096 ----a-w- c:\windows\system32\DivXCodecVersionChecker.exe
2008-03-29 15:42:30 536576 ----a-w- c:\windows\system32\splitter.ax
2008-03-29 15:42:22 245248 ----a-w- c:\windows\system32\dxr.dll
2008-03-29 15:42:20 159744 ----a-w- c:\windows\system32\mmfinfo.dll
2008-03-29 15:42:14 102400 ----a-w- c:\windows\system32\avss.dll
2008-03-29 15:42:08 148992 ----a-w- c:\windows\system32\mkx.dll
2008-03-29 15:42:04 141312 ----a-w- c:\windows\system32\mp4.dll
2008-03-29 15:42:04 108032 ----a-w- c:\windows\system32\avi.dll
2008-03-29 15:42:02 335872 ----a-w- c:\windows\system32\gdsmux.exe
2008-03-29 15:42:02 120832 ----a-w- c:\windows\system32\ogm.dll
2008-03-29 15:42:00 163840 ----a-w- c:\windows\system32\ts.dll
2008-03-29 15:42:00 103424 ----a-w- c:\windows\system32\dsmux.exe
2008-03-29 15:41:54 97280 ----a-w- c:\windows\system32\avs.dll
2008-03-29 15:41:54 135168 ----a-w- c:\windows\system32\mkv2vfr.exe
2008-03-29 15:41:52 79360 ----a-w- c:\windows\system32\mkzlib.dll
2008-03-29 15:41:52 23552 ----a-w- c:\windows\system32\mkunicode.dll
2008-03-09 09:31:40 245760 ----a-w- c:\windows\system32\DCBassSource.ax
2008-02-09 05:09:13 7062 ----a-w- c:\windows\system32\audiopid.vxd
2008-02-03 04:22:34 193880 ---ha-r- c:\windows\system32\cpnprt2.cid
2008-02-03 04:21:17 -------- d-----w- c:\windows\Cache
2008-02-03 04:21:15 -------- d-----w- c:\program files\Coupons
2008-02-03 03:18:56 53248 -c----w- c:\windows\Ctregrun.exe
2008-02-03 03:18:26 417792 ----a-w- c:\windows\system32\awrdscdc.ax
2008-02-03 03:18:10 -------- d-----w- c:\program files\Audible
2008-02-03 03:13:39 -------- d--h--w- c:\program files\Creative Installation Information
2008-01-25 01:32:31 286720 -c--a-w- c:\windows\Film Factory.scr
2008-01-25 01:28:14 299520 -c--a-w- c:\windows\uninst.exe
2008-01-25 01:27:51 -------- d-----w- c:\documents and settings\ramon somoano\WINDOWS
2008-01-25 01:14:37 60 ----a-w- c:\windows\system32\E_S65.tmp
2008-01-25 00:46:58 53248 -c--a-w- c:\windows\runepson.exe
2008-01-16 01:50:05 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\SupportSoft
2008-01-16 01:47:37 -------- d-----w- c:\program files\Dell Support Center
2008-01-16 01:47:34 -------- d-----w- c:\program files\common files\supportsoft
2008-01-12 01:44:39 -------- d-----w- c:\program files\Video Add-on
2007-11-30 20:32:26 30527 ---h--w- c:\windows\system32\tlbar2304.deu
2007-11-28 00:01:51 -------- dcsh--w- c:\program files\common files\WindowsLiveInstaller
2007-11-25 02:53:44 129784 ------w- c:\windows\system32\pxafs.dll
2007-11-25 02:48:11 -------- d-----w- c:\program files\DivX
2007-11-22 04:44:51 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\VideoThangTM
2007-11-21 20:01:49 -------- d-----w- c:\program files\ffdshow
2007-11-21 20:01:37 -------- d-----w- c:\program files\AviSynth 2.5
2007-09-26 19:43:21 -------- d-----w- c:\windows\system32\Halloween dir
2007-09-21 12:44:20 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Apple
2007-09-12 08:19:02 75104 -c--a-w- c:\windows\CouponPrinter.ocx
2007-09-03 14:35:28 966656 ----a-w- c:\windows\system32\VSFilter.dll
2007-08-20 10:04:34 59904 ----a-w- c:\windows\system32\dllcache\icardie.dll
2007-08-18 10:55:04 577536 ----a-w- c:\windows\system32\ac3filter.ax
2007-08-18 10:54:30 380928 ----a-w- c:\windows\system32\ac3filter.acm
2007-08-13 23:42:54 18944 ----a-w- c:\windows\system32\dllcache\corpol.dll
2007-07-05 04:33:22 892928 ----a-w- c:\windows\system32\iconv.dll
2007-06-28 18:54:10 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2007-06-19 16:45:30 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2007-06-18 16:12:31 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2007-06-18 16:12:31 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2007-06-18 16:12:30 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2007-06-18 16:12:30 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2007-06-12 15:00:45 -------- d-----w- c:\program files\WMV Direct Maker
2007-06-11 16:56:13 -------- d-----w- c:\program files\AVI Codec Pack
2007-06-11 16:55:33 -------- d-----w- c:\windows\system32\quicktime
2007-06-07 22:10:50 20480 ----a-w- c:\windows\system32\ac3config.exe
2007-05-31 15:28:36 -------- d-----w- c:\program files\VideoLAN
2007-05-17 23:23:27 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2007-05-08 22:35:22 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2007-05-08 20:22:54 1991680 ------w- c:\windows\system32\dllcache\iertutil.dll
2007-05-08 20:22:52 3698584 ----a-w- c:\windows\system32\dllcache\ieapfltr.dat
2007-05-08 20:22:50 445952 ----a-w- c:\windows\system32\dllcache\ieapfltr.dll
2007-05-08 20:22:50 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2007-05-08 20:22:49 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
2007-05-08 20:22:48 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2007-05-08 20:22:45 11081728 ------w- c:\windows\system32\dllcache\ieframe.dll
2007-05-03 14:20:27 -------- d-----w- c:\program files\Windows Media Connect 2
2007-05-03 14:15:33 -------- d-----w- c:\windows\system32\LogFiles
2007-04-09 22:41:56 -------- d-----w- c:\program files\DellSupport
2007-04-05 03:08:06 -------- d-----w- c:\program files\common files\Viewpoint
2007-03-11 02:23:34 -------- d-----w- C:\ProgramData
2007-03-11 02:18:05 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Downloaded Installations
2007-03-11 01:55:13 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2007-03-05 23:25:16 -------- d-----w- c:\windows\system32\Sony PSP USB Device
2007-02-28 07:41:16 111504 ----a-w- c:\program files\common files\microsoft shared\dw\1061\DWINTL20.DLL
2007-02-28 07:40:46 114024 ----a-w- c:\program files\common files\microsoft shared\dw\1026\DWINTL20.DLL
2007-02-28 07:38:44 113040 ----a-w- c:\program files\common files\microsoft shared\dw\1051\DWINTL20.DLL
2007-02-28 07:37:52 111440 ----a-w- c:\program files\common files\microsoft shared\dw\1058\DWINTL20.DLL
2007-02-28 07:37:46 112552 ----a-w- c:\program files\common files\microsoft shared\dw\1063\DWINTL20.DLL
2007-02-28 07:37:20 112016 ----a-w- c:\program files\common files\microsoft shared\dw\1055\DWINTL20.DLL
2007-02-28 07:28:56 114600 ----a-w- c:\program files\common files\microsoft shared\dw\1027\DWINTL20.DLL
2007-02-28 07:25:50 113072 ----a-w- c:\program files\common files\microsoft shared\dw\1062\DWINTL20.DLL
2007-02-28 07:25:46 113048 ----a-w- c:\program files\common files\microsoft shared\dw\1050\DWINTL20.DLL
2007-02-28 07:23:46 113048 ----a-w- c:\program files\common files\microsoft shared\dw\1048\DWINTL20.DLL
2007-02-28 07:22:46 112536 ----a-w- c:\program files\common files\microsoft shared\dw\1060\DWINTL20.DLL
2007-02-25 16:10:48 5376 --s-a-w- c:\windows\system32\drivers\dsunidrv.sys
2007-02-16 05:49:32 115576 ----a-w- c:\program files\common files\microsoft shared\dw\1032\DWINTL20.DLL
2007-02-16 05:38:22 111984 ----a-w- c:\program files\common files\microsoft shared\dw\1038\DWINTL20.DLL
2007-02-06 03:39:22 -------- d-----w- C:\drvrtmp
2007-02-01 23:19:46 92728 ----a-w- c:\windows\system32\bass.dll
2007-02-01 23:19:46 8664 ----a-w- c:\windows\system32\bass_tta.dll
2007-02-01 23:19:46 33240 ----a-w- c:\windows\system32\bass_ape.dll
2007-02-01 23:19:46 28088 ----a-w- c:\windows\system32\bass_wv.dll
2007-02-01 23:19:46 23616 ----a-w- c:\windows\system32\bass_flac.dll
2007-02-01 23:19:46 18888 ----a-w- c:\windows\system32\bass_mpc.dll
2007-02-01 23:19:46 150520 ----a-w- c:\windows\system32\bass_aac.dll
2007-02-01 23:19:46 12784 ----a-w- c:\windows\system32\bass_alac.dll
2007-01-24 18:46:18 113056 ----a-w- c:\program files\common files\microsoft shared\dw\2070\DWINTL20.DLL
2007-01-21 03:28:28 -------- d-----w- c:\documents and settings\all users\application data\Trymedia
2007-01-21 03:26:19 -------- d-----w- C:\Downloads
2007-01-09 16:01:44 112528 ----a-w- c:\program files\common files\microsoft shared\dw\1029\DWINTL20.DLL
2007-01-03 02:59:50 109832 ----a-w- c:\program files\common files\microsoft shared\dw\1049\DWINTL20.DLL
2006-12-18 08:18:30 77824 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2006-12-09 04:11:00 109376 ----a-w- c:\program files\common files\microsoft shared\dw\1044\DWINTL20.DLL
2006-12-02 14:21:50 108872 ----a-w- c:\program files\common files\microsoft shared\dw\1030\DWINTL20.DLL
2006-12-02 14:18:26 108880 ----a-w- c:\program files\common files\microsoft shared\dw\1035\DWINTL20.DLL
2006-11-24 14:13:58 110928 ----a-w- c:\program files\common files\microsoft shared\dw\1045\DWINTL20.DLL
2006-11-24 14:13:00 110920 ----a-w- c:\program files\common files\microsoft shared\dw\1043\DWINTL20.DLL
2006-11-24 13:51:04 111440 ----a-w- c:\program files\common files\microsoft shared\dw\1040\DWINTL20.DLL
2006-11-24 13:50:30 108816 ----a-w- c:\program files\common files\microsoft shared\dw\1054\DWINTL20.DLL
2006-11-24 13:49:50 110416 ----a-w- c:\program files\common files\microsoft shared\dw\1046\DWINTL20.DLL
2006-11-24 13:48:20 109376 ----a-w- c:\program files\common files\microsoft shared\dw\1053\DWINTL20.DLL
2006-11-19 06:38:05 -------- d-----w- c:\program files\MSXML 4.0
2006-11-13 23:29:30 109840 ----a-w- c:\program files\common files\microsoft shared\dw\1081\DWINTL20.DLL
2006-11-12 03:28:42 -------- d-----w- c:\windows\network diagnostic
2006-11-02 12:22:54 492000 ------w- c:\windows\system32\drivers\wdf01000.sys
2006-11-02 12:22:52 32224 ------w- c:\windows\system32\drivers\wdfldr.sys
2006-10-27 20:09:58 33792 ----a-w- c:\program files\internet explorer\custsat.dll
2006-10-27 20:09:58 247808 ------w- c:\program files\internet explorer\ieproxy.dll
2006-10-27 20:09:58 236544 ----a-w- c:\windows\system32\dllcache\webcheck.dll
2006-10-27 20:09:58 156160 ----a-w- c:\windows\system32\dllcache\msls31.dll
2006-10-27 19:10:08 44304 ----a-w- c:\program files\common files\microsoft shared\office12\MSOXEV.DLL
2006-10-27 14:57:04 110936 ----a-w- c:\program files\common files\microsoft shared\dw\3082\DWINTL20.DLL
2006-10-27 12:46:36 112464 ----a-w- c:\program files\common files\microsoft shared\dw\1031\DWINTL20.DLL
2006-10-27 12:06:36 108824 ----a-w- c:\program files\common files\microsoft shared\dw\1037\DWINTL20.DLL
2006-10-27 12:04:04 108824 ----a-w- c:\program files\common files\microsoft shared\dw\1025\DWINTL20.DLL
2006-10-27 12:01:08 108816 ----a-w- c:\program files\common files\microsoft shared\dw\2052\DWINTL20.DLL
2006-10-27 10:59:44 111960 ----a-w- c:\program files\common files\microsoft shared\dw\1036\DWINTL20.DLL
2006-10-27 10:59:34 108816 ----a-w- c:\program files\common files\microsoft shared\dw\3076\DWINTL20.DLL
2006-10-27 10:55:12 108816 ----a-w- c:\program files\common files\microsoft shared\dw\1041\DWINTL20.DLL
2006-10-27 10:54:38 108816 ----a-w- c:\program files\common files\microsoft shared\dw\1028\DWINTL20.DLL
2006-10-27 10:52:08 108824 ----a-w- c:\program files\common files\microsoft shared\dw\1042\DWINTL20.DLL
2006-10-27 07:44:46 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2006-10-27 07:44:42 229376 ----a-w- c:\windows\system32\dllcache\ieaksie.dll
2006-10-27 07:44:36 125952 ----a-w- c:\windows\system32\dllcache\ieakeng.dll
2006-10-27 07:44:26 72704 ----a-w- c:\windows\system32\dllcache\admparse.dll
2006-10-27 07:44:26 71680 ----a-w- c:\windows\system32\dllcache\iesetup.dll
2006-10-27 07:44:08 55808 ----a-w- c:\windows\system32\dllcache\iernonce.dll
2006-10-27 07:44:06 128512 ----a-w- c:\windows\system32\dllcache\advpack.dll
2006-10-27 07:44:04 173568 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2006-10-27 07:43:38 10240 ----a-w- c:\windows\system32\advpack.dll.mui
2006-10-27 07:42:54 163840 ----a-w- c:\windows\system32\dllcache\ieakui.dll
2006-10-27 01:41:50 59152 ----a-w- c:\program files\common files\microsoft shared\office12\MSOXMLED.EXE
2006-10-27 00:13:46 826232 ----a-w- c:\program files\common files\microsoft shared\office12\ACEWDAT.DLL
2006-10-27 00:13:44 764800 ----a-w- c:\program files\common files\microsoft shared\office12\ACECNF.DLL
2006-10-27 00:13:24 56192 ----a-w- c:\program files\common files\microsoft shared\office12\ACECNFLT.EXE
2006-10-27 00:13:20 52024 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACEODBCI.DLL
2006-10-27 00:13:16 49536 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACECNFRC.DLL
2006-10-27 00:13:14 35640 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACERECR.DLL
2006-10-27 00:12:48 153424 ----a-w- c:\program files\common files\microsoft shared\translat\MSB1CORE.DLL
2006-10-27 00:12:40 87352 ----a-w- c:\program files\common files\microsoft shared\msinfo\OINFOP12.EXE
2006-10-27 00:12:28 56656 ----a-w- c:\program files\common files\microsoft shared\translat\MSB1XTOR.DLL
2006-10-27 00:12:26 40256 ----a-w- c:\program files\common files\microsoft shared\web folders\MSOSV.DLL
2006-10-27 00:12:16 18744 ----a-w- c:\program files\common files\microsoft shared\msinfo\OINFOS12.DLL
2006-10-27 00:12:16 16192 ----a-w- c:\program files\mozilla firefox\plugins\NPOFF12.DLL
2006-10-27 00:12:06 11072 ----a-w- c:\program files\common files\microsoft shared\web folders\1033\MSOSVINT.DLL
2006-10-26 23:49:44 75552 ----a-w- c:\program files\common files\microsoft shared\web folders\1033\NSEXTINT.DLL
2006-10-26 23:49:44 163104 ----a-w- c:\program files\common files\system\ole db\MSDAPML.DLL
2006-10-26 23:49:36 30512 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ODINTL.DLL
2006-10-26 23:47:10 20304 ----a-w- c:\program files\common files\microsoft shared\office12\MUOPTIN.DLL
2006-10-26 23:21:52 256312 ----a-w- c:\program files\common files\microsoft shared\smart tag\MOFL.DLL
2006-10-26 23:21:52 149816 ----a-w- c:\program files\common files\microsoft shared\smart tag\FPERSON.DLL
2006-10-26 23:21:50 131896 ----a-w- c:\program files\common files\microsoft shared\smart tag\FPLACE.DLL
2006-10-26 23:21:48 82232 ----a-w- c:\program files\common files\microsoft shared\smart tag\FBIBLIO.DLL
2006-10-26 23:21:48 73016 ----a-w- c:\program files\common files\microsoft shared\smart tag\FNAME.DLL
2006-10-26 23:21:48 115512 ----a-w- c:\program files\common files\microsoft shared\smart tag\FSTOCK.DLL
2006-10-26 23:21:44 72504 ----a-w- c:\program files\common files\microsoft shared\smart tag\FDATE.DLL
2006-10-26 23:21:44 19256 ----a-w- c:\program files\common files\microsoft shared\smart tag\1033\STINTL.DLL
2006-10-26 22:48:10 108872 ----a-w- c:\program files\common files\microsoft shared\dw\1033\DWINTL20.DLL
2006-10-26 18:10:06 33088 ----a-w- c:\windows\system32\FM20ENU.DLL
2006-10-26 18:06:22 93968 ----a-w- c:\program files\common files\microsoft shared\office12\MSOICONS.EXE
2006-10-26 18:03:08 145184 ----a-w- c:\program files\common files\microsoft shared\source engine\OSE.EXE
2006-10-26 17:58:12 14656 ----a-w- c:\program files\common files\microsoft shared\textconv\WPEQU532.DLL
2006-10-26 17:56:38 123720 ----a-w- c:\program files\common files\microsoft shared\office12\WISC30.DLL
2006-10-26 17:56:34 41288 ----a-w- c:\program files\common files\microsoft shared\office12\1033\MSSOAPR3.DLL
2006-10-26 17:45:04 48128 ----a-w- c:\program files\common files\microsoft shared\ink\TPCPS.DLL
2006-10-26 17:45:04 293376 ----a-w- c:\windows\system32\WISPTIS.EXE
2006-10-26 17:45:04 207360 ----a-w- c:\windows\system32\INKED.DLL
2006-10-26 17:45:04 1343488 ----a-w- c:\program files\common files\microsoft shared\ink\INKOBJ.DLL
2006-10-26 17:45:02 873216 ----a-w- c:\program files\common files\microsoft shared\help\hxds.dll
2006-10-26 17:45:02 272896 ----a-w- c:\program files\common files\microsoft shared\ink\INKDIV.DLL
2006-10-26 17:45:02 268552 ----a-w- c:\program files\common files\microsoft shared\help\msitss55.dll
2006-10-26 17:45:02 1659656 ----a-w- c:\program files\common files\microsoft shared\help\ITIRCL55.DLL
2006-10-26 17:45:00 4608 ----a-w- c:\program files\common files\microsoft shared\msenv\publicassemblies\extensibility.dll
2006-10-26 17:41:56 91912 ----a-w- c:\program files\common files\microsoft shared\office11\1033\msxml5r.dll
2006-10-23 20:47:06 25840 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2006-10-23 20:47:05 24816 ----a-w- c:\windows\system32\mdimon.dll
2006-10-19 00:05:26 204288 ------w- c:\program files\windows media player\wmpnscfg.exe
2006-10-19 00:05:24 913408 ------w- c:\program files\windows media player\wmpnetwk.exe
2006-10-19 00:04:40 493568 ------w- c:\program files\windows media player\wmdbexport.exe
2006-10-19 00:04:30 36864 ------w- c:\program files\windows media player\wmpshare.exe
2006-10-19 00:00:46 249856 ------w- c:\windows\system32\drmupgds.exe
2006-10-19 00:00:14 17408 ------w- c:\windows\system32\wpdshextautoplay.exe
2006-10-17 18:05:22 105984 ----a-w- c:\windows\system32\dllcache\url.dll
2006-10-17 18:05:10 43520 ------w- c:\windows\system32\dllcache\licmgr10.dll
2006-10-17 18:04:46 206848 ------w- c:\windows\system32\dllcache\occache.dll
2006-10-17 18:04:40 638816 ----a-w- c:\windows\system32\dllcache\iexplore.exe
2006-10-17 18:02:20 1241088 ----a-w- c:\windows\system32\ieframe.dll.mui
2006-10-17 17:57:58 34816 ----a-w- c:\windows\system32\dllcache\imgutil.dll
2006-10-17 17:56:10 45568 ----a-w- c:\windows\system32\dllcache\mshta.exe
2006-10-17 17:44:36 68608 ----a-w- c:\windows\system32\dllcache\hmmapi.dll
2006-10-17 17:28:56 48128 ----a-w- c:\windows\system32\dllcache\mshtmler.dll
2006-10-14 08:13:25 974848 ------w- c:\windows\system32\dllcache\mfc42u.dll
2006-10-05 15:17:18 633664 ----a-w- c:\program files\common files\microsoft shared\proof\MSTH3FR.DLL
2006-10-02 19:28:42 312128 ------w- c:\windows\system32\msdelta.dll
2006-09-29 00:13:26 95344 ------w- c:\windows\system32\WUDFCoinstaller.dll
2006-09-28 23:00:34 82944 ------w- c:\windows\system32\drivers\WudfRd.sys
2006-09-28 22:56:38 316416 ------w- c:\windows\system32\WUDFx.dll
2006-09-28 22:56:38 146432 ------w- c:\windows\system32\WudfHost.exe
2006-09-28 22:56:16 165376 ------w- c:\windows\system32\WudfPlatform.dll
2006-09-28 22:56:14 55808 ------w- c:\windows\system32\WudfSvc.dll
2006-09-28 22:55:50 77568 ------w- c:\windows\system32\drivers\WudfPf.sys
2006-09-24 17:11:00 389120 ----a-w- c:\windows\system32\lameACM.acm
2006-09-23 18:12:50 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll
2006-09-23 18:12:50 1497088 ------w- c:\windows\system32\dllcache\shdocvw.dll
2006-09-23 18:12:50 1022976 ------w- c:\windows\system32\dllcache\browseui.dll
2006-09-18 14:15:52 758784 ----a-w- c:\windows\system32\dllcache\vgx.dll
2006-09-13 08:27:46 101888 ----a-w- c:\program files\common files\microsoft shared\dw\2068\DWINTL20.DLL
2006-09-12 20:36:12 21256 ----a-w- c:\program files\common files\microsoft shared\help\1031\hxdsui.dll
2006-09-12 20:36:12 20744 ----a-w- c:\program files\common files\microsoft shared\help\3082\hxdsui.dll
2006-09-12 20:36:12 19720 ----a-w- c:\program files\common files\microsoft shared\help\1049\hxdsui.dll
2006-09-12 20:36:12 18696 ----a-w- c:\program files\common files\microsoft shared\help\1028\hxdsui.dll
2006-09-12 20:36:10 19720 ----a-w- c:\program files\common files\microsoft shared\help\1046\hxdsui.dll
2006-09-12 20:36:08 18696 ----a-w- c:\program files\common files\microsoft shared\help\1042\hxdsui.dll
2006-09-12 20:36:08 18696 ----a-w- c:\program files\common files\microsoft shared\help\1041\hxdsui.dll
2006-09-12 20:36:06 20744 ----a-w- c:\program files\common files\microsoft shared\help\1040\hxdsui.dll
2006-09-12 20:36:06 20744 ----a-w- c:\program files\common files\microsoft shared\help\1036\hxdsui.dll
2006-09-12 20:36:04 18696 ----a-w- c:\program files\common files\microsoft shared\help\2052\hxdsui.dll
2006-09-12 20:36:04 18696 ----a-w- c:\program files\common files\microsoft shared\help\1033\hxdsui.dll
2006-08-24 20:15:06 150808 ----a-w- c:\windows\system32\rgb9rast_2.dll
2006-08-22 09:05:26 498742 ------w- c:\windows\system32\dllcache\dxmasf.dll
2006-08-22 03:09:33 -------- d-sh--w- c:\windows\ftpcache
2006-08-21 18:08:18 551232 ----a-w- c:\program files\common files\microsoft shared\proof\MSSP3FR.DLL
2006-08-21 14:52:08 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2006-08-01 17:50:00 1100560 ----a-w- c:\program files\common files\microsoft shared\proof\3082\MSGR3ES.DLL
2006-08-01 17:49:52 408336 ----a-w- c:\program files\common files\microsoft shared\proof\MSHY3FR.DLL
2006-08-01 17:49:48 68440 ----a-w- c:\program files\common files\microsoft shared\proof\MSHYPH2.DLL
2006-07-28 13:10:08 6144 ----a-w- c:\windows\system32\mot_ci.dll
2006-07-26 20:27:18 576320 ----a-w- c:\program files\common files\microsoft shared\proof\MSLID.DLL
2006-07-25 17:20:22 6317328 ----a-w- c:\program files\common files\microsoft shared\proof\1036\MSGR3FR.DLL
2006-07-24 14:50:40 47920 ----a-w- c:\windows\system32\VBAME.DLL
2006-07-24 14:50:40 39728 ----a-w- c:\windows\system32\SCP32.DLL
2006-07-13 17:33:08 3152704 ----a-w- c:\program files\common files\microsoft shared\proof\1033\MSGR3EN.DLL
2006-06-29 13:05:44 26112 ----a-w- c:\windows\system32\idndl.dll
2006-06-29 13:05:44 23552 ----a-w- c:\windows\system32\normaliz.dll
2006-06-28 22:59:26 24576 ----a-w- c:\windows\system32\nlsdl.dll
2006-06-27 23:00:26 410928 ------w- c:\program files\windows media player\LegitLibM.dll
2006-05-31 15:03:26 -------- d-----w- c:\windows\system32\Spider-Man 3 Screensaver dir
2006-05-19 15:08:32 5964800 ------w- c:\windows\system32\dllcache\mshtml.dll
2006-05-18 03:05:48 1409 ----a-w- c:\windows\system32\tmp731F1.FOT
2006-05-18 03:05:48 1409 ----a-w- c:\windows\system32\tmp591F1.FOT
2006-05-18 03:05:48 1409 ----a-w- c:\windows\system32\tmp052F1.FOT
2006-05-10 05:23:03 916480 ------w- c:\windows\system32\dllcache\wininet.dll
2006-05-10 05:23:02 1211904 ------w- c:\windows\system32\dllcache\urlmon.dll
2006-05-10 05:23:01 66560 ------w- c:\windows\system32\dllcache\mshtmled.dll
2006-05-10 05:23:01 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2006-05-10 05:23:01 46592 ----a-w- c:\windows\system32\dllcache\pngfilt.dll
2006-05-10 05:23:01 193536 ----a-w- c:\windows\system32\dllcache\msrating.dll
2006-05-10 05:22:59 94720 ----a-w- c:\windows\system32\dllcache\inseng.dll
2006-05-10 05:22:59 348160 ----a-w- c:\windows\system32\dllcache\dxtmsft.dll
2006-05-10 05:22:59 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2006-05-10 05:22:59 216064 ----a-w- c:\windows\system32\dllcache\dxtrans.dll
2006-05-10 05:22:59 184320 ------w- c:\windows\system32\dllcache\iepeers.dll
2006-05-10 05:22:59 133120 ----a-w- c:\windows\system32\dllcache\extmgr.dll
2006-05-10 02:16:52 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Google
2006-05-09 22:14:42 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iuser.dll
2006-05-09 22:14:41 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iKernel.dll
2006-05-09 22:14:41 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\ctor.dll
2006-05-09 22:14:41 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\DotNetInstaller.exe
2006-05-09 22:14:41 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\setup.dll
2006-05-09 22:14:41 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iscript.dll
2006-05-09 22:14:41 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iGdi.dll
2006-05-09 11:00:37 69120 ----a-w- c:\windows\system32\dllcache\iedw.exe
2006-05-03 05:06:56 389120 ----a-w- c:\windows\system32\FLVSplitter.ax
2006-04-24 13:35:00 854152 ----a-w- c:\program files\common files\microsoft shared\proof\MSTH3ES.DLL
2006-04-24 12:58:00 919696 ----a-w- c:\program files\common files\microsoft shared\proof\MSHY3ES.DLL
2006-04-17 13:37:06 1089536 ----a-w- c:\windows\system32\IVIVIDEO.ax
2006-04-10 17:00:30 236928 ------w- c:\windows\system32\dllcache\WgaLogon.dll
2006-04-10 17:00:28 336768 ------w- c:\windows\system32\dllcache\WgaTray.exe
2006-03-17 00:38:01 28672 ------w- c:\windows\system32\verclsid.exe
2006-02-28 21:45:40 -------- d-----w- c:\program files\Power Tab Software
2006-02-15 21:22:12 102912 ----a-w- c:\program files\common files\microsoft shared\dw\2074\DWINTL20.DLL
2006-02-14 21:12:54 601600 ----a-w- c:\windows\system32\Ivinav.ax
2006-02-12 19:41:22 -------- d-----w- c:\windows\system32\wbem\repository\FS
2006-02-12 19:41:22 -------- d-----w- c:\windows\system32\wbem\Repository
2006-02-10 13:42:25 -------- d-----w- c:\program files\Guitar Pro 5(2)
2006-01-17 00:57:08 -------- d-----w- c:\program files\THQ
2006-01-12 23:23:26 364032 ----a-w- c:\windows\system32\CoreAVCDecoder.ax
2006-01-02 04:45:37 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2006-01-02 04:45:37 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2006-01-02 04:45:35 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2006-01-02 04:44:18 10144 ----a-w- c:\windows\system32\drivers\WmBEnum.sys
2006-01-02 04:44:17 5728 ----a-w- c:\windows\system32\drivers\WmVirHid.sys
2006-01-02 04:44:17 44288 ----a-w- c:\windows\system32\drivers\WmXlCore.sys
2006-01-02 04:44:17 21216 ----a-w- c:\windows\system32\drivers\WmFilter.sys
2006-01-02 04:44:17 -------- d-----w- c:\program files\common files\Logitech
2006-01-02 04:43:33 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2006-01-02 04:43:33 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2006-01-02 04:43:33 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2006-01-02 04:43:33 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2006-01-02 04:43:33 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2006-01-02 04:43:26 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2006-01-02 04:43:26 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2005-12-27 22:58:32 12288 ----a-w- c:\windows\system32\impborl.dll
2005-12-26 06:30:41 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Wildtangent
2005-12-26 06:30:35 -------- d-----w- c:\windows\wt
2005-12-26 06:29:50 -------- d-----w- c:\program files\WildTangent
2005-12-26 04:31:12 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\PowerDVD
2005-12-22 21:14:59 -------- d--h--w- c:\windows\PIF
2005-12-17 17:52:56 -------- d-----w- c:\program files\common files\AVSMedia
2005-11-25 20:46:32 421888 ----a-w- c:\windows\system32\RealMediaSplitter.ax
2005-11-25 20:39:40 368640 ----a-w- c:\windows\system32\OggSplitter.ax
2005-11-25 20:19:46 262144 ----a-w- c:\windows\system32\dtsac3source.ax
2005-11-20 02:26:18 29696 ----a-w- c:\windows\mickey32.dll
2005-11-20 02:26:18 232784 ----a-w- c:\windows\Matrix Code.scr
2005-11-20 02:26:18 2285222 ----a-w- c:\windows\Matrix Code.exe
2005-11-20 02:26:17 -------- d-----w- c:\program files\AOD
2005-11-20 02:25:26 -------- d-----w- c:\program files\Screensavers.com
2005-11-12 16:27:19 626688 ----a-w- c:\windows\RatchetDeadlocked.scr
2005-11-12 16:27:14 -------- d-----w- c:\windows\RatchetDeadlocked dir
2005-11-12 16:25:34 626688 ----a-w- c:\windows\RatchetDeadlocked2.scr
2005-11-12 16:24:54 12288 -c--a-w- c:\windows\impborl.dll
2005-11-12 16:24:54 -------- d-----w- c:\windows\RatchetDeadlocked2 dir
2005-11-06 18:51:10 -------- d-----w- c:\documents and settings\all users\Incomplete
2005-10-31 15:56:00 700416 -c--a-w- C:\StubInstaller.exe
2005-10-08 05:36:41 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Apple Computer
2005-10-06 21:19:10 -------- d-----w- c:\program files\AVSMedia
2005-09-05 16:41:51 5525504 ----a-w- c:\windows\system32\setb1.tmp
2005-08-27 18:30:19 -------- d-----w- c:\documents and settings\ramon somoano\Incomplete
2005-08-26 21:19:08 -------- d-----w- C:\My Downloads
2005-08-14 01:10:34 274288 ----a-w- c:\windows\system32\mucltui.dll
2005-08-14 00:43:15 90112 ------w- c:\windows\Updreg.EXE
2005-08-14 00:43:15 84992 ------w- c:\windows\system32\SFCVRT32.DLL
2005-08-14 00:43:15 53552 -c----w- c:\windows\CTCCW.DLL
2005-08-14 00:43:15 24976 -c----w- c:\windows\CTRES.DLL
2005-08-14 00:43:13 82432 ------w- c:\windows\system32\CTWFLT32.DLL
2005-08-14 00:43:13 26768 ------w- c:\windows\system32\CTL3D.DLL
2005-08-14 00:43:11 -------- d-----w- c:\windows\system32\Defaults
2005-08-14 00:42:03 20480 -c--a-w- c:\windows\INRES.DLL
2005-08-14 00:37:28 139264 ----a-w- c:\windows\system32\Video.skn
2005-08-13 04:58:02 149504 -c--a-w- c:\windows\UNWISE.EXE
2005-08-13 04:50:16 446464 ----a-r- c:\windows\system32\hhactivex.dll
2005-08-13 04:50:16 414944 ----a-w- c:\windows\system32\COMCT332.OCX
2005-08-13 04:50:16 328480 ----a-w- c:\windows\system32\ssa3d30.ocx
2005-08-13 04:50:16 176128 ----a-w- c:\windows\system32\RcdScan.dll
2005-08-13 04:50:14 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2005-08-13 04:50:02 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2005-08-12 08:04:04 175104 --sh--r- c:\windows\system32\CoreAAC.ax
2005-08-12 01:18:39 33792 ----a-w- c:\windows\system32\OLDE2.tmp
2005-08-11 00:56:12 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Dell
2005-08-09 00:57:46 -------- d-----w- c:\program files\mp3cd
2005-08-09 00:52:58 -------- d-----w- c:\program files\ImTOO
2005-08-09 00:37:39 34064 ----a-w- c:\windows\system32\lhacm.acm
2005-07-26 13:56:30 53248 ----a-w- c:\windows\system32\vp7dec_settings.cpl
2005-07-26 13:56:22 233472 ----a-w- c:\windows\system32\vp7dec.ax
2005-07-09 19:12:32 241664 ----a-w- c:\windows\system32\CoreVorbis.ax
2005-07-05 17:24:58 1160904 ----a-w- c:\program files\common files\microsoft shared\web server extensions\60\bin\FPSRVUTL.DLL
2005-07-02 05:05:26 -------- d-----w- c:\program files\NASCAR SimRacing Demo
2005-07-02 04:21:40 53248 -c--a-r- c:\windows\UpdtNv28.exe
2005-06-28 21:14:29 -------- d-----w- c:\windows\system32\PreInstall
2005-06-26 15:06:24 -------- d-----w- c:\windows\system32\SoftwareDistribution
2005-06-06 19:57:28 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Musicmatch
2005-05-29 01:45:43 647168 ----a-w- c:\windows\system32\pqdvdb.dll
2005-05-26 08:19:32 215920 ----a-w- c:\windows\system32\muweb.dll
2005-05-04 05:06:32 2120448 ----a-w- c:\program files\common files\system\ole db\MSOLAP80.DLL
2005-05-04 05:06:32 1411816 ----a-w- c:\program files\common files\system\ole db\MSDMINE.DLL
2005-05-04 05:06:30 1071856 ----a-w- c:\program files\common files\system\ole db\MSMDGD80.DLL
2005-05-04 05:06:28 465640 ----a-w- c:\program files\common files\system\ole db\MSDMENG.DLL
2005-05-04 05:06:26 240360 ----a-w- c:\program files\common files\system\ole db\MSMDCB80.DLL
2005-05-04 05:06:26 228152 ----a-w- c:\program files\common files\system\ole db\MSOLUI80.DLL
2005-05-04 05:06:26 199408 ----a-w- c:\program files\common files\system\ole db\MSMDUN80.DLL
2005-04-29 14:01:02 -------- d-----w- c:\program files\Yahoo!
2005-04-19 17:01:02 -------- d-----w- c:\program files\Disney Interactive
2005-04-04 04:50:00 548963 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\_ISRES1033.dll
2005-04-04 04:41:46 778240 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IDriver2.exe
2005-04-04 04:41:46 778240 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IDriver.exe
2005-04-04 04:41:10 69632 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IDriverT.exe
2005-04-04 03:04:10 421888 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\ISRT.dll
2005-04-04 03:02:12 200704 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\iGdiCnv.dll
2005-04-04 03:01:48 274432 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IScrCnv.dll
2005-04-04 03:01:08 184320 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IUserCnv.dll
2005-04-04 02:57:24 32768 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\objpscnv.dll
2005-03-25 21:49:06 800960 ----a-w- c:\program files\common files\microsoft shared\web server extensions\60\bin\FPWEC.DLL
2005-03-21 03:59:32 -------- d-----w- c:\program files\common files\EasyInfo
2005-03-13 04:39:17 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Creative
2005-03-02 12:36:14 90112 -c--a-w- c:\windows\unvise32.exe
2005-03-01 21:32:23 -------- d-----w- C:\Temp
2005-02-28 01:48:12 356352 ----a-w- c:\windows\system32\rmsupport.ax
2005-02-16 03:16:08 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Adobe
2005-02-11 02:04:02 44032 ----a-w- c:\program files\common files\microsoft shared\sfpca cache\msxml3r.dll
2005-02-03 22:17:27 -------- d-----w- c:\program files\Java(2)
2005-02-03 22:14:01 -------- d-----w- c:\program files\common files\Java(2)
2005-01-28 19:37:58 23304 ----a-w- c:\windows\system32\GWFSPidGen.DLL
2005-01-25 13:33:00 1049088 ----a-w- c:\program files\common files\microsoft shared\sfpca cache\msxml3.dll
2005-01-08 05:10:13 -------- d-----w- c:\program files\MsnMusic
2005-01-08 05:05:21 47616 ----a-w- c:\program files\windows media player\msoobci.dll
2005-01-08 05:05:20 1669120 ----a-w- c:\program files\windows media player\wmsetsdk.exe
2005-01-08 05:05:17 5550080 ----a-w- c:\windows\system32\setb0.tmp
2005-01-07 04:35:42 163840 ----a-w- c:\windows\system32\PhotoImpression Screen Saver.scr
2005-01-07 04:23:40 38160 ----a-w- c:\windows\system32\LMRTREND.dll
2005-01-07 04:23:40 140800 ----a-w- c:\windows\system32\tm20dec.ax
2005-01-07 04:23:39 182032 ----a-w- c:\windows\system32\dxtmsft3.dll
2005-01-07 04:23:36 63488 ----a-w- c:\windows\system32\unam4ie.exe
2005-01-07 04:23:34 5672 ----a-w- c:\windows\system32\quartz.vxd
2005-01-07 04:23:34 194320 ----a-w- c:\windows\system32\qcut.dll
2005-01-07 04:23:34 11776 ----a-w- c:\windows\system32\mciqtz.drv
2005-01-07 04:23:34 10240 ----a-w- c:\windows\system32\vidx16.dll
2005-01-07 04:23:32 4608 ----a-w- c:\windows\system32\w95inf32.dll
2005-01-07 04:23:32 2272 ----a-w- c:\windows\system32\w95inf16.dll
2005-01-07 04:21:44 212480 -c--a-w- c:\windows\pcdlib32.dll
2005-01-07 03:41:45 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2005-01-07 03:41:37 30921 ----a-w- c:\windows\system32\drivers\SQCaptur.sys
2005-01-07 03:41:37 25449 ----a-w- c:\windows\system32\drivers\SQCamD.sys
2004-12-25 16:43:39 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2004-12-25 16:43:39 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2004-12-25 16:43:39 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2004-12-25 16:43:39 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2004-12-25 16:43:39 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2004-12-25 16:43:39 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2004-12-25 16:43:33 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2004-12-25 16:43:33 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2004-12-25 16:27:56 -------- d-----w- c:\program files\MUSICMATCH
2004-12-25 16:27:08 34297 ------w- c:\windows\system32\drivers\StMp3Rec.sys
2004-12-12 13:41:29 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2004-12-12 13:41:29 8704 ----a-w- c:\windows\system32\dllcache\kbdjpn.dll
2004-12-12 13:41:29 8192 ----a-w- c:\windows\system32\kbdkor.dll
2004-12-12 13:41:29 8192 ----a-w- c:\windows\system32\dllcache\kbdkor.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\kbd106.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\kbd101c.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\kbd101b.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\dllcache\kbd101c.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\dllcache\kbd101b.dll
2004-12-12 13:41:29 5632 ----a-w- c:\windows\system32\kbd103.dll
2004-12-12 13:41:29 5632 ----a-w- c:\windows\system32\dllcache\kbd103.dll
2004-12-10 09:06:48 327680 ----a-w- c:\windows\system32\vp6dec.ax
2004-12-10 09:03:02 438272 ----a-w- c:\windows\system32\vp6vfw.dll
2004-12-08 23:35:53 10135688 ----a-w- c:\program files\windows media player\installer\mpsetupxp[1].exe
2004-10-17 03:42:03 -------- d-----w- c:\program files\EA SPORTS
2004-10-17 03:33:24 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2004-10-16 04:51:58 60 ----a-w- c:\windows\system32\E_S3E.tmp
2004-10-16 04:09:50 -------- d-----w- c:\program files\common files\EPSON
2004-10-14 04:15:52 -------- d--h--w- c:\windows\$hf_mig$
2004-10-14 00:20:49 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2004-10-14 00:20:47 -------- d-----w- c:\program files\Spybot - Search & Destroy
2004-10-04 17:55:34 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Powercinema
2004-10-04 03:34:06 45056 -c--a-w- c:\windows\NCUNINST.EXE
2004-10-04 02:49:33 -------- d-----w- c:\program files\common files\SWF Studio
2004-10-02 04:16:22 -------- d-sh--w- c:\documents and settings\ramon somoano\UserData
2004-10-02 00:05:06 720896 ----a-w- c:\windows\iun6002.exe
2004-10-02 00:05:02 -------- d-----w- c:\program files\YVD
2004-10-01 20:29:09 -------- d-----w- c:\documents and settings\all users\SonicStage
2004-10-01 20:24:17 90112 -c----w- c:\windows\snymsico.dll
2004-10-01 20:24:17 38951 ------w- c:\windows\system32\drivers\NETMDUSB.sys
2004-10-01 20:24:17 36232 ------w- c:\windows\system32\drivers\NETMD033.sys
2004-10-01 20:24:17 35319 ------w- c:\windows\system32\drivers\NETMD031.sys
2004-10-01 20:24:04 757760 ----a-w- c:\windows\system32\CDDBUI.dll
2004-10-01 20:24:04 630784 ----a-w- c:\windows\system32\CDDBControl.dll
2004-10-01 20:23:32 -------- d-----w- c:\documents and settings\all users\application data\Sony Corporation
2004-10-01 20:22:14 -------- d-----w- c:\program files\Sony
2004-10-01 20:21:45 -------- d-----w- c:\program files\common files\Sony Shared
2004-10-01 12:47:13 -------- d-----w- c:\documents and settings\ramon somoano\Shared
2004-10-01 12:46:57 -------- d-----w- c:\documents and settings\ramon somoano\.limewire
2004-10-01 12:46:51 -------- d-----w- c:\program files\LimeWire
2004-10-01 12:46:19 -------- d-----w- c:\windows\Downloaded Installations
2004-10-01 07:38:57 4096 ----a-w- c:\documents and settings\all users\application data\microsoft\usmt\iconlib.dll
2004-10-01 06:39:39 -------- d-----w- c:\program files\Support.com
2004-10-01 05:03:28 -------- d-----w- c:\program files\Adaptec
2004-10-01 05:03:27 57344 ----a-w- c:\windows\uneng.exe
2004-10-01 05:03:22 -------- d-----w- c:\program files\common files\Adaptec Shared
2004-10-01 04:09:00 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2004-10-01 04:04:36 221184 ----a-w- c:\windows\system32\wmpns.dll
2004-10-01 04:03:23 -------- d-----w- c:\windows\peernet
2004-10-01 04:03:22 -------- d-----w- c:\windows\provisioning
2004-10-01 04:00:44 -------- d-----w- c:\windows\ServicePackFiles
2004-10-01 03:56:54 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2004-10-01 03:54:18 -------- d-----w- c:\windows\EHome
2004-10-01 03:16:16 -------- d-----w- c:\windows\system32\bits
2004-10-01 03:13:46 8192 ------w- c:\windows\system32\bitsprx2.dll
2004-10-01 03:13:46 7168 ------w- c:\windows\system32\bitsprx3.dll
2004-10-01 03:13:46 438784 ----a-w- c:\windows\system32\xpob2res.dll
2004-10-01 03:13:46 354816 ----a-w- c:\windows\system32\winhttp.dll
2004-10-01 03:13:46 18944 ----a-w- c:\windows\system32\qmgrprxy.dll
2004-10-01 03:08:33 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Identities
2004-10-01 02:50:04 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\BVRP Software
2004-10-01 02:40:07 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Help
2004-10-01 02:31:06 6332 ----a-r- c:\windows\system32\DevMngr.vxd
2004-10-01 01:52:02 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2004-09-22 23:45:44 232448 ----a-w- c:\windows\system32\l3codecp.acm
2004-09-22 23:45:36 276992 ----a-w- c:\windows\system32\audiodev.dll
2004-09-16 06:19:15 -------- d-----w- c:\program files\common files\Borland Shared
2004-09-16 06:18:57 -------- d-----w- c:\windows\ShellNew
2004-09-16 06:18:46 -------- d-----w- c:\program files\WordPerfect Office 12
2004-09-16 06:18:46 -------- d-----w- c:\program files\common files\Corel
2004-09-16 06:18:34 -------- d-----w- c:\program files\Your Company Name
2004-09-16 06:16:40 -------- d-----w- c:\program files\common files\Symantec Shared
2004-09-16 06:16:28 -------- d-----w- c:\documents and settings\all users\application data\Symantec
2004-09-16 06:15:55 -------- d-----w- c:\program files\Jasc Software Inc
2004-09-16 06:15:55 -------- d-----w- c:\program files\Dell Computer
2004-09-16 06:13:50 -------- d-----w- c:\program files\Microsoft Money
2004-09-16 06:13:27 -------- d-----w- c:\program files\Microsoft Encarta
2004-09-16 06:13:07 -------- d-----w- c:\program files\AOL Companion
2004-09-16 06:13:06 -------- d-----w- c:\windows\occache
2004-09-16 06:13:06 -------- d-----w- c:\program files\Learn2.com
2004-09-16 06:13:05 -------- d-----w- c:\documents and settings\all users\application data\Viewpoint
2004-09-16 06:13:04 -------- d-----w- c:\program files\Viewpoint
2004-09-16 06:13:03 1331200 ----a-w- c:\windows\system32\shdocvw.bak
2004-09-16 06:11:33 -------- d-----w- c:\program files\Sonic
2004-09-16 06:09:18 46080 ----a-w- c:\windows\system32\CTSVCCDA.EXE
2004-09-16 06:07:57 118784 ----a-w- c:\windows\system32\IntelMPM.dll
2004-09-16 06:07:51 -------- d-----w- c:\program files\Modem Helper
2004-09-16 06:07:37 77824 ------w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2004-09-16 06:07:36 53248 ----a-w- c:\windows\system32\DellSys.dll
2004-09-16 06:07:33 17217 ----a-w- c:\windows\system32\drivers\omci.sys
2004-09-16 06:06:33 -------- d-----w- c:\windows\DellPCH
2004-09-16 06:06:02 -------- d-----w- c:\documents and settings\all users\application data\SBSI
2004-09-16 06:05:11 306688 ----a-w- c:\windows\IsUninst.exe
2004-09-16 06:04:29 -------- d-----w- c:\windows\system32\URTTemp
2004-09-16 06:04:16 -------- d-----w- c:\program files\Dell
2004-09-16 06:04:15 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2004-09-16 06:04:15 53248 ------w- c:\program files\common files\installshield\engine\6\intel 32\msihook.dll
2004-09-16 06:04:15 32768 -c----w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2004-09-16 06:04:15 225280 ------w- c:\program files\common files\installshield\iscript\iscript.dll
2004-09-16 06:04:15 176128 ------w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2004-09-16 06:04:15 126976 ------w- c:\program files\common files\installshield\engine\6\intel 32\knlwrap.exe
2004-09-16 06:04:14 114688 ------w- c:\program files\common files\installshield\engine\6\intel 32\scpthdlr.dll
2004-09-16 06:03:19 52736 ----a-w- c:\windows\system32\wzcsapi.dll
2004-09-16 06:03:19 483840 ----a-w- c:\windows\system32\wzcsvc.dll
2004-09-16 06:03:19 383488 ----a-w- c:\windows\system32\wzcdlg.dll
2004-09-16 06:03:19 1703936 ----a-w- c:\windows\system32\netshell.dll
.
==================== Find3M ====================
.
2011-07-15 00:23:43 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ------w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ------w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 13:18:03 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-16 13:22:48 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 13:25:52 229888 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 17:32:15 551936 ----a-w- c:\windows\system32\oleaut32.dll
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38:47 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:05 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-02 15:17:02 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-16 12:05:55 1288192 ----a-w- c:\windows\system32\ole32.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-18 17:45:17 293376 ----a-w- c:\windows\system32\winsrv.dll
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-15 16:17:24 143422 ----a-w- c:\windows\system32\l3codecx.ax
2010-06-14 14:31:20 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-04-16 15:36:56 406016 ----a-w- c:\windows\system32\usp10.dll
2010-03-30 16:24:40 317440 ------w- c:\windows\system32\mp4sdecd.dll
2010-03-30 04:52:26 262416 ----a-w- c:\windows\system32\mpg4ds32.ax
2010-03-05 14:37:40 65536 ----a-w- c:\windows\system32\asycfilt.dll
2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02:15 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 18:27:45 1291776 ----a-w- c:\windows\system32\quartz.dll
2010-01-29 14:43:39 307260 ----a-w- c:\windows\system32\l3codeca.acm
2010-01-13 14:01:25 86016 ----a-w- c:\windows\system32\cabview.dll
2009-12-24 06:59:40 177664 ----a-w- c:\windows\system32\wintrust.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-02 13:19:06 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-11-27 17:11:44 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07:35 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07:35 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07:34 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07:34 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:07:34 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 15:51:04 471552 ----a-w- c:\windows\apppatch\aclayers.dll
2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20:16 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-15 16:28:26 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-01 14:46:07 282654 ----a-w- c:\windows\system32\msaud32.acm
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-06 23:24:10 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 15:05:44 1372672 ------w- c:\windows\system32\msxml6.dll
2009-07-17 19:01:06 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22:18 1435648 ----a-w- c:\windows\system32\query.dll
2009-07-14 03:43:24 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-25 08:25:26 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25:26 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-24 11:18:41 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-12 12:31:39 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 06:14:49 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-05-07 15:32:35 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-20 17:17:26 45568 ----a-w- c:\windows\system32\dnsrslvr.dll
2009-04-02 03:02:22 604160 ----a-w- c:\windows\system32\wmspdmod.dll
2009-03-08 08:33:40 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 08:32:56 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 08:32:50 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 08:31:38 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 08:31:18 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 08:31:02 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 08:31:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-03-08 08:30:56 66560 ----a-w- c:\windows\system32\tdc.ocx
2009-03-08 08:22:38 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:22:18 284160 ----a-w- c:\windows\system32\pdh.dll
2009-02-27 04:56:38 177152 ----a-w- c:\windows\system32\msctfime.ime
.
============= FINISH: 1:11:28.79 ===============

