Jump to content

Katsumi

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you very much for your help. When i ran combo fix it told me that mcaffe was on and running however that is no longer installed on my computer, nor could i find a running process of it, so i ignored the warming and ran the program anyway, it deleted 3 items. Attached are both the logs. mbam-log-2011-07-30 (02-19-11).txt ComboFix.txt
  2. My computer has had this redirect issue for a while, it mainly just redirects when I use chrome but recently it has been using up 100% of my cpu and I have blue screened once. I am using windows 7. I have run a boot scan using avast yet nothing was found and when recommended microsoft security essentials i found it would not load unless i was in safe mode. Microsoft security centre has been turned off and i have not been able to turn it back on, and windows system restore was turned off. I managed to turn system restore back on but there were no saved logs from before my computer was infected. Also one other thing that happens occasionally is a random advet will pop up in the corner of my computer screen, this has only happened 3 times or so but thought i should mention everything i know. Attached is ARK, attach.txt and a log file from hijackthis, I know hijack this was not suggested but i already had the program so i figured i may as well include it. When I did a quick scan in malwarebytes no infected results came up. Here is my log: alwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7270 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 25/07/2011 6:53:54 PM mbam-log-2011-07-25 (18-53-54).txt Scan type: Quick scan Objects scanned: 205920 Time elapsed: 6 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) I was a little worried because nothing came up. I here is my DDS log that I ran as well: . DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24 Run by Chloe at 19:00:17 on 2011-07-25 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3957.1766 [GMT 10:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\ProgramData\UltraVNC\winvnc.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\RealVNC\VNC4\winvnc4.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe C:\ProgramData\UltraVNC\winvnc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe C:\Windows\System32\rundll32.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\BitComet\BitComet.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\BitComet\tools\BitCometService.exe c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\jusched.exe C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Chloe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Chloe\Desktop\kbptl2h8.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.atcomet.com/b/ uInternet Settings,ProxyOverride = *.local uURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll mURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll BHO: CmjBrowserHelperObject Object: {6fe6a929-59d1-4763-91ad-29b61cffb35b} - C:\Program Files (x86)\Mindjet\MindManager 9\Mm8InternetExplorer.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent uRun: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN uRun: [bitComet] "C:\Program Files (x86)\BitComet\BitComet.exe" /tray uRun: [Google Update] "C:\Users\Chloe\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [FAStartup] mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" mRunOnce: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\Chloe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 9\Mm8InternetExplorer.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://supportapj.dell.com/systemprofiler/DellSystemLite.CAB DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{2B7B9578-D492-4561-BF23-17BD37479032} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{2B7B9578-D492-4561-BF23-17BD37479032}\14A405 : DhcpNameServer = 10.1.1.1 192.168.0.1 TCP: Interfaces\{2B7B9578-D492-4561-BF23-17BD37479032}\27F62656274737026616D696A69702E6564777F627B6 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2B7B9578-D492-4561-BF23-17BD37479032}\A4F6563702741627167656 : DhcpNameServer = 10.0.0.138 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll LSA: Notification Packages = scecli FAPassSync BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll BHO-X64: BitComet ClickCapture - No File BHO-X64: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll BHO-X64: Trend Micro Toolbar BHO - No File BHO-X64: CmjBrowserHelperObject Object: {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 9\Mm8InternetExplorer.dll BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll BHO-X64: FAIESSO Helper Object - No File BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll TB-X64: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [FAStartup] mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r mRun-x64: [updReg] C:\Windows\UpdReg.EXE mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe mRunOnce-x64: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" mRunOnce-x64: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE-X64: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Chloe\AppData\Roaming\Mozilla\Firefox\Profiles\86cqgukt.