Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92366 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] Possible laptop infection from infected flash drive


  • This topic is locked This topic is locked
21 replies to this topic

#16 stargazercece

stargazercece

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 14 December 2009 - 12:18 PM

My clock settings are correct. What would OTC be cleaning up?

    Advertisements

Register to Remove


#17 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,250 posts

Posted 14 December 2009 - 12:25 PM

stargazercece, Residuals from ComboFix.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
Topics are closed after 5 days without response
 


#18 stargazercece

stargazercece

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 18 December 2009 - 05:13 PM

So is there anything else that needs to be cleaned/removed?

#19 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,250 posts

Posted 18 December 2009 - 07:37 PM

stargazercece, Please let me have a final set of logs from DDS to make sure.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
Topics are closed after 5 days without response
 


#20 stargazercece

stargazercece

    Authentic Member

  • Authentic Member
  • PipPip
  • 31 posts

Posted 20 December 2009 - 10:46 PM

Here's the log:

DDS (Ver_09-06-26.01) - NTFSx86
Run by Cece at 23:42:09.58 on Sun 12/20/2009
Internet Explorer: 8.0.6001.18865 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.1982.966 [GMT -5:00]

AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

D:\Windows\system32\wininit.exe
D:\Windows\system32\lsm.exe
D:\Windows\system32\svchost.exe -k DcomLaunch
D:\Windows\system32\nvvsvc.exe
D:\Windows\system32\svchost.exe -k rpcss
D:\Windows\System32\svchost.exe -k secsvcs
D:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
D:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
D:\Windows\system32\svchost.exe -k netsvcs
D:\Windows\system32\svchost.exe -k GPSvcGroup
D:\Windows\system32\SLsvc.exe
D:\Windows\system32\svchost.exe -k LocalService
D:\Windows\system32\rundll32.exe
D:\Windows\System32\spoolsv.exe
D:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
D:\Windows\system32\svchost.exe -k NetworkService
D:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
D:\Windows\system32\svchost.exe -k imgsvc
D:\Windows\System32\svchost.exe -k WerSvcGroup
D:\Windows\system32\SearchIndexer.exe
D:\Windows\system32\taskeng.exe
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Windows\vsnp2uvc.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
D:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
D:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Internet Explorer\IELowutil.exe
D:\Users\Cece_Phoenix\Desktop\dds.scr
D:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

mStart Page = about:blank
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - d:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - d:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - d:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - d:\program files\wot\WOT.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - d:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
TB: {73F7F495-A325-4C52-BE48-5F97FA511E89} - No File
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - d:\program files\wot\WOT.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - d:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] d:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "d:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] d:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] d:\program files\windows media player\WMPNSCFG.exe
uRun: [Skype] "d:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [ISUSPM] "d:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [GrooveMonitor] "d:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AVP] "d:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE d:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE d:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [TkBellExe] "d:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [snp2uvc] d:\windows\vsnp2uvc.exe
mRun: [RoxWatchTray] "d:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [SunJavaUpdateSched] "d:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [B Register d:\program files\divx\divx codec\divxdec.ax] "d:\windows\system32\rundll32.exe" "d:\program files\divx\divx codec\divxdec.ax",DllRegisterServer
StartupFolder: d:\users\cece\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - d:\program files\microsoft office\office12\ONENOTEM.EXE
uPolicies-explorer: HideSCABattery = 0 (0x0)
uPolicies-explorer: HideSCANetwork = 0 (0x0)
uPolicies-explorer: HideSCAVolume = 0 (0x0)
mPolicies-explorer: NoAutorun = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Anti-Banner - d:\program files\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - d:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {11316B13-33F0-4C9F-BD55-09994CCFA8EB} - {73F7F495-A325-4C52-BE48-5F97FA511E89}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - d:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - d:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - d:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - d:\program files\wot\WOT.dll
Notify: klogon - d:\windows\system32\klogon.dll
AppInit_DLLs: d:\progra~1\kasper~1\kasper~2\mzvkbd3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
d:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
d:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
d:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
d:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
d:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
d:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
d:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
d:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
d:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 klbg;Kaspersky Lab Boot Guard Driver;d:\windows\system32\drivers\klbg.sys [2008-12-15 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;d:\windows\system32\drivers\klim6.sys [2008-3-26 21008]
R3 klmouflt;Kaspersky Lab KLMOUFLT;d:\windows\system32\drivers\klmouflt.sys [2009-5-16 19472]
S3 FontCache;Windows Font Cache Service;d:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-3-24 21504]

=============== Created Last 30 ================

2009-12-18 18:25 <DIR> --d----- d:\programdata\Trymedia
2009-12-18 18:25 <DIR> --d----- d:\progra~2\Trymedia
2009-12-18 18:07 <DIR> --d----- d:\program files\Infogrames
2009-12-09 01:43 24,064 a------- d:\windows\system32\nshhttp.dll
2009-12-09 01:43 411,648 a------- d:\windows\system32\drivers\http.sys
2009-12-09 01:43 30,720 a------- d:\windows\system32\httpapi.dll
2009-12-08 18:51 243,712 a------- d:\windows\system32\rastls.dll
2009-12-03 19:07 <DIR> --d----- d:\program files\ESET
2009-12-01 19:19 77,312 a------- d:\windows\MBR.exe
2009-11-25 20:46 2,048 a------- d:\windows\system32\tzres.dll
2009-11-25 08:03 1,401,856 a------- d:\windows\system32\msxml6.dll
2009-11-25 08:03 1,248,768 a------- d:\windows\system32\msxml3.dll
2009-11-25 08:03 714,240 a------- d:\windows\system32\timedate.cpl

