Jump to content

Basil

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Basil
    I meant to type "I was disappointed to find a file I thought suspect was passed as OK by a fresh and updated install of AVG Free, under a clean.......". Is there no way to edit posts? Cheers.
  2. Basil
    I was disappointed to find a file I thought suspect was passed as OK under a clean installation of XP Pro with all updates on from MS. I trusted it, ran the .exe file and got a terrible set of infections, the worst being that damned ping.exe virus and something eventually discovered to be Rootkit.ZeroAccess I thought I had rid of everything, then found I could no longer make Firefox my default browser, and was finding both blank and populated windows of IE8 launching. I need the laptop for work, and despite it being freshly loaded with a lot licenced automotive diagnostic stuff I decided to do a full (not quick) re format, and reinstall XP Pro from scratch. With no internet connection I then loaded the Recovery Console files from a virgin MS XP Pro CD, and ran fixMBR and the command to rebuild the boot sector, which I forget. I am now at the stage where I can start installing my applications again, or should I reinstall XP pro again, knowing (hoping...?) the boot sector and MBR are clean? What I also do not fully understand is if MBAM is an adequate standalone virus checker for viruses in general, or just for "malware" whatever that means, which I think could be different things to different people. I now find my trust in AVG (albeit it was only a currently updated free version) gone. If MBAM is not a sufficient tool for all round protection what should I be looking at please? Thanks. GREAT forum.
  3. Basil
    I believe my main PC and my laptop have contracted a virus. Both show ping.exe consum,ing more and more memory in Task Manager, and both randomly jump to unwanted internet sites in Firefox. I have up to date AVG Free on both, in fact the lap top is fresh install as of last night, trust me to get a virus so soon. OS in Windows XP Pro. I have also run the Malwarebytes Anti-Malware 1.5.2.1300 trial version on both PC's. I think the laptop may be clean, but this PC, my desktop bleeps constantly as it tries to contact suspicious sites and Anti-Malware keeps flagging successful stoppages. As requested I have run dds and show the DDS.txt below, and attach a zipped Attach.txt I use the PC's for work and am concerned what impact this may have, will do a full format /u if needed, I can't risk anything on these machines. Thanks, appreciate your time if you can have a look and advise, but I am not very PC literate I am afraid. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26 Run by Chris at 22:43:49 on 2011-12-22 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1919.882 [GMT 0:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe svchost.exe C:\Program Files\Kvaser\Drivers\kvenumsrv.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Wireless Keyboard Driver\LedStatusApp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe D:\VIDA1\VIDA\jdk\jre\bin\javaw.exe D:\VIDA1\VIDA\VidaMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe D:\VIDA1\VIDA\jdk\bin\java.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\System32\ping.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uInternet Settings,ProxyOverride = local mURLSearchHooks: H - No File BHO: AutorunsDisabled - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [WIRELESS-KB-LED-STATUS] c:\program files\wireless keyboard driver\LedStatusApp.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [VIDA eUpdate Launcher] d:\vida1\vida\jdk\jre\bin\javaw.exe -jar -dvida.home=%vida_home% d:\vida1\vida\eupdate\eUpdate.jar mRun: [VidaMonitor] d:\vida1\vida\VidaMonitor.exe mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVIMlctM1NYM0UtR0hHWDktQUZISjMtUFcyUU4tWjlLSDQ"&"inst=NzctNjI4NDY5Njg0LUZQOTIrNi1CQVI5RysxLVRCOSsyLUZMKzktWE8zNisxLUY5TTEwQSsxLUY5TTIrMS1GTDEwKzEtTElDKzEtRERUKzA"&"prod=90"&"ver=10.0.1382 dRunOnce: [RunNarrator] Narrator.exe StartupFolder: c:\docume~1\chris\startm~1\programs\startup\boscha~1.lnk - c:\bosch_pr\rbtskman\RBTSKMAN.EXE StartupFolder: c:\docume~1\chris\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\imaget~1.lnk - c:\program files\sony corporation\image transfer\SonyTray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe uPolicies-explorer: HideSCABattery = 1 (0x1) uPolicies-explorer: NoInstrumentation = 1 (0x1) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - c:\program files\winhttrack\WinHTTrackIEBar.