Jump to content

search protect/conduit discovered on machine


Recommended Posts

Hello,

 

I have a computer here with browser redirects and and all sorts of funny behavior. Search Protect/Conduit was found in the startup processes among many other odd things. Any help you can provide will be greatly appreciated. Your work is always appreciated!

 

Thank you for your time.

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16483
Run by esther at 12:48:32 on 2007-01-06
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2036.707 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Outdated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Outdated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\MyPC Backup\BackupStack.exe
C:\Program Files\SearchProtect\bin\CltMngSvc.exe
C:\PROGRA~1\COUPON~2\bar\1.bin\5zbarsvc.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe
C:\PROGRA~1\RADIOP~2\bar\1.bin\4ebarsvc.exe
C:\PROGRA~1\TELEVI~2\bar\1.bin\64barsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\RadioPI_4e\bar\1.bin\4ebrmon.exe
C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe
C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbrmon.exe
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
C:\Windows\ehome\ehtray.exe
C:\Users\esther\AppData\Roaming\comsrvr.exe
C:\Users\esther\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\MyPC Backup\MyPC Backup.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\esther\Downloads\mseinstall.exe
c:\cd58917cc79bda3113aaa00c1aea\epplauncher.exe
c:\cd58917cc79bda3113aaa00c1aea\x86\Setup.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\msiexec.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\igfxsrvc.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uProxyOverride = localhost
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} - c:\program files\mywebsearch\bar\3.bin\MWSSRCAS.DLL
uURLSearchHooks: <No Name>: {8bc67b0f-a721-45e0-a0b6-db0121b0aade} - c:\program files\radiopi_4e\bar\1.bin\4eSrcAs.dll
uURLSearchHooks: <No Name>: {0696f815-a3a9-490a-bb14-9ec3350b1276} - c:\program files\televisionfanatic\bar\1.bin\64SrcAs.dll
uURLSearchHooks: {cce665dd-f6dd-4808-968e-eaec971f70ef} - <orphaned>
uURLSearchHooks: <No Name>: {9b138bf3-1d40-4e7e-84bb-2975198ad938} - c:\program files\couponxplorer_5z\bar\1.bin\5zSrcAs.dll
uURLSearchHooks: Produtools Manuals 2.1 B2 Toolbar: {589d7cff-0173-47a9-966a-9afae3e5c249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
mURLSearchHooks: Produtools Manuals 2.1 B2 Toolbar: {589d7cff-0173-47a9-966a-9afae3e5c249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
BHO: MyWebSearch Search Assistant BHO: {00A6FAF1-072E-44cf-8957-5838F569A31D} - c:\program files\mywebsearch\bar\3.bin\MWSSRCAS.DLL
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Toolbar BHO: {0297a026-3011-46d3-ad62-bb9a7612aea7} - c:\program files\couponxplorer_5z\bar\1.bin\5zbar.dll
BHO: mwsBar BHO: {07B18EA1-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\3.bin\MWSBAR.DLL
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Toolbar BHO: {35fd2bab-ab2b-494f-b5bf-8755ec043784} - c:\program files\radiopi_4e\bar\1.bin\4ebar.dll
BHO: Search Assistant BHO: {4adc9c1b-9c50-4c2d-a471-5c06d8de7e80} - c:\program files\radiopi_4e\bar\1.bin\4eSrcAs.dll
BHO: Produtools Manuals 2.1 B2 Toolbar: {589d7cff-0173-47a9-966a-9afae3e5c249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - c:\program files\televisionfanatic\bar\1.bin\64SrcAs.dll
BHO: Search Assistant BHO: {7d69ed06-0171-4379-9528-08df51092727} - c:\program files\couponxplorer_5z\bar\1.bin\5zSrcAs.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Produtools Manuals 2.1 B2 Toolbar: {589D7CFF-0173-47A9-966A-9AFAE3E5C249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
TB: RadioPI: {92926B63-5116-4C6F-A33E-378767B8D15F} - c:\program files\radiopi_4e\bar\1.bin\4ebar.dll
TB: TelevisionFanatic: {C98D5B61-B0EA-4D48-9839-1079D352D880} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\3.bin\MWSBAR.DLL
TB: RadioPI: {92926b63-5116-4c6f-a33e-378767b8d15f} - c:\program files\radiopi_4e\bar\1.bin\4ebar.dll
TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: CouponXplorer: {65c72339-fb1d-4155-84e1-9afacee02d6f} - c:\program files\couponxplorer_5z\bar\1.bin\5zbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Produtools Manuals 2.1 B2 Toolbar: {589d7cff-0173-47a9-966a-9afae3e5c249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [COMServer] "c:\users\esther\appdata\roaming\comsrvr.exe" a
uRun: [searchProtect] c:\users\esther\appdata\roaming\searchprotect\bin\cltmng.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_7_700_202_ActiveX.exe -update activex
uRunOnce: [Microsoft Security Client] c:\program files\microsoft security client\msseces.exe /UpdateAndQuickScan /OpenWebPageOnClose
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\3.bin\mwsoemon.exe
mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\3.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [RadioPI_4e Browser Plugin Loader] c:\progra~1\radiop~2\bar\1.bin\4ebrmon.exe
mRun: [TelevisionFanatic Search Scope Monitor] "c:\progra~1\televi~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
mRun: [TelevisionFanatic Browser Plugin Loader] c:\progra~1\televi~2\bar\1.bin\64brmon.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [CouponXplorer Search Scope Monitor] "c:\progra~1\coupon~2\bar\1.bin\5zsrchmn.exe" /m=2 /w /h
mRun: [CouponXplorer_5z Browser Plugin Loader] c:\progra~1\coupon~2\bar\1.bin\5zbrmon.exe
mRun: [searchProtectAll] c:\program files\searchprotect\bin\cltmng.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\esther\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 74.5.116.246 205.244.194.36
TCP: Interfaces\{045F92B2-8D4D-4A86-A046-02270758B5B8} : DHCPNameServer = 74.5.116.246 205.244.194.36
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2013-5-31 32808]
R2 CltMngSvc;Search Protect by Conduit Updater;c:\program files\searchprotect\bin\CltMngSvc.exe [2013-5-8 97056]
R2 CouponXplorer_5zService;CouponXplorerService;c:\progra~1\coupon~2\bar\1.bin\5zbarsvc.exe [2012-8-20 42504]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-2 21504]
R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\3.bin\mwssvc.exe [2011-3-22 28762]
R2 RadioPI_4eService;RadioPI Service;c:\progra~1\radiop~2\bar\1.bin\4ebarsvc.exe [2011-9-7 34864]
R2 TelevisionFanaticService;TelevisionFanaticService;c:\progra~1\televi~2\bar\1.bin\64barsvc.exe [2012-3-9 42504]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2006-11-2 987648]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2006-11-2 251904]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
S3 ssmirrdr;ssmirrdr;c:\windows\system32\drivers\ssmirrdr.sys [2013-4-30 10112]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-06-06 16:35:35 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{298c5cc9-7f68-4536-bc75-5756f13747d8}\offreg.dll
2013-06-06 16:18:23 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{298c5cc9-7f68-4536-bc75-5756f13747d8}\mpengine.dll
2013-06-03 17:18:37 -------- d-----w- c:\program files\MyPC Backup
2013-06-03 17:17:43 -------- d-----w- c:\program files\PC HealthBoost
2013-06-03 17:17:07 -------- d-----w- c:\programdata\PCHealthBoost
2013-05-19 19:42:06 -------- d-----w- c:\users\esther\appdata\roaming\supportdotcom
2013-05-19 19:41:57 -------- d-----w- c:\program files\common files\supportdotcom
2013-05-19 14:34:57 770384 ----a-w- c:\windows\system32\msvcr100.dll
2013-05-19 14:34:57 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-05-19 14:34:57 -------- d-----w- c:\program files\SearchProtect
2013-05-19 14:34:56 -------- d-----w- c:\users\esther\appdata\roaming\SearchProtect
2013-05-19 14:34:45 -------- d-----w- c:\program files\Produtools_Manuals_2.1_B2
2013-05-15 12:44:25 16948616 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-15 07:09:55 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 00:01:02 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 00:01:02 37376 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 00:00:55 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-05-10 07:57:26 187456 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-04-30 06:18:22 28032 ----a-w- c:\windows\system32\ssmirrdr.dll
2013-04-30 06:18:22 10112 ----a-w- c:\windows\system32\drivers\ssmirrdr.sys
2013-04-15 20:54:36 -------- d-----w- c:\users\esther\appdata\roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-04-10 07:02:23 64000 ----a-w- c:\windows\system32\smss.exe
2013-04-10 07:02:23 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 07:02:23 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 07:02:22 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 07:02:21 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 07:02:20 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 07:02:19 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-03-20 10:40:59 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-13 11:13:10 -------- d-----w- c:\users\esther\appdata\local\ZeoBIT_LLC
2013-03-13 11:11:09 -------- d-----w- c:\programdata\ZeoBIT
2013-03-11 18:55:09 -------- d-----w- c:\users\esther\appdata\local\LogMeIn Rescue Applet
2013-02-13 14:23:28 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-13 14:23:27 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-20 20:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 20:59:04 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-09 13:42:19 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 13:42:03 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-05 17:04:37 22016 ----a-w- c:\users\esther\wgsdgsdgdsgsd.exe
2013-01-05 17:04:37 14848 ----a-w- c:\users\esther\appdata\roaming\comsrvr.exe
2012-12-22 08:00:33 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 08:00:33 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 08:04:12 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 08:03:59 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 08:03:59 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 08:03:58 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 08:03:58 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 08:03:58 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 08:03:57 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 08:03:57 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 08:03:56 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 08:03:56 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 08:03:56 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-12 14:03:55 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-12 14:03:55 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 09:41:09 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 09:41:09 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-12 09:41:07 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-12 09:41:04 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-14 04:08:01 75776 ----a-w- c:\windows\system32\synceng.dll
2012-10-10 10:31:30 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 10:31:30 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 10:31:30 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 10:31:27 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-20 15:50:56 -------- d-----w- c:\program files\CouponXplorer_5z
2012-08-15 07:26:22 623616 ----a-w- c:\windows\system32\localspl.dll
2012-07-10 20:15:06 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-07-10 20:15:04 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-07-10 20:14:25 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-10 20:14:24 278528 ----a-w- c:\windows\system32\schannel.dll
2012-07-01 13:16:14 -------- d-----w- c:\users\esther\appdata\local\Facebook
2012-06-22 04:04:20 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 04:03:46 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 04:03:08 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 04:03:08 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-17 17:08:47 -------- d-----w- c:\program files\Conduit
2012-06-17 17:08:12 -------- d-----w- c:\program files\WhiteSmokeTranslator
2012-06-17 17:07:05 -------- d-----w- c:\users\esther\appdata\local\Conduit
2012-06-17 17:06:39 -------- d-----w- c:\program files\BasicScan
2012-06-17 01:31:50 -------- d-----w- c:\users\esther\appdata\roaming\SpeedMaxPc
2012-06-17 01:31:50 -------- d-----w- c:\users\esther\appdata\roaming\DriverCure
2012-06-17 01:31:36 -------- d-----w- c:\programdata\SpeedMaxPc
2012-06-16 15:34:41 -------- d-----w- c:\users\esther\appdata\local\AVG Secure Search
2012-06-16 15:33:16 -------- d-----w- c:\programdata\AVG Secure Search
2012-06-16 15:33:05 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-06-16 15:33:04 -------- d-----w- c:\program files\AVG Secure Search
2012-06-16 15:29:34 -------- d--h--w- C:\$AVG
2012-06-16 15:29:34 -------- d-----w- c:\programdata\AVG2012
2012-06-16 15:27:03 -------- d-----w- c:\program files\AVG
2012-06-13 06:46:09 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-05-10 23:29:09 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 23:29:07 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-10 23:29:07 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-10 23:29:07 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-10 23:29:07 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-05-10 23:29:07 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-05-10 23:29:07 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-10 23:29:04 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-05-10 23:29:04 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-10 23:29:04 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-10 23:29:04 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-10 23:29:04 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-04-13 07:08:03 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-13 07:08:03 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-13 07:08:03 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 14:45:50 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-03-13 21:38:17 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-09 14:33:27 -------- d-----w- c:\program files\TelevisionFanatic
