Tech Support Forum banner
Status
Not open for further replies.
1 - 1 of 1 Posts

·
Registered
Joined
·
24 Posts
I've been having this virus for a while and I've tried everything in my power to delete it...
I cannot be able to do this
I don't want to reformat the hard drive since I've lots of stuff saved in this pc and burning cds will be a nightmare since its at least 50gbs worth of saved work, and I do not have an external hard drive, and even if I did bet the files are infected and the virus will come back
I've attached a log, thanks in advance!





DDS (Ver_09-03-16.01) - NTFSx86
Run by b at 22:23:37.68 on Mon 05/04/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.479.121 [GMT 1:00]

AV: BitDefender Antivirus *On-access scanning enabled* (Updated)
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated)
FW: Norton Internet Worm Protection *disabled*
FW: BitDefender Firewall *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Smith Micro\StuffIt\ArcNameService.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\DNA\btdna.exe
C:\Documents and Settings\b\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\b\Desktop\gmer\gmer.exe
C:\Documents and Settings\b\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.1.7.4.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [<NO NAME>]
uRun: [mount.exe] c:\program files\[email protected]\fileutilities.3\mount.exe /z
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [Google Update] "c:\documents and settings\b\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] nwiz.exe /installquiet /nodetect
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [<NO NAME>]
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [Reminder] c:\windows\creator\Remind_XP.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2009\bdagent.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe"
mRun: [O2Start] c:\program files\o2cm-ce\o2 connection manager\tscui.exe /s
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
StartupFolder: c:\docume~1\b\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\b\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\b\startm~1\programs\startup\regist~1.lnk - c:\program files\ubisoft\assassin's creed\register\RegistrationReminder.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - {E7A829CC-671F-4C3D-B590-8C0AEA72E6B2} - c:\program files\bitcomet\tools\BitCometBHO_1.1.7.4.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/ES-MX/a-UNO1/GAME_UNO1.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} - hxxp://d.64.69.12.158.downloads.estara.com./as/OneCCDM.php?template=10913&sessionid=2130138921_207.248.42.88_3245&=&req=1225067861415OneCC.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} - hxxp://www.acclaim.com/cabs/acclaim_v4.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://crucial.com/controls/cpcScanner.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~4\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: msnmsg - {DA191DE0-AA86-4ED0-4B87-293D48B2AE99} - c:\program files\messenger\msgmr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office12\GRA8E1~1.DLL
SEH: {17DFD111-BF3A-4CB4-ADB0-88FCBFE69821} - No File
SEH: {8C41B7F7-3168-400D-A702-0E7EFE0BA304} - No File
SEH: {0B846B26-BFE6-4E8E-A948-1DB17B77B483} - No File

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\b\applic~1\mozilla\firefox\profiles\9jmn6jw5.default\
FF - component: c:\program files\mozilla firefox\components\FFComm.dll
FF - plugin: c:\documents and settings\b\application data\videoegg\loader\4665\npvideoegg-loader.dll
FF - plugin: c:\documents and settings\b\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R2 BDVEDISK;BDVEDISK;c:\program files\bitdefender\bitdefender 2009\BDVEDISK.sys [2008-7-2 82696]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-8-12 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2008-8-14 104328]
R3 TSWLAN;TsWlan Packet Driver;c:\windows\system32\drivers\TsWlan.sys [2007-6-29 33664]
S2 cdralw;NVIDIA Compatible Windows Miniport Driver;c:\windows\system32\drivers\nvmini.sys --> c:\windows\system32\drivers\nvmini.sys [?]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2007-10-3 16512]
S3 eth8023;eth8023;c:\windows\system32\drivers\eth8023.sys [2008-8-1 18048]
S3 MA8630C;MA8630C;c:\windows\system32\drivers\ma8630c.sys [2008-4-24 23248]
S3 MA8630M;MA8630M;c:\windows\system32\drivers\ma8630m.sys [2008-4-24 25428]
S3 MA8630U;MA8630U;c:\windows\system32\drivers\ma8630u.sys [2008-4-24 53586]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2007-10-4 17792]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2007-10-4 7680]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-10-4 21504]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-5-18 138112]
S3 pc22nd5;Toshiba PCX2200 USB Cable Modem networking driver (NDIS);c:\windows\system32\drivers\pc22nd5.sys [2007-7-12 17648]
S3 pc22unic;Toshiba PCX2200 USB Cable Modem WDM driver;c:\windows\system32\drivers\pc22unic.sys [2007-7-12 69744]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2007-4-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2007-4-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2007-4-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2007-4-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2007-4-23 98568]

