Jump to content

ChaosMastered

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by ChaosMastered

  1. Merged 2 post XP.SP3-Home desktop PC. While using Chrome, the initial issues appeared during a download(unexpected bundled product, seems to be Babylon toolbar). Impacted Chrome, where initially the icon changed. While attempting to 'fix', each effort seemed to spawn additional problems. At first I only noticed browser redirects to the Babylon search. Then things got worse. Ran Avast and MB. PC hung up/stalled, then logged me out and required a "User" login. I do not have a Guest account setup so it appeared the malware was intercepting my privledges and password. It also forced an Admin password to access the secure wireless network. After running above, the PC seemed to retract more & more Admin privledges from me. Sys32 or Temp files "not accessible", etc. When I run GMER in normal mode, the full scan runs. But when I click Save, the computer reboots. Running GMER again in safe mode(not complete as of this post) I have MB, OT, DDS, aswMBR outputs. If you prefer another scan type, please advise and I wil post here. My 2nd device, Win7 laptop, is in SafeMode as it seems to have inherited this issue through the wireless network. As I need the laptop to access internet, let's fix the XP first. Thanks in advance for your expert guidance here. 070512|Midnight: Updating ticket w DDS details. Of note, I tried GMER in Safe Mode; it ran to completion but when I hit Copy or Save, the #*$&*$ gave errors indicating insufficient space, no access to blah blah blah. Although I have backups of data & some programs, I am certain it is incomplete. I hesitate to put the NAS back on the network in case it gets hit with this problem. Your early assistance is welcomed!! ~chaosmastered __________________________________________________ . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27 Run by user at 9:51:25 on 2012-07-04 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1099 [GMT -5:00] . AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\BBSvc.EXE C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe C:\Program Files\FarStone\DriveClone\Client\Efb\FBPAgent.exe C:\Program Files\FarStone\DriveClone\Client\cbp\DCSchdler.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\WINDOWS\system32\svchost.exe -k HPService C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe C:\Program Files\FarStone\DriveClone\Client\DCNTranProc.exe C:\Program Files\iTivity\bin\rfbd.exe C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe C:\WINDOWS\system32\vmnat.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\vmnetdhcp.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Business-in-a-Box\BIBLauncher.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\ePad995\ePad995.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\PrintKey2000\Printkey2000.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\D-Link\SharePort Utility\Connect.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\taskmgr.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://todoist.com/app?v=6#start uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - No File BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No File BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: {D5233FCD-D258-4903-89B8-FB1568E7413D} - No File BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [QuickenBillminder] c:\program files\quicken\Billmind.exe -startup uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [bIBLauncher] c:\program files\business-in-a-box\BIBLauncher.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [GoogleChromeAutoLaunch_CC3BFD97C321DE64D73DD83160F90AC3] "c:\documents and settings\user\local settings\application data\google\chrome\application\chrome.exe" --no-startup-window mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [NVMixerTray] "c:\program files\nvidia corporation\nvmixer\NVMixerTray.exe" mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime StartupFolder: c:\docume~1\user\startm~1\programs\startup\sharep~1.lnk - c:\program files\d-link\shareport utility\Connect.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epad995.lnk - c:\program files\epad995\ePad995.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\printk~1.lnk - c:\program files\printkey2000\Printkey2000.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll Trusted Zone: chartlinks.com\portal DPF: {03A89EFD-E023-8600-A22D-45F77558EB4C} - hxxp://content.ilinc.com/clientdownload/download/ilinci86.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab DPF: {6EEFD7B1-B26C-440D-B55A-1EC677189F30} - hxxps://portal.chartlinks.com/NELX.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} - hxxps://www1.gotomeeting.com/default/applets/g2mdlax.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E001C731-5E37-4538-A5CB-8168736A2360} - hxxp://quickscan.bitdefender.com/cab/ActiveQscan.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{2E0B085B-3882-415B-81E2-F908D4FC844F} : DhcpNameServer = 192.168.1.1 Notify: PCANotify - PCANotify.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\q721body.