Jump to content

JupiterFerris

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi All, I have the exact same problem as this topic http://forums.malwarebytes.org/index.php?showtopic=95974 which was not resolved that I can see. A google search result (nothing fruity) caused my Trend AV to start deleting a few bad files that had appeared. I'd seen that before - not a good sign - so thought I'd run MBAM before I rebooted. MBAM wouldn't load ... didn't have authorisation/permission etc. Booted into safe mode with networking, could download and reinstall MBAM which found stuff and deleted it, but every 'normal' boot it all returned and MBAM stopped running, needed a reinstall in safe mode. Tried combofix (eventually) which removed Zero Access rootkit. Could then login to safe mode OK, but normal boot caused a BSOD. Scanned drive in another PC with MSE & MBAM which removed some more stuff, and now can boot laptop normally, MBAM runs and finds nothing, Combofix runs and finds nothing. So it looks OK. But there's no network, either LAN or WLAN, both show as not connected. If I "netsh int ip reset log.txt", WLAN connects but can't get a DHCP address. LAN cable into router gives the same problem - no DHCP address (Gets APIPA address). If I force an IP, it doesn't work, no ping, no network. It's all OK in safe mode though - network is fine. I rebooted after using msconfig to disable all startup entries, and disable all non microsoft services, still the same, no network. I uninstalled the NIC from device manager, it detected it on boot and reinstalled OK, but problem persists. This is on XP SP3. To all intents and purposes everything else is fine. Laptop is OK and scans find nothing. Reinstall is not really an option here, I need to get this network going. DDS logs to follow shortly. Does anybody know how to repair this damage to the network ? Weird that it works in safe mode no problem, it must be repairable..... Been fiddling with this since Thursday morning... 2 days lost, shame these people don't use their skills for something useful. Thanks JF Forgot to say, TDDS found nothing... Only combofix found ZeroAccess. Host file is OK and no proxy is configured. Attached is a DDS log of pic running with normal boot, not safe, but with all non microsoft services disabled, and startup items disabled. File has dates in it...for reference 20th Oct was when it broke... PC works fine, but no network..... . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21 Run by User at 1:10:22 on 2011-10-23 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3572.3073 [GMT 1:00] . AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {4CA5B9AB-4295-4D4C-9664-0EBE85AE0525} FW: COMODO Firewall *Enabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://news.bbc.co.uk uInternet Settings,ProxyOverride = *.local;<local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.de/search?q=%s BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uPolicies-explorer: DisablePersonalDirChange = 1 (0x1) uPolicies-explorer: NoSMHelp = 01000000 uPolicies-explorer: NoWelcomeScreen = 1 (0x1) mPolicies-explorer: NoSMConfigurePrograms = 1 (0x1) mPolicies-explorer: NoWelcomeScreen = 1 (0x1) mPolicies-explorer: NoPublishingWizard = 1 (0x1) mPolicies-explorer: NoWebServices = 1 (0x1) mPolicies-explorer: NoOnlinePrintsWizard = 1 (0x1) mPolicies-system: AllowMultipleTSSessions = 0 (0x0) mPolicies-system: MaxGPOScriptWait = 1800 (0x708) IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC0016-0000-0021-ABCDEFFEDCBC} IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll LSP: %SystemRoot%\system32\vsocklib.dll Trusted Zone: adp.com\*.globalview Trusted Zone: ariba.com Trusted Zone: e-wsi.com Trusted Zone: microsoft.com Trusted Zone: nokia.com\*.ext Trusted Zone: opentext.com Trusted Zone: sesa.net\mail Trusted Zone: wsistudents.com DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {3F281831-045B-11D3-9919-002018347AD4} - hxxp://192.168.11.22/OssWebControlInf.