virus...malware help

themantheman · May 24, 2009

Here's whats going on

whenever I go to a search engine and click on a link it will take me to a totally different link. sometimes I can go back, sometimes I cant. I also had a problem saying windows was not activated. however I ran a program call Dr web (after some search of the problem) that cleared that up.

so here is my dds.txt file and my other 2 files

DDS (Ver_09-05-14.01) - NTFSx86
Run by Niggerachi at 15:04:21.65 on Sun 05/24/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2303.1204 [GMT -4:00]

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Niggerachi\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: 796525 Class: {e7f15ac4-e0a9-43f0-921b-70dfea621220} - c:\windows\system32\796525\796525.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uRun: [Aim6]
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Framework Windows] frmwrk32.exe
dRun: [A00FA4EDA14.exe] c:\windows\temp\_A00FA4EDA14.exe
dRun: [uidenhiufgsduiazghs] c:\windows\temp\l0f11.exe
dRun: [SYS32DLL] SYS32DLL
dRun: [<NO NAME>] c:\windows\temp\l0f11.exe
dRun: [A00F37CFE72.exe] c:\windows\temp\_A00F37CFE72.exe
uPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableTaskMgr = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\******~1\appdata\roaming\mozilla\firefox\profiles\8jx2t8hw.default\
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-16 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 953168]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-4-28 1153368]

=============== Created Last 30 ================

2009-05-24 14:44 <DIR> --d----- c:\users\niggerachi\DoctorWeb
2009-05-22 14:01 <DIR> --d----- c:\program files\K-Lite Codec Pack
2009-05-22 13:56 <DIR> --d----- c:\program files\GustoSoft
2009-05-22 10:10 444 a------- c:\windows\system32\win32hlp.cnf
2009-05-22 09:40 1,400 a------- c:\windows\system32\ahtn.htm
2009-05-22 09:40 4,785 a------- c:\windows\system32\warning.gif
2009-05-22 09:40 104,960 a------- c:\windows\system32\ntdll64.exe
2009-05-22 09:39 1 a------- c:\windows\system32\uniq.tll
2009-05-22 09:39 19,968 a------- c:\windows\system32\loader49.exe
2009-05-21 18:03 <DIR> --d----- c:\programdata\Adobe
2009-05-20 09:09 32,768 a------- c:\windows\system32\service-466.exe
2009-05-18 20:00 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-18 09:09 37,376 a------- c:\windows\system32\glsetup.exe
2009-05-17 20:48 <DIR> --d----- c:\program files\common files\NSV
2009-05-17 20:19 10,173 a------- C:\New Microsoft Office Word Document.docx
2009-05-17 16:19 28,672 a------- c:\windows\system32\lmn_setup.exe
2009-05-17 14:31 26,112 a------- c:\windows\system32\b67d4.exe
2009-05-17 11:19 23,040 a------- c:\windows\system32\ak1.exe
2009-05-17 11:19 15,000 a------- c:\windows\system32\afnoinkdsfe.dll
2009-05-16 19:04 107,246 a------- c:\windows\system32\vp_setup.exe
2009-05-16 16:52 0 a------- c:\windows\st_1242525599.exe
2009-05-16 16:52 0 a------- c:\windows\st_1242507170.exe
2009-05-16 16:48 15,688 a------- c:\windows\system32\lsdelete.exe
2009-05-16 16:44 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-05-16 16:41 <DIR> -cd-h--- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-16 16:41 <DIR> -cd-h--- c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-16 16:41 <DIR> --d----- c:\program files\Lavasoft
2009-05-15 21:50 <DIR> --d----- c:\programdata\Lavasoft
2009-05-15 21:22 19,456 a------- c:\windows\system32\ovfsthkotwhvvxknxxjiwlpbbogsaefeyikttt.dll
2009-05-15 21:22 17,920 a------- c:\windows\system32\ovfsthuulttrtgiklxkqksukrnfkvrvilevwos.dll
2009-05-15 21:22 61,440 a------- c:\windows\system32\ovfsthtxdxbqjutcttblqcbkycfjexsyiunodx.dll
2009-05-15 19:04 2 ----h--- c:\windows\t55ft3189f44.dat
2009-05-15 10:38 1 a------- c:\windows\9g2234wesdf3dfgjf23
2009-05-15 10:38 11,776 ----h--- c:\windows\pp07.exe
2009-05-15 10:38 <DIR> --d----- c:\windows\system32\796525
2009-05-15 10:38 15,872 ----h--- c:\windows\ld08.exe
2009-05-14 03:01 118 a------- c:\windows\system32\MRT.INI
2009-05-13 11:20 1,149,240 a------- c:\windows\system32\3.exe
2009-05-08 22:48 663 a------- c:\windows\wininit.ini
2009-04-29 14:46 22,538 a------- c:\windows\system32\lmppcsetup.exe
2009-04-28 00:44 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-04-28 00:44 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-04-28 00:44 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-04-27 22:39 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-04-27 22:38 <DIR> --d----- c:\users\niggerachi\.housecall6.6
2009-04-27 09:14 46 a------- c:\windows\system32\p2hhr.bat
2009-04-25 20:47 <DIR> --d----- c:\program files\common files\xing shared
2009-04-25 20:47 499,712 a------- c:\windows\system32\msvcp71.dll
2009-04-25 20:47 348,160 a------- c:\windows\system32\msvcr71.dll
2009-04-25 20:47 <DIR> --d----- c:\program files\common files\Real
2009-04-24 21:46 32,592 a------- c:\windows\system32\msonpmon.dll
2009-04-24 21:40 <DIR> --d----- c:\program files\Microsoft Visual Studio 8
2009-04-24 21:39 <DIR> --d----- c:\programdata\Microsoft Help
2009-04-24 21:37 43 a------- c:\windows\system32\ovfsthxgxiuxqbiryrlqofhrgrngjbjwhodnqn.dat
2009-04-24 21:36 <DIR> --d----- c:\program files\Elaborate Bytes
2009-04-24 21:36 181,662 a------- c:\windows\system32\ovfsthpcmiptubjctswdixxqvblwntsebfheuu.dat
2009-04-24 21:35 <DIR> --d----- c:\programdata\SlySoft
2009-04-24 21:35 <DIR> --d----- c:\program files\SlySoft

==================== Find3M ====================

2009-04-24 21:32 174 a--sh--- c:\program files\desktop.ini
2009-04-24 21:31 86,016 a------- c:\windows\inf\infstrng.dat
2009-04-24 21:31 86,016 a------- c:\windows\inf\infstor.dat
2009-04-24 21:31 51,200 a------- c:\windows\inf\infpub.dat
2009-04-24 21:23 665,600 a------- c:\windows\inf\drvindex.dat
2009-04-24 17:15 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-04-24 17:15 82,432 a------- c:\windows\system32\axaltocm.dll
2009-04-16 06:04 376,832 a------- c:\windows\system32\winhttp.dll
2009-04-16 06:04 562,176 a------- c:\windows\system32\msdtcprx.dll
2009-04-16 06:04 38,912 a------- c:\windows\system32\xolehlp.dll
2009-04-16 06:01 827,392 a------- c:\windows\system32\wininet.dll
2009-04-16 06:01 72,704 a------- c:\windows\system32\admparse.dll
2009-04-16 06:00 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-16 06:00 48,128 a------- c:\windows\system32\mshtmler.dll
2009-04-16 06:00 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-04-14 06:03 61,440 a------- c:\windows\system32\winipsec.dll
2009-04-14 06:03 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
2009-04-14 06:03 361,984 a------- c:\windows\system32\IPSECSVC.DLL
2009-04-14 06:03 272,896 a------- c:\windows\system32\polstore.dll
2009-04-14 06:03 269,312 a------- c:\windows\system32\es.dll
2009-04-13 19:55 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-04-13 10:17 296,960 a------- c:\windows\system32\gdi32.dll
2009-04-13 10:16 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-13 10:16 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-04-13 10:16 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-04-13 10:16 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2009-04-13 10:16 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2009-04-13 10:16 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-04-13 10:16 541,696 a------- c:\windows\apppatch\AcLayers.dll
2009-04-13 10:16 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-04-13 10:16 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-04-13 10:16 1,695,744 a------- c:\windows\system32\gameux.dll
2009-04-13 10:15 303,616 a------- c:\windows\system32\wmpeffects.dll
2009-04-13 10:15 1,191,936 a------- c:\windows\system32\msxml3.dll
2009-04-13 10:15 2,048 a------- c:\windows\system32\msxml3r.dll
2009-04-13 10:13 2,048 a------- c:\windows\system32\tzres.dll
2009-04-13 10:11 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-04-13 10:11 7,680 a------- c:\windows\system32\spwmp.dll
2009-04-13 10:11 4,096 a------- c:\windows\system32\dxmasf.dll
2009-04-13 10:08 2,927,104 a------- c:\windows\explorer.exe
2009-04-13 10:04 6,656 a------- c:\windows\system32\kbd106n.dll
2009-04-13 10:04 988,216 a------- c:\windows\system32\winload.exe
2009-04-13 10:04 927,288 a------- c:\windows\system32\winresume.exe
2009-04-13 10:04 378,368 a------- c:\windows\system32\srcore.dll
2009-04-13 10:04 318,464 a------- c:\windows\system32\rstrui.exe
2009-04-13 10:04 40,960 a------- c:\windows\system32\srclient.dll
2009-04-13 10:04 615,992 a------- c:\windows\system32\ci.dll
2009-04-13 10:04 46,592 a------- c:\windows\system32\setbcdlocale.dll
2009-04-13 10:04 19,000 a------- c:\windows\system32\kd1394.dll
2009-04-13 10:04 14,848 a------- c:\windows\system32\srdelayed.exe
2009-04-13 10:02 443,392 a------- c:\windows\system32\win32spl.dll
2009-04-13 10:02 37,888 a------- c:\windows\system32\printcom.dll
2009-04-13 10:02 113,664 a------- c:\windows\system32\drivers\rmcast.sys
2009-04-13 10:02 14,848 a------- c:\windows\system32\wshrm.dll
2009-04-13 10:01 288,768 a------- c:\windows\system32\drivers\srv.sys
2009-04-13 10:01 268,288 a------- c:\windows\system32\schannel.dll
2009-04-13 10:00 2,868,736 a------- c:\windows\system32\mf.dll
2009-04-13 10:00 98,816 a------- c:\windows\system32\mfps.dll
2009-04-13 10:00 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-04-13 10:00 24,576 a------- c:\windows\system32\mfpmp.exe
2009-04-13 10:00 2,048 a------- c:\windows\system32\mferror.dll
2009-04-13 10:00 996,352 a------- c:\windows\system32\WMNetMgr.dll
2009-04-13 10:00 94,720 a------- c:\windows\system32\logagent.exe
2009-04-13 09:59 738,304 a------- c:\windows\system32\inetcomm.dll
2009-04-13 09:59 84,480 a------- c:\windows\system32\INETRES.dll
2009-04-13 09:58 1,314,816 a------- c:\windows\system32\quartz.dll
2009-04-13 09:58 2,033,152 a------- c:\windows\system32\win32k.sys
2009-04-13 09:57 1,334,272 a------- c:\windows\system32\msxml6.dll
2009-04-13 09:57 2,048 a------- c:\windows\system32\msxml6r.dll
2009-04-13 09:55 83,456 a------- c:\windows\system32\wudriver.dll
2009-04-13 06:02 162,064 a------- c:\windows\system32\wuwebv.dll
2009-04-13 06:02 31,232 a------- c:\windows\system32\wuapp.exe
2009-04-13 00:16 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-09 20:40 103,744 a------- c:\windows\system32\drivers\AnyDVD.sys
2009-04-02 09:21 84,480 a------- c:\windows\system32\ff_vfw.dll
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 15:04:55.63 ===============

