Jump to content

Install Issue


Recommended Posts

Hello,

I can't get MBAM to install on my laptop when booted normally. I receive the following error:

c:\program files\Malwarebytes' Anti-Malware\ssubtmr6.dll.

An error occured while trying to rename a file in the destination directory.

MoveFile Failed; code 5.

Access Denied.

I can install and run under a Safe Boot, but if I then boot normally, I receive the 0 and 440 errors. The registry fix will not insert the ssubtmr6.dll entry for an access error.

I was not able to run defogger. It said I needed to run as Administrator, though my ID is in the local administrator group.

Following is my information:

DDS (Ver_10-03-17.01) - NTFSx86

Run by jschwartz804 at 10:47:07.17 on Fri 04/02/2010

Internet Explorer: 6.0.2900.5512

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3536.2417 [GMT -5:00]

AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

FW: McAfee Host Intrusion Prevention Firewall *enabled* {2F1275E3-2F4F-43E9-944B-3F63F9BDA5F5}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\idt\dellxpm09b_6159v043\wdm\stacsv.exe

C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

svchost.exe

C:\Program Files\Connected\AgentSrv.EXE

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe

C:\Program Files\iPass\iPassConnect\iPCAgent.exe

C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe

C:\Program Files\Intel\AMT\LMS.exe

C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\mfevtps.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\plms32.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\SafeGuard\SafeGuard Easy\SgeCtl.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe

C:\WINDOWS\system32\vnxserv.exe

C:\SafeGuard\SafeGuard Easy\WksCfgSrv.exe

C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe

C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe

C:\WINDOWS\system32\AESTFltr.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\DellTPad\Apoint.exe

C:\program files\sim\simloader.exe

C:\Program Files\iPass\iPassConnect\downloader\ipccheck.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\SafeGuard\SafeGuard Easy\Ecview.exe

C:\SafeGuard\SafeGuard Easy\FipsMon.exe

C:\Program Files\Juniper Networks\Odyssey Access Client\OdTray.exe

C:\Program Files\Network Associates\Common Framework\udaterui.exe

C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe

C:\Program Files\Network Associates\Common Framework\McTray.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\AtHocCorp\AtHocCorp.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\AtHocCorp\AtHocCorpDesk.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Connected\CBSysTray.exe

C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe

C:\WINDOWS\system32\igfxext.exe

C:\Program Files\VSCLIENT\vsc32w.exe

C:\Program Files\Trillian\trillian.exe

C:\Notes\NLNOTES.EXE

C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.1.2.200808010926\win32\x86\eclipse.exe

C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.j2se.win32.x86_1.6.0.20090219c-200909182057\jre\bin\notes2w.exe

C:\Notes\ntaskldr.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\JSCHWARTZ804\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://mykcurve.pwcinternal.com/

uSearch Bar = hxxp://jump.altavista.com/start/ie4

BHO: AtHocCorp BrowserHelper: {1136fa83-904d-4ea3-856e-4cae9670d537} - c:\program files\athoccorp\AtHocCorpTBr.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll

BHO: PwCPlugin.PwCHighlighter: {aaa9f5f4-27f6-4f85-a879-7ea50b4322cd} - c:\windows\system32\mscoree.DLL

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"

mRun: [software Install Manager] c:\program files\sim\simloader.exe /auto /nodialog

mRun: [gethdd] c:\custom\gethdd\gethdd.exe /SETBYREG

mRun: [PwC - Power Profile Updater 2.07] c:\program files\sim\download\powercfg.exe -h=off

mRun: [shStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"

mRun: [sgeEcView] "c:\safeguard\safeguard easy\Ecview.exe"

mRun: [FIPSMON] c:\safeguard\safeguard easy\FipsMon.exe /Systray

mRun: [Device Control] c:\custom\cfgfiles\devicntr03.exe -S -mode=disable -devid=1394 -inffl=1394.inf -pnffl=1394.pnf -add2run=1 -title="IEEE 1394 (Firewire)"

mRun: [OdTray.exe] "c:\program files\juniper networks\odyssey access client\OdTray.exe"

mRun: [<NO NAME>]

mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\udaterui.exe" /StartedFromRunKey

mRun: [McAfee Host Intrusion Prevention Tray] "c:\program files\mcafee\host intrusion prevention\FireTray.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AtHocCorp] c:\program files\athoccorp\AtHocCorp.exe

mRun: [Mobile T&E AutoStart] c:\program files\mobile t&e\Mobile T&E.LNK

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRunOnce: [setProxy] "c:\program files\common files\vpn\DENABLE.EXE" /S -E