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.atcomet.com/b/ FF - prefs.js: network.proxy.type - 4 FF - component: C:\Users\Chloe\AppData\Roaming\Mozilla\Firefox\Profiles\86cqgukt.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension3.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Chloe\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: BitComet Video Downloader: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB} - %profile%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: avast! WebRep: wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdflt.sys --> C:\Windows\system32\DRIVERS\stdflt.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2010-3-27 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 Apache2.2;Remote Access Media Server;C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe [2008-12-10 24636] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-7-18 42184] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-10 155648] R2 dsl-db;Remote Access DB;C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe [2009-6-11 5730304] R2 dsl-fs-sync;Remote Access File Sync Service;C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe [2009-7-22 189680] R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-4-4 2409800] R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-5-9 60928] R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?] R2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?] R2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-5-9 689472] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 uvnc_service;UltraVNC Server;C:\ProgramData\UltraVNC\winvnc.exe -service --> C:\ProgramData\UltraVNC\winvnc.exe -service [?] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service --> C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [?] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-5-9 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-5-9 79360] S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?] S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-5-13 25072] S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2010-5-9 79360] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] . =============== Created Last 30 ================ . 2011-07-23 23:21:03 -------- d-----w- C:\Users\Chloe\AppData\Local\{5F7B2B24-6704-4255-9B0A-A71D97D64B0E} 2011-07-22 16:17:49 -------- d-----w- C:\Users\Chloe\AppData\Local\{3B2681FF-CE40-4D93-942E-4318BF03B485} 2011-07-19 14:20:21 -------- d-----w- C:\Users\Chloe\AppData\Local\{628B5937-3AD3-4E27-8194-639278FA2D6E} 2011-07-19 03:25:35 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-18 14:04:01 -------- d-----w- C:\Users\Chloe\AppData\Local\{D4B23AFF-811A-4CCA-9037-A6DC3A0A5F43} 2011-07-18 12:07:52 -------- d-----w- C:\Users\Chloe\AppData\Local\{2BC89FA3-ECA9-4378-A9B9-86F35A3236B1} 2011-07-18 10:07:17 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2011-07-18 10:07:15 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2011-07-18 10:07:02 40112 ----a-w- C:\Windows\avastSS.scr 2011-07-18 10:06:48 -------- d-----w- C:\ProgramData\AVAST Software 2011-07-18 10:06:48 -------- d-----w- C:\Program Files\AVAST Software 2011-07-14 08:39:38 -------- d-----w- C:\Users\Chloe\AppData\Local\{2E3AC7C9-C75E-4387-AE09-560B5B4D8215} 2011-07-13 17:01:08 -------- d-----w- C:\Users\Chloe\AppData\Local\{0591216B-A1FF-45DA-A0AC-8AE32F354220} 2011-07-13 13:37:49 40960 ----a-r- C:\Users\Chloe\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe 2011-07-13 13:37:49 40960 ----a-r- C:\Users\Chloe\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe 2011-07-13 13:37:49 -------- d-----w- C:\Program Files (x86)\Project64 1.6 2011-07-13 03:32:40 -------- d-----w- C:\Users\Chloe\AppData\Local\{DE37BA08-EE38-4BAB-9A77-84F3ADAF31C8} 2011-07-12 15:32:18 -------- d-----w- C:\Users\Chloe\AppData\Local\{ACC6B67B-8726-44C1-93F1-73AC0A6706ED} 2011-07-12 03:31:51 -------- d-----w- C:\Users\Chloe\AppData\Local\{FBAA4ED4-2B07-4500-9FD4-F1FAAF54819A} 2011-07-11 02:57:51 -------- d-----w- C:\Users\Chloe\AppData\Local\{8AE39FE7-4AC0-4D7E-A076-7B4659F75576} 2011-07-09 03:26:35 -------- d-----w- C:\Users\Chloe\AppData\Local\{1685DF0D-B3EB-4F07-A07D-CE47E774E026} 2011-07-07 02:19:32 -------- d-----w- C:\Users\Chloe\AppData\Local\{9A5F9EAA-BDF5-4E9F-A2FE-4F6F816F8D38} 2011-07-06 07:26:59 -------- d-----w- C:\Users\Chloe\AppData\Local\{C73BF55F-F296-4E5D-9DB0-0CF59270D097} 2011-07-05 14:46:13 -------- d-----w- C:\Users\Chloe\AppData\Local\{5AC7E299-189B-424F-B361-C4BB4F14A861} 2011-07-05 02:45:42 -------- d-----w- C:\Users\Chloe\AppData\Local\{F25088B5-6F7B-44EA-963F-D0E8E4E128E8} 2011-07-04 09:39:41 -------- d-----w- C:\Users\Chloe\AppData\Local\Google 2011-07-04 03:52:36 -------- d-----w- C:\Users\Chloe\AppData\Local\{8D8A9CF9-D02D-483A-AF23-98073A88BA14} 2011-07-03 12:36:20 -------- d-----w- C:\Users\Chloe\AppData\Local\{A4C93470-845C-4372-9EB9-27DA5088F5AB} 2011-07-03 02:56:11 219440 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys 2011-07-03 02:56:04 44848 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys 2011-07-03 02:55:59 -------- d-----w- C:\Program Files\Oracle 2011-07-03 00:35:51 -------- d-----w- C:\Users\Chloe\AppData\Local\{30651AA0-6570-4306-9BA2-8B1AE30B8389} 2011-06-30 02:18:12 -------- d-----w- C:\Users\Chloe\AppData\Local\{C91BC495-F20C-4D7D-AE3F-4895C801D1C5} 2011-06-27 06:50:33 -------- d-----w- C:\Users\Chloe\AppData\Local\{2BF43C8A-6E41-43DF-BB97-B6A53D29E794} 2011-06-26 02:28:32 -------- d-----w- C:\Users\Chloe\AppData\Local\{855CEA97-66B5-457B-A7B6-B6EBC8756E68} 2011-06-25 14:59:24 -------- d-----w- C:\Windows\System32\SPReview 2011-06-25 14:58:46 -------- d-----w- C:\Windows\System32\EventProviders 2011-06-25 14:57:10 48976 ----a-w- C:\Windows\System32\netfxperf.dll 2011-06-25 14:57:10 1942856 ----a-w- C:\Windows\System32\dfshim.dll 2011-06-25 14:57:04 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll 2011-06-25 14:55:59 934912 ----a-w- C:\Windows\System32\FirewallControlPanel.dll 2011-06-25 14:54:59 98304 ----a-w- C:\Windows\SysWow64\fphc.dll 2011-06-25 14:53:00 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2011-06-25 14:53:00 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll 2011-06-25 14:53:00 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll 2011-06-25 14:52:57 933376 ----a-w- C:\Windows\System32\SmiEngine.dll 2011-06-25 14:52:56 199168 ----a-w- C:\Windows\System32\PkgMgr.exe 2011-06-25 14:52:54 422912 ----a-w- C:\Windows\System32\drvstore.dll 2011-06-25 14:52:54 399872 ----a-w- C:\Windows\System32\dpx.dll 2011-06-25 14:27:34 -------- d-----w- C:\Users\Chloe\AppData\Local\{B7747A19-1CD5-4568-8A3F-59090885BD52} . ==================== Find3M ==================== . 2011-07-06 09:52:42 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-06 09:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-06-25 15:05:15 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-06-25 15:05:15 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-06-24 05:05:00 164656 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys 2011-06-24 05:05:00 144688 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys 2011-06-24 05:04:58 320816 ----a-w- C:\Windows\System32\VBoxNetFltNotify.dll 2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys 2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll 2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll 2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll 2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll 2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe 2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe 2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-05-28 03:30:09 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-05-28 02:53:58 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll 2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll 2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll 2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll 2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll 2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll 2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll 2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe 2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll 2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll 2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll 2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll 2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll 2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll 2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe 2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe 2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe 2011-05-03 05:29:29 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2011-05-03 04:30:02 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll 2011-04-29 03:06:10 467456 ----a-w- C:\Windows\System32\drivers\srv.sys 2011-04-29 03:05:49 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys 2011-04-29 03:05:37 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2011-04-28 03:55:08 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys 2011-04-28 03:54:56 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2011-04-27 02:40:40 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2011-04-27 02:39:40 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2011-04-27 02:39:37 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys . ============= FINISH: 19:01:24.57 =============== attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.