Attached File  attach.txt   23.07KB   0 downloads

Edited by g0dsweed, 11 August 2011 - 08:46 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:57 AM

Posted 16 August 2011 - 07:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resouce! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/413988 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 g0dsweed

g0dsweed
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 17 August 2011 - 09:21 AM

Running Windows XP Home SP3 on a friends computer that started with the following problem:

When I first got the machine all files were on desktop but responded with a "what would you like to do with this file" message box. After running what appeared to be a successful rkill, MBAM failed at quick scan. Reboot, retry rkill and run Eset (I think that is the name). Found dozens of corrupted files, restart, and the "what would you like to do" problem is gone.

All internet browsers still redirect to spam and sites full of crap. Proxy settings have been checked, no apparent proxy settings. Run rkill and reinstall MBAM, again crashes after few seconds of quick scan. I retry all of this in safe mode, same result.

Try to run rkill and install various other AV and malware detectors. All either fail or slow to a crawl that would require days to run. I return to these forums for help. I have tried fixexe.reg, rkill (under every renaming convention), tried unhide, tried exeHelper. All result in MBAM failure.

I returned to this forum again and read "can't run Mbam" posting and tried everything there, NO CHANGE. Except for some reason I could not get the randomized EXE link to work, even after clearing cookies and cache. But I do not think that is going to solve the problem anyway. I have tried renaming the MBAM exe with no success.

I have downloaded ComboFix but figured I would come here first for suggestions.

Do not know if this is connected but last reboot came up with ATTRIB warning and to run chkdsk, PC will not boot to command prompt and using CMD and instructing to run chkdsk at reboot does not work, surprise surprise.

No apparent fake AV software has presented itself. Files on desktop are not disappearing. They do however usually turn to the generic window icon after installation, specifically MBAM installs.