2012-02-16 18:45:11 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-01 15:34:57 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-02-01 15:34:56 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-02-01 15:34:55 9728 ----a-w- c:\windows\system32\lsass.exe
2012-02-01 15:34:55 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-11 10:40:25 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 10:40:25 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 10:40:24 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 10:40:23 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 10:39:52 497152 ----a-w- c:\windows\system32\qdvd.dll
2011-12-29 20:51:44 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2011-12-29 20:43:23 -------- d--h--w- c:\programdata\Common Files
2011-12-29 20:40:34 -------- d-----w- c:\programdata\MFAData
2011-12-19 19:32:25 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-01 19:05:11 -------- d-----w- c:\users\esther\appdata\local\CrashDumps
2011-11-13 22:32:15 49904 ----a-r- c:\windows\system32\drivers\BVRPMPR5.SYS
2011-11-13 22:08:48 -------- d-----w- C:\Netgear
2011-11-09 21:22:32 707584 ----a-w- c:\program files\common files\system\wab32.dll
2011-10-26 03:53:05 6144 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-10-12 19:00:38 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-12 19:00:38 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-12 19:00:38 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 19:00:38 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 19:00:09 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 19:00:09 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-12 19:00:09 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 19:00:08 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-07 13:34:55 -------- d-----w- c:\program files\RadioPI_4e
2011-09-07 13:34:42 -------- d-----w- c:\program files\RadioPI_4eEI
2011-08-24 19:12:01 749832 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll
2011-08-10 17:00:17 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 05:35:02 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-16 05:34:41 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-16 05:34:37 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 05:34:37 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 05:34:05 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 05:34:03 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 05:34:03 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-05-31 17:02:52 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-31 17:02:52 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-31 17:02:41 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-19 09:47:04 670032 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
2011-04-15 05:35:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-15 05:35:49 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-15 05:35:48 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-04-15 05:35:46 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-15 05:35:44 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-15 05:35:44 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-23 07:41:30 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 07:41:30 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-19 14:26:04 -------- d-----w- c:\users\esther\appdata\local\Real
2011-03-19 14:24:48 -------- d-----w- c:\program files\common files\xing shared
2011-03-19 14:24:31 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-03-19 14:24:31 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-03-09 20:13:13 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 20:13:12 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 20:13:12 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 20:13:10 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-02-24 08:01:17 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-02-24 08:01:04 40448 ----a-w- c:\windows\system32\winrs.exe
2011-02-24 08:01:04 20480 ----a-w- c:\windows\system32\winrshost.exe
2011-02-24 08:01:04 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2011-02-24 08:01:00 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-02-24 08:01:00 10240 ----a-w- c:\windows\system32\winrssrv.dll
2011-02-09 20:53:20 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-17 19:42:00 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-17 19:41:59 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-01-17 19:41:59 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-17 19:41:59 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-17 19:41:59 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-17 19:41:33 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-15 10:06:04 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2010-12-15 10:06:04 515584 ----a-w- c:\program files\windows mail\wab.exe
2010-12-15 10:06:04 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2010-12-15 10:06:01 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-12-15 10:06:01 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-12-15 10:06:01 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-12-15 10:06:01 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-12-15 10:06:01 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-12-15 10:05:59 81920 ----a-w- c:\windows\system32\consent.exe
2010-12-15 10:05:58 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-10-26 18:03:00 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-13 04:15:58 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2010-10-13 04:15:57 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-13 04:15:12 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-13 04:15:10 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-13 04:14:41 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2010-10-13 04:14:41 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-13 04:14:36 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-13 04:14:14 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-13 04:14:14 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-13 04:14:06 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-13 04:14:02 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-13 04:13:57 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-09-15 06:18:28 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 06:18:27 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 06:18:25 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-08-11 18:27:44 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-08-11 18:27:37 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2010-08-11 18:27:35 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2010-08-11 18:27:27 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-08-03 20:08:03 -------- d-----w- c:\program files\Driver-Soft
2010-07-13 12:52:01 -------- d-----w- C:\temp
2010-07-13 12:51:56 86016 ----a-w- c:\windows\unvise32qt.exe
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-07-13 12:51:46 -------- d-----w- c:\windows\system32\QuickTime
2010-07-13 12:51:05 -------- d-----w- c:\windows\system32\BWKDLogs
2010-07-13 12:49:59 -------- d-----w- c:\program files\Kodak
2010-07-13 12:49:59 -------- d-----w- c:\program files\common files\MSSoap
2010-07-13 12:48:44 -------- d-----w- c:\programdata\Kodak
2010-06-25 08:34:09 -------- d-----w- c:\program files\ComcastAccess
2010-06-25 08:32:50 -------- d-----w- c:\users\esther\appdata\roaming\com.comcast.access.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
2010-06-25 08:23:14 -------- d-----w- c:\programdata\com.comcast.access
2010-06-25 08:23:13 -------- d-----w- c:\users\esther\appdata\local\ComcastAccess
2010-06-23 07:00:22 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 07:00:21 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 07:00:21 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 07:00:21 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 07:00:20 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-18 08:02:09 -------- d-----w- c:\program files\support.com
2010-06-18 08:02:08 -------- d-----w- c:\users\esther\appdata\local\SupportSoft
2010-06-18 08:02:02 -------- d-----w- c:\program files\common files\SupportSoft
2010-06-10 17:26:57 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-01 22:19:02 -------- d-----w- c:\program files\Microsoft
2010-06-01 22:18:51 -------- d-----w- c:\program files\MSN Toolbar
2010-06-01 22:16:33 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-25 13:00:46 652296 ----a-w- c:\programdata\microsoft\ehome\packages\sportstemplate\sportstemplatecore\Microsoft.MediaCenter.Sports.UI.dll
2010-05-25 13:00:22 416128 ----a-w- c:\programdata\microsoft\ehome\packages\nettv\browse\NetTVResources.dll
2010-05-18 16:23:28 -------- d-----w- c:\users\esther\appdata\local\OLYMPUS
2010-05-18 16:22:27 -------- d-----w- c:\program files\OLYMPUS
2010-05-18 16:21:19 -------- d-----w- c:\program files\MSXML 4.0
2010-05-12 07:15:56 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2010-05-08 06:23:15 32768 ----a-w- c:\windows\system32\f3PSSavr.scr
2010-05-08 06:23:14 -------- d-----w- c:\program files\MyWebSearch
2010-05-08 06:22:50 -------- d-----w- c:\program files\FunWebProducts
2010-05-05 12:32:52 -------- d-----w- c:\program files\Yahoo!
2010-04-14 08:37:47 62464 ----a-w- c:\windows\system32\l3codeca.acm
2010-04-14 08:37:47 220672 ----a-w- c:\windows\system32\l3codecp.acm
2010-04-14 08:36:42 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-14 08:36:42 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-14 08:36:26 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-06 20:23:46 -------- d-----w- c:\programdata\Trymedia
2010-04-06 20:23:30 -------- d-----w- c:\program files\Supple -- Episode 1
2010-03-18 17:16:28 771424 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2010-03-10 08:01:00 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-10 08:00:46 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-10 08:00:45 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-27 11:50:12 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-27 11:50:12 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-27 11:50:12 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-27 11:50:11 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-27 11:50:11 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-27 11:50:11 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-27 11:50:11 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-27 11:50:11 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-27 11:50:11 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-18 22:51:23 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-02-09 21:43:50 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-02-09 21:43:41 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-09 21:43:41 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-09 21:43:41 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-09 21:43:41 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-09 21:43:41 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-09 21:43:40 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-02-09 21:43:40 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-09 21:43:40 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-01-28 18:04:58 -------- d-----w- c:\programdata\McAfee Security Scan
2010-01-28 18:04:50 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-28 18:04:43 -------- d-----w- c:\users\esther\appdata\local\Adobe
2010-01-02 21:05:37 -------- d-----w- c:\windows\system32\N360_BACKUP
2010-01-01 15:16:08 -------- d-----w- c:\users\esther\appdata\local\Symantec
2009-12-21 11:21:56 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-21 11:06:08 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-21 11:06:06 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-21 11:06:06 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-21 11:05:26 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-12-21 11:05:23 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-12-21 11:05:23 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-12-21 11:05:23 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-12-21 11:05:23 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-12-21 11:05:23 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-12-21 11:05:22 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-12-18 20:42:00 -------- d-----w- c:\windows\system32\vi-VN
2009-12-18 20:42:00 -------- d-----w- c:\windows\system32\eu-ES
2009-12-18 20:42:00 -------- d-----w- c:\windows\system32\ca-ES
2009-12-15 14:37:52 -------- d-----w- c:\windows\system32\EventProviders
2009-12-14 01:11:06 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-12-14 01:11:04 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2009-12-14 01:11:04 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2009-12-14 01:11:02 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2009-12-14 01:11:02 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2009-12-14 01:11:01 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-12-14 01:11:00 1480704 ----a-w- c:\windows\system32\mssrch.dll
2009-12-14 01:09:59 83456 ----a-w- c:\windows\system32\wlgpclnt.dll