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276857417924 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1276857495025 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cabDPF: {CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.3.1/jinstall-131_01-win.cab DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F53270D3-0E32-48B7-B63B-159E33210F70} - hxxps://www.g-dms.com/img/webexp/lledit.cab Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files\sap\sapgui710\sapgui\SAPHTMLP.DLL Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files\sap\sapgui710\sapgui\SAPHTMLP.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll mASetup: >{3CBF4170-BE13-43D1-B74D-DC9E04C86836} - msiexec /fus {3CBF4170-BE13-43D1-B74D-DC9E04C86836} /q mASetup: >{FF9059A0-DAC5-4770-5CC5-45EB95DB4DA8} - msiexec /i {FF9059A0-DAC5-4770-5CC5-45EB95DB4DA8} REINSTALLMODE=u REINSTALL=ALL STANDARDREPAIR=1 /q mASetup: ManagedPC - rundll32.exe advpack.dll,LaunchINFSection c:\windows\managed\Custom.inf,MCActive . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\User\application data\mozilla\firefox\profiles\81a9jdyn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.bbc.co.uk/news/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en-GB&q= FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 64323 FF - prefs.js: network.proxy.type - 0 FF - component: c:\documents and settings\User\application data\mozilla\firefox\profiles\81a9jdyn.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: c:\documents and settings\User\application data\mozilla\firefox\profiles\81a9jdyn.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll FF - component: c:\program files\riverbed\steelhead mobile\shmcert\components\shmcert.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Ext: Steelhead Mobile Certificate Manager: SteelheadMobileCertificateManager@riverbed.com - c:\program files\riverbed\steelhead mobile\shmcert FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} . ============= SERVICES / DRIVERS =============== . R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2011-8-8 98928] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-6-1 29400] R2 BTWSp50;BTWSp50 NDIS Protocol Driver;c:\windows\system32\drivers\btwsp50.sys [2007-4-20 24560] R2 NiProbeMem;NiProbeMem;c:\windows\system32\drivers\NiProbeMem.SYS [2011-1-21 36864] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088] R2 TmFilter;Trend Micro Filter;c:\program files\officescan nt\TmXpflt.sys [2008-12-5 249424] R2 TmPreFilter;Trend Micro PreFilter;c:\program files\officescan nt\TmPreflt.sys [2008-12-5 36432] R2 VMONI;VMONI Protocol Analyzer;c:\windows\system32\drivers\VMONI.sys [2011-1-21 51200] R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-7-8 22768] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2010-5-4 113664] R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2009-1-29 32808] R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2010-6-18 241880] R3 NgVpn;Aventail VPN Adapter;c:\windows\system32\drivers\ngvpn.sys [2009-2-4 77976] R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\drivers\swivspnt.sys [2007-3-26 20352] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys --> c:\windows\system32\drivers\cmdguard.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 airpcap;airpcap;c:\windows\system32\drivers\airpcap.sys [2011-7-18 491392] S3 NbtDet;NetBoot PCI Detection Service;c:\windows\system32\drivers\nbtdet.sys [2010-8-13 4992] S3 NgFilter;Aventail VPN Filter;c:\windows\system32\drivers\ngfilter.sys [2009-2-4 20632] S3 NgLog;Aventail VPN Logging;c:\windows\system32\drivers\nglog.sys [2009-2-4 25240] S3 NgWfp;Aventail VPN Callout;c:\windows\system32\drivers\ngwfp.sys [2009-2-4 23192] S3 RBT;RVBD_SH_Mobile_Intercept;c:\progra~1\riverbed\steelh~1\RBT.sys [2011-1-25 424704] S3 SWNC8U80;Sierra Wireless MUX NDIS Driver (UMTS80);c:\windows\system32\drivers\swnc8u80.sys [2008-5-20 167040] S3 SWUMX80;Sierra Wireless USB MUX Driver (UMTS80);c:\windows\system32\drivers\swumx80.sys [2008-5-20 143360] S3 wimmount;wimmount;c:\windows\system32\drivers\wimmount.sys [2009-7-13 19024] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2010-6-18 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 a320raid;a320raid;c:\windows\system32\drivers\a320raid.sys [2010-6-18 251194] S4 Apache2.2;Apache2.2;c:\program files\apache software foundation\apache2.2\bin\httpd.exe [2010-7-30 24645] S4 BT Common Client;BT Common Client;c:\program files\bt common client\btomosrv.exe [2007-7-3 61440] S4 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2009-4-27 293968] S4 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-6-1 1793712] S4 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2009-7-16 376096] S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-9-1 30192] S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-17 136176] S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-17 136176] S4 hMailServer;hMailServer;c:\program files\hmailserver\bin\hmailserver.exe runasservice --> c:\program files\hmailserver\bin\hMailServer.exe RunAsService [?] S4 MCsvc;Managed Client Service;c:\windows\system32\MCSvc.exe [2010-6-18 69632] S4 mv64xx;mv64xx;c:\windows\system32\drivers\mv64xx.sys [2010-6-18 277032] S4 NgVpnMgr;Aventail VPN Client;c:\windows\system32\ngvpnmgr.exe [2009-2-4 224867] S4 RVBD_SH_Mobile_Logger;Riverbed Steelhead Mobile Logger Service;c:\program files\riverbed\steelhead mobile\rbtlogger.exe [2011-1-25 864768] S4 RVBD_SH_Mobile_Monitor;Riverbed Steelhead Mobile Monitor Service;c:\program files\riverbed\steelhead mobile\rbtmon.exe [2011-1-25 6080000] S4 SiSRaid4;SiSRaid4;c:\windows\system32\drivers\sisraid4.sys [2010-6-18 68864] S4 TmProxy;OfficeScan NT Proxy Service;c:\program files\officescan nt\TmProxy.exe [2008-12-5 689416] S4 vmscsi;vmscsi;c:\windows\system32\drivers\vmscsi.sys [2010-6-18 17968] S4 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2011-8-21 665200] S4 VMwareHostd;VMware Workstation Server;c:\program files\vmware\vmware workstation\vmware-hostd.exe [2011-8-22 11837440] . =============== File Associations =============== . .txt=UltraEdit.txt . =============== Created Last 30 ================ . 2011-10-22 12:14:21 -------- d-----w- c:\windows\pss 2011-10-22 10:22:03 -------- d-----w- c:\windows\0C84EB7E74894241BB7CCDB62E2BC7A0.TMP 2011-10-21 14:25:35 -------- d-----w- C:\ComboFix 2011-10-21 11:24:49 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-10-21 11:24:49 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy 2011-10-21 10:49:47 507904 ----a-w- c:\windows\system32\winlogon.exe 2011-10-21 10:48:23 1033728 ----a-w- c:\windows\explorer.exe 2011-10-21 08:15:08 -------- d-sha-r- C:\cmdcons 2011-10-21 08:14:13 98816 ----a-w- c:\windows\sed.exe 2011-10-21 08:14:13 518144 ----a-w- c:\windows\SWREG.exe 2011-10-21 08:14:13 256000 ----a-w- c:\windows\PEV.exe 2011-10-21 08:14:13 208896 ----a-w- c:\windows\MBR.exe 2011-10-21 08:06:32 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-21 08:06:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-21 07:49:51 2732620 ----a-w- C:\exportOct2011.reg 2011-10-20 08:08:15 959 ----a-w- c:\windows\2530464986.623586409.exe_e4c.VIR 2011-10-20 08:08:15 959 ----a-w- c:\windows\2530464986.623586409.exe_b14.VIR 2011-10-20 08:08:10 -------- d-sh--w- c:\documents and settings\User\local settings\application data\dad4d396 2011-10-18 18:44:08 602112 ----a-w- c:\windows\system32\SET247.tmp 2011-10-18 18:44:08 55296 ----a-w- c:\windows\system32\SET246.tmp 2011-10-18 18:44:08 25600 ----a-w- c:\windows\system32\SET249.tmp 2011-10-18 18:44:07 916480 ----a-w- c:\windows\system32\SET23F.tmp 2011-10-18 18:44:07 206848 ----a-w- c:\windows\system32\SET242.tmp 2011-10-18 18:44:07 2000384 ----a-w- c:\windows\system32\SET24B.tmp 2011-10-18 18:44:07 184320 ----a-w- c:\windows\system32\SET24C.tmp 2011-10-18 18:44:07 105984 ----a-w- c:\windows\system32\SET241.tmp 2011-10-18 18:44:06 1212416 ----a-w- c:\windows\system32\SET240.tmp 