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Run by ramon somoano at 14:49:18 on 2004-09-03
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.215 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\3308045974:1765397306.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k termsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Dell Support Center\gs_agent\dsc.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\wscript.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://start.facemoods.com/?a=fmtm&s={searchTerms}&f=4
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {0848225A-8181-42FC-8C68-F0A543B12967} - No File
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\program files\autocompletepro\AutocompletePro.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: myYearbook Toolbar BHO: {180e37b8-072d-48e4-800d-f353ee800672} - c:\program files\myyearbook toolbar\Toolbar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Ploose Engine: {4728c29f-7ff4-4fa1-9d34-199451b03bd3} - mscoree.dll
BHO: Surf Canyon Search Engine Assistant: {5ab7104a-b71f-49ad-9154-f7f8806ae848} - c:\program files\surf canyon\surfcanyon.dll
BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: myYearbook Toolbar: {b05caba4-89f3-410b-8471-6bc0edc8c91f} - c:\program files\myyearbook toolbar\Toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [tgcmd] "c:\program files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf
mRun: [CTSysVol] c:\program files\creative\sbaudigy2\surround mixer\CTSysVol.exe
mRun: [CTDVDDet] c:\program files\creative\sbaudigy2\dvdaudio\CTDVDDet.EXE
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
LSP: mswsock.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_Win32.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - hxxp://jcs.chat.dcn.yahoo.com/v45/yacscom.cab
DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - hxxp://musicstore.connect.com/XSL/mb_us//html/activexplayer/SMALStreaming.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} - hxxp://www-cdn.freerealms.com/gamedata/plugins/1.0.3.93/FreeRealmsInstaller.cab?v=1044
DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123909949515
DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab
DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} - hxxp://chat.yahoo.com/cab/yuplapp.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} - hxxps://ediagnostics.lexmark.com/serval.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/SU/SU1.5/ocx/15034/CTPID.cab
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: ter1mw32 - ter1mw32.dll
Notify: termsvces - ter1mw32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\ramon somoano\application data\mozilla\firefox\profiles\ddbon1ht.default\
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=fmtm
FF - prefs.js: keyword.URL - hxxp://search.alot.com/web?&src_id=12286&client_id=58846838bae80c3fbc1e8858&camp_id=2585&install_time=2004-08-26T06:49:48Z&tb_version=2.4.11000%28F%29&pr=auto&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\sony online entertainment\npsoe.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\c2mp\npdivx32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2004-8-26 64288]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-8 121216]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-19 54760]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2011-4-3 10384]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdnserv.exe [2009-7-25 94208]
R2 TermServices;Remote Desktop Service;c:\windows\system32\svchost.exe -k termsvc [2002-8-29 14336]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]
S0 72241172;72241172;c:\windows\system32\drivers\75181833.sys --> c:\windows\system32\drivers\75181833.sys [?]
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys --> c:\windows\system32\drivers\ehdrv.sys [?]
S1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys --> c:\windows\system32\drivers\epfwtdir.sys [?]
S2 ekrn;ESET Service;"c:\program files\eset\eset nod32 antivirus\ekrn.exe" --> c:\program files\eset\eset nod32 antivirus\ekrn.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-28 130560]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-28 130560]
.
=============== File Associations ===============
.
regfile="regedit.exe" "%1"
.
=============== Created Last 30 ================
.
2011-08-06 23:54:55 -------- dc----w- C:\946c50e7d51d913ea1b3b6fbb2
2011-07-29 18:14:55 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\WinZip
2011-07-25 23:10:47 218624 ----a-w- c:\windows\system32\termlw32.dll
2011-07-25 23:10:46 35840 ----a-w- c:\windows\system32\ter1mw32.dll
2011-07-25 08:40:54 0 ----a-w- c:\documents and settings\ramon somoano\local settings\application data\xnxg.exe
2011-07-25 08:40:54 0 ----a-w- c:\documents and settings\all users\application data\tnyp.exe
2011-07-25 08:40:53 0 ----a-w- c:\documents and settings\ramon somoano\local settings\application data\food.exe
2011-07-25 08:40:53 0 ----a-w- c:\documents and settings\all users\application data\fbhq.exe
2011-07-25 08:40:52 0 ----a-w- c:\documents and settings\ramon somoano\local settings\application data\cwvt.exe
2011-07-25 08:40:52 0 ----a-w- c:\documents and settings\all users\application data\ncfo.exe
2011-07-25 08:40:51 0 ----a-w- c:\documents and settings\all users\application data\hnjg.exe
2011-07-25 08:40:50 0 ----a-w- c:\documents and settings\ramon somoano\local settings\application data\tvyc.exe
2011-07-15 00:26:47 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Real
2011-07-15 00:25:20 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2011-07-15 00:24:41 -------- d-----w- c:\program files\common files\xing shared
2011-07-15 00:24:11 150712 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2011-07-15 00:23:56 105472 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2011-07-10 02:55:02 -------- d-----w- c:\program files\getdislike
2011-07-09 23:48:20 -------- d-----w- c:\documents and settings\ramon somoano\application data\facemoods.com
2011-07-09 22:42:48 -------- d-----w- c:\program files\Setup Support for RelevantKnowledge
2011-07-09 22:41:47 -------- d-----w- c:\program files\Ploose
2011-07-09 22:40:38 -------- d-----w- c:\program files\UltimaDownloads
2011-07-09 22:30:05 -------- d-----w- c:\documents and settings\ramon somoano\application data\com.adobe.downloadassistant.AdobeDownloadAssistant
2011-07-09 22:29:41 -------- d-----w- c:\program files\Adobe Download Assistant
2011-07-09 17:38:46 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2011-07-09 17:38:46 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2011-07-04 04:36:24 -------- d-----w- c:\documents and settings\ramon somoano\application data\FCTB000059563
2011-07-04 04:35:42 -------- d-----w- c:\program files\myYearbook Toolbar
2011-07-03 02:48:38 -------- d-----w- c:\program files\CouponAlert_2pEI
2011-07-02 20:36:55 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\assembly
2011-06-16 01:09:22 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-15 14:38:14 105472 ------w- c:\windows\system32\dllcache\mup.sys
2011-06-02 04:43:54 -------- d-----w- c:\documents and settings\ramon somoano\application data\PriceGong
2011-06-02 02:12:12 20124 ----a-w- c:\documents and settings\all users\SPLC.tmp
2011-06-02 00:18:59 20124 ----a-w- c:\documents and settings\all users\SPLA.tmp
2011-06-01 18:18:56 20124 ----a-w- c:\documents and settings\all users\SPL9.tmp
2011-06-01 04:06:20 49904 ----a-r- c:\windows\system32\drivers\BVRPMPR5.SYS
2011-06-01 04:04:57 -------- dc----w- C:\Netgear
2011-06-01 03:29:41 20124 ----a-w- c:\documents and settings\all users\SPL8.tmp
2011-05-31 16:38:31 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2011-05-31 16:38:22 -------- d-----w- c:\program files\W3i
2011-05-31 13:42:37 20124 ----a-w- c:\documents and settings\all users\SPL7.tmp
2011-05-31 00:02:40 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\ESET
2011-05-30 20:29:43 20124 ----a-w- c:\documents and settings\all users\SPL6.tmp
2011-05-30 20:21:17 -------- dc-h--w- c:\windows\ie8
2011-05-30 20:11:35 20124 ----a-w- c:\documents and settings\all users\SPLB.tmp
2011-05-30 20:05:29 20124 ----a-w- c:\documents and settings\all users\SPLE.tmp
2011-05-30 19:41:09 20124 ----a-w- c:\documents and settings\all users\SPL5.tmp
2011-05-30 14:55:52 20124 ----a-w- c:\documents and settings\all users\SPL13.tmp
2011-05-30 01:52:37 -------- d-----w- c:\documents and settings\ramon somoano\application data\IMVU
2011-05-30 01:50:33 -------- d-----w- c:\documents and settings\ramon somoano\application data\IMVUClient
2011-05-29 01:30:02 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-28 22:46:33 20124 ----a-w- c:\documents and settings\all users\SPL4.tmp
2011-05-28 15:41:27 20124 ----a-w- c:\documents and settings\all users\SPL2.tmp
2011-05-27 16:25:33 20124 ----a-w- c:\documents and settings\all users\SPL3.tmp
2011-05-23 19:46:26 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Microsoft Help
2011-05-23 19:34:20 -------- d-----w- c:\program files\PowerISO
2011-05-23 18:51:36 20124 ----a-w- c:\documents and settings\all users\SPLD.tmp
2011-05-15 19:55:28 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-05-14 01:11:54 641536 ----a-w- c:\program files\common files\microsoft shared\vc\msdia80.dll
2011-04-19 08:47:04 670032 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
2011-04-03 08:14:47 10384 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2011-04-03 08:12:33 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2011-04-03 08:12:18 84496 ----a-w- c:\windows\system32\KemXML.dll
2011-04-03 08:12:18 170512 ----a-w- c:\windows\system32\kemutb.dll
2011-04-03 08:12:18 145936 ----a-w- c:\windows\system32\KemUtil.dll
2011-04-03 08:12:18 117264 ----a-w- c:\windows\system32\KemWnd.dll
2011-03-20 09:40:44 1079144 ----a-w- c:\program files\common files\microsoft shared\office12\RICHED20.DLL
2011-03-02 02:33:13 -------- d-----w- c:\documents and settings\ramon somoano\.thumbnails
2011-03-02 02:13:24 -------- d-----w- c:\documents and settings\ramon somoano\.gimp-2.6
2011-03-02 02:12:26 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Yahoo
2011-03-02 02:12:25 -------- d-----w- c:\documents and settings\ramon somoano\.gegl-0.0
2011-03-02 02:04:53 -------- d-----w- c:\documents and settings\all users\application data\W3i
2011-03-02 02:00:07 -------- d-----w- c:\program files\Surf Canyon
2011-03-02 02:00:02 -------- d-----w- c:\program files\Free Offers from Freeze.com
2011-02-25 15:52:28 -------- d-sh--w- C:\found.000
2011-02-16 23:00:38 17370496 ----a-w- c:\program files\common files\microsoft shared\office12\MSO.DLL
2011-02-11 13:25:52 229888 ------w- c:\windows\system32\dllcache\fxscover.exe
2011-02-09 13:53:52 270848 ------w- c:\windows\system32\dllcache\sbe.dll
2011-02-09 13:53:52 186880 ------w- c:\windows\system32\dllcache\encdec.dll
2011-02-02 07:58:35 2067456 ------w- c:\windows\system32\dllcache\lhmstscx.dll
2011-01-27 11:57:06 677888 ------w- c:\windows\system32\dllcache\lhmstsc.exe
2011-01-24 21:03:58 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-01-24 21:03:58 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys
2011-01-23 21:19:04 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Geckofx
2011-01-23 21:19:03 -------- d-----w- c:\documents and settings\ramon somoano\application data\Red Kawa
2011-01-22 17:59:35 -------- d-----w- c:\program files\Yontoo Layers Client
2011-01-21 14:44:37 439296 ------w- c:\windows\system32\dllcache\shimgvw.dll
2011-01-12 03:14:07 -------- d-----w- c:\program files\iPod
2011-01-12 03:13:50 -------- d-----w- c:\program files\iTunes
2011-01-12 03:13:50 -------- d-----w- c:\documents and settings\all users\application data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-01-12 03:08:06 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-01-12 03:06:17 -------- d-----w- c:\program files\Bonjour
2011-01-06 02:36:53 -------- d-----w- c:\documents and settings\ramon somoano\application data\BitTorrent
2011-01-01 01:24:47 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2011-01-01 01:24:47 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll
2011-01-01 01:24:47 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2011-01-01 01:24:46 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2011-01-01 01:24:46 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2011-01-01 01:24:46 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2011-01-01 01:24:46 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2011-01-01 01:24:46 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2011-01-01 01:24:46 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2011-01-01 01:24:46 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2011-01-01 01:24:42 -------- d-----w- c:\program files\Free Audio Editor
2010-12-29 03:13:12 -------- d-----w- c:\program files\VstPlugins
2010-12-29 03:06:03 -------- d-----w- c:\program files\Image-Line
2010-12-20 17:32:15 551936 ------w- c:\windows\system32\dllcache\oleaut32.dll
2010-12-15 21:11:11 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 21:06:34 45568 ------w- c:\windows\system32\dllcache\wab.exe
2010-11-29 22:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12:44 81920 ------w- c:\windows\system32\dllcache\isign32.dll
2010-11-14 18:01:34 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Temp
2010-11-13 02:04:39 -------- d-----w- c:\windows\system32\20-20 Technologies
2010-11-09 14:52:35 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2010-11-09 14:52:35 249856 ------w- c:\windows\system32\dllcache\odbc32.dll
2010-11-09 14:52:35 200704 ------w- c:\windows\system32\dllcache\msadox.dll
2010-11-09 14:52:35 180224 ------w- c:\windows\system32\dllcache\msadomd.dll
2010-11-09 14:52:35 143360 ------w- c:\windows\system32\dllcache\msadco.dll
2010-11-09 14:52:35 102400 ------w- c:\windows\system32\dllcache\msjro.dll
2010-11-08 16:38:32 -------- d-----w- c:\program files\BitTorrent
2010-11-01 18:06:12 -------- d-----w- c:\program files\AutocompletePro
2010-11-01 18:06:00 -------- d-----w- c:\program files\VDownloader
2010-10-15 00:16:48 978944 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-15 00:16:48 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-15 00:16:48 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-15 00:16:36 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-07 17:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 17:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 17:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-09-26 17:40:53 -------- d-----w- c:\documents and settings\ramon somoano\application data\vShare
2010-09-26 17:40:03 -------- d-----w- c:\program files\vShare
2010-09-26 15:51:09 -------- d-----w- c:\program files\GMI
2010-09-26 15:49:30 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2010-09-26 15:49:29 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2010-09-26 15:49:29 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2010-09-26 15:49:29 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2010-09-26 15:49:27 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2010-09-26 15:48:41 -------- d-----w- c:\documents and settings\ramon somoano\application data\ZiggyTV
2010-09-26 15:48:36 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2010-09-26 15:48:29 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2010-09-26 15:48:17 -------- d-----w- c:\program files\ZiggyTV
2010-08-27 05:57:43 99840 ------w- c:\windows\system32\dllcache\srvsvc.dll
2010-08-17 13:17:06 58880 ------w- c:\windows\system32\dllcache\spoolsv.exe
2010-07-25 03:01:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-25 03:01:07 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-07-22 12:58:54 119160 ----a-w- c:\program files\common files\microsoft shared\textconv\MSCONV97.DLL
2010-07-16 12:05:55 1288192 ------w- c:\windows\system32\dllcache\ole32.dll
2010-07-14 21:11:22 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Conduit
2010-07-14 17:34:25 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-06-18 17:45:17 293376 ------w- c:\windows\system32\dllcache\winsrv.dll
2010-06-12 17:44:10 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-05-16 22:53:41 -------- d-----w- c:\documents and settings\ramon somoano\application data\Vivox
2010-04-20 05:30:08 290432 ------w- c:\windows\system32\dllcache\atmfd.dll
2010-04-17 04:04:40 306032 -c--a-w- c:\windows\WLXPGSS.SCR
2010-04-16 15:36:56 406016 ------w- c:\windows\system32\dllcache\usp10.dll
2010-04-12 08:44:34 59388 ----a-w- c:\windows\system32\drivers\scdemu.sys
2010-04-01 23:26:15 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-31 04:16:34 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-03-31 04:10:40 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-03-30 16:24:40 317440 ------w- c:\windows\system32\dllcache\mp4sdecd.dll
2010-03-07 03:04:40 3335916 ----a-w- c:\windows\system32\nv4_disp.dll
2010-03-07 03:04:40 3335916 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-03-05 14:37:40 65536 ------w- c:\windows\system32\dllcache\asycfilt.dll
2010-02-28 05:31:37 1346281 ----a-w- c:\documents and settings\all users\SPL332.tmp
2010-02-12 04:33:11 100864 ------w- c:\windows\system32\dllcache\6to4svc.dll
2010-01-17 15:14:29 311043 ----a-w- c:\documents and settings\all users\SPL63.tmp
2010-01-14 02:11:01 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\SCE
2010-01-14 02:05:29 -------- d-----w- c:\documents and settings\ramon somoano\application data\Sony Online Entertainment
2010-01-14 02:05:27 -------- d-----w- c:\program files\Sony Online Entertainment
2010-01-13 14:01:25 86016 ------w- c:\windows\system32\dllcache\cabview.dll
2010-01-12 23:15:00 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2009-12-24 06:59:40 177664 ------w- c:\windows\system32\dllcache\wintrust.dll
2009-12-16 18:43:27 343040 ------w- c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:08:23 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll
2009-12-12 06:47:03 -------- d-----w- c:\documents and settings\all users\application data\PCSettings
2009-12-12 06:46:25 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2009-12-03 22:54:28 -------- d-----w- c:\documents and settings\all users\application data\Norton
2009-12-02 14:14:52 2804125 ----a-w- c:\documents and settings\all users\SPLC8.tmp
2009-11-27 17:11:44 17920 ------w- c:\windows\system32\dllcache\msyuv.dll
2009-11-27 16:07:35 28672 ------w- c:\windows\system32\dllcache\msvidc32.dll
2009-11-27 16:07:34 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll
2009-11-27 16:07:34 11264 ------w- c:\windows\system32\dllcache\msrle32.dll
2009-11-22 18:54:17 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\RobloxDownloads
2009-11-22 18:53:34 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\RobloxVersions
2009-11-07 05:07:08 49488 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-07 05:07:04 297808 ----a-w- c:\windows\system32\mscoree.dll
2009-11-07 05:06:46 1130824 ----a-w- c:\windows\system32\dfshim.dll
2009-10-21 05:38:36 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll
2009-10-21 05:38:36 25088 ------w- c:\windows\system32\dllcache\httpapi.dll
2009-10-20 16:20:16 265728 ------w- c:\windows\system32\dllcache\http.sys
2009-10-13 10:30:16 270336 ------w- c:\windows\system32\dllcache\oakley.dll
2009-10-12 13:38:19 149504 ------w- c:\windows\system32\dllcache\rastls.dll
2009-10-12 13:38:18 79872 ------w- c:\windows\system32\dllcache\raschap.dll
2009-10-10 03:10:46 2594632 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBE6.DLL
2009-09-16 01:10:49 2245737 ----a-w- c:\documents and settings\all users\SPL9E.tmp
2009-09-13 03:07:56 3772412 ----a-w- c:\documents and settings\all users\SPL7F9.tmp
2009-09-10 00:16:24 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2009-09-07 03:14:20 3085912 ----a-w- c:\documents and settings\all users\SPL84.tmp
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-18 03:33:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-17 02:19:04 -------- d-----w- c:\program files\KingsIsle Entertainment
2009-08-13 00:15:03 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-09 21:08:17 1133668 ----a-w- c:\documents and settings\all users\SPL9D.tmp
2009-08-05 09:01:48 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-03 03:04:13 -------- d-----w- c:\windows\nview
2009-08-03 02:50:49 -------- d-----w- C:\NVIDIA
2009-08-02 17:02:54 52568404 ----a-w- c:\documents and settings\all users\SPL1.tmp
2009-08-02 02:46:21 52568404 ----a-w- c:\documents and settings\all users\SPL94.tmp
2009-08-02 00:13:09 -------- d-----w- c:\documents and settings\ramon somoano\application data\2K Sports
2009-08-01 23:51:17 -------- d-----w- c:\program files\2K Sports
2009-08-01 03:54:04 -------- d-----w- c:\windows\Logs
2009-07-29 22:24:18 -------- d-----w- c:\windows\LMI72.tmp
2009-07-29 22:18:24 -------- d-----w- c:\documents and settings\all users\application data\Lexmark 2600 Series
2009-07-27 23:17:41 135168 ------w- c:\windows\system32\dllcache\shsvcs.dll
2009-07-27 02:30:39 -------- d-----w- c:\windows\system32\XPSViewer
2009-07-27 02:30:01 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-07-27 02:27:15 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-07-27 02:27:15 117760 ------w- c:\windows\system32\prntvpt.dll
2009-07-27 02:27:14 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-07-27 02:27:14 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-07-27 02:27:14 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-07-27 02:27:14 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-07-27 02:27:11 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-07-27 02:27:11 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-07-27 02:27:07 -------- d-----w- C:\e5ab88d121551d5de3b11a90611c
2009-07-26 03:53:11 -------- d-----w- c:\documents and settings\ramon somoano\application data\Lexmark Productivity Studio
2009-07-26 02:56:53 -------- d-----w- c:\documents and settings\ramon somoano\application data\FaxCtr
2009-07-26 02:13:31 -------- d-----w- c:\documents and settings\all users\Lx_cats
2009-07-26 02:08:10 -------- d-----w- C:\logs
2009-07-26 02:05:19 40960 ----a-w- c:\windows\system32\lxdnvs.dll
2009-07-26 02:03:50 348160 ----a-w- c:\windows\system32\lxdncoin.dll
2009-07-26 02:03:47 115200 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\lxdndrpp.dll
