0

Ok I am a basic entry level pc tech with no actual schooling so its all self taught. I say this so yall can teach me as we go on th best first steps to take. Lady said she was getting a 2009 antivirus popping up all the time so i told her 50 bucks and ill clean it up.

However this is the worse infection I personally have ever seen, the computer comes up with cannot load program please pick one to load it. I click the .exe and load it sometimes the programs come up sometimes they dont. I cannot start task manager, or reg edit; It also will not let me into user name folder(access denied) so i cannot get her data off. Customer told me it was running fine till her grandson and son got on it one weekend, I found traces of limewire on the computer but other than that nothing suspicious was in her temp files at least that I could see.

First off I always run 1 virus scan usually trend micro and then I run Hijack this and clean everything up it finds; this took me 3 tries to load the program(just wouldnt load) when I got it loaded and was access denied on a few items and just wouldnt remove them.

I have ran Trend Micro(ran this i dk how many times but till it stopped finding things), MBAM(ran it about 5 times till it stopped finding things), avira, adaware(which just locked up on me everytime i started scanning this hard drive), cloud antivirus, threat fire, ccleaner, advanced spyware remover, advanced system care 3, none of the rkill programs would run, same as the microsoft malicious malware tool, O and I ran avast.

I have read this thread and his problem was similar but mine seems a little worse as I cant run some of the programs. She is ok with a clean install however I cant get her data off. http://www.daniweb.com/forums/thread265772.html

I will attach the dds files below this as well as the hijack this.

Thanks for your help!

1
Contributor
2
Replies
3
Views
7 Years
Discussion Span
Last Post by kell_tainer
0

DDS (Ver_10-03-17.01) - NTFSx86
Run by James at 12:58:31.60 on Sat 01/12/2002
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1015.754 [GMT -6:00]

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\WINNT\Explorer.EXE
E:\dds.scr

============== Pseudo HJT Report ===============

mSearch Page =
mStart Page =
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: ZoneAlarm Spy Blocker Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar1.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [Rkekiyayidadoti] rundll32.exe "c:\winnt\uturazohitozof.dll",Startup
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\STARTXP.BAT
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: c:\docume~1\alluse~1\applic~1\micros~1\windows\mspdb12.dll
LSA: Notification Packages = scecli iuvcont.dll
uASetup: {ADEEAF15-7FE8-DEDD-3FFF-4DF56EBB1DFB} - c:\docume~1\james\locals~1\temp\incognito.exe

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\james\applic~1\mozilla\firefox\profiles\0mbak52l.default\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 vsdatant;vsdatant;c:\winnt\system32\vsdatant.sys [2008-8-1 353672]
R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-10-3 464264]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\winnt\system32\drivers\EAPPkt.sys [2008-4-9 66048]
R2 vsmon;TrueVector Internet Monitor;c:\winnt\system32\zonelabs\vsmon.exe -service --> c:\winnt\system32\zonelabs\vsmon.exe -service [?]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\progra~1\pc-doc~1\diagno~1\pcdrdrv.sys --> c:\progra~1\pc-doc~1\diagno~1\PCDRDRV.sys [?]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\winnt\system32\drivers\wg111v2.sys [2008-4-9 167808]
S3 SjyPkt;SjyPkt;c:\winnt\system32\drivers\SjyPkt.sys [2008-4-9 13532]

