Member Avatar for ownedswax

My explorer.exe seems to be flickering on and off... help please
I have no past experience with the hijackthis program so if i am doing something wrong please tell me.
any other log files i should "fix" also tell me about. Once again i have never used this program untill today so please elaborate on what you are telling me
thank you in advance

here is my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:57:58 PM, on 12/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [{6A-AA-A8-87-ZN}] C:\WINDOWS\system32\kpdsrngl.exe MSM002
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\swinqldq.exe MSM002
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://playgames.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - file://C:\Documents and Settings\Kevin\Local Settings\Application Data\Oberon Media\Oberon Games Host\popcaploader_v6.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab?
O21 - SSODL: mssms - {C6F57800-110D-4959-AEAE-6F541A9E9AAD} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DomainService - - C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
O23 - Service: svchost - Unknown owner - C:\RECYCLER\S-1-5-21-606747145-1085031214-725345543-500\svchost.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

  • 3 Contributors
  • 12 Replies
  • 204 Views
  • 1 Week Discussion Span
  • Latest Post Latest Post by crunchie

Recommended Answers

All 12 Replies

Member Avatar for ownedswax

please help, i have this page bookmarked and will be refreshing it every 5-10 minutes

Member Avatar for gerbil

Hiya, let's see what this does for you...
Start hijackthis, select Scan Only, place checkmarks against all the entries listed below that still exist, and then press Fix Checked.

O4 - HKLM\..\Run: [{6A-AA-A8-87-ZN}] C:\WINDOWS\system32\kpdsrngl.exe MSM002
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\swinqldq.exe MSM002
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe
O21 - SSODL: mssms - {C6F57800-110D-4959-AEAE-6F541A9E9AAD} - (no file)
O23 - Service: svchost - Unknown owner - C:\RECYCLER\S-1-5-21-606747145-1085031214-725345543-500\svchost.exe

Delete these files:
C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\swinqldq.exe

Now to remove that dud O23 service...
==Go Start, run, type services.msc -and press Enter. Maximise the window and at foot select Extended tab, scroll to the specific service [svchost], rclick it, select properties. Write down the exact Service Name. Press Stop if it is highlighted [you may have to set the service to Disable first]. Close Services, now type this line into the run text box and press Enter:
sc delete "exact Service Name" - don't be silly now....

System Restore Points Clearance:
==You SHOULD clear all your system restore points because some have been infected..... So go control panel > system > system restore tab, check Turn off sys res on all drives, Apply and OK. Do it all again but uncheck that box, Apply and OK.
[[a quick way in is Start > run, paste: control sysdm.cpl,,4 -and OK]]
Now make a fresh, clean restore point: Start > programs > accessories > system tools > system restore and create a restore point now!!
[[the quick way to System Restore is Start > run, paste: %systemroot%\system32\restore\rstrui.exe -and OK]]

Say how you get on...

Member Avatar for ownedswax

I did all of those except for deleting:
C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\swinqldq.exe
Is there any way i can delete these within 5 seconds of my explorer refreshing?

This problem is still occuring.
here is my new log.....


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00:59 PM, on 12/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [{6A-AA-A8-87-ZN}] C:\WINDOWS\system32\kpdsrngl.exe MSM002
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\swinqldq.exe MSM002
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab?
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DomainService - - C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4209 bytes

Member Avatar for gerbil

Sure, use this tool:
==Download killbox from here:- http://www.downloads.subratam.org/KillBox.zip -unzip it onto your desktop.
Remove/fix the hijackthis entries that exist as I listed before:
O4 - HKLM\..\Run: [{6A-AA-A8-87-ZN}] C:\WINDOWS\system32\kpdsrngl.exe MSM002
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\swinqldq.exe MSM002
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe
Dclick killbox to start it.
>Highlight the pathnames in the following lines as one block and copy them into clipboard [press Ctrl+C] [ or rclick, copy...]:-

C:\WINDOWS\system32\kpdsrngl.exe
C:\WINDOWS\system32\swinqldq.exe

>In killbox, go File menu, choose Paste from clipboard.
Select "Delete on reboot", click the "all files" button.
Click the red and white X button, click Yes on the reboot prompt, click OK if a pendingfilerenameoperation box opens. [do not be concerned if it says it cannot find a file...]
If your computer does not reboot please restart it manually.

And if you do have trouble still, try deleting them in safe mode....

Member Avatar for gerbil

Further, this AS service will remove Think-Adz for you...
==GET AVG antispyware 7.5 here.. http://free.grisoft.com/doc/5390/lng/us/tpl/v5
or here.. http://free.grisoft.com/freeweb.php/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free
-Install it and UPDATE it.
Start AVG a-s 7.5;
-under Scanner/ Settings please change the default action from Recommended Actions to QUARANTINE, and run the complete system scan.
-press Apply all Actions and then Save the log file; post the log file.

Member Avatar for ownedswax

ok, i have had no luck what so ever on deleting
C:\WINDOWS\system32\ctfmon.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 User Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 User Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe (User 'Sherry')

also, my explorer.exe flickering problem has not been solved either.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:11:20 PM, on 12/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\taskmgr.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1004\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl (User 'Sherry')
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 User Startup: TA_Start.lnk = C:\WINDOWS\system32\kpdsrngl.exe (User 'Sherry')
O4 - S-1-5-21-746137067-1035525444-1417001333-1004 User Startup: Think-Adz.lnk = C:\WINDOWS\system32\swinqldq.exe (User 'Sherry')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab?
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - - C:\DOCUME~1\Kevin\LOCALS~1\Temp\tmp47B.tmp.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4871 bytes


any way I tried to update anti virus and it said error connecting to server... this is the report of what i got out of the antivirus scan that i cleaned if it haws any importance at all to what we are doing.

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 4:10:26 PM 12/12/2007

+ Scan result:

C:\WINDOWS\vtrrom.dll -> Adware.Virtumonde : Cleaned.
C:\RECYCLER\S-1-5-21-606747145-1085031214-725345543-500\a.reg -> Backdoor.Cloner.bi : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@oasc02.247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@buycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@comcast.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@saxosouthbend.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@saxotoledo.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@brightcove.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@saxosouthbend.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@usatoday1.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Sherry\Cookies\sherry@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@arn.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@getmusicfree.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@grouplotto.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@paidmarketingpanel.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@pan.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@prizeamerica.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@arn.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.abcsearch[2].txt -> TrackingCookie.Abcsearch : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@3.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@stats.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@3.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adbrite[3].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[3].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[5].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.adbrite[6].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adengage[1].txt -> TrackingCookie.Adengage : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ads.adengage[2].txt -> TrackingCookie.Adengage : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adtech[1].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[10].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[8].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[9].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@ads.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@clickbank[2].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@cz6.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@connextra[2].txt -> TrackingCookie.Connextra : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[4].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[5].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[6].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@goclick[1].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@ehg-foxsports.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ehg-bestbuy.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ehg-speakeasy.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ehg-youtube.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@info[2].txt -> TrackingCookie.Info : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@search.live[2].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@search.live[2].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@server.lon.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@auto.search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ie.search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@www.paypal[2].txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Sherry\Cookies\sherry@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ad.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@stats2.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adopt.specificclick[3].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@adopt.specificclick[4].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Sherry\Cookies\sherry@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@statcounter[3].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[10].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[11].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[12].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[13].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[14].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[15].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[4].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[5].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[6].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[7].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[8].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[9].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@reduxads.valuead[1].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Sherry\Cookies\sherry@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Ashley\Cookies\ashley@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Ashley\Local Settings\Temp\Cookies\ashley@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Dad\Cookies\dad@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Kevin\Cookies\kevin@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.


::Report end

Member Avatar for crunchie

Try this whilst Gerbil is offline;

  • Save it to your Desktop
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields)
  • Click on your START button and choose Run. Then copy/paste the entire content of the following quotebox (Including the "" marks and the Symbols) into the run box.

    "%userprofile%\desktop\ComboFix.exe" /KillAll

    [IMG]http://i5.photobucket.com/albums/y153/crunchie1/RunBox_KillAll.jpg[/IMG]

  • Click OK and this will start ComboFix.
  • When finished, it will produce a log. Please save that log to a Notepad File and include it in your next reply along with a fresh HJT log.

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

* Re-enable all the programs that were disabled prior to the running of ComboFix.

* Post the following logs/Reports:


  • ComboFix.txt
  • Fresh HijackThis log run after all the other tools have performed their cleanup.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Member Avatar for ownedswax

Thank you for picking up on my problem, here is my combofix log folowed by my HJT log.

ComboFix 07-12-12.3 - Kevin 2007-12-17 11:35:12.4 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.230 [GMT -5:00]
Running from: C:\Documents and Settings\Kevin\Desktop\ComboFix.exe
.


(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\aycdd.bak1
C:\WINDOWS\system32\knnmp.bak1
C:\WINDOWS\system32\knnmp.ini
C:\WINDOWS\system32\knnmp.ini2
C:\WINDOWS\system32\knnmp.tmp
C:\WINDOWS\system32\nqtss.bak2
C:\WINDOWS\system32\nqtss.ini
C:\WINDOWS\system32\pmnnk.dll
C:\WINDOWS\system32\sstqn.dll


.
(((((((((((((((((((((((((   Files Created from 2007-11-17 to 2007-12-17  )))))))))))))))))))))))))))))))
.