2009-07-26 02:02:25 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-07-26 02:02:25 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2009-07-26 02:02:23 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2009-07-26 02:02:23 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-07-26 02:01:53 81920 ----a-w- c:\windows\system32\lxdncaps.dll
2009-07-26 02:01:53 782336 ----a-w- c:\windows\system32\lxdndrs.dll
2009-07-26 02:01:52 69632 ----a-w- c:\windows\system32\lxdncnv4.dll
2009-07-26 01:59:46 45056 ----a-w- c:\windows\system32\LXF3PMON.DLL
2009-07-26 01:59:46 32768 ----a-w- c:\windows\system32\LXF3FXPU.DLL
2009-07-26 01:59:25 53248 ----a-w- c:\windows\system32\lxf3oem.dll
2009-07-26 01:59:25 49152 ----a-w- c:\windows\system32\IM31IMG.DIL
2009-07-26 01:59:25 12288 ----a-w- c:\windows\system32\LXF3PMRC.DLL
2009-07-26 01:59:24 69632 ----a-w- c:\windows\system32\IM31XTIF.DEL
2009-07-26 01:59:23 98304 ----a-w- c:\windows\system32\IM31XPNG.DEL
2009-07-26 01:59:21 98345 ----a-w- c:\windows\system32\IMHOST32.DLL
2009-07-26 01:59:20 339968 ----a-w- c:\windows\system32\IMGMAN32.DLL
2009-07-26 01:58:48 -------- d-----w- c:\documents and settings\all users\application data\FaxCtr
2009-07-26 01:58:15 -------- d-----w- c:\program files\Lexmark Fax Solutions
2009-07-26 01:57:43 -------- d-----w- c:\program files\Abbyy FineReader 6.0 Sprint
2009-07-26 01:55:20 -------- d-----w- c:\program files\Lexmark Toolbar
2009-07-26 01:55:05 17064 ----a-w- c:\windows\system32\lxdnwupd.exe
2009-07-26 01:55:03 102400 ----a-w- c:\windows\system32\lxdnwupd.dll
2009-07-25 13:42:52 -------- d-----w- c:\program files\Disney
2009-07-21 05:05:40 1348432 ----a-w- c:\windows\system32\msxml4.dll
2009-07-17 19:01:06 58880 ------w- c:\windows\system32\dllcache\atl.dll
2009-07-17 16:22:18 1435648 ------w- c:\windows\system32\dllcache\query.dll
2009-07-14 03:43:24 10841088 ------w- c:\windows\system32\dllcache\wmp.dll
2009-06-25 08:25:26 54272 ------w- c:\windows\system32\dllcache\wdigest.dll
2009-06-25 08:25:26 301568 ------w- c:\windows\system32\dllcache\kerberos.dll
2009-06-25 08:25:26 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-06-24 11:18:41 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys
2009-06-17 16:56:32 28560 ----a-w- c:\windows\system32\drivers\LUsbFilt.sys
2009-06-17 16:56:24 79248 ----a-w- c:\windows\system32\drivers\LMouKE.Sys
2009-06-17 16:56:16 37392 ----a-w- c:\windows\system32\drivers\LMouFilt.Sys
2009-06-17 16:56:06 35472 ----a-w- c:\windows\system32\drivers\LHidFilt.Sys
2009-06-17 16:55:26 63248 ----a-w- c:\windows\system32\drivers\L8042mou.Sys
2009-06-17 16:55:18 20240 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys
2009-06-17 16:55:10 55824 ----a-w- c:\windows\KHALMNPR.Exe
2009-06-16 14:36:30 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2009-06-16 14:36:30 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2009-06-13 23:00:46 -------- d-sh--w- c:\documents and settings\ramon somoano\IECompatCache
2009-06-13 22:58:40 -------- d-sh--w- c:\documents and settings\ramon somoano\PrivacIE
2009-06-13 22:29:06 -------- d-sh--w- c:\documents and settings\ramon somoano\IETldCache
2009-06-13 05:15:00 1661792 ----a-w- c:\program files\common files\microsoft shared\office12\OGL.DLL
2009-06-12 12:31:39 76288 ------w- c:\windows\system32\dllcache\telnet.exe
2009-06-10 14:13:29 84992 ------w- c:\windows\system32\dllcache\avifil32.dll
2009-06-10 13:19:38 2066432 ------w- c:\windows\system32\dllcache\mstscax.dll
2009-06-10 06:14:49 132096 ------w- c:\windows\system32\dllcache\wkssvc.dll
2009-06-09 22:48:57 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-06-09 22:48:56 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-09 22:48:51 -------- d-----w- c:\windows\ie8updates
2009-06-09 22:47:49 7680 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-05-30 01:55:44 -------- d-----w- c:\documents and settings\ramon somoano\application data\BitZipper
2009-05-28 20:09:21 -------- d-----w- c:\program files\BitZipper
2009-05-07 15:32:35 345600 ------w- c:\windows\system32\dllcache\localspl.dll
2009-04-20 17:17:26 45568 ------w- c:\windows\system32\dllcache\dnsrslvr.dll
2009-04-18 01:07:48 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2009-04-18 01:07:41 35328 ------w- c:\windows\system32\dllcache\sc.exe
2009-04-18 01:07:37 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2009-04-18 01:07:22 110592 ------w- c:\windows\system32\dllcache\services.exe
2009-04-18 01:07:16 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2009-04-18 01:07:12 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-18 01:07:03 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-18 01:06:47 730112 ------w- c:\windows\system32\dllcache\lsasrv.dll
2009-04-18 01:06:39 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2009-04-18 01:06:33 718336 ------w- c:\windows\system32\dllcache\ntdll.dll
2009-04-18 01:04:55 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2009-04-18 01:04:53 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
2009-04-15 14:51:25 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2009-04-03 22:46:26 97640 ----a-w- c:\program files\common files\microsoft shared\office12\EXP_PDF.DLL
2009-04-03 21:59:44 79728 ----a-w- c:\program files\common files\microsoft shared\office12\1033\xlsrvintl.dll
2009-04-02 17:07:44 186240 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\office.en-us\OSETUPUI.DLL
2009-04-02 17:07:10 6540120 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUP.DLL
2009-04-02 17:06:52 439160 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\SETUP.EXE
2009-04-02 17:06:42 231848 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\ODEPLOY.EXE
2009-04-02 16:02:04 11632 ----a-w- c:\program files\common files\microsoft shared\office12\1033\OLBINTL.DLL
2009-04-02 16:02:04 10339712 ----a-w- c:\program files\common files\microsoft shared\office12\1033\MSOINTL.DLL
2009-04-02 16:02:02 45968 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUPPS.DLL
2009-04-02 16:02:02 14720 ----a-w- c:\program files\common files\microsoft shared\smart tag\SmartTagInstall.exe
2009-04-02 16:02:00 552816 ----a-w- c:\program files\common files\microsoft shared\office12\OFFLB.EXE
2009-04-02 16:02:00 17792 ----a-w- c:\program files\common files\microsoft shared\office12\OPHPROXY.DLL
2009-04-02 16:02:00 15760 ----a-w- c:\program files\common files\microsoft shared\office12\OPTINPS.DLL
2009-04-02 16:02:00 12616 ----a-w- c:\program files\common files\microsoft shared\office12\OFFREL.DLL
2009-04-02 16:01:58 6637936 ----a-w- c:\program files\common files\microsoft shared\office12\MSORES.DLL
2009-04-02 16:01:58 42864 ----a-w- c:\program files\common files\microsoft shared\office12\MSSH.DLL
2009-04-02 16:01:46 18816 ----a-w- c:\program files\common files\microsoft shared\office12\MSMH.DLL
2009-04-02 16:01:44 70000 ----a-w- c:\program files\common files\microsoft shared\office12\LBGHOST.DLL
2009-04-02 16:01:44 56680 ----a-w- c:\program files\common files\microsoft shared\office12\EXP_XPS.DLL
2009-04-02 16:01:44 177520 ----a-w- c:\program files\common files\microsoft shared\smart tag\IETAG.DLL
2009-03-27 02:02:46 -------- d-----w- c:\documents and settings\ramon somoano\Tracing
2009-03-21 14:06:58 989696 ------w- c:\windows\system32\dllcache\kernel32.dll
2009-03-19 23:46:06 54760 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-03-19 23:44:01 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-03-19 23:42:59 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-03-19 23:33:58 -------- d-----w- c:\program files\Microsoft
2009-03-19 23:33:39 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-03-19 23:32:17 4865408 ----a-w- c:\program files\common files\windows live\.cache\f10574901c9a8ea\Silverlight.2.0.exe
2009-03-19 23:30:42 74520 ----a-w- c:\program files\common files\windows live\.cache\b82a00461c9a8ea\DSETUP.dll
2009-03-19 23:30:42 484632 ----a-w- c:\program files\common files\windows live\.cache\b82a00461c9a8ea\DXSETUP.exe
2009-03-19 23:30:42 1670936 ----a-w- c:\program files\common files\windows live\.cache\b82a00461c9a8ea\dsetup32.dll
2009-03-19 23:30:09 1013800 ----a-w- c:\program files\common files\windows live\.cache\a4b7d2361c9a8ea\WindowsXP-KB954708-x86-ENU.exe
2009-03-19 23:28:38 36171640 ----a-w- c:\program files\common files\windows live\.cache\wlcAD.tmp
2009-03-19 23:27:52 -------- d-----w- c:\program files\common files\Windows Live
2009-03-08 18:22:30 49152 ------w- c:\windows\system32\msrating.dll.mui
2009-03-08 18:22:18 2560 ------w- c:\windows\system32\mshta.exe.mui
2009-03-08 18:21:06 4096 ------w- c:\windows\system32\ie4uinit.exe.mui
2009-03-08 18:20:54 81920 ------w- c:\windows\system32\iedkcs32.dll.mui
2009-03-08 08:35:32 743424 ------w- c:\program files\internet explorer\iedvtool.dll
2009-03-08 08:35:12 233984 ------w- c:\program files\internet explorer\jsprofilerui.dll
2009-03-08 08:35:04 7680 ------w- c:\program files\internet explorer\iecompat.dll
2009-03-08 08:35:04 144384 ------w- c:\program files\internet explorer\ExtExport.exe
2009-03-08 08:35:04 118272 ------w- c:\program files\internet explorer\JSProfilerCore.dll
2009-03-08 08:35:02 521216 ------w- c:\program files\internet explorer\jsdbgui.dll
2009-03-08 08:35:02 121344 ------w- c:\program files\internet explorer\jsdebuggeride.dll
2009-03-08 08:33:18 12800 ------w- c:\program files\internet explorer\xpshims.dll
2009-03-06 06:47:58 575416 ----a-w- c:\program files\common files\microsoft shared\office12\ACEDAO.DLL
2009-03-06 06:47:58 47008 ----a-w- c:\program files\common files\microsoft shared\office12\ACEERR.DLL
2009-03-06 06:47:58 190400 ----a-w- c:\program files\common files\microsoft shared\office12\ACEES.DLL
2009-03-06 06:47:56 1759136 ----a-w- c:\program files\common files\microsoft shared\office12\ACECORE.DLL
2009-03-03 22:11:02 -------- d-----w- c:\program files\vixy.net
2009-03-03 21:29:22 318976 ----a-w- c:\windows\system32\avisynth.dll
2009-03-03 21:29:18 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2009-03-03 21:29:18 70656 ----a-w- c:\windows\system32\i420vfw.dll
2009-03-03 21:29:18 27648 ----a-w- c:\windows\system32\AVSredirect.dll
2009-03-03 21:26:52 92672 --sh--r- c:\windows\system32\RLVorbisDec.ax
2009-03-03 21:26:51 67584 --sh--r- c:\windows\system32\RLTheoraDec.ax
2009-03-03 21:26:51 51712 --sh--r- c:\windows\system32\RLSpeexDec.ax
2009-03-03 21:26:50 186880 --sh--r- c:\windows\system32\RLOgg.ax
2009-03-03 21:26:44 179200 --sh--r- c:\windows\system32\DiracSplitter.ax
2009-03-03 05:23:58 303616 ----a-w- c:\windows\box.exe
2009-02-17 21:14:40 117640 ----a-w- c:\program files\common files\microsoft shared\windows live\WLLoginProxy.exe
2009-02-17 21:11:04 408440 ----a-w- c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
2009-02-17 21:09:02 95128 ----a-w- c:\program files\common files\microsoft shared\windows live\LogicalDevice.dll
2009-02-17 21:09:00 236936 ----a-w- c:\program files\common files\microsoft shared\windows live\HWDeviceLogin.dll
2009-02-17 21:09:00 1141640 ----a-w- c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
2009-02-14 09:04:38 756040 ----a-w- c:\program files\common files\microsoft shared\office12\MSPTLS.DLL
2009-02-05 15:37:00 1117568 ----a-w- c:\program files\common files\microsoft shared\filters\offfiltx.dll
2009-02-03 19:59:07 56832 ------w- c:\windows\system32\dllcache\secur32.dll
2009-01-11 14:33:04 -------- d-----w- c:\documents and settings\all users\application data\Electronic Arts
2009-01-07 22:20:54 134144 ------w- c:\windows\system32\dllcache\sqmapi.dll
2009-01-07 22:20:54 134144 ------w- c:\program files\internet explorer\sqmapi.dll
2009-01-07 22:20:18 355832 ------w- c:\program files\internet explorer\pdm.dll
2009-01-07 22:20:18 265720 ----a-w- c:\windows\system32\msdbg2.dll
2008-12-24 15:24:06 -------- d-----w- c:\windows\system32\custom matrices
2008-12-24 15:23:09 -------- d-----w- c:\windows\system32\C2MP
2008-12-16 12:30:34 354816 ------w- c:\windows\system32\dllcache\winhttp.dll
2008-12-05 06:54:55 149504 ------w- c:\windows\system32\dllcache\schannel.dll
2008-12-04 09:00:58 969552 ----a-r- c:\program files\common files\microsoft shared\textconv\wkcvqd01.dll
2008-12-04 09:00:58 279904 ----a-r- c:\program files\common files\microsoft shared\textconv\wkls31.dll
2008-12-04 09:00:58 162640 ----a-r- c:\program files\common files\microsoft shared\textconv\wkcvqr01.dll
2008-11-25 20:41:36 324976 -c--a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2008-11-25 02:17:18 983944 ----a-w- c:\program files\common files\microsoft shared\web server extensions\12\bin\FPWEC.DLL
2008-11-21 04:02:30 988040 ----a-w- c:\program files\common files\microsoft shared\office12\msoshext.dll
2008-11-21 03:58:22 972632 ----a-w- c:\program files\common files\microsoft shared\web folders\MSONSEXT.DLL
2008-11-21 03:58:20 1011544 ----a-w- c:\program files\common files\system\ole db\MSDAIPP.DLL
2008-11-16 05:52:12 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2008-11-12 20:28:21 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 20:26:28 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2008-11-10 15:38:42 27000 ----a-w- c:\program files\common files\microsoft shared\euro\MSOEURO.DLL
2008-11-10 06:27:52 31592 ----a-w- c:\program files\common files\microsoft shared\filters\msgfilt.dll
2008-11-06 22:57:11 21504 ----a-w- c:\windows\system32\drivers\motmodem.sys
2008-11-06 22:57:11 1419232 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2008-11-06 22:55:01 -------- d-----w- c:\program files\common files\Motorola Shared
2008-11-06 22:46:41 -------- d-----w- c:\program files\Avanquest update
2008-11-06 22:45:46 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2008-11-06 22:45:46 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys
2008-11-06 22:44:04 -------- d-----w- c:\program files\Motorola Phone Tools
2008-11-06 22:41:52 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll
2008-11-06 22:41:52 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll
2008-11-06 22:41:51 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll
2008-11-06 22:41:51 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll
2008-11-06 22:41:51 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe
2008-11-06 22:41:49 323716 -c--a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll
2008-11-06 22:41:49 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll
2008-11-06 22:23:29 -------- d-----w- c:\program files\PQDVD
2008-11-04 05:44:24 814464 ----a-w- c:\program files\common files\microsoft shared\dw\DW20.EXE
2008-11-04 05:44:24 439632 ----a-w- c:\program files\common files\microsoft shared\dw\DWDCW20.DLL
2008-11-04 05:44:24 435096 ----a-w- c:\program files\common files\microsoft shared\dw\DWTRIG20.EXE
2008-11-04 05:06:30 2872688 ----a-w- c:\program files\common files\microsoft shared\office12\OFFDIAG.EXE
2008-11-04 05:06:28 441712 ----a-w- c:\program files\common files\microsoft shared\office12\ODSERV.EXE
2008-11-04 03:39:44 179128 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACEINTL.DLL
2008-10-26 09:42:18 16216 ----a-w- c:\program files\common files\microsoft shared\portal\1033\PortalConnect.dll
2008-10-26 09:42:16 482656 ----a-w- c:\program files\common files\microsoft shared\portal\PortalConnectCore.dll
2008-10-25 13:27:54 44408 ----a-w- c:\program files\common files\microsoft shared\office12\MSOXMLMF.DLL
2008-10-25 10:38:38 145224 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ALRTINTL.DLL
2008-10-25 10:18:52 89464 ----a-w- c:\program files\common files\microsoft shared\smart tag\METCONV.DLL
2008-10-25 09:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODTXT.DLL
2008-10-25 09:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODPDX.DLL
2008-10-25 09:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODEXL.DLL
2008-10-25 09:31:28 15224 ----a-w- c:\program files\common files\microsoft shared\office12\ACEODDBS.DLL
2008-10-25 07:38:36 1682800 ----a-w- c:\program files\common files\microsoft shared\web server extensions\12\bin\FPSRVUTL.DLL
2008-10-25 02:50:52 436584 ----a-w- c:\program files\common files\microsoft shared\msorun\MSORUN.DLL
2008-10-25 02:21:26 505192 ----a-w- c:\program files\common files\microsoft shared\office12\MSSOAP30.DLL
2008-10-25 02:04:22 1409 ----a-w- c:\windows\QTFont.for
2008-10-25 01:14:58 1425912 ----a-w- c:\program files\common files\microsoft shared\office11\msxml5.dll
2008-10-24 14:27:52 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2008-10-23 15:52:11 -------- d-----w- c:\program files\ASIO4ALL v2
2008-10-23 15:52:01 225280 ----a-w- c:\windows\system32\rewire.dll
2008-10-23 15:50:33 1554944 ----a-w- c:\windows\system32\vorbis.acm
2008-10-23 15:49:35 -------- d-----w- c:\program files\Outsim
2008-10-23 12:36:14 286720 ------w- c:\windows\system32\dllcache\gdi32.dll
2008-10-16 00:34:43 357888 ------w- c:\windows\system32\dllcache\srv.sys
2008-10-16 00:34:17 1857920 ------w- c:\windows\system32\dllcache\win32k.sys
2008-10-16 00:34:12 2148864 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-16 00:34:11 2192768 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-16 00:34:11 2027008 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-16 00:34:10 2069376 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-09-17 20:29:12 20040 ----a-w- c:\documents and settings\all users\application data\microsoft\identitycrl\production\ppcrlconfig.dll
2008-08-27 23:32:34 -------- d-----w- c:\windows\system32\scripting
2008-08-27 23:32:31 -------- d-----w- c:\windows\l2schemas
2008-08-27 23:32:29 -------- d-----w- c:\windows\system32\en
2008-08-27 22:24:57 30208 ------w- c:\windows\system32\napipsec.dll
2008-08-27 22:23:54 7168 ------w- c:\windows\system32\bitsprx4.dll
2008-08-27 22:23:54 233472 ------w- c:\windows\system32\azroles.dll
2008-08-27 22:23:45 136192 ------w- c:\windows\system32\aaclient.dll
2008-08-26 02:50:22 155648 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\1033\VBE6INTL.DLL
2008-08-17 01:50:34 60 ----a-w- c:\windows\system32\E_S8E.tmp
2008-08-14 15:57:55 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2008-08-14 15:57:35 692736 ------w- c:\windows\system32\dllcache\inetcomm.dll
2008-08-10 03:22:44 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2008-08-03 16:24:49 -------- d-----w- c:\documents and settings\all users\Symantec Temporary Files
2008-07-30 01:10:04 73720 ----a-w- c:\windows\system32\dxva2.dll
2008-07-30 01:10:04 493048 ----a-w- c:\windows\system32\evr.dll
2008-07-30 01:10:04 26112 ----a-w- c:\windows\system32\TsWpfWrp.exe
2008-07-29 23:59:58 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2008-07-29 23:59:58 161296 ----a-w- c:\windows\system32\UIAutomationCore.dll
2008-07-29 23:59:58 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-29 23:24:50 97800 ----a-w- c:\windows\system32\infocardapi.dll
2008-07-29 23:24:50 622080 ----a-w- c:\windows\system32\icardagt.exe
2008-07-29 23:24:50 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2008-07-29 23:24:50 11264 ----a-w- c:\windows\system32\icardres.dll
2008-07-29 09:49:58 586240 ----a-w- c:\windows\system32\icardres.dll.mui
2008-07-25 15:16:58 83968 ----a-w- c:\windows\system32\mscories.dll
2008-07-25 15:16:58 158720 ----a-w- c:\windows\system32\mscorier.dll
2008-07-25 15:16:58 158720 ----a-w- c:\program files\internet explorer\mui\0409\mscorier.dll
2008-07-07 20:26:58 253952 ------w- c:\windows\system32\dllcache\es.dll
2008-06-24 16:43:16 74240 ------w- c:\windows\system32\dllcache\mscms.dll
2008-06-21 04:39:10 5524 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2008-06-20 17:46:57 245248 ------w- c:\windows\system32\dllcache\mswsock.dll
2008-06-20 17:46:57 149504 ------w- c:\windows\system32\dllcache\dnsapi.dll
2008-06-20 11:51:12 361600 ------w- c:\windows\system32\dllcache\tcpip.sys
2008-06-20 11:40:08 138496 ------w- c:\windows\system32\dllcache\afd.sys
2008-06-20 11:08:27 226880 ------w- c:\windows\system32\dllcache\tcpip6.sys
2008-06-17 19:02:19 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
2008-06-12 14:23:32 956928 ------w- c:\windows\system32\dllcache\msdtctm.dll
2008-06-12 14:23:32 91648 ------w- c:\windows\system32\dllcache\mtxoci.dll
2008-06-12 14:23:32 66560 ------w- c:\windows\system32\dllcache\mtxclu.dll
2008-06-12 14:23:32 58880 ------w- c:\windows\system32\dllcache\msdtclog.dll
2008-06-12 14:23:32 428032 ------w- c:\windows\system32\dllcache\msdtcprx.dll
2008-06-12 14:23:32 161792 ------w- c:\windows\system32\dllcache\msdtcuiu.dll
2008-06-11 23:33:04 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2008-06-11 23:32:53 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2008-05-31 18:07:53 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2008-05-09 10:53:40 90112 ------w- c:\windows\system32\dllcache\wshext.dll
2008-05-09 10:53:40 420864 ----a-w- c:\windows\system32\dllcache\vbscript.dll
2008-05-09 10:53:40 172032 ------w- c:\windows\system32\dllcache\scrrun.dll
2008-05-09 10:53:39 726528 ----a-w- c:\windows\system32\dllcache\jscript.dll
2008-05-09 10:53:39 180224 ------w- c:\windows\system32\dllcache\scrobj.dll
2008-05-07 09:07:23 135168 ------w- c:\windows\system32\dllcache\cscript.exe
2008-05-07 05:12:40 1291776 ------w- c:\windows\system32\dllcache\quartz.dll
2008-05-03 05:04:27 -------- d-----w- c:\documents and settings\all users\application data\MumboJumbo
2008-03-31 21:25:52 161096 ----a-w- c:\windows\system32\DivXCodecVersionChecker.exe
2008-03-29 15:42:30 536576 ----a-w- c:\windows\system32\splitter.ax
2008-03-29 15:42:22 245248 ----a-w- c:\windows\system32\dxr.dll
2008-03-29 15:42:20 159744 ----a-w- c:\windows\system32\mmfinfo.dll
2008-03-29 15:42:14 102400 ----a-w- c:\windows\system32\avss.dll
2008-03-29 15:42:08 148992 ----a-w- c:\windows\system32\mkx.dll
2008-03-29 15:42:04 141312 ----a-w- c:\windows\system32\mp4.dll
2008-03-29 15:42:04 108032 ----a-w- c:\windows\system32\avi.dll
2008-03-29 15:42:02 335872 ----a-w- c:\windows\system32\gdsmux.exe
2008-03-29 15:42:02 120832 ----a-w- c:\windows\system32\ogm.dll
2008-03-29 15:42:00 163840 ----a-w- c:\windows\system32\ts.dll
2008-03-29 15:42:00 103424 ----a-w- c:\windows\system32\dsmux.exe
2008-03-29 15:41:54 97280 ----a-w- c:\windows\system32\avs.dll
2008-03-29 15:41:54 135168 ----a-w- c:\windows\system32\mkv2vfr.exe
2008-03-29 15:41:52 79360 ----a-w- c:\windows\system32\mkzlib.dll
2008-03-29 15:41:52 23552 ----a-w- c:\windows\system32\mkunicode.dll
2008-03-09 09:31:40 245760 ----a-w- c:\windows\system32\DCBassSource.ax
2008-02-09 05:09:13 7062 ----a-w- c:\windows\system32\audiopid.vxd
2008-02-03 04:22:34 193880 ---ha-r- c:\windows\system32\cpnprt2.cid
