This virus refuses to leave my computer. I run spybot and the program claims the virus is fixed, but I can literally scan it a minute later and the Smitfraud-C.generic is back. Please help me remove this trojan from my pc permanently.
I have Windows 7, 64 on a Dell Inspiron
I also have Mcaffe, if that matters.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Shelby at 18:29:50 on 2012-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2186 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
-netsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120611170811.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\Users\Shelby\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{23ABA2C2-32B0-4CD4-A2A1-593D5A68FE43} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120611170811.dll
BHO-X64: scriptproxy - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-9 257224]
.
=============== Created Last 30 ================
.
2012-06-13 21:14:55 -------- d-----w- C:\Users\Shelby\AppData\Local\Adobe
2012-06-11 21:56:51 20480 ----a-w- C:\Windows\svchost.exe
2012-06-11 19:29:29 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-06-11 19:29:28 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-06-11 19:29:28 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-06-11 19:29:28 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-06-11 19:29:27 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-06-11 19:29:27 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-06-11 19:29:27 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-06-11 19:25:26 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-06-11 19:25:25 2566144 ----a-w- C:\Windows\System32\esent.dll
2012-06-11 19:25:25 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-06-11 19:25:25 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-06-11 19:25:25 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-06-11 19:25:24 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-06-11 19:25:24 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-06-11 19:25:24 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2012-06-11 19:25:23 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-06-11 19:25:23 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-06-11 19:25:22 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-06-11 18:55:04 -------- d-----w- C:\Windows\SysWow64\Wat
2012-06-11 18:55:04 -------- d-----w- C:\Windows\System32\Wat
2012-06-10 20:36:57 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2012-06-10 20:36:57 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2012-06-10 20:12:12 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2012-06-10 20:12:12 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2012-06-10 19:52:54 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-06-10 19:52:54 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2012-06-10 19:52:54 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2012-06-10 19:52:54 444752 ----a-w- C:\Windows\System32\mscoree.dll
2012-06-10 19:52:54 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-06-10 19:52:54 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-06-10 19:52:54 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2012-06-10 19:52:54 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-06-10 19:52:54 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-06-10 19:52:54 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2012-06-10 19:27:45 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2012-06-10 19:27:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-06-10 19:27:45 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-06-10 19:27:45 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-06-10 19:27:45 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-06-10 19:27:45 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-06-10 19:27:45 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-06-10 18:55:20 -------- d-----w- C:\Windows\PCHEALTH
2012-06-10 18:52:02 -------- d-----w- C:\Users\Shelby\AppData\Local\Microsoft Help
2012-06-10 17:48:56 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2012-06-10 17:46:44 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-06-10 17:46:44 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-06-10 17:46:43 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-06-10 17:46:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-06-10 17:46:31 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-06-10 17:46:31 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-06-10 17:46:26 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2012-06-10 17:46:25 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2012-06-10 17:46:25 2085376 ----a-w- C:\Windows\System32\ole32.dll
2012-06-10 17:46:24 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll
2012-06-10 17:46:00 2228224 ----a-w- C:\Windows\System32\mssrch.dll
2012-06-10 17:44:39 422912 ----a-w- C:\Windows\System32\secproc_isv.dll
2012-06-10 17:43:54 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-06-10 17:42:57 52224 ----a-w- C:\Windows\System32\rtutils.dll
2012-06-10 17:41:44 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2012-06-10 17:40:14 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-06-10 17:40:11 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-06-10 17:40:09 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2012-06-10 17:40:08 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2012-06-10 17:40:06 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2012-06-10 17:40:06 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2012-06-10 17:40:06 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2012-06-10 17:40:01 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2012-06-10 17:40:01 288256 ----a-w- C:\Windows\System32\MSNP.ax
2012-06-10 17:40:00 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-06-10 17:40:00 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2012-06-10 17:38:59 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-10 17:37:55 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2012-06-10 17:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2012-06-10 17:37:54 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2012-06-10 17:37:53 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2012-06-10 17:37:53 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2012-06-10 17:37:44 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2012-06-10 17:25:41 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2012-06-10 17:25:40 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2012-06-10 17:25:37 634368 ----a-w- C:\Windows\System32\msvcrt.dll