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll LSP: mswsock.dll Trusted Zone: localhost DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{0EEB5AED-7C40-444B-8342-A204C85DACD9} : DhcpNameServer = 192.168.0.1 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\chris\application data\mozilla\firefox\profiles\fl6ooeof.default\ FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p= FF - plugin: c:\documents and settings\chris\application data\mozilla\firefox\profiles\fl6ooeof.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248] R2 adc200;Pico Technology ADC-200 Driver;c:\windows\system32\drivers\adc200.sys [2010-5-18 15360] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776] R2 CAN300;CAN300;c:\windows\system32\drivers\can300.sys [2010-1-2 10224] R2 hl_mull;hl_mull;c:\windows\system32\drivers\hl_mull.sys [2011-10-24 13184] R2 KvEnumSrv;Kvaser Network Enumerator Service;c:\program files\kvaser\drivers\KvEnumSrv.exe [2009-5-28 72208] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-22 366152] R2 MicroGuard;MicroGuard Copy Protection;c:\windows\system32\drivers\mgnt.sys [2011-10-20 40480] R2 MSSQL$MICROCATLIVE;SQL Server (MICROCATLIVE);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2010-12-10 29293408] R2 MSSQL$VIDA;SQL Server (VIDA);c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe [2010-12-10 29293408] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-5-19 2218600] R2 PortTalk;PortTalk;c:\windows\system32\drivers\porttalk.sys [2002-7-16 3567] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720] R3 kcanv;Kvaser Virtual CAN Driver;c:\windows\system32\drivers\kcanv.sys [2009-5-28 52016] R3 kvnetenum;Kvaser Network Enumerator;c:\windows\system32\drivers\kvnetenum.sys [2009-5-28 26672] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-22 22216] R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [2011-10-20 52312] R3 usbkey;USB Dongle;c:\windows\system32\drivers\Usbkey.sys [2011-8-19 35196] S2 AMService;AMService;c:\windows\temp\vlkmew\setup.exe run --> c:\windows\temp\vlkmew\setup.exe run [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1ca313b74d4aa6a;Google Update Service (gupdate1ca313b74d4aa6a);c:\program files\google\update\GoogleUpdate.exe [2009-9-9 133104] S3 em52x;EM52x driver for DATAMAN 520 series;c:\windows\system32\drivers\em52x.sys [2010-6-24 20584] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-9-14 36608] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-9-9 133104] S3 LfNtSp50;LfNtSp50 NDIS Protocol Driver;c:\windows\system32\drivers\LfNtSp50.SYS [2010-7-3 36216] S3 PLCND532;PLCND532 NDIS Protocol Driver;c:\windows\system32\drivers\PLCND532.sys [2010-12-6 26656] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-12-22 22:09:46 -------- d-----w- c:\documents and settings\chris\application data\Malwarebytes 2011-12-22 22:09:34 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-12-22 22:09:31 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-22 22:09:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-12-22 13:10:21 438976 ----a-w- c:\windows\system32\MSHFLXGD.OCX 2011-12-22 13:08:13 30863 ----a-w- c:\windows\system32\drivers\Jcae04_USBw32.sys 2011-12-22 13:06:58 -------- d-----w- C:\ConsultIII 2011-12-22 13:05:38 -------- d-----w- c:\program files\Nissan North America 2011-12-20 15:56:44 -------- d-----w- C:\Programme Files 2011-12-20 00:02:44 -------- d-sh--w- c:\documents and settings\chris\IECompatCache 2011-12-19 23:49:16 -------- dc-h--w- c:\windows\ie8 2011-12-18 10:59:21 -------- d-----w- C:\NLITE INI Files 2011-12-16 21:35:40 -------- d-----w- c:\documents and settings\chris\local settings\application data\PCHealth 2011-12-16 17:57:35 -------- d-----w- C:\Intel 2011-12-15 21:12:13 -------- d-----w- c:\program files\nLite 2011-12-13 15:02:21 -------- d-----w- C:\lj4000 2011-12-13 14:47:33 -------- d-----w- c:\documents and settings\chris\local settings\application data\Deployment 2011-12-13 13:17:39 -------- d-----w- C:\dell 2011-12-12 21:14:13 299464 ----a-w- c:\windows\system32\drivers\windrvr6.sys 2011-12-12 21:13:30 40960 ----a-w- c:\windows\system32\EasyScrollBarEx.ocx 2011-12-12 21:13:30 2335240 ----a-w- c:\windows\system32\cwui.ocx 2011-12-12 21:13:29 61440 ----a-w- c:\windows\system32\RCF.DLL 2011-12-12 21:13:29 421376 ----a-w- c:\windows\system32\CommX.ocx 2011-12-12 21:13:29 167936 ----a-w- c:\windows\system32\VtxComm.dll 2011-12-12 21:13:28 -------- d-----w- c:\program files\Toyota Diagnostics 2011-12-12 20:27:02 -------- d-----w- c:\program files\PowerISO 2011-12-11 00:15:18 -------- d-----w- c:\documents and