2008-02-03 04:21:17 -------- d-----w- c:\windows\Cache
2008-02-03 04:21:15 -------- d-----w- c:\program files\Coupons
2008-02-03 03:18:56 53248 -c----w- c:\windows\Ctregrun.exe
2008-02-03 03:18:26 417792 ----a-w- c:\windows\system32\awrdscdc.ax
2008-02-03 03:18:10 -------- d-----w- c:\program files\Audible
2008-02-03 03:13:39 -------- d--h--w- c:\program files\Creative Installation Information
2008-01-25 01:32:31 286720 -c--a-w- c:\windows\Film Factory.scr
2008-01-25 01:28:14 299520 -c--a-w- c:\windows\uninst.exe
2008-01-25 01:27:51 -------- d-----w- c:\documents and settings\ramon somoano\WINDOWS
2008-01-25 01:14:37 60 ----a-w- c:\windows\system32\E_S65.tmp
2008-01-25 00:46:58 53248 -c--a-w- c:\windows\runepson.exe
2008-01-16 01:50:05 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\SupportSoft
2008-01-16 01:47:37 -------- d-----w- c:\program files\Dell Support Center
2008-01-16 01:47:34 -------- d-----w- c:\program files\common files\supportsoft
2008-01-12 01:44:39 -------- d-----w- c:\program files\Video Add-on
2007-11-30 20:32:26 30527 ---h--w- c:\windows\system32\tlbar2304.deu
2007-11-28 00:01:51 -------- dcsh--w- c:\program files\common files\WindowsLiveInstaller
2007-11-25 02:53:44 129784 ------w- c:\windows\system32\pxafs.dll
2007-11-25 02:48:11 -------- d-----w- c:\program files\DivX
2007-11-22 04:44:51 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\VideoThangTM
2007-11-21 20:01:49 -------- d-----w- c:\program files\ffdshow
2007-11-21 20:01:37 -------- d-----w- c:\program files\AviSynth 2.5
2007-09-26 19:43:21 -------- d-----w- c:\windows\system32\Halloween dir
2007-09-21 12:44:20 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Apple
2007-09-12 08:19:02 75104 -c--a-w- c:\windows\CouponPrinter.ocx
2007-09-03 14:35:28 966656 ----a-w- c:\windows\system32\VSFilter.dll
2007-08-20 10:04:34 59904 ----a-w- c:\windows\system32\dllcache\icardie.dll
2007-08-18 10:55:04 577536 ----a-w- c:\windows\system32\ac3filter.ax
2007-08-18 10:54:30 380928 ----a-w- c:\windows\system32\ac3filter.acm
2007-08-13 23:42:54 18944 ----a-w- c:\windows\system32\dllcache\corpol.dll
2007-07-05 04:33:22 892928 ----a-w- c:\windows\system32\iconv.dll
2007-06-28 18:54:10 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2007-06-19 16:45:30 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2007-06-18 16:12:31 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2007-06-18 16:12:31 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2007-06-18 16:12:30 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2007-06-18 16:12:30 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2007-06-12 15:00:45 -------- d-----w- c:\program files\WMV Direct Maker
2007-06-11 16:56:13 -------- d-----w- c:\program files\AVI Codec Pack
2007-06-11 16:55:33 -------- d-----w- c:\windows\system32\quicktime
2007-06-07 22:10:50 20480 ----a-w- c:\windows\system32\ac3config.exe
2007-05-31 15:28:36 -------- d-----w- c:\program files\VideoLAN
2007-05-17 23:23:27 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2007-05-08 22:35:22 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2007-05-08 20:22:54 1991680 ------w- c:\windows\system32\dllcache\iertutil.dll
2007-05-08 20:22:52 3698584 ----a-w- c:\windows\system32\dllcache\ieapfltr.dat
2007-05-08 20:22:50 445952 ----a-w- c:\windows\system32\dllcache\ieapfltr.dll
2007-05-08 20:22:50 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2007-05-08 20:22:49 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
2007-05-08 20:22:48 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2007-05-08 20:22:45 11081728 ------w- c:\windows\system32\dllcache\ieframe.dll
2007-05-03 14:20:27 -------- d-----w- c:\program files\Windows Media Connect 2
2007-05-03 14:15:33 -------- d-----w- c:\windows\system32\LogFiles
2007-04-09 22:41:56 -------- d-----w- c:\program files\DellSupport
2007-04-05 03:08:06 -------- d-----w- c:\program files\common files\Viewpoint
2007-03-11 02:23:34 -------- d-----w- C:\ProgramData
2007-03-11 02:18:05 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Downloaded Installations
2007-03-11 01:55:13 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2007-03-05 23:25:16 -------- d-----w- c:\windows\system32\Sony PSP USB Device
2007-02-28 07:41:16 111504 ----a-w- c:\program files\common files\microsoft shared\dw\1061\DWINTL20.DLL
2007-02-28 07:40:46 114024 ----a-w- c:\program files\common files\microsoft shared\dw\1026\DWINTL20.DLL
2007-02-28 07:38:44 113040 ----a-w- c:\program files\common files\microsoft shared\dw\1051\DWINTL20.DLL
2007-02-28 07:37:52 111440 ----a-w- c:\program files\common files\microsoft shared\dw\1058\DWINTL20.DLL
2007-02-28 07:37:46 112552 ----a-w- c:\program files\common files\microsoft shared\dw\1063\DWINTL20.DLL
2007-02-28 07:37:20 112016 ----a-w- c:\program files\common files\microsoft shared\dw\1055\DWINTL20.DLL
2007-02-28 07:28:56 114600 ----a-w- c:\program files\common files\microsoft shared\dw\1027\DWINTL20.DLL
2007-02-28 07:25:50 113072 ----a-w- c:\program files\common files\microsoft shared\dw\1062\DWINTL20.DLL
2007-02-28 07:25:46 113048 ----a-w- c:\program files\common files\microsoft shared\dw\1050\DWINTL20.DLL
2007-02-28 07:23:46 113048 ----a-w- c:\program files\common files\microsoft shared\dw\1048\DWINTL20.DLL
2007-02-28 07:22:46 112536 ----a-w- c:\program files\common files\microsoft shared\dw\1060\DWINTL20.DLL
2007-02-25 16:10:48 5376 --s-a-w- c:\windows\system32\drivers\dsunidrv.sys
2007-02-16 05:49:32 115576 ----a-w- c:\program files\common files\microsoft shared\dw\1032\DWINTL20.DLL
2007-02-16 05:38:22 111984 ----a-w- c:\program files\common files\microsoft shared\dw\1038\DWINTL20.DLL
2007-02-06 03:39:22 -------- d-----w- C:\drvrtmp
2007-02-01 23:19:46 92728 ----a-w- c:\windows\system32\bass.dll
2007-02-01 23:19:46 8664 ----a-w- c:\windows\system32\bass_tta.dll
2007-02-01 23:19:46 33240 ----a-w- c:\windows\system32\bass_ape.dll
2007-02-01 23:19:46 28088 ----a-w- c:\windows\system32\bass_wv.dll
2007-02-01 23:19:46 23616 ----a-w- c:\windows\system32\bass_flac.dll
2007-02-01 23:19:46 18888 ----a-w- c:\windows\system32\bass_mpc.dll
2007-02-01 23:19:46 150520 ----a-w- c:\windows\system32\bass_aac.dll
2007-02-01 23:19:46 12784 ----a-w- c:\windows\system32\bass_alac.dll
2007-01-24 18:46:18 113056 ----a-w- c:\program files\common files\microsoft shared\dw\2070\DWINTL20.DLL
2007-01-21 03:28:28 -------- d-----w- c:\documents and settings\all users\application data\Trymedia
2007-01-21 03:26:19 -------- d-----w- C:\Downloads
2007-01-09 16:01:44 112528 ----a-w- c:\program files\common files\microsoft shared\dw\1029\DWINTL20.DLL
2007-01-03 02:59:50 109832 ----a-w- c:\program files\common files\microsoft shared\dw\1049\DWINTL20.DLL
2006-12-18 08:18:30 77824 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2006-12-09 04:11:00 109376 ----a-w- c:\program files\common files\microsoft shared\dw\1044\DWINTL20.DLL
2006-12-02 14:21:50 108872 ----a-w- c:\program files\common files\microsoft shared\dw\1030\DWINTL20.DLL
2006-12-02 14:18:26 108880 ----a-w- c:\program files\common files\microsoft shared\dw\1035\DWINTL20.DLL
2006-11-24 14:13:58 110928 ----a-w- c:\program files\common files\microsoft shared\dw\1045\DWINTL20.DLL
2006-11-24 14:13:00 110920 ----a-w- c:\program files\common files\microsoft shared\dw\1043\DWINTL20.DLL
2006-11-24 13:51:04 111440 ----a-w- c:\program files\common files\microsoft shared\dw\1040\DWINTL20.DLL
2006-11-24 13:50:30 108816 ----a-w- c:\program files\common files\microsoft shared\dw\1054\DWINTL20.DLL
2006-11-24 13:49:50 110416 ----a-w- c:\program files\common files\microsoft shared\dw\1046\DWINTL20.DLL
2006-11-24 13:48:20 109376 ----a-w- c:\program files\common files\microsoft shared\dw\1053\DWINTL20.DLL
2006-11-19 06:38:05 -------- d-----w- c:\program files\MSXML 4.0
2006-11-13 23:29:30 109840 ----a-w- c:\program files\common files\microsoft shared\dw\1081\DWINTL20.DLL
2006-11-12 03:28:42 -------- d-----w- c:\windows\network diagnostic
2006-11-02 12:22:54 492000 ------w- c:\windows\system32\drivers\wdf01000.sys
2006-11-02 12:22:52 32224 ------w- c:\windows\system32\drivers\wdfldr.sys
2006-10-27 20:09:58 33792 ----a-w- c:\program files\internet explorer\custsat.dll
2006-10-27 20:09:58 247808 ------w- c:\program files\internet explorer\ieproxy.dll
2006-10-27 20:09:58 236544 ----a-w- c:\windows\system32\dllcache\webcheck.dll
2006-10-27 20:09:58 156160 ----a-w- c:\windows\system32\dllcache\msls31.dll
2006-10-27 19:10:08 44304 ----a-w- c:\program files\common files\microsoft shared\office12\MSOXEV.DLL
2006-10-27 14:57:04 110936 ----a-w- c:\program files\common files\microsoft shared\dw\3082\DWINTL20.DLL
2006-10-27 12:46:36 112464 ----a-w- c:\program files\common files\microsoft shared\dw\1031\DWINTL20.DLL
2006-10-27 12:06:36 108824 ----a-w- c:\program files\common files\microsoft shared\dw\1037\DWINTL20.DLL
2006-10-27 12:04:04 108824 ----a-w- c:\program files\common files\microsoft shared\dw\1025\DWINTL20.DLL
2006-10-27 12:01:08 108816 ----a-w- c:\program files\common files\microsoft shared\dw\2052\DWINTL20.DLL
2006-10-27 10:59:44 111960 ----a-w- c:\program files\common files\microsoft shared\dw\1036\DWINTL20.DLL
2006-10-27 10:59:34 108816 ----a-w- c:\program files\common files\microsoft shared\dw\3076\DWINTL20.DLL
2006-10-27 10:55:12 108816 ----a-w- c:\program files\common files\microsoft shared\dw\1041\DWINTL20.DLL
2006-10-27 10:54:38 108816 ----a-w- c:\program files\common files\microsoft shared\dw\1028\DWINTL20.DLL
2006-10-27 10:52:08 108824 ----a-w- c:\program files\common files\microsoft shared\dw\1042\DWINTL20.DLL
2006-10-27 07:44:46 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2006-10-27 07:44:42 229376 ----a-w- c:\windows\system32\dllcache\ieaksie.dll
2006-10-27 07:44:36 125952 ----a-w- c:\windows\system32\dllcache\ieakeng.dll
2006-10-27 07:44:26 72704 ----a-w- c:\windows\system32\dllcache\admparse.dll
2006-10-27 07:44:26 71680 ----a-w- c:\windows\system32\dllcache\iesetup.dll
2006-10-27 07:44:08 55808 ----a-w- c:\windows\system32\dllcache\iernonce.dll
2006-10-27 07:44:06 128512 ----a-w- c:\windows\system32\dllcache\advpack.dll
2006-10-27 07:44:04 173568 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2006-10-27 07:43:38 10240 ----a-w- c:\windows\system32\advpack.dll.mui
2006-10-27 07:42:54 163840 ----a-w- c:\windows\system32\dllcache\ieakui.dll
2006-10-27 01:41:50 59152 ----a-w- c:\program files\common files\microsoft shared\office12\MSOXMLED.EXE
2006-10-27 00:13:46 826232 ----a-w- c:\program files\common files\microsoft shared\office12\ACEWDAT.DLL
2006-10-27 00:13:44 764800 ----a-w- c:\program files\common files\microsoft shared\office12\ACECNF.DLL
2006-10-27 00:13:24 56192 ----a-w- c:\program files\common files\microsoft shared\office12\ACECNFLT.EXE
2006-10-27 00:13:20 52024 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACEODBCI.DLL
2006-10-27 00:13:16 49536 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACECNFRC.DLL
2006-10-27 00:13:14 35640 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ACERECR.DLL
2006-10-27 00:12:48 153424 ----a-w- c:\program files\common files\microsoft shared\translat\MSB1CORE.DLL
2006-10-27 00:12:40 87352 ----a-w- c:\program files\common files\microsoft shared\msinfo\OINFOP12.EXE
2006-10-27 00:12:28 56656 ----a-w- c:\program files\common files\microsoft shared\translat\MSB1XTOR.DLL
2006-10-27 00:12:26 40256 ----a-w- c:\program files\common files\microsoft shared\web folders\MSOSV.DLL
2006-10-27 00:12:16 18744 ----a-w- c:\program files\common files\microsoft shared\msinfo\OINFOS12.DLL
2006-10-27 00:12:16 16192 ----a-w- c:\program files\mozilla firefox\plugins\NPOFF12.DLL
2006-10-27 00:12:06 11072 ----a-w- c:\program files\common files\microsoft shared\web folders\1033\MSOSVINT.DLL
2006-10-26 23:49:44 75552 ----a-w- c:\program files\common files\microsoft shared\web folders\1033\NSEXTINT.DLL
2006-10-26 23:49:44 163104 ----a-w- c:\program files\common files\system\ole db\MSDAPML.DLL
2006-10-26 23:49:36 30512 ----a-w- c:\program files\common files\microsoft shared\office12\1033\ODINTL.DLL
2006-10-26 23:47:10 20304 ----a-w- c:\program files\common files\microsoft shared\office12\MUOPTIN.DLL
2006-10-26 23:21:52 256312 ----a-w- c:\program files\common files\microsoft shared\smart tag\MOFL.DLL
2006-10-26 23:21:52 149816 ----a-w- c:\program files\common files\microsoft shared\smart tag\FPERSON.DLL
2006-10-26 23:21:50 131896 ----a-w- c:\program files\common files\microsoft shared\smart tag\FPLACE.DLL
2006-10-26 23:21:48 82232 ----a-w- c:\program files\common files\microsoft shared\smart tag\FBIBLIO.DLL
2006-10-26 23:21:48 73016 ----a-w- c:\program files\common files\microsoft shared\smart tag\FNAME.DLL
2006-10-26 23:21:48 115512 ----a-w- c:\program files\common files\microsoft shared\smart tag\FSTOCK.DLL
2006-10-26 23:21:44 72504 ----a-w- c:\program files\common files\microsoft shared\smart tag\FDATE.DLL
2006-10-26 23:21:44 19256 ----a-w- c:\program files\common files\microsoft shared\smart tag\1033\STINTL.DLL
2006-10-26 22:48:10 108872 ----a-w- c:\program files\common files\microsoft shared\dw\1033\DWINTL20.DLL
2006-10-26 18:10:06 33088 ----a-w- c:\windows\system32\FM20ENU.DLL
2006-10-26 18:06:22 93968 ----a-w- c:\program files\common files\microsoft shared\office12\MSOICONS.EXE
2006-10-26 18:03:08 145184 ----a-w- c:\program files\common files\microsoft shared\source engine\OSE.EXE
2006-10-26 17:58:12 14656 ----a-w- c:\program files\common files\microsoft shared\textconv\WPEQU532.DLL
2006-10-26 17:56:38 123720 ----a-w- c:\program files\common files\microsoft shared\office12\WISC30.DLL
2006-10-26 17:56:34 41288 ----a-w- c:\program files\common files\microsoft shared\office12\1033\MSSOAPR3.DLL
2006-10-26 17:45:04 48128 ----a-w- c:\program files\common files\microsoft shared\ink\TPCPS.DLL
2006-10-26 17:45:04 293376 ----a-w- c:\windows\system32\WISPTIS.EXE
2006-10-26 17:45:04 207360 ----a-w- c:\windows\system32\INKED.DLL
2006-10-26 17:45:04 1343488 ----a-w- c:\program files\common files\microsoft shared\ink\INKOBJ.DLL
2006-10-26 17:45:02 873216 ----a-w- c:\program files\common files\microsoft shared\help\hxds.dll
2006-10-26 17:45:02 272896 ----a-w- c:\program files\common files\microsoft shared\ink\INKDIV.DLL
2006-10-26 17:45:02 268552 ----a-w- c:\program files\common files\microsoft shared\help\msitss55.dll
2006-10-26 17:45:02 1659656 ----a-w- c:\program files\common files\microsoft shared\help\ITIRCL55.DLL
2006-10-26 17:45:00 4608 ----a-w- c:\program files\common files\microsoft shared\msenv\publicassemblies\extensibility.dll
2006-10-26 17:41:56 91912 ----a-w- c:\program files\common files\microsoft shared\office11\1033\msxml5r.dll
2006-10-23 20:47:06 25840 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2006-10-23 20:47:05 24816 ----a-w- c:\windows\system32\mdimon.dll
2006-10-19 00:05:26 204288 ------w- c:\program files\windows media player\wmpnscfg.exe
2006-10-19 00:05:24 913408 ------w- c:\program files\windows media player\wmpnetwk.exe
2006-10-19 00:04:40 493568 ------w- c:\program files\windows media player\wmdbexport.exe
2006-10-19 00:04:30 36864 ------w- c:\program files\windows media player\wmpshare.exe
2006-10-19 00:00:46 249856 ------w- c:\windows\system32\drmupgds.exe
2006-10-19 00:00:14 17408 ------w- c:\windows\system32\wpdshextautoplay.exe
2006-10-17 18:05:22 105984 ----a-w- c:\windows\system32\dllcache\url.dll
2006-10-17 18:05:10 43520 ------w- c:\windows\system32\dllcache\licmgr10.dll
2006-10-17 18:04:46 206848 ------w- c:\windows\system32\dllcache\occache.dll
2006-10-17 18:04:40 638816 ----a-w- c:\windows\system32\dllcache\iexplore.exe
2006-10-17 18:02:20 1241088 ----a-w- c:\windows\system32\ieframe.dll.mui
2006-10-17 17:57:58 34816 ----a-w- c:\windows\system32\dllcache\imgutil.dll
2006-10-17 17:56:10 45568 ----a-w- c:\windows\system32\dllcache\mshta.exe
2006-10-17 17:44:36 68608 ----a-w- c:\windows\system32\dllcache\hmmapi.dll
2006-10-17 17:28:56 48128 ----a-w- c:\windows\system32\dllcache\mshtmler.dll
2006-10-14 08:13:25 974848 ------w- c:\windows\system32\dllcache\mfc42u.dll
2006-10-05 15:17:18 633664 ----a-w- c:\program files\common files\microsoft shared\proof\MSTH3FR.DLL
2006-10-02 19:28:42 312128 ------w- c:\windows\system32\msdelta.dll
2006-09-29 00:13:26 95344 ------w- c:\windows\system32\WUDFCoinstaller.dll
2006-09-28 23:00:34 82944 ------w- c:\windows\system32\drivers\WudfRd.sys
2006-09-28 22:56:38 316416 ------w- c:\windows\system32\WUDFx.dll
2006-09-28 22:56:38 146432 ------w- c:\windows\system32\WudfHost.exe
2006-09-28 22:56:16 165376 ------w- c:\windows\system32\WudfPlatform.dll
2006-09-28 22:56:14 55808 ------w- c:\windows\system32\WudfSvc.dll
2006-09-28 22:55:50 77568 ------w- c:\windows\system32\drivers\WudfPf.sys
2006-09-24 17:11:00 389120 ----a-w- c:\windows\system32\lameACM.acm
2006-09-23 18:12:50 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll
2006-09-23 18:12:50 1497088 ------w- c:\windows\system32\dllcache\shdocvw.dll
2006-09-23 18:12:50 1022976 ------w- c:\windows\system32\dllcache\browseui.dll
2006-09-18 14:15:52 758784 ----a-w- c:\windows\system32\dllcache\vgx.dll
2006-09-13 08:27:46 101888 ----a-w- c:\program files\common files\microsoft shared\dw\2068\DWINTL20.DLL
2006-09-12 20:36:12 21256 ----a-w- c:\program files\common files\microsoft shared\help\1031\hxdsui.dll
2006-09-12 20:36:12 20744 ----a-w- c:\program files\common files\microsoft shared\help\3082\hxdsui.dll
2006-09-12 20:36:12 19720 ----a-w- c:\program files\common files\microsoft shared\help\1049\hxdsui.dll
2006-09-12 20:36:12 18696 ----a-w- c:\program files\common files\microsoft shared\help\1028\hxdsui.dll
2006-09-12 20:36:10 19720 ----a-w- c:\program files\common files\microsoft shared\help\1046\hxdsui.dll
2006-09-12 20:36:08 18696 ----a-w- c:\program files\common files\microsoft shared\help\1042\hxdsui.dll
2006-09-12 20:36:08 18696 ----a-w- c:\program files\common files\microsoft shared\help\1041\hxdsui.dll
2006-09-12 20:36:06 20744 ----a-w- c:\program files\common files\microsoft shared\help\1040\hxdsui.dll
2006-09-12 20:36:06 20744 ----a-w- c:\program files\common files\microsoft shared\help\1036\hxdsui.dll
2006-09-12 20:36:04 18696 ----a-w- c:\program files\common files\microsoft shared\help\2052\hxdsui.dll
2006-09-12 20:36:04 18696 ----a-w- c:\program files\common files\microsoft shared\help\1033\hxdsui.dll
2006-08-24 20:15:06 150808 ----a-w- c:\windows\system32\rgb9rast_2.dll
2006-08-22 09:05:26 498742 ------w- c:\windows\system32\dllcache\dxmasf.dll
2006-08-22 03:09:33 -------- d-sh--w- c:\windows\ftpcache
2006-08-21 18:08:18 551232 ----a-w- c:\program files\common files\microsoft shared\proof\MSSP3FR.DLL
2006-08-21 14:52:08 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2006-08-01 17:50:00 1100560 ----a-w- c:\program files\common files\microsoft shared\proof\3082\MSGR3ES.DLL
2006-08-01 17:49:52 408336 ----a-w- c:\program files\common files\microsoft shared\proof\MSHY3FR.DLL
2006-08-01 17:49:48 68440 ----a-w- c:\program files\common files\microsoft shared\proof\MSHYPH2.DLL
2006-07-28 13:10:08 6144 ----a-w- c:\windows\system32\mot_ci.dll
2006-07-26 20:27:18 576320 ----a-w- c:\program files\common files\microsoft shared\proof\MSLID.DLL
2006-07-25 17:20:22 6317328 ----a-w- c:\program files\common files\microsoft shared\proof\1036\MSGR3FR.DLL
2006-07-24 14:50:40 47920 ----a-w- c:\windows\system32\VBAME.DLL
2006-07-24 14:50:40 39728 ----a-w- c:\windows\system32\SCP32.DLL
2006-07-13 17:33:08 3152704 ----a-w- c:\program files\common files\microsoft shared\proof\1033\MSGR3EN.DLL
2006-06-29 13:05:44 26112 ----a-w- c:\windows\system32\idndl.dll
2006-06-29 13:05:44 23552 ----a-w- c:\windows\system32\normaliz.dll
2006-06-28 22:59:26 24576 ----a-w- c:\windows\system32\nlsdl.dll
2006-06-27 23:00:26 410928 ------w- c:\program files\windows media player\LegitLibM.dll
2006-05-31 15:03:26 -------- d-----w- c:\windows\system32\Spider-Man 3 Screensaver dir
2006-05-19 15:08:32 5964800 ------w- c:\windows\system32\dllcache\mshtml.dll
2006-05-18 03:05:48 1409 ----a-w- c:\windows\system32\tmp731F1.FOT
2006-05-18 03:05:48 1409 ----a-w- c:\windows\system32\tmp591F1.FOT
2006-05-18 03:05:48 1409 ----a-w- c:\windows\system32\tmp052F1.FOT
2006-05-10 05:23:03 916480 ------w- c:\windows\system32\dllcache\wininet.dll
2006-05-10 05:23:02 1211904 ------w- c:\windows\system32\dllcache\urlmon.dll
2006-05-10 05:23:01 66560 ------w- c:\windows\system32\dllcache\mshtmled.dll
2006-05-10 05:23:01 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2006-05-10 05:23:01 46592 ----a-w- c:\windows\system32\dllcache\pngfilt.dll
2006-05-10 05:23:01 193536 ----a-w- c:\windows\system32\dllcache\msrating.dll
2006-05-10 05:22:59 94720 ----a-w- c:\windows\system32\dllcache\inseng.dll
2006-05-10 05:22:59 348160 ----a-w- c:\windows\system32\dllcache\dxtmsft.dll
2006-05-10 05:22:59 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2006-05-10 05:22:59 216064 ----a-w- c:\windows\system32\dllcache\dxtrans.dll
2006-05-10 05:22:59 184320 ------w- c:\windows\system32\dllcache\iepeers.dll
2006-05-10 05:22:59 133120 ----a-w- c:\windows\system32\dllcache\extmgr.dll
2006-05-10 02:16:52 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Google
2006-05-09 22:14:42 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iuser.dll
2006-05-09 22:14:41 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iKernel.dll
2006-05-09 22:14:41 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\ctor.dll
2006-05-09 22:14:41 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\DotNetInstaller.exe
2006-05-09 22:14:41 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\setup.dll
2006-05-09 22:14:41 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iscript.dll
2006-05-09 22:14:41 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iGdi.dll
2006-05-09 11:00:37 69120 ----a-w- c:\windows\system32\dllcache\iedw.exe
2006-05-03 05:06:56 389120 ----a-w- c:\windows\system32\FLVSplitter.ax
2006-04-24 13:35:00 854152 ----a-w- c:\program files\common files\microsoft shared\proof\MSTH3ES.DLL
2006-04-24 12:58:00 919696 ----a-w- c:\program files\common files\microsoft shared\proof\MSHY3ES.DLL
2006-04-17 13:37:06 1089536 ----a-w- c:\windows\system32\IVIVIDEO.ax
2006-04-10 17:00:30 236928 ------w- c:\windows\system32\dllcache\WgaLogon.dll
2006-04-10 17:00:28 336768 ------w- c:\windows\system32\dllcache\WgaTray.exe
2006-03-17 00:38:01 28672 ------w- c:\windows\system32\verclsid.exe
2006-02-28 21:45:40 -------- d-----w- c:\program files\Power Tab Software