============== File Associations ===============

.exe=secfile

=============== Created Last 30 ================

2010-03-04 04:31:55 0 d-----w- c:\program files\Trend Micro
2010-03-04 04:31:12 0 dc----w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-03-03 00:03:10 12160 ----a-w- c:\winnt\system32\drivers\mouhid.sys
2010-03-01 17:27:16 10752 ----a-w- c:\winnt\DCEBoot.exe
2010-03-01 16:56:40 157712 ----a-w- c:\winnt\system32\drivers\tmcomm.sys
2010-02-03 02:02:20 28160 ----a-w- c:\winnt\system32\4DW4R3RKkESbrvfp.dll
2010-02-03 01:43:02 53 ----a-w- c:\winnt\system32\4DW4R3sv.dat
2010-01-28 16:24:55 0 ----a-w- c:\winnt\Gpuhewazu.bin
2010-01-28 16:24:54 120 ----a-w- c:\winnt\Acogimifetelagu.dat
2009-11-06 08:47:48 57344 ----a-w- c:\documents and settings\james\lvtxrug.exe
2009-10-04 01:03:43 0 d-----w- c:\program files\ToniArts
2009-10-03 17:03:23 0 d-----w- c:\program files\AskBarDis
2009-10-03 17:02:42 1221512 ----a-w- c:\winnt\system32\zpeng25.dll
2009-09-17 16:09:59 0 d-----w- c:\program files\Code2Go
2009-09-17 16:07:58 0 d-----w- c:\program files\RelativeAgeQuiz
2009-09-17 16:07:36 0 d-----w- c:\program files\NatureAssessment
2009-09-17 16:07:26 249856 ------w- c:\winnt\Setup1.exe
2009-09-17 16:07:24 73216 ----a-w- c:\winnt\ST6UNST.EXE
2009-09-17 15:27:50 0 d-----w- c:\program files\JRE
2009-09-17 15:27:46 0 d-----w- c:\program files\OpenOffice.org 3
2009-09-16 01:54:49 411368 ----a-w- c:\winnt\system32\deploytk.dll
2009-09-05 06:54:48 94208 ----a-w- c:\winnt\system32\QuickTimeVR.qtx
2009-09-05 06:54:48 69632 ----a-w- c:\winnt\system32\QuickTime.qts
2009-08-13 17:16:08 202072 ----a-r- c:\winnt\system32\cpnprt2.cid
2009-08-13 17:16:03 0 d-----w- c:\winnt\Cache
2009-08-13 17:16:03 0 d-----w- c:\program files\Coupons
2009-07-21 06:05:40 1348432 ----a-w- c:\winnt\system32\msxml4.dll
2009-07-20 21:00:14 0 d-----w- c:\winnt\system32\CatRoot_bak
2009-07-20 20:58:51 0 d-----w- c:\program files\MSXML 4.0
2009-07-20 20:18:22 0 d-----w- c:\program files\IObit
2009-07-20 20:14:58 221184 ----a-w- c:\winnt\system32\wmpns.dll
2009-07-11 21:39:54 21728 ----a-w- c:\winnt\system32\wucltui.dll.mui
2009-07-11 21:39:54 17632 ----a-w- c:\winnt\system32\wuaueng.dll.mui
2009-07-11 21:39:54 15072 ----a-w- c:\winnt\system32\wuaucpl.cpl.mui
2009-07-11 21:39:54 15064 ----a-w- c:\winnt\system32\wuapi.dll.mui
2008-10-01 01:19:15 0 d-----w- c:\program files\OpenOffice.org 2.4
2008-09-30 01:17:41 73728 ----a-w- c:\winnt\system32\javacpl.cpl
2008-09-10 02:48:55 0 d-----w- c:\program files\GIMP-2.0
2008-09-09 00:47:32 1336632 -c--a-r- c:\temp\LaunchU3.exe
2008-09-09 00:47:22 0 d-----w- C:\Temp
2008-08-05 02:29:29 0 d-----w- c:\program files\Overland
2008-08-05 02:16:06 0 d-----w- c:\winnt\system32\wbem\AutoRecover
2008-08-04 21:16:59 67866 -c----w- c:\winnt\system32\drivers\netwlan5.img
2008-08-04 21:12:56 0 d-----w- c:\winnt\ServicePackFiles
2008-08-04 20:58:18 0 d-----w- c:\winnt\EHome
2008-08-02 00:47:29 0 d-----w- c:\program files\ZoneAlarmSB
2008-08-02 00:42:30 4212 ---ha-w- c:\winnt\system32\zllictbl.dat
2008-08-02 00:42:07 75248 -c--a-w- c:\winnt\zllsputility.exe
2008-08-02 00:42:06 11264 -c--a-w- c:\winnt\system32\SpOrder.dll
2008-08-02 00:41:25 0 d-----w- c:\winnt\system32\ZoneLabs
2008-08-02 00:41:25 0 d-----w- c:\program files\Zone Labs
2008-08-02 00:41:21 352918 ----a-w- c:\winnt\system32\vsconfig.xml
2008-08-02 00:36:10 0 d-----w- c:\winnt\Internet Logs
2008-08-01 22:57:17 0 d-----w- c:\program files\Spybot - Search & Destroy
2008-08-01 22:57:17 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-05-03 12:00:00 250048 --sha-r- C:\ntldr
2008-04-15 21:45:10 75384 -c--a-w- c:\winnt\TrueInstall.exe
2008-04-09 18:14:30 167808 ----a-w- c:\winnt\system32\drivers\wg111v2.sys
2008-04-09 18:14:28 66048 ----a-w- c:\winnt\system32\drivers\EAPPkt.sys
2008-04-09 18:14:28 13532 ----a-w- c:\winnt\system32\drivers\SjyPkt.sys
2008-04-09 18:14:23 200704 ----a-w- c:\winnt\system32\WG1v2Lib.dll
2008-04-09 18:14:23 155648 ----a-w- c:\winnt\system32\IpLib.dll
2008-04-09 18:14:23 114688 -c--a-r- c:\winnt\system32\EnumDev111.dll
2008-04-09 18:14:23 0 d-----w- c:\program files\NETGEAR
2008-04-09 18:14:22 0 d-----w- c:\winnt\OPTIONS
2008-04-03 16:35:02 1291776 -c--a-w- c:\winnt\MailSwitch.ocx
2008-03-25 00:01:49 71008 ----a-w- c:\winnt\CouponPrinter.ocx
2008-02-23 07:40:48 6246 -c--a-w- c:\winnt\atty.ico
2008-02-23 07:40:17 17162 -c----w- c:\winnt\system32\Pcandis5.sys
2008-02-23 07:40:17 16848 -c----w- c:\winnt\system32\Pcandis4.sys
2008-02-23 07:40:17 16073 -c----w- c:\winnt\system32\Pcandis3.vxd