2011-10-18 18:44:05 5971456 ----a-w- c:\windows\system32\SET245.tmp 2011-10-15 09:36:06 -------- d-----w- c:\program files\iPod 2011-10-15 09:36:01 -------- d-----w- c:\program files\iTunes 2011-10-15 09:32:15 -------- d-----w- c:\program files\Bonjour 2011-10-11 17:38:39 432752 ----a-w- c:\windows\system32\vmnat.exe 2011-10-11 17:38:39 354416 ----a-w- c:\windows\system32\vmnetdhcp.exe 2011-10-11 17:38:38 25712 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys 2011-10-11 17:38:20 783472 ----a-w- c:\windows\system32\vnetlib.dll 2011-10-11 17:36:25 -------- d-----w- c:\program files\common files\VMware 2011-10-11 10:53:40 -------- d-----w- c:\program files\VMware 2011-10-10 17:19:20 -------- d-----w- c:\documents and settings\User\local settings\application data\CounterPath Corporation 2011-10-10 17:19:10 -------- d-----w- c:\documents and settings\User\local settings\application data\CounterPath 2011-10-10 17:17:46 -------- d-----w- c:\program files\CounterPath 2011-10-10 12:31:27 -------- d-----w- c:\program files\Licensing 2011-10-10 11:50:59 -------- d-----w- c:\program files\Lotus Notes 2011-10-06 13:43:09 400000 ----a-w- C:\TRACE1cdg.bin 2011-09-26 10:41:20 611328 ----a-w- c:\windows\system32\SET372.tmp 2011-09-26 10:41:20 220160 -c--a-w- c:\windows\system32\dllcache\SET373.tmp 2011-09-26 10:41:20 220160 ----a-w- c:\windows\system32\SET370.tmp 2011-09-26 10:41:14 20480 -c--a-w- c:\windows\system32\dllcache\SET374.tmp 2011-09-26 10:41:14 20480 ----a-w- c:\windows\system32\SET371.tmp . ==================== Find3M ==================== . 2011-09-26 10:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 10:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 10:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-12 10:36:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys 2011-08-31 20:59:01 285256 ----a-w- c:\windows\system32\guard32.dll 2011-08-31 20:59:00 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2011-08-31 20:59:00 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys 2011-08-30 22:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-08-30 22:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-08-30 22:05:04 50536 ----a-w- c:\windows\system32\jdns_sd.dll 2011-08-30 22:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll 2011-08-23 16:48:56 11081728 ----a-w- c:\windows\system32\SET24D.tmp 2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll 2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-22 23:48:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-08-22 16:07:40 55280 ----a-w- c:\windows\system32\drivers\vmx86.sys 2011-08-22 16:06:18 55408 ----a-w- c:\windows\system32\vmnetbridge.dll 2011-08-22 16:06:16 33776 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys 2011-08-22 14:40:08 252016 ----a-w- c:\windows\system32\vmnc.dll 2011-08-22 14:12:26 49776 ----a-w- c:\windows\system32\vnetinst.dll 2011-08-22 14:12:26 19568 ----a-w- c:\windows\system32\drivers\vmnet.sys 2011-08-22 14:12:26 16624 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys 2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec 2011-08-21 22:11:22 32496 ----a-w- c:\windows\system32\drivers\hcmon.sys 2011-08-21 22:01:24 31280 ----a-w- c:\windows\system32\drivers\vmusb.sys 2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2011-08-09 09:59:22 443448 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-08-08 13:58:56 98928 ----a-w- c:\windows\system32\drivers\vmci.sys 2011-08-08 13:58:56 63088 ----a-w- c:\windows\system32\vsocklib.dll 2008-09-24 09:34:58 626688 ----a-w- c:\program files\common files\sapconsaccess.dll 2008-09-24 09:34:58 40960 ----a-w- c:\program files\common files\DigitalSignature.ocx 2008-09-24 09:34:58 3125248 ----a-w- c:\program files\common files\sapxlhelper.dll 2008-09-24 09:34:58 192512 ----a-w- c:\program files\common files\sapconsr3.dll . ============= FINISH: 1:11:44.67 =============== dds.log
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.