2012-06-10 17:25:36 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-06-10 17:25:33 112000 ----a-w- C:\Windows\System32\consent.exe
2012-06-10 17:25:30 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2012-06-10 17:25:24 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2012-06-10 17:25:24 331776 ----a-w- C:\Windows\System32\oleacc.dll
2012-06-10 17:25:23 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2012-06-10 17:25:23 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2012-06-10 17:25:16 723456 ----a-w- C:\Windows\System32\EncDec.dll
2012-06-10 17:25:15 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2012-06-10 17:24:55 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-06-10 17:24:55 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-06-10 17:24:13 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-06-10 17:24:05 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-06-10 17:24:05 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-10 17:24:04 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-10 17:24:04 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-06-10 17:24:03 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-06-10 17:23:57 720896 ----a-w- C:\Windows\System32\odbc32.dll
2012-06-10 17:23:56 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
2012-06-10 17:23:56 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2012-06-10 17:23:55 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2012-06-10 17:23:55 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2012-06-10 17:23:55 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2012-06-10 17:23:54 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2012-06-10 17:23:53 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2012-06-10 17:23:53 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2012-06-10 17:23:53 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2012-06-10 17:23:34 1739160 ----a-w- C:\Windows\System32\ntdll.dll
2012-06-10 17:23:33 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-06-10 17:19:56 77312 ----a-w- C:\Windows\System32\packager.dll
2012-06-10 17:19:55 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-06-10 13:05:44 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2012-06-10 13:05:44 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2012-06-10 07:15:54 -------- d-----w- C:\Windows\Panther
2012-06-10 07:15:25 -------- d-----w- C:\Windows\System32\oem
2012-06-10 06:49:54 -------- d-----w- C:\Windows.old
2012-06-10 03:12:00 -------- d-----w- C:\Users\Shelby\AppData\Local\Microsoft Games
2012-06-10 02:33:09 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-10 02:33:09 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-10 01:29:43 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-10 01:29:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-10 01:17:50 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-06-10 01:17:38 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-06-10 01:17:38 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-06-10 01:16:44 75936 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-06-10 01:16:44 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-06-10 01:16:44 487296 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-06-10 01:16:44 289664 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-06-10 01:16:44 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-06-10 01:16:44 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\McAfee.com
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\McAfee
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\Common Files\McAfee
2012-06-10 01:16:29 -------- d-----w- C:\Program Files (x86)\McAfee
2012-06-10 01:07:34 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-06-10 00:35:54 -------- d-----w- C:\Users\Shelby\AppData\Local\Diagnostics
2012-06-10 00:27:50 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7250C547-3BEC-4613-AECF-28596846A027}\mpengine.dll
2012-06-10 00:27:49 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-06-10 00:04:13 45056 ----a-r- C:\Users\Shelby\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2012-06-10 00:04:12 -------- d-----w- C:\Windows\SysWow64\vmm32
2012-06-10 00:04:12 -------- d-----w- C:\Program Files (x86)\Dell
2012-06-10 00:03:44 -------- d-sh--w- C:\Windows\Installer
2012-06-09 23:58:08 89088 ----a-w- C:\Windows\SysWow64\atl71.dll
2012-06-09 23:58:08 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-06-09 23:58:08 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-06-09 23:58:08 1060864 ----a-w- C:\Windows\SysWow64\MFC71.dll
2012-06-09 23:58:08 1047552 ----a-w- C:\Windows\SysWow64\MFC71u.dll
2012-06-09 23:56:07 139264 ----a-w- C:\Windows\System32\cabview.dll
2012-06-09 23:56:07 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2012-06-09 23:56:06 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-09 23:56:06 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-09 23:56:06 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-09 23:56:05 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-06-09 23:56:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-06-09 23:56:05 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-09 23:56:05 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-06-09 23:52:56 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-04-02 05:34:04 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-02 04:46:44 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-02 04:46:44 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-02 03:01:19 3143680 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 18:32:10.84 ===============
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Shelby at 18:29:50 on 2012-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2186 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
-netsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120611170811.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\Users\Shelby\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{23ABA2C2-32B0-4CD4-A2A1-593D5A68FE43} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120611170811.dll
BHO-X64: scriptproxy - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-9 257224]
.