2008-02-23 07:40:16 81920 -c----w- c:\winnt\system32\W32n50.dll
2008-02-23 07:40:04 0 d-----w- c:\winnt\Motive
2008-02-23 07:39:56 0 d-----w- c:\program files\common files\Motive
2008-02-23 07:39:12 0 d-----w- c:\program files\SBC Self Support Tool
2008-02-23 07:27:25 24576 -c--a-w- c:\winnt\system32\msxml3a.dll
2008-02-23 07:26:45 65536 ----a-w- c:\winnt\system32\YCRWin32.dll
2008-02-23 07:26:39 84992 -c--a-w- c:\winnt\system32\ATL70.DLL
2008-02-23 06:37:06 0 d-----w- c:\program files\Yahoo!
2008-02-23 06:33:38 0 d-----w- c:\program files\BroadJump
2008-02-23 06:24:02 6345 -c--a-r- c:\winnt\system32\DevMngr.vxd
2008-02-23 06:23:37 266240 -c----w- c:\winnt\SBCDSL.exe
2008-02-23 05:33:01 331776 -c--a-w- c:\winnt\system32\rwx20.dll
2008-02-23 05:20:54 0 d-----w- C:\SIERRA
2008-02-23 05:20:54 0 d-----w- c:\program files\WON
2008-02-23 05:20:54 0 d-----w- c:\program files\Sierra On-Line
2008-02-23 05:19:25 173 -c--a-w- c:\winnt\SIERRA.INI
2007-03-26 17:38:13 41984 -c--a-r- c:\winnt\system32\CoachWia.dll
2007-03-26 17:38:12 8192 -c--a-r- c:\winnt\system32\CoachWrp.dll
2007-03-26 17:38:11 46944 -c--a-r- c:\winnt\system32\drivers\CoachUsb.sys
2007-03-26 17:23:12 7136 -c--a-r- c:\winnt\system32\drivers\USBNTMAP.SYS
2007-03-26 17:23:12 4861 -c--a-r- c:\winnt\system32\drivers\USBMPHLP.PDR
2007-03-26 17:23:12 1700352 -c--a-r- c:\winnt\system32\drivers\GdiPlus.dll
2007-03-26 17:23:12 114688 -c--a-r- c:\winnt\system32\drivers\JpegCode.dll
2007-03-26 17:23:11 8249 -c--a-r- c:\winnt\system32\drivers\CoachDc.inf
2007-03-26 17:23:11 8192 -c--a-r- c:\winnt\system32\drivers\CoachWrp.dll
2007-03-26 17:23:11 74 -c--a-r- c:\winnt\system32\drivers\CoachVc.cat
2007-03-26 17:23:11 74 -c--a-r- c:\winnt\system32\drivers\CoachDc.cat
2007-03-26 17:23:11 5853 -c--a-r- c:\winnt\system32\drivers\CoachVc.inf
2007-03-26 17:23:11 44256 -c--a-r- c:\winnt\system32\drivers\CoachVc.sys
2007-03-26 17:23:11 41984 -c--a-r- c:\winnt\system32\drivers\CoachWia.dll
2007-03-26 17:23:11 16896 -c--a-r- c:\winnt\system32\drivers\CoachDlg.dll
2007-03-26 16:34:02 0 d-----w- C:\Sharons Pictures
2007-02-18 04:26:23 8 -c--a-w- c:\winnt\system32\ma.exe
2007-02-08 03:31:07 8 ----a-w- c:\winnt\system32\abc.exe
2006-12-22 17:28:14 271360 ----a-w- c:\winnt\system32\mscoree.dll
2006-12-18 05:14:49 0 d-----w- c:\program files\Lavasoft
2006-12-18 05:14:12 0 d-----w- c:\program files\NoAd HOSTS file
2006-09-13 05:09:16 1106944 ----a-w- c:\winnt\system32\msxml3.dll
2006-08-25 09:14:17 2897920 ----a-w- c:\winnt\system32\xpsp2res.dll
2006-08-16 12:14:23 82944 ----a-w- c:\winnt\system32\ws2_32.dll
2006-08-16 12:14:23 59904 -c--a-w- c:\winnt\system32\ipv6mon.dll
2006-08-16 12:14:23 33280 -c--a-w- c:\winnt\system32\inetmib1.dll
2006-08-16 12:14:23 14336 -c--a-w- c:\winnt\system32\wship6.dll
2006-08-16 12:14:23 100352 ----a-w- c:\winnt\system32\6to4svc.dll
2006-08-16 09:42:14 438784 ----a-w- c:\winnt\system32\xpob2res.dll
2006-08-16 09:28:55 53248 -c--a-w- c:\winnt\system32\ipv6.exe
2006-08-16 09:27:50 86016 -c--a-w- c:\winnt\system32\netsh.exe
2006-08-16 09:27:12 12416 -c--a-w- c:\winnt\system32\drivers\tunmp.sys
2006-06-23 16:33:58 659456 ----a-w- c:\winnt\system32\wininet.dll
2006-05-14 09:13:41 384000 -c--a-w- c:\winnt\system32\ipsmsnap.dll
2006-05-14 09:13:41 349696 -c--a-w- c:\winnt\system32\ipsecsnp.dll
2006-05-14 09:13:41 32768 ----a-w- c:\winnt\system32\winipsec.dll
2006-05-14 09:13:41 266752 ----a-w- c:\winnt\system32\oakley.dll
2006-05-14 09:13:41 182784 ----a-w- c:\winnt\system32\ipsecsvc.dll
2006-05-14 09:13:41 105472 -c--a-w- c:\winnt\system32\polstore.dll
2006-03-17 00:49:30 28672 -c--a-w- c:\winnt\system32\verclsid.exe
2006-03-01 19:44:39 91648 ----a-w- c:\winnt\system32\mtxoci.dll
2006-03-01 19:44:39 66560 ----a-w- c:\winnt\system32\mtxclu.dll
2006-01-04 03:37:34 68096 ----a-w- c:\winnt\system32\webclnt.dll
2005-12-23 17:49:14 1082368 ----a-w- c:\winnt\system32\esent.dll
2005-10-17 13:24:51 142 -c--a-w- c:\winnt\Wininit.ini
2005-10-17 13:23:31 81924 -c----w- c:\winnt\system32\drivers\VC4CB104.SYS
2005-10-17 13:23:29 65536 -c----w- c:\winnt\system32\FINFCHECK.dll
2005-10-17 13:23:29 45056 -c----w- c:\winnt\system32\FINFCOPY.dll
2005-10-17 13:23:29 0 d-----w- c:\program files\REGSHAVE
2005-10-17 13:23:27 69632 -c----w- c:\winnt\system32\FREGSHEX.DLL
2005-10-17 13:23:27 45056 -c----w- c:\winnt\system32\FCLKBTN.DLL
2005-10-13 17:05:22 0 d-s---w- c:\documents and settings\james\UserData
2005-09-01 01:49:29 19968 ----a-w- c:\winnt\system32\linkinfo.dll
2005-08-30 15:14:00 1290752 ----a-w- c:\winnt\system32\quartz.dll