themantheman · May 27, 2009

Bump please

themantheman · May 31, 2009

Bump please,

its been a week since i posted this

TheBruce1 · Jun 1, 2009

Hello

Apologises for the delay getting to your log. The helpers here are all volunteers and we have been very busy lately. If you are still having malware problems, follow instructions below.

As it has been sometime since you last ran DDS and GMER, please run DDS and GMER again so i may review the updated logs.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

TheBruce1 · Jun 1, 2009

Hello

Apologises for the delay getting to your log. The helpers here are all volunteers and we have been very busy lately. If you are still having malware problems, follow instructions below.

As it has been sometime since you last ran DDS and GMER, please run DDS and GMER again so i may review the updated logs.

Also can you explain why there is no virus protection installed, you only have antispyware protection installed and that is not a substitute for antivirus protection.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

themantheman · Jun 2, 2009

i am gonna install trendmicro tonight

heres the updated info

DDS (Ver_09-05-14.01) - NTFSx86
Run by themantheman at 19:16:17.37 on Tue 06/02/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2303.1306 [GMT -4:00]

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\themantheman\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\themantheman~1\appdata\roaming\mozilla\firefox\profiles\8jx2t8hw.default\
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-16 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 1005904]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-4-28 1153368]

=============== Created Last 30 ================

2009-05-30 15:02 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-05-25 13:53 <DIR> --d----- c:\program files\ffdshow
2009-05-25 13:50 593,938 a------- c:\windows\system32\x264vfw.dll
2009-05-25 13:50 <DIR> --d----- c:\program files\x264
2009-05-25 13:30 <DIR> --d----- c:\programdata\ATI
2009-05-25 13:29 <DIR> --d----- c:\program files\common files\ATI Technologies
2009-05-25 13:28 <DIR> --d----- c:\program files\ATI Technologies
2009-05-25 13:24 0 a------- c:\windows\ativpsrm.bin
2009-05-25 13:19 <DIR> --d----- c:\program files\ATI
2009-05-25 13:18 <DIR> --d----- C:\Diamond
2009-05-24 17:33 161,792 a------- c:\windows\SWREG.exe
2009-05-24 17:33 154,624 a------- c:\windows\PEV.exe
2009-05-24 17:33 98,816 a------- c:\windows\sed.exe
2009-05-24 14:44 <DIR> --d----- c:\users\themantheman\DoctorWeb
2009-05-22 14:01 <DIR> --d----- c:\program files\K-Lite Codec Pack
2009-05-22 13:56 <DIR> --d----- c:\program files\GustoSoft
2009-05-21 18:03 <DIR> --d----- c:\programdata\Adobe
2009-05-18 20:00 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-17 20:48 <DIR> --d----- c:\program files\common files\NSV
2009-05-17 14:31 26,112 a------- c:\windows\system32\b67d4.exe
2009-05-16 16:48 15,688 a------- c:\windows\system32\lsdelete.exe
2009-05-16 16:44 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-05-16 16:41 <DIR> -cd-h--- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-16 16:41 <DIR> -cd-h--- c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-16 16:41 <DIR> --d----- c:\program files\Lavasoft
2009-05-15 21:50 <DIR> --d----- c:\programdata\Lavasoft
2009-05-15 10:38 1 a------- c:\windows\9g2234wesdf3dfgjf23
2009-05-15 10:38 <DIR> --d----- c:\windows\system32\796525
2009-05-14 03:01 118 a------- c:\windows\system32\MRT.INI
2009-05-08 22:48 663 a------- c:\windows\wininit.ini

==================== Find3M ====================

2009-05-25 13:28 86,016 a------- c:\windows\inf\infstrng.dat
2009-05-25 13:28 51,200 a------- c:\windows\inf\infpub.dat
2009-05-25 13:24 86,016 a------- c:\windows\inf\infstor.dat
2009-04-27 22:39 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-04-25 20:47 499,712 a------- c:\windows\system32\msvcp71.dll
2009-04-25 20:47 348,160 a------- c:\windows\system32\msvcr71.dll
2009-04-24 21:32 174 a--sh--- c:\program files\desktop.ini
2009-04-24 21:23 665,600 a------- c:\windows\inf\drvindex.dat
2009-04-24 17:15 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-04-24 17:15 82,432 a------- c:\windows\system32\axaltocm.dll
2009-04-16 06:04 376,832 a------- c:\windows\system32\winhttp.dll
2009-04-16 06:04 562,176 a------- c:\windows\system32\msdtcprx.dll
2009-04-16 06:04 38,912 a------- c:\windows\system32\xolehlp.dll
2009-04-16 06:01 827,392 a------- c:\windows\system32\wininet.dll
2009-04-16 06:01 72,704 a------- c:\windows\system32\admparse.dll
2009-04-16 06:00 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-16 06:00 48,128 a------- c:\windows\system32\mshtmler.dll
2009-04-16 06:00 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-04-14 06:03 61,440 a------- c:\windows\system32\winipsec.dll
2009-04-14 06:03 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
2009-04-14 06:03 361,984 a------- c:\windows\system32\IPSECSVC.DLL
2009-04-14 06:03 272,896 a------- c:\windows\system32\polstore.dll
2009-04-14 06:03 269,312 a------- c:\windows\system32\es.dll
2009-04-13 19:55 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-04-13 10:17 296,960 a------- c:\windows\system32\gdi32.dll
2009-04-13 10:16 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-13 10:16 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-04-13 10:16 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-04-13 10:16 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2009-04-13 10:16 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2009-04-13 10:16 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-04-13 10:16 541,696 a------- c:\windows\apppatch\AcLayers.dll
2009-04-13 10:16 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-04-13 10:16 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-04-13 10:16 1,695,744 a------- c:\windows\system32\gameux.dll
2009-04-13 10:15 303,616 a------- c:\windows\system32\wmpeffects.dll
2009-04-13 10:15 1,191,936 a------- c:\windows\system32\msxml3.dll
2009-04-13 10:15 2,048 a------- c:\windows\system32\msxml3r.dll
2009-04-13 10:13 2,048 a------- c:\windows\system32\tzres.dll
2009-04-13 10:11 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-04-13 10:11 7,680 a------- c:\windows\system32\spwmp.dll
2009-04-13 10:11 4,096 a------- c:\windows\system32\dxmasf.dll
2009-04-13 10:08 2,927,104 a------- c:\windows\explorer.exe
2009-04-13 10:04 6,656 a------- c:\windows\system32\kbd106n.dll
2009-04-13 10:04 988,216 a------- c:\windows\system32\winload.exe
2009-04-13 10:04 927,288 a------- c:\windows\system32\winresume.exe
2009-04-13 10:04 378,368 a------- c:\windows\system32\srcore.dll
2009-04-13 10:04 318,464 a------- c:\windows\system32\rstrui.exe
2009-04-13 10:04 40,960 a------- c:\windows\system32\srclient.dll
2009-04-13 10:04 615,992 a------- c:\windows\system32\ci.dll
2009-04-13 10:04 46,592 a------- c:\windows\system32\setbcdlocale.dll
2009-04-13 10:04 19,000 a------- c:\windows\system32\kd1394.dll
2009-04-13 10:04 14,848 a------- c:\windows\system32\srdelayed.exe
2009-04-13 10:02 443,392 a------- c:\windows\system32\win32spl.dll
2009-04-13 10:02 37,888 a------- c:\windows\system32\printcom.dll
2009-04-13 10:02 113,664 a------- c:\windows\system32\drivers\rmcast.sys
2009-04-13 10:02 14,848 a------- c:\windows\system32\wshrm.dll
2009-04-13 10:01 288,768 a------- c:\windows\system32\drivers\srv.sys
2009-04-13 10:01 268,288 a------- c:\windows\system32\schannel.dll
2009-04-13 10:00 2,868,736 a------- c:\windows\system32\mf.dll
2009-04-13 10:00 98,816 a------- c:\windows\system32\mfps.dll
2009-04-13 10:00 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-04-13 10:00 24,576 a------- c:\windows\system32\mfpmp.exe
2009-04-13 10:00 2,048 a------- c:\windows\system32\mferror.dll
2009-04-13 10:00 996,352 a------- c:\windows\system32\WMNetMgr.dll
2009-04-13 10:00 94,720 a------- c:\windows\system32\logagent.exe
2009-04-13 09:59 738,304 a------- c:\windows\system32\inetcomm.dll
2009-04-13 09:59 84,480 a------- c:\windows\system32\INETRES.dll
2009-04-13 09:58 1,314,816 a------- c:\windows\system32\quartz.dll
2009-04-13 09:58 2,033,152 a------- c:\windows\system32\win32k.sys
2009-04-13 09:57 1,334,272 a------- c:\windows\system32\msxml6.dll
2009-04-13 09:57 2,048 a------- c:\windows\system32\msxml6r.dll
2009-04-13 09:55 83,456 a------- c:\windows\system32\wudriver.dll
2009-04-13 06:02 162,064 a------- c:\windows\system32\wuwebv.dll
2009-04-13 06:02 31,232 a------- c:\windows\system32\wuapp.exe
2009-04-13 00:16 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-09 20:40 103,744 a------- c:\windows\system32\drivers\AnyDVD.sys
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 19:17:13.46 ===============