2009-12-10 11:05:47 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-12-09 12:31:59 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-07 11:13:13 -------- d-----w- C:\PerfLogs
2009-12-04 02:26:37 265720 ----a-w- c:\program files\internet explorer\msdbg2.dll
2009-12-04 02:26:34 355832 ----a-w- c:\program files\internet explorer\pdm.dll
2009-12-02 14:36:06 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\default\MpEngine.dll
2009-12-02 14:34:59 90680 ----a-w- c:\program files\windows defender\MpOAV.dll
2009-12-02 14:33:59 5261312 ----a-w- c:\program files\common files\microsoft shared\ink\mshwita.dll
2009-12-02 14:32:59 8704 ----a-w- c:\windows\system32\msidle.dll
2009-12-02 14:31:51 35328 ----a-w- c:\windows\system32\mspatcha.dll
2009-12-02 14:31:51 305152 ----a-w- c:\windows\system32\msdelta.dll
2009-12-02 14:31:51 258560 ----a-w- c:\windows\system32\dpx.dll
2009-12-02 11:11:21 -------- d-----w- c:\programdata\Symantec
2009-12-01 22:25:59 -------- d-----w- c:\programdata\Norton
2009-12-01 22:21:54 -------- d-----w- c:\programdata\NortonInstaller
2009-11-28 16:56:21 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-28 16:56:21 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-28 16:51:24 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-28 16:51:24 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-28 16:51:24 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-28 16:51:24 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-28 16:51:24 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-28 16:51:24 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-28 16:51:24 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-28 16:51:24 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-28 16:47:45 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-28 16:47:45 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-28 16:47:45 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-28 16:47:44 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-28 16:47:44 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-11-28 16:47:44 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-28 16:47:42 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2009-11-28 16:46:30 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-11-28 16:46:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-11-28 16:45:20 23552 ----a-w- c:\windows\system32\lpk.dll
2009-11-28 16:45:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-28 16:44:12 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-28 16:44:12 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-11-28 16:42:04 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-11-28 16:42:04 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-11-28 16:42:04 2048 ----a-w- c:\windows\system32\mferror.dll
2009-11-28 16:33:56 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-28 16:25:46 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-28 16:24:49 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-28 16:24:49 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-11-28 16:21:16 714240 ----a-w- c:\windows\system32\timedate.cpl
2009-11-28 16:12:18 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-11-28 16:02:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-11-28 15:53:41 37888 ----a-w- c:\windows\system32\printcom.dll
2009-11-28 15:52:20 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-11-28 15:51:31 43520 ----a-w- c:\windows\system32\msdxm.tlb
2009-11-28 15:51:31 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-11-28 15:51:31 18432 ----a-w- c:\windows\system32\amcompat.tlb
2009-11-28 15:08:23 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-11-28 15:08:01 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-11-28 15:06:33 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-11-28 15:05:29 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-28 15:04:07 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-11-28 15:02:55 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2009-11-28 15:02:54 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-11-28 15:02:48 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-11-28 15:02:48 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-11-28 15:02:48 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2009-11-28 15:02:47 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-11-28 15:02:47 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2009-11-28 14:13:57 -------- d-----w- c:\users\esther\appdata\local\Google
2009-11-28 14:12:56 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2009-11-28 14:12:44 238872 ------w- c:\windows\system32\MpSigStub.exe
2009-11-27 21:21:54 -------- d-----w- c:\windows\system32\Lang
2009-11-27 21:13:58 -------- d-----w- c:\windows\system32\RTCOM
2009-11-27 21:10:31 -------- d-----w- c:\programdata\Citrix
2009-11-27 21:10:03 -------- d-----w- c:\program files\Citrix
2009-11-27 21:09:40 -------- d-----w- c:\users\esther\appdata\local\Citrix
2009-11-27 21:09:39 61224 ----a-w- c:\users\esther\GoToAssistDownloadHelper.exe
2009-11-27 21:08:58 -------- d-----w- c:\users\esther\appdata\local\Deployment
2009-11-27 21:08:58 -------- d-----w- c:\users\esther\appdata\local\Apps
2009-11-27 21:08:29 400152 ----a-w- c:\windows\system32\igxpun.exe
2009-11-27 21:08:29 -------- d-----w- c:\windows\system32\x64
2009-11-27 21:08:28 319456 ----a-w- c:\windows\system32\difxapi.dll
2009-11-27 20:59:15 39288 ----a-w- c:\windows\system32\NicInE6.dll
2009-11-27 20:59:15 28536 ----a-w- c:\windows\system32\NicCo6.dll
2009-11-27 20:59:15 228224 ----a-w- c:\windows\system32\drivers\e1e6032.sys
2009-11-27 20:59:15 179048 ----a-w- c:\windows\system32\e1000msg.dll
2009-11-27 20:59:15 154496 ----a-w- c:\windows\system32\Prounstl.exe
2009-11-27 20:55:07 -------- d-----w- c:\windows\system32\vmm32
2009-11-27 20:55:07 -------- d-----w- c:\program files\Dell
2009-11-27 20:54:36 -------- d-sh--w- c:\windows\Installer
2009-11-27 17:44:29 89600 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL
2009-11-27 17:36:26 -------- d-----w- c:\windows\Panther
2009-11-27 17:35:41 -------- d-----w- c:\windows\system32\OEM
2009-11-27 17:19:13 -------- d-----w- C:\Windows.old
2009-08-18 15:34:24 602528 ----a-w- c:\program files\common files\microsoft shared\windows live\WLIDRES.DLL
2009-08-18 15:32:12 403840 ----a-w- c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
2009-08-18 15:30:38 97176 ----a-w- c:\program files\common files\microsoft shared\windows live\LogicalDevice.dll
2009-08-18 15:30:38 807832 ----a-w- c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
2009-08-18 15:30:38 564632 ----a-w- c:\programdata\microsoft\identitycrl\production\wlidui.dll
2009-08-18 15:30:38 233352 ----a-w- c:\program files\common files\microsoft shared\windows live\HWDeviceLogin.dll
2009-08-18 15:29:22 344448 ----a-w- c:\program files\common files\microsoft shared\windows live\SIGNINOPTIONS.EXE
2009-08-18 15:29:22 183152 ----a-w- c:\program files\common files\microsoft shared\windows live\WLIDSVCM.EXE
2009-08-18 15:29:22 1529728 ----a-w- c:\program files\common files\microsoft shared\windows live\WLIDSVC.EXE
2009-08-18 15:24:10 18328 ----a-w- c:\programdata\microsoft\identitycrl\production\ppcrlconfig600.dll
2009-08-18 15:24:10 134144 ----a-w- c:\program files\common files\microsoft shared\windows live\SQMAPI.DLL
2009-07-21 04:05:40 1348432 ----a-w- c:\windows\system32\msxml4.dll
2009-04-23 15:19:52 256768 ----a-w- c:\windows\system32\unicows.dll
2008-03-25 21:21:46 -------- d-----w- C:\Intel
2008-03-20 02:36:52 -------- d-----w- C:\doctemp
2008-03-20 02:34:49 -------- d-----w- C:\Drivers
2008-03-20 02:34:49 -------- d-----w- C:\DELL
2008-02-12 03:55:18 147456 ----a-w- c:\windows\system32\igfxCoIn_v1437.dll
2008-02-12 03:34:48 29932 ----a-w- c:\windows\system32\igmedcompkrn.bin
2008-02-12 03:34:48 2215364 ----a-w- c:\windows\system32\igklg400.bin
2008-02-12 03:34:48 1971732 ----a-w- c:\windows\system32\igklg450.bin
2007-04-19 19:15:58 172032 ----a-w- c:\windows\system32\Ncs2Setp.dll
2007-04-18 00:44:32 564112 ----a-w- c:\windows\system32\ncs2dmix.dll
2007-04-18 00:44:18 449416 ----a-w- c:\windows\system32\accesor.dll
2007-04-13 22:17:52 1043304 ----a-w- c:\windows\system32\ncscolib.dll
2007-04-12 01:00:46 99728 ----a-w- c:\windows\system32\drivers\iANSW60.sys
2007-03-28 00:38:52 146288 ----a-w- c:\windows\system32\ncs2instutility.dll
2007-03-14 17:47:20 228200 ----a-w- c:\windows\system32\PRONtObj.dll
2007-03-10 01:04:42 31072 ----a-w- c:\windows\system32\drivers\iqvw32.sys
2007-02-21 19:49:52 -------- d-----w- c:\windows\Users
2007-01-06 17:43:53 -------- d-----w- c:\program files\Microsoft Security Client
2007-01-06 17:40:52 -------- d-----w- C:\cd58917cc79bda3113aaa00c1aea
2007-01-06 17:31:35 -------- d-----w- c:\program files\CCleaner
.
==================== Find3M  ====================
.
2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-07-26 03:26:03 2560 ----a-w- c:\windows\system32\drivers\en-us\wdf01000.sys.mui
2011-03-03 15:40:07 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2009-12-07 06:39:30 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-12-07 06:39:29 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-11-28 15:09:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2009-11-27 21:12:29 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-11-27 21:12:07 315392 ----a-w- c:\windows\HideWin.exe
2009-11-03 21:46:54 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2009-10-09 21:56:27 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
2009-10-09 21:56:18 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2009-10-09 21:56:17 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2009-10-09 21:56:04 241152 ----a-w- c:\windows\system32\winrscmd.dll
2009-10-09 21:56:03 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2009-10-09 21:56:01 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2009-10-09 21:55:59 79872 ----a-w- c:\windows\system32\wecutil.exe
2009-10-09 21:55:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2009-10-09 21:55:53 54272 ----a-w- c:\windows\system32\WsmRes.dll
2009-10-09 21:55:52 146944 ----a-w- c:\windows\system32\wecsvc.dll
2009-10-09 21:55:50 81408 ----a-w- c:\windows\system32\wevtfwd.dll
2009-10-09 21:55:50 56320 ----a-w- c:\windows\system32\wecapi.dll
2009-10-08 23:12:09 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui
2009-10-01 01:08:10 3072 ----a-w- c:\windows\system32\drivers\umdf\en-us\wpdmtpdr.dll.mui
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-08-01 06:27:37 201184 ----a-w- c:\windows\system32\winrm.vbs
2009-04-11 06:33:19 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33:19 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33:03 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33:02 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28:28 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27:59 627200 ----a-w- c:\windows\system32\sethc.exe
2009-04-11 06:24:00 4096 ----a-w- c:\windows\system32\drivers\en-us\hdaudbus.sys.mui
2009-04-11 06:23:02 89088 ----a-w- c:\windows\system32\pintlgnt.ime
2009-04-11 06:23:02 125952 ----a-w- c:\windows\system32\tintlgnt.ime
2009-04-11 06:23:02 124928 ----a-w- c:\windows\system32\quick.ime
2009-04-11 06:23:02 124928 ----a-w- c:\windows\system32\qintlgnt.ime
2009-04-11 06:23:02 124928 ----a-w- c:\windows\system32\phon.ime
2009-04-11 06:22:59 413696 ----a-w- c:\windows\system32\imkr80.ime
2009-04-11 06:22:57 883712 ----a-w- c:\windows\system32\IMJP10.IME
2009-04-11 06:22:57 124928 ----a-w- c:\windows\system32\cintlgnt.ime
2009-04-11 06:22:53 124928 ----a-w- c:\windows\system32\chajei.ime
2009-04-11 06:22:48 8192 ----a-w- c:\windows\system32\drivers\en-us\bthport.sys.mui
2009-04-11 06:22:22 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 05:42:55 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 04:46:40 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46:32 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46:30 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46:07 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:45:56 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45:51 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45:37 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45:24 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45:22 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43:28 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43:16 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:42:57 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42:56 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42:56 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42:52 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42:50 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42:48 39424 ----a-w- c:\windows\system32\drivers\hidclass.sys
2009-04-11 04:42:48 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-04-11 04:42:47 52992 ----a-w- c:\windows\system32\drivers\stream.sys
2009-04-11 04:42:42 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-04-11 04:39:57 16384 ----a-w- c:\windows\system32\iscsilog.dll
2009-04-11 04:39:17 67072 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-04-11 04:39:11 19456 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2009-04-11 04:38:49 149504 ----a-w- c:\windows\system32\drivers\ks.sys
2009-04-11 04:38:40 17408 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-04-11 04:27:17 2560 ----a-w- c:\windows\system32\msimsg.dll
2009-04-11 04:23:23 76288 ----a-w- c:\windows\system32\drivers\dxg.sys
2009-04-11 04:22:46 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys
.
============= FINISH: 12:49:59.63 ===============
 