2005-08-23 03:51:10 123392 ----a-w- c:\winnt\system32\umpnpmgr.dll
2005-08-22 18:36:34 197632 ----a-w- c:\winnt\system32\netman.dll
2005-07-29 19:19:08 0 d-----w- c:\docume~1\james\applic~1\Digital Album Organizer
2005-07-28 14:50:02 0 d-----w- c:\winnt\system32\PreInstall
2005-07-27 19:33:54 23552 -c--a-w- c:\winnt\system32\fujisver.scr
2005-07-27 16:23:33 38867 -c----w- c:\winnt\hpomdl03.dat.temp
2005-07-27 16:23:33 29134 -c----w- c:\winnt\hpoins03.dat.temp
2005-07-27 15:39:59 589824 -c--a-w- c:\winnt\system32\DVDRProX.dll
2005-07-26 05:51:12 7552 -c--a-w- c:\winnt\system32\drivers\SONYPVU1.SYS
2005-07-26 04:31:13 74752 ----a-w- c:\winnt\system32\olecli32.dll
2005-07-26 04:31:13 399360 ----a-w- c:\winnt\system32\rpcss.dll
2005-07-26 04:31:13 1285120 ----a-w- c:\winnt\system32\ole32.dll
2005-07-26 04:31:12 253952 ----a-w- c:\winnt\system32\es.dll
2005-07-26 04:30:49 1267200 ----a-w- c:\winnt\system32\comsvcs.dll
2005-07-26 04:30:41 60416 ----a-w- c:\winnt\system32\colbact.dll
2005-07-26 04:30:41 498688 ----a-w- c:\winnt\system32\clbcatq.dll
2005-07-26 04:30:38 625152 ----a-w- c:\winnt\system32\catsrvut.dll
2005-07-26 04:30:34 225792 ----a-w- c:\winnt\system32\catsrv.dll
2005-07-23 14:10:48 0 d-----w- c:\docume~1\alluse~1\applic~1\Broderbund LLC
2005-07-23 14:10:37 0 d-----w- c:\docume~1\alluse~1\applic~1\Broderbund Software
2005-07-23 14:08:28 0 d-----w- c:\program files\Broderbund
2005-07-23 14:08:26 0 d-----w- c:\program files\common files\Broderbund
2005-07-15 23:40:46 0 d-----w- c:\docume~1\james\applic~1\Symantec
2005-07-14 18:36:50 0 d-----w- c:\winnt\system32\SoftwareDistribution
2005-07-08 16:09:48 249344 ----a-w- c:\winnt\system32\tapisrv.dll
2005-06-29 01:54:58 74240 ----a-w- c:\winnt\system32\mscms.dll
2005-06-25 00:45:08 16496 ----a-r- c:\winnt\system32\drivers\HPZipr12.sys
2005-06-25 00:45:05 51056 ----a-r- c:\winnt\system32\drivers\hpzid412.sys
2005-06-25 00:44:26 21488 ----a-r- c:\winnt\system32\drivers\HPZius12.sys
2005-06-25 00:44:22 25856 ----a-w- c:\winnt\system32\drivers\usbprint.sys
2005-06-25 00:44:03 15104 ----a-w- c:\winnt\system32\drivers\usbscan.sys
2005-06-24 23:54:42 626960 ----a-r- c:\winnt\system32\hpvaut32.dll
2005-06-24 23:54:42 487424 ----a-r- c:\winnt\system32\hpvcp70.dll
2005-06-24 23:54:42 44544 -c--a-r- c:\winnt\system32\MSXML4a.dll
2005-06-24 23:54:42 344064 ----a-r- c:\winnt\system32\hpvcr70.dll
2005-06-24 23:54:15 0 d-----w- c:\program files\common files\Hewlett-Packard
2005-06-24 23:49:40 0 d-----w- c:\program files\common files\HP
2005-06-24 23:25:38 0 d-----w- c:\program files\HP
2005-06-24 23:24:40 38867 ------w- c:\winnt\hpomdl03.dat
2005-06-24 23:24:40 29134 ------w- c:\winnt\hpoins03.dat
2005-06-23 02:15:50 0 d-----w- c:\winnt\pss
2005-06-15 17:50:24 295936 ----a-w- c:\winnt\system32\kerberos.dll
2005-06-10 23:55:46 57856 ----a-w- c:\winnt\system32\spoolsv.exe
2005-05-14 05:15:33 0 d-----w- c:\program files\LimeWire
2005-05-14 05:01:13 1125 -c--a-w- c:\winnt\winamp.ini
2005-05-14 04:17:31 0 d-----w- c:\docume~1\alluse~1\applic~1\TuneUp Software
2005-05-14 02:43:13 26488 ----a-w- c:\winnt\system32\spupdsvc.exe
2005-04-29 16:52:48 0 d-----w- c:\docume~1\alluse~1\applic~1\SBT
2005-04-29 16:52:30 0 d-----w- c:\program files\Snapshot Viewer
2005-03-02 18:20:03 56832 ----a-w- c:\winnt\system32\authz.dll
2005-01-25 00:14:28 6 -c--a-w- c:\winnt\msoffice.ini
2005-01-24 03:22:27 0 d--h--w- c:\winnt\$hf_mig$
2005-01-14 02:32:39 64512 -c-ha-w- c:\winnt\system32\PackethSvc.exe
2005-01-14 02:31:52 18142880 -c--a-w- c:\winnt\wmback.exe
2005-01-14 02:30:42 84480 -c--a-w- c:\winnt\system32\insmac2k.dll
2005-01-14 02:30:42 22608 -c--a-w- c:\winnt\system32\drivers\wandrv.sys
2005-01-14 02:30:42 0 d-----w- c:\program files\common files\csshare
2004-12-02 19:14:59 546304 ----a-w- c:\winnt\system32\hhctrl.ocx
2004-11-27 06:28:43 39936 -c--a-w- c:\winnt\system32\mf3216.dll
2004-11-27 06:28:31 614912 -c--a-w- c:\winnt\system32\h323msp.dll
2004-11-27 06:28:31 331264 ----a-w- c:\winnt\system32\ipnathlp.dll
2004-11-27 06:28:31 265728 ----a-w- c:\winnt\system32\h323.tsp
2004-11-27 04:40:51 0 d-----w- c:\winnt\system32\bits
2004-11-17 23:16:18 21840 -c--atw- c:\winnt\system32\SIntfNT.dll
2004-11-17 23:16:18 17212 -c--atw- c:\winnt\system32\SIntf32.dll
2004-11-17 23:16:18 12067 -c--atw- c:\winnt\system32\SIntf16.dll
2004-11-17 23:11:18 0 d-----w- c:\program files\Diablo II
2004-11-17 17:57:01 347136 -c--a-w- c:\winnt\system32\hypertrm.dll
2004-11-16 21:32:24 72704 ----a-w- c:\winnt\system32\hlink.dll