2006-02-15 21:22:12 102912 ----a-w- c:\program files\common files\microsoft shared\dw\2074\DWINTL20.DLL
2006-02-14 21:12:54 601600 ----a-w- c:\windows\system32\Ivinav.ax
2006-02-12 19:41:22 -------- d-----w- c:\windows\system32\wbem\repository\FS
2006-02-12 19:41:22 -------- d-----w- c:\windows\system32\wbem\Repository
2006-02-10 13:42:25 -------- d-----w- c:\program files\Guitar Pro 5(2)
2006-01-17 00:57:08 -------- d-----w- c:\program files\THQ
2006-01-12 23:23:26 364032 ----a-w- c:\windows\system32\CoreAVCDecoder.ax
2006-01-02 04:45:37 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2006-01-02 04:45:37 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2006-01-02 04:45:35 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2006-01-02 04:44:18 10144 ----a-w- c:\windows\system32\drivers\WmBEnum.sys
2006-01-02 04:44:17 5728 ----a-w- c:\windows\system32\drivers\WmVirHid.sys
2006-01-02 04:44:17 44288 ----a-w- c:\windows\system32\drivers\WmXlCore.sys
2006-01-02 04:44:17 21216 ----a-w- c:\windows\system32\drivers\WmFilter.sys
2006-01-02 04:44:17 -------- d-----w- c:\program files\common files\Logitech
2006-01-02 04:43:33 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2006-01-02 04:43:33 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2006-01-02 04:43:33 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2006-01-02 04:43:33 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2006-01-02 04:43:33 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2006-01-02 04:43:26 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2006-01-02 04:43:26 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2005-12-27 22:58:32 12288 ----a-w- c:\windows\system32\impborl.dll
2005-12-26 06:30:41 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Wildtangent
2005-12-26 06:30:35 -------- d-----w- c:\windows\wt
2005-12-26 06:29:50 -------- d-----w- c:\program files\WildTangent
2005-12-26 04:31:12 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\PowerDVD
2005-12-22 21:14:59 -------- d--h--w- c:\windows\PIF
2005-12-17 17:52:56 -------- d-----w- c:\program files\common files\AVSMedia
2005-11-25 20:46:32 421888 ----a-w- c:\windows\system32\RealMediaSplitter.ax
2005-11-25 20:39:40 368640 ----a-w- c:\windows\system32\OggSplitter.ax
2005-11-25 20:19:46 262144 ----a-w- c:\windows\system32\dtsac3source.ax
2005-11-20 02:26:18 29696 ----a-w- c:\windows\mickey32.dll
2005-11-20 02:26:18 232784 ----a-w- c:\windows\Matrix Code.scr
2005-11-20 02:26:18 2285222 ----a-w- c:\windows\Matrix Code.exe
2005-11-20 02:26:17 -------- d-----w- c:\program files\AOD
2005-11-20 02:25:26 -------- d-----w- c:\program files\Screensavers.com
2005-11-12 16:27:19 626688 ----a-w- c:\windows\RatchetDeadlocked.scr
2005-11-12 16:27:14 -------- d-----w- c:\windows\RatchetDeadlocked dir
2005-11-12 16:25:34 626688 ----a-w- c:\windows\RatchetDeadlocked2.scr
2005-11-12 16:24:54 12288 -c--a-w- c:\windows\impborl.dll
2005-11-12 16:24:54 -------- d-----w- c:\windows\RatchetDeadlocked2 dir
2005-11-06 18:51:10 -------- d-----w- c:\documents and settings\all users\Incomplete
2005-10-31 15:56:00 700416 -c--a-w- C:\StubInstaller.exe
2005-10-08 05:36:41 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Apple Computer
2005-10-06 21:19:10 -------- d-----w- c:\program files\AVSMedia
2005-09-05 16:41:51 5525504 ----a-w- c:\windows\system32\setb1.tmp
2005-08-27 18:30:19 -------- d-----w- c:\documents and settings\ramon somoano\Incomplete
2005-08-26 21:19:08 -------- d-----w- C:\My Downloads
2005-08-14 01:10:34 274288 ----a-w- c:\windows\system32\mucltui.dll
2005-08-14 00:43:15 90112 ------w- c:\windows\Updreg.EXE
2005-08-14 00:43:15 84992 ------w- c:\windows\system32\SFCVRT32.DLL
2005-08-14 00:43:15 53552 -c----w- c:\windows\CTCCW.DLL
2005-08-14 00:43:15 24976 -c----w- c:\windows\CTRES.DLL
2005-08-14 00:43:13 82432 ------w- c:\windows\system32\CTWFLT32.DLL
2005-08-14 00:43:13 26768 ------w- c:\windows\system32\CTL3D.DLL
2005-08-14 00:43:11 -------- d-----w- c:\windows\system32\Defaults
2005-08-14 00:42:03 20480 -c--a-w- c:\windows\INRES.DLL
2005-08-14 00:37:28 139264 ----a-w- c:\windows\system32\Video.skn
2005-08-13 04:58:02 149504 -c--a-w- c:\windows\UNWISE.EXE
2005-08-13 04:50:16 446464 ----a-r- c:\windows\system32\hhactivex.dll
2005-08-13 04:50:16 414944 ----a-w- c:\windows\system32\COMCT332.OCX
2005-08-13 04:50:16 328480 ----a-w- c:\windows\system32\ssa3d30.ocx
2005-08-13 04:50:16 176128 ----a-w- c:\windows\system32\RcdScan.dll
2005-08-13 04:50:14 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2005-08-13 04:50:02 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2005-08-12 08:04:04 175104 --sh--r- c:\windows\system32\CoreAAC.ax
2005-08-12 01:18:39 33792 ----a-w- c:\windows\system32\OLDE2.tmp
2005-08-11 00:56:12 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Dell
2005-08-09 00:57:46 -------- d-----w- c:\program files\mp3cd
2005-08-09 00:52:58 -------- d-----w- c:\program files\ImTOO
2005-08-09 00:37:39 34064 ----a-w- c:\windows\system32\lhacm.acm
2005-07-26 13:56:30 53248 ----a-w- c:\windows\system32\vp7dec_settings.cpl
2005-07-26 13:56:22 233472 ----a-w- c:\windows\system32\vp7dec.ax
2005-07-09 19:12:32 241664 ----a-w- c:\windows\system32\CoreVorbis.ax
2005-07-05 17:24:58 1160904 ----a-w- c:\program files\common files\microsoft shared\web server extensions\60\bin\FPSRVUTL.DLL
2005-07-02 05:05:26 -------- d-----w- c:\program files\NASCAR SimRacing Demo
2005-07-02 04:21:40 53248 -c--a-r- c:\windows\UpdtNv28.exe
2005-06-28 21:14:29 -------- d-----w- c:\windows\system32\PreInstall
2005-06-26 15:06:24 -------- d-----w- c:\windows\system32\SoftwareDistribution
2005-06-06 19:57:28 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Musicmatch
2005-05-29 01:45:43 647168 ----a-w- c:\windows\system32\pqdvdb.dll
2005-05-26 08:19:32 215920 ----a-w- c:\windows\system32\muweb.dll
2005-05-04 05:06:32 2120448 ----a-w- c:\program files\common files\system\ole db\MSOLAP80.DLL
2005-05-04 05:06:32 1411816 ----a-w- c:\program files\common files\system\ole db\MSDMINE.DLL
2005-05-04 05:06:30 1071856 ----a-w- c:\program files\common files\system\ole db\MSMDGD80.DLL
2005-05-04 05:06:28 465640 ----a-w- c:\program files\common files\system\ole db\MSDMENG.DLL
2005-05-04 05:06:26 240360 ----a-w- c:\program files\common files\system\ole db\MSMDCB80.DLL
2005-05-04 05:06:26 228152 ----a-w- c:\program files\common files\system\ole db\MSOLUI80.DLL
2005-05-04 05:06:26 199408 ----a-w- c:\program files\common files\system\ole db\MSMDUN80.DLL
2005-04-29 14:01:02 -------- d-----w- c:\program files\Yahoo!
2005-04-19 17:01:02 -------- d-----w- c:\program files\Disney Interactive
2005-04-04 04:50:00 548963 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\_ISRES1033.dll
2005-04-04 04:41:46 778240 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IDriver2.exe
2005-04-04 04:41:46 778240 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IDriver.exe
2005-04-04 04:41:10 69632 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IDriverT.exe
2005-04-04 03:04:10 421888 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\ISRT.dll
2005-04-04 03:02:12 200704 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\iGdiCnv.dll
2005-04-04 03:01:48 274432 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IScrCnv.dll
2005-04-04 03:01:08 184320 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\IUserCnv.dll
2005-04-04 02:57:24 32768 ----a-w- c:\program files\common files\installshield\driver\11\intel 32\objpscnv.dll
2005-03-25 21:49:06 800960 ----a-w- c:\program files\common files\microsoft shared\web server extensions\60\bin\FPWEC.DLL
2005-03-21 03:59:32 -------- d-----w- c:\program files\common files\EasyInfo
2005-03-13 04:39:17 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Creative
2005-03-02 12:36:14 90112 -c--a-w- c:\windows\unvise32.exe
2005-03-01 21:32:23 -------- d-----w- C:\Temp
2005-02-28 01:48:12 356352 ----a-w- c:\windows\system32\rmsupport.ax
2005-02-16 03:16:08 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Adobe
2005-02-11 02:04:02 44032 ----a-w- c:\program files\common files\microsoft shared\sfpca cache\msxml3r.dll
2005-02-03 22:17:27 -------- d-----w- c:\program files\Java(2)
2005-02-03 22:14:01 -------- d-----w- c:\program files\common files\Java(2)
2005-01-28 19:37:58 23304 ----a-w- c:\windows\system32\GWFSPidGen.DLL
2005-01-25 13:33:00 1049088 ----a-w- c:\program files\common files\microsoft shared\sfpca cache\msxml3.dll
2005-01-08 05:10:13 -------- d-----w- c:\program files\MsnMusic
2005-01-08 05:05:21 47616 ----a-w- c:\program files\windows media player\msoobci.dll
2005-01-08 05:05:20 1669120 ----a-w- c:\program files\windows media player\wmsetsdk.exe
2005-01-08 05:05:17 5550080 ----a-w- c:\windows\system32\setb0.tmp
2005-01-07 04:35:42 163840 ----a-w- c:\windows\system32\PhotoImpression Screen Saver.scr
2005-01-07 04:23:40 38160 ----a-w- c:\windows\system32\LMRTREND.dll
2005-01-07 04:23:40 140800 ----a-w- c:\windows\system32\tm20dec.ax
2005-01-07 04:23:39 182032 ----a-w- c:\windows\system32\dxtmsft3.dll
2005-01-07 04:23:36 63488 ----a-w- c:\windows\system32\unam4ie.exe
2005-01-07 04:23:34 5672 ----a-w- c:\windows\system32\quartz.vxd
2005-01-07 04:23:34 194320 ----a-w- c:\windows\system32\qcut.dll
2005-01-07 04:23:34 11776 ----a-w- c:\windows\system32\mciqtz.drv
2005-01-07 04:23:34 10240 ----a-w- c:\windows\system32\vidx16.dll
2005-01-07 04:23:32 4608 ----a-w- c:\windows\system32\w95inf32.dll
2005-01-07 04:23:32 2272 ----a-w- c:\windows\system32\w95inf16.dll
2005-01-07 04:21:44 212480 -c--a-w- c:\windows\pcdlib32.dll
2005-01-07 03:41:45 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2005-01-07 03:41:37 30921 ----a-w- c:\windows\system32\drivers\SQCaptur.sys
2005-01-07 03:41:37 25449 ----a-w- c:\windows\system32\drivers\SQCamD.sys
2004-12-25 16:43:39 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2004-12-25 16:43:39 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2004-12-25 16:43:39 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2004-12-25 16:43:39 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2004-12-25 16:43:39 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2004-12-25 16:43:39 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2004-12-25 16:43:33 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2004-12-25 16:43:33 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2004-12-25 16:27:56 -------- d-----w- c:\program files\MUSICMATCH
2004-12-25 16:27:08 34297 ------w- c:\windows\system32\drivers\StMp3Rec.sys
2004-12-12 13:41:29 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2004-12-12 13:41:29 8704 ----a-w- c:\windows\system32\dllcache\kbdjpn.dll
2004-12-12 13:41:29 8192 ----a-w- c:\windows\system32\kbdkor.dll
2004-12-12 13:41:29 8192 ----a-w- c:\windows\system32\dllcache\kbdkor.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\kbd106.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\kbd101c.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\kbd101b.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\dllcache\kbd101c.dll
2004-12-12 13:41:29 6144 ----a-w- c:\windows\system32\dllcache\kbd101b.dll
2004-12-12 13:41:29 5632 ----a-w- c:\windows\system32\kbd103.dll
2004-12-12 13:41:29 5632 ----a-w- c:\windows\system32\dllcache\kbd103.dll
2004-12-10 09:06:48 327680 ----a-w- c:\windows\system32\vp6dec.ax
2004-12-10 09:03:02 438272 ----a-w- c:\windows\system32\vp6vfw.dll
2004-12-08 23:35:53 10135688 ----a-w- c:\program files\windows media player\installer\mpsetupxp[1].exe
2004-10-17 03:42:03 -------- d-----w- c:\program files\EA SPORTS
2004-10-17 03:33:24 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2004-10-16 04:51:58 60 ----a-w- c:\windows\system32\E_S3E.tmp
2004-10-16 04:09:50 -------- d-----w- c:\program files\common files\EPSON
2004-10-14 04:15:52 -------- d--h--w- c:\windows\$hf_mig$
2004-10-14 00:20:49 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2004-10-14 00:20:47 -------- d-----w- c:\program files\Spybot - Search & Destroy
2004-10-04 17:55:34 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Powercinema
2004-10-04 03:34:06 45056 -c--a-w- c:\windows\NCUNINST.EXE
2004-10-04 02:49:33 -------- d-----w- c:\program files\common files\SWF Studio
2004-10-02 04:16:22 -------- d-sh--w- c:\documents and settings\ramon somoano\UserData
2004-10-02 00:05:06 720896 ----a-w- c:\windows\iun6002.exe
2004-10-02 00:05:02 -------- d-----w- c:\program files\YVD
2004-10-01 20:29:09 -------- d-----w- c:\documents and settings\all users\SonicStage
2004-10-01 20:24:17 90112 -c----w- c:\windows\snymsico.dll
2004-10-01 20:24:17 38951 ------w- c:\windows\system32\drivers\NETMDUSB.sys
2004-10-01 20:24:17 36232 ------w- c:\windows\system32\drivers\NETMD033.sys
2004-10-01 20:24:17 35319 ------w- c:\windows\system32\drivers\NETMD031.sys
2004-10-01 20:24:04 757760 ----a-w- c:\windows\system32\CDDBUI.dll
2004-10-01 20:24:04 630784 ----a-w- c:\windows\system32\CDDBControl.dll
2004-10-01 20:23:32 -------- d-----w- c:\documents and settings\all users\application data\Sony Corporation
2004-10-01 20:22:14 -------- d-----w- c:\program files\Sony
2004-10-01 20:21:45 -------- d-----w- c:\program files\common files\Sony Shared
2004-10-01 12:47:13 -------- d-----w- c:\documents and settings\ramon somoano\Shared
2004-10-01 12:46:57 -------- d-----w- c:\documents and settings\ramon somoano\.limewire
2004-10-01 12:46:51 -------- d-----w- c:\program files\LimeWire
2004-10-01 12:46:19 -------- d-----w- c:\windows\Downloaded Installations
2004-10-01 07:38:57 4096 ----a-w- c:\documents and settings\all users\application data\microsoft\usmt\iconlib.dll
2004-10-01 06:39:39 -------- d-----w- c:\program files\Support.com
2004-10-01 05:03:28 -------- d-----w- c:\program files\Adaptec
2004-10-01 05:03:27 57344 ----a-w- c:\windows\uneng.exe
2004-10-01 05:03:22 -------- d-----w- c:\program files\common files\Adaptec Shared
2004-10-01 04:09:00 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2004-10-01 04:04:36 221184 ----a-w- c:\windows\system32\wmpns.dll
2004-10-01 04:03:23 -------- d-----w- c:\windows\peernet
2004-10-01 04:03:22 -------- d-----w- c:\windows\provisioning
2004-10-01 04:00:44 -------- d-----w- c:\windows\ServicePackFiles
2004-10-01 03:56:54 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2004-10-01 03:54:18 -------- d-----w- c:\windows\EHome
2004-10-01 03:16:16 -------- d-----w- c:\windows\system32\bits
2004-10-01 03:13:46 8192 ------w- c:\windows\system32\bitsprx2.dll
2004-10-01 03:13:46 7168 ------w- c:\windows\system32\bitsprx3.dll
2004-10-01 03:13:46 438784 ----a-w- c:\windows\system32\xpob2res.dll
2004-10-01 03:13:46 354816 ----a-w- c:\windows\system32\winhttp.dll
2004-10-01 03:13:46 18944 ----a-w- c:\windows\system32\qmgrprxy.dll
2004-10-01 03:08:33 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Identities
2004-10-01 02:50:04 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\BVRP Software
2004-10-01 02:40:07 -------- d-----w- c:\documents and settings\ramon somoano\local settings\application data\Help
2004-10-01 02:31:06 6332 ----a-r- c:\windows\system32\DevMngr.vxd
2004-10-01 01:52:02 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2004-09-22 23:45:44 232448 ----a-w- c:\windows\system32\l3codecp.acm
2004-09-22 23:45:36 276992 ----a-w- c:\windows\system32\audiodev.dll
2004-09-16 06:19:15 -------- d-----w- c:\program files\common files\Borland Shared
2004-09-16 06:18:57 -------- d-----w- c:\windows\ShellNew
2004-09-16 06:18:46 -------- d-----w- c:\program files\WordPerfect Office 12
2004-09-16 06:18:46 -------- d-----w- c:\program files\common files\Corel
2004-09-16 06:18:34 -------- d-----w- c:\program files\Your Company Name
2004-09-16 06:16:40 -------- d-----w- c:\program files\common files\Symantec Shared
2004-09-16 06:16:28 -------- d-----w- c:\documents and settings\all users\application data\Symantec
2004-09-16 06:15:55 -------- d-----w- c:\program files\Jasc Software Inc
2004-09-16 06:15:55 -------- d-----w- c:\program files\Dell Computer
2004-09-16 06:13:50 -------- d-----w- c:\program files\Microsoft Money
2004-09-16 06:13:27 -------- d-----w- c:\program files\Microsoft Encarta
2004-09-16 06:13:07 -------- d-----w- c:\program files\AOL Companion
2004-09-16 06:13:06 -------- d-----w- c:\windows\occache
2004-09-16 06:13:06 -------- d-----w- c:\program files\Learn2.com
2004-09-16 06:13:05 -------- d-----w- c:\documents and settings\all users\application data\Viewpoint
2004-09-16 06:13:04 -------- d-----w- c:\program files\Viewpoint
2004-09-16 06:13:03 1331200 ----a-w- c:\windows\system32\shdocvw.bak
2004-09-16 06:11:33 -------- d-----w- c:\program files\Sonic
2004-09-16 06:09:18 46080 ----a-w- c:\windows\system32\CTSVCCDA.EXE
2004-09-16 06:07:57 118784 ----a-w- c:\windows\system32\IntelMPM.dll
2004-09-16 06:07:51 -------- d-----w- c:\program files\Modem Helper
2004-09-16 06:07:37 77824 ------w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2004-09-16 06:07:36 53248 ----a-w- c:\windows\system32\DellSys.dll
2004-09-16 06:07:33 17217 ----a-w- c:\windows\system32\drivers\omci.sys
2004-09-16 06:06:33 -------- d-----w- c:\windows\DellPCH
2004-09-16 06:06:02 -------- d-----w- c:\documents and settings\all users\application data\SBSI
2004-09-16 06:05:11 306688 ----a-w- c:\windows\IsUninst.exe
2004-09-16 06:04:29 -------- d-----w- c:\windows\system32\URTTemp
2004-09-16 06:04:16 -------- d-----w- c:\program files\Dell
2004-09-16 06:04:15 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2004-09-16 06:04:15 53248 ------w- c:\program files\common files\installshield\engine\6\intel 32\msihook.dll
2004-09-16 06:04:15 32768 -c----w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2004-09-16 06:04:15 225280 ------w- c:\program files\common files\installshield\iscript\iscript.dll
2004-09-16 06:04:15 176128 ------w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2004-09-16 06:04:15 126976 ------w- c:\program files\common files\installshield\engine\6\intel 32\knlwrap.exe
2004-09-16 06:04:14 114688 ------w- c:\program files\common files\installshield\engine\6\intel 32\scpthdlr.dll
2004-09-16 06:03:19 52736 ----a-w- c:\windows\system32\wzcsapi.dll
2004-09-16 06:03:19 483840 ----a-w- c:\windows\system32\wzcsvc.dll
2004-09-16 06:03:19 383488 ----a-w- c:\windows\system32\wzcdlg.dll
2004-09-16 06:03:19 1703936 ----a-w- c:\windows\system32\netshell.dll
.
==================== Find3M ====================
.
2011-07-15 00:23:43 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ------w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ------w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 13:18:03 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-16 13:22:48 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 13:25:52 229888 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 17:32:15 551936 ----a-w- c:\windows\system32\oleaut32.dll
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38:47 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:05 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-02 15:17:02 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-16 12:05:55 1288192 ----a-w- c:\windows\system32\ole32.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-18 17:45:17 293376 ----a-w- c:\windows\system32\winsrv.dll
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-15 16:17:24 143422 ----a-w- c:\windows\system32\l3codecx.ax
2010-06-14 14:31:20 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-04-16 15:36:56 406016 ----a-w- c:\windows\system32\usp10.dll
2010-03-30 16:24:40 317440 ------w- c:\windows\system32\mp4sdecd.dll
2010-03-30 04:52:26 262416 ----a-w- c:\windows\system32\mpg4ds32.ax
2010-03-05 14:37:40 65536 ----a-w- c:\windows\system32\asycfilt.dll
2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02:15 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 18:27:45 1291776 ----a-w- c:\windows\system32\quartz.dll
2010-01-29 14:43:39 307260 ----a-w- c:\windows\system32\l3codeca.acm
2010-01-13 14:01:25 86016 ----a-w- c:\windows\system32\cabview.dll
2009-12-24 06:59:40 177664 ----a-w- c:\windows\system32\wintrust.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-02 13:19:06 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-11-27 17:11:44 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07:35 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07:35 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07:34 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07:34 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:07:34 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 15:51:04 471552 ----a-w- c:\windows\apppatch\aclayers.dll
2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20:16 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-15 16:28:26 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-01 14:46:07 282654 ----a-w- c:\windows\system32\msaud32.acm
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-06 23:24:10 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 15:05:44 1372672 ------w- c:\windows\system32\msxml6.dll
2009-07-17 19:01:06 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22:18 1435648 ----a-w- c:\windows\system32\query.dll
2009-07-14 03:43:24 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-25 08:25:26 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25:26 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-24 11:18:41 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-12 12:31:39 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 06:14:49 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-05-07 15:32:35 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-20 17:17:26 45568 ----a-w- c:\windows\system32\dnsrslvr.dll
2009-04-02 03:02:22 604160 ----a-w- c:\windows\system32\wmspdmod.dll
2009-03-08 08:33:40 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 08:32:56 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 08:32:50 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 08:31:38 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 08:31:18 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 08:31:02 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 08:31:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-03-08 08:30:56 66560 ----a-w- c:\windows\system32\tdc.ocx
2009-03-08 08:22:38 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:22:18 284160 ----a-w- c:\windows\system32\pdh.dll
2009-02-27 04:56:38 177152 ----a-w- c:\windows\system32\msctfime.ime
.
============= FINISH: 14:51:18.06 ===============