TheBruce1 · Jun 3, 2009

It would appear as though you have already run Combofix, i will need to see those logs which can be found at C:\Combofix.txt.

themantheman · Jun 3, 2009

ComboFix 09-05-30.03 - themantheman 05/30/2009 14:58.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2303.1330 [GMT -4:00]
Running from: c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Scanners\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-30 )))))))))))))))))))))))))))))))
.

2009-05-30 19:01 . 2009-05-30 19:01 -------- d-----w c:\users\themantheman\AppData\Local\temp
2009-05-30 19:01 . 2009-05-30 19:01 -------- d-----w c:\windows\system32\config\systemprofile\AppData\Local\temp
2009-05-25 17:53 . 2009-05-25 17:53 -------- d-----w c:\program files\ffdshow
2009-05-25 17:50 . 2009-05-25 17:50 593938 ----a-w c:\windows\system32\x264vfw.dll
2009-05-25 17:50 . 2009-05-25 17:50 -------- d-----w c:\program files\x264
2009-05-25 17:43 . 2009-05-25 17:43 390664 ----a-w c:\users\themantheman\AppData\Roaming\Real\RealPlayer\Update\RealPlayer11.exe
2009-05-25 17:30 . 2009-05-25 17:30 -------- d-----w c:\users\themantheman\AppData\Roaming\ATI
2009-05-25 17:30 . 2009-05-25 17:30 -------- d-----w c:\users\themantheman\AppData\Local\ATI
2009-05-25 17:30 . 2009-05-25 17:30 -------- d-----w c:\programdata\ATI
2009-05-25 17:29 . 2009-05-25 17:29 9158 ----a-r c:\users\themantheman\AppData\Roaming\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2009-05-25 17:29 . 2009-05-25 17:29 -------- d-----w c:\program files\Common Files\ATI Technologies
2009-05-25 17:28 . 2009-05-25 17:28 10134 ----a-r c:\users\themantheman\AppData\Roaming\Microsoft\Installer\{FC5A7E9B-2CAC-6261-7F34-817C6547ABF3}\ARPPRODUCTICON.exe
2009-05-25 17:28 . 2009-05-25 17:30 -------- d-----w c:\program files\ATI Technologies
2009-05-25 17:24 . 2009-05-25 17:24 0 ----a-w c:\windows\ativpsrm.bin
2009-05-25 17:19 . 2009-05-25 17:27 -------- d-----w c:\program files\ATI
2009-05-25 17:18 . 2009-05-25 17:18 -------- d-----w C:\Diamond
2009-05-24 21:32 . 2009-05-30 18:57 3122418 ----a-r c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Scanners\ComboFix.exe
2009-05-24 18:49 . 2009-05-24 18:50 14113448 ----a-w c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Scanners\launch.exe
2009-05-24 18:44 . 2009-05-24 18:44 -------- d-----w c:\users\themantheman\DoctorWeb
2009-05-22 18:01 . 2008-09-16 19:23 168448 ----a-w c:\windows\system32\unrar.dll
2009-05-22 18:01 . 2008-12-07 18:08 795648 ----a-w c:\windows\system32\xvidcore.dll
2009-05-22 18:01 . 2008-12-07 18:08 130048 ----a-w c:\windows\system32\xvidvfw.dll
2009-05-22 18:01 . 2004-01-25 16:18 217088 ----a-w c:\windows\system32\yv12vfw.dll
2009-05-22 18:01 . 2008-12-11 00:33 86016 ----a-w c:\windows\system32\dpl100.dll
2009-05-22 18:01 . 2008-11-06 16:37 3596288 ----a-w c:\windows\system32\qt-dx331.dll
2009-05-22 18:01 . 2008-11-06 16:33 684032 ----a-w c:\windows\system32\divx.dll
2009-05-22 18:01 . 2006-08-16 16:00 6144 ----a-w c:\windows\system32\ff_vfw.dll
2009-05-22 18:01 . 2009-05-22 18:01 -------- d-----w c:\program files\K-Lite Codec Pack
2009-05-22 17:56 . 2009-05-22 17:56 -------- d-----w c:\program files\GustoSoft
2009-05-21 22:04 . 2009-05-21 22:04 -------- d-----w c:\users\themantheman\AppData\Local\Adobe
2009-05-21 22:04 . 2009-05-21 22:04 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-05-21 22:02 . 2009-05-21 22:03 -------- d-----w c:\program files\Common Files\Adobe
2009-05-18 00:48 . 2009-05-18 00:48 -------- d-----w c:\program files\Common Files\NSV
2009-05-17 18:31 . 2009-05-17 18:47 26112 ----a-w c:\windows\system32\b67d4.exe
2009-05-16 20:48 . 2009-05-16 20:44 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-16 20:43 . 2009-05-16 20:43 626000 ----a-w c:\programdata\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-05-16 20:43 . 2009-05-16 20:43 516440 ----a-w c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-05-16 20:43 . 2009-05-16 20:43 953168 ----a-w c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-05-16 20:41 . 2009-05-16 20:41 -------- dc-h--w c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-16 20:41 . 2009-03-12 08:17 2902048 -c--a-w c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-05-16 20:41 . 2009-05-16 20:41 -------- d-----w c:\program files\Lavasoft
2009-05-16 01:50 . 2009-05-16 20:41 -------- d-----w c:\programdata\Lavasoft
2009-05-15 14:38 . 2009-05-16 20:48 -------- d-----w c:\windows\system32\796525
2009-05-03 03:47 . 2009-05-03 03:47 -------- d-----w c:\program files\Microsoft Silverlight