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\connec~1.lnk - c:\program files\connected\CBSysTray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe

uPolicies-explorer: Btn_Back = 1 (0x1)

uPolicies-explorer: Btn_Forward = 1 (0x1)

uPolicies-explorer: Btn_Stop = 1 (0x1)

uPolicies-explorer: Btn_Refresh = 1 (0x1)

uPolicies-explorer: Btn_Home = 1 (0x1)

uPolicies-explorer: Btn_Search = 1 (0x1)

uPolicies-explorer: Btn_History = 1 (0x1)

uPolicies-explorer: Btn_Favorites = 1 (0x1)

uPolicies-explorer: Btn_Folders = 2 (0x2)

uPolicies-explorer: Btn_Fullscreen = 2 (0x2)

uPolicies-explorer: Btn_Tools = 2 (0x2)

uPolicies-explorer: Btn_MailNews = 2 (0x2)

uPolicies-explorer: Btn_Size = 2 (0x2)

uPolicies-explorer: Btn_Print = 1 (0x1)

uPolicies-explorer: Btn_Edit = 2 (0x2)

uPolicies-explorer: Btn_Discussions = 2 (0x2)

uPolicies-explorer: Btn_Cut = 2 (0x2)

uPolicies-explorer: Btn_Copy = 2 (0x2)

uPolicies-explorer: Btn_Paste = 2 (0x2)

uPolicies-explorer: Btn_Encoding = 2 (0x2)

uPolicies-explorer: NoActiveDesktop = 1 (0x1)

uPolicies-explorer: NoWindowsUpdate = 0 (0x0)

uPolicies-explorer: NoWelcomeScreen = 1 (0x1)

uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)

uPolicies-explorer: NoSMMyPictures = 1 (0x1)

uPolicies-explorer: NoStartMenuMyMusic = 1 (0x1)

uPolicies-explorer: DisablePersonalDirChange = 1 (0x1)

uPolicies-explorer: DisallowCpl = 1 (0x1)

uPolicies-explorer: SpecifyDefaultButtons = 1 (0x1)

mPolicies-explorer: NoSMMyPictures = 1 (0x1)

mPolicies-explorer: NoStartMenuMyMusic = 1 (0x1)

mPolicies-explorer: NoWelcomeScreen = 1 (0x1)

mPolicies-system: disablecad = 1 (0x1)

IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM

IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM

IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM

IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM

IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM

IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

Trusted Zone: emotion.com\pwc

Trusted Zone: hp.com\saas

Trusted Zone: projectinvision.com

Trusted Zone: pwc.com\brandsite

Trusted Zone: pwcinternal.com\invision

Trusted Zone: pwcinternal.com\mass-bw.nam

Trusted Zone: pwcinternal.com\plink

Trusted Zone: pwcinternal.com\project.nam

Trusted Zone: pwcinternal.com\servicemanager

Trusted Zone: pwcinternal.com\usbw.nam

Trusted Zone: pwcinternal.com\usphi1gdcapp19

Trusted Zone: pwcinternal.com\ustpa3gtsap146.nam

Trusted Zone: pwcinternal.com\uxgfbwdv.nam

Trusted Zone: pwcinternal.com\uxgfbwqa.nam

Trusted Zone: pwcinternal.com\uxgfugd.nam

Trusted Zone: pwcinternal.com\uxgfugm.nam

Trusted Zone: pwcinternal.com\uxgfugq.nam

Trusted Zone: pwcinternal.com\westkm

Trusted Zone: pwcinternal.com\westkm-stg

Trusted Zone: emotion.com\pwc

Trusted Zone: hp.com\saas

Trusted Zone: projectinvision.com

Trusted Zone: pwc.com\brandsite

Trusted Zone: pwcinternal.com\mass-bw.nam

Trusted Zone: pwcinternal.com\plink

Trusted Zone: pwcinternal.com\servicemanager

Trusted Zone: pwcinternal.com\usbw.nam

Trusted Zone: pwcinternal.com\uxgfbwdv.nam

Trusted Zone: pwcinternal.com\uxgfbwqa.nam

Trusted Zone: pwcinternal.com\uxgfugd.nam

Trusted Zone: pwcinternal.com\uxgfugm.nam

Trusted Zone: pwcinternal.com\uxgfugq.nam

Trusted Zone: pwcinternal.com\westkm

Trusted Zone: pwcinternal.com\westkm-stg

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238616413015

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238616479500

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://juniper.net/dana-cached/setup/JuniperSetupSP1.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