=============== Created Last 30 ================
.
2012-06-13 21:14:55 -------- d-----w- C:\Users\Shelby\AppData\Local\Adobe
2012-06-11 21:56:51 20480 ----a-w- C:\Windows\svchost.exe
2012-06-11 19:29:29 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-06-11 19:29:28 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-06-11 19:29:28 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-06-11 19:29:28 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-06-11 19:29:27 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-06-11 19:29:27 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-06-11 19:29:27 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-06-11 19:25:26 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-06-11 19:25:25 2566144 ----a-w- C:\Windows\System32\esent.dll
2012-06-11 19:25:25 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-06-11 19:25:25 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-06-11 19:25:25 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-06-11 19:25:24 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-06-11 19:25:24 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-06-11 19:25:24 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2012-06-11 19:25:23 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-06-11 19:25:23 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-06-11 19:25:22 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-06-11 18:55:04 -------- d-----w- C:\Windows\SysWow64\Wat
2012-06-11 18:55:04 -------- d-----w- C:\Windows\System32\Wat
2012-06-10 20:36:57 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2012-06-10 20:36:57 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2012-06-10 20:12:12 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2012-06-10 20:12:12 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2012-06-10 19:52:54 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-06-10 19:52:54 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2012-06-10 19:52:54 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2012-06-10 19:52:54 444752 ----a-w- C:\Windows\System32\mscoree.dll
2012-06-10 19:52:54 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-06-10 19:52:54 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-06-10 19:52:54 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2012-06-10 19:52:54 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-06-10 19:52:54 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-06-10 19:52:54 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2012-06-10 19:27:45 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2012-06-10 19:27:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-06-10 19:27:45 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-06-10 19:27:45 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-06-10 19:27:45 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-06-10 19:27:45 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-06-10 19:27:45 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-06-10 18:55:20 -------- d-----w- C:\Windows\PCHEALTH
2012-06-10 18:52:02 -------- d-----w- C:\Users\Shelby\AppData\Local\Microsoft Help
2012-06-10 17:48:56 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2012-06-10 17:46:44 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-06-10 17:46:44 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-06-10 17:46:43 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-06-10 17:46:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-06-10 17:46:31 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-06-10 17:46:31 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-06-10 17:46:26 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2012-06-10 17:46:25 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2012-06-10 17:46:25 2085376 ----a-w- C:\Windows\System32\ole32.dll
2012-06-10 17:46:24 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll
2012-06-10 17:46:00 2228224 ----a-w- C:\Windows\System32\mssrch.dll
2012-06-10 17:44:39 422912 ----a-w- C:\Windows\System32\secproc_isv.dll
2012-06-10 17:43:54 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-06-10 17:42:57 52224 ----a-w- C:\Windows\System32\rtutils.dll
2012-06-10 17:41:44 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2012-06-10 17:40:14 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-06-10 17:40:11 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-06-10 17:40:09 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2012-06-10 17:40:08 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2012-06-10 17:40:06 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2012-06-10 17:40:06 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2012-06-10 17:40:06 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2012-06-10 17:40:01 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2012-06-10 17:40:01 288256 ----a-w- C:\Windows\System32\MSNP.ax
2012-06-10 17:40:00 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-06-10 17:40:00 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2012-06-10 17:38:59 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-10 17:37:55 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2012-06-10 17:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2012-06-10 17:37:54 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2012-06-10 17:37:53 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2012-06-10 17:37:53 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2012-06-10 17:37:44 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2012-06-10 17:25:41 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2012-06-10 17:25:40 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2012-06-10 17:25:37 634368 ----a-w- C:\Windows\System32\msvcrt.dll
