Jump to content

longlost

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Attach and Ark files attached as compressed files. Log from software: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5406 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 12/28/2010 1:31:18 PM mbam-log-2010-12-28 (13-31-18).txt Scan type: Quick scan Objects scanned: 158744 Time elapsed: 2 minute(s), 41 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: c:\Users\lisa lafontaine\AppData\Roaming\microsoft\Windows\start menu\Programs\HDD Low (Rogue.HDDLow) -> Quarantined and deleted successfully. Files Infected: c:\Users\lisa lafontaine\Desktop\HDD Low.lnk (Rogue.HDDLow) -> Quarantined and deleted successfully. c:\Users\lisa lafontaine\AppData\Roaming\microsoft\Windows\start menu\Programs\HDD Low\HDD Low.lnk (Rogue.HDDLow) -> Quarantined and deleted successfully. c:\Users\lisa lafontaine\AppData\Roaming\microsoft\Windows\start menu\Programs\HDD Low\uninstall hdd low.lnk (Rogue.HDDLow) -> Quarantined and deleted successfully. DDS log: DDS (Ver_10-12-12.02) - NTFS_AMD64 Run by Lisa LaFontaine at 13:37:25.88 on Tue 12/28/2010 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4029.2527 [GMT -5:00] AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Online Armor Firewall *Enabled* {5841EF60-F43F-AE8D-642F-D79F12883626} ============== Running Processes =============== C:\windows\system32\wininit.exe C:\Program Files (x86)\AVG\AVG9\avgchsva.exe C:\Program Files (x86)\AVG\AVG9\avgrsa.exe C:\windows\system32\lsm.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\WLANExt.exe C:\windows\system32\conhost.exe C:\Program Files (x86)\Online Armor\OAcat.exe C:\Program Files (x86)\Online Armor\oasrv.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\taskhost.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\windows\system32\igfxsrvc.exe C:\Program Files (x86)\Lenovo\Energy Management\utility.exe C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe C:\Program Files\Conexant\SAII\SmartAudio.exe C:\Users\Lisa LaFontaine\AppData\Local\Temp\1991165.exe C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Kaseya\Agent\KaUsrTsk.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe C:\Program Files (x86)\Kaseya\Agent\AgentMon.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Online Armor\OAhlp.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG9\avgnsa.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\system32\SearchIndexer.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\windows\system32\DllHost.exe C:\Program Files (x86)\Online Armor\oaui.exe C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Users\Lisa LaFontaine\Desktop\avira_antivir_personal_en.exe C:\Users\Lisa LaFontaine\Desktop\Defogger.exe C:\windows\system32\conhost.exe C:\windows\system32\taskeng.exe C:\Users\Lisa LaFontaine\Desktop\dds.scr C:\windows\system32\conhost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll uURLSearchHooks: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files (x86)\BitZipperSearch\tbBitZ.dll mURLSearchHooks: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files (x86)\BitZipperSearch\tbBitZ.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files (x86)\BitZipperSearch\tbBitZ.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files (x86)\BitZipperSearch\tbBitZ.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [Google Update] "C:\Users\Lisa LaFontaine\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [1991165] C:\Users\LISALA~1\AppData\Local\Temp\1991165.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [ideaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe mRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe mRun: [KASHBLCDG923506990170007] "C:\Program Files (x86)\Kaseya\Agent\KaUsrTsk.exe" mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {B80CD4E6-5B02-4B6C-99BE-68F1511E9549} - hxxp://plugin.slingbox.com/downloads/pc/1.4.0.88/WebSlingPlayer.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File TB-X64: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB-X64: {97BCEB59-CFCD-4B16-A863-B3F72CF9F196} - No File TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File mRun-x64: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe mRun-x64: [igfxTray] C:\windows\system32\igfxtray.exe mRun-x64: [HotKeysCmds] C:\windows\system32\hkcmd.exe mRun-x64: [Persistence] C:\windows\system32\igfxpers.exe mRun-x64: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t mRun-x64: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe mRun-x64: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe mRun-x64: [@OnlineArmor GUI] "C:\Program Files (x86)\Online Armor\oaui.exe" AppInit_DLLs-X64: avgrssta.dll ================= FIREFOX =================== FF - ProfilePath - C:\Users\LISALA~1\AppData\Roaming\Mozilla\Firefox\Profiles\t9dtnxrd.