Notify: igfxcui - igfxdev.dll

Notify: OdysseyClient - odyEvent.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R0 AES-256;AES-256;c:\windows\system32\drivers\AES256.sys [2008-9-16 19712]

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-9-23 342960]

R0 odFips;odFips;c:\windows\system32\drivers\odFIPS.sys [2007-12-14 254208]

R0 SgeFlt;SgeFlt;c:\windows\system32\drivers\SGEFLT.sys [2008-9-16 63488]

R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2009-4-27 293968]

R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2009-1-22 808296]

R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2009-1-22 20840]

R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2009-7-16 376096]

R2 enterceptAgent;McAfee Host Intrusion Prevention Service;c:\program files\mcafee\host intrusion prevention\FireSvc.exe [2009-3-10 1471808]

R2 iPCAgent;iPCAgent;c:\program files\ipass\ipassconnect\iPCAgent.exe [2009-4-2 90112]

R2 JuniperAccessService;Juniper Unified Network Service;c:\program files\common files\juniper networks\juns\dsAccessService.exe [2007-10-4 83320]

R2 McAfeeEngineService;McAfee Engine Service;c:\program files\mcafee\virusscan enterprise\engineserver.exe [2008-9-29 19456]

R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2009-5-18 103744]

R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\mcshield.exe [2008-9-29 143088]

R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\vstskmgr.exe [2008-9-29 62800]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-9-23 68416]

R2 PLMS32;PLMS32;c:\windows\system32\plms32.exe [2009-4-2 110592]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2009-4-2 2058776]

R2 VnxTcp;VnxTcp;c:\windows\system32\drivers\vnxtcp.sys [2009-4-2 437632]

R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2009-4-2 112512]

R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2009-4-2 32808]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2009-4-1 244368]

R3 FirehkMP;FirehkMP;c:\windows\system32\drivers\firehk.sys [2008-4-29 44680]

R3 HIPK;McAfee Inc. HIPK;c:\windows\system32\drivers\HIPK.sys [2010-3-17 110384]

R3 HIPPSK;McAfee Inc. HIPPSK;c:\windows\system32\drivers\HIPPSK.sys [2010-3-17 38200]

R3 HIPQK;McAfee Inc. HIPQK;c:\windows\system32\drivers\HIPQK.sys [2010-3-17 35584]

R3 hips;McAfee HIPSCore Service;c:\program files\mcafee\host intrusion prevention\hipscore\HIPSvc.exe [2010-3-17 34408]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2009-4-2 109568]

R3 jnprna;Juniper Network Agent Miniport;c:\windows\system32\drivers\jnprna.sys [2007-10-4 390528]

R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;c:\windows\system32\drivers\jnprvamgr.sys [2007-10-4 29312]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-9-23 90360]

R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-9-23 42424]

R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [2009-4-2 230952]

S3 EacService;Juniper TNC Endpoint Assessment;c:\program files\common files\juniper networks\tnc client\jTnccService.exe [2007-12-14 116008]

S3 Firehk;McAfee NDIS Intermediate Filter;c:\windows\system32\drivers\firehk.sys [2008-4-29 44680]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2009-9-23 64432]

S3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\drivers\nvtsp50.sys --> c:\windows\system32\drivers\NvtSp50.sys [?]

