Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Pending] HJT Logs » help help HELP!

[Pending] HJT Logs - help help HELP! posted in the Security & Safety forums; ok i am about ready to just chuck my computer out the window for all the trouble i've had with it lately. i've been trying to get support from this ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 06-23-2008
Bronze Member
  
Join Date: Jun 2008
Posts: 9
PC Experience: Some Experience
jennibean - See this Members User comments on their Profile page
Angry help help HELP!
ok i am about ready to just chuck my computer out the window for all the trouble i've had with it lately.
i've been trying to get support from this other forum and i just keep getting dumb questions that give me no answers whatsoever.

alright so here's the story..
about 2 weeks or so ago while ever-so-dumbly i tried downloading a torrent and ended downloading a whole crapload of viruses or something like that.. i dont know the total specifics on what exactly what was going down.. but after working through a few programs to get rid of the problem.. it seemed to work and i'm not really having anymore troubles with that.. however no my internet is all wacked up.. i am on the pc now and am able to view this site.. and minimal others.. but there are tons of random sites that just never load.. and i've tried all of the preliminary troublshooting ideas.. but nothing.
i have no idea what to do.. it's a super annoying problem and a bandaid totally isn't working
  #2  
Old 06-23-2008
Gandalf's Avatar
Tech Support Team
My PC
 
Join Date: Apr 2007
Location: South Korea
Posts: 2,263
PC Experience: PC Guru
Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page
Default Re: help help HELP!
Suggest you click on the Pre-Work in my signature area and follow the directions.


__________________
Klaatu Barada Nikto
  #3  
Old 06-23-2008
Bronze Member
  
Join Date: Jun 2008
Posts: 9
PC Experience: Some Experience
jennibean - See this Members User comments on their Profile page
Default Re: help help HELP!
Deckard's System Scanner v20071014.68
Run by Jennifer Peterson on 2008-06-22 23:26:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 86% (more than 75%).
Total Physical Memory: 254 MiB (512 MiB recommended).


-- HijackThis (run as Jennifer Peterson.exe) -----------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:53 PM, on 6/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\WINDOWS\system32\dlbtcoms.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GS.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Documents and Settings\Jennifer Peterson\Desktop\dss(2).exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\JENNIF~1.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [BM037c1fec] Rundll32.exe "C:\WINDOWS\system32\hwwcoexn.dll",s
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: HOTSYNCSHORTCUTNAME
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: dlbt_device - - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: WUSB54GSSVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 8463 bytes