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium 
Boot Device: \Device\HarddiskVolume3
Install Date: 11/27/2009 12:46:33 PM
System Uptime: 1/6/2007 12:24:59 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0RY007
Processor: Intel® Core2 Duo CPU     E4500  @ 2.20GHz | Socket 775 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 194.859 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.884 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMHL-DT-ST_DVD+-RW_GSA-H73N_______________B103____\5&384A886&0&1.0.0
Manufacturer: (Standard CD-ROM drives)
Name: HL-DT-ST DVD+-RW GSA-H73N ATA Device
PNP Device ID: IDE\CDROMHL-DT-ST_DVD+-RW_GSA-H73N_______________B103____\5&384A886&0&1.0.0
Service: cdrom
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.7)
AVG 2012
Bing Bar
Bing Rewards Client Installer
CCleaner
Comcast Access
Comcast High-Speed Internet Install Wizard
CouponXplorer Toolbar
Dell Resource CD
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Hardware Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0
Java Auto Updater
Java 6 Update 20
McAfee Security Scan Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft UI Engine
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Move Media Player
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
My Web Search
MyPC Backup 
OLYMPUS Master 2
PCHealthBoost 2.3.0
Produtools Manuals 2.1 B2 Toolbar
QuickTime
RadioPI
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rhapsody MP3 Download Manager
Search Protect by conduit
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Supple -- Episode 1 (remove only)
TelevisionFanatic Toolbar
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live ID Sign-in Assistant
Yahoo! Toolbar
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hello,

