Jump to content

Markrt

Members
  • Posts

    8
  • Joined

  • Last visited

Everything posted by Markrt

  1. That did the trick. Thanks a lot for your help.
  2. By the way, I have McAfee total protection. It can't be completely switched off but I looked around on their forums and found out that I could disable real-time scanning to stop it interfering with other programs so I did that. Is that ok? I turned it back on after combofix was finished.
  3. My computer seems to be working fine now. When i tried to uninstall combofix, it came up with a window and a list of files that said "extracting" next to them and my antivirus (mcafee) said there was an unwanted program. I wasn't sure what to do here. Combofix is still there Also, I don't think I downloaded OTL. Should I get that? And can I turn defogger off now? thanks
  4. Here is the esetscan log. Looks like it found a couple of things C:\ProgramData\ReviverSoft\Registry Reviver\InstallCache\{05B64610-ED45-40AC-89A3-507F6B6A25B9}\Registry Reviver.msi a variant of Win32/SlowPCfighter application deleted - quarantined C:\Users\GOODKELL\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\78b51b5b-1897c668 probably a variant of Java/TrojanDownloader.Agent.AB trojan deleted - quarantined Anyway, its quite late so i think I'll be going to sleep. Will check back in tomorrow. Thanks.
  5. Thank you very much. I accidentally installed the reader before deleting the old version, but it looks like the older version was overwritten. I also have adobe flash player 10 and adobe air. Adobe air was installed in 09 so I guess it's pretty old. Should I delete? here is the MBAM log (updated) Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Database version: 7062 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 11/07/2011 1:38:07 AM mbam-log-2011-07-11 (01-38-07).txt Scan type: Quick scan Objects scanned: 171012 Time elapsed: 5 minute(s), 12 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) No strange behaviour at the moment. Thanks again!
  6. Here is the combofix log. Thanks again ComboFix 11-07-10.02 - GOODKELL 11/07/2011 0:38.2.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.61.1033.18.3582.1985 [GMT 10:00] Running from: c:\users\GOODKELL\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2011-06-10 to 2011-07-10 ))))))))))))))))))))))))))))))) . . 2011-07-10 14:45 . 2011-07-10 14:46 -------- d-----w- c:\users\GOODKELL\AppData\Local\temp 2011-07-10 14:45 . 2011-07-10 14:45 -------- d-----w- c:\users\Shared documents\AppData\Local\temp 2011-07-10 14:45 . 2011-07-10 14:45 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-07-10 14:45 . 2011-07-10 14:45 -------- d-----w- c:\users\Mark\AppData\Local\temp 2011-07-10 14:45 . 2011-07-10 14:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-10 03:00 . 2011-07-10 03:00 -------- d-----w- c:\program files\Common Files\Java 2011-07-09 13:45 . 2011-07-09 13:45 -------- d-----w- c:\users\GOODKELL\AppData\Roaming\mirkes.de 2011-07-08 15:47 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE0CA5CC-2A93-4757-B451-EEA1D7014414}\mpengine.dll 2011-06-29 04:37 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll 2011-06-27 13:36 . 2011-06-27 13:36 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-27 13:36 . 2011-06-27 13:36 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-25 02:02 . 2008-11-10 01:41 32656 ----a-w- c:\windows\system32\msonpmon.dll 2011-06-25 02:02 . 2006-10-26 09:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll 2011-06-25 02:00 . 2011-06-25 02:00 -------- d-----w- c:\users\GOODKELL\AppData\Local\Microsoft Help 2011-06-17 18:08 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2011-06-17 18:08 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-06-17 18:08 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-06-17 17:33 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-06-17 17:33 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys 2011-06-17 17:33 . 2011-04-29 13:25 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-06-17 17:33 . 2011-04-29 13:25 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-06-17 17:29 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll 2011-06-17 17:27 . 2011-05-02 17:16 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-17 17:27 . 2011-04-29 13:24 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-06-17 17:27 . 2011-04-29 13:24 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-06-17 17:27 . 2011-04-29 13:24 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-06-17 17:27 . 2011-05-02 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-06-14 14:08 . 2011-06-14 14:08 -------- d-----w- c:\program files\iPod 2011-06-14 14:08 . 2011-06-14 14:09 -------- d-----w- c:\program files\iTunes . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-11 12:24 . 2011-05-14 12:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-28 23:11 . 2010-04-14 17:09 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-28 23:11 . 2010-04-14 17:09 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-24 09:14 . 2009-10-02 16:36 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-15 13:18 . 2011-05-15 13:18 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-05-15 13:18 . 2011-05-15 13:18 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-05-15 13:18 . 2011-05-15 13:18 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-05-15 13:18 . 2011-05-15 13:18 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-05-15 13:18 . 2011-05-15 13:18 161792 ----a-w- c:\windows\system32\msls31.dll 2011-05-15 13:18 . 