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:\documents and settings\user\application data\mozilla\plugins\npoff.dll FF - plugin: c:\documents and settings\user\application data\mozilla\plugins\npwbe.dll FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false ============= SERVICES / DRIVERS =============== . R0 dcsnap;dcsnap;c:\windows\system32\drivers\dcsnap.sys [2011-9-16 86168] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-24 721000] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-4 353688] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2010-3-29 98392] R1 SWIPsec;SonicWALL IPsec Driver;c:\windows\system32\drivers\SWIPsec.sys [2012-1-5 87064] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-4 21256] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-4 44808] R2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176] R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648] R2 D-Link SharePort Helper;D-Link SharePort Helper;c:\program files\d-link\shareport utility\Spnuhelper.exe [2011-9-16 40960] R2 FBAgent;File Backup Agent;c:\program files\farstone\driveclone\client\efb\FBPAgent.exe [2011-9-16 86016] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-10-28 54760] R2 SWGVCSvc;SonicWALL Global VPN Client Service;c:\program files\sonicwall\sonicwall global vpn client\SWGVCSvc.exe [2009-3-6 227352] R2 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2011-9-16 246920] R2 Tran_Process_Proc;DCNTranProc;c:\program files\farstone\driveclone\client\DCNTranProc.exe [2009-11-26 77824] R2 tridiavnc;Tridia Screen Server;c:\program files\itivity\bin\rfbd.exe [2008-9-3 434176] R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2012-4-24 1714176] R3 SSLDrv;SSL-VPN NetExtender Adapter;c:\windows\system32\drivers\SSLDrv.sys [2008-2-4 20504] S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?] S1 DCDisk;DCDisk; [x] S1 efbDisk;efbDisk; [x] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 DCScheduler;DCScheduler;c:\program files\farstone\driveclone\client\cbp\DCSchdlerSRVC.exe [2011-9-16 104976] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-5 250056] S3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\FarMntIo.sys [2011-9-16 13184] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2011-8-15 1361288] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-27 129976] S3 MSSQL$ACT7;SQL Server (ACT7);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2010-12-10 29293408] S3 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2009-12-16 188736] S3 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2009-12-16 65856] S3 SWVNIC;SonicWALL Virtual Miniport;c:\windows\system32\drivers\SWVNIC.sys [2009-3-4 21016] S3 TridiaFTPServer;TridiaFTP Server;c:\program files\itivity\bin\ftpd.exe [2008-9-3 536640] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128] S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-10 369688] . =============== File Associations =============== . .txt=UltraEdit.txt . =============== Created Last 30 ================ . 2012-06-28 04:02:25 -------- d-----w- c:\documents and settings\user\local settings\application data\Microsoft_Corporation 2012-06-27 21:09:18 359744 ----a-w- c:\documents and settings\all users\application data\microsoft\vstahost\ssis_scriptcomponent\9.0\1033\ResourceCache.dll 2012-06-27 21:09:00 359744 ----a-w- c:\documents and settings\all users\application data\microsoft\vstahost\ssis_scripttask\9.0\1033\ResourceCache.dll 2012-06-27 16:04:55 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-06-27 16:04:49 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe 2012-06-27 16:04:49 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe 2012-06-13 22:57:03 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-06 23:13:41 -------- d-----w- c:\documents and settings\all users\application data\VS . ==================== Find3M ==================== . 2012-06-28 12:52:37 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-06-28 12:52:20 41224 ----a-w- c:\windows\avastSS.scr 2012-06-27 18:59:51 59 ----a-w- c:\windows\wpd99.drv 2012-06-25 12:55:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-25 12:55:16 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-02 20:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 20:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 20:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 20:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 20:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 20:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 20:18:58 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 20:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec 2012-05-04 13:12:30 2192640 ------w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2069120 ------w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-19 01:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-19 01:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts 2007-06-28 20:40:59 33272460 -c--a-w- c:\program files\pcAnywhere_12_1_MarketingTrialware.exe . ============= FINISH: 9:53:14.06 =============== attach_070412V.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.