 

I have a machine with browser redirects and other odd behavior. Search protect/ conduit was discovered in the startup processes. Any help would be appreciated as always!

 

Thank you for your time.

 

.
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16483
Run by esther at 12:48:32 on 2007-01-06
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2036.707 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Outdated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Outdated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\MyPC Backup\BackupStack.exe
C:\Program Files\SearchProtect\bin\CltMngSvc.exe
C:\PROGRA~1\COUPON~2\bar\1.bin\5zbarsvc.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe
C:\PROGRA~1\RADIOP~2\bar\1.bin\4ebarsvc.exe
C:\PROGRA~1\TELEVI~2\bar\1.bin\64barsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\RadioPI_4e\bar\1.bin\4ebrmon.exe
C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe
C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbrmon.exe
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
C:\Windows\ehome\ehtray.exe
C:\Users\esther\AppData\Roaming\comsrvr.exe
C:\Users\esther\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\MyPC Backup\MyPC Backup.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\esther\Downloads\mseinstall.exe
c:\cd58917cc79bda3113aaa00c1aea\epplauncher.exe
c:\cd58917cc79bda3113aaa00c1aea\x86\Setup.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\msiexec.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\igfxsrvc.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uProxyOverride = localhost
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} - c:\program files\mywebsearch\bar\3.bin\MWSSRCAS.DLL
uURLSearchHooks: <No Name>: {8bc67b0f-a721-45e0-a0b6-db0121b0aade} - c:\program files\radiopi_4e\bar\1.bin\4eSrcAs.dll
uURLSearchHooks: <No Name>: {0696f815-a3a9-490a-bb14-9ec3350b1276} - c:\program files\televisionfanatic\bar\1.bin\64SrcAs.dll
uURLSearchHooks: {cce665dd-f6dd-4808-968e-eaec971f70ef} - <orphaned>
uURLSearchHooks: <No Name>: {9b138bf3-1d40-4e7e-84bb-2975198ad938} - c:\program files\couponxplorer_5z\bar\1.bin\5zSrcAs.dll
uURLSearchHooks: Produtools Manuals 2.1 B2 Toolbar: {589d7cff-0173-47a9-966a-9afae3e5c249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
mURLSearchHooks: Produtools Manuals 2.1 B2 Toolbar: {589d7cff-0173-47a9-966a-9afae3e5c249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
BHO: MyWebSearch Search Assistant BHO: {00A6FAF1-072E-44cf-8957-5838F569A31D} - c:\program files\mywebsearch\bar\3.bin\MWSSRCAS.DLL
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Toolbar BHO: {0297a026-3011-46d3-ad62-bb9a7612aea7} - c:\program files\couponxplorer_5z\bar\1.bin\5zbar.dll
BHO: mwsBar BHO: {07B18EA1-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\3.bin\MWSBAR.DLL
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Toolbar BHO: {35fd2bab-ab2b-494f-b5bf-8755ec043784} - c:\program files\radiopi_4e\bar\1.bin\4ebar.dll
BHO: Search Assistant BHO: {4adc9c1b-9c50-4c2d-a471-5c06d8de7e80} - c:\program files\radiopi_4e\bar\1.bin\4eSrcAs.dll
BHO: Produtools Manuals 2.1 B2 Toolbar: {589d7cff-0173-47a9-966a-9afae3e5c249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - c:\program files\televisionfanatic\bar\1.bin\64SrcAs.dll
BHO: Search Assistant BHO: {7d69ed06-0171-4379-9528-08df51092727} - c:\program files\couponxplorer_5z\bar\1.bin\5zSrcAs.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Produtools Manuals 2.1 B2 Toolbar: {589D7CFF-0173-47A9-966A-9AFAE3E5C249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
TB: RadioPI: {92926B63-5116-4C6F-A33E-378767B8D15F} - c:\program files\radiopi_4e\bar\1.bin\4ebar.dll
TB: TelevisionFanatic: {C98D5B61-B0EA-4D48-9839-1079D352D880} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - c:\program files\mywebsearch\bar\3.bin\MWSBAR.DLL
TB: RadioPI: {92926b63-5116-4c6f-a33e-378767b8d15f} - c:\program files\radiopi_4e\bar\1.bin\4ebar.dll
TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - c:\program files\televisionfanatic\bar\1.bin\64bar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: CouponXplorer: {65c72339-fb1d-4155-84e1-9afacee02d6f} - c:\program files\couponxplorer_5z\bar\1.bin\5zbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Produtools Manuals 2.1 B2 Toolbar: {589d7cff-0173-47a9-966a-9afae3e5c249} - c:\program files\produtools_manuals_2.1_b2\prxtbProd.dll
uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [COMServer] "c:\users\esther\appdata\roaming\comsrvr.exe" a
uRun: [searchProtect] c:\users\esther\appdata\roaming\searchprotect\bin\cltmng.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_7_700_202_ActiveX.exe -update activex
uRunOnce: [Microsoft Security Client] c:\program files\microsoft security client\msseces.exe /UpdateAndQuickScan /OpenWebPageOnClose
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\3.bin\mwsoemon.exe
mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\3.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [RadioPI_4e Browser Plugin Loader] c:\progra~1\radiop~2\bar\1.bin\4ebrmon.exe
mRun: [TelevisionFanatic Search Scope Monitor] "c:\progra~1\televi~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
mRun: [TelevisionFanatic Browser Plugin Loader] c:\progra~1\televi~2\bar\1.bin\64brmon.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [CouponXplorer Search Scope Monitor] "c:\progra~1\coupon~2\bar\1.bin\5zsrchmn.exe" /m=2 /w /h
mRun: [CouponXplorer_5z Browser Plugin Loader] c:\progra~1\coupon~2\bar\1.bin\5zbrmon.exe
mRun: [searchProtectAll] c:\program files\searchprotect\bin\cltmng.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\esther\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 74.5.116.246 205.244.194.36
TCP: Interfaces\{045F92B2-8D4D-4A86-A046-02270758B5B8} : DHCPNameServer = 74.5.116.246 205.244.194.36
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2013-5-31 32808]
R2 CltMngSvc;Search Protect by Conduit Updater;c:\program files\searchprotect\bin\CltMngSvc.exe [2013-5-8 97056]
R2 CouponXplorer_5zService;CouponXplorerService;c:\progra~1\coupon~2\bar\1.bin\5zbarsvc.exe [2012-8-20 42504]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-2 21504]
R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\3.bin\mwssvc.exe [2011-3-22 28762]
R2 RadioPI_4eService;RadioPI Service;c:\progra~1\radiop~2\bar\1.bin\4ebarsvc.exe [2011-9-7 34864]
R2 TelevisionFanaticService;TelevisionFanaticService;c:\progra~1\televi~2\bar\1.bin\64barsvc.exe [2012-3-9 42504]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2006-11-2 987648]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2006-11-2 251904]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
S3 ssmirrdr;ssmirrdr;c:\windows\system32\drivers\ssmirrdr.sys [2013-4-30 10112]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-06-06 16:35:35 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{298c5cc9-7f68-4536-bc75-5756f13747d8}\offreg.dll
2013-06-06 16:18:23 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{298c5cc9-7f68-4536-bc75-5756f13747d8}\mpengine.dll
2013-06-03 17:18:37 -------- d-----w- c:\program files\MyPC Backup
2013-06-03 17:17:43 -------- d-----w- c:\program files\PC HealthBoost
2013-06-03 17:17:07 -------- d-----w- c:\programdata\PCHealthBoost
2013-05-19 19:42:06 -------- d-----w- c:\users\esther\appdata\roaming\supportdotcom
2013-05-19 19:41:57 -------- d-----w- c:\program files\common files\supportdotcom
2013-05-19 14:34:57 770384 ----a-w- c:\windows\system32\msvcr100.dll
2013-05-19 14:34:57 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-05-19 14:34:57 -------- d-----w- c:\program files\SearchProtect
2013-05-19 14:34:56 -------- d-----w- c:\users\esther\appdata\roaming\SearchProtect
2013-05-19 14:34:45 -------- d-----w- c:\program files\Produtools_Manuals_2.1_B2
2013-05-15 12:44:25 16948616 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-15 07:09:55 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 00:01:02 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 00:01:02 37376 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 00:00:55 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-05-10 07:57:26 187456 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-04-30 06:18:22 28032 ----a-w- c:\windows\system32\ssmirrdr.dll
2013-04-30 06:18:22 10112 ----a-w- c:\windows\system32\drivers\ssmirrdr.sys
2013-04-15 20:54:36 -------- d-----w- c:\users\esther\appdata\roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-04-10 07:02:23 64000 ----a-w- c:\windows\system32\smss.exe
2013-04-10 07:02:23 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 07:02:23 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 07:02:22 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 07:02:21 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 07:02:20 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 07:02:19 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-03-20 10:40:59 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-13 11:13:10 -------- d-----w- c:\users\esther\appdata\local\ZeoBIT_LLC
2013-03-13 11:11:09 -------- d-----w- c:\programdata\ZeoBIT
2013-03-11 18:55:09 -------- d-----w- c:\users\esther\appdata\local\LogMeIn Rescue Applet
2013-02-13 14:23:28 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-13 14:23:27 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-20 20:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 20:59:04 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-09 13:42:19 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 13:42:03 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-05 17:04:37 22016 ----a-w- c:\users\esther\wgsdgsdgdsgsd.exe
2013-01-05 17:04:37 14848 ----a-w- c:\users\esther\appdata\roaming\comsrvr.exe
2012-12-22 08:00:33 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 08:00:33 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 08:04:12 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 08:03:59 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 08:03:59 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 08:03:58 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 08:03:58 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 08:03:58 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 08:03:57 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 08:03:57 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 08:03:56 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 08:03:56 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 08:03:56 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-12 14:03:55 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-12 14:03:55 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 09:41:09 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 09:41:09 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-12 09:41:07 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-12 09:41:04 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-14 04:08:01 75776 ----a-w- c:\windows\system32\synceng.dll