2011-05-15 13:18 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-05-15 13:18 . 2011-05-15 13:18 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-05-15 13:18 . 2011-05-15 13:18 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-05-15 13:18 . 2011-05-15 13:18 367104 ----a-w- c:\windows\system32\html.iec 2011-05-15 13:18 . 2011-05-15 13:18 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-05-15 13:18 . 2011-05-15 13:18 152064 ----a-w- c:\windows\system32\wextract.exe 2011-05-15 13:18 . 2011-05-15 13:18 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-05-15 13:18 . 2011-05-15 13:18 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-05-15 13:18 . 2011-05-15 13:18 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-05-15 13:18 . 2011-05-15 13:18 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-05-15 13:18 . 2011-05-15 13:18 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-05-15 13:18 . 2011-05-15 13:18 11776 ----a-w- c:\windows\system32\mshta.exe 2011-05-15 13:18 . 2011-05-15 13:18 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-05-15 13:18 . 2011-05-15 13:18 101888 ----a-w- c:\windows\system32\admparse.dll 2011-05-03 18:52 . 2010-10-04 07:30 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-06-27 13:36 . 2011-05-06 15:09 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-10-13 12:28 . 2010-01-27 12:29 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK] @="{3c3f3c1a-9153-7c05-f938-622e7003894d}" [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}] 2010-01-08 12:39 2872632 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2] @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}" [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}] 2010-01-08 12:39 2872632 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3] @="{b4caf489-1eec-c617-49ad-8d7088598c06}" [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}] 2010-01-08 12:39 2872632 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-07-04 2424192] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "F.lux"="c:\users\GOODKELL\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-27 570664] "RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6266880] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-09 13785632] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-13 37888] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-05-02 1306216] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 937920] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . c:\users\GOODKELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Online Backup Status.lnk - c:\program files\McAfee Online Backup\MOBKstat.exe [2010-1-8 3046200] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-12 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 04:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys] @="FSFilter System Recovery" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-03-13 85984] R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-04-03 503808] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-04-09 12872] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 McPvDrv;McPvDrv; [x] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-03-13 64648] S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-03-13 163400] S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-01-08 54776] S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-04-09 12872] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-05-26 67656] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-03-13 159832] S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-03-13 148520] S2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [2010-01-08 230712] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\System32\nvSCPAPISvr.exe [2009-06-09 232960] S2 WlanWpsSvc;WlanWpsSvc;c:\program files\D-Link\DWA-131 revA\WlanWpsSvc.exe [2008-06-26 167936] S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2008-11-12 46592] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-03-13 57432] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-03-13 337912] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 79868990 *Deregistered* - 79868990 *Deregistered* - mfeavfk01 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://au.search.yahoo.com/search?fr=mcafee&p=%s Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 61.9.211.1 192.168.0.1 FF - ProfilePath - c:\users\GOODKELL\AppData\Roaming\Mozilla\Firefox\Profiles\bmx3sl2f.default\ FF - prefs.js: browser.search.selectedEngine - Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://au.search.yahoo.com/search?fr=mcafee&p= . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-07-11 00:46 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(4424) c:\progra~1\mcafee\SITEAD~1\saHook.dll c:\program files\McAfee Online Backup\MOBKshell.dll . Completion time: 2011-07-11 00:47:52 ComboFix-quarantined-files.txt 2011-07-10 14:47 ComboFix2.txt 2010-06-05 18:33 . Pre-Run: 614,671,802,368 bytes free Post-Run: 614,991,032,320 bytes free . - - End Of File - - 9FA9D9751071CAF2DCA1D4612E0DD00A
  7. Thanks for the help Elise Nothing found with TDSS. Is it possible this was just some random malfunction? There was a new entry in "Windows problem reports and solutions" under "device driver problem found" when I searched for a solution today. When I clicked on it it said "A problem related to your antivirus software caused your computer to shut down unexpectedly to protect itself from data corruption or loss." Possible this isn't related to malware and my anti-virus was just repairing the driver problem? Thanks.
