PDA

View Full Version : Vista antispyware 2012 - now Can't see any files



dfuser
2011-07-10, 22:13
I posted a number of days ago but didn't copy the DDS and attach the log file. Problem right now is that native zip support is not working so I will post using 7-zip on the attachment - hope this is OK.

I was attacked by Vista antispyware 2012 and had a number of messages saying my drives had failed, etc. Now I can't see any files but can pull up a file from the history in a particular program like MSWord.

I tried fixing the problem based on some online help. Computer and browsers are now working but I still can't see any files (except through a particular program history). If I save something else in a directory, that appears to be gone after reboot..but I believe it is still there.

See DDS and attachment.

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.6000.16982 BrowserJavaVersion: 1.6.0_22
Run by Evan at 13:52:29 on 2011-07-10
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.3326.1931 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: H - No File
uURLSearchHooks: FVDSearchHook Class: {6778613d-616b-4a6c-9856-65de943cf424} - c:\program files\fvd suite\addons\ie\FVDToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Open FVD Suite Toolbar: {2b171655-a69c-5c18-b693-6cb5dc269d44} - c:\program files\fvd suite\addons\ie\FVDToolbar.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: FVD Suite Toolbar: {2b171655-a69c-5c18-b693-6cb5dc269d41} - c:\program files\fvd suite\addons\ie\FVDToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [CreativeTaskScheduler] "c:\program files\creative\shared files\CTSched.exe" /logon
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi go pro\volume panel\VolPanlu.exe" /r
mRun: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\evan\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\evan\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
IE: Search - c:\program files\fvd suite\addons\ie\FVDToolbar.dll/IECONTEXT.DLL.HTM
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E5A0262F-6EC6-4144-8659-DC185482E05E} : DhcpNameServer = 192.168.1.1
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\evan\appdata\roaming\mozilla\firefox\profiles\qelryzhp.default\
FF - prefs.js: browser.search.selectedEngine - Google Custom Search
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-7-4 64512]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-6-20 2151640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-4 366640]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-7-9 1153368]
R3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2011-6-18 1254400]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-4 22712]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2011-6-18 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2011-6-18 79360]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-6-20 15232]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-7-4 39984]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-07-09 07:08:47 -------- d--h--w- c:\programdata\Spybot - Search & Destroy
2011-07-09 07:08:47 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-04 07:08:39 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-07-04 05:23:56 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-07-04 05:22:02 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-07-04 05:21:52 -------- d-----w- c:\program files\Lavasoft
2011-07-04 05:18:42 388096 ----a-r- c:\users\evan\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-07-04 05:18:41 -------- d-----w- c:\program files\Trend Micro
2011-07-04 05:12:32 -------- d--h--w- c:\users\evan\appdata\roaming\Malwarebytes
2011-07-04 05:12:26 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-04 05:12:26 -------- d--h--w- c:\programdata\Malwarebytes
2011-07-04 05:12:23 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-04 05:12:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-02 22:53:09 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-07-02 22:53:09 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-07-02 22:53:09 289792 ----a-w- c:\windows\system32\atmfd.dll
2011-07-02 22:53:09 24064 ----a-w- c:\windows\system32\lpk.dll