-- Files created between 2008-05-22 and 2008-06-22 -----------------------------

2008-06-22 23:17:05 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-22 23:17:03 0 d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\AVGTOOLBAR
2008-06-22 23:16:06 0 d-------- C:\Program Files\AVG
2008-06-22 23:16:01 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-22 20:01:25 0 d-------- C:\Program Files\Emilsoft Software
2008-06-15 00:36:21 86016 --a------ C:\WINDOWS\system32\lgjryrkr.dll
2008-06-15 00:34:00 95232 --a------ C:\WINDOWS\system32\hwwcoexn.dll
2008-06-14 00:36:20 100864 --a------ C:\WINDOWS\system32\shegeyog.dll
2008-06-14 00:33:20 94720 --a------ C:\WINDOWS\system32\cukpvtpo.dll
2008-06-13 00:40:45 0 d-------- C:\Program Files\Panda Security
2008-06-13 00:30:57 97792 --a------ C:\WINDOWS\system32\kwnvjjqa.dll
2008-06-13 00:30:25 91136 --a------ C:\WINDOWS\system32\feedyetq.dll
2008-06-12 18:32:38 91136 --a------ C:\WINDOWS\system32\ynkkxnjt.dll
2008-06-11 18:35:09 98304 --a------ C:\WINDOWS\system32\alpxohmc.dll
2008-06-11 18:32:09 91648 --a------ C:\WINDOWS\system32\fpecqdee.dll
2008-06-11 18:29:10 91136 --a------ C:\WINDOWS\system32\eyoulhcn.dll
2008-06-10 21:25:03 0 d-------- C:\OEMSettings
2008-06-10 18:40:37 0 d-------- C:\Program Files\NETGEAR
2008-06-10 18:28:49 96256 --a------ C:\WINDOWS\system32\wnbfjnuq.dll
2008-06-10 18:28:40 91136 --a------ C:\WINDOWS\system32\tdohvlls.dll
2008-06-09 18:28:39 96256 --a------ C:\WINDOWS\system32\jewdhfmg.dll
2008-06-09 18:28:24 91136 --a------ C:\WINDOWS\system32\dslkeqda.dll
2008-06-09 16:51:46 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-08 23:05:12 0 d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\MSNInstaller
2008-06-08 18:31:35 96256 --a------ C:\WINDOWS\system32\jbuwqtmw.dll
2008-06-08 18:27:38 91648 --a------ C:\WINDOWS\system32\bqlfnups.dll
2008-06-08 17:55:51 91648 --a------ C:\WINDOWS\system32\jjvlwcit.dll
2008-06-07 13:45:44 96256 --a------ C:\WINDOWS\system32\sbdtpmts.dll
2008-06-07 13:40:43 91136 --a------ C:\WINDOWS\system32\mlgwiknq.dll
2008-06-06 09:13:55 0 d-------- C:\cmdcons
2008-06-06 09:06:34 68096 --a------ C:\WINDOWS\zip.exe
2008-06-06 09:06:34 49152 --a------ C:\WINDOWS\VFind.exe
2008-06-06 09:06:34 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-06 09:06:34 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-06 09:06:34 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-06 09:06:34 98816 --a------ C:\WINDOWS\sed.exe
2008-06-06 09:06:34 80412 --a------ C:\WINDOWS\grep.exe
2008-06-06 09:06:34 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-06 08:56:21 0 d-------- C:\Program Files\IE Extensions
2008-06-06 08:55:35 0 d-------- C:\WINDOWS\system32\247880
2008-06-05 22:31:03 7680 --a------ C:\Documents and Settings\LocalService\cftmon.exe
2008-06-05 22:25:55 82944 --a------ C:\WINDOWS\system32\uyaymbve.dll
2008-06-05 22:23:43 95744 --a------ C:\WINDOWS\system32\kjjkdahv.dll
2008-06-05 22:23:35 91136 --a------ C:\WINDOWS\system32\rnykbjfm.dll
2008-06-05 22:18:08 7680 --a------ C:\Documents and Settings\Administrator\cftmon.exe
2008-06-05 21:40:30 95744 --a------ C:\WINDOWS\system32\ijbbchju.dll
2008-06-05 21:40:05 82944 --a------ C:\WINDOWS\system32\dkxrwwat.dll
2008-06-05 21:38:03 91136 --a------ C:\WINDOWS\system32\lydbjrim.dll
2008-06-05 18:03:25 7680 --a------ C:\Documents and Settings\Jennifer Peterson\cftmon.exe
2008-06-05 17:03:12 0 d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\.clamwin
2008-06-05 16:38:12 0 d-------- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2008-06-04 15:05:38 82432 --a------ C:\WINDOWS\system32\xcotphat.dll
2008-06-04 15:02:38 95232 --a------ C:\WINDOWS\system32\aafnastk.dll
2008-06-04 14:56:40 91136 --a------ C:\WINDOWS\system32\dskopian.dll
2008-06-04 14:36:54 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-06-03 13:19:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-03 12:51:09 1635 --a------ C:\WINDOWS\system32\vypwjbpm.exe
2008-06-03 12:51:09 1635 --a------ C:\WINDOWS\system32\fxcrdfi.exe
2008-06-03 12:51:09 1635 --a------ C:\WINDOWS\system32\burduy.exe
2008-06-03 00:05:14 1635 --a------ C:\WINDOWS\system32\quvkoo.exe
2008-06-03 00:05:14 1635 --a------ C:\WINDOWS\system32\mjzncgue.exe
2008-06-03 00:05:14 1635 --a------ C:\WINDOWS\system32\kvsjt.exe
2008-06-02 23:22:48 1635 --a------ C:\WINDOWS\system32\jjqxee.exe
2008-06-02 23:22:48 1635 --a------ C:\WINDOWS\system32\daywnf.exe
2008-06-02 23:22:48 1635 --a------ C:\WINDOWS\system32\cccnd.exe
2008-06-02 22:56:13 1635 --a------ C:\WINDOWS\system32\ylntmc.exe
2008-06-02 22:56:13 1635 --a------ C:\WINDOWS\system32\ihzn.exe
2008-06-02 22:56:13 1635 --a------ C:\WINDOWS\system32\evdgg.exe
2008-06-02 19:06:52 1635 --a------ C:\WINDOWS\system32\lzoc.exe
2008-06-02 19:06:52 1635 --a------ C:\WINDOWS\system32\lqcoeujl.exe
2008-06-02 19:06:52 1635 --a------ C:\WINDOWS\system32\jlcb.exe
2008-06-02 19:00:37 0 d-------- C:\Program Files\Panda Software
2008-06-02 18:50:55 1635 --a------ C:\WINDOWS\system32\uqcwi.exe
2008-06-02 18:50:55 1635 --a------ C:\WINDOWS\system32\rlyi.exe
2008-06-02 18:50:54 1635 --a------ C:\WINDOWS\system32\oxtxrfaa.exe
2008-06-02 18:42:29 1635 --a------ C:\WINDOWS\system32\vsvqtyz.exe
2008-06-02 18:42:29 1635 --a------ C:\WINDOWS\system32\repwe.exe
2008-06-02 18:42:29 1635 --a------ C:\WINDOWS\system32\akwnpgc.exe
2008-06-02 18:04:22 1635 --a------ C:\WINDOWS\system32\qqlz.exe
2008-06-02 18:04:22 1635 --a------ C:\WINDOWS\system32\qjsr.exe
2008-06-02 18:04:22 1635 --a------ C:\WINDOWS\system32\afazeju.exe
2008-06-02 16:11:26 1635 --a------ C:\WINDOWS\system32\pbdv.exe
2008-06-02 16:11:26 1635 --a------ C:\WINDOWS\system32\mnufmkn.exe
2008-06-02 16:11:26 1635 --a------ C:\WINDOWS\system32\afay.exe
2008-06-02 15:55:48 0 d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\AXPDefender
2008-06-02 15:51:10 1635 --a------ C:\WINDOWS\system32\ldmg.exe
2008-06-02 15:51:10 1635 --a------ C:\WINDOWS\system32\ddzlz.exe
2008-06-02 15:51:09 1635 --a------ C:\WINDOWS\system32\odvzrty.exe
2008-06-02 15:15:31 473600 --a------ C:\WINDOWS\system32\aswBoot.exe <Not Verified; ; avast! Antivirus>
2008-06-02 14:56:08 1635 --a------ C:\WINDOWS\system32\odqkmxgh.exe
2008-06-02 14:56:08 1635 --a------ C:\WINDOWS\system32\jtll.exe
2008-06-02 14:56:08 1635 --a------ C:\WINDOWS\system32\ikuawjw.exe
2008-06-02 14:22:05 1635 --a------ C:\WINDOWS\system32\tenfes.exe
2008-06-02 14:22:05 1635 --a------ C:\WINDOWS\system32\bvkmdej.exe
2008-06-02 14:22:05 1635 --a------ C:\WINDOWS\system32\apixobge.exe
2008-06-02 13:58:23 1635 --a------ C:\WINDOWS\system32\ljtrrcy.exe
2008-06-02 13:58:23 1635 --a------ C:\WINDOWS\system32\csshmq.exe
2008-06-02 13:58:22 1635 --a------ C:\WINDOWS\system32\gxoeq.exe
2008-06-02 13:50:38 1635 --a------ C:\WINDOWS\system32\ukui.exe
2008-06-02 13:50:38 1635 --a------ C:\WINDOWS\system32\fajlwg.exe
2008-06-02 13:50:37 1635 --a------ C:\WINDOWS\system32\xlznne.exe
2008-06-02 13:27:17 0 d-------- C:\WINDOWS\system32\905757
2008-06-02 13:23:17 1635 --a------ C:\WINDOWS\system32\vlqxxa.exe
2008-06-02 13:23:17 1635 --a------ C:\WINDOWS\system32\ukngeii.exe
2008-06-02 13:23:17 1635 --a------ C:\WINDOWS\system32\thsl.exe
2008-06-02 13:10:24 1635 --a------ C:\WINDOWS\system32\vligp.exe
2008-06-02 13:10:24 1635 --a------ C:\WINDOWS\system32\nbvq.exe
2008-06-02 13:10:24 1635 --a------ C:\WINDOWS\system32\ieto.exe
2008-06-02 13:09:15 9728 --a------ C:\Program Files\tmp2.exe
2008-06-02 13:09:15 9728 --a------ C:\Program Files\tmp1.exe
2008-06-02 13:09:15 9728 --a------ C:\Program Files\tmp0.exe
2008-06-02 10:03:20 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-06-01 23:30:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Webroot
2008-06-01 23:30:32 57344 --a------ C:\WINDOWS\Unwash6.exe <Not Verified; Webroot Software, Inc.; >
2008-06-01 23:12:58 0 --a------ C:\WINDOWS\system32\Ultra.dll
2008-06-01 23:05:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2008-06-01 23:05:19 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-01 23:05:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
2008-06-01 23:05:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-06-01 23:05:19 0 d--h----- C:\Documents and Settings\Administrator\Application Data\Gtek
2008-06-01 23:05:18 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-01 23:05:18 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-01 23:05:18 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-01 23:05:18 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-06-01 23:05:18 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-01 23:05:18 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-01 23:05:18 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-06-01 23:05:18 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-01 23:05:18 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-06-01 23:05:18 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-01 23:05:18 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-06-01 23:05:18 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-01 23:05:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-06-01 23:05:17 2359296 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-01 22:59:16 1635 --a------ C:\WINDOWS\system32\muvgftr.exe
2008-06-01 22:59:16 1635 --a------ C:\WINDOWS\system32\hrhgk.exe
2008-06-01 22:59:14 1635 --a------ C:\WINDOWS\system32\byegwxw.exe
2008-06-01 22:52:23 1635 --a------ C:\WINDOWS\system32\vytqi.exe
2008-06-01 22:52:23 1635 --a------ C:\WINDOWS\system32\tgpqknv.exe
2008-06-01 22:52:23 1635 --a------ C:\WINDOWS\system32\njsopxuw.exe
2008-06-01 22:42:51 1635 --a------ C:\WINDOWS\system32\ljgl.exe
2008-06-01 22:42:51 1635 --a------ C:\WINDOWS\system32\gcgptitq.exe
2008-06-01 22:42:51 1635 --a------ C:\WINDOWS\system32\bcdvatur.exe
2008-06-01 22:13:30 1635 --a------ C:\WINDOWS\system32\tjdioege.exe
2008-06-01 22:13:30 1635 --a------ C:\WINDOWS\system32\imdwm.exe
2008-06-01 22:13:29 1635 --a------ C:\WINDOWS\system32\omdydqj.exe
2008-06-01 22:12:05 2 --a------ C:\5188831
2008-06-01 22:10:31 41984 --a------ C:\WINDOWS\mrofinu1535.exe
2008-06-01 21:13:45 237057 --a------ C:\WINDOWS\system32\Office [Keygen].exe
2008-06-01 21:13:44 118785 --a------ C:\WINDOWS\system32\rxbot2.exe