2012-10-10 10:31:30 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 10:31:30 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 10:31:30 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 10:31:27 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-20 15:50:56 -------- d-----w- c:\program files\CouponXplorer_5z
2012-08-15 07:26:22 623616 ----a-w- c:\windows\system32\localspl.dll
2012-07-10 20:15:06 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-07-10 20:15:04 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-07-10 20:14:25 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-10 20:14:24 278528 ----a-w- c:\windows\system32\schannel.dll
2012-07-01 13:16:14 -------- d-----w- c:\users\esther\appdata\local\Facebook
2012-06-22 04:04:20 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 04:03:46 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 04:03:08 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 04:03:08 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-17 17:08:47 -------- d-----w- c:\program files\Conduit
2012-06-17 17:08:12 -------- d-----w- c:\program files\WhiteSmokeTranslator
2012-06-17 17:07:05 -------- d-----w- c:\users\esther\appdata\local\Conduit
2012-06-17 17:06:39 -------- d-----w- c:\program files\BasicScan
2012-06-17 01:31:50 -------- d-----w- c:\users\esther\appdata\roaming\SpeedMaxPc
2012-06-17 01:31:50 -------- d-----w- c:\users\esther\appdata\roaming\DriverCure
2012-06-17 01:31:36 -------- d-----w- c:\programdata\SpeedMaxPc
2012-06-16 15:34:41 -------- d-----w- c:\users\esther\appdata\local\AVG Secure Search
2012-06-16 15:33:16 -------- d-----w- c:\programdata\AVG Secure Search
2012-06-16 15:33:05 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-06-16 15:33:04 -------- d-----w- c:\program files\AVG Secure Search
2012-06-16 15:29:34 -------- d--h--w- C:\$AVG
2012-06-16 15:29:34 -------- d-----w- c:\programdata\AVG2012
2012-06-16 15:27:03 -------- d-----w- c:\program files\AVG
2012-06-13 06:46:09 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-05-10 23:29:09 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 23:29:07 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-10 23:29:07 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-10 23:29:07 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-10 23:29:07 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-05-10 23:29:07 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-05-10 23:29:07 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-10 23:29:04 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-05-10 23:29:04 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-10 23:29:04 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-10 23:29:04 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-10 23:29:04 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-04-13 07:08:03 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-13 07:08:03 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-13 07:08:03 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 14:45:50 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-03-13 21:38:17 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-09 14:33:27 -------- d-----w- c:\program files\TelevisionFanatic
2012-02-16 18:45:11 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-01 15:34:57 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-02-01 15:34:56 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-02-01 15:34:55 9728 ----a-w- c:\windows\system32\lsass.exe
2012-02-01 15:34:55 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-11 10:40:25 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 10:40:25 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 10:40:24 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 10:40:23 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 10:39:52 497152 ----a-w- c:\windows\system32\qdvd.dll
2011-12-29 20:51:44 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2011-12-29 20:43:23 -------- d--h--w- c:\programdata\Common Files
2011-12-29 20:40:34 -------- d-----w- c:\programdata\MFAData
2011-12-19 19:32:25 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-01 19:05:11 -------- d-----w- c:\users\esther\appdata\local\CrashDumps
2011-11-13 22:32:15 49904 ----a-r- c:\windows\system32\drivers\BVRPMPR5.SYS
2011-11-13 22:08:48 -------- d-----w- C:\Netgear
2011-11-09 21:22:32 707584 ----a-w- c:\program files\common files\system\wab32.dll
2011-10-26 03:53:05 6144 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-10-12 19:00:38 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-12 19:00:38 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-12 19:00:38 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 19:00:38 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 19:00:09 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 19:00:09 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-12 19:00:09 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 19:00:08 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-07 13:34:55 -------- d-----w- c:\program files\RadioPI_4e
2011-09-07 13:34:42 -------- d-----w- c:\program files\RadioPI_4eEI
2011-08-24 19:12:01 749832 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll
2011-08-10 17:00:17 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 05:35:02 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-16 05:34:41 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-16 05:34:37 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 05:34:37 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 05:34:05 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 05:34:03 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 05:34:03 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-05-31 17:02:52 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-31 17:02:52 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-31 17:02:41 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-19 09:47:04 670032 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
2011-04-15 05:35:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-15 05:35:49 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-15 05:35:48 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-04-15 05:35:46 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-15 05:35:44 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-15 05:35:44 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-23 07:41:30 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 07:41:30 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-19 14:26:04 -------- d-----w- c:\users\esther\appdata\local\Real
2011-03-19 14:24:48 -------- d-----w- c:\program files\common files\xing shared
2011-03-19 14:24:31 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-03-19 14:24:31 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-03-09 20:13:13 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 20:13:12 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 20:13:12 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 20:13:10 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-02-24 08:01:17 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-02-24 08:01:04 40448 ----a-w- c:\windows\system32\winrs.exe
2011-02-24 08:01:04 20480 ----a-w- c:\windows\system32\winrshost.exe
2011-02-24 08:01:04 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2011-02-24 08:01:00 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-02-24 08:01:00 10240 ----a-w- c:\windows\system32\winrssrv.dll
2011-02-09 20:53:20 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-17 19:42:00 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-17 19:41:59 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-01-17 19:41:59 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-17 19:41:59 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-17 19:41:59 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-17 19:41:33 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-15 10:06:04 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2010-12-15 10:06:04 515584 ----a-w- c:\program files\windows mail\wab.exe
2010-12-15 10:06:04 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2010-12-15 10:06:01 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-12-15 10:06:01 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-12-15 10:06:01 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-12-15 10:06:01 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-12-15 10:06:01 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-12-15 10:05:59 81920 ----a-w- c:\windows\system32\consent.exe
2010-12-15 10:05:58 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-10-26 18:03:00 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-13 04:15:58 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2010-10-13 04:15:57 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-13 04:15:12 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-13 04:15:10 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-13 04:14:41 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2010-10-13 04:14:41 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-13 04:14:36 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-13 04:14:14 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-13 04:14:14 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-13 04:14:06 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-13 04:14:02 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-13 04:13:57 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-09-15 06:18:28 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 06:18:27 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 06:18:25 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-08-11 18:27:44 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-08-11 18:27:37 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2010-08-11 18:27:35 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2010-08-11 18:27:27 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-08-03 20:08:03 -------- d-----w- c:\program files\Driver-Soft
2010-07-13 12:52:01 -------- d-----w- C:\temp
2010-07-13 12:51:56 86016 ----a-w- c:\windows\unvise32qt.exe
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-07-13 12:51:54 90112 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-07-13 12:51:46 -------- d-----w- c:\windows\system32\QuickTime
2010-07-13 12:51:05 -------- d-----w- c:\windows\system32\BWKDLogs
2010-07-13 12:49:59 -------- d-----w- c:\program files\Kodak
2010-07-13 12:49:59 -------- d-----w- c:\program files\common files\MSSoap
2010-07-13 12:48:44 -------- d-----w- c:\programdata\Kodak
2010-06-25 08:34:09 -------- d-----w- c:\program files\ComcastAccess
2010-06-25 08:32:50 -------- d-----w- c:\users\esther\appdata\roaming\com.comcast.access.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
2010-06-25 08:23:14 -------- d-----w- c:\programdata\com.comcast.access
2010-06-25 08:23:13 -------- d-----w- c:\users\esther\appdata\local\ComcastAccess
