|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Security and Firewalls Protecting you against unwanted people and programs |
 |
|
|
LinkBack | Thread Tools |
04-06-2009, 03:35 AM
|
#1 (permalink) |
|
Registered User
Join Date: Apr 2009
Posts: 1
OS: XP - Novell 6.5
|
Ntoskrnl-hook removal issue
I have a user who has found this and tried removing it several times with McAfee. He is unable to get to some of our intranet, and is having e-mail issues here are the log files:
DDS (Ver_09-03-16.01) - NTFSx86 Run by E13140 at 4:18:59.25 on Mon 04/06/2009 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2015.1185 [GMT -5:00] AV: Endpoint Security Client Antivirus *On-access scanning disabled* (Outdated) AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning enabled* (Updated) ============== Running Processes =============== C:\WINDOWS\System32\Novell\XTAgent.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\WiFi\bin\S24EvMon.exe C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\AMT\atchksrv.exe C:\Program Files\Juniper Networks\Common Files\dsNcService.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Intel\AMT\LMS.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Novell\ZENworks\nalntsrv.exe c:\Program Files\PatchLink\Update Agent\GravitixService.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Novell\ZENworks\Asset Management\bin\CClientSvc.exe C:\Program Files\Intel\AMT\UNS.exe C:\Program Files\Novell\ZENworks\Asset Management\bin\CClient.exe C:\Program Files\Novell\ZENworks\wm.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Novell\ZENworks\Asset Management\bin\TSUsage32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\AMT\atchk.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\PatchLink\Update Agent\pddm.exe C:\WINDOWS\system32\dpmw32.exe C:\WINDOWS\system32\NWTRAY.EXE C:\Program Files\Microsoft Office Communicator\communicator.exe C:\Program Files\Adobe\Distillr\Acrotray.exe C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\McAfee\Common Framework\udaterui.exe C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE C:\Program Files\McAfee\Common Framework\McTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Novell\ZENworks\NalAgent.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Novell\ZENworks\WMRUNDLL.EXE C:\DOCUME~1\E13140\LOCALS~1\Temp\PPPClient.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE svchost.exe C:\Documents and Settings\E13140\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uWindow Title = Microsoft Internet Explorer provided by Chicago Mercantile Exchange Inc. uSearch Bar = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie mWinlogon: System=ziswin.exe BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\activex\AcroIEHelper.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat\AcroIEFavClient.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat\AcroIEFavClient.dll TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat\AcroIEFavClient.