Jump to content

J Barrett

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral

About J Barrett

  • Birthday 05/20/1988

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Maine
  1. J Barrett
    Hi there! I literally JUST finished wiping my HD/reinstalling Windows 7 because the problems I was having just kept escalating & eventually made it impossible to use my computer... so I suppose this thread is no longer necessary.
  2. J Barrett
    Oops, forgot the Protection Log... here it is. Protection_Log_2010_03_01__Blocked_IPs_.zip
  3. J Barrett
    Hi, I hope someone can help me with this problem I've been trying to rid for a while... When I do a Google search of anything and then click on a link, Firefox keeps redirecting the page I'm trying to go to to some random website. Usually the sites I get redirected to are for sketchy looking anti-virus/spyware/malware scanners, but sometimes it'll be a survey or "Special Offer" site. I'm not positive these are related to the issue, but: I can't successfully run Windows Update. I'm able to see the available updates but when I try to download & install them, but I get a "Code 80072EFE" error. Also, Google Chrome randomly stopped loading web pages. I can open Chrome, but any page I attempt to load stays completely blank. No errors or "Page cannot be loaded" dialog. I started having these problems around the same time the redirecting started happening... before that my computer was running smoothly. I downloaded and ran Kaspersky, Malwarebytes and Ad-Aware which detected several trojans/malware and "successfully" removed them and, so far, it seems like the redirection problem is gone for now. However Malwarebytes keeps notifying me of malicious IPs being blocked, so I don't think the threats are completely eradicated. Along with the 'attach.txt' and 'ark.txt' files, I'm attaching the Malwarebytes Protection Log file because it lists the blocked IPs in question. Help will be greatly appreciated! :] --------Malwarebytes Log File-------- Malwarebytes' Anti-Malware 1.44 Database version: 3811 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 3/1/2010 7:31:34 PM mbam-log-2010-03-01 (19-31-34).txt Scan type: Full Scan (C:\|E:\|) Objects scanned: 236677 Time elapsed: 1 hour(s), 15 minute(s), 15 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 7 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Windows\System32\lowsec (Stolen.data) -> Quarantined and deleted successfully. Files Infected: C:\$Recycle.Bin\S-1-5-21-4237113963-1484899726-2999723710-1000\$R2EJKXI.Keymaker-CORE\cr-ae368\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Josh\Local Settings\Temporary Internet Files\udRemove.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully. C:\Windows\System32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully. C:\Windows\System32\spool\prtprocs\w32x86\A721.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Windows\Temp\gsej.tmp\svchost.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. --------DDS-------- DDS (Ver_09-12-01.01) - NTFSx86 Run by Josh at 21:08:00.12 on Mon 03/01/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1526.679 [GMT -5:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskhost.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\3RVX\3RVX.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Josh\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll uRun: [3RVX] c:\program files\3rvx\3RVX.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [Getting started with MacDrive 8] "c:\program files\mediafour\macdrive 8\MDGetStarted.exe" /auto mRun: [MacDrive 8 application] "c:\program files\mediafour\macdrive 8\MacDrive.exe" mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll Notify: igfxcui - igfxdev.dll Notify: klogon - c:\windows\system32\klogon.dll AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\josh\appdata\roaming\mozilla\firefox\profiles\edjhkpzg.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT851238&SearchSource=3&q={searchTerms} FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\program files\emusic download manager\plugin\npemusic.dll FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll FF - plugin: c:\program files\opera\program\plugins\np_gp.dll FF - plugin: c:\users\josh\appdata\roaming\move networks\plugins\npqmp071505000011.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, falsec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-3-1 64288] R0 MDFSYSNT;MacDrive file system driver;c:\windows\system32\drivers\MDFSYSNT.SYS [2009-9-28 259176] R0 MDPMGRNT;MacDrive partition driver;c:\windows\system32\drivers\MDPMGRNT.SYS [2009-7-31 27488] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2009-9-14 21520] R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe [2009-10-20 340456] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1229232] R2 MacDrive8Service;MacDrive 8 service;c:\program files\mediafour\macdrive 8\MacDrive8Service.exe [2009-9-23 150528] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-3-1 236368] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-3-1 19160] R3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2009-12-4 2595840] R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-1 135664] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S3 