2011-07-02 22:53:09 156672 ----a-w- c:\windows\system32\t2embed.dll
2011-07-02 22:53:09 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-07-02 22:50:44 61440 ----a-w- c:\windows\system32\winipsec.dll
2011-07-02 22:50:44 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-07-02 22:50:44 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2011-07-02 22:50:44 272896 ----a-w- c:\windows\system32\polstore.dll
2011-07-02 22:50:07 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-07-02 22:50:07 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2011-07-02 22:49:31 87040 ----a-w- c:\windows\system32\msoert2.dll
2011-07-02 22:49:31 707072 ----a-w- c:\program files\common files\system\wab32.dll
2011-07-02 22:49:31 41984 ----a-w- c:\program files\windows mail\wabimp.dll
2011-07-02 22:49:31 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2011-07-02 22:49:31 2836992 ----a-w- c:\program files\windows mail\MSOERES.dll
2011-07-02 22:49:31 205824 ----a-w- c:\windows\system32\msoeacct.dll
2011-07-02 22:49:31 1614848 ----a-w- c:\program files\windows mail\msoe.dll
2011-07-02 22:49:31 1098752 ----a-w- c:\program files\common files\system\wab32res.dll
2011-07-02 22:49:29 397312 ----a-w- c:\program files\windows mail\WinMail.exe
2011-07-02 22:49:28 81408 ----a-w- c:\program files\windows mail\oeimport.dll
2011-07-02 22:49:28 24064 ----a-w- c:\program files\common files\system\DirectDB.dll
2011-07-02 22:47:50 194560 ----a-w- c:\windows\system32\WebClnt.dll
2011-07-02 22:47:50 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2011-07-02 22:47:17 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2011-07-02 22:47:17 502272 ----a-w- c:\windows\system32\wlansvc.dll
2011-07-02 22:47:17 47104 ----a-w- c:\windows\system32\wlanapi.dll
2011-07-02 22:47:17 297984 ----a-w- c:\windows\system32\wlansec.dll
2011-07-02 22:47:17 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2011-07-02 22:47:17 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2011-07-02 22:46:36 2048 ----a-w- c:\windows\system32\msxml6r.dll
2011-07-02 22:46:36 2048 ----a-w- c:\windows\system32\msxml3r.dll
2011-07-02 22:46:36 1406464 ----a-w- c:\windows\system32\msxml6.dll
2011-07-02 22:46:36 1260032 ----a-w- c:\windows\system32\msxml3.dll
2011-07-02 22:45:56 216576 ----a-w- c:\windows\system32\msv1_0.dll
2011-07-02 22:44:35 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-07-02 22:44:35 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-02 22:44:35 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-02 22:44:04 49664 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-02 22:44:04 376320 ----a-w- c:\windows\system32\winsrv.dll
2011-07-02 22:43:31 98816 ----a-w- c:\windows\system32\mfps.dll
2011-07-02 22:43:31 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2011-07-02 22:43:31 2855424 ----a-w- c:\windows\system32\mf.dll
2011-07-02 22:43:31 24576 ----a-w- c:\windows\system32\mfpmp.exe
2011-07-02 22:43:31 2048 ----a-w- c:\windows\system32\mferror.dll
2011-07-02 22:42:51 3502480 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-07-02 22:42:51 3468168 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-07-02 22:41:45 376832 ----a-w- c:\windows\system32\winhttp.dll
2011-07-02 22:41:09 71680 ----a-w- c:\windows\system32\atl.dll
2011-07-02 22:40:36 297472 ----a-w- c:\windows\system32\gdi32.dll
2011-07-02 22:38:37 374456 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2011-07-02 22:34:21 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2011-07-02 22:34:21 30208 ----a-w- c:\windows\system32\xolehlp.dll
2011-07-02 22:32:39 156160 ----a-w- c:\windows\system32\wkssvc.dll
2011-07-02 22:30:23 36352 ----a-w- c:\windows\system32\tsgqec.dll
2011-07-02 22:30:23 1871872 ----a-w- c:\windows\system32\mstscax.dll
2011-07-02 22:30:23 116736 ----a-w- c:\windows\system32\aaclient.dll
2011-07-02 22:19:43 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-07-02 22:18:40 414208 ----a-w- c:\windows\system32\msscp.dll
2011-07-02 22:18:12 86016 ----a-w- c:\windows\system32\icfupgd.dll
2011-07-02 22:18:12 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2011-07-02 22:18:12 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2011-07-02 22:18:12 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2011-07-02 22:18:11 61952 ----a-w- c:\windows\system32\cmifw.dll