2004-11-05 03:00:43 8192 -c----w- c:\winnt\system32\bitsprx2.dll
2004-11-05 03:00:43 7168 -c----w- c:\winnt\system32\bitsprx3.dll
2004-11-05 03:00:43 351232 ----a-w- c:\winnt\system32\winhttp.dll
2004-11-05 03:00:43 18944 -c--a-w- c:\winnt\system32\qmgrprxy.dll
2004-11-05 02:40:42 217816 ----a-w- c:\winnt\system32\wuaucpl.cpl
2004-11-05 02:40:42 194328 -c--a-w- c:\winnt\system32\wuaueng1.dll
2004-11-05 02:40:42 172312 -c--a-w- c:\winnt\system32\wuauclt1.exe
2004-11-05 02:02:31 0 d-----w- c:\program files\NoAdware
2004-11-05 01:40:34 540160 -c--a-w- c:\winnt\system32\comuid.dll
2004-11-05 01:40:33 428032 ----a-w- c:\winnt\system32\msdtcprx.dll
2004-11-05 01:40:33 161792 ----a-w- c:\winnt\system32\msdtcuiu.dll
2004-11-05 01:40:32 956928 ----a-w- c:\winnt\system32\msdtctm.dll
2004-11-05 01:40:32 584192 ----a-w- c:\winnt\system32\rpcrt4.dll
2004-11-05 01:40:30 101376 -c--a-w- c:\winnt\system32\txflog.dll
2004-11-05 01:40:29 110080 -c--a-w- c:\winnt\system32\clbcatex.dll
2004-11-02 01:46:13 0 d-----w- c:\docume~1\alluse~1\applic~1\Viewpoint
2004-10-28 01:29:54 101888 ----a-w- c:\winnt\system32\cscdll.dll
2004-10-06 14:04:52 754 -c--a-w- c:\winnt\wordpad.INI
2004-10-02 23:29:27 23040 -c--a-w- c:\winnt\system32\xrxwbtmp.dll
2004-10-02 23:29:27 17408 -c--a-w- c:\winnt\system32\xrxscnui.dll
2004-10-02 23:29:27 116224 ----a-w- c:\winnt\system32\xrxwiadr.dll
2004-10-02 23:29:25 6784 ----a-w- c:\winnt\system32\drivers\serscan.sys
2004-09-22 23:45:56 360176 -c--a-w- c:\winnt\system32\MSSCP.dll
2004-08-20 22:01:15 87552 -c--a-w- c:\winnt\system32\fldrclnr.dll
2004-08-20 22:01:15 713216 ----a-w- c:\winnt\system32\sxs.dll
2004-08-11 01:00:00 741376 ----a-w- c:\winnt\system32\sapi.dll
2004-08-04 06:56:58 8192 -c--a-w- c:\winnt\system32\spdwnwxp.exe
2004-08-04 06:56:58 21504 -c----w- c:\winnt\system32\spupdwxp.exe
2004-08-04 06:56:58 11776 -c----w- c:\winnt\system32\spnpinst.exe
2004-08-04 06:56:50 20992 -c----w- c:\winnt\system32\faxpatch.exe
2004-08-02 20:20:40 7208 -c----w- c:\winnt\system32\secupd.sig
2004-08-02 20:20:40 4569 -c----w- c:\winnt\system32\secupd.dat
2004-07-15 04:34:06 16896 ----a-w- c:\winnt\system32\mscorier.dll
2004-06-17 17:58:35 26112 ----a-w- c:\winnt\system32\vdmdbg.dll
2004-06-17 17:58:35 13312 -c--a-w- c:\winnt\system32\ntvdmd.dll
2004-06-04 00:43:01 264192 ----a-w- c:\winnt\system32\wow32.dll
2004-05-17 22:48:03 92224 -c--a-w- c:\winnt\system32\krnl386.exe
2004-05-17 22:43:09 35424 -c--a-w- c:\winnt\system32\ntio412.sys
2004-05-17 22:43:07 34560 -c--a-w- c:\winnt\system32\ntio404.sys
2004-05-17 22:43:06 34560 -c--a-w- c:\winnt\system32\ntio804.sys
2004-05-17 22:43:04 35648 -c--a-w- c:\winnt\system32\ntio411.sys
2004-05-17 22:43:02 33840 -c--a-w- c:\winnt\system32\ntio.sys
2004-05-09 15:51:28 239104 -c--a-w- c:\winnt\system32\srrstr.dll
2004-05-09 15:48:15 46352 -c--a-w- c:\winnt\setdebug.exe
2004-05-09 15:48:14 7315 -c--a-w- c:\winnt\system32\javasup.vxd
2004-05-09 15:48:14 6550 -c--a-w- c:\winnt\jautoexp.dat
2004-05-09 15:48:14 171280 -c--a-w- c:\winnt\system32\jit.dll
2004-05-09 15:48:14 139536 -c--a-w- c:\winnt\system32\javaee.dll
2004-05-09 15:48:13 313856 -c--a-w- c:\winnt\system32\dx3j.dll
2004-05-09 15:18:58 33792 -c--a-w- c:\winnt\system32\msgsvc.dll
2004-04-08 17:07:12 38160 -c--a-w- c:\winnt\system32\LMRTREND.dll
2004-04-08 17:07:12 140800 -c--a-w- c:\winnt\system32\tm20dec.ax
2004-04-08 17:07:08 182032 -c--a-w- c:\winnt\system32\dxtmsft3.dll
2004-04-08 17:07:01 63488 -c--a-w- c:\winnt\system32\unam4ie.exe
2004-04-08 17:06:54 5672 -c--a-w- c:\winnt\system32\quartz.vxd
2004-04-08 17:06:54 11776 -c--a-w- c:\winnt\system32\mciqtz.drv
2004-04-08 17:06:54 10240 -c--a-w- c:\winnt\system32\vidx16.dll
2004-04-08 17:06:53 194320 -c--a-w- c:\winnt\system32\qcut.dll
2004-04-08 17:06:51 4608 -c--a-w- c:\winnt\system32\w95inf32.dll
2004-04-08 17:06:51 2272 -c--a-w- c:\winnt\system32\w95inf16.dll
2004-04-08 05:10:31 0 d-----w- c:\program files\common files\NSV
2004-03-09 05:00:00 212240 ----a-w- c:\winnt\system32\RICHTX32.OCX
2004-03-02 19:18:32 683520 ----a-w- c:\winnt\system32\inetcomm.dll
2004-02-12 21:33:09 39797 -c--a-w- c:\winnt\system32\unimt.exe
2004-02-12 21:33:03 0 d-----w- c:\program files\common files\PSD Tools
2004-02-12 21:33:02 0 d-----w- c:\program files\buddylinks.net
2004-01-16 01:15:11 86016 -c--a-w- c:\winnt\unvise32qt.exe
2004-01-16 01:14:16 361 -c--a-w- c:\winnt\system32\QuickTime.qtp
2003-12-25 05:17:24 712 ----a-w- c:\winnt\WIN.INI
2003-12-25 05:16:50 9728 -c--a-r- c:\winnt\system\rnaph.dll
2003-12-25 05:16:50 87552 -c--a-r- c:\winnt\system\url.dll
