Jump to content

majordomo

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi I did the first rename part, but the second part regsvr32 does not work and gives the following reply: regsvr32 is not recognised as an internal or external command, program or batchfile. regards
  2. Hi, Yes, I've ran mbam clean and re-install 3 or 4 times already. regards
  3. Hi first pop up window says runtime error "0" clicks ok and second window says " "runtime error 372 Failed to load control 'vbalgrid' from vbalgrid6.ocx Version of vbalgrid6.ocx is outdated. Make sure you are using the version of the control that was provided with your application. regards
  4. Hi, I did the mbam clean. after restart turned off avast completely and installed mbam. Ran chameleon, but still the same results. regards.
  5. Hi Computer behaves the same as before no obvious issues, except not being able to run malwarebytes. regards
  6. Hi, Below the log from Combofix: ComboFix 12-05-06.03 - Reinier 06-05-2012 19:42:57.1.2 - x86 Microsoft® Windows Vista™ Business 6.0.6001.1.1252.31.1043.18.1976.1123 [GMT 2:00] Gestart vanuit: c:\users\Reinier\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Reinier\AppData\Roaming\020000006f63571b515C.manifest c:\users\Reinier\AppData\Roaming\020000006f63571b515O.manifest c:\users\Reinier\AppData\Roaming\020000006f63571b515P.manifest c:\users\Reinier\AppData\Roaming\020000006f63571b515S.manifest D:\resycled . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_gaopdxserv.sys -------\Service_gaopdxserv.sys . . (((((((((((((((((((( Bestanden Gemaakt van 2012-04-06 to 2012-05-06 )))))))))))))))))))))))))))))) . . 2012-05-03 16:18 . 2012-03-06 23:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-05-03 16:18 . 2012-03-06 23:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-05-03 16:18 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-05-03 16:18 . 2012-03-06 23:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-05-03 16:18 . 2012-03-06 23:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-05-03 16:18 . 2012-03-06 23:01 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-05-03 16:18 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr 2012-05-03 16:18 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-05-03 16:17 . 2012-05-03 16:17 -------- d-----w- c:\programdata\AVAST Software 2012-05-03 15:25 . 2012-05-05 10:40 28488 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2012-05-03 15:24 . 2012-05-05 10:40 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-05-03 15:24 . 2012-05-03 15:24 -------- d-----w- c:\users\Reinier\AppData\Roaming\Malwarebytes 2012-05-03 15:24 . 2012-05-03 15:24 -------- d-----w- c:\programdata\Malwarebytes 2012-05-03 15:24 . 2012-05-03 15:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-03 15:24 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-01 18:56 . 2012-05-01 19:07 -------- d-----w- c:\users\Reinier\AppData\Local\Samsung 2012-05-01 18:35 . 2008-08-19 12:27 487424 ----a-w- c:\windows\system32\INT15.dll 2012-05-01 18:34 . 2008-08-19 12:23 17952 ----a-w- c:\windows\system32\drivers\int15_64.sys 2012-05-01 18:34 . 2008-08-19 12:23 15392 ----a-w- c:\windows\system32\drivers\int15.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-28 20:11 . 2011-07-11 20:52 4659712 ----a-w- c:\windows\system32\Redemption.dll 2012-03-28 20:11 . 2012-03-28 20:11 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-02-15 19:11 . 2010-05-17 09:00 472808 ----a-w- c:\windows\system32\deployJava1.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-28 6111232] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512] "Skytel"="Skytel.exe" [2008-04-21 1826816] "ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-09-01 858632] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "NoFileAssociate"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" "Persistence"="c:\windows\system32\igfxpers.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "IgfxTray"="c:\windows\system32\igfxtray.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ . Inhoud van de 'Gedeelde Taken' map . 2012-05-06 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2010-08-17 19:06] . 2012-04-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088551051-925268556-1652152937-1003Core.job - c:\users\Reinier\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-01 19:12] . 2012-05-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088551051-925268556-1652152937-1003UA.job - c:\users\Reinier\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-01 19:12] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.2345.com/?duote mStart Page = hxxp://nl.intl.acer.yahoo.com IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 . - - - - ORPHANS VERWIJDERD - - - - . Notify-3e5fda52515 - (no file) Notify-AWinNotifyVitaKey MC3000 - (no file) . . . ************************************************************************** scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2088551051-925268556-1652152937-1003\Software\SecuROM\License information*] "datasecu"=hex:d4,9f,00,0b,af,f5,b4,c5,43,41,e0,28,2f,19,26,88,a8,a4,3a,a4,c2, af,cf,d9,0b,03,6f,fb,e3,1d,2b,81,a5,ac,67,10,05,88,b8,22,b6,0f,97,b9,9c,2e,\ "rkeysecu"=hex:65,dd,1e,4d,1b,14,b1,2f,e3,ad,53,46,eb,ee,bf,af . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(3276) c:\windows\system32\btncopy.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Acer\Empowering Technology\Service\ETService.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\RtHDVCpl.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Launch Manager\QtZgAcer.EXE c:\windows\system32\igfxext.exe c:\windows\system32\igfxsrvc.exe c:\users\Reinier\AppData\Local\Temp\RtkBtMnt.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Voltooingstijd: 2012-05-06 20:00:16 - machine werd herstart ComboFix-quarantined-files.txt 2012-05-06 18:00 . Pre-Run: 29.938.798.592 bytes beschikbaar Post-Run: 29.465.739.264 bytes beschikbaar . - - End Of File - - E52CEA0D03A54750CC803C5C273B2134
  7. Hi, I also did that before and tried it again. But i get the same runtime error code. regards
  8. Hello I'd already tried that, but have tried it again. Unfortanately I still get the runtime error for all 11 versions of chameleon. Regards
  9. LDTate thanks for your response, I was reffering to runtime error 372 and not error code 732. At the moment of running dss no anti virus was present. but before and after I had Avast. Ran a full scan after posting the logs and it found nothing. Thanks.