2007-12-17 11:39 . 2007-12-17 11:39 308,800 --a------   C:\WINDOWS\system32\vtsqq.dll
2007-12-17 11:39 . 2007-12-17 11:40 319 ---hs----   C:\WINDOWS\system32\qqstv.ini
2007-12-15 16:46 . 2007-12-15 16:46 5   --a------   C:\WINDOWS\system32\b0d6b8a6
2007-12-15 11:19 . 2007-12-15 11:19 12,328  --a------   C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-12-15 11:18 . 2007-12-15 11:18 <DIR>    d--------   C:\Documents and Settings\Dad\Application Data\Grisoft
2007-12-14 16:04 . 2007-12-14 16:04 94,208  --a------   C:\WINDOWS\ScUnin.exe
2007-12-14 16:04 . 2007-12-14 16:04 13,044  --a------   C:\WINDOWS\scunin.dat
2007-12-14 16:04 . 2007-12-14 16:04 967 --a------   C:\WINDOWS\ScUnin.pif
2007-12-14 15:28 . 2007-12-16 21:15 <DIR>    d--------   C:\Program Files\Starcraft
2007-12-14 06:56 . 2007-12-14 06:56 <DIR>    d--------   C:\Documents and Settings\Sherry\Application Data\Grisoft
2007-12-12 23:09 . 2001-08-17 13:28 771,581 --a--c---   C:\WINDOWS\system32\dllcache\winacisa.sys
2007-12-12 23:08 . 2001-08-17 13:28 687,999 --a--c---   C:\WINDOWS\system32\dllcache\usrwdxjs.sys
2007-12-12 23:07 . 2001-08-17 13:28 794,654 --a--c---   C:\WINDOWS\system32\dllcache\usr1801.sys
2007-12-12 23:06 . 2001-08-17 22:36 525,568 --a--c---   C:\WINDOWS\system32\dllcache\tridxp.dll
2007-12-12 23:05 . 2001-08-17 14:56 440,576 --a--c---   C:\WINDOWS\system32\dllcache\tridkb.dll
2007-12-12 23:04 . 2001-08-17 14:56 172,768 --a--c---   C:\WINDOWS\system32\dllcache\t2r4disp.dll
2007-12-12 23:03 . 2001-08-17 12:18 285,760 --a--c---   C:\WINDOWS\system32\dllcache\stlnata.sys
2007-12-12 23:02 . 2001-08-17 14:56 147,200 --a--c---   C:\WINDOWS\system32\dllcache\smidispb.dll
2007-12-12 23:01 . 2004-08-03 22:41 404,990 --a--c---   C:\WINDOWS\system32\dllcache\slntamr.sys
2007-12-12 23:00 . 2001-08-17 22:36 386,560 --a--c---   C:\WINDOWS\system32\dllcache\sgiul50.dll
2007-12-12 22:59 . 2001-08-17 22:36 495,616 --a--c---   C:\WINDOWS\system32\dllcache\sblfx.dll
2007-12-12 22:58 . 2004-08-04 00:56 397,056 --a--c---   C:\WINDOWS\system32\dllcache\s3gnb.dll
2007-12-12 22:57 . 2001-08-17 13:28 899,146 --a--c---   C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2007-12-12 22:56 . 2004-08-04 00:56 363,520 --a--c---   C:\WINDOWS\system32\dllcache\psisdecd.dll
2007-12-12 22:55 . 2004-08-04 00:56 259,328 --a--c---   C:\WINDOWS\system32\dllcache\perm3dd.dll
2007-12-12 22:54 . 2001-08-17 14:05 351,616 --a--c---   C:\WINDOWS\system32\dllcache\ovcodek2.sys
2007-12-12 22:53 . 2004-08-04 00:56 4,274,816   --a--c---   C:\WINDOWS\system32\dllcache\nv4_disp.dll
2007-12-12 22:52 . 2004-08-03 22:31 132,695 --a--c---   C:\WINDOWS\system32\dllcache\netwlan5.sys
2007-12-12 22:51 . 2004-08-04 00:56 1,737,856   --a--c---   C:\WINDOWS\system32\dllcache\mtxparhd.dll
2007-12-12 22:50 . 2001-08-17 12:50 320,384 --a--c---   C:\WINDOWS\system32\dllcache\mgaum.sys
2007-12-12 22:49 . 2001-08-17 13:28 802,683 --a--c---   C:\WINDOWS\system32\dllcache\ltsm.sys
2007-12-12 22:48 . 2001-08-17 22:36 242,176 --a--c---   C:\WINDOWS\system32\dllcache\kdsusd.dll
2007-12-12 22:47 . 2004-08-04 00:56 152,576 --a--c---   C:\WINDOWS\system32\dllcache\irftp.exe
2007-12-12 22:46 . 2001-08-17 22:36 372,824 --a--c---   C:\WINDOWS\system32\dllcache\iconf32.dll
2007-12-12 22:46 . 2001-08-17 14:06 154,496 --a--c---   C:\WINDOWS\system32\dllcache\icam4usb.sys
2007-12-12 22:46 . 2001-08-17 14:05 141,056 --a--c---   C:\WINDOWS\system32\dllcache\icam3.sys
2007-12-12 22:46 . 2001-08-17 14:06 100,992 --a--c---   C:\WINDOWS\system32\dllcache\icam5usb.sys
2007-12-12 22:46 . 2001-08-17 22:36 91,136  --a--c---   C:\WINDOWS\system32\dllcache\icam4com.dll
2007-12-12 22:46 . 2001-08-17 22:36 61,952  --a--c---   C:\WINDOWS\system32\dllcache\icam4ext.dll
2007-12-12 22:46 . 2001-08-17 22:36 45,056  --a--c---   C:\WINDOWS\system32\dllcache\icam5com.dll
2007-12-12 22:46 . 2001-08-17 22:36 26,624  --a--c---   C:\WINDOWS\system32\dllcache\icam3ext.dll
2007-12-12 22:46 . 2001-08-17 22:36 20,480  --a--c---   C:\WINDOWS\system32\dllcache\icam5ext.dll
2007-12-12 22:44 . 2001-08-17 13:28 542,879 --a--c---   C:\WINDOWS\system32\dllcache\hsf_msft.sys
2007-12-12 22:43 . 2001-08-17 13:28 907,456 --a--c---   C:\WINDOWS\system32\dllcache\hcf_msft.sys
2007-12-12 22:42 . 2001-08-17 14:56 1,733,120   --a--c---   C:\WINDOWS\system32\dllcache\g400d.dll
2007-12-12 22:41 . 2001-08-17 13:28 595,647 --a--c---   C:\WINDOWS\system32\dllcache\es56cvmp.sys
2007-12-12 22:40 . 2001-08-17 13:28 634,134 --a--c---   C:\WINDOWS\system32\dllcache\el656ct5.sys
2007-12-12 22:39 . 2001-08-17 12:14 952,007 --a--c---   C:\WINDOWS\system32\dllcache\diwan.sys
2007-12-12 22:38 . 2001-08-17 22:36 419,357 --a--c---   C:\WINDOWS\system32\dllcache\dgconfig.dll
2007-12-12 22:37 . 2001-08-17 12:13 980,034 --a--c---   C:\WINDOWS\system32\dllcache\cicap.sys
2007-12-12 22:36 . 2001-08-17 13:28 714,698 --a--c---   C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2007-12-12 22:35 . 2001-08-17 13:28 871,388 --a--c---   C:\WINDOWS\system32\dllcache\bcmdm.sys
2007-12-12 22:34 . 2004-08-04 00:56 1,888,992   --a--c---   C:\WINDOWS\system32\dllcache\ati3duag.dll
2007-12-12 22:33 . 2001-08-17 13:28 762,780 --a--c---   C:\WINDOWS\system32\dllcache\3cwmcru.sys
2007-12-12 22:32 . 2001-08-17 14:56 66,048  --a--c---   C:\WINDOWS\system32\dllcache\s3legacy.dll
2007-12-12 22:07 . 2007-12-12 22:07 <DIR>    d--------   C:\Deckard
2007-12-12 15:21 . 2007-12-12 15:21 <DIR>    d--------   C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-11 16:40 . 2007-12-11 17:08 9,888   --ahs----   C:\WINDOWS\system32\rrqss.tmp
2007-12-07 17:44 . 2007-12-11 22:54 118 --a------   C:\WINDOWS\wininit.ini
2007-12-03 20:21 . 2007-12-08 00:24 10  --a------   C:\WINDOWS\system32\(null)id
2007-11-30 23:30 . 2007-10-10 18:55 6,065,664   -----c---   C:\WINDOWS\system32\dllcache\ieframe.dll
2007-11-30 23:30 . 2007-04-17 04:32 2,455,488   -----c---   C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-11-30 23:30 . 2007-03-08 00:10 991,232 -----c---   C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-11-30 23:30 . 2007-10-10 18:55 459,264 -----c---   C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-11-30 23:30 . 2007-10-10 18:55 383,488 -----c---   C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-11-30 23:30 . 2007-10-10 18:55 267,776 -----c---   C:\WINDOWS\system32\dllcache\iertutil.dll
2007-11-30 23:30 . 2007-10-10 18:55 63,488  -----c---   C:\WINDOWS\system32\dllcache\icardie.dll
2007-11-30 23:30 . 2007-10-10 18:55 52,224  -----c---   C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-11-30 23:30 . 2007-10-10 05:59 13,824  -----c---   C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-11-26 22:14 . 2007-11-26 22:14 <DIR>    d--------   C:\Program Files\Custom-Strike
2007-11-26 22:14 . 1998-06-18 00:00 89,360  --a------   C:\WINDOWS\system32\VB5DB.DLL
2007-11-19 16:22 . 2007-11-26 18:21 54,156  --ah-----   C:\WINDOWS\QTFont.qfn
2007-11-19 16:22 . 2007-11-19 16:22 1,409   --a------   C:\WINDOWS\QTFont.for


.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-17 16:32    ---------   d-----w C:\Documents and Settings\Kevin\Application Data\mIRC
2007-12-17 04:28    ---------   d-----w C:\Program Files\Google
2007-12-17 04:20    ---------   d-s---w C:\Program Files\HLSW
2007-12-16 22:36    ---------   d-----w C:\Program Files\Java
2007-12-11 23:57    ---------   d-----w C:\Program Files\Trend Micro
2007-12-02 16:31    ---------   d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2007-11-27 03:14    ---------   d--h--w C:\Program Files\InstallShield Installation Information
2007-11-16 01:56    ---------   d-----w C:\Documents and Settings\Kevin\Application Data\Ventrilo
2007-11-15 01:26    ---------   d-----w C:\Program Files\Ventrilo
2007-11-15 01:26    ---------   d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-11-13 10:25    20,480  ----a-r C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-10 16:41    ---------   d-----w C:\Program Files\mIRC
2007-11-10 16:40    ---------   d-----w C:\Program Files\Windows Media Connect 2
2007-11-04 17:03    84,907  ----a-w C:\WINDOWS\ljkjji.dll
2007-10-31 18:03    245,408 ----a-w C:\WINDOWS\system32\unicows.dll
2007-10-30 12:04    84,939  ----a-w C:\WINDOWS\ssqoml.dll
2007-10-29 22:43    1,287,680   ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 22:40    222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 17:40    ---------   d-----w C:\Program Files\RegistryFix
2007-10-25 17:40    ---------   d-----w C:\Program Files\HHD Software
2007-10-25 16:37    ---------   d-----w C:\Documents and Settings\All Users\Application Data\HHD Software
2007-10-24 11:25    308,800 ----a-w C:\WINDOWS\system32\vtsqo.dll
2007-10-23 00:20    308,800 ----a-w C:\WINDOWS\system32\ddabc.dll
2007-10-22 10:40    ---------   d-----w C:\Documents and Settings\Dad\Application Data\ICAClient
2007-10-21 18:39    ---------   d-----w C:\Documents and Settings\Sherry\Application Data\Lavasoft
2007-10-21 17:56    339,968 ----a-w C:\WINDOWS\system32\byxvuts.dll
2007-10-21 14:45    84,961  ----a-w C:\WINDOWS\rqpmml.dll
2007-10-21 14:40    ---------   d-----w C:\Program Files\Speeditup Free
2007-10-20 16:09    ---------   d-----w C:\Program Files\Workspace Macro 4.6
2007-10-20 15:42    724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-06-14 14:25    55,196  ----a-w C:\Program Files\unrar.exe
2007-07-01 01:41    515,701 -csh--w C:\WINDOWS\ghhhkj.ini2
.