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-28 00:13 . 2009-04-13 04:08 680 ----a-w c:\users\themantheman\AppData\Local\d3d9caps.dat
2009-05-24 17:21 . 2009-04-13 00:41 99864 ----a-w c:\users\themantheman\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-19 00:00 . 2009-05-19 00:00 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-16 20:49 . 2009-04-18 19:00 -------- d-----w c:\users\themantheman\AppData\Roaming\uTorrent
2009-05-14 07:01 . 2009-04-25 01:39 -------- d-----w c:\programdata\Microsoft Help
2009-04-28 04:45 . 2009-04-28 04:44 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-28 04:45 . 2009-04-28 04:44 -------- d-----w c:\programdata\Spybot - Search & Destroy
2009-04-28 02:39 . 2009-04-28 02:39 102664 ----a-w c:\windows\system32\drivers\tmcomm.sys
2009-04-27 13:12 . 2009-04-13 04:55 -------- d-----w c:\programdata\Yahoo! Companion
2009-04-27 13:12 . 2009-04-27 13:12 -------- d-----w c:\windows\system32\config\systemprofile\AppData\Roaming\Yahoo!
2009-04-26 00:47 . 2009-04-26 00:47 -------- d-----w c:\program files\Common Files\xing shared
2009-04-26 00:47 . 2009-04-26 00:47 -------- d-----w c:\program files\Common Files\Real
2009-04-26 00:47 . 2009-04-26 00:47 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-04-26 00:47 . 2009-04-26 00:47 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-04-26 00:47 . 2009-04-26 00:47 -------- d-----w c:\program files\Real
2009-04-25 01:44 . 2009-04-25 01:44 -------- d-----w c:\program files\Microsoft Works
2009-04-25 01:43 . 2006-11-02 12:37 -------- d-----w c:\program files\MSBuild
2009-04-25 01:42 . 2009-04-25 01:42 -------- d-----w c:\program files\Microsoft.NET
2009-04-25 01:40 . 2009-04-25 01:40 -------- d-----w c:\program files\Microsoft Visual Studio 8
2009-04-25 01:36 . 2009-04-25 01:36 -------- d-----w c:\program files\Elaborate Bytes
2009-04-25 01:35 . 2009-04-25 01:35 -------- d-----w c:\programdata\SlySoft
2009-04-25 01:35 . 2009-04-25 01:35 -------- d-----w c:\program files\SlySoft
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Sidebar
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Photo Gallery
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Journal
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Collaboration
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Calendar
2009-04-25 01:24 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Defender
2009-04-25 01:23 . 2006-11-02 10:25 665600 ----a-w c:\windows\inf\drvindex.dat
2009-04-24 21:15 . 2006-11-02 10:32 101888 ----a-w c:\windows\system32\ifxcardm.dll
2009-04-24 21:15 . 2006-11-02 10:32 82432 ----a-w c:\windows\system32\axaltocm.dll
2009-04-18 19:00 . 2009-04-18 19:00 -------- d-----w c:\program files\uTorrent
2009-04-16 10:04 . 2009-04-16 10:04 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-16 10:04 . 2009-04-16 10:04 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-16 10:04 . 2009-04-16 10:04 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-16 10:01 . 2009-04-16 10:01 827392 ----a-w c:\windows\system32\wininet.dll
2009-04-16 10:01 . 2009-04-16 10:01 72704 ----a-w c:\windows\system32\admparse.dll
2009-04-16 10:00 . 2009-04-16 10:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-04-16 10:00 . 2009-04-16 10:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-04-16 10:00 . 2009-04-16 10:00 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-04-14 10:03 . 2009-04-14 10:03 61440 ----a-w c:\windows\system32\winipsec.dll
2009-04-14 10:03 . 2009-04-14 10:03 28672 ----a-w c:\windows\system32\FwRemoteSvr.dll
2009-04-14 10:03 . 2009-04-14 10:03 361984 ----a-w c:\windows\system32\IPSECSVC.DLL
2009-04-14 10:03 . 2009-04-14 10:03 272896 ----a-w c:\windows\system32\polstore.dll
2009-04-14 10:03 . 2009-04-14 10:03 269312 ----a-w c:\windows\system32\es.dll
2009-04-13 23:55 . 2009-04-13 23:55 1524736 ----a-w c:\windows\system32\wucltux.dll
2009-04-13 23:55 . 2009-04-13 23:55 51224 ----a-w c:\windows\system32\wuauclt.exe
2009-04-13 23:55 . 2009-04-13 23:55 43544 ----a-w c:\windows\system32\wups2.dll
2009-04-13 23:55 . 2009-04-13 23:55 1809944 ----a-w c:\windows\system32\wuaueng.dll
2009-04-13 14:17 . 2009-04-13 14:17 296960 ----a-w c:\windows\system32\gdi32.dll
2009-04-13 14:16 . 2009-04-13 14:16 212480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-04-13 14:16 . 2009-04-13 14:16 28672 ----a-w c:\windows\system32\Apphlpdm.dll
2009-04-13 14:16 . 2009-04-13 14:16 4240384 ----a-w c:\windows\system32\GameUXLegacyGDFs.dll
2009-04-13 14:16 . 2009-04-13 14:16 1695744 ----a-w c:\windows\system32\gameux.dll
2009-04-13 14:15 . 2009-04-13 14:15 303616 ----a-w c:\windows\system32\wmpeffects.dll
2009-04-13 14:15 . 2009-04-13 14:15 2048 ----a-w c:\windows\system32\msxml3r.dll
2009-04-13 14:15 . 2009-04-13 14:15 1191936 ----a-w c:\windows\system32\msxml3.dll
2009-04-13 14:13 . 2009-04-13 14:13 2048 ----a-w c:\windows\system32\tzres.dll
2009-04-13 14:11 . 2009-04-13 14:11 8147456 ----a-w c:\windows\system32\wmploc.DLL
2009-04-13 14:11 . 2009-04-13 14:11 7680 ----a-w c:\windows\system32\spwmp.dll
2009-04-13 14:11 . 2009-04-13 14:11 4096 ----a-w c:\windows\system32\dxmasf.dll
2009-04-13 14:08 . 2009-04-13 14:08 2927104 ----a-w c:\windows\explorer.exe
2009-04-13 14:04 . 2009-04-13 14:04 6656 ----a-w c:\windows\system32\kbd106n.dll
2009-04-13 14:04 . 2009-04-13 14:04 988216 ----a-w c:\windows\system32\winload.exe
2009-04-13 14:04 . 2009-04-13 14:04 927288 ----a-w c:\windows\system32\winresume.exe
2009-04-13 14:04 . 2009-04-13 14:04 40960 ----a-w c:\windows\system32\srclient.dll
2009-04-13 14:04 . 2009-04-13 14:04 378368 ----a-w c:\windows\system32\srcore.dll
2009-04-13 14:04 . 2009-04-13 14:04 318464 ----a-w c:\windows\system32\rstrui.exe
2009-04-13 14:04 . 2009-04-13 14:04 615992 ----a-w c:\windows\system32\ci.dll
2009-04-13 14:04 . 2009-04-13 14:04 46592 ----a-w c:\windows\system32\setbcdlocale.dll
2009-04-13 14:04 . 2009-04-13 14:04 19000 ----a-w c:\windows\system32\kd1394.dll
2009-04-13 14:04 . 2009-04-13 14:04 14848 ----a-w c:\windows\system32\srdelayed.exe
2009-04-13 14:02 . 2009-04-13 14:02 443392 ----a-w c:\windows\system32\win32spl.dll
2009-04-13 14:02 . 2009-04-13 14:02 37888 ----a-w c:\windows\system32\printcom.dll
2009-04-13 14:02 . 2009-04-13 14:02 14848 ----a-w c:\windows\system32\wshrm.dll
2009-04-13 14:02 . 2009-04-13 14:02 113664 ----a-w c:\windows\system32\drivers\rmcast.sys
2009-04-13 14:01 . 2009-04-13 14:01 288768 ----a-w c:\windows\system32\drivers\srv.sys
2009-04-13 14:01 . 2009-04-13 14:01 268288 ----a-w c:\windows\system32\schannel.dll
2009-04-13 14:00 . 2009-04-13 14:00 98816 ----a-w c:\windows\system32\mfps.dll
2009-04-13 14:00 . 2009-04-13 14:00 2868736 ----a-w c:\windows\system32\mf.dll
2009-04-13 14:00 . 2009-04-13 14:00 53248 ----a-w c:\windows\system32\rrinstaller.exe
2009-04-13 14:00 . 2009-04-13 14:00 24576 ----a-w c:\windows\system32\mfpmp.exe
2009-04-13 14:00 . 2009-04-13 14:00 2048 ----a-w c:\windows\system32\mferror.dll
2009-04-13 14:00 . 2009-04-13 14:00 996352 ----a-w c:\windows\system32\WMNetMgr.dll
2009-04-13 14:00 . 2009-04-13 14:00 94720 ----a-w c:\windows\system32\logagent.exe
2009-04-13 13:59 . 2009-04-13 13:59 84480 ----a-w c:\windows\system32\INETRES.dll
2009-04-13 13:59 . 2009-04-13 13:59 738304 ----a-w c:\windows\system32\inetcomm.dll
2009-04-13 13:58 . 2009-04-13 13:58 1314816 ----a-w c:\windows\system32\quartz.dll
2009-04-13 13:58 . 2009-04-13 13:58 2033152 ----a-w c:\windows\system32\win32k.sys
2009-04-13 13:57 . 2009-04-13 13:57 1334272 ----a-w c:\windows\system32\msxml6.dll
2009-04-13 13:57 . 2009-04-13 13:57 2048 ----a-w c:\windows\system32\msxml6r.dll
2009-04-13 13:55 . 2009-04-13 13:55 83456 ----a-w c:\windows\system32\wudriver.dll
2009-04-13 13:55 . 2009-04-13 13:55 34328 ----a-w c:\windows\system32\wups.dll
2009-04-13 13:55 . 2009-04-13 13:55 561688 ----a-w c:\windows\system32\wuapi.dll
2009-04-13 10:02 . 2009-04-13 10:02 31232 ----a-w c:\windows\system32\wuapp.exe
2009-04-13 10:02 . 2009-04-13 10:02 162064 ----a-w c:\windows\system32\wuwebv.dll
2009-04-13 05:49 . 2009-04-13 05:49 -------- d-----w c:\program files\Microsoft
2009-04-13 05:49 . 2009-04-13 05:48 -------- d-----w c:\program files\Windows Live
2009-04-13 05:48 . 2009-04-13 05:48 -------- d-----w c:\program files\Windows Live SkyDrive
.