  10. Hello, I'm unable to run malwarebytes due to runtime error 372. I've followed multiple workarounds to solve the problem all from this forum but nothing has worked. So now I post my dss logs as suggested. Thanks in advance majordomo . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.6001.18000 Run by Reinier at 17:34:54 on 2012-05-03 Microsoft® Windows Vista™ Business 6.0.6001.1.1252.31.1043.18.1976.1103 [GMT 2:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\PLFSetI.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Acer\Empowering Technology\Service\ETService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Users\Reinier\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\Reinier\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Reinier\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.2345.com/?duote uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vz32&d=1208&m=travelmate_7730 mStart Page = hxxp://nl.intl.acer.yahoo.com mDefault_Page_URL = hxxp://nl.intl.acer.yahoo.com BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~1\office12\GRA8E1~1.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: ECO Bar: {10000000-1000-1000-1000-100000000000} - mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\iaanotif.exe" mRun: [RtHDVCpl] "RtHDVCpl.exe" mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe" mRun: [skytel] "Skytel.exe" mRun: [ProductReg] "c:\program files\acer\wr_popup\ProductReg.exe" mRun: [PLFSetI] "c:\windows\PLFSetI.exe" mRun: [LManager] "c:\progra~1\launch~1\QtZgAcer.EXE" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent mPolicies-explorer: NoResolveTrack = 1 (0x1) mPolicies-explorer: NoFileAssociate = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: NoDispSettingsPage = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\program files\acer\acer bio protection\PwdBank.exe IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_Win32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 TCP: Interfaces\{4BA9FC38-C36B-408A-B299-9266D36FE0ED} : DhcpNameServer = 62.179.104.196 213.46.228.196 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~1\office12\GR99D3~1.DLL Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~1\office12\GRA8E1~1.DLL LSA: Notification Packages = scecli c:\program files\acer\acer bio protection\PwdFilter . ============= SERVICES / DRIVERS =============== . R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\drivers\AlfaFF.sys [2008-12-16 43184] R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2012-5-1 24576] R2 WRConsumerService;Webroot Client Service;c:\program files\webroot\webrootsecurity\WRConsumerService.exe [2010-8-1 1201640] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-3-28 210432] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-29 112128] R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-6-12 81296] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-5-3 28488] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-5-3 40776] R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-6-12 3658752] S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;"c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe" --> c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [?] S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe --> c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [?] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe --> c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [?] . =============== Created Last 30 ================ . 2012-05-03 15:25:07 28488 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2012-05-03 15:24:46 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-05-03 15:24:45 -------- d-----w- c:\users\reinier\appdata\roaming\Malwarebytes 2012-05-03 15:24:41 -------- d-----w- c:\programdata\Malwarebytes 2012-05-03 15:24:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-03 15:24:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-01 18:56:45 -------- d-----w- c:\users\reinier\appdata\local\Samsung 2012-05-01 18:35:12 487424 ----a-w- c:\windows\system32\INT15.dll 2012-05-01 18:34:42 17952 ----a-w- c:\windows\system32\drivers\int15_64.sys 2012-05-01 18:34:42 15392 ----a-w- c:\windows\system32\drivers\int15.sys . ==================== Find3M ==================== . 2012-03-28 20:11:22 4659712 ----a-w- c:\windows\system32\Redemption.dll 2012-03-28 20:11:06 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-02-15 19:11:15 472808 ----a-w- c:\windows\system32\deployJava1.dll . ============= FINISH: 17:35:43,75 =============== Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.