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1304867&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.nytimes.com/ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4bb4909f&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q= FF - component: C:\Program Files (x86)\AVG\AVG9\Firefox\components\avgssff.dll FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Lisa LaFontaine\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Users\Lisa LaFontaine\AppData\Roaming\Mozilla\Firefox\Profiles\t9dtnxrd.default\extensions\support@ancestry.com\plugins\npImgCtl.dll FF - plugin: C:\Users\Lisa LaFontaine\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Lisa LaFontaine\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} FF - Ext: Ancestry.com Advanced Image Viewer: support@ancestry.com - %profile%\extensions\support@ancestry.com FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG9\Firefox FF - Ext: AVG Security Toolbar em:version=6.010.006.004 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared ============= SERVICES / DRIVERS =============== R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2010-2-17 269904] R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2010-2-17 35536] R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2010-2-17 317520] R1 funfrm;funfrm;C:\Windows\System32\drivers\funfrm.sys [2010-1-5 58896] R1 OADevice;OADriver;C:\Windows\SysWOW64\drivers\OADriver.sys [2010-12-28 54864] R1 oahlpXX;Online Armor helper driver;C:\Windows\SysWOW64\drivers\oahlp64.sys [2010-12-28 54896] R1 OAmon;OAmon;C:\Windows\SysWOW64\drivers\OAmon.sys [2010-12-28 37872] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-7-20 308136] R2 DDNIMSGService;DDNIMSGService;C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-10-13 171872] R2 DDNIService;DDNIService;C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe [2010-10-13 163680] R2 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152] R2 KABLCDG923506990170007;Kaseya Agent;C:\Program Files (x86)\Kaseya\Agent\AgentMon.exe [2010-1-15 806912] R2 OAcat;Online Armor Helper Service;C:\Program Files (x86)\Online Armor\oacat.exe [2010-12-28 380784] R2 SvcOnlineArmor;Online Armor;C:\Program Files (x86)\Online Armor\oasrv.exe [2010-12-28 3652696] R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\Windows\System32\drivers\AcpiVpc.sys [2010-1-5 26128] R3 KAPFA;KAPFA;C:\Windows\System32\drivers\kapfa.sys [2010-1-15 31672] R3 OAnet;OnlineArmor Service;C:\Windows\System32\drivers\OAnet.sys [2010-12-28 32728] R3 wdmirror;wdmirror;C:\Windows\System32\drivers\WDMirror.sys [2010-1-5 11280] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-15 136176] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?] S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-4-1 517448] S3 Bridge0;Bridge0;C:\Windows\System32\drivers\WDBridge.sys [2010-1-5 79376] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-10 270848] S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-1-5 509192] S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-1-5 579400] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-28 1255736] S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2009-7-21 121840] =============== Created Last 30 ================ 2010-12-28 14:09:24 -------- d-----w- C:\Users\LISALA~1\AppData\Roaming\OnlineArmor 2010-12-28 14:09:24 -------- d-----w- C:\PROGRA~3\OnlineArmor 2010-12-28 14:09:00 54896 ----a-w- C:\windows\SysWow64\drivers\oahlp64.sys 2010-12-28 14:08:59 54864 ----a-w- C:\windows\SysWow64\drivers\OADriver.sys 2010-12-28 14:08:59 37872 ----a-w- C:\windows\SysWow64\drivers\OAmon.sys 2010-12-28 14:08:59 32728 ----a-w- C:\windows\System32\drivers\OAnet.sys 2010-12-28 14:08:56 -------- d-----w- C:\Program Files (x86)\Online Armor 2010-12-28 11:43:52 -------- d-----w- C:\Program Files (x86)\File Shredder 2010-12-28 00:29:20 462848 ----a-w- C:\PROGRA~3\LspMBKEoGvhkKTO.exe 2010-12-28 00:29:20 416256 ----a-w- C:\PROGRA~3\qqqDFyMghYikIev.dll ==================== Find3M ==================== 2010-12-20 23:08:40 24152 ----a-w- C:\windows\System32\drivers\mbam.sys 2010-11-04 06:35:53 1194496 ----a-w- C:\windows\System32\wininet.dll 2010-11-04 06:31:34 57856 ----a-w- C:\windows\System32\licmgr10.dll 2010-11-04 05:52:17 978944 ----a-w- C:\windows\SysWow64\wininet.dll 2010-11-04 05:48:36 44544 ----a-w- C:\windows\SysWow64\licmgr10.dll 2010-11-04 05:16:14 482816 ----a-w- C:\windows\System32\html.iec 2010-11-04 04:41:26 386048 ----a-w- C:\windows\SysWow64\html.iec 2010-11-04 04:35:37 1638912 ----a-w- C:\windows\System32\mshtml.tlb 2010-11-04 04:08:54 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb 2010-11-02 05:18:17 524288 ----a-w- C:\windows\System32\wmicmiplugin.dll 2010-11-02 05:17:38 473600 ----a-w- C:\windows\System32\taskcomp.dll 2010-11-02 05:17:38 1169408 ----a-w- C:\windows\System32\taskschd.dll 2010-11-02 05:16:53 1114624 ----a-w- C:\windows\System32\schedsvc.dll 2010-11-02 05:10:47 464384 ----a-w- C:\windows\System32\taskeng.exe 2010-11-02 05:10:32 285696 ----a-w- C:\windows\System32\schtasks.exe 2010-11-02 04:40:36 496128 ----a-w- C:\windows\SysWow64\taskschd.dll 2010-11-02 04:40:36 305152 ----a-w- C:\windows\SysWow64\taskcomp.dll 2010-11-02 04:34:44 192000 ----a-w- C:\windows\SysWow64\taskeng.exe 2010-11-02 04:34:33 179712 ----a-w- C:\windows\SysWow64\schtasks.exe 2010-10-27 05:06:22 2048 ----a-w- C:\windows\System32\tzres.dll 2010-10-27 04:32:36 2048 ----a-w- C:\windows\SysWow64\tzres.dll 2010-10-20 05:20:01 46080 ----a-w- C:\windows\System32\atmlib.dll 2010-10-20 04:54:18 34304 ----a-w- C:\windows\SysWow64\atmlib.dll 2010-10-20 03:09:15 3124224 ----a-w- C:\windows\System32\win32k.sys 2010-10-20 03:05:46 367104 ----a-w- C:\windows\System32\atmfd.dll 2010-10-20 02:58:41 294400 ----a-w- C:\windows\SysWow64\atmfd.dll 2010-10-16 05:23:13 112000 ----a-w- C:\windows\System32\consent.exe 2010-10-16 05:19:41 395776 ----a-w- C:\windows\System32\webio.dll 2010-10-16 04:36:10 314368 ----a-w- C:\windows\SysWow64\webio.dll ============= FINISH: 13:43:09.01 =============== ark.zip Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.