  8. My computer has been crashing a lot lately and this morning when i turned the computer on, it said there had been a crash (blue screen I think) probably as I shut it down the night before (i usually just click "shut down" and walk away). The taskbar was also indicating that a driver was installing somewhere obviously without my permission. I moused over it but it disappeared before I could stop it. I thought I would check here to make sure everything is ok. Thanks for any help you can give me. Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Database version: 7060 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 10/07/2011 2:08:44 PM mbam-log-2011-07-10 (14-08-44).txt Scan type: Quick scan Objects scanned: 178659 Time elapsed: 6 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by GOODKELL at 14:23:31 on 2011-07-10 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.61.1033.18.3582.2321 [GMT 10:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\GOODKELL\Local Settings\Apps\F.lux\flux.exe C:\Program Files\McAfee Online Backup\MOBKstat.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Program Files\McAfee Online Backup\MOBKbackup.exe C:\Windows\system32\IoctlSvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\nvSCPAPISvr.exe C:\Program Files\McAfee Online Backup\MOBKbackup.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\D-Link\DWA-131 revA\WlanWpsSvc.exe C:\Windows\system32\rundll32.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://au.search.yahoo.com/search?fr=mcafee&p=%s uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110516040946.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [F.lux] "c:\users\goodkell\local settings\apps\f.lux\flux.exe" /noshow uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB0.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://www.miniclip.com/games/bow-master/en/" mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\goodkell\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee online backup\MOBKstat.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: internet Trusted Zone: mcafee.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 61.9.211.1 192.168.0.1 TCP: Interfaces\{45ED69AD-AF91-4867-8C58-BE7F68E9E465} : DhcpNameServer = 61.9.211.1 192.168.0.1 TCP: Interfaces\{98241F9F-54B6-4402-9C74-CF908490BD0A} : DhcpNameServer = 61.9.211.1 192.168.0.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\goodkell\appdata\roaming\mozilla\firefox\profiles\bmx3sl2f.default\ FF - prefs.js: browser.search.selectedEngine - Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://au.search.yahoo.com/search?fr=mcafee&p= FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll . ============= SERVICES / DRIVERS =============== . R0 McPvDrv;McPvDrv;c:\windows\system32\drivers\McPvDrv.sys [2008-5-28 61688] R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 459728] R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-1-27 64648] R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-1-27 163400] R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-1-27 54776] R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2010-10-20 25896] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-1-5 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-1-5 67656] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-1-27 214904] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-1-27 214904] R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-1-27 214904] R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-1-27 214904] R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-1-27 165000] R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-1-27 159832] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-1-27 148520] R2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-1-8 230712] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\system32\nvSCPAPISvr.exe [2009-6-10 232960] R2 WlanWpsSvc;WlanWpsSvc;c:\program files\d-link\dwa-131 reva\WlanWpsSvc.exe [2010-10-21 