Possible Sheur3.BULW malware infection
Problems with a Win XP SP2 machine. I can't install SP3 and IE seems to have got corrupted when I tried installing IE8 upgrade.
I've run scans using Spybot, MalwareBytes, Sophos AntiRootKit, ComboFix and AVG Rescue CD. The machine had AVG Internet Security 2011 installed. None of these scans seemed to find anything major, though at one point AVG showed a Sheur3.BULW warning.
I have attached a DDS log. Can anyone tell me if there is anything obviously wrong with my system?
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Gavin at 22:49:35.20 on 08/05/2011
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.510.153 [GMT 1:00]
.
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\eFilm\efPMNT.exe
C:\PROGRA~1\eFilm\efServer.exe
C:\PROGRA~1\eFilm\efDM.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\eFilm\efKillUC.exe
C:\PROGRA~1\eFilm\efDBM.exe
C:\PROGRA~1\eFilm\efUpM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\sj650\hpupdate.exe
C:\PROGRA~1\BTBROA~1\SMARTB~1\BTHelpNotifier.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Gavin\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.btbroadbandstart.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: eBay Toolbar Helper: {22d8e815-4a5e-4dfb-845e-aab64207f5bd} - c:\program files\ebay\ebay toolbar2\eBayTB.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
TB: eBay Toolbar: {92085ad4-f48a-450d-bd93-b28cc7df67ce} - c:\program files\ebay\ebay toolbar2\eBayTB.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
mRun: [DSLSTATEXE] c:\program files\bt voyager 105 adsl modem\dslstat.exe icon
mRun: [DSLAGENTEXE] c:\program files\bt voyager 105 adsl modem\dslagent.exe
mRun: [hp Update 3300C] c:\sj650\hpupdate.exe 3300C+
mRun: [Motive SmartBridge] c:\progra~1\btbroa~1\smartb~1\BTHelpNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [eBayToolbar] c:\program files\ebay\ebay toolbar2\eBayTBDaemon.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OUktTjJRS0EtVFhRUzgtRzBOVkEtQlVUUlMtRFdTNDY"&"inst=NzYtNzc2Njk3MjA1LVU5MCsxLVRQKzEtWE8zNisxLVRCOSsyLU4xRCsxLVBMKzktUUlYMSszLVNQMSsxLVNVRCsxLVMxSSsxLVNVMysx"&"prod=94"&"ver=10.0.1325
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\btbroa~1.lnk - c:\program files\bt broadband help\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pictur~2.lnk - c:\program files\sony corporation\picture package\picture package menu\SonyTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony corporation\picture package\picture package applications\Residence.exe
IE: eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows\system32\msjava.dll
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\www.update
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1304505479062
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} - hxxps://register.btinternet.com/templates/btwebcontrol028.cab
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\gavin\applic~1\mozilla\firefox\profiles\xd6j4skm.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4b011f66&v=6.103.018.001&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q=
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJPI142_03.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
============= SERVICES / DRIVERS ===============
.
R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [2011-5-8 18816]
R2 eFilmProcessManagerNT;eFilmProcessManager;c:\program files\efilm\efPMNT.exe [2006-10-14 24576]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\1f.tmp --> c:\windows\system32\1F.tmp [?]
.
=============== Created Last 30 ================
.