2011-07-02 22:18:11 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2011-07-02 22:18:11 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2011-07-02 22:18:11 16896 ----a-w- c:\windows\system32\wfapigp.dll
2011-07-02 22:18:11 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2011-07-02 22:15:29 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-02 22:14:52 696832 ----a-w- c:\windows\system32\localspl.dll
2011-07-02 22:14:28 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2011-07-02 22:14:04 2923520 ----a-w- c:\windows\explorer.exe
2011-07-02 22:13:53 2565432 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-07-02 22:13:50 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c1c61665-a9db-4c8c-b8a4-cf9b1e8fd06e}\mpengine.dll
2011-07-02 22:13:50 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-07-02 22:13:01 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-07-02 22:12:31 72704 ----a-w- c:\windows\system32\secur32.dll
2011-07-02 22:12:31 494592 ----a-w- c:\windows\system32\kerberos.dll
2011-07-02 22:12:31 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-07-02 22:12:31 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-07-02 22:12:30 7680 ----a-w- c:\windows\system32\lsass.exe
2011-07-02 22:12:30 272384 ----a-w- c:\windows\system32\schannel.dll
2011-07-02 22:12:30 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2011-07-02 22:12:01 24064 ----a-w- c:\windows\system32\netcfg.exe
2011-07-02 21:56:03 83968 ----a-w- c:\windows\system32\mscories.dll
2011-07-02 21:56:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-07-02 21:43:56 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-07-02 21:43:56 94720 ----a-w- c:\windows\system32\logagent.exe
2011-07-02 21:43:33 765952 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-07-02 21:43:23 84480 ----a-w- c:\windows\system32\INETRES.dll
2011-07-02 21:43:23 737792 ----a-w- c:\windows\system32\inetcomm.dll
2011-07-02 21:43:03 60928 ----a-w- c:\windows\system32\msasn1.dll
2011-07-02 21:42:51 5120 ----a-w- c:\windows\system32\wmi.dll
2011-07-02 21:42:51 152576 ----a-w- c:\windows\system32\imagehlp.dll
2011-07-02 21:42:51 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2011-07-02 21:42:36 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2011-07-02 21:42:19 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-07-02 21:42:03 274432 ----a-w- c:\windows\system32\raschap.dll
2011-07-02 21:42:03 232960 ----a-w- c:\windows\system32\rastls.dll
2011-07-02 21:41:33 321536 ----a-w- c:\windows\system32\WSDApi.dll
2011-07-02 21:41:11 99840 ----a-w- c:\windows\system32\poqexec.exe
2011-07-02 21:41:03 633856 ----a-w- c:\windows\system32\user32.dll
2011-07-02 21:41:03 2026496 ----a-w- c:\windows\system32\win32k.sys
2011-07-02 21:40:32 750080 ----a-w- c:\windows\system32\qmgr.dll
2011-07-02 21:40:16 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-07-02 01:28:33 -------- d--h--w- c:\users\evan\appdata\roaming\OpenOffice.org
2011-07-02 01:19:07 -------- d-----w- c:\program files\OpenOffice.org 3
2011-07-02 01:18:41 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-02 00:58:50 -------- d--h--w- c:\users\evan\appdata\local\Apps
2011-07-02 00:51:40 -------- d-----w- c:\program files\omniformat
2011-06-22 07:07:30 -------- d--h--w- c:\users\evan\appdata\local\FVD Suite
2011-06-22 07:07:26 -------- d--h--w- c:\users\evan\appdata\roaming\FVDToolbar
2011-06-22 07:07:23 -------- d-----w- c:\program files\FVD Suite
2011-06-21 23:27:18 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-06-21 23:26:48 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-06-21 23:26:32 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-06-21 23:26:32 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-06-18 22:57:50 90112 ------w- c:\windows\Updreg.EXE
2011-06-18 22:57:23 73728 ----a-w- c:\windows\system32\CmdRtr.DLL
2011-06-18 22:57:23 181760 ----a-w- c:\windows\system32\APOMngr.DLL
2011-06-18 22:57:10 -------- d-----w- c:\program files\GSpot
2011-06-18 22:53:32 728576 ----a-w- c:\windows\system32\KSAPO32.dll
2011-06-18 22:53:32 631431 ----a-w- c:\windows\KSAIM32.exe