((((((((((((((((((((((((((((( [email protected]_21.37.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-25 17:20 . 2009-05-25 17:20 65536 c:\windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087\vcomp.dll
+ 2009-05-16 07:00 . 2009-05-25 17:20 42016 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
+ 2009-04-13 00:50 . 2009-05-28 00:18 25816 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-05-28 00:18 44984 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-10-21 13:40 . 2008-10-21 13:40 81920 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\ATIODE.exe
+ 2008-10-21 13:40 . 2008-10-21 13:40 45056 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\ATIODCLI.exe
+ 2008-12-01 15:56 . 2008-12-01 15:56 98304 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atiadlxx.dll
+ 2008-12-01 15:42 . 2008-12-01 15:42 53248 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\ati2erec.dll
+ 2008-12-01 16:45 . 2008-12-01 16:45 43520 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\ati2edxx.dll
+ 2008-12-01 15:56 . 2008-12-01 15:56 50688 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\amdpcom32.dll
+ 2008-12-01 15:56 . 2008-12-01 15:56 57344 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\amdcalrt.dll
+ 2008-12-01 15:56 . 2008-12-01 15:56 53248 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\amdcalcl.dll
- 2006-11-02 10:25 . 2006-11-02 08:53 26112 c:\windows\System32\drivers\vgapnp.sys
+ 2009-04-22 18:58 . 2008-01-19 05:52 26112 c:\windows\System32\drivers\vgapnp.sys
+ 2009-04-22 18:58 . 2008-01-19 04:30 53760 c:\windows\System32\drivers\hdaudbus.sys
+ 2008-12-01 15:42 . 2008-12-01 15:42 53248 c:\windows\System32\drivers\ati2erec.dll
- 2006-11-02 13:02 . 2009-05-24 18:47 98304 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2009-05-28 00:16 98304 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-21 13:40 . 2008-10-21 13:40 81920 c:\windows\System32\ATIODE.exe
+ 2008-10-21 13:40 . 2008-10-21 13:40 45056 c:\windows\System32\ATIODCLI.exe
+ 2008-12-01 15:56 . 2008-12-01 15:56 98304 c:\windows\System32\atiadlxx.dll
+ 2008-12-01 16:45 . 2008-12-01 16:45 43520 c:\windows\System32\ati2edxx.dll
+ 2008-12-01 15:56 . 2008-12-01 15:56 50688 c:\windows\System32\amdpcom32.dll
+ 2008-12-01 15:56 . 2008-12-01 15:56 57344 c:\windows\System32\amdcalrt.dll
+ 2008-12-01 15:56 . 2008-12-01 15:56 53248 c:\windows\System32\amdcalcl.dll
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{ECE1F718-CDFD-7A05-BDB9-4D33BFE67D9C}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{DDACB061-0C85-8A15-45C9-28415476762B}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{D3B1C799-CB73-42DE-BA0F-2344793A095C}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{C8E9FBF9-6CBE-AE9B-C8AB-2C8F5E32140C}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{C3F7C6EB-B6AD-CE5E-46BD-E6DE8EBB6E5A}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{ACB91656-A3D1-4E5F-82F0-D3E5200F1D06}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{9FA7B446-0DE0-C883-9DB4-AC9A35D60735}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{6419FBF5-2DB7-FF43-EE67-5448F868D080}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{3A1BBC38-2602-B555-24D3-942F01D8DC39}\ARPPRODUCTICON.exe
+ 2009-05-25 17:30 . 2009-05-25 17:30 10134 c:\windows\Installer\{1DE0F8B5-763F-395F-56F3-98F8D9E0492D}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{186DB7E2-1C55-0715-12E1-7FC473D30A4C}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{15422767-809D-8D9C-140D-99B39C9683DA}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 10134 c:\windows\Installer\{1102B81E-73F2-339C-E299-C48D7CA32441}\ARPPRODUCTICON.exe
- 2006-11-02 10:25 . 2009-04-25 01:31 86016 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2009-05-25 17:28 86016 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2009-04-25 01:31 86016 c:\windows\inf\infstor.dat
+ 2006-11-02 10:25 . 2009-05-25 17:24 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-04-25 01:31 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2009-05-25 17:28 51200 c:\windows\inf\infpub.dat
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\PCKGHLP.Foundation.Private\2.0.3218.28701__90ba9c70f846762e\PCKGHLP.Foundation.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 19456 c:\windows\assembly\GAC_MSIL\PCKGHLP.Foundation.Implementation\2.0.3257.27102__90ba9c70f846762e\PCKGHLP.Foundation.Implementation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3218.28665__90ba9c70f846762e\NEWAEM.Foundation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 49152 c:\windows\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3218.28686__90ba9c70f846762e\MOM.Foundation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 86016 c:\windows\assembly\GAC_MSIL\LOG\2.0.3257.27084__90ba9c70f846762e\LOG.EXE
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3218.28664__90ba9c70f846762e\LOG.Foundation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3218.28672__90ba9c70f846762e\LOG.Foundation.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 61440 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3257.27084__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3218.28686__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\LOCALIZATION.Foundation.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 11264 c:\windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3257.27109__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\DEM.OS\2.0.3218.28687__90ba9c70f846762e\DEM.OS.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3218.28687__90ba9c70f846762e\DEM.OS.I0602.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3218.28688__90ba9c70f846762e\DEM.Graphics.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 45056 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 49152 c:\windows\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Implementation\2.0.3257.26991__90ba9c70f846762e\CLI.Implementation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 73728 c:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3218.28666__90ba9c70f846762e\CLI.Foundation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3218.28727__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\CLI.Foundation.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 57344 c:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3257.26995__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 69632 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3257.26994__90ba9c70f846762e\CLI.Component.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3218.28676__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 45056 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Load\2.0.3257.27084__90ba9c70f846762e\CLI.Component.Load.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Icomponent\2.0.3257.27012__90ba9c70f846762e\CLI.Component.Icomponent.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Help\2.0.3257.27083__90ba9c70f846762e\CLI.Component.Help.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 61440 c:\windows\assembly\GAC_MSIL\CLI.Component.Erecord\2.0.3257.27023__90ba9c70f846762e\CLI.Component.Erecord.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 65536 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager.Resources\2.0.3257.27028__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.Resources.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 65536 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager.Resources\2.0.3257.27027__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.Resources.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3218.28672__90ba9c70f846762e\CLI.Component.Client.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3218.28675__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Component.AutoRemoval\2.0.3257.27070__90ba9c70f846762e\CLI.Component.Autoremoval.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 11776 c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3257.27108__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3257.27008__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 61440 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3218.28695__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 73728 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3257.27003__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.3257.27111__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3257.27012__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime\2.0.3257.27048__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3218.28702__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3218.28691__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3257.27021__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 94208 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3257.27056__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 57344 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3257.27055__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3218.28706__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3257.27105__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3218.28701__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3257.27091__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.3218.28702__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3257.27097__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.3257.27050__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 61440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3218.28705__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 77824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3257.27106__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3218.28691__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 69632 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3257.27023__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Shared\2.0.3218.28691__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Runtime\2.0.3257.27022__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Runtime\2.0.3257.27110__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Shared\2.0.3218.28701__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Runtime\2.0.3257.27086__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Runtime\2.0.3257.27043__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Runtime\2.0.3257.27040__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3257.27114__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 53248 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 81920 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3257.27038__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 10240 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3257.27113__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3257.27113__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared\2.0.3218.28691__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime\2.0.3257.27022__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3218.28689__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3257.27003__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 10240 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3257.27108__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3257.27109__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3257.27047__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3257.27017__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 77824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3257.27071__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3218.28685__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3257.27037__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3257.27049__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 61440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3257.27037__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 69632 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3257.27050__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 53248 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3257.27038__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 12800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3257.27112__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3257.27112__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 98304 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard\2.0.3257.27028__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private\2.0.3218.28701__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3218.28686__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Shared\2.0.3218.28687__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Runtime\2.0.3257.27117__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 86016 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Dashboard\2.0.3257.27117__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Shared\2.0.3218.28704__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 12288 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Runtime\2.0.3257.27101__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 90112 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Dashboard\2.0.3257.27101__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 49152 c:\windows\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE
+ 2009-05-25 17:30 . 2009-05-25 17:30 28672 c:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3257.27085__90ba9c70f846762e\CCC.Implementation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 14848 c:\windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 45056 c:\windows\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 73728 c:\windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3257.26994__90ba9c70f846762e\ATIDEMOS.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 32768 c:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 61440 c:\windows\assembly\GAC_MSIL\APM.Server\2.0.3257.26992__90ba9c70f846762e\APM.Server.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3218.28685__90ba9c70f846762e\APM.Foundation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 61440 c:\windows\assembly\GAC_MSIL\AEM.UI\2.0.3257.27085__90ba9c70f846762e\AEM.UI.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\AEM.UI.Shared\2.0.3218.28700__90ba9c70f846762e\AEM.UI.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 45056 c:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3257.26993__90ba9c70f846762e\AEM.Server.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3218.28678__90ba9c70f846762e\AEM.Server.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3218.28683__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 45056 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3257.27101__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.GD.Shared\2.0.3218.28704__90ba9c70f846762e\AEM.Plugin.Source.GD.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.EEU.Shared\2.0.3218.28704__90ba9c70f846762e\AEM.Plugin.Source.EEU.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3218.28700__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3218.28677__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3218.28685__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 16384 c:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 20480 c:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3218.28672__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 24576 c:\windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 13312 c:\windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 49152 c:\windows\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
+ 2009-04-13 00:50 . 2009-05-28 00:18 5750 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-533328592-1579584615-2223412665-1000_UserData.bin
+ 2009-05-28 00:16 . 2009-05-28 00:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-05-24 20:53 . 2009-05-24 20:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-05-24 20:53 . 2009-05-24 20:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-05-28 00:16 . 2009-05-28 00:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-05-25 17:20 . 2009-05-25 17:28 9158 c:\windows\Installer\{CBB1BA2C-34DB-5947-BFFF-F52E3A542514}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2009-05-25 17:20 . 2009-05-25 17:28 9158 c:\windows\Installer\{CBB1BA2C-34DB-5947-BFFF-F52E3A542514}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2009-05-25 17:20 . 2009-05-25 17:28 9158 c:\windows\Installer\{CBB1BA2C-34DB-5947-BFFF-F52E3A542514}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2009-05-25 17:20 . 2009-05-25 17:28 9158 c:\windows\Installer\{CBB1BA2C-34DB-5947-BFFF-F52E3A542514}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2009-05-25 17:20 . 2009-05-25 17:28 9158 c:\windows\Installer\{CBB1BA2C-34DB-5947-BFFF-F52E3A542514}\ARPPRODUCTICON.exe
+ 2009-05-25 17:29 . 2009-05-25 17:29 9158 c:\windows\Installer\{C8E9FBF9-6CBE-AE9B-C8AB-2C8F5E32140C}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2009-05-25 17:30 . 2009-05-25 17:30 7168 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3257.26994__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 7680 c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3257.27112__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 8704 c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3257.27108__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 7680 c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3257.27108__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 9728 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3257.27114__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 6656 c:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
- 2006-11-02 10:33 . 2009-05-24 21:00 598350 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-05-29 11:16 598350 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-05-24 21:00 101988 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-05-29 11:16 101988 c:\windows\System32\perfc009.dat
+ 2008-12-01 16:45 . 2008-12-01 16:45 262144 c:\windows\System32\Oemdspif.dll
+ 2008-12-01 16:45 . 2008-12-01 16:45 262144 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\Oemdspif.dll
+ 2008-12-01 16:46 . 2008-12-01 16:46 159744 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atitmmxx.dll
+ 2008-12-01 16:45 . 2008-12-01 16:45 331776 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atipdlxx.dll
+ 2008-10-30 10:45 . 2008-10-30 10:45 180720 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atiicdxx.dat
+ 2008-12-01 16:47 . 2008-12-01 16:47 425984 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\ATIDEMGX.dll
+ 2008-12-01 16:44 . 2008-12-01 16:44 720896 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\Ati2evxx.exe
+ 2008-12-01 16:45 . 2008-12-01 16:45 274432 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\Ati2evxx.dll
+ 2006-11-02 10:25 . 2006-11-02 07:36 235520 c:\windows\System32\drivers\HdAudio.sys
- 2006-11-02 13:02 . 2009-05-24 18:47 950272 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 13:02 . 2009-05-28 00:16 950272 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-12-01 16:46 . 2008-12-01 16:46 159744 c:\windows\System32\atitmmxx.dll
+ 2008-12-01 16:45 . 2008-12-01 16:45 331776 c:\windows\System32\atipdlxx.dll
+ 2008-10-30 10:45 . 2008-10-30 10:45 180720 c:\windows\System32\atiicdxx.dat
+ 2008-12-01 16:47 . 2008-12-01 16:47 425984 c:\windows\System32\ATIDEMGX.dll
+ 2008-12-01 16:44 . 2008-12-01 16:44 720896 c:\windows\System32\Ati2evxx.exe
+ 2008-12-01 16:45 . 2008-12-01 16:45 274432 c:\windows\System32\Ati2evxx.dll
+ 2009-05-25 17:30 . 2009-05-25 17:30 106496 c:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3257.27085__90ba9c70f846762e\MOM.Implementation.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 131072 c:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 393216 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3257.27008__90ba9c70f846762e\CLI.Component.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 532480 c:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3257.27080__90ba9c70f846762e\CLI.Component.Systemtray.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 122880 c:\windows\assembly\GAC_MSIL\CLI.Component.PowerXpressHybrid\2.0.3257.27115__90ba9c70f846762e\CLI.Component.PowerXpressHybrid.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 278528 c:\windows\assembly\GAC_MSIL\CLI.Component.Launchpad\2.0.3257.27106__90ba9c70f846762e\CLI.Component.Launchpad.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 806912 c:\windows\assembly\GAC_MSIL\CLI.Component.Eeu\2.0.3257.27066__90ba9c70f846762e\CLI.Component.Eeu.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 184320 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager\2.0.3257.27028__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 147456 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager\2.0.3257.27027__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 278528 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3257.26996__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 106496 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard\2.0.3257.27111__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 135168 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3257.27093__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 106496 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3257.27012__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 167936 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard\2.0.3257.27048__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 466944 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3257.27092__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 286720 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3257.27021__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 344064 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3257.27056__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 172032 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3257.27105__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 147456 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3257.27091__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 147456 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3257.27098__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 172032 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.3257.27049__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 671744 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3257.27107__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 479232 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Dashboard\2.0.3257.27022__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 151552 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Dashboard\2.0.3257.27111__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 192512 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Dashboard\2.0.3257.27086__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 192512 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Dashboard\2.0.3257.27044__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 188416 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Dashboard\2.0.3257.27040__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 282624 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3257.27114__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 405504 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3257.27065__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 811008 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3257.27039__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 258048 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3257.27113__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 245760 c:\windows\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard\2.0.3257.27021__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 204800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3257.27013__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 225280 c:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3257.27013__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 307200 c:\windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3257.27115__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 192512 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3257.27109__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 122880 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3257.27048__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 716800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3257.27004__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 589824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3257.27014__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 364544 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3257.27076__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 798720 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3257.27072__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 286720 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared\2.0.3257.27029__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 307200 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3257.27018__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 401408 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3257.27049__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 450560 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3257.27033__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 692224 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3257.27061__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 675840 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3257.27051__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 438272 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3257.27038__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 208896 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3257.27113__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 262144 c:\windows\assembly\GAC_MSIL\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard\1.2.2600.29179__90ba9c70f846762e\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 360448 c:\windows\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 225280 c:\windows\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 143360 c:\windows\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 212992 c:\windows\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 135168 c:\windows\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
+ 2006-11-02 10:22 . 2009-05-25 17:21 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2006-11-02 10:22 . 2009-05-16 20:49 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-12-01 16:09 . 2008-12-01 16:09 4754432 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atiumdva.dll
+ 2008-12-01 16:08 . 2008-12-01 16:08 3107788 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atiumdva.dat
+ 2008-12-01 16:29 . 2008-12-01 16:29 4033536 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atiumdag.dll
+ 2008-12-01 18:14 . 2008-12-01 18:14 4179968 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atikmdag.sys
+ 2008-12-01 16:35 . 2008-12-01 16:35 2340352 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atidxx32.dll
+ 2008-12-01 15:53 . 2008-12-01 15:53 3256320 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\amdcaldd.dll
+ 2008-12-01 18:14 . 2008-12-01 18:14 4179968 c:\windows\System32\drivers\atikmdag.sys
+ 2008-12-01 16:09 . 2008-12-01 16:09 4754432 c:\windows\System32\atiumdva.dll
+ 2008-12-01 16:08 . 2008-12-01 16:08 3107788 c:\windows\System32\atiumdva.dat
+ 2008-12-01 16:29 . 2008-12-01 16:29 4033536 c:\windows\System32\atiumdag.dll
+ 2008-12-01 16:35 . 2008-12-01 16:35 2340352 c:\windows\System32\atidxx32.dll
+ 2008-12-01 15:53 . 2008-12-01 15:53 3256320 c:\windows\System32\amdcaldd.dll
+ 2009-05-25 17:30 . 2009-05-25 17:30 1073152 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3257.27000__90ba9c70f846762e\CLI.Component.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 1036288 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3257.27024__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.DLL
+ 2009-05-25 17:30 . 2009-05-25 17:30 1691648 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3257.27012__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL
+ 2008-12-01 16:17 . 2008-12-01 16:17 10981376 c:\windows\System32\DriverStore\FileRepository\cl_72277.inf_5d4c5919\B_72960\atioglxx.dll
+ 2008-12-01 16:17 . 2008-12-01 16:17 10981376 c:\windows\System32\atioglxx.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2009-04-10 5827520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-13 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-26 185896]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-16 516440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2008-09-10 604704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-533328592-1579584615-2223412665-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A859A10B-1869-484F-AA90-048B9610DED9}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{EA97E650-B2B3-4120-B359-DF0F79D20A23}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{0E419A2A-8A34-4D95-BE79-45D9465B3952}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{8CE29FA1-2F55-4BFA-B843-BCD904B19723}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"{1F90BA1B-F115-407D-816D-A6D4DD8D4A21}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{EAF200E9-9659-4AEF-A6CE-F62E0ED0ABB4}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{2D3836A8-B168-4720-B8EB-4A12E8720B2B}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{E87F1D31-F44B-41F2-8DA0-8EDBDF474CC2}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{ECE1105C-FB43-4BC4-B623-C5EF359096F4}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{404EA5EC-E377-464C-9160-BE1FE9B7610B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{68006F29-A7C0-4FC0-BF3F-DFE41B5F768E}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{668F9B5C-C511-444E-9EA5-A4E892743543}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{350559F1-64C6-424F-ACBE-99DA2A71E89E}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{60AC9CBF-1905-4B54-8FE1-A50463F28793}c:\\windows\\system32\\sys32dll.exe"= UDP:c:\windows\system32\sys32dll.exe:SYS32DLL
"UDP Query User{F0BE6133-90C3-42BB-B2A4-25D41DC3B8CD}c:\\windows\\system32\\sys32dll.exe"= TCP:c:\windows\system32\sys32dll.exe:SYS32DLL