-- Find3M Report ---------------------------------------------------------------

2008-06-22 20:55:46 0 d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\Orbit
2008-06-22 20:37:55 0 d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\Mozilla
2008-06-16 19:09:57 0 d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\uTorrent
2008-06-13 00:38:39 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-05 22:59:27 0 d-------- C:\Program Files\Trend Micro
2008-06-05 16:35:49 0 d-------- C:\Program Files\Common Files
2008-06-05 16:35:48 0 d-------- C:\Program Files\Webroot
2008-06-04 15:29:02 0 d-------- C:\Program Files\TuneUp Utilities 2006
2008-05-13 22:02:38 0 d-------- C:\Program Files\dl_Cats


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
06/22/2008 11:17 PM 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"MCAgentExe"="C:\PROGRA~1\McAfee.com\Agent\McAgent .exe" [09/22/2005 06:29 PM]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupda te.exe" [01/11/2006 12:05 PM]
"BM037c1fec"="C:\WINDOWS\system32\hwwcoexn.dll " [06/15/2008 12:34 AM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [06/22/2008 11:16 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 04:00 AM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [03/25/2008 01:21 PM]

C:\Documents and Settings\Jennifer Peterson\Start Menu\Programs\Startup\
DESKTOP.INI [8/10/2004 12:04:12 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME [1/18/2008 4:14:12 PM]
NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [9/12/2007 3:14:42 PM]
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe [9/3/2007 11:57:55 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [11/23/2004 05:51 PM 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Orbit.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZ Smileys]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
"C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"SMSTray"=C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe
"Winamp Agent"=C:\WINDOWS\system32\winamp.exe
"BM037c1fec"=Rundll32.exe "C:\WINDOWS\system32\dskopian.dll",s
"004f2c70"=rundll32.exe "C:\WINDOWS\system32\xcotphat.dll",b
"MCUpdateExe"=c:\PROGRA~1\mcafee.com\agent\mcupdat e.exe


[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{fcee54a5-bf25-11dc-a9ab-00028a334fb5}]
AutoRun\command- E:\setupSNK.exe

*Newly Created Service* - AVG8WD
*Newly Created Service* - AVGLDX86
*Newly Created Service* - AVGMFX86
*Newly Created Service* - GTNDIS5



-- End of Deckard's System Scanner: finished at 2008-06-22 23:31:57 ------------
  #4  
Old 06-24-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 3,089
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: help help HELP!
Wow...what a mess.