GMER crashes. And leaves behind an unusable icon which "access is denied". I now have several of these on the desktop.

I highly doubt my friend has the install disks, but I will find out today at work when I see him.

Thanks.
Attached File  attach log 2.txt   20.78KB   0 downloads

Edited by g0dsweed, 17 August 2011 - 09:24 AM.


#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:57 PM

Posted 17 August 2011 - 07:18 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

----------------------------------------------

As good as malware is it can't stop everything you run. Can you try this small program and report back

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#5 g0dsweed

g0dsweed
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 17 August 2011 - 08:13 PM

Same result as GMER: crashes and icon is now "Cannot access specified device, path or file. Etc. Etc."

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:57 PM

Posted 18 August 2011 - 04:17 PM

Please download Unhide

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Posted Image
m0le is a proud member of UNITE

#7 g0dsweed

g0dsweed
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 18 August 2011 - 06:11 PM

Running Unhide.

By the way, the link you used was dead, I removed the /beta.

Edited by g0dsweed, 18 August 2011 - 06:13 PM.


#8 g0dsweed

g0dsweed
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 18 August 2011 - 06:28 PM

Unhide finished. Have not run anything else yet.

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:57 PM

Posted 18 August 2011 - 07:17 PM

Please attempt to run Combofix (if it fails try it again in safe mode)

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications including Firewalls, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Posted Image
m0le is a proud member of UNITE

#10 g0dsweed

g0dsweed
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 18 August 2011 - 07:40 PM

Wow. Same result. Crash and now icon is access denied.

Sorry too fast, now trying safe mode... Sorry about that.

Edited by g0dsweed, 18 August 2011 - 07:41 PM.