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [atchk] "c:\program files\intel\amt\atchk.exe" mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [PDDM] c:\program files\patchlink\update agent\pddm.exe mRun: [NDPS] c:\windows\system32\dpmw32.exe mRun: [ZENRC Tray Icon] c:\windows\system32\zentray.exe mRun: [ZoneAlarm Client] "c:\program files\checkpoint\integrity client\iclient.exe" mRun: [NWTRAY] NWTRAY.EXE mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8 pro\acrobat\Acrotray.exe" mRun: [<NO NAME>] mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_03\bin\jusched.exe" mRun: [Communicator] "c:\program files\microsoft office communicator\communicator.exe" /fromrunkey mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\distillr\Acrotray.exe" mRun: [Opware12] "c:\program files\scansoft\omnipagepro12.0\Opware12.exe" mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe" mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\applic~1.lnk - c:\program files\novell\zenworks\NalView.exe uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) uPolicies-explorer: ForceStartMenuLogOff = 1 (0x1) mPolicies-system: CompatibleRUPSecurity = 1 (0x1) IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\adobe\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\adobe\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\adobe\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\adobe\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {C1994287-422F-47aa-8E5E-6323E210A125} - {4B5F7606-8666-4D5A-9780-DB92A9D8812B} - c:\program files\novell\zenworks\AxNalServer.dll DPF: {165B3239-2565-49DB-8A82-F28631CE44ED} - hxxp://www.cme-equotes.com/webstart/webstart.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229349121718 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://connectwdc.cme.com/dana-cached/setup/JuniperSetupSP1.cab TCP: NameServer = 85.255.112.112,85.255.112.212 TCP: {25999A4B-58CA-4213-ABF0-799F6729FB6E} = 85.255.112.112,85.255.112.212 TCP: {886C9CF7-730D-41D8-BE39-FB86EED11DA6} = 85.255.112.112,85.255.112.212 TCP: {96B1F2A6-4840-48F7-8593-DFED08772875} = 85.255.112.112,85.255.112.212 Notify: AtiExtEvent - Ati2evxx.dll Notify: NetIdentity Notification - c:\windows\system32\novell\XtNotify.dll SEH: Application Explorer: {763370c4-268e-4308-a60c-d8da0342be32} - c:\program files\novell\zenworks\NalShell.dll LSA: Authentication Packages = msv1_0 nwv1_0 ============= SERVICES / DRIVERS =============== R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2008-10-6 31816] R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2008-1-23 398888] R2 BlankScr;HBDevice;c:\windows\system32\drivers\blankscr.sys [2005-5-23 6899] R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2009-1-16 103744] R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2008-10-6 144704] R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2008-10-6 54608] R2 Remote Management Agent;Novell ZENworks Remote Management Agent;c:\program files\novell\zenworks\remotemanagement\rmagent\ZenRem32.exe [2006-5-9 167936] R2 TSCensus Collection Client;ZENworks Asset Management - Collection Client;c:\program files\novell\zenworks\asset management\bin\CClientSvc.exe [2009-3-23 49152] R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\intel\amt\UNS.exe [2009-3-23 1489688] R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?] R2 WNTHW;WNTHW;c:\windows\system32\drivers\WNTHW.SYS [2009-3-23 9176] R2 XTAgent;Novell XTier Agent Services;c:\windows\system32\novell\xtagent.exe [2006-5-2 61440] R3 Darpan;Darpan;c:\windows\system32\drivers\Darpan.sys [2005-5-23 2773] R3 FW1;SecuRemote Miniport;c:\windows\system32\drivers\fw.sys [2008-1-17 2235408] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-8-2 36608] R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2009-3-23 