=============== Created Last 30 ================

2010-04-02 13:07:22 0 d-----w- c:\docume~1\jschwa~1\applic~1\smkits

2010-04-01 16:43:24 0 ----a-w- c:\windows\system32\api_hook_list.dat

2010-04-01 16:40:46 38528 ----a-w- c:\windows\system32\HIPIS0e011a2.dll

2010-04-01 14:35:00 343340 ----a-w- c:\windows\PRINTERS.INI

2010-03-31 19:38:28 0 d-----w- c:\program files\Xiph.Org

2010-03-31 19:25:10 0 d-----w- c:\program files\common files\DivX Shared

2010-03-31 19:24:45 0 d-----w- c:\program files\DivX

2010-03-31 19:24:23 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX

2010-03-31 19:18:28 0 d-----w- c:\program files\VideoLAN

2010-03-31 13:34:24 171 ----a-w- c:\windows\system32\plmsss

2010-03-31 05:22:40 11705 ----a-w- c:\windows\system32\plmsip

2010-03-27 04:23:02 0 d-----w- C:\Quarantine

2010-03-26 23:28:02 0 d-----w- c:\program files\Spybot - Search & Destroy

2010-03-26 23:28:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

2010-03-26 21:02:31 0 d-----w- c:\program files\CCleaner

2010-03-26 17:59:13 0 d-----w- c:\docume~1\jschwa~1\applic~1\Malwarebytes

2010-03-26 17:59:08 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2010-03-24 18:49:27 0 d-----w- c:\program files\pwctrack

2010-03-22 18:05:15 0 d-----w- c:\program files\common files\Hewlett-Packard

2010-03-22 18:03:47 38400 ----a-w- c:\windows\system32\hpz3l054.dll

2010-03-22 18:03:18 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2010-03-22 18:03:18 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2010-03-22 18:02:24 69632 ----a-w- c:\windows\system32\HPZipm12.exe

2010-03-22 18:02:23 65536 ----a-w- c:\windows\system32\HPZinw12.exe

2010-03-22 18:02:22 306688 ----a-w- c:\windows\IsUninst.exe

2010-03-22 18:01:38 0 d-----w- c:\program files\HP

2010-03-22 17:47:54 110413 ----a-w- c:\windows\hpoins11.dat

2010-03-22 17:47:14 98304 ----a-w- c:\windows\system32\hpzjsn01.dll

2010-03-22 17:47:12 77824 ----a-w- c:\windows\system32\HPZIDS01.dll

2010-03-22 17:47:11 659456 ----a-w- c:\windows\system32\hpowiax2.dll

2010-03-22 17:47:10 254026 ----a-w- c:\windows\system32\hpovst09.dll

2010-03-22 17:47:09 827392 ----a-w- c:\windows\system32\hpotiop2.dll

2010-03-22 17:46:39 6947 ----a-w- c:\windows\hpomdl11.dat

2010-03-19 15:32:04 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys

2010-03-19 15:32:04 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

2010-03-19 13:01:25 0 d-----w- C:\Temp

2010-03-18 17:45:32 0 d-----w- c:\documents and settings\jschwartz804\SametimeTranscripts

2010-03-18 16:48:24 0 d-----w- c:\windows\SchCache

2010-03-18 16:43:37 0 d-----w- c:\docume~1\jschwa~1\applic~1\Trillian

2010-03-18 16:42:24 0 d-s---w- c:\documents and settings\jschwartz804\UserData

2010-03-18 16:41:19 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys

2010-03-18 16:41:19 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys

2010-03-18 16:41:17 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys

2010-03-18 16:41:17 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys

2010-03-18 16:34:57 0 d-----w- c:\docume~1\jschwa~1\applic~1\InfoExpress

2010-03-17 23:22:26 0 d-----w- C:\Smart

2010-03-17 21:31:52 0 d-----w- c:\program files\PWCTOOLBAR

2010-03-17 21:31:51 0 d-----w- c:\program files\AtHocCorp

2010-03-17 21:31:51 0 d-----w- c:\docume~1\alluse~1\applic~1\AtHocCorp

2010-03-17 21:30:19 256 ----a-w- C:\NUSRCHK.TAG

2010-03-17 20:18:11 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll

2010-03-17 20:17:41 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll

2010-03-17 20:17:41 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll

2010-03-17 20:14:27 0 d-----w- c:\program files\Connected

2010-03-17 20:14:22 0 d-----w- c:\docume~1\jschwa~1\applic~1\Research In Motion

2010-03-17 20:12:01 3743744 ----a-w- c:\windows\system32\librfc32.dll

2010-03-17 19:58:45 766 ----a-w- c:\windows\system32\SETSCRT.ICO

2010-03-17 19:58:35 0 d-----w- c:\documents and settings\jschwartz804\IBM

2010-03-17 19:57:21 0 d-----w- c:\program files\ieSpell

2010-03-17 19:57:13 0 d-----w- c:\program files\PwC Highlight

2010-03-17 19:53:07 204854 ----a-w- c:\windows\XACL2000.exe

2010-03-17 19:53:06 254 ----a-w- c:\windows\flaudit.bat

2010-03-17 19:53:03 154 ----a-w- c:\windows\undo.bat

2010-03-17 19:51:26 0 d-----w- c:\program files\PwC

2010-03-17 19:51:25 0 d-----w- c:\docume~1\alluse~1\applic~1\PwC

2010-03-17 19:50:55 0 d-----w- c:\program files\PwC Templates

2010-03-17 19:50:46 0 d-----w- c:\docume~1\jschwa~1\applic~1\Office Genuine Advantage