2003-12-25 05:16:50 0 d-----w- c:\winnt\wb
2003-12-25 03:20:52 468 ----a-w- C:\Configure Covert Operations.lnk
2003-12-25 02:31:52 4096 -c--a-w- c:\winnt\d3dx.dat
2003-12-24 18:02:19 299520 -c--a-w- c:\winnt\uninst.exe
2003-12-24 17:57:11 69 -c--a-w- c:\winnt\encore_launcher.ini
2003-12-24 16:06:30 26 -c--a-w- c:\winnt\UP9ASP.INI
2003-12-23 01:33:48 370 -c--a-w- c:\winnt\ODBC.INI
2003-12-23 01:31:30 0 d-----w- c:\winnt\ShellNew
2003-12-20 19:36:43 787 -c--a-w- c:\winnt\system32\CNBJHLP.CNT
2003-12-20 19:36:43 25645 -c--a-w- c:\winnt\system32\CNBJHLP.HLP
2003-12-20 03:10:28 3120 -c--a-w- c:\winnt\MF_C425.lfa
2003-12-20 03:10:28 3120 -c--a-w- c:\winnt\MF_C420.lfa
2003-12-20 03:10:27 3120 -c--a-w- c:\winnt\MF_C421.lfa
2003-12-20 03:09:17 0 d-----w- c:\program files\IncrediMail
2003-12-18 19:04:08 49152 -c--a-r- c:\winnt\system32\hpzjrd01.dll
2003-11-23 04:19:23 155648 ----a-w- c:\winnt\system32\igfxres.dll
2003-11-23 04:12:25 552 -c--a-w- c:\winnt\system32\d3d8caps.dat
2003-11-23 03:41:40 65536 -c--a-w- c:\winnt\wanmpsvc.exe
2003-11-23 03:19:47 488 ---ha-r- c:\winnt\system32\logonui.exe.manifest
2003-11-23 03:19:39 749 -c-ha-r- c:\winnt\system32\wuaucpl.cpl.manifest
2003-11-23 03:19:39 749 -c-ha-r- c:\winnt\system32\sapi.cpl.manifest
2003-11-23 03:19:39 749 -c-ha-r- c:\winnt\system32\ncpa.cpl.manifest
2003-11-23 03:19:39 749 ---ha-r- c:\winnt\WindowsShell.Manifest
2003-11-23 03:02:49 24661 -c--a-w- c:\winnt\system32\spxcoins.dll
2003-11-23 03:02:49 13312 -c--a-w- c:\winnt\system32\irclass.dll
2003-11-23 02:43:51 0 d-----w- c:\program files\Program Shortcuts
2003-10-28 01:13:16 24576 -c--a-w- c:\winnt\system32\odbcbcp.dll
2003-10-28 01:13:06 106496 -c--a-w- c:\winnt\system32\odbccp32.dll
2003-10-28 01:12:44 442368 -c--a-w- c:\winnt\system32\sqlsrv32.dll
2003-10-28 01:12:42 110592 -c--a-w- c:\winnt\system32\dbnetlib.dll
2003-10-28 01:09:50 151552 ----a-w- c:\winnt\system32\msdart.dll
2003-10-28 01:09:44 249856 ----a-w- c:\winnt\system32\odbc32.dll
2003-09-22 20:55:07 61 -c--a-w- c:\winnt\smscfg.ini
2003-09-17 17:01:28 844314 ----a-w- c:\winnt\system32\msdxm.ocx
2003-09-04 15:49:16 212992 -c--a-w- c:\winnt\system32\HPODStormEncoder.dll
2003-08-28 14:57:04 155136 -c--a-w- c:\winnt\system32\itircl.dll
2003-07-24 21:40:22 512512 ----a-w- c:\winnt\system32\cryptui.dll
2003-07-01 23:09:41 765952 ----a-w- c:\winnt\system\crlds3d.dll
2003-07-01 23:09:41 730092 ----a-w- c:\winnt\system32\drivers\ALCXWDM.SYS
2003-07-01 23:09:41 720896 -c--a-w- c:\winnt\system32\Audio3D.dll
2003-07-01 23:09:41 720896 -c--a-w- c:\winnt\system32\a3d.dll
2003-07-01 23:09:40 6842880 ----a-w- c:\winnt\system32\alsndmgr.cpl
2003-07-01 23:09:40 54784 -c--a-w- c:\winnt\soundman.exe
2003-07-01 23:09:40 208896 -c--a-w- c:\winnt\alcupd.exe
2003-07-01 23:09:40 141016 -c--a-w- c:\winnt\system32\alsndmgr.wav
2003-07-01 23:09:40 135168 -c--a-w- c:\winnt\alcrmv.exe
2003-07-01 23:05:04 26112 -c--a-w- c:\winnt\system32\xpsp1hfm.exe
2003-07-01 23:04:01 0 -c--a-w- c:\winnt\system32\drivers\Gateway_310SE_008.MRK
2003-07-01 23:00:01 0 d-----w- c:\program files\MUSICMATCH
2003-07-01 22:59:47 0 d-----w- c:\program files\common files\Symantec Shared
2003-07-01 22:59:46 0 d-----w- c:\docume~1\alluse~1\applic~1\Symantec
2003-07-01 22:59:14 0 d-----w- c:\program files\WildTangent
2003-07-01 22:58:27 0 d-----w- c:\winnt\Profiles
2003-07-01 22:58:26 0 d-----w- c:\winnt\system32\Adobe
2003-07-01 22:58:15 0 d-----w- c:\program files\Viewpoint
2003-07-01 22:58:10 0 d-----w- c:\program files\common files\Nullsoft
2003-07-01 22:57:58 0 d-----w- C:\My Music
2003-07-01 22:57:50 0 d-----w- c:\program files\common files\Real
2003-07-01 22:57:22 33588 ----a-w- c:\winnt\system32\drivers\wanatw4.sys
2003-07-01 22:57:08 29184 -c--a-w- c:\winnt\system32\popup.ocx
2003-07-01 22:57:08 0 d-----w- c:\program files\common files\aolshare
2003-07-01 22:56:58 0 d-----w- c:\program files\common files\AOL
2003-07-01 22:56:46 94208 -c--a-w- c:\winnt\system32\MSSTKPRP.DLL
2003-07-01 22:56:46 140488 -c--a-w- c:\winnt\system32\comdlg32.ocx
2003-07-01 22:56:19 96 -c--a-w- c:\winnt\system32\vssver.scc
2003-07-01 22:56:18 609584 -c--a-w- c:\winnt\system32\Comctl32.ocx
2003-07-01 22:56:18 48 -c--a-w- c:\winnt\system32\drivers\vssver.scc
2003-07-01 22:56:02 0 d-----w- c:\program files\Gateway
2003-07-01 22:55:58 102400 -c--a-w- c:\winnt\system32\drivers\ianswxp.sys
2003-07-01 22:55:26 561 ----a-w- c:\winnt\system32\OEMINFO.INI
2003-07-01 22:55:26 51656 ----a-w- c:\winnt\system32\OEMLOGO.BMP
2003-07-01 22:48:30 0 d-----w- C:\GWCI