Ok.Lets download ComboFix.exe. This will give me a better view to the files running and also hidden on your computer and also those in the registry..Please visit this webpage for downloading and instructions for running the tool:

Go here ======> A guide and tutorial on using ComboFix <====== Go here

Please ensure you read this guide carefully and install the Recovery Console first.This applies to XP Pro and XP Home users only.If you have SP3 installed you will need to use SP2

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should get a prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:

(1) Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
(2) Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.

Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use of Combofix. Mal use can cause serious computer problems

NOTE: Combofix prevents autorun of all CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know.

=======================================

Please download SDFix from here and save it to your desktop

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Please copy and paste that log in your next reply.


__________________
  • An Australian Member of
  • and
My real name is Eddy
  #5  
Old 06-24-2008
Bronze Member
  
Join Date: Jun 2008
Posts: 9
PC Experience: Some Experience
jennibean - See this Members User comments on their Profile page
Default Re: help help HELP!
here's the combofix log along with my new hijackthis log
ComboFix 08-06-20.4 - Jennifer Peterson 2008-06-23 21:56:58.6 - NTFSx86
Running from: C:\Documents and Settings\Jennifer Peterson\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Jennifer Peterson\Application Data\AXPDefender
C:\Program Files\IE Extensions
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aafnastk.dll
C:\WINDOWS\system32\alpxohmc.dll
C:\WINDOWS\system32\cukpvtpo.dll
C:\WINDOWS\system32\dkxrwwat.dll
C:\WINDOWS\system32\dslkeqda.dll
C:\WINDOWS\system32\hwwcoexn.dll
C:\WINDOWS\system32\ijbbchju.dll
C:\WINDOWS\system32\jbuwqtmw.dll
C:\WINDOWS\system32\jewdhfmg.dll
C:\WINDOWS\system32\kjjkdahv.dll
C:\WINDOWS\system32\lgjryrkr.dll
C:\WINDOWS\system32\rkryrjgl.ini
C:\WINDOWS\system32\sbdtpmts.dll
C:\WINDOWS\system32\shegeyog.dll
C:\WINDOWS\system32\uyaymbve.dll
C:\WINDOWS\system32\xcotphat.dll

.
((((((((((((((((((((((((( Files Created from 2008-05-24 to 2008-06-24 )))))))))))))))))))))))))))))))
.