167936] R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x86.sys [2009-6-30 46592] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-1-27 57432] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-1-27 179248] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-1-27 59288] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-1-27 337912] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-1-27 85984] S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2010-10-21 503808] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-1-5 12872] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-07-09 16:00:57 -------- d-----w- c:\users\goodkell\appdata\local\{B8D1D161-47E6-457D-86EB-6C64EE5E0530} 2011-07-09 13:45:25 -------- d-----w- c:\users\goodkell\appdata\roaming\mirkes.de 2011-07-09 04:00:12 -------- d-----w- c:\users\goodkell\appdata\local\{70EE92AC-2776-4CD8-9C0E-D2E3ED61A243} 2011-07-08 15:47:52 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ae0ca5cc-2a93-4757-b451-eea1d7014414}\mpengine.dll 2011-07-08 15:24:21 -------- d-----w- c:\users\goodkell\appdata\local\{EAF9CF6B-D5D3-4FE9-A334-C22004624023} 2011-07-08 03:23:47 -------- d-----w- c:\users\goodkell\appdata\local\{7EA1596E-C034-41B9-99AA-0187B486D629} 2011-07-07 15:23:01 -------- d-----w- c:\users\goodkell\appdata\local\{FFCFC3B0-E927-4F05-8464-6613A9B090FF} 2011-07-07 03:22:29 -------- d-----w- c:\users\goodkell\appdata\local\{BB87D285-9A47-4C38-BA93-AA2F9264C180} 2011-07-06 15:21:43 -------- d-----w- c:\users\goodkell\appdata\local\{8A8D92DB-5F8F-4215-8105-8208AB143624} 2011-07-06 03:20:59 -------- d-----w- c:\users\goodkell\appdata\local\{8F7E43F9-6ACD-4612-AF4F-3CE4040963BE} 2011-07-05 15:20:13 -------- d-----w- c:\users\goodkell\appdata\local\{D4F1379C-D76C-4FF8-9B1C-5F6B745642F3} 2011-07-05 03:19:40 -------- d-----w- c:\users\goodkell\appdata\local\{82357DA8-7316-485D-B5A0-FAC1D17EF1B8} 2011-07-04 15:18:55 -------- d-----w- c:\users\goodkell\appdata\local\{FAC80D34-089F-45B9-AED9-598711ECD4EE} 2011-07-04 03:18:17 -------- d-----w- c:\users\goodkell\appdata\local\{D1250EB0-6209-4378-9740-24D167BB9C0D} 2011-07-03 14:03:28 -------- d-----w- c:\users\goodkell\appdata\local\{80CA0B78-7362-4380-A024-C56BE61D0B9C} 2011-07-03 02:02:37 -------- d-----w- c:\users\goodkell\appdata\local\{466D2690-B099-4BCF-9F8E-5D6D8A243665} 2011-07-02 06:57:14 -------- d-----w- c:\users\goodkell\appdata\local\{E51EA0FF-C3F3-4F44-894A-3687B6E9465C} 2011-07-01 14:59:27 -------- d-----w- c:\users\goodkell\appdata\local\{12CA5A22-A064-4179-9FEF-674392302139} 2011-07-01 02:38:45 -------- d-----w- c:\users\goodkell\appdata\local\{7E965F7D-2104-41FE-8776-4795285BE151} 2011-06-30 14:37:57 -------- d-----w- c:\users\goodkell\appdata\local\{23CC463D-4D1C-488F-A837-B4DA13702A1C} 2011-06-30 02:37:11 -------- d-----w- c:\users\goodkell\appdata\local\{F28BB83A-5CF4-4968-AAD2-654F0C035273} 2011-06-29 05:53:12 -------- d-----w- c:\users\goodkell\appdata\local\{D413EE1E-5E85-4ED5-9C83-E515C6D18C60} 2011-06-29 04:37:24 276992 ----a-w- c:\windows\system32\schannel.dll 2011-06-28 17:52:25 -------- d-----w- c:\users\goodkell\appdata\local\{480FE294-64C4-428C-95D7-3135C3ED1F16} 2011-06-28 02:10:24 -------- d-----w- c:\users\goodkell\appdata\local\{D6F55B50-8410-4302-8B39-6C80022FC0A9} 2011-06-27 13:36:47 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll 2011-06-27 13:36:47 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll 2011-06-27 13:23:36 -------- d-----w- c:\users\goodkell\appdata\local\{182A6B25-0644-4C8C-BDBC-773C8E95C4CF} 2011-06-25 02:02:05 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll 2011-06-25 02:02:05 32656 ----a-w- c:\windows\system32\msonpmon.dll 2011-06-25 02:00:09 -------- d-----w- c:\users\goodkell\appdata\local\Microsoft Help 2011-06-23 08:55:53 -------- d-----w- c:\users\goodkell\appdata\local\{F4A35967-0CA8-42C7-91B0-AD67681AEAEF} 2011-06-22 17:54:42 -------- d-----w- c:\users\goodkell\appdata\local\{F2321905-089E-470F-B96D-5381494BFD69} 2011-06-22 05:54:08 -------- d-----w- c:\users\goodkell\appdata\local\{A6787CA6-64FA-4D15-ADB9-CE74FE3D06A1} 2011-06-21 17:53:21 -------- d-----w- c:\users\goodkell\appdata\local\{0DAC497E-F5C2-4E80-BC93-5F9B33B42E42} 2011-06-21 05:52:35 -------- d-----w- c:\users\goodkell\appdata\local\{204CD068-9FD9-4812-A1E8-8C58C9986362} 2011-06-20 17:51:50 -------- d-----w- c:\users\goodkell\appdata\local\{96BBDD40-D06F-41F7-ACFF-20890CA6F1CE} 2011-06-20 05:51:05 -------- d-----w- c:\users\goodkell\appdata\local\{F1EB8445-CF8C-492F-A158-56B5909721E4} 2011-06-19 17:50:21 -------- d-----w- c:\users\goodkell\appdata\local\{949103E0-363D-4D40-80A1-0AB8CB31B5E6} 2011-06-19 05:49:36 -------- d-----w- c:\users\goodkell\appdata\local\{5410F922-E011-4293-BBFD-0A66AAA7C1F9} 2011-06-18 17:48:51 -------- d-----w- c:\users\goodkell\appdata\local\{BAA2AEFF-8CF0-4170-A9F4-494683EDC2BA} 2011-06-18 05:30:32 -------- d-----w- c:\users\goodkell\appdata\local\{1A9FFDC3-3448-46D0-8F76-DE6C22493049} 2011-06-17 18:08:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-06-17 18:08:16 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-06-17 18:08:16 141104 ----a-w- c:\program files\internet explorer\sqmapi.dll 2011-06-17 17:33:14 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-06-17 17:33:08 273408 ----a-w- c:\windows\system32\drivers\afd.sys 2011-06-17 17:33:01 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-06-17 17:33:01 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-06-17 17:29:42 -------- d-----w- c:\users\goodkell\appdata\local\{7B753595-8541-4C45-A407-D95BBCB374D5} 2011-06-17 17:29:02 563712 ----a-w- c:\windows\system32\oleaut32.dll 2011-06-17 17:27:49 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-17 17:27:40 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-06-17 17:27:38 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-06-17 17:27:37 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-06-17 17:27:33 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat 2011-06-17 04:22:01 -------- d-----w- c:\users\goodkell\appdata\local\{C7DBC838-2A23-4716-AF72-5EF04151C6B9} 2011-06-16 05:11:34 -------- d-----w- c:\users\goodkell\appdata\local\{36C2B5C9-C9E2-443B-A05A-629D54F7A8CF} 2011-06-15 17:10:49 -------- d-----w- c:\users\goodkell\appdata\local\{0C00AEED-A61C-4616-AFEB-CB6C09B1469A} 2011-06-15 05:10:15 -------- d-----w- c:\users\goodkell\appdata\local\{589A2C45-6132-42DB-899D-2BB56E149E6A} 2011-06-14 14:44:31 -------- d-----w- c:\users\goodkell\appdata\local\{0B062BF6-A3A7-4FB3-B108-B3AA45C1D670} 2011-06-14 14:08:06 -------- d-----w- c:\program files\iPod 2011-06-14 14:08:04 -------- d-----w- c:\program files\iTunes 2011-06-14 02:44:06 -------- d-----w- c:\users\goodkell\appdata\local\{36C21B61-52ED-4052-919B-A8AFB2F37F65} 2011-06-13 14:13:34 -------- d-----w- c:\users\goodkell\appdata\local\{7FFD43F2-2F80-435F-9CF7-81ACE6FD0817} 2011-06-13 00:50:16 -------- d-----w- c:\users\goodkell\appdata\local\{456F2B58-A929-4DBB-BD62-E7B2DB1F3395} 2011-06-12 06:38:19 -------- d-----w- c:\users\goodkell\appdata\local\{4EFDDA14-A535-473C-B20F-39D1CD7EB3B6} 2011-06-11 18:37:33 -------- d-----w- c:\users\goodkell\appdata\local\{21586C5B-C99D-4FA4-94CB-744A4C1AF528} 2011-06-11 06:36:49 -------- d-----w- c:\users\goodkell\appdata\local\{BAE42EEA-62A8-4666-BEBC-156E9E394A09} 2011-06-10 18:36:01 -------- d-----w- c:\users\goodkell\appdata\local\{E6320053-9FB1-4FFA-8CF5-4453A6A36FA1} 2011-06-10 06:35:15 -------- d-----w- c:\users\goodkell\appdata\local\{0AB4DC74-6BC9-4452-9BC7-61E865F1ABCD} . ==================== Find3M ==================== . 2011-06-11 12:24:48 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-28 23:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-28 23:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-24 09:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-03 18:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll . ============= FINISH: 14:25:15.62 =============== attach.zip.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.