2003-06-30 08:47:20 794624 -c--a-w- c:\winnt\system32\qdiagcc.ocx
2003-06-26 09:00:38 6510 -c--a-w- c:\winnt\system32\DAntivirus.ini
2003-06-01 00:43:00 5632 -c--a-w- c:\winnt\TrueProcess.exe
2003-05-22 13:58:28 98304 -c--a-r- c:\winnt\system32\hpzjsn01.dll
2003-05-16 18:03:34 333 -c--a-w- c:\winnt\system32\$ncsp$.inf
2003-05-16 18:03:18 74752 -c--a-w- c:\winnt\system32\storprop.dll
2003-05-16 17:56:57 0 d-----w- c:\docume~1\alluse~1\applic~1\SBSI
2003-05-16 17:56:01 770 -c--a-w- c:\winnt\orun32.ini
2003-05-16 17:56:01 199623 -c--a-w- c:\winnt\orun32.isu
2003-05-16 17:55:59 306688 -c--a-w- c:\winnt\IsUninst.exe
2003-05-16 17:42:25 0 d-----w- c:\winnt\system32\URTTemp
2003-05-16 17:27:59 0 d-----w- c:\winnt\RegisteredPackages
2003-05-16 17:27:47 316640 -c--a-w- c:\winnt\WMSysPr9.prx
2003-05-16 17:27:43 384512 -c--a-w- c:\winnt\system32\mp4sdmod.dll
2003-05-16 17:27:43 310272 -c--a-w- c:\winnt\system32\mp43dmod.dll
2003-05-16 16:36:58 0 d-----w- c:\program files\common files\Lanovation
2003-05-16 16:28:50 0 d-sh--w- c:\documents and settings\all users\DRM
2003-05-16 16:27:20 0 d-----w- c:\program files\common files\MSSoap
2003-05-16 16:25:33 0 d--h--w- c:\program files\WindowsUpdate
2003-05-16 16:25:33 0 d-----w- c:\program files\Online Services
2003-05-16 16:25:24 0 d-----w- c:\program files\Messenger
2003-05-16 16:25:19 0 d-----w- c:\program files\MSN Gaming Zone
2003-05-16 16:24:50 0 d-----w- c:\program files\Windows NT
2003-05-16 16:20:03 0 d-----w- c:\program files\common files\ODBC
2003-05-16 16:19:58 0 d-----w- c:\program files\common files\SpeechEngines
2003-05-16 16:19:39 0 d-----r- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-08-14 12:19:41 1850112 ----a-w- c:\winnt\system32\win32k.sys
2009-08-05 09:11:47 204800 ----a-w- c:\winnt\system32\mswebdvd.dll
2009-07-17 18:55:28 58880 ----a-w- c:\winnt\system32\atl.dll
2009-07-13 15:08:14 286720 ----a-w- c:\winnt\system32\wmpdxm.dll
2009-06-26 16:18:52 81920 ------w- c:\winnt\system32\ieencode.dll
2009-06-16 14:55:16 82432 ----a-w- c:\winnt\system32\fontsub.dll
2009-06-16 14:55:16 119808 ----a-w- c:\winnt\system32\t2embed.dll
2009-06-12 11:50:53 76288 ----a-w- c:\winnt\system32\telnet.exe
2009-06-10 14:21:48 84992 ----a-w- c:\winnt\system32\avifil32.dll
2009-06-10 06:32:40 132096 ----a-w- c:\winnt\system32\wkssvc.dll
2009-06-05 07:42:37 655872 ----a-w- c:\winnt\system32\mstscax.dll
2009-05-07 15:44:00 344064 ----a-w- c:\winnt\system32\localspl.dll
2009-03-06 14:44:35 283648 ----a-w- c:\winnt\system32\pdh.dll
2009-02-09 10:20:34 723456 ----a-w- c:\winnt\system32\lsasrv.dll
2009-02-09 10:20:33 714752 ----a-w- c:\winnt\system32\ntdll.dll
2009-02-09 10:20:33 616960 ----a-w- c:\winnt\system32\advapi32.dll
2009-02-09 10:20:33 473088 ----a-w- c:\winnt\system32\wbem\fastprox.dll
2009-02-09 10:20:32 453120 ----a-w- c:\winnt\system32\wbem\wmiprvsd.dll
2009-02-06 17:24:35 2180480 ----a-w- c:\winnt\system32\ntoskrnl.exe
2009-02-06 17:14:03 110592 ----a-w- c:\winnt\system32\services.exe
2009-02-06 16:54:36 35328 ----a-w- c:\winnt\system32\sc.exe
2009-02-06 16:49:02 2057728 ----a-w- c:\winnt\system32\ntkrnlpa.exe
2009-02-06 16:39:29 227840 ----a-w- c:\winnt\system32\wbem\wmiprvse.exe
2009-02-03 20:08:52 55808 ----a-w- c:\winnt\system32\secur32.dll
2009-01-27 18:50:56 111620 ----a-w- c:\winnt\fonts\opens___.ttf
2008-12-11 11:57:21 333184 ----a-w- c:\winnt\system32\drivers\srv.sys
2008-12-05 07:12:45 144896 ----a-w- c:\winnt\system32\schannel.dll
2008-10-24 11:10:42 453632 ----a-w- c:\winnt\system32\drivers\mrxsmb.sys
2008-10-23 13:01:36 283648 ----a-w- c:\winnt\system32\gdi32.dll
2008-10-03 10:15:47 247326 ----a-w- c:\winnt\system32\strmdll.dll
2008-08-28 08:00:38 74752 ----a-w- c:\winnt\system32\msw3prt.dll
2008-08-28 08:00:38 104448 ----a-w- c:\winnt\system32\win32spl.dll
2008-08-14 09:51:43 138368 ----a-w- c:\winnt\system32\drivers\afd.sys
2008-06-20 17:41:10 245248 ----a-w- c:\winnt\system32\mswsock.dll
2008-06-20 10:45:13 360320 ----a-w- c:\winnt\system32\drivers\tcpip.sys
2008-06-20 09:52:06 225920 ----a-w- c:\winnt\system32\drivers\tcpip6.sys
2008-06-13 13:10:50 272128 ------w- c:\winnt\system32\drivers\bthport.sys
2008-06-12 14:16:46 58880 ----a-w- c:\winnt\system32\msdtclog.dll
2008-06-10 16:37:02 1026048 ----a-w- c:\winnt\system32\WMNetmgr.dll
2008-06-10 14:17:42 96768 ----a-w- c:\winnt\system32\logagent.exe
2008-05-08 12:28:49 202752 ----a-w- c:\winnt\system32\drivers\rmcast.sys
2007-12-18 14:40:58 417792 ----a-w- c:\winnt\system32\vbscript.dll
2007-10-27 22:40:06 227328 ----a-w- c:\winnt\system32\wmasf.dll