(((((((((((((((((((((((((((((   snapshot@2007-12-12_21.56.33.76   )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-06 09:52:38   72,960  ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:08:11   138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:08:11   47,104  ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:08:11   16,896  ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:08:11   660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:08:11   177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:08:11   95,744  ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:08:11   48,640  ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:08:11   471,552 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:12:25   14,048  ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:12:26   213,216 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:12:25   22,752  ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:12:29   716,000 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:12:34   371,424 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-10-29 22:35:13   1,287,680   ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:22:36   14,048  ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:22:41   213,216 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:22:34   22,752  ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:23:51   371,424 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-10 23:47:27   124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:47:27   214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:47:27   132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:47:27   63,488  ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47   70,656  ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:47:27   153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:47:27   230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20   161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38   2,455,488   ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:47:27   383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:47:27   388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:47:27   6,067,200   ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:47:27   44,544  ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:47:27   267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47   13,824  ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56   625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:47:28   27,648  ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:47:28   459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:47:28   52,224  ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:48:49   3,593,216   ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:47:28   478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:47:28   193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:47:28   671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:47:28   102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:47:28   105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:47:29   1,162,240   ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:47:29   233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:47:29   825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36   14,048  ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:22:41   213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:22:34   22,752  ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-03-06 01:23:51   371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-11-13 11:02:46   60,416  ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:22:36   14,048  ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:22:41   213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:22:34   22,752  ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:23:51   371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-11-13 08:47:45   20,480  ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:22:36   14,048  ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:22:41   213,216 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:22:34   22,752  ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:23:51   371,424 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2007-08-20 10:04:34   124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 10:04:34   214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 10:04:34   132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 10:04:34   63,488  -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:20:54   63,488  -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 10:04:34   153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 10:04:35   230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25   161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 10:04:35   383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 10:04:35   384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 10:04:37   6,058,496   -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 10:04:38   44,544  -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 10:04:38   267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:20:54   13,824  -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:21:21   625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 10:04:39   27,648  -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 10:04:39   459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 10:04:39   52,224  -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 20:34:42   3,584,512   -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 10:04:41   477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 10:04:41   193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 10:04:42   671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 10:04:42   102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:22:41   213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51   371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 10:04:42   105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 10:04:42   1,152,000   -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 10:04:42   232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 10:04:43   824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
- 2007-08-20 10:04:34   124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-10-10 23:55:51   124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2004-08-04 04:10:08   53,248  -c--a-w C:\WINDOWS\system32\dllcache\1394bus.sys
+ 2001-08-17 19:06:48   11,264  -c--a-w C:\WINDOWS\system32\dllcache\1394vdbg.sys
+ 2001-08-17 19:55:58   689,216 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvs.dll
+ 2001-08-17 17:48:32   148,352 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvsm.sys
+ 2004-08-04 04:00:04   12,288  -c--a-w C:\WINDOWS\system32\dllcache\4mmdat.sys
+ 2004-08-04 04:10:12   48,128  -c--a-w C:\WINDOWS\system32\dllcache\61883.sys
+ 2001-08-17 19:55:58   38,400  -c--a-w C:\WINDOWS\system32\dllcache\8514a.dll
+ 2001-08-18 03:36:10   98,304  -c--a-w C:\WINDOWS\system32\dllcache\a3d.dll
+ 2001-08-18 03:36:10   462,848 -c--a-w C:\WINDOWS\system32\dllcache\a3dapi.dll
+ 2001-08-17 18:52:00   23,552  -c--a-w C:\WINDOWS\system32\dllcache\abp480n5.sys
+ 2004-08-04 03:32:22   231,552 -c--a-w C:\WINDOWS\system32\dllcache\ac97ali.sys
+ 2001-08-17 17:20:04   96,256  -c--a-w C:\WINDOWS\system32\dllcache\ac97intc.sys
+ 2001-08-17 17:20:16   297,728 -c--a-w C:\WINDOWS\system32\dllcache\ac97sis.sys
+ 2004-08-04 03:32:32   84,480  -c--a-w C:\WINDOWS\system32\dllcache\ac97via.sys
+ 2001-08-18 03:36:10   61,440  -c--a-w C:\WINDOWS\system32\dllcache\acerscad.dll
+ 2004-08-04 12:00:00   187,776 -c--a-w C:\WINDOWS\system32\dllcache\acpi.sys
+ 2001-08-17 18:53:02   7,424   -c--a-w C:\WINDOWS\system32\dllcache\adicvls.sys
+ 2001-08-17 17:11:18   20,160  -c--a-w C:\WINDOWS\system32\dllcache\adm8511.sys
+ 2001-08-17 17:19:10   584,448 -c--a-w C:\WINDOWS\system32\dllcache\adm8810.sys
+ 2001-08-17 17:19:14   553,984 -c--a-w C:\WINDOWS\system32\dllcache\adm8820.sys
+ 2001-08-17 17:19:14   747,392 -c--a-w C:\WINDOWS\system32\dllcache\adm8830.sys
+ 2004-08-04 03:32:24   10,880  -c--a-w C:\WINDOWS\system32\dllcache\admjoy.sys
+ 2001-08-17 17:11:16   46,112  -c--a-w C:\WINDOWS\system32\dllcache\adptsf50.sys
+ 2001-08-17 19:07:32   101,888 -c--a-w C:\WINDOWS\system32\dllcache\adpu160m.sys
+ 2004-08-04 05:56:42   4,255   -c--a-w C:\WINDOWS\system32\dllcache\adv01nt5.dll
+ 2004-08-04 05:56:42   3,967   -c--a-w C:\WINDOWS\system32\dllcache\adv02nt5.dll
+ 2004-08-04 05:56:42   3,615   -c--a-w C:\WINDOWS\system32\dllcache\adv05nt5.dll
+ 2004-08-04 05:56:42   3,647   -c--a-w C:\WINDOWS\system32\dllcache\adv07nt5.dll
+ 2004-08-04 05:56:42   3,135   -c--a-w C:\WINDOWS\system32\dllcache\adv08nt5.dll
+ 2004-08-04 05:56:42   3,711   -c--a-w C:\WINDOWS\system32\dllcache\adv09nt5.dll
+ 2004-08-04 05:56:42   3,775   -c--a-w C:\WINDOWS\system32\dllcache\adv11nt5.dll
- 2007-08-20 10:04:34   124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-10-10 23:55:51   124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2004-08-04 04:07:42   42,368  -c--a-w C:\WINDOWS\system32\dllcache\agp440.sys
+ 2004-08-04 04:07:44   44,928  -c--a-w C:\WINDOWS\system32\dllcache\agpcpq.sys
+ 2001-08-17 18:52:02   12,800  -c--a-w C:\WINDOWS\system32\dllcache\aha154x.sys
+ 2001-08-17 19:07:36   55,168  -c--a-w C:\WINDOWS\system32\dllcache\aic78u2.sys
+ 2001-08-17 19:07:38   56,960  -c--a-w C:\WINDOWS\system32\dllcache\aic78xx.sys
+ 2001-08-17 17:11:18   27,678  -c--a-w C:\WINDOWS\system32\dllcache\ali5261.sys
+ 2001-08-17 18:49:02   26,624  -c--a-w C:\WINDOWS\system32\dllcache\alifir.sys
+ 2001-08-17 18:51:56   5,248   -c--a-w C:\WINDOWS\system32\dllcache\aliide.sys
+ 2004-08-04 04:07:42   42,752  -c--a-w C:\WINDOWS\system32\dllcache\alim1541.sys
+ 2001-08-17 17:11:20   16,969  -c--a-w C:\WINDOWS\system32\dllcache\amb8002.sys
+ 2004-08-04 04:07:44   43,008  -c--a-w C:\WINDOWS\system32\dllcache\amdagp.sys
+ 2004-08-04 12:00:00   37,376  -c--a-w C:\WINDOWS\system32\dllcache\amdk7.sys
+ 2001-08-17 18:52:04   12,032  -c--a-w C:\WINDOWS\system32\dllcache\amsint.sys
+ 2004-08-04 03:31:20   36,224  -c--a-w C:\WINDOWS\system32\dllcache\an983.sys
+ 2001-08-17 18:47:22   6,272   -c--a-w C:\WINDOWS\system32\dllcache\apmbatt.sys
+ 2001-08-17 18:52:00   26,496  -c--a-w C:\WINDOWS\system32\dllcache\asc.sys
+ 2001-08-17 18:52:04   22,400  -c--a-w C:\WINDOWS\system32\dllcache\asc3350p.sys
+ 2001-08-17 18:51:58   14,848  -c--a-w C:\WINDOWS\system32\dllcache\asc3550.sys