72904] R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2009-3-23 34344] R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2009-3-23 177672] R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [2006-8-16 47616] S0 vmscsi;vmscsi;c:\windows\system32\drivers\vmscsi.sys [2007-12-13 11026] S3 KLIF;KLIF;c:\windows\system32\drivers\klif.sys [2009-3-23 186128] S3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\drivers\rismc32.sys [2006-8-16 47616] =============== Created Last 30 ================ 2009-04-02 06:58 <DIR> --d----- c:\documents and settings\e13140\.housecall6.6 2009-04-01 07:11 <DIR> --d-h--- c:\windows\PIF 2009-04-01 06:14 39,936 a------- c:\windows\system32\drivers\gaopdxkysuhtpuyrnmnkrjkctablrsfalmfydl.sys 2009-04-01 06:14 13,824 a------- c:\windows\system32\gaopdxvyuosboylicifjnsdaxekyddpuxdglnu.dll 2009-04-01 06:14 4 a------- c:\windows\system32\gaopdxcounter 2009-04-01 06:00 <DIR> --d----- C:\Quarantine 2009-03-31 04:41 221,184 a------- c:\windows\system32\wmpns.dll 2009-03-31 04:41 <DIR> --d----- c:\windows\RegisteredPackages 2009-03-31 02:37 <DIR> --d----- c:\program files\Juniper Networks 2009-03-29 23:10 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys 2009-03-29 23:10 25,856 a------- c:\windows\system32\drivers\usbprint.sys 2009-03-23 16:30 <DIR> --d----- c:\program files\VMware 2009-03-23 16:30 <DIR> --d----- c:\program files\Nero-6-6 2009-03-23 16:26 <DIR> --d----- c:\program files\common files\InterVideo 2009-03-23 16:26 204,800 a------- c:\windows\system32\IVIresizeW7.dll 2009-03-23 16:26 200,704 a------- c:\windows\system32\IVIresizeA6.dll 2009-03-23 16:26 192,512 a------- c:\windows\system32\IVIresizeP6.dll 2009-03-23 16:26 192,512 a------- c:\windows\system32\IVIresizeM6.dll 2009-03-23 16:26 188,416 a------- c:\windows\system32\IVIresizePX.dll 2009-03-23 16:26 20,480 a------- c:\windows\system32\IVIresize.dll 2009-03-23 16:25 <DIR> --d----- c:\program files\InterVideo 2009-03-23 16:25 <DIR> --d----- c:\program files\common files\Temp 2009-03-23 12:18 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll 2009-03-23 12:18 <DIR> --d----- c:\program files\Network Associates 2009-03-23 12:17 57,398 ac------ c:\windows\system32\dllcache\imjpdadm.exe 2009-03-23 12:15 72,904 a------- c:\windows\system32\drivers\mfeavfk.sys 2009-03-23 12:15 64,488 a------- c:\windows\system32\drivers\mfeapfk.sys 2009-03-23 12:15 34,344 a------- c:\windows\system32\drivers\mfebopk.sys 2009-03-23 12:15 177,672 a------- c:\windows\system32\drivers\mfehidk.sys 2009-03-23 12:15 52,136 a------- c:\windows\system32\drivers\mfetdik.sys 2009-03-23 12:15 <DIR> --d----- c:\program files\common files\McAfee 2009-03-23 11:47 <DIR> --d----- c:\docume~1\e13140\applic~1\Juniper Networks 2009-03-23 11:46 <DIR> --d----- c:\documents and settings\e13140\Spark 2009-03-23 11:46 <DIR> --d----- c:\docume~1\e13140\applic~1\CME 2009-03-23 11:46 <DIR> --d----- c:\documents and settings\e13140\CME 2009-03-23 11:38 <DIR> --d----- c:\docume~1\e13140\applic~1\Intel 2009-03-23 11:38 3,634,688 a------- c:\windows\system32\drivers\NETw5x32.sys 2009-03-23 11:38 2,756,608 a------- c:\windows\system32\NETw5r32.dll 2009-03-23 11:38 663,552 a------- c:\windows\system32\NETw5c32.dll 2009-03-23 11:38 <DIR> --d----- c:\docume~1\e13140\applic~1\salesforce.com 2009-03-23 11:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\salesforce.com 