2011-06-18 22:53:32 196608 ----a-w- c:\windows\system32\KsDvInst.dll
2011-06-18 22:53:32 192512 ----a-w- c:\windows\system32\KSVSPI32.dll
2011-06-18 22:53:32 1254400 ----a-w- c:\windows\system32\drivers\ksaud.sys
2011-06-18 22:53:32 12344 ----a-w- c:\windows\system32\MixerDefault.reg
2011-06-18 22:53:31 47104 ----a-w- c:\windows\system32\KSPPLD32.dll
2011-06-18 22:53:31 104448 ----a-w- c:\windows\system32\SBAVMon.dll
2011-06-18 22:53:14 26768 ----a-r- c:\windows\ksaudENG.reg
2011-06-18 22:53:14 2630 ----a-r- c:\windows\MixerName.reg
2011-06-18 22:53:03 7062 ----a-w- c:\windows\system32\audiopid.vxd
2011-06-18 22:52:54 647872 ------w- c:\windows\system32\Mscomct2.ocx
2011-06-18 22:52:53 53248 ------w- c:\windows\Ctregrun.exe
2011-06-18 22:52:36 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-06-18 22:52:36 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-06-18 22:52:35 809560 ----a-r- c:\windows\system32\tmpAFCF.tmp
2011-06-18 22:52:34 809560 ----a-r- c:\windows\system32\tmpABF7.tmp
2011-06-18 22:52:33 2902493 ------w- c:\windows\system32\Sens_oal.dll
2011-06-18 22:52:11 -------- d-----w- c:\program files\common files\Creative Labs Shared
2011-06-18 22:51:08 -------- d-----w- c:\program files\Creative
2011-06-18 22:50:28 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2011-06-18 22:50:28 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2011-06-18 22:50:28 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-06-18 22:50:28 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2011-06-18 22:50:28 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2011-06-18 22:50:27 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2011-06-18 22:50:27 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2011-06-18 22:50:26 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2011-06-14 07:21:00 -------- d--h--w- c:\users\evan\appdata\local\Freemake
2011-06-14 07:16:59 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-06-14 07:16:59 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-06-14 07:16:58 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-06-14 07:16:58 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-14 07:16:58 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-06-14 07:16:03 -------- d-----w- c:\program files\Freemake
2011-06-14 07:10:14 -------- d-----w- c:\program files\common files\SWF Studio
2011-06-14 07:10:10 -------- d-----w- c:\program files\Riva
2011-06-14 07:06:16 -------- d--h--w- c:\users\evan\appdata\roaming\Sammsoft
2011-06-13 17:29:08 -------- d--h--w- c:\users\evan\appdata\roaming\FreeFileViewer
2011-06-13 17:26:55 -------- d-----w- c:\program files\File Type Assistant
2011-06-13 17:26:48 -------- d-sh--w- c:\windows\Installer
2011-06-13 17:26:45 -------- d-----w- c:\program files\FreeFileViewer
2011-06-13 17:19:47 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2011-06-13 17:19:47 25 ---ha-w- c:\windows\wpd99.drv
2011-06-13 17:19:47 249856 ----a-w- c:\windows\system32\pdfmona.dll
2011-06-13 17:19:47 -------- d--h--w- c:\programdata\pdf995
2011-06-13 17:19:15 -------- d-----w- c:\program files\pdf995
2011-06-13 01:41:01 -------- d-----w- c:\program files\ConvertHelper
2011-06-13 01:39:28 -------- d--h--w- c:\users\evan\dwhelper
.
==================== Find3M ====================
.
2011-07-02 22:52:03 832512 ----a-w- c:\windows\system32\wininet.dll
2011-07-02 22:52:03 72704 ----a-w- c:\windows\system32\admparse.dll
2011-07-02 22:52:03 52736 ----a-w- c:\windows\apppatch\iebrshim.dll
2011-07-02 22:52:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-07-02 22:52:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2011-07-02 22:52:00 389120 ----a-w- c:\windows\system32\html.iec
2011-07-02 22:51:59 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-02 22:51:58 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-02 22:51:57 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2011-07-02 22:51:56 56320 ----a-w- c:\windows\system32\iesetup.dll
2011-07-02 22:11:31 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2011-06-18 22:49:16 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 13:53:04.55 ===============

shelf life
2011-07-16, 20:07
hi dfuser,

Your post is a few days old. If you still need help simply reply back.