+ 2001-08-17 17:12:34   97,354  -c--a-w C:\WINDOWS\system32\dllcache\aspndis3.sys
+ 2001-08-17 19:55:58   96,128  -c--a-w C:\WINDOWS\system32\dllcache\ati.dll
+ 2001-08-17 18:57:12   77,568  -c--a-w C:\WINDOWS\system32\dllcache\ati.sys
+ 2004-08-04 03:29:30   56,623  -c--a-w C:\WINDOWS\system32\dllcache\ati1btxx.sys
+ 2004-08-04 03:29:30   11,615  -c--a-w C:\WINDOWS\system32\dllcache\ati1mdxx.sys
+ 2004-08-04 03:29:30   12,047  -c--a-w C:\WINDOWS\system32\dllcache\ati1pdxx.sys
+ 2004-08-04 03:29:32   30,671  -c--a-w C:\WINDOWS\system32\dllcache\ati1raxx.sys
+ 2004-08-04 03:29:32   63,663  -c--a-w C:\WINDOWS\system32\dllcache\ati1rvxx.sys
+ 2004-08-04 03:29:32   26,367  -c--a-w C:\WINDOWS\system32\dllcache\ati1snxx.sys
+ 2004-08-04 03:29:32   21,343  -c--a-w C:\WINDOWS\system32\dllcache\ati1ttxx.sys
+ 2004-08-04 03:29:32   36,463  -c--a-w C:\WINDOWS\system32\dllcache\ati1tuxx.sys
+ 2004-08-04 03:29:32   29,455  -c--a-w C:\WINDOWS\system32\dllcache\ati1xbxx.sys
+ 2004-08-04 03:29:32   34,735  -c--a-w C:\WINDOWS\system32\dllcache\ati1xsxx.sys
+ 2004-08-04 05:56:42   229,376 -c--a-w C:\WINDOWS\system32\dllcache\ati2cqag.dll
+ 2004-08-04 05:56:42   377,984 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvaa.dll
+ 2004-08-04 05:56:42   201,728 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvag.dll
+ 2004-08-04 03:29:28   327,040 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtaa.sys
+ 2004-08-04 03:29:28   701,440 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
+ 2004-08-04 05:56:42   870,784 -c--a-w C:\WINDOWS\system32\dllcache\ati3d1ag.dll
+ 2001-08-17 17:49:04   46,464  -c--a-w C:\WINDOWS\system32\dllcache\atibt829.sys
+ 2001-08-17 19:55:58   382,592 -c--a-w C:\WINDOWS\system32\dllcache\atidrab.dll
+ 2001-08-17 19:56:00   137,216 -c--a-w C:\WINDOWS\system32\dllcache\atidrae.dll
+ 2001-08-17 19:56:00   268,160 -c--a-w C:\WINDOWS\system32\dllcache\atidvai.dll
+ 2001-08-18 03:36:38   37,376  -c--a-w C:\WINDOWS\system32\dllcache\atievxx.exe
+ 2001-08-17 17:48:56   289,664 -c--a-w C:\WINDOWS\system32\dllcache\atimpab.sys
+ 2001-08-17 17:49:00   75,136  -c--a-w C:\WINDOWS\system32\dllcache\atimpae.sys
+ 2001-08-17 17:48:40   281,600 -c--a-w C:\WINDOWS\system32\dllcache\atimtai.sys
+ 2004-08-04 03:29:28   57,856  -c--a-w C:\WINDOWS\system32\dllcache\atinbtxx.sys
+ 2004-08-04 03:29:30   13,824  -c--a-w C:\WINDOWS\system32\dllcache\atinmdxx.sys
+ 2004-08-04 03:29:30   14,336  -c--a-w C:\WINDOWS\system32\dllcache\atinpdxx.sys
+ 2004-08-04 03:29:30   52,224  -c--a-w C:\WINDOWS\system32\dllcache\atinraxx.sys
+ 2004-08-04 03:29:32   104,960 -c--a-w C:\WINDOWS\system32\dllcache\atinrvxx.sys
+ 2004-08-04 03:29:32   28,672  -c--a-w C:\WINDOWS\system32\dllcache\atinsnxx.sys
+ 2004-08-04 03:29:32   13,824  -c--a-w C:\WINDOWS\system32\dllcache\atinttxx.sys
+ 2004-08-04 03:29:32   73,216  -c--a-w C:\WINDOWS\system32\dllcache\atintuxx.sys
+ 2004-08-04 03:29:32   31,744  -c--a-w C:\WINDOWS\system32\dllcache\atinxbxx.sys
+ 2004-08-04 03:29:32   63,488  -c--a-w C:\WINDOWS\system32\dllcache\atinxsxx.sys
+ 2001-08-17 17:49:36   10,240  -c--a-w C:\WINDOWS\system32\dllcache\atipcxxx.sys
+ 2001-08-17 19:56:00   104,832 -c--a-w C:\WINDOWS\system32\dllcache\atiraged.dll
+ 2001-08-17 17:48:48   70,528  -c--a-w C:\WINDOWS\system32\dllcache\atiragem.sys
+ 2001-08-17 17:49:12   49,920  -c--a-w C:\WINDOWS\system32\dllcache\atirtcap.sys
+ 2001-08-17 17:49:18   26,880  -c--a-w C:\WINDOWS\system32\dllcache\atirtsnd.sys
+ 2001-08-17 17:49:22   17,152  -c--a-w C:\WINDOWS\system32\dllcache\atitunep.sys
+ 2001-08-17 17:49:28   17,152  -c--a-w C:\WINDOWS\system32\dllcache\atitvsnd.sys
+ 2001-08-17 17:49:38   9,472   -c--a-w C:\WINDOWS\system32\dllcache\ativmdcd.sys
+ 2004-08-04 05:56:42   32,768  -c--a-w C:\WINDOWS\system32\dllcache\ativtmxx.dll
+ 2001-08-17 17:49:44   19,456  -c--a-w C:\WINDOWS\system32\dllcache\ativttxx.sys
+ 2004-08-04 05:56:42   516,768 -c--a-w C:\WINDOWS\system32\dllcache\ativvaxx.dll
+ 2001-08-17 17:49:48   26,624  -c--a-w C:\WINDOWS\system32\dllcache\ativxbar.sys
+ 2001-08-17 17:49:34   23,552  -c--a-w C:\WINDOWS\system32\dllcache\atixbar.sys
+ 2004-08-04 05:56:42   21,183  -c--a-w C:\WINDOWS\system32\dllcache\atv01nt5.dll
+ 2004-08-04 05:56:42   11,359  -c--a-w C:\WINDOWS\system32\dllcache\atv02nt5.dll
+ 2004-08-04 05:56:42   25,471  -c--a-w C:\WINDOWS\system32\dllcache\atv04nt5.dll
+ 2004-08-04 05:56:42   14,143  -c--a-w C:\WINDOWS\system32\dllcache\atv06nt5.dll
+ 2004-08-04 05:56:42   17,279  -c--a-w C:\WINDOWS\system32\dllcache\atv10nt5.dll
+ 2001-08-17 13:59:44   3,072   -c--a-w C:\WINDOWS\system32\dllcache\audstub.sys
+ 2004-08-04 04:10:12   38,912  -c--a-w C:\WINDOWS\system32\dllcache\avc.sys
+ 2001-08-17 19:01:12   36,096  -c--a-w C:\WINDOWS\system32\dllcache\avcaudio.sys
+ 2004-08-04 04:10:00   13,696  -c--a-w C:\WINDOWS\system32\dllcache\avcstrm.sys
+ 2001-08-18 03:36:10   87,552  -c--a-w C:\WINDOWS\system32\dllcache\avmcoxp.dll
+ 2001-08-18 03:36:10   144,384 -c--a-w C:\WINDOWS\system32\dllcache\avmenum.dll
+ 2001-08-17 17:13:48   37,568  -c--a-w C:\WINDOWS\system32\dllcache\avmwan.sys
+ 2001-08-17 17:19:16   36,992  -c--a-w C:\WINDOWS\system32\dllcache\aztw2320.sys
+ 2001-08-17 17:13:56   89,952  -c--a-w C:\WINDOWS\system32\dllcache\b1cbase.sys
+ 2001-08-17 17:11:30   96,640  -c--a-w C:\WINDOWS\system32\dllcache\b57xp32.sys
+ 2001-08-17 19:56:00   342,336 -c--a-w C:\WINDOWS\system32\dllcache\banshee.dll
+ 2001-08-17 17:48:28   36,128  -c--a-w C:\WINDOWS\system32\dllcache\banshee.sys
+ 2001-08-17 18:57:54   14,080  -c--a-w C:\WINDOWS\system32\dllcache\battc.sys
+ 2001-08-17 17:11:28   66,557  -c--a-w C:\WINDOWS\system32\dllcache\bcm42u.sys
+ 2001-08-17 17:11:26   54,271  -c--a-w C:\WINDOWS\system32\dllcache\bcm42xx5.sys
+ 2001-08-17 17:11:30   26,568  -c--a-w C:\WINDOWS\system32\dllcache\bcm4e5.sys
+ 2004-08-04 04:10:14   11,776  -c--a-w C:\WINDOWS\system32\dllcache\bdasup.sys
+ 2001-08-18 03:36:10   102,400 -c--a-w C:\WINDOWS\system32\dllcache\binlsvc.dll
+ 2001-08-18 03:36:10   19,456  -c--a-w C:\WINDOWS\system32\dllcache\brbidiif.dll
+ 2001-08-18 03:36:10   9,728   -c--a-w C:\WINDOWS\system32\dllcache\brcoinst.dll
+ 2001-08-18 03:36:10   12,800  -c--a-w C:\WINDOWS\system32\dllcache\brevif.dll
+ 2001-08-17 18:12:22   12,160  -c--a-w C:\WINDOWS\system32\dllcache\brfiltlo.sys
+ 2001-08-17 18:12:24   3,968   -c--a-w C:\WINDOWS\system32\dllcache\brfiltup.sys
+ 2001-08-18 03:36:10   15,360  -c--a-w C:\WINDOWS\system32\dllcache\brmfbidi.dll
+ 2001-08-18 03:36:10   81,408  -c--a-w C:\WINDOWS\system32\dllcache\brmfcwia.dll
+ 2001-08-18 03:36:10   29,696  -c--a-w C:\WINDOWS\system32\dllcache\brmflpt.dll
+ 2001-08-18 03:36:38   32,256  -c--a-w C:\WINDOWS\system32\dllcache\brmfrsmg.exe
+ 2001-08-18 03:36:10   41,472  -c--a-w C:\WINDOWS\system32\dllcache\brmfusb.dll
+ 2001-08-17 18:12:24   3,168   -c--a-w C:\WINDOWS\system32\dllcache\brparimg.sys
+ 2001-08-17 18:12:18   39,552  -c--a-w C:\WINDOWS\system32\dllcache\brparwdm.sys
+ 2001-08-18 03:36:10   5,120   -c--a-w C:\WINDOWS\system32\dllcache\brscnrsm.dll
+ 2001-08-18 03:36:10   9,728   -c--a-w C:\WINDOWS\system32\dllcache\brserif.dll
+ 2001-08-17 18:12:20   60,416  -c--a-w C:\WINDOWS\system32\dllcache\brserwdm.sys
+ 2001-08-17 18:12:20   11,008  -c--a-w C:\WINDOWS\system32\dllcache\brusbmdm.sys
+ 2001-08-17 18:12:22   10,368  -c--a-w C:\WINDOWS\system32\dllcache\brusbscn.sys
+ 2001-08-17 17:11:24   31,529  -c--a-w C:\WINDOWS\system32\dllcache\brzwlan.sys
+ 2004-08-04 12:00:00   20,992  -c--a-w C:\WINDOWS\system32\dllcache\bthci.dll
+ 2004-08-04 04:10:40   17,024  -c--a-w C:\WINDOWS\system32\dllcache\bthenum.sys
+ 2004-08-04 04:10:40   38,016  -c--a-w C:\WINDOWS\system32\dllcache\bthmodem.sys
+ 2004-08-04 03:58:40   100,992 -c--a-w C:\WINDOWS\system32\dllcache\bthpan.sys
+ 2004-08-04 04:10:38   274,304 -c--a-w C:\WINDOWS\system32\dllcache\bthport.sys
+ 2004-08-04 04:10:38   35,456  -c--a-w C:\WINDOWS\system32\dllcache\bthprint.sys
+ 2004-08-04 12:00:00   30,208  -c--a-w C:\WINDOWS\system32\dllcache\bthserv.dll
+ 2004-08-04 04:10:36   18,944  -c--a-w C:\WINDOWS\system32\dllcache\bthusb.sys
+ 2001-08-17 18:51:00   13,824  -c--a-w C:\WINDOWS\system32\dllcache\bulltlp3.sys
+ 2001-08-17 19:05:48   314,752 -c--a-w C:\WINDOWS\system32\dllcache\camdro21.sys
+ 2001-08-17 19:04:46   223,232 -c--a-w C:\WINDOWS\system32\dllcache\camdrv21.sys
+ 2001-08-17 19:04:48   171,264 -c--a-w C:\WINDOWS\system32\dllcache\camdrv30.sys
+ 2001-08-18 03:36:10   74,240  -c--a-w C:\WINDOWS\system32\dllcache\camexo20.dll
+ 2001-08-18 03:36:10   236,032 -c--a-w C:\WINDOWS\system32\dllcache\camext20.dll
+ 2001-08-18 03:36:10   119,296 -c--a-w C:\WINDOWS\system32\dllcache\camext30.dll
+ 2001-08-17 17:12:16   37,916  -c--a-w C:\WINDOWS\system32\dllcache\cb102.sys
+ 2001-08-17 17:12:42   39,680  -c--a-w C:\WINDOWS\system32\dllcache\cb325.sys
+ 2001-08-17 17:13:14   46,108  -c--a-w C:\WINDOWS\system32\dllcache\cben5.sys
+ 2004-08-04 04:10:18   17,024  -c--a-w C:\WINDOWS\system32\dllcache\ccdecode.sys
+ 2001-08-17 18:52:06   7,680   -c--a-w C:\WINDOWS\system32\dllcache\cd20xrnt.sys
+ 2004-08-04 12:00:00   18,688  -c--a-w C:\WINDOWS\system32\dllcache\cdaudio.sys
+ 2004-08-04 12:00:00   49,536  -c--a-w C:\WINDOWS\system32\dllcache\cdrom.sys
+ 2001-08-17 17:13:12   21,530  -c--a-w C:\WINDOWS\system32\dllcache\ce2n5.sys
+ 2001-08-17 17:13:20   27,164  -c--a-w C:\WINDOWS\system32\dllcache\ce3n5.sys
+ 2001-08-17 17:13:18   22,044  -c--a-w C:\WINDOWS\system32\dllcache\cem28n5.sys
+ 2001-08-17 17:13:18   22,044  -c--a-w C:\WINDOWS\system32\dllcache\cem33n5.sys
+ 2001-08-17 17:13:20   49,182  -c--a-w C:\WINDOWS\system32\dllcache\cem56n5.sys
+ 2004-08-04 05:56:42   15,423  -c--a-w C:\WINDOWS\system32\dllcache\ch7xxnt5.dll
+ 2004-08-04 04:00:14   8,192   -c--a-w C:\WINDOWS\system32\dllcache\changer.sys
+ 2001-08-17 19:02:48   272,640 -c--a-w C:\WINDOWS\system32\dllcache\cinemclc.sys
+ 2001-08-17 19:56:00   91,264  -c--a-w C:\WINDOWS\system32\dllcache\cirrus.dll
+ 2001-08-17 18:57:16   45,696  -c--a-w C:\WINDOWS\system32\dllcache\cirrus.sys
+ 2001-08-17 19:56:00   111,232 -c--a-w C:\WINDOWS\system32\dllcache\cl5465.dll
+ 2001-08-17 19:56:00   170,880 -c--a-w C:\WINDOWS\system32\dllcache\cl546x.dll
+ 2001-08-17 18:57:36   248,064 -c--a-w C:\WINDOWS\system32\dllcache\cl546xm.sys
+ 2004-08-04 04:07:40   14,080  -c--a-w C:\WINDOWS\system32\dllcache\cmbatt.sys
+ 2001-08-17 18:51:04   20,736  -c--a-w C:\WINDOWS\system32\dllcache\cmbp0wdm.sys
+ 2001-08-17 18:51:54   6,656   -c--a-w C:\WINDOWS\system32\dllcache\cmdide.sys
+ 2004-08-04 12:00:00   47,104  -c--a-w C:\WINDOWS\system32\dllcache\cnbjmon.dll