2008-06-23 17:59 . 2008-06-23 17:59 <DIR> d-------- C:\temp\Listdlls
2008-06-23 17:27 . 2004-02-10 10:50 155,648 --a------ C:\WINDOWS\SYSTEM32\igfxres.dll
2008-06-23 12:04 . 2008-06-23 15:14 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-22 23:17 . 2008-06-23 07:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\DRIVERS\Avg
2008-06-22 23:17 . 2008-06-22 23:17 <DIR> d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\AVGTOOLBAR
2008-06-22 23:17 . 2008-06-22 23:17 96,520 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys
2008-06-22 23:17 . 2008-06-22 23:17 10,520 --a------ C:\WINDOWS\SYSTEM32\avgrsstx.dll
2008-06-22 23:16 . 2008-06-22 23:16 <DIR> d-------- C:\Program Files\AVG
2008-06-22 23:16 . 2008-06-22 23:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-22 20:01 . 2008-06-22 20:01 <DIR> d-------- C:\Program Files\Emilsoft Software
2008-06-16 10:57 . 2008-06-16 10:57 0 --a------ C:\WINDOWS\BM037c1fec.xml
2008-06-15 17:56 . 2008-06-22 17:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-15 17:56 . 2008-06-15 17:56 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-13 00:40 . 2008-06-13 00:40 <DIR> d-------- C:\Program Files\Panda Security
2008-06-13 00:21 . 2008-06-13 06:10 272,128 --------- C:\WINDOWS\SYSTEM32\DRIVERS\bthport.sys
2008-06-13 00:21 . 2008-06-13 06:10 272,128 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\bthport.sys
2008-06-13 00:12 . 2008-06-13 00:13 294 ---hs---- C:\WINDOWS\SYSTEM32\uufqfjgd.ini
2008-06-10 21:25 . 2008-06-16 19:10 <DIR> d-------- C:\OEMSettings
2008-06-10 18:40 . 2008-06-10 18:40 <DIR> d-------- C:\Program Files\NETGEAR
2008-06-09 16:51 . 2008-06-09 16:51 <DIR> d-------- C:\WINDOWS\SYSTEM32\LogFiles
2008-06-08 23:05 . 2008-06-08 23:05 <DIR> d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\MSNInstaller
2008-06-08 18:15 . 2008-06-08 18:24 354 ---hs---- C:\WINDOWS\SYSTEM32\laquuexa.ini
2008-06-06 08:55 . 2008-06-06 09:25 <DIR> d-------- C:\WINDOWS\SYSTEM32\247880
2008-06-05 22:28 . 2008-06-05 22:28 <DIR> d-------- C:\Deckard
2008-06-05 17:03 . 2008-06-05 17:03 <DIR> d-------- C:\Documents and Settings\Jennifer Peterson\Application Data\.clamwin
2008-06-05 16:38 . 2008-06-05 16:38 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2008-06-03 13:19 . 2008-06-22 20:54 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-03 13:19 . 2008-06-22 23:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-03 13:15 . 2008-06-03 13:15 58 --a------ C:\WINDOWS\BOC426.INI
2008-06-03 12:51 . 2008-06-03 12:51 1,635 --a------ C:\WINDOWS\SYSTEM32\vypwjbpm.exe
2008-06-03 12:51 . 2008-06-03 12:51 1,635 --a------ C:\WINDOWS\SYSTEM32\fxcrdfi.exe
2008-06-03 12:51 . 2008-06-03 12:51 1,635 --a------ C:\WINDOWS\SYSTEM32\burduy.exe
2008-06-03 00:05 . 2008-06-03 00:05 1,635 --a------ C:\WINDOWS\SYSTEM32\quvkoo.exe
2008-06-03 00:05 . 2008-06-03 00:05 1,635 --a------ C:\WINDOWS\SYSTEM32\mjzncgue.exe
2008-06-03 00:05 . 2008-06-03 00:05 1,635 --a------ C:\WINDOWS\SYSTEM32\kvsjt.exe
2008-06-02 23:22 . 2008-06-02 23:22 1,635 --a------ C:\WINDOWS\SYSTEM32\jjqxee.exe
2008-06-02 23:22 . 2008-06-02 23:22 1,635 --a------ C:\WINDOWS\SYSTEM32\daywnf.exe
2008-06-02 23:22 . 2008-06-02 23:22 1,635 --a------ C:\WINDOWS\SYSTEM32\cccnd.exe
2008-06-02 23:12 . 2008-06-02 23:12 255 --a------ C:\WINDOWS\SYSTEM32\Diagnose.lic
2008-06-02 22:56 . 2008-06-02 22:56 1,635 --a------ C:\WINDOWS\SYSTEM32\ylntmc.exe
2008-06-02 22:56 . 2008-06-02 22:56 1,635 --a------ C:\WINDOWS\SYSTEM32\ihzn.exe
2008-06-02 22:56 . 2008-06-02 22:56 1,635 --a------ C:\WINDOWS\SYSTEM32\evdgg.exe
2008-06-02 19:06 . 2008-06-02 19:06 1,635 --a------ C:\WINDOWS\SYSTEM32\lzoc.exe
2008-06-02 19:06 . 2008-06-02 19:06 1,635 --a------ C:\WINDOWS\SYSTEM32\lqcoeujl.exe
2008-06-02 19:06 . 2008-06-02 19:06 1,635 --a------ C:\WINDOWS\SYSTEM32\jlcb.exe
2008-06-02 19:00 . 2008-06-02 19:00 <DIR> d-------- C:\Program Files\Panda Software
2008-06-02 18:50 . 2008-06-02 18:50 1,635 --a------ C:\WINDOWS\SYSTEM32\uqcwi.exe
2008-06-02 18:50 . 2008-06-02 18:50 1,635 --a------ C:\WINDOWS\SYSTEM32\rlyi.exe
2008-06-02 18:50 . 2008-06-02 18:50 1,635 --a------ C:\WINDOWS\SYSTEM32\oxtxrfaa.exe
2008-06-02 18:42 . 2008-06-02 18:42 1,635 --a------ C:\WINDOWS\SYSTEM32\vsvqtyz.exe
2008-06-02 18:42 . 2008-06-02 18:42 1,635 --a------ C:\WINDOWS\SYSTEM32\repwe.exe