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [5/16/2009 4:44 PM 64160]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [4/28/2009 12:44 AM 1153368]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 3:06 PM 953168]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E555}]
f:\windows updates and progs\Lateset Clone and any dvd\AnyDVD Leftover Killer v1.5\AnyDVD Leftover Killer 1.5.exe -M
.
Contents of the 'Scheduled Tasks' folder

2009-05-25 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 20:44]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\themantheman\AppData\Roaming\Mozilla\Firefox\Profiles\8jx2t8hw.default\
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-30 15:01
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\users\themantheman\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2009-05-30 15:03
ComboFix-quarantined-files.txt 2009-05-30 19:03
ComboFix2.txt 2009-05-24 21:39

Pre-Run: 11,005,980,672 bytes free
Post-Run: 11,048,923,136 bytes free

547 --- E O F --- 2009-05-16 07:00

TheBruce1 · Jun 3, 2009

Hello again

ComboFix 09-05-30.03 - themantheman 05/30/2009 14:58.2 - NTFSx86

This is an old copy of Combofix, please delete your current copy and download the current version from one of the links below.

Link 1
Link 2
Link 3

ComboFix2.txt 2009-05-24 21:39

Any particular reason as to why you have had Combofix on your system since the 24 of May?

As stated by the tools author:

ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.

http://www.techsupportforum.com/f50...-posting-for-malware-removal-help-305963.html

Please Do Not run Combofix unless your are advised to do so by a trained analyst.

========

P2P

P2P - I see you have P2P software (µTorrent) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

References for the risk of these programs are Here,
Here and Here.

=========

Click Start> Control Panel>Programs>Program and Features and uninstall the following programs:

Viewpoint Media Player<---Viewpoint is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546

Additional Information Here

=========

Open notepad and copy/paste the text in the quotebox below into it:

Code:

File::
c:\windows\system32\b67d4.exe
c:\windows\9g2234wesdf3dfgjf23
c:\users\themantheman\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt

DirLook::
c:\windows\system32\796525

DDS::
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>

Firefox::
FF - ProfilePath - c:\users\themantheman~1\appdata\roaming\mozilla\firefox\profiles\8jx2t8hw.default\

Registry::
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 0
"NoActiveDesktopChanges"= 0
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{60AC9CBF-1905-4B54-8FE1-A50463F28793}c:\\windows\\system32\\sys32dll.exe"=-
"UDP Query User{F0BE6133-90C3-42BB-B2A4-25D41DC3B8CD}c:\\windows\\system32\\sys32dll.exe"=-

Save this as CFscript

Refering to the picture above, drag CFscript into ComboFix.exe

Follow the prompts, and post the resulting log, C:\ComboFix.txt

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Warning:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

=========

Download ATF-Cleaner by Atribune to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you have Firefox installed:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you have Opera installed:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.