2011-05-08 21:52:42 47616 ----a-w- c:\windows\system32\dllcache\OLD933.tmp
2011-05-08 21:52:39 8320 ----a-w- c:\windows\system32\dllcache\OLD92F.tmp
2011-05-08 21:52:34 164586 ----a-w- c:\windows\system32\dllcache\OLD92B.tmp
2011-05-08 21:52:25 7424 ----a-w- c:\windows\system32\dllcache\OLD927.tmp
2011-05-08 21:52:21 65536 ----a-w- c:\windows\system32\dllcache\OLD923.tmp
2011-05-08 21:52:20 48768 ----a-w- c:\windows\system32\dllcache\OLD91F.tmp
2011-05-08 21:52:17 58880 ----a-w- c:\windows\system32\dllcache\OLD91B.tmp
2011-05-08 21:52:14 58368 ----a-w- c:\windows\system32\dllcache\OLD917.tmp
2011-05-08 21:52:10 22848 ----a-w- c:\windows\system32\dllcache\OLD913.tmp
2011-05-08 21:52:08 20864 ----a-w- c:\windows\system32\dllcache\OLD90F.tmp
2011-05-08 21:50:50 34688 ----a-w- c:\windows\system32\dllcache\OLD8D2.tmp
2011-05-08 21:49:59 5632 ----a-w- c:\windows\system32\dllcache\OLD873.tmp
2011-05-08 21:48:59 45109 ----a-w- c:\windows\system32\dllcache\OLD7D6.tmp
2011-05-08 21:47:58 702845 ----a-w- c:\windows\system32\dllcache\OLD761.tmp
2011-05-08 21:46:57 324608 ----a-w- c:\windows\system32\dllcache\OLD6FC.tmp
2011-05-08 21:45:59 82304 ----a-w- c:\windows\system32\dllcache\OLD69F.tmp
2011-05-08 21:44:58 27165 ----a-w- c:\windows\system32\dllcache\OLD645.tmp
2011-05-08 21:43:59 6400 ----a-w- c:\windows\system32\dllcache\OLD5B3.tmp
2011-05-08 21:42:58 91305 ----a-w- c:\windows\system32\dllcache\OLD50E.tmp
2011-05-08 21:41:58 175104 ----a-w- c:\windows\system32\dllcache\OLD44B.tmp
2011-05-08 21:40:48 13824 ----a-w- c:\windows\system32\dllcache\OLD2C4.tmp
2011-05-08 21:39:59 28672 ----a-w- c:\windows\system32\dllcache\OLD1AE.tmp
2011-05-08 21:38:46 32827 ----a-w- c:\windows\system32\dllcache\OLD79.tmp
2011-05-08 20:51:38 -------- d-sha-r- C:\cmdcons
2011-05-08 20:47:37 98816 ----a-w- c:\windows\sed.exe
2011-05-08 20:47:37 89088 ----a-w- c:\windows\MBR.exe
2011-05-08 20:47:37 256512 ----a-w- c:\windows\PEV.exe
2011-05-08 20:47:37 161792 ----a-w- c:\windows\SWREG.exe
2011-05-08 07:06:34 18816 ----a-w- c:\windows\system32\SAVRKBootTasks.sys
2011-05-07 20:16:41 -------- d-----w- c:\program files\Sophos
2011-05-07 17:34:26 -------- dc-h--w- c:\windows\ie8
2011-05-07 07:29:03 -------- d-----w- C:\Downloads
2011-05-07 06:30:33 -------- d-----w- c:\docume~1\gavin\applic~1\Malwarebytes
2011-05-07 06:30:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-07 06:30:17 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-05-07 06:30:11 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-07 06:30:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-06 21:00:48 -------- d-----w- c:\windows\EHome
2011-05-06 17:51:54 -------- d-----w- c:\docume~1\gavin\locals~1\applic~1\AVG Security Toolbar
2011-05-06 17:38:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-05-06 17:38:58 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-05-05 21:09:43 -------- d-sh--w- c:\documents and settings\gavin\IETldCache
2011-05-05 21:04:39 -------- d-----w- c:\windows\ie8updates
2011-05-05 21:00:48 12800 ----a-w- c:\windows\system32\dllcache\xpshims.dll
2011-05-05 21:00:44 247808 ----a-w- c:\windows\system32\dllcache\ieproxy.dll
2011-05-05 21:00:42 743424 ----a-w- c:\windows\system32\dllcache\iedvtool.dll
2011-05-05 07:36:30 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-05-05 07:36:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-05-04 16:58:30 -------- d-----w- c:\windows\system32\LogFiles
2011-05-04 14:17:42 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-05-04 12:55:25 7680 ----a-w- c:\windows\system32\spdwnwxp.exe
2011-05-04 10:23:08 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2011-05-04 10:22:59 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2011-05-04 10:22:45 61056 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2011-05-04 10:22:22 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2011-05-04 10:22:18 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2011-05-04 10:22:09 180360 ----a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2011-05-04 10:21:51 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-05-04 10:21:49 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2011-05-04 10:21:44 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2011-05-04 10:21:40 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2011-05-04 10:21:38 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2011-05-04 10:21:28 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2011-05-04 10:21:25 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2011-05-04 10:21:20 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2011-05-04 10:21:17 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2011-05-04 10:21:06 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2011-05-04 10:21:00 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2011-05-04 10:19:58 21888 ----a-w- c:\windows\system32\dllcache\mxcard.sys