=============== Created Last 30 ================

2009-05-04 17:20 621,056 a------- c:\windows\system32\drivers\mod7700.sys
2009-05-04 17:20 103,168 a------- c:\windows\system32\drivers\ewusbfake.sys
2009-05-04 17:20 101,120 a------- c:\windows\system32\drivers\ewusbmdm.sys
2009-05-04 17:20 100,992 a------- c:\windows\system32\drivers\ewusbnet.sys
2009-05-04 17:20 24,448 a------- c:\windows\system32\drivers\ewdcsc.sys
2009-05-03 16:46 <DIR> --d----- c:\docume~1\b\applic~1\Ubisoft
2009-05-01 19:39 <DIR> --d----- c:\docume~1\b\applic~1\Tatara Systems
2009-05-01 19:35 <DIR> --d----- c:\program files\O2CM-CE
2009-05-01 19:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\O2CM-CE
2009-05-01 19:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Novatel Wireless
2009-04-27 15:04 121 a------- c:\windows\bdagent.INI
2009-04-27 15:04 132 a------- C:\httpdwl.dat
2009-04-27 15:01 566 a------- c:\windows\system32\BDUpdateV1.xml
2009-04-27 13:35 1,409 a------- c:\windows\QTFont.for
2009-04-27 13:35 54,156 a---h--- c:\windows\QTFont.qfn
2009-04-27 12:28 <DIR> --d----- c:\docume~1\b\applic~1\BitDefender
2009-04-27 12:28 <DIR> --d----- C:\Binaries
2009-04-27 12:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BitDefender
2009-04-27 11:01 81,984 a------- c:\windows\system32\bdod.bin
2009-04-26 14:34 228,672 a------- c:\windows\system32\drivers\bdfsfltr.sys.bak
2009-04-26 14:34 108,864 a------- c:\windows\system32\drivers\bdfm.sys.bak
2009-04-26 14:34 102,208 a------- c:\windows\system32\drivers\bdfndisf.sys.bak
2009-04-26 14:34 82,568 a------- c:\windows\system32\drivers\BDVEDISK.sys.bak
2009-04-26 13:53 850 a------- c:\windows\system32\ProductTweaks.xml
2009-04-26 13:53 385 a------- c:\windows\system32\user_gensett.xml
2009-04-26 13:37 <DIR> --d----- c:\windows\system32\logs
2009-04-26 13:34 <DIR> --d----- c:\program files\BitDefender
2009-04-26 13:25 268 a---h--- C:\sqmdata07.sqm
2009-04-26 13:25 244 a---h--- C:\sqmnoopt07.sqm
2009-04-26 13:24 <DIR> --d----- c:\program files\common files\BitDefender
2009-04-26 00:18 284,160 -------- c:\windows\system32\dllcache\pdh.dll
2009-04-26 00:18 401,408 -------- c:\windows\system32\dllcache\rpcss.dll
2009-04-26 00:18 110,592 -------- c:\windows\system32\dllcache\services.exe
2009-04-26 00:18 35,328 -------- c:\windows\system32\dllcache\sc.exe
2009-04-26 00:18 473,600 -------- c:\windows\system32\dllcache\fastprox.dll
2009-04-26 00:18 227,840 -------- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-26 00:18 729,088 -------- c:\windows\system32\dllcache\lsasrv.dll
2009-04-26 00:18 453,120 -------- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-26 00:18 714,752 -------- c:\windows\system32\dllcache\ntdll.dll
2009-04-26 00:18 617,472 -------- c:\windows\system32\dllcache\advapi32.dll
2009-04-25 23:51 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-04-25 23:51 1,203,922 -------- c:\windows\system32\dllcache\sysmain.sdb
2009-04-25 23:51 215,552 -------- c:\windows\system32\dllcache\wordpad.exe
2009-04-25 23:18 <DIR> --d----- c:\windows\Mozilla

==================== Find3M ====================

2009-04-27 13:23 192,512 a------- c:\windows\system32\txmlutil.dll
2009-04-27 13:23 242,184 a------- c:\windows\system32\drivers\bdfsfltr.sys
2009-04-27 13:23 104,328 a------- c:\windows\system32\drivers\bdfndisf.sys
2009-04-27 13:23 111,112 a------- c:\windows\system32\drivers\bdfm.sys
2009-04-27 13:23 82,696 a------- c:\windows\system32\drivers\BDVEDISK.sys
2009-03-21 15:06 989,696 -------- c:\windows\system32\dllcache\kernel32.dll
2009-03-06 15:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-03 01:18 826,368 a------- c:\windows\system32\wininet.dll
2009-03-03 01:18 826,368 -------- c:\windows\system32\dllcache\wininet.dll
2009-02-28 05:54 636,072 -------- c:\windows\system32\dllcache\iexplore.exe
2009-02-20 11:20 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 11:20 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-02-20 06:14 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2009-02-09 13:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 13:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 13:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 13:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 12:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 12:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys
2009-02-07 19:02 2,066,048 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-06 12:11 110,592 -------- c:\windows\system32\services.exe
2009-02-06 12:08 2,189,056 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-06 12:06 2,145,280 a------- c:\windows\system32\ntoskrnl.exe
2009-02-06 12:06 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-06 11:39 35,328 a------- c:\windows\system32\sc.exe
2009-02-06 11:32 2,023,936 a------- c:\windows\system32\ntkrnlpa.exe
2009-02-06 11:32 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-04-30 01:56 2,828 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2008-04-30 01:56 88 ---shr-- c:\docume~1\alluse~1\applic~1\FC735FE618.sys
2008-02-08 04:05 88 ---shr-- c:\docume~1\alluse~1\applic~1\67DB0A24C2.sys
2007-10-04 07:22 92,064 a------- c:\documents and settings\b\mqdmmdm.sys
2007-10-04 07:22 79,328 a------- c:\documents and settings\b\mqdmserd.sys
2007-10-04 07:22 66,656 a------- c:\documents and settings\b\mqdmbus.sys
2007-10-04 07:22 25,600 a------- c:\documents and settings\b\usbsermptxp.sys
2007-10-04 07:22 22,768 a------- c:\documents and settings\b\usbsermpt.sys
2007-10-04 07:22 9,232 a------- c:\documents and settings\b\mqdmmdfl.sys
2007-10-04 07:22 6,208 a------- c:\documents and settings\b\mqdmcmnt.sys
2007-10-04 07:22 5,936 a------- c:\documents and settings\b\mqdmwhnt.sys
2007-10-04 07:22 4,048 a------- c:\documents and settings\b\mqdmcr.sys
2008-07-28 11:37 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008072820080729\index.dat

============= FINISH: 22:27:11.85 ===============
 

Attachments

1 - 1 of 1 Posts
Status
Not open for further replies.
Top