========

Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

Click Run at the Security prompt.
The program will then begin downloading and installing and will also update the database.
Please be patient as this can take several minutes.
Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Click View scan report at the bottom.
Click the Save Report As... button.
Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

This animation will guide you through the process:

To optimize scanning time and produce a more sensible report for review:

Close any open programs.
Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.

=========
Logs Required
C:\Combofix.txt
Kaspersky Scan Report

An update on how your system is running.

themantheman · Jun 5, 2009

I attached the combo fix file, but it wouldn't let me run the Kaspersky Online Scanner. kept telling me the program failed to start and to go online.

ComboFix 09-06-04.06 - themantheman 06/04/2009 21:58.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2303.1304 [GMT -4:00]
Running from: c:\users\themantheman\Desktop\ComboFix.exe
Command switches used :: c:\users\themantheman\Desktop\CFscript.txt
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\users\themantheman\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt"
"c:\windows\9g2234wesdf3dfgjf23"
"c:\windows\system32\b67d4.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\9g2234wesdf3dfgjf23
c:\windows\system32\b67d4.exe
c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

.
((((((((((((((((((((((((( Files Created from 2009-05-05 to 2009-06-05 )))))))))))))))))))))))))))))))
.

2009-06-05 02:01 . 2009-06-05 02:01 -------- d-----w- c:\users\themantheman\AppData\Local\temp
2009-06-05 02:01 . 2009-06-05 02:01 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2009-06-03 17:43 . 2009-06-03 17:43 390664 ----a-w- c:\users\themantheman\AppData\Roaming\Real\RealPlayer\Update\RealPlayer11.exe
2009-06-02 23:45 . 2009-06-02 23:45 -------- d-----w- c:\programdata\Trend Micro
2009-06-02 23:44 . 2009-06-02 23:46 -------- d-----w- c:\program files\Trend Micro
2009-06-02 23:39 . 2009-06-02 23:39 80400 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-06-02 23:39 . 2009-06-02 23:39 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-06-02 23:39 . 2009-06-02 23:39 205328 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-06-02 23:39 . 2009-06-02 23:39 1195512 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-06-02 23:39 . 2009-04-02 23:08 50192 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-06-02 23:39 . 2009-04-02 23:08 50192 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-06-02 23:39 . 2009-04-02 23:08 153104 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-05-25 17:53 . 2009-05-25 17:53 -------- d-----w- c:\program files\ffdshow
2009-05-25 17:50 . 2009-05-25 17:50 593938 ----a-w- c:\windows\system32\x264vfw.dll
2009-05-25 17:50 . 2009-05-25 17:50 -------- d-----w- c:\program files\x264
2009-05-25 17:30 . 2009-05-25 17:30 -------- d-----w- c:\users\themantheman\AppData\Roaming\ATI
2009-05-25 17:30 . 2009-05-25 17:30 -------- d-----w- c:\users\themantheman\AppData\Local\ATI
2009-05-25 17:30 . 2009-05-25 17:30 -------- d-----w- c:\programdata\ATI
2009-05-25 17:29 . 2009-05-25 17:29 9158 ----a-r- c:\users\themantheman\AppData\Roaming\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2009-05-25 17:29 . 2009-05-25 17:29 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-05-25 17:28 . 2009-05-25 17:28 10134 ----a-r- c:\users\themantheman\AppData\Roaming\Microsoft\Installer\{FC5A7E9B-2CAC-6261-7F34-817C6547ABF3}\ARPPRODUCTICON.exe
2009-05-25 17:28 . 2009-05-25 17:30 -------- d-----w- c:\program files\ATI Technologies
2009-05-25 17:24 . 2009-05-25 17:24 0 ----a-w- c:\windows\ativpsrm.bin
2009-05-25 17:19 . 2009-05-25 17:27 -------- d-----w- c:\program files\ATI
2009-05-25 17:18 . 2009-05-25 17:18 -------- d-----w- C:\Diamond
2009-05-24 18:49 . 2009-05-24 18:50 14113448 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Scanners\launch.exe
2009-05-24 18:44 . 2009-05-24 18:44 -------- d-----w- c:\users\themantheman\DoctorWeb
2009-05-22 18:01 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-05-22 18:01 . 2008-12-07 18:08 795648 ----a-w- c:\windows\system32\xvidcore.dll
2009-05-22 18:01 . 2008-12-07 18:08 130048 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-22 18:01 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-05-22 18:01 . 2008-12-11 00:33 86016 ----a-w- c:\windows\system32\dpl100.dll
2009-05-22 18:01 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-05-22 18:01 . 2008-11-06 16:33 684032 ----a-w- c:\windows\system32\divx.dll
2009-05-22 18:01 . 2006-08-16 16:00 6144 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-22 18:01 . 2009-05-22 18:01 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-22 17:56 . 2009-05-22 17:56 -------- d-----w- c:\program files\GustoSoft
2009-05-21 22:04 . 2009-05-21 22:04 -------- d-----w- c:\users\themantheman\AppData\Local\Adobe
2009-05-21 22:04 . 2009-05-21 22:04 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-05-21 22:02 . 2009-05-21 22:03 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-18 00:48 . 2009-05-18 00:48 -------- d-----w- c:\program files\Common Files\NSV
2009-05-16 20:48 . 2009-05-16 20:44 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-16 20:44 . 2009-05-16 20:44 -------- dc----w- c:\windows\system32\DRVSTORE
2009-05-16 20:44 . 2009-05-16 20:44 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-05-16 20:44 . 2009-05-16 20:44 64160 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-05-16 20:41 . 2009-05-16 20:41 -------- dc-h--w- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-16 20:41 . 2009-03-12 08:17 2902048 -c--a-w- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-05-16 20:41 . 2009-05-16 20:41 -------- d-----w- c:\program files\Lavasoft
2009-05-16 01:50 . 2009-05-16 20:41 -------- d-----w- c:\programdata\Lavasoft
2009-05-15 14:38 . 2009-05-16 20:48 -------- d-----w- c:\windows\system32\796525