2007-05-27 09:08:47 202187 ----a-w- C:\pmtimer.exe
2007-05-27 09:08:45 211039 ----a-w- C:\DSPdsblr.exe
2007-05-27 09:08:42 246423 ----a-w- C:\DPsFnshr.exe
2007-04-05 12:33:47 55808 ----a-w- C:\devcon.exe
2007-04-05 12:33:47 20992 ----a-w- C:\makePNF.exe
2007-04-05 12:33:47 137728 ----a-w- C:\mute.exe
2006-08-25 15:45:58 617472 ----a-w- c:\winnt\system32\comctl32.dll
2006-06-22 05:06:30 1435648 -c--a-w- c:\winnt\system32\query.dll
2006-06-22 05:06:29 69120 -c--a-w- c:\winnt\system32\ciodm.dll
2006-05-05 09:47:57 174592 ----a-w- c:\winnt\system32\drivers\rdbss.sys
2006-03-01 19:42:42 11776 -c--a-w- c:\winnt\system32\xolehlp.dll
2005-09-10 01:53:41 2067968 -c--a-w- c:\winnt\system32\cdosys.dll
2005-09-01 01:41:54 291840 ----a-w- c:\winnt\system32\winsrv.dll
2005-07-26 04:39:49 37888 ----a-w- c:\winnt\system32\olecnv32.dll
2005-07-26 04:39:44 97792 -c--a-w- c:\winnt\system32\comrepl.dll
2005-06-29 01:46:00 254976 ----a-w- c:\winnt\system32\icm32.dll
2005-06-10 04:09:46 139528 -c--a-w- c:\winnt\system32\drivers\rdpwd.sys
2005-05-27 02:04:27 41472 -c--a-w- c:\winnt\system32\hhsetup.dll
2005-05-27 02:04:27 137216 -c--a-w- c:\winnt\system32\itss.dll
2005-05-26 23:22:01 10752 -c--a-w- c:\winnt\hh.exe
2005-05-26 09:16:24 198424 -c--a-w- c:\winnt\system32\iuengine.dll
2005-05-04 19:45:36 884736 -c--a-w- c:\winnt\system32\msimsg.dll
2005-05-04 19:45:36 78848 -c--a-w- c:\winnt\system32\msiexec.exe
2005-05-04 19:45:36 271360 -c--a-w- c:\winnt\system32\msihnd.dll
2005-05-04 19:45:36 15360 ----a-w- c:\winnt\system32\msisip.dll
2005-05-04 19:45:32 2890240 ----a-w- c:\winnt\system32\msi.dll
2005-03-02 18:09:30 577024 ----a-w- c:\winnt\system32\user32.dll
2004-12-07 19:32:34 96768 ----a-w- c:\winnt\system32\srvsvc.dll
2004-09-22 23:45:56 311296 -c--a-w- c:\winnt\system32\MSWMDM.dll
2004-09-22 23:45:54 25088 -c--a-w- c:\winnt\system32\MsPMSNSv.dll
2004-09-22 23:45:54 169472 -c--a-w- c:\winnt\system32\MsPMSP.dll
2004-09-22 23:45:52 141312 -c--a-w- c:\winnt\system32\msnetobj.dll
2004-09-22 23:45:44 6656 -c--a-w- c:\winnt\system32\laprxy.dll
2004-09-22 23:45:42 95232 -c--a-w- c:\winnt\system32\drmstor.dll
2004-09-22 23:45:42 527360 -c--a-w- c:\winnt\system32\drmv2clt.dll
2004-09-22 23:45:42 253688 -c--a-w- c:\winnt\system32\drmclien.dll
2004-09-22 23:45:38 233472 -c--a-w- c:\winnt\system32\blackbox.dll
2004-09-22 23:45:38 161792 -c--a-w- c:\winnt\system32\cewmdm.dll
2004-09-22 23:45:36 8192 -c--a-w- c:\winnt\system32\asferror.dll
2004-09-22 23:45:36 480768 ----a-w- c:\winnt\system32\Audiodev.dll
2004-08-04 07:07:22 1788 -c--a-w- c:\winnt\system32\dcache.bin
2004-08-04 07:02:46 329728 -c--a-w- c:\winnt\system32\netsetup.exe
2004-08-04 07:01:10 87176 -c--a-w- c:\winnt\system32\rdpwsx.dll
2004-08-04 07:01:08 92168 -c--a-w- c:\winnt\system32\rdpdd.dll
2004-08-04 07:01:08 40840 ----a-w- c:\winnt\system32\drivers\termdd.sys
2004-08-04 07:01:08 21896 -c--a-w- c:\winnt\system32\drivers\tdtcp.sys
2004-08-04 07:01:08 12168 -c--a-w- c:\winnt\system32\tsddd.dll
2004-08-04 07:01:08 12040 -c--a-w- c:\winnt\system32\drivers\tdpipe.sys
2004-08-04 05:15:56 60800 ----a-w- c:\winnt\system32\drivers\sysaudio.sys
2004-08-04 05:15:54 64896 ----a-w- c:\winnt\system32\drivers\serial.sys
2004-08-04 05:15:50 145792 ----a-w- c:\winnt\system32\drivers\portcls.sys
2004-08-04 05:15:22 140928 ----a-w- c:\winnt\system32\drivers\ks.sys
2004-08-04 05:15:22 107904 -c--a-w- c:\winnt\system32\drivers\mup.sys
2004-08-04 05:15:10 574592 -c--a-w- c:\winnt\system32\drivers\ntfs.sys
2004-08-04 05:15:06 82944 ----a-w- c:\winnt\system32\drivers\wdmaud.sys
2004-08-04 05:14:38 52736 ----a-w- c:\winnt\system32\drivers\i8042prt.sys
2004-08-04 05:14:38 162816 ----a-w- c:\winnt\system32\drivers\netbt.sys

============= FINISH: 12:59:25.90 ===============

0

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:20:16 PM, on 1/12/2002
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.5508)
Boot mode: Normal

Running processes:
C:\WINNT\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer,Search = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Rkekiyayidadoti] rundll32.exe "C:\WINNT\uturazohitozof.dll",Startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: STARTXP.BAT
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - http://www.crucial.com/controls/cpcScanner.cab
O20 - AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\Windows\mspdb12.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINNT\system32\ZoneLabs\vsmon.exe

--
End of file - 3230 bytes

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.