settings\chris\application data\ITEDO 2011-12-10 23:41:34 -------- d-----w- c:\documents and settings\chris\local settings\application data\VIDA 2011-12-10 23:29:49 -------- d-----w- c:\documents and settings\chris\local settings\application data\assembly 2011-12-10 23:01:57 98304 ----a-w- c:\windows\system32\fdi.DLL 2011-12-10 23:01:57 81920 ----a-w- c:\windows\system32\fci.DLL 2011-12-10 23:01:57 57344 ----a-w- c:\windows\system32\libdb_java32.dll 2011-12-10 23:01:57 40517 ----a-w- c:\windows\system32\jRegistryKey.dll 2011-12-10 23:01:56 430080 ----a-w- c:\windows\system32\libdb32.dll 2011-12-10 23:01:56 278596 ----a-w- c:\windows\system32\vctdrive_vida.dll 2011-12-10 23:01:56 2560 ----a-w- c:\windows\system32\Invoke.dll 2011-12-10 23:01:56 184320 ----a-w- c:\windows\system32\vctdrive.dll 2011-12-10 22:58:58 -------- d-----w- c:\program files\ITEDO Software 2011-12-10 22:56:51 -------- d-----w- c:\program files\DiCE 2011-12-10 22:48:30 -------- d-----w- c:\program files\Volvo Cars 2011-12-10 22:44:18 -------- d-----w- C:\VIDA 2011-12-10 22:44:18 -------- d-----w- c:\program files\Volvo 2011-12-10 18:54:32 -------- d-----w- c:\documents and settings\chris\application data\FinalTorrent 2011-12-10 18:52:45 -------- d-----w- c:\program files\File Type Assistant 2011-12-10 18:52:29 -------- d-----w- c:\program files\FinalTorrent 2011-12-10 14:28:21 -------- d-----w- c:\documents and settings\chris\local settings\application data\PackageAware 2011-12-10 12:52:27 -------- d-----w- c:\program files\WinHex 2011-12-08 21:40:28 -------- d-----w- c:\windows\_ISTMP1.DIR 2011-12-08 21:40:28 -------- d-----w- C:\_ISTMP1.DIR 2011-12-08 21:34:18 58 ----a-w- c:\windows\hwendix.sys 2011-12-08 21:30:54 92672 ----a-w- c:\windows\system\RBSERIAL.DLL 2011-12-08 21:30:54 27632 ----a-w- c:\windows\system\CTL3DV2.DLL 2011-12-08 21:30:54 26112 ----a-w- c:\windows\system\CTL3D32.DLL 2011-12-08 21:30:54 211488 ----a-w- c:\windows\system\BWCC32.DLL 2011-12-08 21:30:54 187392 ----a-w- c:\windows\system\RBSER32.DLL 2011-12-08 21:30:54 -------- d-----w- C:\BOSCH_PR 2011-12-08 21:30:53 153600 ----a-w- c:\windows\system\AWN16.DLL 2011-12-06 12:53:44 -------- d-----w- c:\program files\common files\EZB Systems 2011-12-06 12:53:43 -------- d-----w- c:\program files\UltraISO 2011-12-05 09:46:38 -------- d-----w- c:\documents and settings\chris\application data\HpUpdate 2011-12-05 09:46:34 -------- d-----w- c:\windows\Hewlett-Packard 2011-12-03 01:24:10 -------- d-----w- c:\program files\Pico Technology 2011-11-24 19:58:18 -------- d-----w- c:\documents and settings\chris\application data\AVG 2011-11-23 23:48:12 -------- d-----w- c:\documents and settings\chris\application data\AVG2012 2011-11-23 23:46:51 -------- d-----w- c:\windows\system32\drivers\AVG 2011-11-23 23:46:50 -------- d-----w- c:\documents and settings\all users\application data\AVG2012 2011-11-23 17:42:51 388096 ----a-r- c:\documents and settings\chris\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2011-11-23 17:42:50 -------- d-----w- c:\program files\Trend Micro . ==================== Find3M ==================== . 2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys 2011-11-15 03:50:16 112096 ----a-w- c:\windows\system32\drivers\scdemu.sys 2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:23:59 385024 ------w- c:\windows\system32\html.iec 2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-11-01 11:27:07 37368 ----a-w- c:\windows\system32\drivers\LfNtMp50.SYS 2011-11-01 11:27:06 36216 ----a-w- c:\windows\system32\drivers\LfNtSp50.SYS 2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-25 13:33:08 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-25 12:52:03 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-20 21:11:18 52312 ----a-w- c:\windows\system32\drivers\stdriver32.sys 2011-10-20 20:13:22 6656 ----a-w- c:\windows\system32\haspvdd.dll 2011-10-20 20:13:22 47616 ----a-w- c:\windows\system32\drivers\Haspnt.sys 2011-10-20 20:13:22 383 ----a-w- c:\windows\system32\haspdos.sys 2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-10-07 08:07:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-07 06:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2011-10-04 06:21:42 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys 2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 10:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 10:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 10:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll . ============= FINISH: 22:44:02.92 =============== attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.