2011-05-04 10:19:56 12672 ----a-w- c:\windows\system32\dllcache\mutohpen.sys
2011-05-04 10:19:55 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll
2011-05-04 10:19:51 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys
2011-05-04 10:19:50 452736 ----a-w- c:\windows\system32\dllcache\mtxparhm.sys
2011-05-04 10:19:49 1737856 ----a-w- c:\windows\system32\dllcache\mtxparhd.dll
2011-05-04 10:19:46 111104 ----a-w- c:\windows\system32\dllcache\mtstocom.exe
2011-05-04 10:19:44 1309184 ----a-w- c:\windows\system32\dllcache\mtlstrm.sys
2011-05-04 10:19:43 126686 ----a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2011-05-04 10:19:07 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys
2011-05-04 10:18:54 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
2011-05-04 10:18:20 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
2011-05-04 10:17:48 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2011-05-04 10:17:44 40960 ----a-w- c:\windows\system32\dllcache\msiregmv.exe
2011-05-04 10:17:43 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2011-05-04 10:17:42 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll
2011-05-04 10:17:06 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2011-05-04 10:17:00 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2011-05-04 10:16:52 51328 ----a-w- c:\windows\system32\dllcache\msdv.sys
2011-05-04 10:16:23 15360 ----a-w- c:\windows\system32\dllcache\mpe.sys
2011-05-04 10:15:44 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys
2011-05-04 10:15:42 7680 ----a-w- c:\windows\system32\dllcache\migregdb.exe
2011-05-04 10:15:40 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe
2011-05-04 10:15:33 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys
2011-05-04 10:15:29 235648 ----a-w- c:\windows\system32\dllcache\mgaud.dll
2011-05-04 10:15:28 92416 ----a-w- c:\windows\system32\dllcache\mga.sys
2011-05-04 10:15:28 92032 ----a-w- c:\windows\system32\dllcache\mga.dll
2011-05-04 10:15:18 26112 ----a-w- c:\windows\system32\dllcache\memstpci.sys
2011-05-04 10:15:13 47616 ----a-w- c:\windows\system32\dllcache\memgrp.dll
2011-05-04 10:15:09 8320 ----a-w- c:\windows\system32\dllcache\memcard.sys
2011-05-04 10:13:55 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys
2011-05-04 10:12:59 8704 ----a-w- c:\windows\system32\dllcache\kbdjpn.dll
2011-05-04 10:11:53 35328 ----a-w- c:\windows\system32\dllcache\iprip.dll
2011-05-04 10:10:57 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
2011-05-04 10:09:56 10129408 ----a-w- c:\windows\system32\dllcache\hwxkor.dll
2011-05-04 10:08:58 67167 ----a-w- c:\windows\system32\dllcache\hsf_bsc2.sys
2011-05-04 10:07:58 15104 ----a-w- c:\windows\system32\dllcache\hidir.sys
2011-05-04 10:06:55 442240 ----a-w- c:\windows\system32\dllcache\fpnpbase.sys
2011-05-04 10:05:59 45056 ----a-w- c:\windows\system32\dllcache\esunid.dll
2011-05-04 10:04:58 171520 ----a-w- c:\windows\system32\dllcache\el99xn51.sys
2011-05-04 10:03:54 29696 ----a-w- c:\windows\system32\dllcache\dm9pci5.sys
2011-05-04 10:02:58 7424 ----a-w- c:\windows\system32\dllcache\ddsmc.sys
2011-05-04 10:01:57 39936 ----a-w- c:\windows\system32\dllcache\cnxt1803.sys
2011-05-04 10:00:44 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2011-05-04 09:59:59 144384 ----a-w- c:\windows\system32\dllcache\avmenum.dll
2011-05-04 09:58:59 63663 ----a-w- c:\windows\system32\dllcache\ati1rvxx.sys
2011-05-04 09:57:59 48128 ----a-w- c:\windows\system32\dllcache\61883.sys
2011-05-04 09:57:58 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
2011-05-04 09:57:57 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
2011-05-04 09:57:57 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2011-05-04 09:57:56 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
2011-05-04 09:57:56 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
2011-05-04 09:57:53 53248 ----a-w- c:\windows\system32\dllcache\1394bus.sys
2011-05-04 09:57:18 16384 ----a-w- c:\windows\system32\dllcache\tcptsat.dll
2011-05-04 09:57:17 32827 ----a-w- c:\windows\system32\dllcache\tcptest.exe
2011-05-04 09:57:15 20536 ----a-w- c:\windows\system32\dllcache\shtml.dll
2011-05-04 09:57:15 16437 ----a-w- c:\windows\system32\dllcache\shtml.exe
2011-05-04 09:56:53 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
.
==================== Find3M ====================
.
.
============= FINISH: 22:57:51.10 ===============
Edit
Please DO NOT RUN ComboFix without being asked