2010-06-23 07:00:22 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 07:00:21 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 07:00:21 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 07:00:21 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 07:00:20 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-18 08:02:09 -------- d-----w- c:\program files\support.com
2010-06-18 08:02:08 -------- d-----w- c:\users\esther\appdata\local\SupportSoft
2010-06-18 08:02:02 -------- d-----w- c:\program files\common files\SupportSoft
2010-06-10 17:26:57 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-01 22:19:02 -------- d-----w- c:\program files\Microsoft
2010-06-01 22:18:51 -------- d-----w- c:\program files\MSN Toolbar
2010-06-01 22:16:33 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-25 13:00:46 652296 ----a-w- c:\programdata\microsoft\ehome\packages\sportstemplate\sportstemplatecore\Microsoft.MediaCenter.Sports.UI.dll
2010-05-25 13:00:22 416128 ----a-w- c:\programdata\microsoft\ehome\packages\nettv\browse\NetTVResources.dll
2010-05-18 16:23:28 -------- d-----w- c:\users\esther\appdata\local\OLYMPUS
2010-05-18 16:22:27 -------- d-----w- c:\program files\OLYMPUS
2010-05-18 16:21:19 -------- d-----w- c:\program files\MSXML 4.0
2010-05-12 07:15:56 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2010-05-08 06:23:15 32768 ----a-w- c:\windows\system32\f3PSSavr.scr
2010-05-08 06:23:14 -------- d-----w- c:\program files\MyWebSearch
2010-05-08 06:22:50 -------- d-----w- c:\program files\FunWebProducts
2010-05-05 12:32:52 -------- d-----w- c:\program files\Yahoo!
2010-04-14 08:37:47 62464 ----a-w- c:\windows\system32\l3codeca.acm
2010-04-14 08:37:47 220672 ----a-w- c:\windows\system32\l3codecp.acm
2010-04-14 08:36:42 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-14 08:36:42 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-14 08:36:26 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-06 20:23:46 -------- d-----w- c:\programdata\Trymedia
2010-04-06 20:23:30 -------- d-----w- c:\program files\Supple -- Episode 1
2010-03-18 17:16:28 771424 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2010-03-10 08:01:00 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-10 08:00:46 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-10 08:00:45 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-27 11:50:12 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-27 11:50:12 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-27 11:50:12 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-27 11:50:11 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-27 11:50:11 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-27 11:50:11 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-27 11:50:11 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-27 11:50:11 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-27 11:50:11 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-18 22:51:23 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-02-09 21:43:50 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-02-09 21:43:41 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-09 21:43:41 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-09 21:43:41 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-09 21:43:41 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-09 21:43:41 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-09 21:43:40 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-02-09 21:43:40 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-09 21:43:40 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-01-28 18:04:58 -------- d-----w- c:\programdata\McAfee Security Scan
2010-01-28 18:04:50 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-28 18:04:43 -------- d-----w- c:\users\esther\appdata\local\Adobe
2010-01-02 21:05:37 -------- d-----w- c:\windows\system32\N360_BACKUP
2010-01-01 15:16:08 -------- d-----w- c:\users\esther\appdata\local\Symantec
2009-12-21 11:21:56 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-21 11:06:08 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-21 11:06:06 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-21 11:06:06 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-21 11:05:26 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-12-21 11:05:23 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-12-21 11:05:23 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-12-21 11:05:23 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-12-21 11:05:23 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-12-21 11:05:23 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-12-21 11:05:22 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-12-18 20:42:00 -------- d-----w- c:\windows\system32\vi-VN
2009-12-18 20:42:00 -------- d-----w- c:\windows\system32\eu-ES
2009-12-18 20:42:00 -------- d-----w- c:\windows\system32\ca-ES
2009-12-15 14:37:52 -------- d-----w- c:\windows\system32\EventProviders
2009-12-14 01:11:06 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-12-14 01:11:04 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2009-12-14 01:11:04 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2009-12-14 01:11:02 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2009-12-14 01:11:02 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2009-12-14 01:11:01 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-12-14 01:11:00 1480704 ----a-w- c:\windows\system32\mssrch.dll
2009-12-14 01:09:59 83456 ----a-w- c:\windows\system32\wlgpclnt.dll
2009-12-10 11:05:47 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-12-09 12:31:59 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-07 11:13:13 -------- d-----w- C:\PerfLogs
2009-12-04 02:26:37 265720 ----a-w- c:\program files\internet explorer\msdbg2.dll
2009-12-04 02:26:34 355832 ----a-w- c:\program files\internet explorer\pdm.dll
2009-12-02 14:36:06 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\default\MpEngine.dll
2009-12-02 14:34:59 90680 ----a-w- c:\program files\windows defender\MpOAV.dll
2009-12-02 14:33:59 5261312 ----a-w- c:\program files\common files\microsoft shared\ink\mshwita.dll
2009-12-02 14:32:59 8704 ----a-w- c:\windows\system32\msidle.dll
2009-12-02 14:31:51 35328 ----a-w- c:\windows\system32\mspatcha.dll
2009-12-02 14:31:51 305152 ----a-w- c:\windows\system32\msdelta.dll
2009-12-02 14:31:51 258560 ----a-w- c:\windows\system32\dpx.dll
2009-12-02 11:11:21 -------- d-----w- c:\programdata\Symantec
2009-12-01 22:25:59 -------- d-----w- c:\programdata\Norton
2009-12-01 22:21:54 -------- d-----w- c:\programdata\NortonInstaller
2009-11-28 16:56:21 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-28 16:56:21 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-28 16:51:24 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-28 16:51:24 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-28 16:51:24 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-28 16:51:24 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-28 16:51:24 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-28 16:51:24 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-28 16:51:24 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-28 16:51:24 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-28 16:47:45 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-28 16:47:45 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-28 16:47:45 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-28 16:47:44 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-28 16:47:44 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-11-28 16:47:44 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-28 16:47:42 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2009-11-28 16:46:30 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-11-28 16:46:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-11-28 16:45:20 23552 ----a-w- c:\windows\system32\lpk.dll
2009-11-28 16:45:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-28 16:44:12 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-28 16:44:12 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-11-28 16:42:04 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-11-28 16:42:04 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-11-28 16:42:04 2048 ----a-w- c:\windows\system32\mferror.dll
2009-11-28 16:33:56 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-28 16:25:46 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-28 16:24:49 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-28 16:24:49 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-11-28 16:21:16 714240 ----a-w- c:\windows\system32\timedate.cpl
2009-11-28 16:12:18 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-11-28 16:02:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-11-28 15:53:41 37888 ----a-w- c:\windows\system32\printcom.dll
2009-11-28 15:52:20 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-11-28 15:51:31 43520 ----a-w- c:\windows\system32\msdxm.tlb
2009-11-28 15:51:31 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-11-28 15:51:31 18432 ----a-w- c:\windows\system32\amcompat.tlb
2009-11-28 15:08:23 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-11-28 15:08:01 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-11-28 15:06:33 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-11-28 15:05:29 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-28 15:04:07 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-11-28 15:02:55 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2009-11-28 15:02:54 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-11-28 15:02:48 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-11-28 15:02:48 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-11-28 15:02:48 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2009-11-28 15:02:47 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-11-28 15:02:47 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2009-11-28 14:13:57 -------- d-----w- c:\users\esther\appdata\local\Google
2009-11-28 14:12:56 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2009-11-28 14:12:44 238872 ------w- c:\windows\system32\MpSigStub.exe
2009-11-27 21:21:54 -------- d-----w- c:\windows\system32\Lang
2009-11-27 21:13:58 -------- d-----w- c:\windows\system32\RTCOM
2009-11-27 21:10:31 -------- d-----w- c:\programdata\Citrix
2009-11-27 21:10:03 -------- d-----w- c:\program files\Citrix
2009-11-27 21:09:40 -------- d-----w- c:\users\esther\appdata\local\Citrix
2009-11-27 21:09:39 61224 ----a-w- c:\users\esther\GoToAssistDownloadHelper.exe
2009-11-27 21:08:58 -------- d-----w- c:\users\esther\appdata\local\Deployment
2009-11-27 21:08:58 -------- d-----w- c:\users\esther\appdata\local\Apps
2009-11-27 21:08:29 400152 ----a-w- c:\windows\system32\igxpun.exe
2009-11-27 21:08:29 -------- d-----w- c:\windows\system32\x64
2009-11-27 21:08:28 319456 ----a-w- c:\windows\system32\difxapi.dll
2009-11-27 20:59:15 39288 ----a-w- c:\windows\system32\NicInE6.dll
2009-11-27 20:59:15 28536 ----a-w- c:\windows\system32\NicCo6.dll
2009-11-27 20:59:15 228224 ----a-w- c:\windows\system32\drivers\e1e6032.sys
2009-11-27 20:59:15 179048 ----a-w- c:\windows\system32\e1000msg.dll