2009-03-23 11:38 <DIR> --d----- c:\program files\common files\Intel 2009-03-23 11:36 26,496 ac------ c:\windows\system32\dllcache\usbstor.sys 2009-03-23 11:21 <DIR> --d----- c:\windows\Manifests 2009-03-23 11:18 563 a------- c:\windows\MAXLINK.INI 2009-03-23 11:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SSScanWizard 2009-03-23 11:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SSScanAppDataDir 2009-03-23 11:18 <DIR> --d----- c:\program files\common files\L&H Shared 2009-03-23 11:18 <DIR> --d----- c:\program files\common files\ScanSoft Shared 2009-03-23 11:17 <DIR> --d----- c:\program files\ScanSoft 2009-03-23 11:17 <DIR> --d----- C:\salesforce.com 2009-03-23 11:16 137,000 a------- c:\windows\system32\MSMAPI32.OCX 2009-03-23 11:16 662,288 a------- c:\windows\system32\MSCOMCT2.OCX 2009-03-23 11:16 116,224 a------- c:\windows\system32\pdfcmnnt.dll 2009-03-23 11:16 23,552 a------- c:\windows\system32\MSMPIDE.DLL 2009-03-23 11:16 <DIR> --d----- c:\program files\PDFCreator 2009-03-23 11:15 <DIR> --d----- c:\program files\salesforce.com 2009-03-23 11:14 <DIR> --d----- c:\windows\SchCache 2009-03-23 11:14 <DIR> --d----- c:\documents and settings\e13140\Tracing 2009-03-23 11:06 378 a------- c:\windows\system32\mapisvc.inf 2009-03-23 11:05 84,992 a------- c:\windows\system32\lmdimon8.dll 2009-03-23 11:05 <DIR> --d----- c:\program files\Microsoft Office Communicator 2009-03-23 11:03 766 a------- c:\windows\eas.ini 2009-03-23 11:03 117 a------- c:\windows\fas.ini 2009-03-23 11:03 <DIR> --d----- c:\program files\ZANTAZ 2009-03-23 10:56 69,632 a------- c:\windows\system32\javacpl.cpl 2009-03-23 10:44 <DIR> --d----- c:\program files\common files\Macrovision Shared 2009-03-23 10:38 2,048 a------- c:\windows\system32\AutoRun.exe 2009-03-23 10:38 <DIR> --d----- c:\program files\RSA Security 2009-03-23 10:37 <DIR> --d----- c:\program files\Lavasoft 2009-03-23 10:24 8,992 a--sh--- c:\windows\system32\drivers\fidbox.dat 2009-03-23 10:24 1,196 a--sh--- c:\windows\system32\drivers\fidbox.idx 2009-03-23 10:24 1,124 a--sh--- c:\windows\system32\drivers\fidbox2.idx 2009-03-23 10:24 800 a--sh--- c:\windows\system32\drivers\fidbox2.dat 2009-03-23 10:21 4,212 a---h--- c:\windows\system32\zllictbl.dat 2009-03-23 10:21 <DIR> --d--r-- c:\windows\system32\ZoneLabs 2009-03-23 10:21 <DIR> --d----- c:\program files\CheckPoint 2009-03-23 10:21 <DIR> --d----- c:\windows\Internet Logs 2009-03-23 10:20 181,248 a------- c:\windows\netdom.exe 2009-03-23 10:20 372 a------- C:\ziswin.hst 2009-03-23 10:20 600,064 a------- c:\windows\system32\msrdp.ocx 2009-03-23 10:20 147 a------- c:\windows\system32\gpupdate.bat 2009-03-23 10:20 <DIR> --d----- c:\windows\system32\novell 2009-03-23 10:20 823,296 a------- c:\windows\system32\ccsw32.dll 2009-03-23 10:19 <DIR> --d----- c:\windows\system\nls 2009-03-23 10:19 <DIR> --d----- c:\windows\system32\NetWare 2009-03-23 10:19 <DIR> --d----- c:\program files\CUAgent 2009-03-23 10:19 <DIR> --d----- c:\windows\system32\nls 2009-03-23 10:15 <DIR> --d----- c:\program files\PatchLink 2009-03-23 10:15 <DIR> --d----- c:\program files\common files\PatchLink 2009-03-23 10:14 9,176 a------- c:\windows\system32\drivers\WNTHW.SYS 2009-03-23 10:14 <DIR> --d----- c:\program files\Novell 2009-03-23 10:14 306,688 a------- c:\windows\IsUninst.exe 2009-03-23 10:14 <DIR> --d----- c:\program files\common files\Cisco Systems 