+ 2001-08-18 03:36:10   44,032  -c--a-w C:\WINDOWS\system32\dllcache\cnusd.dll
+ 2001-08-17 17:11:42   39,936  -c--a-w C:\WINDOWS\system32\dllcache\cnxt1803.sys
+ 2001-08-17 18:58:00   9,344   -c--a-w C:\WINDOWS\system32\dllcache\compbatt.sys
+ 2001-08-17 18:52:06   14,976  -c--a-w C:\WINDOWS\system32\dllcache\cpqarray.sys
+ 2004-08-04 12:00:00   11,776  -c--a-w C:\WINDOWS\system32\dllcache\cpqdap01.sys
+ 2001-08-17 17:13:14   21,533  -c--a-w C:\WINDOWS\system32\dllcache\cpqndis5.sys
+ 2001-08-17 17:11:32   60,970  -c--a-w C:\WINDOWS\system32\dllcache\cpqtrnd5.sys
+ 2001-08-18 03:36:10   216,064 -c--a-w C:\WINDOWS\system32\dllcache\cpscan.dll
+ 2001-08-17 17:19:18   42,112  -c--a-w C:\WINDOWS\system32\dllcache\crtaud.sys
+ 2001-08-18 03:36:12   175,104 -c--a-w C:\WINDOWS\system32\dllcache\csamsp.dll
+ 2001-08-17 17:19:28   6,912   -c--a-w C:\WINDOWS\system32\dllcache\ctlfacem.sys
+ 2001-08-17 17:19:20   3,712   -c--a-w C:\WINDOWS\system32\dllcache\ctljystk.sys
+ 2001-08-17 17:19:20   96,256  -c--a-w C:\WINDOWS\system32\dllcache\ctlsb16.sys
+ 2004-08-04 05:56:42   249,856 -c--a-w C:\WINDOWS\system32\dllcache\ctmasetp.dll
+ 2001-08-18 03:36:12   4,096   -c--a-w C:\WINDOWS\system32\dllcache\ctwdm32.dll
- 2007-08-13 23:54:10   33,792  -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2004-08-04 12:00:00   28,672  -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2001-08-17 17:19:24   3,072   -c--a-w C:\WINDOWS\system32\dllcache\cwbase.sys
+ 2001-08-17 17:19:26   3,072   -c--a-w C:\WINDOWS\system32\dllcache\cwbmidi.sys
+ 2001-08-17 17:19:28   72,832  -c--a-w C:\WINDOWS\system32\dllcache\cwbwdm.sys
+ 2001-08-17 17:19:30   3,584   -c--a-w C:\WINDOWS\system32\dllcache\cwcosnt5.sys
+ 2001-08-17 17:19:36   111,872 -c--a-w C:\WINDOWS\system32\dllcache\cwcspud.sys
+ 2001-08-17 17:19:48   93,952  -c--a-w C:\WINDOWS\system32\dllcache\cwcwdm.sys
+ 2004-08-04 03:32:26   48,640  -c--a-w C:\WINDOWS\system32\dllcache\cwrwdm.sys
+ 2001-08-17 18:50:36   17,152  -c--a-w C:\WINDOWS\system32\dllcache\cyclad-z.sys
+ 2001-08-17 18:50:30   14,848  -c--a-w C:\WINDOWS\system32\dllcache\cyclom-y.sys
+ 2001-08-18 03:36:12   28,672  -c--a-w C:\WINDOWS\system32\dllcache\cyycoins.dll
+ 2001-08-17 18:50:38   50,176  -c--a-w C:\WINDOWS\system32\dllcache\cyyport.sys
+ 2001-08-18 03:36:12   27,648  -c--a-w C:\WINDOWS\system32\dllcache\cyyports.dll
+ 2001-08-18 03:36:12   27,136  -c--a-w C:\WINDOWS\system32\dllcache\cyzcoins.dll
+ 2001-08-17 18:50:40   49,792  -c--a-w C:\WINDOWS\system32\dllcache\cyzport.sys
+ 2001-08-18 03:36:12   27,648  -c--a-w C:\WINDOWS\system32\dllcache\cyzports.dll
+ 2001-08-17 17:12:02   117,760 -c--a-w C:\WINDOWS\system32\dllcache\d100ib5.sys
+ 2001-08-17 18:52:16   179,584 -c--a-w C:\WINDOWS\system32\dllcache\dac2w2k.sys
+ 2001-08-17 18:52:16   14,720  -c--a-w C:\WINDOWS\system32\dllcache\dac960nt.sys
+ 2001-08-18 03:36:12   25,600  -c--a-w C:\WINDOWS\system32\dllcache\dc210_32.dll
+ 2001-08-18 03:36:12   80,896  -c--a-w C:\WINDOWS\system32\dllcache\dc210usd.dll
+ 2001-08-17 17:12:02   63,208  -c--a-w C:\WINDOWS\system32\dllcache\dc21x4.sys
+ 2001-08-18 03:36:12   86,016  -c--a-w C:\WINDOWS\system32\dllcache\dc240usd.dll
+ 2001-08-18 03:36:12   110,592 -c--a-w C:\WINDOWS\system32\dllcache\dc260usd.dll
+ 2001-08-17 18:52:58   7,424   -c--a-w C:\WINDOWS\system32\dllcache\ddsmc.sys
+ 2001-08-17 17:11:44   20,928  -c--a-w C:\WINDOWS\system32\dllcache\defpa.sys
+ 2001-08-18 03:36:14   256,512 -c--a-w C:\WINDOWS\system32\dllcache\devcon32.dll
+ 2001-08-18 03:36:42   24,064  -c--a-w C:\WINDOWS\system32\dllcache\devldr32.exe
+ 2001-08-17 17:11:48   24,648  -c--a-w C:\WINDOWS\system32\dllcache\dfe650.sys
+ 2001-08-17 17:11:48   24,649  -c--a-w C:\WINDOWS\system32\dllcache\dfe650d.sys
+ 2001-08-17 17:17:20   29,531  -c--a-w C:\WINDOWS\system32\dllcache\dgapci.sys
+ 2001-08-17 17:13:48   164,923 -c--a-w C:\WINDOWS\system32\dllcache\diapi2.sys
+ 2001-08-18 03:36:14   32,256  -c--a-w C:\WINDOWS\system32\dllcache\diapi2NT.dll
+ 2001-08-18 03:36:14   65,622  -c--a-w C:\WINDOWS\system32\dllcache\digiasyn.dll
+ 2001-08-17 17:13:36   37,735  -c--a-w C:\WINDOWS\system32\dllcache\digiasyn.sys
+ 2001-08-18 03:36:14   131,156 -c--a-w C:\WINDOWS\system32\dllcache\digidbp.dll
+ 2001-08-17 17:13:52   103,044 -c--a-w C:\WINDOWS\system32\dllcache\digidxb.sys
+ 2001-08-17 17:17:40   90,525  -c--a-w C:\WINDOWS\system32\dllcache\digifep5.sys
+ 2001-08-18 03:36:14   229,462 -c--a-w C:\WINDOWS\system32\dllcache\digifwrk.dll
+ 2001-08-18 03:36:14   159,828 -c--a-w C:\WINDOWS\system32\dllcache\digihlc.dll
+ 2001-08-18 03:36:14   102,484 -c--a-w C:\WINDOWS\system32\dllcache\digiinf.dll
+ 2001-08-18 03:36:14   41,046  -c--a-w C:\WINDOWS\system32\dllcache\digiisdn.dll
+ 2001-08-17 17:14:44   21,606  -c--a-w C:\WINDOWS\system32\dllcache\digiisdn.sys
+ 2001-08-18 03:36:14   110,621 -c--a-w C:\WINDOWS\system32\dllcache\digirlpt.dll
+ 2001-08-17 17:17:44   42,432  -c--a-w C:\WINDOWS\system32\dllcache\digirlpt.sys
+ 2001-08-18 03:36:42   614,429 -c--a-w C:\WINDOWS\system32\dllcache\digiview.exe
+ 2001-08-17 17:13:52   91,305  -c--a-w C:\WINDOWS\system32\dllcache\dimaint.sys
+ 2004-08-04 12:00:00   36,352  -c--a-w C:\WINDOWS\system32\dllcache\disk.sys
+ 2001-08-18 03:36:14   6,729   -c--a-w C:\WINDOWS\system32\dllcache\disrvci.dll
+ 2001-08-18 03:36:14   31,305  -c--a-w C:\WINDOWS\system32\dllcache\disrvpp.dll
+ 2001-08-18 03:36:14   38,985  -c--a-w C:\WINDOWS\system32\dllcache\disrvsu.dll
+ 2001-08-18 03:36:42   236,060 -c--a-w C:\WINDOWS\system32\dllcache\ditrace.exe
+ 2001-08-18 03:36:14   6,216   -c--a-w C:\WINDOWS\system32\dllcache\divaci.dll
+ 2001-08-18 03:36:14   37,962  -c--a-w C:\WINDOWS\system32\dllcache\divaprop.dll
+ 2001-08-18 03:36:14   29,768  -c--a-w C:\WINDOWS\system32\dllcache\divasu.dll
+ 2001-08-17 17:11:44   26,698  -c--a-w C:\WINDOWS\system32\dllcache\dlh5xnd5.sys
+ 2004-08-04 04:00:06   8,320   -c--a-w C:\WINDOWS\system32\dllcache\dlttape.sys
+ 2001-08-17 17:11:42   29,696  -c--a-w C:\WINDOWS\system32\dllcache\dm9pci5.sys
+ 2004-08-04 12:00:00   52,224  -c--a-w C:\WINDOWS\system32\dllcache\dmutil.dll
+ 2004-08-04 03:58:30   207,360 -c--a-w C:\WINDOWS\system32\dllcache\dot4.sys
+ 2001-08-17 18:47:32   12,928  -c--a-w C:\WINDOWS\system32\dllcache\dot4prt.sys
+ 2001-08-17 18:47:32   8,704   -c--a-w C:\WINDOWS\system32\dllcache\dot4scan.sys
+ 2001-08-17 18:47:32   23,808  -c--a-w C:\WINDOWS\system32\dllcache\dot4usb.sys
+ 2001-08-17 17:12:32   28,062  -c--a-w C:\WINDOWS\system32\dllcache\dp83820.sys
+ 2001-08-17 19:07:44   20,192  -c--a-w C:\WINDOWS\system32\dllcache\dpti2o.sys
+ 2001-08-17 17:20:18   334,208 -c--a-w C:\WINDOWS\system32\dllcache\ds1wdm.sys
+ 2004-08-04 12:00:00   55,296  -c--a-w C:\WINDOWS\system32\dllcache\dvdplay.exe
+ 2004-08-04 12:00:00   71,040  -c--a-w C:\WINDOWS\system32\dllcache\dxg.sys
- 2007-08-20 10:04:34   214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-10 23:55:51   214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2001-08-17 17:12:08   50,719  -c--a-w C:\WINDOWS\system32\dllcache\e1000nt5.sys
+ 2001-08-17 17:12:12   19,594  -c--a-w C:\WINDOWS\system32\dllcache\e100isa4.sys
+ 2001-08-17 17:10:50   44,103  -c--a-w C:\WINDOWS\system32\dllcache\el515.sys
+ 2001-08-17 17:10:56   55,999  -c--a-w C:\WINDOWS\system32\dllcache\el556nd5.sys
+ 2001-08-17 17:10:56   24,653  -c--a-w C:\WINDOWS\system32\dllcache\el574nd4.sys
+ 2001-08-17 17:10:58   69,692  -c--a-w C:\WINDOWS\system32\dllcache\el575nd5.sys
+ 2001-08-17 17:10:52   26,141  -c--a-w C:\WINDOWS\system32\dllcache\el589nd5.sys
+ 2001-08-17 17:11:00   69,194  -c--a-w C:\WINDOWS\system32\dllcache\el656cd5.sys
+ 2001-08-17 17:11:00   77,386  -c--a-w C:\WINDOWS\system32\dllcache\el656nd5.sys
+ 2001-08-17 18:28:00   241,206 -c--a-w C:\WINDOWS\system32\dllcache\el656se5.sys
+ 2001-08-17 17:11:06   66,591  -c--a-w C:\WINDOWS\system32\dllcache\el90xbc5.sys
+ 2001-08-17 17:11:02   153,631 -c--a-w C:\WINDOWS\system32\dllcache\el90xnd5.sys
+ 2001-08-17 17:11:12   455,199 -c--a-w C:\WINDOWS\system32\dllcache\el985n51.sys
+ 2001-08-17 17:11:04   70,174  -c--a-w C:\WINDOWS\system32\dllcache\el98xn5.sys
+ 2001-08-17 17:11:08   171,520 -c--a-w C:\WINDOWS\system32\dllcache\el99xn51.sys
+ 2001-08-17 18:53:02   7,296   -c--a-w C:\WINDOWS\system32\dllcache\elmsmc.sys
+ 2001-08-17 17:10:52   25,159  -c--a-w C:\WINDOWS\system32\dllcache\elnk3.sys
+ 2001-08-17 17:10:54   19,996  -c--a-w C:\WINDOWS\system32\dllcache\em556n4.sys
+ 2001-08-17 17:19:26   283,904 -c--a-w C:\WINDOWS\system32\dllcache\emu10k1m.sys
+ 2001-08-17 18:46:40   6,400   -c--a-w C:\WINDOWS\system32\dllcache\enum1394.sys
+ 2001-08-17 18:50:20   144,896 -c--a-w C:\WINDOWS\system32\dllcache\epcfw2k.sys
+ 2001-08-17 17:12:08   18,503  -c--a-w C:\WINDOWS\system32\dllcache\epro4.sys
+ 2001-08-17 18:50:20   114,944 -c--a-w C:\WINDOWS\system32\dllcache\epstw2k.sys
+ 2001-08-17 17:17:40   629,952 -c--a-w C:\WINDOWS\system32\dllcache\eqn.sys
+ 2001-08-18 03:36:44   53,248  -c--a-w C:\WINDOWS\system32\dllcache\eqndiag.exe
+ 2001-08-18 03:36:44   51,200  -c--a-w C:\WINDOWS\system32\dllcache\eqnlogr.exe
+ 2001-08-18 03:36:44   61,952  -c--a-w C:\WINDOWS\system32\dllcache\eqnloop.exe
+ 2001-08-17 17:19:38   37,120  -c--a-w C:\WINDOWS\system32\dllcache\es1370mp.sys
+ 2001-08-17 17:19:34   40,704  -c--a-w C:\WINDOWS\system32\dllcache\es1371mp.sys
+ 2001-08-17 17:19:58   72,192  -c--a-w C:\WINDOWS\system32\dllcache\es1969.sys
+ 2001-08-17 17:19:48   174,464 -c--a-w C:\WINDOWS\system32\dllcache\es198x.sys
+ 2001-08-17 18:28:04   594,238 -c--a-w C:\WINDOWS\system32\dllcache\es56hpi.sys
+ 2001-08-17 18:28:04   347,550 -c--a-w C:\WINDOWS\system32\dllcache\es56tpi.sys
+ 2001-08-17 17:19:56   63,360  -c--a-w C:\WINDOWS\system32\dllcache\ess.sys
+ 2004-08-04 03:32:28   137,088 -c--a-w C:\WINDOWS\system32\dllcache\essm2e.sys
+ 2001-08-18 03:36:16   43,008  -c--a-w C:\WINDOWS\system32\dllcache\esucm.dll
+ 2001-08-18 03:36:16   34,816  -c--a-w C:\WINDOWS\system32\dllcache\esuimg.dll
+ 2001-08-18 03:36:16   45,568  -c--a-w C:\WINDOWS\system32\dllcache\esuni.dll
+ 2001-08-18 03:36:16   45,568  -c--a-w C:\WINDOWS\system32\dllcache\esunib.dll
+ 2001-08-17 17:12:08   16,998  -c--a-w C:\WINDOWS\system32\dllcache\ex10.sys
+ 2001-08-17 18:52:48   7,040   -c--a-w C:\WINDOWS\system32\dllcache\exabyte2.sys
- 2007-08-20 10:04:34   132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-10 23:55:51   132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2001-08-17 17:11:54   12,362  -c--a-w C:\WINDOWS\system32\dllcache\f3ab18xi.sys
+ 2001-08-17 17:11:56   11,850  -c--a-w C:\WINDOWS\system32\dllcache\f3ab18xj.sys