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-02 23:42 . 2009-04-28 04:44 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-02 23:40 . 2009-04-28 04:44 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-05-28 00:13 . 2009-04-13 04:08 680 ----a-w- c:\users\themantheman\AppData\Local\d3d9caps.dat
2009-05-24 17:21 . 2009-04-13 00:41 99864 ----a-w- c:\users\themantheman\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-16 20:49 . 2009-04-18 19:00 -------- d-----w- c:\users\themantheman\AppData\Roaming\uTorrent
2009-05-14 07:01 . 2009-04-25 01:39 -------- d-----w- c:\programdata\Microsoft Help
2009-05-03 03:47 . 2009-05-03 03:47 -------- d-----w- c:\program files\Microsoft Silverlight
2009-04-27 13:12 . 2009-04-13 04:55 -------- d-----w- c:\programdata\Yahoo! Companion
2009-04-27 13:12 . 2009-04-27 13:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\Yahoo!
2009-04-26 00:47 . 2009-04-26 00:47 -------- d-----w- c:\program files\Common Files\xing shared
2009-04-26 00:47 . 2009-04-26 00:47 -------- d-----w- c:\program files\Common Files\Real
2009-04-26 00:47 . 2009-04-26 00:47 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-04-26 00:47 . 2009-04-26 00:47 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-04-26 00:47 . 2009-04-26 00:47 -------- d-----w- c:\program files\Real
2009-04-25 01:44 . 2009-04-25 01:44 -------- d-----w- c:\program files\Microsoft Works
2009-04-25 01:43 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-04-25 01:42 . 2009-04-25 01:42 -------- d-----w- c:\program files\Microsoft.NET
2009-04-25 01:40 . 2009-04-25 01:40 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-04-25 01:36 . 2009-04-25 01:36 -------- d-----w- c:\program files\Elaborate Bytes
2009-04-25 01:35 . 2009-04-25 01:35 -------- d-----w- c:\programdata\SlySoft
2009-04-25 01:35 . 2009-04-25 01:35 -------- d-----w- c:\program files\SlySoft
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-04-25 01:24 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-04-25 01:24 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-04-25 01:23 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-04-24 21:15 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-04-24 21:15 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-04-18 19:00 . 2009-04-18 19:00 -------- d-----w- c:\program files\uTorrent
2009-04-16 10:04 . 2009-04-16 10:04 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-04-16 10:04 . 2009-04-16 10:04 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2009-04-16 10:04 . 2009-04-16 10:04 38912 ----a-w- c:\windows\system32\xolehlp.dll
2009-04-16 10:01 . 2009-04-16 10:01 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-16 10:01 . 2009-04-16 10:01 72704 ----a-w- c:\windows\system32\admparse.dll
2009-04-16 10:00 . 2009-04-16 10:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-16 10:00 . 2009-04-16 10:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-04-16 10:00 . 2009-04-16 10:00 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-14 10:03 . 2009-04-14 10:03 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-04-14 10:03 . 2009-04-14 10:03 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-04-14 10:03 . 2009-04-14 10:03 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-04-14 10:03 . 2009-04-14 10:03 272896 ----a-w- c:\windows\system32\polstore.dll
2009-04-14 10:03 . 2009-04-14 10:03 269312 ----a-w- c:\windows\system32\es.dll
2009-04-13 23:55 . 2009-04-13 23:55 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-04-13 23:55 . 2009-04-13 23:55 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-04-13 23:55 . 2009-04-13 23:55 43544 ----a-w- c:\windows\system32\wups2.dll
2009-04-13 23:55 . 2009-04-13 23:55 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-04-13 14:17 . 2009-04-13 14:17 296960 ----a-w- c:\windows\system32\gdi32.dll
2009-04-13 14:16 . 2009-04-13 14:16 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-13 14:16 . 2009-04-13 14:16 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-04-13 14:16 . 2009-04-13 14:16 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-04-13 14:16 . 2009-04-13 14:16 1695744 ----a-w- c:\windows\system32\gameux.dll
2009-04-13 14:15 . 2009-04-13 14:15 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-04-13 14:15 . 2009-04-13 14:15 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-04-13 14:15 . 2009-04-13 14:15 1191936 ----a-w- c:\windows\system32\msxml3.dll
2009-04-13 14:13 . 2009-04-13 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2009-04-13 14:11 . 2009-04-13 14:11 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-13 14:11 . 2009-04-13 14:11 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-04-13 14:11 . 2009-04-13 14:11 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-04-13 14:08 . 2009-04-13 14:08 2927104 ----a-w- c:\windows\explorer.exe
2009-04-13 14:04 . 2009-04-13 14:04 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-04-13 14:04 . 2009-04-13 14:04 988216 ----a-w- c:\windows\system32\winload.exe
2009-04-13 14:04 . 2009-04-13 14:04 927288 ----a-w- c:\windows\system32\winresume.exe
2009-04-13 14:04 . 2009-04-13 14:04 40960 ----a-w- c:\windows\system32\srclient.dll
2009-04-13 14:04 . 2009-04-13 14:04 378368 ----a-w- c:\windows\system32\srcore.dll
2009-04-13 14:04 . 2009-04-13 14:04 318464 ----a-w- c:\windows\system32\rstrui.exe
2009-04-13 14:04 . 2009-04-13 14:04 615992 ----a-w- c:\windows\system32\ci.dll
2009-04-13 14:04 . 2009-04-13 14:04 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2009-04-13 14:04 . 2009-04-13 14:04 19000 ----a-w- c:\windows\system32\kd1394.dll
2009-04-13 14:04 . 2009-04-13 14:04 14848 ----a-w- c:\windows\system32\srdelayed.exe
2009-04-13 14:02 . 2009-04-13 14:02 443392 ----a-w- c:\windows\system32\win32spl.dll
2009-04-13 14:02 . 2009-04-13 14:02 37888 ----a-w- c:\windows\system32\printcom.dll
2009-04-13 14:02 . 2009-04-13 14:02 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-04-13 14:02 . 2009-04-13 14:02 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-13 14:01 . 2009-04-13 14:01 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-13 14:01 . 2009-04-13 14:01 268288 ----a-w- c:\windows\system32\schannel.dll
2009-04-13 14:00 . 2009-04-13 14:00 98816 ----a-w- c:\windows\system32\mfps.dll
2009-04-13 14:00 . 2009-04-13 14:00 2868736 ----a-w- c:\windows\system32\mf.dll
2009-04-13 14:00 . 2009-04-13 14:00 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-04-13 14:00 . 2009-04-13 14:00 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-04-13 14:00 . 2009-04-13 14:00 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-13 14:00 . 2009-04-13 14:00 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-04-13 14:00 . 2009-04-13 14:00 94720 ----a-w- c:\windows\system32\logagent.exe
2009-04-13 13:59 . 2009-04-13 13:59 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-04-13 13:59 . 2009-04-13 13:59 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-04-13 13:58 . 2009-04-13 13:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-04-13 13:58 . 2009-04-13 13:58 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-04-13 13:57 . 2009-04-13 13:57 1334272 ----a-w- c:\windows\system32\msxml6.dll
2009-04-13 13:57 . 2009-04-13 13:57 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-04-13 13:55 . 2009-04-13 13:55 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-04-13 13:55 . 2009-04-13 13:55 34328 ----a-w- c:\windows\system32\wups.dll
2009-04-13 13:55 . 2009-04-13 13:55 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-04-13 10:02 . 2009-04-13 10:02 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-04-13 10:02 . 2009-04-13 10:02 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-04-13 05:49 . 2009-04-13 05:49 -------- d-----w- c:\program files\Microsoft
2009-04-13 05:49 . 2009-04-13 05:48 -------- d-----w- c:\program files\Windows Live
2009-04-13 05:48 . 2009-04-13 05:48 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-04-13 05:47 . 2009-04-13 05:47 -------- d-----w- c:\program files\Common Files\Windows Live
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\system32\796525 ----

((((((((((((((((((((((((((((( SnapShot_2009-05-30_19.01.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-13 00:50 . 2009-06-03 00:53 27412 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-06-03 00:53 46082 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2006-11-02 13:02 . 2009-05-28 00:16 98304 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2009-06-03 00:50 98304 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-06-02 23:39 . 2009-06-02 23:39 24576 c:\windows\Installer\nlsdl.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 57856 c:\windows\Installer\mfcm80u.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 69632 c:\windows\Installer\mfcm80.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 96256 c:\windows\Installer\atl80.dll
- 2006-11-02 10:25 . 2009-05-25 17:28 86016 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2009-06-02 23:48 86016 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2009-06-02 23:47 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-25 17:24 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-25 17:28 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2009-06-02 23:48 51200 c:\windows\inf\infpub.dat
+ 2009-04-13 00:50 . 2009-06-03 00:53 6670 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-533328592-1579584615-2223412665-1000_UserData.bin
+ 2009-06-03 00:50 . 2009-06-03 00:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-05-28 00:16 . 2009-05-28 00:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-05-28 00:16 . 2009-05-28 00:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-06-03 00:50 . 2009-06-03 00:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2009-06-03 00:57 598350 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-05-29 11:16 598350 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-06-03 00:57 101988 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-05-29 11:16 101988 c:\windows\System32\perfc009.dat
+ 2006-11-02 13:02 . 2009-06-03 00:50 950272 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 13:02 . 2009-05-28 00:16 950272 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-06-02 23:39 . 2009-06-02 23:39 126208 c:\windows\Installer\TmDbg32.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 626688 c:\windows\Installer\msvcr80.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 548864 c:\windows\Installer\msvcp80.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 479232 c:\windows\Installer\msvcm80.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 159168 c:\windows\Installer\libexpat.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 1093120 c:\windows\Installer\mfc80u.dll
+ 2009-06-02 23:39 . 2009-06-02 23:39 1101824 c:\windows\Installer\mfc80.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2009-04-10 5827520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-13 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-26 185896]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-30 518488]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-04-01 995528]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2008-09-10 604704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-533328592-1579584615-2223412665-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A859A10B-1869-484F-AA90-048B9610DED9}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{EA97E650-B2B3-4120-B359-DF0F79D20A23}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{0E419A2A-8A34-4D95-BE79-45D9465B3952}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{8CE29FA1-2F55-4BFA-B843-BCD904B19723}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"{1F90BA1B-F115-407D-816D-A6D4DD8D4A21}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{EAF200E9-9659-4AEF-A6CE-F62E0ED0ABB4}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{2D3836A8-B168-4720-B8EB-4A12E8720B2B}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{E87F1D31-F44B-41F2-8DA0-8EDBDF474CC2}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{ECE1105C-FB43-4BC4-B623-C5EF359096F4}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{404EA5EC-E377-464C-9160-BE1FE9B7610B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{68006F29-A7C0-4FC0-BF3F-DFE41B5F768E}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{668F9B5C-C511-444E-9EA5-A4E892743543}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{350559F1-64C6-424F-ACBE-99DA2A71E89E}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [5/16/2009 4:44 PM 64160]
R2 tmpreflt;tmpreflt;c:\windows\System32\drivers\tmpreflt.sys [6/2/2009 7:39 PM 36368]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 3:06 PM 1005904]
S2 tmevtmgr;tmevtmgr;c:\windows\System32\drivers\tmevtmgr.sys [6/2/2009 7:39 PM 50192]
S2 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [6/2/2009 7:48 PM 677128]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E888}]
f:\windows updates and progs\Lateset Clone and any dvd\AnyDVD Leftover Killer v1.5\AnyDVD Leftover Killer 1.5.exe -M
.
Contents of the 'Scheduled Tasks' folder

2009-06-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 20:44]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\themantheman\AppData\Roaming\Mozilla\Firefox\Profiles\8jx2t8hw.default\
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-04 22:01
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-06-05 22:03
ComboFix-quarantined-files.txt 2009-06-05 02:03
ComboFix2.txt 2009-06-03 21:11
ComboFix3.txt 2009-05-24 21:39

Pre-Run: 11,327,262,720 bytes free
Post-Run: 11,208,601,600 bytes free

298 --- E O F --- 2009-05-16 07:00

TheBruce1 · Jun 5, 2009

Hi

Make sure Trend Micro is disabled as it could interfere, give it another go and if no luck we`ll try this one instead.

Go here to run an online scannner from ESET.

Note: You will need to use Internet explorer for this scan
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic and also let me know how things are now.

Also did you uninstall uTorrent as there are some entries that need removing.

Post the log.txt(or Kaspersky report) along with the answer to the above question in your reply.

TheBruce1 · Jun 10, 2009

Do you still require assistance? If there is no reply to this post within 48hrs this thread will be closed.

TheBruce1 · Jun 12, 2009

Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

http://www.techsupportforum.com/f50...-posting-for-malware-removal-help-305963.html

virus...malware help

themantheman

Registered

Attachments

themantheman

Registered

themantheman

Registered

TheBruce1

Registered

TheBruce1

Registered

themantheman

Registered

Attachments

TheBruce1

Registered

themantheman

Registered

TheBruce1

Registered

themantheman

Registered

TheBruce1

Registered

TheBruce1

Registered

TheBruce1

Registered