#11 g0dsweed

g0dsweed
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 18 August 2011 - 08:31 PM

Safe Mode would not allow me to download Recovery Console

ComboFix 11-08-13.02 - ramon somoano 08/18/2011 1:42.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.261 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComFix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\SPL1.tmp
c:\documents and settings\All Users\SPL13.tmp
c:\documents and settings\All Users\SPL2.tmp
c:\documents and settings\All Users\SPL3.tmp
c:\documents and settings\All Users\SPL332.tmp
c:\documents and settings\All Users\SPL4.tmp
c:\documents and settings\All Users\SPL5.tmp
c:\documents and settings\All Users\SPL6.tmp
c:\documents and settings\All Users\SPL63.tmp
c:\documents and settings\All Users\SPL7.tmp
c:\documents and settings\All Users\SPL7F9.tmp
c:\documents and settings\All Users\SPL8.tmp
c:\documents and settings\All Users\SPL84.tmp
c:\documents and settings\All Users\SPL9.tmp
c:\documents and settings\All Users\SPL94.tmp
c:\documents and settings\All Users\SPL9D.tmp
c:\documents and settings\All Users\SPL9E.tmp
c:\documents and settings\All Users\SPLA.tmp
c:\documents and settings\All Users\SPLB.tmp
c:\documents and settings\All Users\SPLC.tmp
c:\documents and settings\All Users\SPLC8.tmp
c:\documents and settings\All Users\SPLD.tmp
c:\documents and settings\All Users\SPLE.tmp
c:\documents and settings\ramon somoano\WINDOWS
c:\program files\AutocompletePro
c:\program files\AutocompletePro\AutocompletePro.dll
c:\program files\AutocompletePro\chrome\autocompleteprochrome.crx
c:\program files\AutocompletePro\FireFoxExtension.exe
c:\program files\AutocompletePro\InstTracker.exe
c:\program files\AutocompletePro\support@predictad.com\chrome.manifest
c:\program files\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\program files\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\program files\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\program files\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\program files\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\program files\AutocompletePro\support@predictad.com\install.rdf
c:\program files\AutocompletePro\unins000.dat
c:\program files\AutocompletePro\unins000.exe
c:\program files\CouponAlert_2pEI
c:\program files\messenger\msmsgsin.exe
c:\program files\screensavers.com
c:\program files\screensavers.com\Installer\bin\iebyterange.xml
c:\program files\screensavers.com\Installer\bin\iebyterange.xml.backup
c:\program files\Video Add-on
c:\windows\$NtUninstallKB17916$\1893431527
c:\windows\$NtUninstallKB17916$\2529569989\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
c:\windows\$NtUninstallKB17916$\2529569989\click.tlb
c:\windows\$NtUninstallKB17916$\2529569989\L\asobptkf
c:\windows\$NtUninstallKB17916$\2529569989\loader.tlb
c:\windows\$NtUninstallKB17916$\2529569989\U\@00000001
c:\windows\$NtUninstallKB17916$\2529569989\U\@000000c0
c:\windows\$NtUninstallKB17916$\2529569989\U\@000000cb
c:\windows\$NtUninstallKB17916$\2529569989\U\@000000cf
c:\windows\$NtUninstallKB17916$\2529569989\U\@80000000
c:\windows\$NtUninstallKB17916$\2529569989\U\@800000c0
c:\windows\$NtUninstallKB17916$\2529569989\U\@800000cb
c:\windows\$NtUninstallKB17916$\2529569989\U\@800000cf
c:\windows\box.exe
c:\windows\iun6002.exe
c:\windows\k.txt
c:\windows\system32\c.ico
c:\windows\system32\c_41001.nls
c:\windows\system32\certstore.dat
c:\windows\system32\m.ico
c:\windows\system32\p.ico
c:\windows\system32\s.ico
c:\windows\$NtUninstallKB17916$ . . . . Failed to delete
.
Infected copy of c:\windows\system32\drivers\mrxsmb.sys was found and disinfected
Restored copy from - The cat found it :)
.
((((((((((((((((((((((((( Files Created from 2011-07-18 to 2011-08-18 )))))))))))))))))))))))))))))))
.
.
2011-08-18 05:30 . 2011-04-29 16:47 457856 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-08-06 23:54 . 2011-08-06 23:54 -------- dc----w- C:\946c50e7d51d913ea1b3b6fbb2
2011-07-29 18:14 . 2011-07-29 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2011-07-28 05:28 . 2011-07-28 05:28 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\ESET
2011-07-26 14:50 . 2011-07-26 14:50 -------- d-----w- c:\documents and settings\lily somoano\.thumbnails
2011-07-26 14:49 . 2011-07-31 01:26 -------- d-----w- c:\documents and settings\lily somoano\.gimp-2.6
2011-07-25 23:10 . 2011-07-25 23:10 218624 ----a-w- c:\windows\system32\termlw32.dll
2011-07-25 23:10 . 2011-07-25 23:10 35840 ----a-w- c:\windows\system32\ter1mw32.dll
2011-07-25 09:21 . 2011-07-25 09:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-07-25 09:10 . 2011-07-25 09:10 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2011-07-25 08:40 . 2011-07-25 08:40 0 ----a-w- c:\documents and settings\All Users\Application Data\tnyp.exe
2011-07-25 08:40 . 2011-07-25 08:40 0 ----a-w- c:\documents and settings\All Users\Application Data\fbhq.exe
2011-07-25 08:40 . 2011-07-25 08:40 0 ----a-w- c:\documents and settings\All Users\Application Data\ncfo.exe
2011-07-25 08:40 . 2011-07-25 08:40 0 ----a-w- c:\documents and settings\All Users\Application Data\hnjg.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 00:23 . 2003-08-05 17:55 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-09 17:44 . 2011-05-29 01:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-15 14:34 . 2011-05-15 19:55 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-06-16 04:17 . 2004-08-26 05:16 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-04-01 02:47 . 2008-11-25 20:41 324976 -c--a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{180E37B8-072D-48E4-800D-F353EE800672}]
2011-07-04 04:36 1550336 ----a-w- c:\program files\myYearbook Toolbar\Toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4728c29f-7ff4-4fa1-9d34-199451b03bd3}]
2009-11-07 05:07 297808 ----a-w- c:\windows\SYSTEM32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B05CABA4-89F3-410B-8471-6BC0EDC8C91F}"= "c:\program files\myYearbook Toolbar\Toolbar.dll" [2011-07-04 1550336]
.
[HKEY_CLASSES_ROOT\clsid\{b05caba4-89f3-410b-8471-6bc0edc8c91f}]
[HKEY_CLASSES_ROOT\FCTB000059563.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{6049A1AE-71DE-4EF3-99D5-693BF60B4E1D}]
[HKEY_CLASSES_ROOT\FCTB000059563.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B05CABA4-89F3-410B-8471-6BC0EDC8C91F}"= "c:\program files\myYearbook Toolbar\Toolbar.dll" [2011-07-04 1550336]
.
[HKEY_CLASSES_ROOT\clsid\{b05caba4-89f3-410b-8471-6bc0edc8c91f}]
[HKEY_CLASSES_ROOT\FCTB000059563.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{6049A1AE-71DE-4EF3-99D5-693BF60B4E1D}]
[HKEY_CLASSES_ROOT\FCTB000059563.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-10 4600704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-03-15 122933]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2005-10-18 1921024]
"CTSysVol"="c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 49152]
"CTDVDDet"="c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 45056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-11-03 4800512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-07-15 273544]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-4-3 813584]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 16:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ter1mw32]
2011-07-25 23:10 35840 ----a-w- c:\windows\SYSTEM32\ter1mw32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsvces]
2011-07-25 23:10 35840 ----a-w- c:\windows\SYSTEM32\ter1mw32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SB Audigy 2 Startup Menu]
/L:ENG [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 15:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 14:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2008-03-27 15:13 320168 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallIQUpdater]
2011-05-10 20:03 1205760 ----a-w- c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdnamon]
2008-03-27 15:13 16040 ----a-w- c:\program files\Lexmark 2600 Series\lxdnamon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdnmon.exe]
2008-03-27 15:13 660136 ----a-w- c:\program files\Lexmark 2600 Series\lxdnmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
2003-06-18 17:00 200704 ----a-w- c:\program files\Microsoft Money\System\mnyexpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 20:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\SYSTEM32\\USMT\\migwiz.exe"=
"c:\\Program Files\\Dell Computer\\Dell Picture Studio v2.0\\launch.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\YVD\\YVD Relay Server.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\SYSTEM32\\lxdncoms.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnmon.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\lxdnpswx.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\lxdntime.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnlscn.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\lxdnjswx.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\Diagnostics\\LXDNdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\lxdnwbgw.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 Lbd;Lbd;c:\windows\SYSTEM32\DRIVERS\Lbd.sys [8/26/2004 6:01 AM 64288]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/8/2011 4:41 PM 121216]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6/28/2011 4:15 PM 130560]
R2 LBeepKE;LBeepKE;c:\windows\SYSTEM32\DRIVERS\LBeepKE.sys [4/3/2011 4:14 AM 10384]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxdnserv.exe [7/25/2009 10:03 PM 94208]
R2 TermServices;Remote Desktop Service;c:\windows\System32\svchost.exe -k termsvc [8/29/2002 6:00 AM 14336]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/10/2007 11:09 PM 24652]
S0 72241172;72241172;c:\windows\system32\drivers\75181833.sys --> c:\windows\system32\drivers\75181833.sys [?]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys --> c:\windows\system32\DRIVERS\ehdrv.sys [?]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys --> c:\windows\system32\DRIVERS\epfwtdir.sys [?]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/2/2009 9:19 AM 1181328]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6/28/2011 4:15 PM 130560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
termsvc REG_MULTI_SZ TermServices
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-28 20:15]
.
2011-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-28 20:15]
.
2011-08-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-203738149-2672565153-116142669-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-08-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-203738149-2672565153-116142669-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2004-09-05 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-203738149-2672565153-116142669-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-08-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-203738149-2672565153-116142669-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-08-18 c:\windows\Tasks\User_Feed_Synchronization-{D4646577-4383-443A-946C-DA47006B9942}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB
FF - ProfilePath - c:\documents and settings\ramon somoano\Application Data\Mozilla\Firefox\Profiles\ddbon1ht.default\
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=fmtm
FF - prefs.js: keyword.URL - hxxp://search.alot.com/web?&src_id=12286&client_id=58846838bae80c3fbc1e8858&camp_id=2585&install_time=2004-08-26T06:49Z&tb_version=2.4.11000%28F%29&pr=auto&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
Toolbar-{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{043C5167-00BB-4324-AF7E-62013FAEDACF} - (no file)
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
SafeBoot-72241172.sys
MSConfigStartUp-4116369914 - c:\documents and settings\ramon somoano\Local Settings\Application Data\pac.exe
MSConfigStartUp-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-PCMService - c:\program files\Dell\Media Experience\PCMService.exe
MSConfigStartUp-Spyware Doctor - c:\program files\Spyware Doctor\swdoctor.exe
AddRemove-AutocompletePro3_is1 - c:\program files\AutocompletePro\unins000.exe
AddRemove-Film Factory - c:\program files\EPSON Software\Film Factory\Uninst.isu
AddRemove-Free Audio Editor - F:\UNWISE.EXE
AddRemove-PSPVideoExpress - c:\program files\PQDVD\PSPVideoExpress\bt-uninst.exe
AddRemove-ScreensaversInstaller - c:\program files\Screensavers.com\Installer\bin\siuninst.exe
AddRemove-YVD8.4 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-18 01:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\3308045974:1765397306.exe 816 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\96c62cc5]
"ImagePath"="\systemroot\3308045974:1765397306.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-203738149-2672565153-116142669-1007\Software\SecuROM\License information*]
"datasecu"=hex:9b,5d,56,b4,c5,79,94,90,a6,49,fb,e3,a6,fe,aa,d7,0b,fb,9a,5f,ab,
14,f2,3f,c3,ef,c2,b0,12,04,72,aa,a7,99,ce,19,d3,5e,7d,2f,e3,0d,4a,dc,e8,08,\
"rkeysecu"=hex:f6,5d,a5,c3,32,7e,03,a7,d6,e6,0b,14,42,ca,29,96
.
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{B91B4988-2671-4C7A-9B84-5FE9E38EDDE0}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.2.42.0"
"UniqueId"="0009351D4DE3F4FF"
"ScannerBuild"=dword:0000244b
"ScannerVersionId"=dword:000017fb
"ScannerVersion"="Locked/open ESET for status."
"FixId"=dword:00000007
"ei2"=hex(B):10,17,d5,a3,70,73,a3,1c
"ei1"=hex(B):00,11,11,62,df,f6,00,00
"ei3"=hex(B):7d,45,1e,4e,00,00,00,00
"ei4"=dword:00000002
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(588)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\ter1mw32.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
- - - - - - - > 'explorer.exe'(2436)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\COMMON~1\AOL\ACS\acsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxdncoms.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\wanmpsvc.exe
c:\windows\System32\MsPMSPSv.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2011-08-18 02:08:02 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-18 06:07
.
Pre-Run: 7,434,403,840 bytes free
Post-Run: 10,948,059,136 bytes free
.
- - End Of File - - 0F8985D531F927582FB55A17738E90EA

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:57 PM

Posted 19 August 2011 - 05:27 PM

Now boot to normal mode and attempt to run Combofix again.
Posted Image
m0le is a proud member of UNITE

#13 g0dsweed

g0dsweed
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 19 August 2011 - 07:59 PM

ComboFix ran fine. Also installed Recovery console.

#14 g0dsweed

g0dsweed
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 19 August 2011 - 08:01 PM

Here is the new log in case you wanted it.


ComboFix 11-08-19.02 - ramon somoano 08/19/2011 1:08.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.219 [GMT -4:00]
Running from: c:\documents and settings\ramon somoano\Desktop\CombFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\ramon somoano\Application Data\facemoods.com
c:\documents and settings\ramon somoano\Application Data\facemoods.com\facemoods\us\20101003\kywrds.tat
c:\documents and settings\ramon somoano\Application Data\facemoods.com\facemoods\us\20101003\kywrds.ttr
c:\documents and settings\ramon somoano\Application Data\PriceGong
c:\documents and settings\ramon somoano\Local Settings\Application Data\cwvt.exe
c:\documents and settings\ramon somoano\Local Settings\Application Data\food.exe
c:\documents and settings\ramon somoano\Local Settings\Application Data\tvyc.exe
c:\documents and settings\ramon somoano\Local Settings\Application Data\xnxg.exe
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\temp.dmf
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap103.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap105.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap107.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap109.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap10E.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap113.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap118.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap11A.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap11C.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap127.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap129.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap12B.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap12D.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap12F.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap131.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap133.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap135.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap137.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap139.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap13B.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap13D.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap13F.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap141.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap144.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap147.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap149.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1A7.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1A9.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1AB.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1AD.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1AF.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1B1.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1B3.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1B6.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap1B8.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap4E.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap85.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap87.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap89.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap8B.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap8D.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap8F.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap91.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap92.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap93.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap94.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap95.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap96.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap97.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap98.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap9A.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap9C.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zap9E.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapA0.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapA2.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapA4.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapA6.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapA9.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapAB.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapAD.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapAF.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapB1.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapB4.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapB6.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapB7.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapB8.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapB9.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapBA.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapBB.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapBC.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapBD.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapBE.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapBF.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapC1.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapC3.tmp
c:\documents and settings\ramon somoano\Local Settings\Temporary Internet Files\zapCF.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_96c62cc5
.
.
((((((((((((((((((((((((( Files Created from 2011-07-19 to 2011-08-19 )))))))))))))))))))))))))))))))
.
.
2011-08-18 05:30 . 2011-04-29 16:47 457856 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-08-06 23:54 . 2011-08-06 23:54 -------- dc----w- C:\946c50e7d51d913ea1b3b6fbb2
2011-07-29 18:14 . 2011-07-29 18:14 -------- d-----w- c:\documents and settings\ramon somoano\Local Settings\Application Data\WinZip
2011-07-29 18:14 . 2011-07-29 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2011-07-28 05:28 . 2011-07-28 05:28 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\ESET
2011-07-26 14:50 . 2011-07-26 14:50 -------- d-----w- c:\documents and settings\lily somoano\.thumbnails
2011-07-26 14:49 . 2011-07-31 01:26 -------- d-----w- c:\documents and settings\lily somoano\.gimp-2.6
2011-07-25 23:10 . 2011-07-25 23:10 218624 ----a-w- c:\windows\system32\termlw32.dll
2011-07-25 23:10 . 2011-07-25 23:10 35840 ----a-w- c:\windows\system32\ter1mw32.dll
2011-07-25 09:21 . 2011-07-25 09:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-07-25 09:10 . 2011-07-25 09:10 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2011-07-25 08:40 . 2011-07-25 08:40 0 ----a-w- c:\documents and settings\All Users\Application Data\tnyp.exe
2011-07-25 08:40 . 2011-07-25 08:40 0 ----a-w- c:\documents and settings\All Users\Application Data\fbhq.exe
2011-07-25 08:40 . 2011-07-25 08:40 0 ----a-w- c:\documents and settings\All Users\Application Data\ncfo.exe
2011-07-25 08:40 . 2011-07-25 08:40 0 ----a-w- c:\documents and settings\All Users\Application Data\hnjg.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 00:23 . 2003-08-05 17:55 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-09 17:44 . 2011-05-29 01:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-15 14:34 . 2011-05-15 19:55 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-06-16 04:17 . 2004-08-26 05:16 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-04-01 02:47 . 2008-11-25 20:41 324976 -c--a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{180E37B8-072D-48E4-800D-F353EE800672}]
2011-07-04 04:36 1550336 ----a-w- c:\program files\myYearbook Toolbar\Toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4728c29f-7ff4-4fa1-9d34-199451b03bd3}]
2009-11-07 05:07 297808 ----a-w- c:\windows\SYSTEM32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B05CABA4-89F3-410B-8471-6BC0EDC8C91F}"= "c:\program files\myYearbook Toolbar\Toolbar.dll" [2011-07-04 1550336]
.
[HKEY_CLASSES_ROOT\clsid\{b05caba4-89f3-410b-8471-6bc0edc8c91f}]
[HKEY_CLASSES_ROOT\FCTB000059563.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{6049A1AE-71DE-4EF3-99D5-693BF60B4E1D}]
[HKEY_CLASSES_ROOT\FCTB000059563.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B05CABA4-89F3-410B-8471-6BC0EDC8C91F}"= "c:\program files\myYearbook Toolbar\Toolbar.dll" [2011-07-04 1550336]
.
[HKEY_CLASSES_ROOT\clsid\{b05caba4-89f3-410b-8471-6bc0edc8c91f}]
[HKEY_CLASSES_ROOT\FCTB000059563.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{6049A1AE-71DE-4EF3-99D5-693BF60B4E1D}]
[HKEY_CLASSES_ROOT\FCTB000059563.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-10 4600704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-03-15 122933]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2005-10-18 1921024]
"CTSysVol"="c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 49152]
"CTDVDDet"="c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 45056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-11-03 4800512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-07-15 273544]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-4-3 813584]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 16:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ter1mw32]
2011-07-25 23:10 35840 ----a-w- c:\windows\SYSTEM32\ter1mw32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsvces]
2011-07-25 23:10 35840 ----a-w- c:\windows\SYSTEM32\ter1mw32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SB Audigy 2 Startup Menu]
/L:ENG [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 15:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 14:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2008-03-27 15:13 320168 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallIQUpdater]
2011-05-10 20:03 1205760 ----a-w- c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdnamon]
2008-03-27 15:13 16040 ----a-w- c:\program files\Lexmark 2600 Series\lxdnamon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdnmon.exe]
2008-03-27 15:13 660136 ----a-w- c:\program files\Lexmark 2600 Series\lxdnmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
2003-06-18 17:00 200704 ----a-w- c:\program files\Microsoft Money\System\mnyexpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 20:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\SYSTEM32\\USMT\\migwiz.exe"=
"c:\\Program Files\\Dell Computer\\Dell Picture Studio v2.0\\launch.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\YVD\\YVD Relay Server.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\SYSTEM32\\lxdncoms.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnmon.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\lxdnpswx.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\lxdntime.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnlscn.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\lxdnjswx.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\Diagnostics\\LXDNdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\lxdnwbgw.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 Lbd;Lbd;c:\windows\SYSTEM32\DRIVERS\Lbd.sys [8/26/2004 6:01 AM 64288]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/8/2011 4:41 PM 121216]
R2 LBeepKE;LBeepKE;c:\windows\SYSTEM32\DRIVERS\LBeepKE.sys [4/3/2011 4:14 AM 10384]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxdnserv.exe [7/25/2009 10:03 PM 94208]
R2 TermServices;Remote Desktop Service;c:\windows\System32\svchost.exe -k termsvc [8/29/2002 6:00 AM 14336]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/10/2007 11:09 PM 24652]
S0 72241172;72241172;c:\windows\system32\drivers\75181833.sys --> c:\windows\system32\drivers\75181833.sys [?]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys --> c:\windows\system32\DRIVERS\ehdrv.sys [?]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys --> c:\windows\system32\DRIVERS\epfwtdir.sys [?]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6/28/2011 4:15 PM 130560]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/2/2009 9:19 AM 1181328]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6/28/2011 4:15 PM 130560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
termsvc REG_MULTI_SZ TermServices
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-28 20:15]
.
2011-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-28 20:15]
.
2011-08-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-203738149-2672565153-116142669-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-08-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-203738149-2672565153-116142669-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-08-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-203738149-2672565153-116142669-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-08-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-203738149-2672565153-116142669-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-08-19 c:\windows\Tasks\User_Feed_Synchronization-{D4646577-4383-443A-946C-DA47006B9942}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB
FF - ProfilePath - c:\documents and settings\ramon somoano\Application Data\Mozilla\Firefox\Profiles\ddbon1ht.default\
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=fmtm
FF - prefs.js: keyword.URL - hxxp://search.alot.com/web?&src_id=12286&client_id=58846838bae80c3fbc1e8858&camp_id=2585&install_time=2004-08-26T06:49Z&tb_version=2.4.11000%28F%29&pr=auto&q=
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-19 01:28
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\3308045974:1765397306.exe 816 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-203738149-2672565153-116142669-1007\Software\SecuROM\License information*]
"datasecu"=hex:9b,5d,56,b4,c5,79,94,90,a6,49,fb,e3,a6,fe,aa,d7,0b,fb,9a,5f,ab,
14,f2,3f,c3,ef,c2,b0,12,04,72,aa,a7,99,ce,19,d3,5e,7d,2f,e3,0d,4a,dc,e8,08,\
"rkeysecu"=hex:f6,5d,a5,c3,32,7e,03,a7,d6,e6,0b,14,42,ca,29,96
.
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{B91B4988-2671-4C7A-9B84-5FE9E38EDDE0}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.2.42.0"
"UniqueId"="0009351D4DE3F4FF"
"ScannerBuild"=dword:0000244b
"ScannerVersionId"=dword:000017fb
"ScannerVersion"="Locked/open ESET for status."
"FixId"=dword:00000007
"ei2"=hex(B):10,17,d5,a3,70,73,a3,1c
"ei1"=hex(B):00,11,11,62,df,f6,00,00
"ei3"=hex(B):7d,45,1e,4e,00,00,00,00
"ei4"=dword:00000002
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(776)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\windows\system32\ter1mw32.dll
.
- - - - - - - > 'explorer.exe'(2212)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\COMMON~1\AOL\ACS\acsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxdncoms.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\wanmpsvc.exe
c:\windows\System32\MsPMSPSv.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wscript.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2011-08-19 01:33:50 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-19 05:33
ComboFix2.txt 2011-08-18 06:08
.
Pre-Run: 10,790,359,040 bytes free
Post-Run: 11,075,833,856 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 043A273328D57D23FDBC20A2DFAB194D

#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:57 PM

Posted 20 August 2011 - 07:57 PM

Please run Rkill first.


Now Combofix again but with a script.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the box below into it:

File::
c:\documents and settings\All Users\Application Data\tnyp.exe
c:\documents and settings\All Users\Application Data\fbhq.exe
c:\documents and settings\All Users\Application Data\ncfo.exe
c:\documents and settings\All Users\Application Data\hnjg.exe

Firefox::
FF - ProfilePath - c:\documents and settings\ramon somoano\Application Data\Mozilla\Firefox\Profiles\ddbon1ht.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: keyword.URL -


Save this as CFScript.txt, in the same location as Comfix.exe (called ComboFix.exe in the below graphic)


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

If the program requests for you to update Combofix then click Yes.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.


Then please run MBAM - which should also run now - and post the log.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users