2010-03-17 19:49:31 0 d-----w- c:\program files\NOTES

2010-03-17 19:49:26 0 d-----w- c:\program files\Classic Menu for Office

2010-03-17 19:29:18 0 d-----w- c:\program files\PwCPass2

2010-03-17 19:29:12 151 ----a-w- c:\windows\DriverSigning.bat

2010-03-17 19:27:51 0 d-----w- c:\docume~1\jschwa~1\applic~1\WinBatch

2010-03-17 19:27:42 0 d-----w- c:\docume~1\jschwa~1\applic~1\Funk Software

2010-03-17 19:26:36 0 d---a-w- c:\program files\kixtart

2010-03-17 19:01:15 0 d-----w- c:\program files\Hoteling Client

2010-03-17 18:58:34 32768 ----a-w- c:\windows\system32\AICC.dll

2010-03-17 18:58:24 0 d-----w- c:\program files\IE_NoFriendlyHTTPErrMsgs

2010-03-17 18:58:24 0 d-----w- C:\Local Settings

2010-03-17 18:52:39 61440 ----a-w- c:\windows\system32\HcSql.dll

2010-03-17 18:52:39 58688 ----a-w- c:\windows\system32\HcApi.dll

2010-03-17 18:52:39 136512 ----a-w- c:\windows\system32\KevlarSigs.dll

2010-03-17 18:52:39 12800 ----a-w- c:\windows\system32\HcSvc.dll

2010-03-17 18:52:31 43160 ----a-w- c:\windows\system32\hipqa.dll

2010-03-17 18:52:31 38200 ----a-w- c:\windows\system32\drivers\HIPPSK.sys

2010-03-17 18:52:31 35584 ----a-w- c:\windows\system32\drivers\HIPQK.sys

2010-03-17 18:52:31 24624 ----a-w- c:\windows\system32\mfehida.dll

2010-03-17 18:52:31 110384 ----a-w- c:\windows\system32\drivers\HIPK.sys

2010-03-17 18:52:19 0 d-----w- c:\program files\common files\McAfee Inc

2010-03-17 18:43:11 0 d-----w- c:\program files\Mobile T&E

2010-03-10 20:29:54 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys

2010-03-10 20:29:54 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys

2010-03-10 20:29:53 286720 ----a-w- c:\windows\system32\HPZc3212.dll

2010-03-10 20:29:53 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys

2010-03-10 20:29:41 0 ----a-w- c:\windows\HPMProp.INI

2010-03-10 20:27:12 0 d-----w- c:\program files\My Company Name

2010-03-10 20:24:23 0 d-----w- C:\AppDataFolder

2010-03-10 20:22:56 0 d--h--w- c:\windows\$hf_mig$

2010-03-08 17:59:18 94208 ----a-w- c:\windows\system32\dpl100.dll

==================== Find3M ====================

2010-02-26 05:43:57 667136 ----a-w- c:\windows\system32\wininet.dll

2010-02-26 05:43:54 81920 ----a-w- c:\windows\system32\ieencode.dll

2010-02-19 19:27:36 720384 ----a-w- c:\windows\system32\DivX.dll

2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx0c.dll

2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx07.dll

2010-02-19 19:27:16 847872 ----a-w- c:\windows\system32\divx_xx0a.dll

2010-02-19 19:27:16 843776 ----a-w- c:\windows\system32\divx_xx16.dll

2010-02-19 19:27:16 839680 ----a-w- c:\windows\system32\divx_xx11.dll

2009-04-02 20:49:20 464 ----a-w- c:\program files\GTSVPN.INI.BAK

2009-04-02 17:33:11 2319 ----a-w- c:\windows\inf\OpenWith.vbs

============= FINISH: 10:49:03.63 ===============

Attach.zip

ark.txt

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.