2009-03-23 10:13 <DIR> --d----- c:\program files\McAfee 2009-03-23 10:07 30,512 a------- c:\windows\system32\mdimon.dll 2009-03-23 10:04 <DIR> --d----- c:\windows\SHELLNEW 2009-03-23 10:03 <DIR> --d-h--- C:\NALCache 2009-03-23 10:03 <DIR> --d----- c:\documents and settings\e13140\Bluetooth Software 2009-03-23 10:03 <DIR> --ds---- c:\documents and settings\e13140\UserData 2009-03-23 10:03 <DIR> --d----- c:\documents and settings\E13140 2009-03-23 10:01 40,960 a------- c:\windows\Zcnclite.exe 2009-03-23 10:01 559 a------- c:\windows\asset.vbs 2009-03-23 10:00 920,344 a------- c:\windows\system32\heciudlg.exe 2009-03-23 10:00 44,800 a------- c:\windows\system32\drivers\HECI.sys 2009-03-23 09:55 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf 2009-03-23 09:55 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2009-03-23 09:55 1,419,232 a------- c:\windows\system32\wdfcoinstaller01005.dll 2009-03-23 09:55 16,768 a------- c:\windows\system32\drivers\HpqKbFiltr.sys 2009-03-23 09:55 1,560,576 a------- c:\windows\system32\BttnCmns_64.dll 2009-03-23 09:55 1,560,576 a------- c:\windows\system32\BttnCmns.dll 2009-03-23 09:55 987,136 a------- c:\windows\system32\BttnCmn.dll 2009-03-23 09:54 <DIR> --d----- c:\windows\system32\ReinstallBackups 2009-03-23 09:54 <DIR> --d----- c:\program files\CONEXANT 2009-03-23 09:54 39,936 a------- c:\windows\system32\drivers\rimmptsk.sys 2009-03-23 09:54 <DIR> --d----- c:\program files\Analog Devices 2009-03-23 09:53 <DIR> --d----- c:\program files\Fingerprint Sensor 2009-03-23 09:53 912,152 a------- c:\windows\system32\mesoludlg.exe 2009-03-23 09:53 319,456 a------- c:\windows\system32\difxapi.dll 2009-03-23 09:53 <DIR> --d----- c:\program files\common files\postureAgent 2009-03-23 09:53 <DIR> --d----- C:\Intel 2009-03-23 09:53 14,848 ac------ c:\windows\system32\dllcache\kbdhid.sys 2009-03-23 09:53 14,848 a------- c:\windows\system32\drivers\kbdhid.sys 2009-03-23 09:49 868,298 a------- c:\windows\system32\drivers\btkrnl.sys 2009-03-23 09:49 106,557 a------- c:\windows\system32\btw_ci.dll 2009-03-23 09:49 67,960 a------- c:\windows\system32\drivers\btwusb.sys 2009-03-23 09:49 <DIR> --d----- c:\program files\WIDCOMM 2009-03-23 09:45 61,056 a------- c:\windows\system32\drivers\ohci1394.sys 2009-03-23 09:45 6,400 a------- c:\windows\system32\drivers\enum1394.sys 2009-03-23 09:45 53,248 a------- c:\windows\system32\drivers\1394bus.sys 2009-03-23 09:45 <DIR> --d----- c:\program files\Synaptics 2009-03-23 09:45 19,584 a------- c:\windows\system32\drivers\rasirda.sys 2009-03-23 09:45 152,576 a------- c:\windows\system32\irftp.exe 2009-03-23 09:45 87,424 a------- c:\windows\system32\drivers\irda.sys 2009-03-23 09:45 27,136 a------- c:\windows\system32\irmon.dll 2009-03-23 09:45 8,192 a------- c:\windows\system32\wshirda.dll 2009-03-23 09:45 35,913 a------- c:\windows\system32\drivers\smcirda.sys 2009-03-23 09:45 8,832 a------- c:\windows\system32\drivers\wmiacpi.sys 2009-03-23 09:44 4,128 a------- c:\windows\system32\drivers\INFCACHE.1 ==================== Find3M ==================== 2009-04-01 07:11 2,855 a------- c:\windows\pif\S-0-7-46-100022277-100025877-100003675-3107.PIF 2009-03-23 11:27 0 a------- c:\windows\system32\drivers\lvuvc.hs 2009-03-23 11:27 0 a------- c:\windows\system32\drivers\logiflt.iad ============= FINISH: 4:19:10.60 =============== |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