+ 2001-08-17 17:12:32   16,074  -c--a-w C:\WINDOWS\system32\dllcache\fa312nd5.sys
+ 2001-08-17 17:12:32   24,618  -c--a-w C:\WINDOWS\system32\dllcache\fa410nd5.sys
+ 2004-08-04 12:00:00   27,392  -c--a-w C:\WINDOWS\system32\dllcache\fdc.sys
+ 2001-08-17 17:10:54   22,090  -c--a-w C:\WINDOWS\system32\dllcache\fem556n5.sys
+ 2001-08-17 17:13:08   27,165  -c--a-w C:\WINDOWS\system32\dllcache\fetnd5.sys
+ 2004-08-04 12:00:00   20,480  -c--a-w C:\WINDOWS\system32\dllcache\flpydisk.sys
+ 2001-08-18 03:36:16   71,680  -c--a-w C:\WINDOWS\system32\dllcache\fnfilter.dll
+ 2004-08-04 03:31:24   34,173  -c--a-w C:\WINDOWS\system32\dllcache\forehe.sys
+ 2001-08-17 17:14:24   444,416 -c--a-w C:\WINDOWS\system32\dllcache\fpcibase.sys
+ 2001-08-17 17:14:44   441,728 -c--a-w C:\WINDOWS\system32\dllcache\fpcmbase.sys
+ 2001-08-17 17:15:02   442,240 -c--a-w C:\WINDOWS\system32\dllcache\fpnpbase.sys
+ 2004-08-04 12:00:00   193,024 -c--a-w C:\WINDOWS\system32\dllcache\fsquirt.exe
+ 2004-08-04 12:00:00   12,160  -c--a-w C:\WINDOWS\system32\dllcache\fsvga.sys
+ 2004-08-04 12:00:00   125,056 -c--a-w C:\WINDOWS\system32\dllcache\ftdisk.sys
+ 2001-08-17 17:15:22   455,680 -c--a-w C:\WINDOWS\system32\dllcache\fus2base.sys
+ 2001-08-17 17:15:38   455,296 -c--a-w C:\WINDOWS\system32\dllcache\fusbbase.sys
+ 2001-08-18 03:36:16   92,160  -c--a-w C:\WINDOWS\system32\dllcache\fuusd.dll
+ 2001-08-17 17:15:56   454,912 -c--a-w C:\WINDOWS\system32\dllcache\fxusbase.sys
+ 2001-08-17 19:56:00   470,144 -c--a-w C:\WINDOWS\system32\dllcache\g200d.dll
+ 2001-08-17 17:49:34   320,384 -c--a-w C:\WINDOWS\system32\dllcache\g200m.sys
+ 2001-08-17 17:49:42   322,432 -c--a-w C:\WINDOWS\system32\dllcache\g400m.sys
+ 2004-08-04 04:07:44   46,464  -c--a-w C:\WINDOWS\system32\dllcache\gagp30kx.sys
+ 2004-08-04 04:08:22   10,624  -c--a-w C:\WINDOWS\system32\dllcache\gameenum.sys
+ 2004-08-04 04:08:30   59,136  -c--a-w C:\WINDOWS\system32\dllcache\gckernel.sys
+ 2001-08-17 18:51:06   17,408  -c--a-w C:\WINDOWS\system32\dllcache\gpr400.sys
+ 2001-08-17 18:51:20   82,304  -c--a-w C:\WINDOWS\system32\dllcache\grclass.sys
+ 2004-08-04 03:59:20   28,288  -c--a-w C:\WINDOWS\system32\dllcache\grserial.sys
+ 2004-08-04 12:00:00   7,168   -c--a-w C:\WINDOWS\system32\dllcache\hccoin.dll
+ 2004-08-04 12:00:00   20,992  -c--a-w C:\WINDOWS\system32\dllcache\hid.dll
+ 2001-08-17 18:58:00   19,200  -c--a-w C:\WINDOWS\system32\dllcache\hidbatt.sys
+ 2004-08-04 04:10:38   25,600  -c--a-w C:\WINDOWS\system32\dllcache\hidbth.sys
+ 2004-08-04 12:00:00   36,224  -c--a-w C:\WINDOWS\system32\dllcache\hidclass.sys
+ 2001-08-17 19:02:32   8,576   -c--a-w C:\WINDOWS\system32\dllcache\hidgame.sys
+ 2004-08-04 04:08:20   15,104  -c--a-w C:\WINDOWS\system32\dllcache\hidir.sys
+ 2004-08-04 12:00:00   24,960  -c--a-w C:\WINDOWS\system32\dllcache\hidparse.sys
+ 2004-08-04 05:56:44   21,504  -c--a-w C:\WINDOWS\system32\dllcache\hidserv.dll
+ 2004-08-04 12:00:00   9,600   -c--a-w C:\WINDOWS\system32\dllcache\hidusb.sys
+ 2001-08-18 03:36:16   119,296 -c--a-w C:\WINDOWS\system32\dllcache\hpdigwia.dll
+ 2001-08-18 03:36:16   83,968  -c--a-w C:\WINDOWS\system32\dllcache\hpgt21.dll
+ 2001-08-18 03:36:16   123,392 -c--a-w C:\WINDOWS\system32\dllcache\hpgt21tk.dll
+ 2001-08-18 03:36:16   89,088  -c--a-w C:\WINDOWS\system32\dllcache\hpgt33.dll
+ 2001-08-18 03:36:16   48,128  -c--a-w C:\WINDOWS\system32\dllcache\hpgt33tk.dll
+ 2001-08-18 03:36:16   101,376 -c--a-w C:\WINDOWS\system32\dllcache\hpgt34.dll
+ 2001-08-18 03:36:16   126,976 -c--a-w C:\WINDOWS\system32\dllcache\hpgt34tk.dll
+ 2001-08-18 03:36:16   93,696  -c--a-w C:\WINDOWS\system32\dllcache\hpgt42.dll
+ 2001-08-18 03:36:16   31,232  -c--a-w C:\WINDOWS\system32\dllcache\hpgt42tk.dll
+ 2001-08-18 03:36:16   165,888 -c--a-w C:\WINDOWS\system32\dllcache\hpgt53.dll
+ 2001-08-18 03:36:16   68,608  -c--a-w C:\WINDOWS\system32\dllcache\hpgt53tk.dll
+ 2001-08-18 03:36:16   32,768  -c--a-w C:\WINDOWS\system32\dllcache\hpgtmcro.dll
+ 2001-08-17 19:07:44   25,952  -c--a-w C:\WINDOWS\system32\dllcache\hpn.sys
+ 2001-08-18 03:36:16   324,608 -c--a-w C:\WINDOWS\system32\dllcache\hpojwia.dll
+ 2001-08-18 03:36:16   13,312  -c--a-w C:\WINDOWS\system32\dllcache\hpsjmcro.dll
+ 2001-08-17 18:52:50   5,760   -c--a-w C:\WINDOWS\system32\dllcache\hpt4qic.sys
+ 2001-08-18 03:36:16   19,456  -c--a-w C:\WINDOWS\system32\dllcache\hr1w.dll
+ 2001-08-17 18:28:04   150,239 -c--a-w C:\WINDOWS\system32\dllcache\hsf_amos.sys
+ 2001-08-17 18:28:04   67,167  -c--a-w C:\WINDOWS\system32\dllcache\hsf_bsc2.sys
+ 2001-08-17 18:28:06   289,887 -c--a-w C:\WINDOWS\system32\dllcache\hsf_fall.sys
+ 2001-08-17 18:28:06   199,711 -c--a-w C:\WINDOWS\system32\dllcache\hsf_faxx.sys
+ 2001-08-17 18:28:06   115,807 -c--a-w C:\WINDOWS\system32\dllcache\hsf_fsks.sys
+ 2001-08-18 03:36:16   9,759   -c--a-w C:\WINDOWS\system32\dllcache\hsf_inst.dll
+ 2001-08-17 18:28:08   391,199 -c--a-w C:\WINDOWS\system32\dllcache\hsf_k56k.sys
+ 2001-08-17 18:28:10   57,471  -c--a-w C:\WINDOWS\system32\dllcache\hsf_samp.sys
+ 2001-08-17 18:28:10   44,863  -c--a-w C:\WINDOWS\system32\dllcache\hsf_soar.sys
+ 2001-08-17 18:28:10   73,279  -c--a-w C:\WINDOWS\system32\dllcache\hsf_spkp.sys
+ 2001-08-17 18:28:12   50,751  -c--a-w C:\WINDOWS\system32\dllcache\hsf_tone.sys
+ 2001-08-17 18:28:12   488,383 -c--a-w C:\WINDOWS\system32\dllcache\hsf_v124.sys
+ 2004-08-04 03:41:48   220,032 -c--a-w C:\WINDOWS\system32\dllcache\hsfbs2s2.sys
+ 2004-08-04 05:56:44   32,285  -c--a-w C:\WINDOWS\system32\dllcache\hsfcisp2.dll
+ 2004-08-04 03:41:50   685,056 -c--a-w C:\WINDOWS\system32\dllcache\hsfcxts2.sys
+ 2004-08-04 03:41:56   1,041,536   -c--a-w C:\WINDOWS\system32\dllcache\hsfdpsp2.sys
+ 2006-03-17 00:33:10   262,784 -c--a-w C:\WINDOWS\system32\dllcache\http.sys
+ 2004-08-04 04:00:52   8,192   -c--a-w C:\WINDOWS\system32\dllcache\i2omgmt.sys
+ 2004-08-04 04:00:52   18,560  -c--a-w C:\WINDOWS\system32\dllcache\i2omp.sys
+ 2001-08-17 19:56:00   353,184 -c--a-w C:\WINDOWS\system32\dllcache\i740dnt5.dll
+ 2001-08-17 17:49:06   58,592  -c--a-w C:\WINDOWS\system32\dllcache\i740nt5.sys
+ 2004-08-04 12:00:00   52,736  -c--a-w C:\WINDOWS\system32\dllcache\i8042prt.sys
+ 2004-08-04 05:56:44   702,845 -c--a-w C:\WINDOWS\system32\dllcache\i81xdnt5.dll
+ 2004-08-04 03:29:38   161,020 -c--a-w C:\WINDOWS\system32\dllcache\i81xnt5.sys
+ 2001-08-17 17:11:58   28,700  -c--a-w C:\WINDOWS\system32\dllcache\ibmexmp.sys
+ 2001-08-18 03:34:30   9,216   -c--a-w C:\WINDOWS\system32\dllcache\ibmsgnet.dll
+ 2001-08-17 17:12:00   100,936 -c--a-w C:\WINDOWS\system32\dllcache\ibmtok.sys
+ 2001-08-17 17:12:02   109,085 -c--a-w C:\WINDOWS\system32\dllcache\ibmtrp.sys
+ 2001-08-17 19:06:46   38,528  -c--a-w C:\WINDOWS\system32\dllcache\ibmvcap.sys
- 2007-08-17 10:20:54   63,488  -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-10-10 10:59:40   70,656  -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-08-20 10:04:34   153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-10-10 23:55:51   153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-08-20 10:04:35   230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-10-10 23:55:51   230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-08-17 07:34:25   161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-10-10 05:46:55   161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-08-20 10:04:35   384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-10-10 23:55:52   384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-20 10:04:38   44,544  -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:55:55   44,544  -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-08-17 10:21:21   625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-10-10 10:59:52   625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2004-08-04 12:00:00   41,856  -c--a-w C:\WINDOWS\system32\dllcache\imapi.sys
+ 2001-08-17 18:52:08   16,000  -c--a-w C:\WINDOWS\system32\dllcache\ini910u.sys
+ 2001-08-17 18:47:50   13,056  -c--a-w C:\WINDOWS\system32\dllcache\inport.sys
+ 2004-08-03 22:59:42   5,504   -c--a-w C:\WINDOWS\system32\dllcache\intelide.sys
+ 2004-08-04 12:00:00   36,096  -c--a-w C:\WINDOWS\system32\dllcache\intelppm.sys
+ 2001-08-17 18:50:56   38,784  -c--a-w C:\WINDOWS\system32\dllcache\io8.sys
+ 2001-08-18 03:36:18   90,200  -c--a-w C:\WINDOWS\system32\dllcache\io8ports.dll
+ 2001-08-17 17:12:12   45,632  -c--a-w C:\WINDOWS\system32\dllcache\ip5515.sys
+ 2004-08-04 04:08:34   40,832  -c--a-w C:\WINDOWS\system32\dllcache\irbus.sys
+ 2004-08-04 04:00:54   87,424  -c--a-w C:\WINDOWS\system32\dllcache\irda.sys
+ 2001-08-17 18:49:04   23,552  -c--a-w C:\WINDOWS\system32\dllcache\irmk7.sys
+ 2004-08-04 05:56:44   27,136  -c--a-w C:\WINDOWS\system32\dllcache\irmon.dll
+ 2001-08-17 18:51:32   18,688  -c--a-w C:\WINDOWS\system32\dllcache\irsir.sys
+ 2001-08-17 18:49:10   26,624  -c--a-w C:\WINDOWS\system32\dllcache\irstusb.sys
+ 2004-08-04 12:00:00   47,616  -c--a-w C:\WINDOWS\system32\dllcache\iyuv_32.dll
- 2007-08-20 10:04:39   27,648  -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-10 23:55:56   27,648  -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2001-08-17 19:55:56   6,144   -c--a-w C:\WINDOWS\system32\dllcache\kbd101b.dll
+ 2001-08-17 19:55:56   6,144   -c--a-w C:\WINDOWS\system32\dllcache\kbd101c.dll
+ 2001-08-17 19:55:56   5,632   -c--a-w C:\WINDOWS\system32\dllcache\kbd103.dll
+ 2001-08-17 19:55:56   6,144   -c--a-w C:\WINDOWS\system32\dllcache\kbd106.dll
+ 2004-08-04 12:00:00   24,576  -c--a-w C:\WINDOWS\system32\dllcache\kbdclass.sys
+ 2004-08-04 12:00:00   14,848  -c--a-w C:\WINDOWS\system32\dllcache\kbdhid.sys
+ 2001-08-18 03:36:18   8,704   -c--a-w C:\WINDOWS\system32\dllcache\kbdjpn.dll
+ 2001-08-18 03:36:18   8,192   -c--a-w C:\WINDOWS\system32\dllcache\kbdkor.dll
+ 2001-08-18 03:36:18   45,568  -c--a-w C:\WINDOWS\system32\dllcache\kdsui.dll
+ 2001-08-18 03:36:18   37,376  -c--a-w C:\WINDOWS\system32\dllcache\kousd.dll
+ 2001-08-17 17:12:14   19,016  -c--a-w C:\WINDOWS\system32\dllcache\ktc111.sys
+ 2001-08-17 17:12:50   26,442  -c--a-w C:\WINDOWS\system32\dllcache\lanepic5.sys
+ 2004-08-04 03:59:34   34,688  -c--a-w C:\WINDOWS\system32\dllcache\lbrtfdc.sys
+ 2001-08-17 18:51:10   15,744  -c--a-w C:\WINDOWS\system32\dllcache\lit220p.sys
+ 2001-08-17 17:11:52   25,065  -c--a-w C:\WINDOWS\system32\dllcache\lmndis3.sys
+ 2001-08-17 17:12:20   20,573  -c--a-w C:\WINDOWS\system32\dllcache\lne100.sys
+ 2001-08-17 17:12:24   70,730  -c--a-w C:\WINDOWS\system32\dllcache\lne100tx.sys
+ 2001-08-17 18:53:42   4,992   -c--a-w C:\WINDOWS\system32\dllcache\loop.sys