VUAgent;VUAgent;c:\program files\sony\vaio update 5\VUAgent.exe [2010-1-5 664944] =============== Created Last 30 ================ 2010-03-02 02:06:09 0 ----a-w- c:\users\josh\defogger_reenable 2010-03-02 01:50:00 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-03-02 00:56:09 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-03-02 00:56:02 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-03-02 00:46:31 0 dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-03-02 00:45:59 0 d-----w- c:\programdata\Lavasoft 2010-03-02 00:45:59 0 d-----w- c:\program files\Lavasoft 2010-03-01 23:49:44 0 d-----w- c:\users\josh\appdata\roaming\eMusic 2010-03-01 23:49:29 0 d-----w- c:\program files\eMusic Download Manager 2010-03-01 22:45:11 0 d-----w- c:\users\josh\appdata\roaming\Malwarebytes 2010-03-01 22:45:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-01 22:44:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-01 22:44:58 0 d-----w- c:\programdata\Malwarebytes 2010-03-01 22:44:58 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-01 02:31:43 0 d-sh--w- c:\users\josh\appdata\roaming\lowsec 2010-02-26 05:20:40 0 d-----w- c:\users\josh\fontconfig 2010-02-26 05:16:04 0 d-----w- c:\program files\MPlayer for Windows 2010-02-26 02:30:41 0 d-----w- c:\program files\MPC HomeCinema 2010-02-25 03:04:42 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2010-02-25 03:04:42 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2010-02-25 03:03:51 0 d-----w- c:\programdata\Kaspersky Lab 2010-02-25 03:03:51 0 d-----w- c:\program files\Kaspersky Lab 2010-02-25 03:01:16 0 d-----w- c:\programdata\Kaspersky Lab Setup Files 2010-02-25 01:11:33 65536 --sha-w- c:\users\josh\ntuser.dat{0fef4c27-21a7-11df-8c60-00014aeee24c}.TM.blf 2010-02-25 01:11:33 524288 --sha-w- c:\users\josh\ntuser.dat{0fef4c27-21a7-11df-8c60-00014aeee24c}.TMContainer00000000000000000002.regtrans-ms 2010-02-25 01:11:33 524288 --sha-w- c:\users\josh\ntuser.dat{0fef4c27-21a7-11df-8c60-00014aeee24c}.TMContainer00000000000000000001.regtrans-ms 2010-02-13 04:59:46 0 d---a-w- c:\programdata\TEMP 2010-02-12 20:28:50 0 d-----w- c:\program files\common files\Software Update Utility 2010-02-08 23:22:58 0 d-----w- c:\program files\Microsoft IntelliPoint 2010-02-06 05:33:15 0 d-----w- c:\program files\iPod 2010-02-06 05:33:13 0 d-----w- c:\program files\iTunes 2010-02-05 23:53:04 977920 ----a-w- c:\windows\system32\wininet.dll 2010-02-05 21:10:15 0 d-----w- c:\windows\ShellNew 2010-02-05 04:32:03 0 d-----w- c:\programdata\AIM 2010-02-05 04:31:57 0 d-----w- c:\program files\AIM 2010-02-05 04:31:53 0 d-----w- c:\program files\common files\AOL 2010-02-05 04:31:41 693 ---ha-w- C:\IPH.PH 2010-02-03 02:44:21 30536 ----a-w- c:\windows\system32\TURegOpt.exe 2010-02-03 02:44:15 30024 ----a-w- c:\windows\system32\uxtuneup.dll 2010-02-03 02:44:15 21320 ----a-w- c:\windows\system32\authuitu.dll 2010-02-03 02:43:47 0 d-----w- c:\users\josh\appdata\roaming\TuneUp Software 2010-02-03 02:43:32 0 d-----w- c:\program files\TuneUp Utilities 2010 2010-02-03 02:42:34 0 d-----w- c:\programdata\TuneUp Software 2010-02-03 02:42:19 0 d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} ==================== Find3M ==================== 2010-01-18 23:29:31 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-01-18 23:29:31 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-01-18 23:29:31 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2010-01-18 23:29:30 369152 ----a-w- c:\windows\system32\secproc.dll 2010-01-18 23:28:33 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-01-18 23:28:33 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-01-18 23:28:30 320512 ----a-w- c:\windows\system32\RMActivate.exe 2010-01-18 23:28:30 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-01-14 16:12:06 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-08 03:18:02 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-01-08 03:17:36 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-01-05 21:33:21 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-12-19 09:02:52 12288 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-19 09:02:48 1328640 ----a-w- c:\windows\system32\quartz.dll 2009-12-19 09:02:46 22016 ----a-w- c:\windows\system32\msyuv.dll 2009-12-19 09:02:45 31744 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-19 09:02:45 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-19 09:02:40 84480 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-19 09:02:39 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-19 09:02:01 91648 ----a-w- c:\windows\system32\avifil32.dll 2009-12-18 00:30:08 87608 ----a-w- c:\users\josh\appdata\roaming\inst.exe 2009-12-18 00:30:08 47360 ----a-w- c:\users\josh\appdata\roaming\pcouffin.sys 2009-12-11 18:00:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-12-08 23:11:49 5640880 ----a-w- c:\windows\system32\SpoonUninstall.exe 2009-12-08 11:40:12 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-12-08 11:40:12 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-08 11:32:02 292864 ----a-w- c:\windows\system32\apphelp.dll 2009-12-04 00:58:36 21316 ----a-w- c:\windows\system32\emptyregdb.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 21:09:51.04 =============== Attach.zip ark.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.