2008-06-02 18:42 . 2008-06-02 18:42 1,635 --a------ C:\WINDOWS\SYSTEM32\akwnpgc.exe
2008-06-02 18:04 . 2008-06-02 18:04 1,635 --a------ C:\WINDOWS\SYSTEM32\qqlz.exe
2008-06-02 18:04 . 2008-06-02 18:04 1,635 --a------ C:\WINDOWS\SYSTEM32\qjsr.exe
2008-06-02 18:04 . 2008-06-02 18:04 1,635 --a------ C:\WINDOWS\SYSTEM32\afazeju.exe
2008-06-02 16:11 . 2008-06-02 16:11 1,635 --a------ C:\WINDOWS\SYSTEM32\pbdv.exe
2008-06-02 16:11 . 2008-06-02 16:11 1,635 --a------ C:\WINDOWS\SYSTEM32\mnufmkn.exe
2008-06-02 16:11 . 2008-06-02 16:11 1,635 --a------ C:\WINDOWS\SYSTEM32\afay.exe
2008-06-02 15:51 . 2008-06-02 15:51 1,635 --a------ C:\WINDOWS\SYSTEM32\odvzrty.exe
2008-06-02 15:51 . 2008-06-02 15:51 1,635 --a------ C:\WINDOWS\SYSTEM32\ldmg.exe
2008-06-02 15:51 . 2008-06-02 15:51 1,635 --a------ C:\WINDOWS\SYSTEM32\ddzlz.exe
2008-06-02 15:17 . 2008-06-02 15:17 130 --a------ C:\WINDOWS\ODBC.INI
2008-06-02 14:56 . 2008-06-02 14:56 1,635 --a------ C:\WINDOWS\SYSTEM32\odqkmxgh.exe
2008-06-02 14:56 . 2008-06-02 14:56 1,635 --a------ C:\WINDOWS\SYSTEM32\jtll.exe
2008-06-02 14:56 . 2008-06-02 14:56 1,635 --a------ C:\WINDOWS\SYSTEM32\ikuawjw.exe
2008-06-02 14:22 . 2008-06-02 14:22 1,635 --a------ C:\WINDOWS\SYSTEM32\tenfes.exe
2008-06-02 14:22 . 2008-06-02 14:22 1,635 --a------ C:\WINDOWS\SYSTEM32\bvkmdej.exe
2008-06-02 14:22 . 2008-06-02 14:22 1,635 --a------ C:\WINDOWS\SYSTEM32\apixobge.exe
2008-06-02 13:58 . 2008-06-02 13:58 1,635 --a------ C:\WINDOWS\SYSTEM32\ljtrrcy.exe
2008-06-02 13:58 . 2008-06-02 13:58 1,635 --a------ C:\WINDOWS\SYSTEM32\gxoeq.exe
2008-06-02 13:58 . 2008-06-02 13:58 1,635 --a------ C:\WINDOWS\SYSTEM32\csshmq.exe
2008-06-02 13:50 . 2008-06-02 13:50 1,635 --a------ C:\WINDOWS\SYSTEM32\xlznne.exe
2008-06-02 13:50 . 2008-06-02 13:50 1,635 --a------ C:\WINDOWS\SYSTEM32\ukui.exe
2008-06-02 13:50 . 2008-06-02 13:50 1,635 --a------ C:\WINDOWS\SYSTEM32\fajlwg.exe
2008-06-02 13:27 . 2008-06-06 09:25 <DIR> d-------- C:\WINDOWS\SYSTEM32\905757
2008-06-02 13:23 . 2008-06-02 13:23 1,635 --a------ C:\WINDOWS\SYSTEM32\vlqxxa.exe
2008-06-02 13:23 . 2008-06-02 13:23 1,635 --a------ C:\WINDOWS\SYSTEM32\ukngeii.exe
2008-06-02 13:23 . 2008-06-02 13:23 1,635 --a------ C:\WINDOWS\SYSTEM32\thsl.exe
2008-06-02 13:10 . 2008-06-02 13:10 1,635 --a------ C:\WINDOWS\SYSTEM32\vligp.exe
2008-06-02 13:10 . 2008-06-02 13:10 1,635 --a------ C:\WINDOWS\SYSTEM32\nbvq.exe
2008-06-02 13:10 . 2008-06-02 13:10 1,635 --a------ C:\WINDOWS\SYSTEM32\ieto.exe
2008-06-01 23:32 . 2008-06-02 13:43 1,737 --a------ C:\WINDOWS\SetupPestPatrolCorporate.mif
2008-06-01 23:30 . 2008-06-05 16:35 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Webroot
2008-06-01 23:30 . 2005-05-04 09:15 57,344 --a------ C:\WINDOWS\Unwash6.exe
2008-06-01 23:12 . 2008-06-01 23:12 0 --a------ C:\WINDOWS\SYSTEM32\Ultra.dll
2008-06-01 23:05 . 2005-01-27 05:24 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2008-06-01 23:05 . 2005-01-27 05:13 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
2008-06-01 23:05 . 2007-09-09 00:34 <DIR> d--h----- C:\Documents and Settings\Administrator\Application Data\Gtek
2008-06-01 23:05 . 2008-06-23 12:24 <DIR> d-------- C:\Documents and Settings\Administrator
2008-06-01 22:59 . 2008-06-01 22:59 1,635 --a------ C:\WINDOWS\SYSTEM32\muvgftr.exe
2008-06-01 22:59 . 2008-06-01 22:59 1,635 --a------ C:\WINDOWS\SYSTEM32\hrhgk.exe
2008-06-01 22:59 . 2008-06-01 22:59 1,635 --a------ C:\WINDOWS\SYSTEM32\byegwxw.exe
2008-06-01 22:52 . 2008-06-01 22:52 1,635 --a------ C:\WINDOWS\SYSTEM32\vytqi.exe
2008-06-01 22:52 . 2008-06-01 22:52 1,635 --a------ C:\WINDOWS\SYSTEM32\tgpqknv.exe
2008-06-01 22:52 . 2008-06-01 22:52 1,635 --a------ C:\WINDOWS\SYSTEM32\njsopxuw.exe
2008-06-01 22:42 . 2008-06-01 22:42 1,635 --a------ C:\WINDOWS\SYSTEM32\ljgl.exe
2008-06-01 22:42 . 2008-06-01 22:42 1,635 --a------ C:\WINDOWS\SYSTEM32\gcgptitq.exe
2008-06-01 22:42 . 2008-06-01 22:42 1,635 --a------ C:\WINDOWS\SYSTEM32\bcdvatur.exe
2008-06-01 22:13 . 2008-06-01 22:13 1,635 --a------ C:\WINDOWS\SYSTEM32\tjdioege.exe
2008-06-01 22:13 . 2008-06-01 22:13 1,635 --a------ C:\WINDOWS\SYSTEM32\omdydqj.exe
2008-06-01 22:13 . 2008-06-01 22:13 1,635 --a------ C:\WINDOWS\SYSTEM32\imdwm.exe
2008-06-01 22:12 . 2008-06-01 22:12 2 --a------ C:\5188831