+ 2001-08-17 18:28:18   727,786 -c--a-w C:\WINDOWS\system32\dllcache\ltck000c.sys
+ 2004-08-04 03:41:36   606,684 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmnt.sys
+ 2001-08-17 18:28:08   576,746 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmntl.sys
+ 2004-08-04 03:41:38   420,992 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmntt.sys
+ 2004-08-04 04:00:08   7,040   -c--a-w C:\WINDOWS\system32\dllcache\ltotape.sys
+ 2001-08-17 18:28:12   797,500 -c--a-w C:\WINDOWS\system32\dllcache\ltsmt.sys
+ 2004-08-04 03:39:32   20,864  -c--a-w C:\WINDOWS\system32\dllcache\lwadihid.sys
+ 2001-08-17 17:49:20   22,848  -c--a-w C:\WINDOWS\system32\dllcache\lwusbhid.sys
+ 2001-08-18 03:36:18   58,368  -c--a-w C:\WINDOWS\system32\dllcache\m3091dc.dll
+ 2001-08-18 03:36:18   58,880  -c--a-w C:\WINDOWS\system32\dllcache\m3092dc.dll
+ 2001-08-17 17:19:58   48,768  -c--a-w C:\WINDOWS\system32\dllcache\maestro.sys
+ 2001-08-17 18:52:50   7,424   -c--a-w C:\WINDOWS\system32\dllcache\mammoth.sys
+ 2001-08-17 17:12:26   164,586 -c--a-w C:\WINDOWS\system32\dllcache\mdgndis5.sys
+ 2004-08-04 12:00:00   147,968 -c--a-w C:\WINDOWS\system32\dllcache\mdwmdmsp.dll
+ 2001-08-17 18:58:04   8,320   -c--a-w C:\WINDOWS\system32\dllcache\memcard.sys
+ 2001-08-18 03:36:20   47,616  -c--a-w C:\WINDOWS\system32\dllcache\memgrp.dll
+ 2004-08-04 04:00:50   26,112  -c--a-w C:\WINDOWS\system32\dllcache\memstpci.sys
+ 2004-08-04 12:00:00   63,744  -c--a-w C:\WINDOWS\system32\dllcache\mf.sys
+ 2001-08-17 19:56:02   235,648 -c--a-w C:\WINDOWS\system32\dllcache\mgaud.dll
- 2005-07-25 23:46:57   7,680   -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2004-08-04 12:00:00   7,680   -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2001-08-17 18:52:50   6,528   -c--a-w C:\WINDOWS\system32\dllcache\miniqic.sys
+ 2004-08-04 12:00:00   30,080  -c--a-w C:\WINDOWS\system32\dllcache\modem.sys
+ 2004-08-04 12:00:00   23,040  -c--a-w C:\WINDOWS\system32\dllcache\mouclass.sys
+ 2004-08-04 12:00:00   12,160  -c--a-w C:\WINDOWS\system32\dllcache\mouhid.sys
+ 2004-08-04 04:10:14   15,360  -c--a-w C:\WINDOWS\system32\dllcache\mpe.sys
- 2004-08-04 12:00:00   72,960  -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47   72,960  -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-04 12:00:00   138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:46:59   138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-04 12:00:00   47,104  -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:46:59   47,104  -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-04 12:00:00   16,896  -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:46:59   16,896  -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-04 12:00:00   660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:46:59   660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-04 12:00:00   177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:46:59   177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-04 12:00:00   95,744  -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:46:59   95,744  -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-04 12:00:00   48,640  -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:46:59   48,640  -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-04 12:00:00   471,552 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:46:59   471,552 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2001-08-17 18:52:12   17,280  -c--a-w C:\WINDOWS\system32\dllcache\mraid35x.sys
+ 2004-08-04 04:10:00   51,328  -c--a-w C:\WINDOWS\system32\dllcache\msdv.sys
+ 2001-08-17 18:48:36   6,016   -c--a-w C:\WINDOWS\system32\dllcache\msfsio.sys
+ 2001-08-17 19:02:40   35,200  -c--a-w C:\WINDOWS\system32\dllcache\msgame.sys
- 2007-08-20 20:34:42   3,584,512   -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-30 23:42:28   3,590,656   -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-20 10:04:41   477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-10 23:55:58   478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2004-08-04 04:00:48   22,016  -c--a-w C:\WINDOWS\system32\dllcache\msircomm.sys
- 2007-08-20 10:04:41   193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-10 23:55:58   193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2001-08-17 18:48:50   12,416  -c--a-w C:\WINDOWS\system32\dllcache\msriffwv.sys
+ 2004-08-04 12:00:00   15,488  -c--a-w C:\WINDOWS\system32\dllcache\mssmbios.sys
+ 2004-08-04 04:10:00   49,024  -c--a-w C:\WINDOWS\system32\dllcache\mstape.sys
+ 2004-08-04 03:58:40   5,504   -c--a-w C:\WINDOWS\system32\dllcache\mstee.sys
- 2007-08-20 10:04:42   671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-10 23:55:59   671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2004-08-04 12:00:00   17,408  -c--a-w C:\WINDOWS\system32\dllcache\msyuv.dll
+ 2004-08-04 03:41:40   126,686 -c--a-w C:\WINDOWS\system32\dllcache\mtlmnt5.sys
+ 2004-08-04 03:41:38   1,309,184   -c--a-w C:\WINDOWS\system32\dllcache\mtlstrm.sys
+ 2004-08-04 03:29:38   452,736 -c--a-w C:\WINDOWS\system32\dllcache\mtxparhm.sys
+ 2001-08-17 17:50:04   103,296 -c--a-w C:\WINDOWS\system32\dllcache\mtxvideo.sys
+ 2004-08-04 04:04:52   12,672  -c--a-w C:\WINDOWS\system32\dllcache\mutohpen.sys
+ 2001-08-17 18:50:48   21,888  -c--a-w C:\WINDOWS\system32\dllcache\mxcard.sys
+ 2001-08-18 03:36:26   19,968  -c--a-w C:\WINDOWS\system32\dllcache\mxicfg.dll
+ 2001-08-17 18:49:32   19,968  -c--a-w C:\WINDOWS\system32\dllcache\mxnic.sys
+ 2001-08-18 03:36:26   7,168   -c--a-w C:\WINDOWS\system32\dllcache\mxport.dll
+ 2001-08-17 18:50:54   75,520  -c--a-w C:\WINDOWS\system32\dllcache\mxport.sys
+ 2001-08-17 17:11:36   52,255  -c--a-w C:\WINDOWS\system32\dllcache\n1000nt5.sys
+ 2001-08-17 17:11:38   128,000 -c--a-w C:\WINDOWS\system32\dllcache\n100325.sys
+ 2001-08-17 19:56:02   35,392  -c--a-w C:\WINDOWS\system32\dllcache\n9i128.dll
+ 2001-08-17 17:50:06   13,664  -c--a-w C:\WINDOWS\system32\dllcache\n9i128.sys
+ 2001-08-18 03:36:02   59,104  -c--a-w C:\WINDOWS\system32\dllcache\n9i128v2.dll
+ 2001-08-17 17:50:08   33,088  -c--a-w C:\WINDOWS\system32\dllcache\n9i128v2.sys
+ 2001-08-17 17:50:10   27,936  -c--a-w C:\WINDOWS\system32\dllcache\n9i3d.sys
+ 2001-08-17 19:56:02   91,488  -c--a-w C:\WINDOWS\system32\dllcache\n9i3disp.dll
+ 2004-08-04 04:10:30   85,376  -c--a-w C:\WINDOWS\system32\dllcache\nabtsfec.sys
+ 2004-08-04 04:10:14   10,880  -c--a-w C:\WINDOWS\system32\dllcache\ndisip.sys
+ 2004-08-04 12:00:00   12,928  -c--a-w C:\WINDOWS\system32\dllcache\ndisuio.sys
+ 2001-08-17 18:49:14   15,872  -c--a-w C:\WINDOWS\system32\dllcache\ne2000.sys
+ 2001-08-18 03:36:02   60,480  -c--a-w C:\WINDOWS\system32\dllcache\neo20xx.dll
+ 2001-08-17 17:50:04   39,264  -c--a-w C:\WINDOWS\system32\dllcache\neo20xx.sys
+ 2001-08-17 17:11:36   65,278  -c--a-w C:\WINDOWS\system32\dllcache\netflx3.sys
+ 2001-08-17 17:12:20   32,840  -c--a-w C:\WINDOWS\system32\dllcache\ngrpci.sys
+ 2001-08-17 17:20:08   126,080 -c--a-w C:\WINDOWS\system32\dllcache\nm5a2wdm.sys
+ 2001-08-17 17:20:08   87,040  -c--a-w C:\WINDOWS\system32\dllcache\nm6wdm.sys
+ 2004-08-04 04:00:52   28,672  -c--a-w C:\WINDOWS\system32\dllcache\nscirda.sys
+ 2001-08-17 18:53:02   7,552   -c--a-w C:\WINDOWS\system32\dllcache\nsmmc.sys
+ 2001-08-17 18:47:22   9,344   -c--a-w C:\WINDOWS\system32\dllcache\ntapm.sys
+ 2001-08-17 17:49:04   51,552  -c--a-w C:\WINDOWS\system32\dllcache\ntgrip.sys
+ 2004-08-04 03:41:40   180,360 -c--a-w C:\WINDOWS\system32\dllcache\ntmtlfax.sys
+ 2001-08-18 03:36:02   123,776 -c--a-w C:\WINDOWS\system32\dllcache\nv3.dll
+ 2001-08-17 17:50:18   198,144 -c--a-w C:\WINDOWS\system32\dllcache\nv3.sys
+ 2004-08-04 03:29:56   1,897,408   -c--a-w C:\WINDOWS\system32\dllcache\nv4_mini.sys
- 2007-08-20 10:04:42   102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-10 23:55:59   102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2004-08-04 04:10:10   61,056  -c--a-w C:\WINDOWS\system32\dllcache\ohci1394.sys
+ 2001-08-17 17:20:16   54,528  -c--a-w C:\WINDOWS\system32\dllcache\opl3sax.sys
+ 2001-08-17 17:12:36   27,209  -c--a-w C:\WINDOWS\system32\dllcache\otc06x5.sys
+ 2001-08-17 17:12:36   43,689  -c--a-w C:\WINDOWS\system32\dllcache\otceth5.sys
+ 2001-08-17 18:28:12   54,186  -c--a-w C:\WINDOWS\system32\dllcache\otcsercb.sys
+ 2001-08-17 19:05:04   25,088  -c--a-w C:\WINDOWS\system32\dllcache\ovca.sys
+ 2001-08-17 19:05:12   48,000  -c--a-w C:\WINDOWS\system32\dllcache\ovcam2.sys
+ 2001-08-17 19:05:16   28,032  -c--a-w C:\WINDOWS\system32\dllcache\ovcd.sys
+ 2001-08-17 19:05:20   31,872  -c--a-w C:\WINDOWS\system32\dllcache\ovce.sys
+ 2001-08-18 03:36:28   116,736 -c--a-w C:\WINDOWS\system32\dllcache\ovcodec2.dll
+ 2001-08-18 03:36:28   20,480  -c--a-w C:\WINDOWS\system32\dllcache\ovcomc.dll
+ 2001-08-18 03:36:54   39,424  -c--a-w C:\WINDOWS\system32\dllcache\ovcoms.exe
+ 2001-08-17 19:05:06   25,216  -c--a-w C:\WINDOWS\system32\dllcache\ovsound2.sys
+ 2001-08-18 03:36:28   44,544  -c--a-w C:\WINDOWS\system32\dllcache\ovui2.dll
+ 2001-08-18 03:36:28   41,984  -c--a-w C:\WINDOWS\system32\dllcache\ovui2rc.dll
+ 2004-08-04 12:00:00   42,496  -c--a-w C:\WINDOWS\system32\dllcache\p3.sys
+ 2004-08-04 12:00:00   157,696 -c--a-w C:\WINDOWS\system32\dllcache\paqsp.dll
+ 2004-08-04 12:00:00   80,128  -c--a-w C:\WINDOWS\system32\dllcache\parport.sys
+ 2001-08-17 17:12:18   30,495  -c--a-w C:\WINDOWS\system32\dllcache\pc100nds.sys
+ 2004-08-04 03:31:24   29,502  -c--a-w C:\WINDOWS\system32\dllcache\pca200e.sys
+ 2001-08-17 17:12:18   26,153  -c--a-w C:\WINDOWS\system32\dllcache\pcmlm56.sys
+ 2001-08-17 17:11:22   30,282  -c--a-w C:\WINDOWS\system32\dllcache\pcntn5hl.sys
+ 2001-08-17 17:11:20   29,769  -c--a-w C:\WINDOWS\system32\dllcache\pcntn5m.sys
+ 2001-08-17 17:11:22   35,328  -c--a-w C:\WINDOWS\system32\dllcache\pcntpci5.sys
+ 2001-08-18 03:36:54   86,016  -c--a-w C:\WINDOWS\system32\dllcache\pctspk.exe
+ 2004-08-04 03:06:18   169,984 -c--a-w C:\WINDOWS\system32\dllcache\pcx500.sys
+ 2001-08-17 19:07:40   27,296  -c--a-w C:\WINDOWS\system32\dllcache\perc2.sys
+ 2001-08-17 19:07:42   5,504   -c--a-w C:\WINDOWS\system32\dllcache\perc2hib.sys
+ 2004-08-04 04:06:56   27,904  -c--a-w C:\WINDOWS\system32\dllcache\perm2.sys
+ 2004-08-04 05:56:24   211,712 -c--a-w C:\WINDOWS\system32\dllcache\perm2dll.dll
+ 2004-08-04 04:06:58   28,032  -c--a-w C:\WINDOWS\system32\dllcache\perm3.sys
+ 2001-08-18 03:36:28   16,384  -c--a-w C:\WINDOWS\system32\dllcache\philcam1.dll
+ 2001-08-17 19:04:50   75,776  -c--a-w C:\WINDOWS\syst
Edited by happygeek because: fixed formatting
Member Avatar for crunchie