2009-11-27 20:59:15 154496 ----a-w- c:\windows\system32\Prounstl.exe
2009-11-27 20:55:07 -------- d-----w- c:\windows\system32\vmm32
2009-11-27 20:55:07 -------- d-----w- c:\program files\Dell
2009-11-27 20:54:36 -------- d-sh--w- c:\windows\Installer
2009-11-27 17:44:29 89600 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL
2009-11-27 17:36:26 -------- d-----w- c:\windows\Panther
2009-11-27 17:35:41 -------- d-----w- c:\windows\system32\OEM
2009-11-27 17:19:13 -------- d-----w- C:\Windows.old
2009-08-18 15:34:24 602528 ----a-w- c:\program files\common files\microsoft shared\windows live\WLIDRES.DLL
2009-08-18 15:32:12 403840 ----a-w- c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
2009-08-18 15:30:38 97176 ----a-w- c:\program files\common files\microsoft shared\windows live\LogicalDevice.dll
2009-08-18 15:30:38 807832 ----a-w- c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
2009-08-18 15:30:38 564632 ----a-w- c:\programdata\microsoft\identitycrl\production\wlidui.dll
2009-08-18 15:30:38 233352 ----a-w- c:\program files\common files\microsoft shared\windows live\HWDeviceLogin.dll
2009-08-18 15:29:22 344448 ----a-w- c:\program files\common files\microsoft shared\windows live\SIGNINOPTIONS.EXE
2009-08-18 15:29:22 183152 ----a-w- c:\program files\common files\microsoft shared\windows live\WLIDSVCM.EXE
2009-08-18 15:29:22 1529728 ----a-w- c:\program files\common files\microsoft shared\windows live\WLIDSVC.EXE
2009-08-18 15:24:10 18328 ----a-w- c:\programdata\microsoft\identitycrl\production\ppcrlconfig600.dll
2009-08-18 15:24:10 134144 ----a-w- c:\program files\common files\microsoft shared\windows live\SQMAPI.DLL
2009-07-21 04:05:40 1348432 ----a-w- c:\windows\system32\msxml4.dll
2009-04-23 15:19:52 256768 ----a-w- c:\windows\system32\unicows.dll
2008-03-25 21:21:46 -------- d-----w- C:\Intel
2008-03-20 02:36:52 -------- d-----w- C:\doctemp
2008-03-20 02:34:49 -------- d-----w- C:\Drivers
2008-03-20 02:34:49 -------- d-----w- C:\DELL
2008-02-12 03:55:18 147456 ----a-w- c:\windows\system32\igfxCoIn_v1437.dll
2008-02-12 03:34:48 29932 ----a-w- c:\windows\system32\igmedcompkrn.bin
2008-02-12 03:34:48 2215364 ----a-w- c:\windows\system32\igklg400.bin
2008-02-12 03:34:48 1971732 ----a-w- c:\windows\system32\igklg450.bin
2007-04-19 19:15:58 172032 ----a-w- c:\windows\system32\Ncs2Setp.dll
2007-04-18 00:44:32 564112 ----a-w- c:\windows\system32\ncs2dmix.dll
2007-04-18 00:44:18 449416 ----a-w- c:\windows\system32\accesor.dll
2007-04-13 22:17:52 1043304 ----a-w- c:\windows\system32\ncscolib.dll
2007-04-12 01:00:46 99728 ----a-w- c:\windows\system32\drivers\iANSW60.sys
2007-03-28 00:38:52 146288 ----a-w- c:\windows\system32\ncs2instutility.dll
2007-03-14 17:47:20 228200 ----a-w- c:\windows\system32\PRONtObj.dll
2007-03-10 01:04:42 31072 ----a-w- c:\windows\system32\drivers\iqvw32.sys
2007-02-21 19:49:52 -------- d-----w- c:\windows\Users
2007-01-06 17:43:53 -------- d-----w- c:\program files\Microsoft Security Client
2007-01-06 17:40:52 -------- d-----w- C:\cd58917cc79bda3113aaa00c1aea
2007-01-06 17:31:35 -------- d-----w- c:\program files\CCleaner
.
==================== Find3M  ====================
.
2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-07-26 03:26:03 2560 ----a-w- c:\windows\system32\drivers\en-us\wdf01000.sys.mui
2011-03-03 15:40:07 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2009-12-07 06:39:30 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-12-07 06:39:29 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-11-28 15:09:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2009-11-27 21:12:29 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-11-27 21:12:07 315392 ----a-w- c:\windows\HideWin.exe
2009-11-03 21:46:54 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2009-10-09 21:56:27 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
2009-10-09 21:56:18 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2009-10-09 21:56:17 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2009-10-09 21:56:04 241152 ----a-w- c:\windows\system32\winrscmd.dll
2009-10-09 21:56:03 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2009-10-09 21:56:01 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2009-10-09 21:55:59 79872 ----a-w- c:\windows\system32\wecutil.exe
2009-10-09 21:55:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2009-10-09 21:55:53 54272 ----a-w- c:\windows\system32\WsmRes.dll
2009-10-09 21:55:52 146944 ----a-w- c:\windows\system32\wecsvc.dll
2009-10-09 21:55:50 81408 ----a-w- c:\windows\system32\wevtfwd.dll
2009-10-09 21:55:50 56320 ----a-w- c:\windows\system32\wecapi.dll
2009-10-08 23:12:09 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui
2009-10-01 01:08:10 3072 ----a-w- c:\windows\system32\drivers\umdf\en-us\wpdmtpdr.dll.mui
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-08-01 06:27:37 201184 ----a-w- c:\windows\system32\winrm.vbs
2009-04-11 06:33:19 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33:19 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33:03 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33:02 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28:28 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27:59 627200 ----a-w- c:\windows\system32\sethc.exe
2009-04-11 06:24:00 4096 ----a-w- c:\windows\system32\drivers\en-us\hdaudbus.sys.mui
2009-04-11 06:23:02 89088 ----a-w- c:\windows\system32\pintlgnt.ime
2009-04-11 06:23:02 125952 ----a-w- c:\windows\system32\tintlgnt.ime
2009-04-11 06:23:02 124928 ----a-w- c:\windows\system32\quick.ime
2009-04-11 06:23:02 124928 ----a-w- c:\windows\system32\qintlgnt.ime
2009-04-11 06:23:02 124928 ----a-w- c:\windows\system32\phon.ime
2009-04-11 06:22:59 413696 ----a-w- c:\windows\system32\imkr80.ime
2009-04-11 06:22:57 883712 ----a-w- c:\windows\system32\IMJP10.IME
2009-04-11 06:22:57 124928 ----a-w- c:\windows\system32\cintlgnt.ime
2009-04-11 06:22:53 124928 ----a-w- c:\windows\system32\chajei.ime
2009-04-11 06:22:48 8192 ----a-w- c:\windows\system32\drivers\en-us\bthport.sys.mui
2009-04-11 06:22:22 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 05:42:55 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 04:46:40 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46:32 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46:30 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46:07 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:45:56 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45:51 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45:37 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45:24 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45:22 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43:28 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43:16 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:42:57 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42:56 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42:56 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42:52 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42:50 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42:48 39424 ----a-w- c:\windows\system32\drivers\hidclass.sys
2009-04-11 04:42:48 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-04-11 04:42:47 52992 ----a-w- c:\windows\system32\drivers\stream.sys
2009-04-11 04:42:42 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-04-11 04:39:57 16384 ----a-w- c:\windows\system32\iscsilog.dll
2009-04-11 04:39:17 67072 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-04-11 04:39:11 19456 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2009-04-11 04:38:49 149504 ----a-w- c:\windows\system32\drivers\ks.sys
2009-04-11 04:38:40 17408 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-04-11 04:27:17 2560 ----a-w- c:\windows\system32\msimsg.dll
2009-04-11 04:23:23 76288 ----a-w- c:\windows\system32\drivers\dxg.sys
2009-04-11 04:22:46 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys
.
============= FINISH: 12:49:59.63 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium 
Boot Device: \Device\HarddiskVolume3
Install Date: 11/27/2009 12:46:33 PM
System Uptime: 1/6/2007 12:24:59 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0RY007
Processor: Intel® Core2 Duo CPU     E4500  @ 2.20GHz | Socket 775 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 194.859 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.884 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMHL-DT-ST_DVD+-RW_GSA-H73N_______________B103____\5&384A886&0&1.0.0
Manufacturer: (Standard CD-ROM drives)
Name: HL-DT-ST DVD+-RW GSA-H73N ATA Device
PNP Device ID: IDE\CDROMHL-DT-ST_DVD+-RW_GSA-H73N_______________B103____\5&384A886&0&1.0.0
Service: cdrom
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.7)
AVG 2012
Bing Bar
Bing Rewards Client Installer
CCleaner
Comcast Access
Comcast High-Speed Internet Install Wizard
CouponXplorer Toolbar
Dell Resource CD
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Hardware Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0
Java Auto Updater
Java 6 Update 20
McAfee Security Scan Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft UI Engine
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Move Media Player
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
My Web Search
MyPC Backup 
OLYMPUS Master 2
PCHealthBoost 2.3.0
Produtools Manuals 2.1 B2 Toolbar
QuickTime
RadioPI
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rhapsody MP3 Download Manager
Search Protect by conduit
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Supple -- Episode 1 (remove only)
TelevisionFanatic Toolbar
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live ID Sign-in Assistant
Yahoo! Toolbar
.
==== End Of File ===========================
 
Link to post
Share on other sites

Hello and Welcome to Malwarebytes

It would be better to have one of our expert help you with this...

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites

 

Hello,

 

I have a machine with browser redirects and other odd behavior. Search protect/ conduit was discovered in the startup processes. Any help would be appreciated as always!

 

Thank you for your time.

 

.
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16483
Run by esther at 12:48:32 on 2007-01-06
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2036.707 [GMT -5:00]
.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium 
Boot Device: \Device\HarddiskVolume3
Install Date: 11/27/2009 12:46:33 PM
System Uptime: 1/6/2007 12:24:59 PM (0 hours ago)
.

 

 

Hi:

 

Please do follow Firefox's advice to have one of the malware experts assist you with cleaning your computer over in the malware removal section of the forum (same as the last few times). :)

 

In the interim, as you describe "odd" behavior, you might want to check the computer's system date and time, as they seem to be WAY, WAY off, based on the info in your DDS log headers.

That can certainly cause odd symptoms (though it is unrelated to any malware/adware infection).

 

HTH,

 

daledoc1

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.