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-06-24 05:19 --------- d-----w C:\Documents and Settings\Jennifer Peterson\Application Data\Orbit
2008-06-17 02:09 --------- d-----w C:\Documents and Settings\Jennifer Peterson\Application Data\uTorrent
2008-06-13 07:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-13 07:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-06-11 01:41 21,035 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-06-06 05:59 --------- d-----w C:\Program Files\Trend Micro
2008-06-05 23:35 --------- d-----w C:\Program Files\Webroot
2008-06-04 22:29 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-06-02 05:11 577,536 ----a-w C:\WINDOWS\SYSTEM32\user32.DLL
2008-06-02 05:11 577,536 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\user32.dll
2008-05-14 05:02 --------- d-----w C:\Program Files\dl_Cats
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-08 12:28 202,752 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2008-05-07 05:18 1,287,680 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2008-04-24 05:16 3,591,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2008-04-22 07:40 625,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2008-04-22 07:39 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2008-04-20 05:07 161,792 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\SYSTEM32\msjint40.dll
2008-03-27 08:12 151,583 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msjint40.dll
2007-04-23 21:21 269,824 ----a-w C:\WINDOWS\INF\WG111v3\Vista64\wg111v3.sys
2007-04-23 21:11 224,896 ----a-w C:\WINDOWS\INF\WG111v3\wg111v3.sys
2006-12-15 18:30 98,304 ----a-w C:\WINDOWS\INF\WG111v3\UScanM.exe
2006-12-15 18:30 66,048 ----a-w C:\WINDOWS\INF\WG111v3\EAPPkt.sys
2006-12-15 18:30 315,392 ----a-w C:\WINDOWS\INF\WG111v3\InstallDriver.exe
2006-12-15 18:30 28,672 ----a-w C:\WINDOWS\INF\WG111v3\SetDrv.exe
2006-12-15 18:30 212,992 ----a-w C:\WINDOWS\INF\WG111v3\CopyWHQLDriver.exe
2006-12-15 18:30 20,480 ----a-w C:\WINDOWS\INF\WG111v3\RTWUPath.exe
2006-12-15 18:30 19,968 ----a-w C:\WINDOWS\INF\WG111v3\RTWREFU.EXE
2005-06-04 06:49 56 --sh--r C:\WINDOWS\SYSTEM32\1FFAC29194.sys
2006-11-19 21:25 88 --sh--r C:\WINDOWS\SYSTEM32\7494F6A3F5.sys
2008-01-15 04:28 5,538 --sha-w C:\WINDOWS\SYSTEM32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-06-06_ 9.41.43.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-07 04:55:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
- 2008-06-06 16:29:53 2,048 --s-a-w C:\WINDOWS\BOOTSTAT.DAT
+ 2008-06-24 05:08:03 2,048 --s-a-w C:\WINDOWS\BOOTSTAT.DAT
+ 2008-06-13 13:10:50 272,128 ------w C:\WINDOWS\Driver Cache\I386\bthport.sys
+ 2008-03-01 13:06:20 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:06:21 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:06:21 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:06:21 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:06:21 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:23 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:06:21 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:06:21 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:06:22 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:06:22 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:06:24 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:06:24 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:06:25 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:55:46 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:06:25 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:06:26 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:06:26 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-02 01:36:30 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:06:28 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:06:28 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:06:29 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:06:29 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:06:29 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:06:29 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:06:30 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:06:30 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:06:31 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
+ 2008-06-11 04:23:47 10,134 ----a-r C:\WINDOWS\Installer\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\ARPPRODUCTICON.exe
+ 2008-06-11 04:23:47 45,056 ----a-r C:\WINDOWS\Installer\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\NewShortcut1_5396FBD88BD747F992AEF62 F13D5A11D_1.exe
+ 2008-06-11 04:23:47 45,056 ----a-r C:\WINDOWS\Installer\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\NewShortcut2_5396FBD88BD747F992AEF62 F13D5A11D.exe
+ 2008-06-11 04:23:48 45,056 ----a-r C:\WINDOWS\Installer\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\NewShortcut3_5396FBD88BD747F992AEF62 F13D5A11D.exe
+ 2008-06-11 04:23:48 45,056 ----a-r C:\WINDOWS\Installer\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\NewShortcut4_5396FBD88BD747F992AEF62 F13D5A11D.exe
+ 2008-06-11 04:23:48 45,056 ----a-r C:\WINDOWS\Installer\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\NewShortcut5_5396FBD88BD747F992AEF62 F13D5A11D_1.exe
+ 2008-06-11 04:23:48 45,056 ----a-r C:\WINDOWS\Installer\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\NewShortcut6_5396FBD88BD747F992AEF62 F13D5A11D.exe
- 2000-08-31 15:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 15:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
- 2008-03-01 13:06:20 124,928 ----a-w C:\WINDOWS\SYSTEM32\advpack.dll
+ 2008-04-23 04:16:28 124,928 ----a-w C:\WINDOWS\SYSTEM32\advpack.dll
- 2008-03-01 13:06:20 124,928 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\advpack.dll
+ 2008-04-23 04:16:28 124,928 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\advpack.dll
- 2008-03-01 13:06:21 347,136 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2008-04-23 04:16:28 347,136 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
- 2008-03-01 13:06:21 214,528 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
+ 2008-04-23 04:16:28 214,528 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
- 2008-03-01 13:06:21 133,120 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
+ 2008-04-23 04:16:28 133,120 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
- 2008-03-01 13:06:21 63,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
+ 2008-04-23 04:16:28 63,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
- 2008-03-01 13:06:21 153,088 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakeng.dll
+ 2008-04-23 04:16:28 153,088 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakeng.dll
- 2008-03-01 13:06:21 230,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieaksie.dll
+ 2008-04-23 04:16:28 230,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieaksie.dll
- 2008-03-01 13:06:22 383,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
+ 2008-04-23 04:16:28 383,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