2012-06-10 17:25:36 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-06-10 17:25:33 112000 ----a-w- C:\Windows\System32\consent.exe
2012-06-10 17:25:30 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2012-06-10 17:25:24 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2012-06-10 17:25:24 331776 ----a-w- C:\Windows\System32\oleacc.dll
2012-06-10 17:25:23 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2012-06-10 17:25:23 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2012-06-10 17:25:16 723456 ----a-w- C:\Windows\System32\EncDec.dll
2012-06-10 17:25:15 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2012-06-10 17:24:55 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-06-10 17:24:55 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-06-10 17:24:13 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-06-10 17:24:05 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-06-10 17:24:05 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-10 17:24:04 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-10 17:24:04 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-06-10 17:24:03 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-06-10 17:23:57 720896 ----a-w- C:\Windows\System32\odbc32.dll
2012-06-10 17:23:56 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
2012-06-10 17:23:56 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2012-06-10 17:23:55 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2012-06-10 17:23:55 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2012-06-10 17:23:55 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2012-06-10 17:23:54 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2012-06-10 17:23:53 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2012-06-10 17:23:53 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2012-06-10 17:23:53 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2012-06-10 17:23:34 1739160 ----a-w- C:\Windows\System32\ntdll.dll
2012-06-10 17:23:33 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-06-10 17:19:56 77312 ----a-w- C:\Windows\System32\packager.dll
2012-06-10 17:19:55 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-06-10 13:05:44 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2012-06-10 13:05:44 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2012-06-10 07:15:54 -------- d-----w- C:\Windows\Panther
2012-06-10 07:15:25 -------- d-----w- C:\Windows\System32\oem
2012-06-10 06:49:54 -------- d-----w- C:\Windows.old
2012-06-10 03:12:00 -------- d-----w- C:\Users\Shelby\AppData\Local\Microsoft Games
2012-06-10 02:33:09 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-10 02:33:09 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-10 01:29:43 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-10 01:29:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-10 01:17:50 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-06-10 01:17:38 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-06-10 01:17:38 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-06-10 01:16:44 75936 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-06-10 01:16:44 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-06-10 01:16:44 487296 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-06-10 01:16:44 289664 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-06-10 01:16:44 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-06-10 01:16:44 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\McAfee.com
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\McAfee
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\Common Files\McAfee
2012-06-10 01:16:29 -------- d-----w- C:\Program Files (x86)\McAfee
2012-06-10 01:07:34 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-06-10 00:35:54 -------- d-----w- C:\Users\Shelby\AppData\Local\Diagnostics
2012-06-10 00:27:50 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7250C547-3BEC-4613-AECF-28596846A027}\mpengine.dll
2012-06-10 00:27:49 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-06-10 00:04:13 45056 ----a-r- C:\Users\Shelby\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2012-06-10 00:04:12 -------- d-----w- C:\Windows\SysWow64\vmm32
2012-06-10 00:04:12 -------- d-----w- C:\Program Files (x86)\Dell
2012-06-10 00:03:44 -------- d-sh--w- C:\Windows\Installer
2012-06-09 23:58:08 89088 ----a-w- C:\Windows\SysWow64\atl71.dll
2012-06-09 23:58:08 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-06-09 23:58:08 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-06-09 23:58:08 1060864 ----a-w- C:\Windows\SysWow64\MFC71.dll
2012-06-09 23:58:08 1047552 ----a-w- C:\Windows\SysWow64\MFC71u.dll
2012-06-09 23:56:07 139264 ----a-w- C:\Windows\System32\cabview.dll
2012-06-09 23:56:07 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2012-06-09 23:56:06 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-09 23:56:06 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-09 23:56:06 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-09 23:56:05 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-06-09 23:56:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-06-09 23:56:05 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-09 23:56:05 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-06-09 23:52:56 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-04-02 05:34:04 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-02 04:46:44 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-02 04:46:44 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-02 03:01:19 3143680 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 18:32:10.84 ===============
I have the other DDS log also; if it is needed.
Thanks for your help in advance!