Did you install anything remotely like desktop surveillance personal spyware on your pc?
There is a file in the log that is related to that program. It is installed manually usually.

===========

Please right click on hijackthis.exe and select rename. Rename the file to analysethis before doing anything below.

==

Please go to Jotti's or to virustotal and have this file scanned. Post the results back here.

C:\WINDOWS\system32\lsasss.exe

==

1. Please open Notepad

  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:


File::
C:\WINDOWS\system32\vtsqq.dll
C:\WINDOWS\system32\qqstv.ini
C:\WINDOWS\system32\rrqss.tmp
C:\WINDOWS\ljkjji.dll
C:\WINDOWS\ssqoml.dll
C:\WINDOWS\system32\vtsqo.dll
C:\WINDOWS\system32\ddabc.dll
C:\WINDOWS\system32\byxvuts.dll
C:\WINDOWS\rqpmml.dll
C:\WINDOWS\ghhhkj.ini2

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2569C8A7-F5C9-4838-B2B9-E3CB00C1AB3A}]

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byxvuts]

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Save the above as CFScript.txt

4. Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

[IMG]http://i5.photobucket.com/albums/y153/crunchie1/CFScript.gif[/IMG]


6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next replyafter you re-enable all the programs that were disabled during the running of ComboFix:

  • Combofix.txt
  • A new HijackThis log.

Please take note:

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Member Avatar for ownedswax

I have somehow fixed my problem "i do not know exactally what i did, but it worked. haha. Please take a loog at my latest HJT log which is below. Thank you very very much for your help and support with my problem. I have learned alot from you guys.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:49:45 PM, on 12/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Kevin\Desktop\steam.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Documents and Settings\Kevin\Desktop\mirc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {9DDE7CEC-EA47-463F-A055-4ADBCF56358A} - C:\WINDOWS\system32\jkhff.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1006\..\Run: [b0d6aa28] rundll32.exe "C:\WINDOWS\cbywxu.dll",b (User 'Dad')
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1006\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Dad')
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Dad')
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1006\..\Run: [cmds] rundll32.exe C:\DOCUME~1\Dad\LOCALS~1\Temp\gebcy.dll,c (User 'Dad')
O4 - HKUS\S-1-5-21-746137067-1035525444-1417001333-1006\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Dad')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab?
O20 - Winlogon Notify: byxvuts - byxvuts.dll (file missing)
O20 - Winlogon Notify: c_8500 - c_8500.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 5983 bytes

Member Avatar for crunchie

I have somehow fixed my problem "i do not know exactally what i did, but it worked. haha. Please take a loog at my latest HJT log which is below.

If you never did the things I suggested in my last post then you are still infected :).
I still see two nasty entries in your latest log.

Did you install anything remotely like desktop surveillance personal spyware on your pc?
There is a file in the log that is related to that program. It is installed manually usually.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.