- 2008-03-01 13:06:22 384,512 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2008-04-23 04:16:28 384,512 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iedkcs32.dll
- 2008-03-01 13:06:24 6,066,176 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
+ 2008-04-23 04:16:28 6,066,176 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
- 2008-03-01 13:06:24 44,544 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iernonce.dll
+ 2008-04-23 04:16:28 44,544 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iernonce.dll
- 2008-03-01 13:06:25 267,776 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
+ 2008-04-23 04:16:28 267,776 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
- 2008-03-01 13:06:25 27,648 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2008-04-23 04:16:28 27,648 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
- 2008-03-01 13:06:26 459,264 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2008-04-23 04:16:28 459,264 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
- 2008-03-01 13:06:26 52,224 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
+ 2008-04-23 04:16:28 52,224 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
- 2008-03-01 13:06:28 478,208 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
+ 2008-04-23 04:16:28 478,208 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
- 2008-03-01 13:06:28 193,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
+ 2008-04-23 04:16:28 193,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
- 2008-03-01 13:06:29 671,232 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
+ 2008-04-23 04:16:28 671,232 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
- 2008-03-01 13:06:29 102,912 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\occache.dll
+ 2008-04-23 04:16:28 102,912 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\occache.dll
- 2008-03-01 13:06:29 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
+ 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
- 2008-03-01 13:06:29 105,984 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\url.dll
+ 2008-04-23 04:16:28 105,984 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\url.dll
- 2008-03-01 13:06:30 1,159,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
+ 2008-04-23 04:16:29 1,159,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
- 2008-03-01 13:06:30 233,472 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\webcheck.dll
+ 2008-04-23 04:16:29 233,472 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\webcheck.dll
- 2008-03-01 13:06:31 826,368 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
+ 2008-04-23 04:16:29 826,368 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
+ 2008-06-23 06:17:12 26,184 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys
- 2005-09-20 17:00:54 1,302,332 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
+ 2004-02-10 18:17:06 681,469 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
+ 2007-04-23 21:11:54 224,896 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\wg111v3.sys
- 2008-03-01 13:06:21 347,136 ----a-w C:\WINDOWS\SYSTEM32\dxtmsft.dll
+ 2008-04-23 04:16:28 347,136 ----a-w C:\WINDOWS\SYSTEM32\dxtmsft.dll
- 2008-03-01 13:06:21 214,528 ----a-w C:\WINDOWS\SYSTEM32\dxtrans.dll
+ 2008-04-23 04:16:28 214,528 ----a-w C:\WINDOWS\SYSTEM32\dxtrans.dll
- 2008-03-01 13:06:21 133,120 ----a-w C:\WINDOWS\SYSTEM32\extmgr.dll
+ 2008-04-23 04:16:28 133,120 ----a-w C:\WINDOWS\SYSTEM32\extmgr.dll
- 2005-09-20 16:31:12 73,728 ----a-w C:\WINDOWS\SYSTEM32\hccutils.dll
+ 2004-02-10 17:50:36 118,784 ----a-w C:\WINDOWS\SYSTEM32\hccutils.dll
- 2005-09-20 16:32:24 77,824 ----a-w C:\WINDOWS\SYSTEM32\hkcmd.exe
+ 2004-02-10 17:51:30 118,784 ----a-w C:\WINDOWS\SYSTEM32\hkcmd.exe
- 2005-09-20 16:59:56 900,218 ----a-w C:\WINDOWS\SYSTEM32\ialmdd5.dll
+ 2004-02-10 18:16:30 739,387 ----a-w C:\WINDOWS\SYSTEM32\ialmdd5.dll
- 2005-09-20 16:52:22 213,274 ----a-w C:\WINDOWS\SYSTEM32\ialmdev5.dll
+ 2004-02-10 18:09:52 126,651 ----a-w C:\WINDOWS\SYSTEM32\ialmdev5.dll
- 2005-09-20 16:52:32 118,395 ----a-w C:\WINDOWS\SYSTEM32\ialmdnt5.dll
+ 2004-02-10 18:10:00 103,484 ----a-w C:\WINDOWS\SYSTEM32\ialmdnt5.dll
- 2005-01-23 17:54:56 516,096 ----a-w C:\WINDOWS\SYSTEM32\ialmgdev.dll
+ 2004-02-10 18:09:26 471,040 ----a-w C:\WINDOWS\SYSTEM32\ialmgdev.dll
- 2005-01-23 17:52:44 2,289,664 ----a-w C:\WINDOWS\SYSTEM32\ialmgicd.dll
+ 2004-02-10 18:07:56 2,273,280 ----a-w C:\WINDOWS\SYSTEM32\ialmgicd.dll
- 2005-09-20 16:52:36 49,152 ----a-w C:\WINDOWS\SYSTEM32\ialmrem.dll
+ 2004-02-10 18:10:04 49,152 ----a-w C:\WINDOWS\SYSTEM32\ialmrem.dll
- 2005-09-20 16:52:38 36,990 ----a-w C:\WINDOWS\SYSTEM32\ialmrnt5.dll
+ 2004-02-10 18:10:08 36,415 ----a-w C:\WINDOWS\SYSTEM32\ialmrnt5.dll
- 2008-03-01 13:06:21 63,488 ----a-w C:\WINDOWS\SYSTEM32\icardie.dll
+ 2008-04-23 04:16:28 63,488 ----a-w C:\WINDOWS\SYSTEM32\icardie.dll
- 2008-02-29 08:55:23 70,656 ----a-w C:\WINDOWS\SYSTEM32\ie4uinit.exe
+ 2008-04-22 07:39:58 70,656 ----a-w C:\WINDOWS\SYSTEM32\ie4uinit.exe
- 2008-03-01 13:06:21 153,088 ----a-w C:\WINDOWS\SYSTEM32\ieakeng.dll
+ 2008-04-23 04:16:28 153,088 ----a-w C:\WINDOWS\SYSTEM32\ieakeng.dll
- 2008-03-01 13:06:21 230,400 ----a-w C:\WINDOWS\SYSTEM32\ieaksie.dll
+ 2008-04-23 04:16:28 230,400 ----a-w C:\WINDOWS\SYSTEM32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\SYSTEM32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\SYSTEM32\ieakui.dll
- 2008-03-01 13:06:22 383,488 ----a-w C:\WINDOWS\SYSTEM32\ieapfltr.dll
+ 2008-04-23 04:16:28 383,488 ----a-w C:\WINDOWS\SYSTEM32\ieapfltr.dll
- 2008-03-01 13:06:22 384,512 ----a-w C:\WINDOWS\SYSTEM32\iedkcs32.dll
+ 2008-04-23 04:16:28 384,512 ----a-w C:\WINDOWS\SYSTEM32\iedkcs32.dll
- 2008-03-01 13:06:24 6,066,176 ----a-w C:\WINDOWS\SYSTEM32\ieframe.dll
+ 2008-04-23 04:16:28 6,066,176 ----a-w C:\WINDOWS\SYSTEM32\ieframe.dll
- 2008-03-01 13:06:24 44,544 ----a-w C:\WINDOWS\SYSTEM32\iernonce.dll
+ 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\SYSTEM32\iernonce.dll
- 2008-03-01 13:06:25 267,776 ----a-w C:\WINDOWS\SYSTEM32\iertutil.dll
+ 2008-04-23 04:16:28 267,776 ----a-w C:\WINDOWS\SYSTEM32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\SYSTEM32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\SYSTEM32\ieudinit.exe
- 2005-09-20 16:35:02 446,464 ----a-w C:\WINDOWS\SYSTEM32\igfxcfg.exe
+ 2004-02-10 17:53:12 462,848 ----a-w C:\WINDOWS\SYSTEM32\igfxcfg.exe
- 2005-09-20 16:31:28 135,168 ----a-w C:\WINDOWS\SYSTEM32\igfxdev.dll
+ 2004-02-10 17:50:26 143,360 ----a-w C:\WINDOWS\SYSTEM32\igfxdev.dll
+ 2004-02-10 17:53:56 45,056 ----a-w C:\WINDOWS\SYSTEM32\igfxdgps.dll
+ 2004-02-10 17:53:56 151,552 ----a-w C:\WINDOWS\SYSTEM32\igfxdiag.exe
- 2005-09-20 16:32:30 86,016 ----a-w C:\WINDOWS\SYSTEM32\igfxdo.dll
+ 2004-02-10 17:50:08 86,016 ----a-w C:\WINDOWS\SYSTEM32\igfxdo.dll
+ 2004-02-10 17:54:40 221,184 ----a-w C:\WINDOWS\SYSTEM32\igfxeud.dll
- 2005-09-20 16:36:14 40,960 ----a-w C:\WINDOWS\SYSTEM32\igfxexps.dll
+ 2004-02-10 17:55:42 32