==================== Find3M ====================

2009-12-20 23:35 56,800 a------- d:\programdata\nvModes.dat
2009-12-20 23:35 56,800 a------- d:\progra~2\nvModes.dat
2009-12-06 21:09 382,072 a------- d:\windows\system32\perfh011.dat
2009-12-06 21:09 101,350 a------- d:\windows\system32\perfc011.dat
2009-11-21 01:40 916,480 a------- d:\windows\system32\wininet.dll
2009-11-21 01:34 109,056 a------- d:\windows\system32\iesysprep.dll
2009-11-21 01:34 71,680 a------- d:\windows\system32\iesetup.dll
2009-11-20 23:59 133,632 a------- d:\windows\system32\ieUnatt.exe
2009-11-20 09:11 411,368 a------- d:\windows\system32\deploytk.dll
2009-11-14 01:47 260,608 a------- d:\windows\PEV.exe
2009-11-13 19:47 856,064 a------- d:\windows\system32\divx_xx0c.dll
2009-11-13 19:47 856,064 a------- d:\windows\system32\divx_xx07.dll
2009-11-13 19:47 847,872 a------- d:\windows\system32\divx_xx0a.dll
2009-11-13 19:47 843,776 a------- d:\windows\system32\divx_xx16.dll
2009-11-13 19:47 839,680 a------- d:\windows\system32\divx_xx11.dll
2009-11-13 19:47 696,320 a------- d:\windows\system32\DivX.dll
2009-11-11 20:49 143,360 a------- d:\windows\inf\infstrng.dat
2009-11-11 20:49 51,200 a------- d:\windows\inf\infpub.dat
2009-11-11 20:49 86,016 a------- d:\windows\inf\infstor.dat
2009-11-02 20:42 195,456 -------- d:\windows\system32\MpSigStub.exe
2009-10-28 00:25 665,600 a------- d:\windows\inf\drvindex.dat
2009-10-28 00:24 0 a---h--- d:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-10-28 00:22 0 a---h--- d:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-08 16:08 555,520 a------- d:\windows\system32\UIAutomationCore.dll
2009-10-08 16:08 234,496 a------- d:\windows\system32\oleacc.dll
2009-10-08 16:07 4,096 a------- d:\windows\system32\oleaccrc.dll
2009-09-30 20:02 2,537,472 a------- d:\windows\system32\wpdshext.dll
2009-09-30 20:02 30,208 a------- d:\windows\system32\WPDShextAutoplay.exe
2009-09-30 20:02 334,848 a------- d:\windows\system32\PortableDeviceApi.dll
2009-09-30 20:02 87,552 a------- d:\windows\system32\WPDShServiceObj.dll
2009-09-30 20:02 31,232 a------- d:\windows\system32\BthMtpContextHandler.dll
2009-09-30 20:01 546,816 a------- d:\windows\system32\wpd_ci.dll
2009-09-30 20:01 160,256 a------- d:\windows\system32\PortableDeviceTypes.dll
2009-09-30 20:01 350,208 a------- d:\windows\system32\WPDSp.dll
2009-09-30 20:01 196,608 a------- d:\windows\system32\PortableDeviceWMDRM.dll
2009-09-30 20:01 100,864 a------- d:\windows\system32\PortableDeviceClassExtension.dll
2009-09-30 20:01 60,928 a------- d:\windows\system32\PortableDeviceConnectApi.dll
2009-09-30 20:01 81,920 a------- d:\windows\system32\wpdbusenum.dll
2009-09-30 20:01 226,816 a------- d:\windows\system32\WpdMtp.dll
2009-09-30 20:01 61,952 a------- d:\windows\system32\WpdMtpUS.dll
2009-09-30 20:01 33,280 a------- d:\windows\system32\WpdConns.dll
2009-09-24 21:10 974,848 a------- d:\windows\system32\WindowsCodecs.dll
2009-09-24 21:07 189,440 a------- d:\windows\system32\WindowsCodecsExt.dll
2009-09-24 21:04 321,024 a------- d:\windows\system32\PhotoMetadataHandler.dll
2009-09-24 20:49 1,554,432 a------- d:\windows\system32\xpsservices.dll
2009-09-24 20:48 351,232 a------- d:\windows\system32\XpsPrint.dll
2009-09-24 20:38 847,360 a------- d:\windows\system32\OpcServices.dll
2009-09-24 20:36 280,064 a------- d:\windows\system32\XpsGdiConverter.dll
2009-09-24 20:35 135,680 a------- d:\windows\system32\XpsRasterService.dll
2009-09-24 20:33 195,584 a------- d:\windows\system32\dxdiagn.dll
2009-09-24 20:33 829,440 a------- d:\windows\system32\d3d10warp.dll
2009-09-24 20:33 369,664 a------- d:\windows\system32\WMPhoto.dll
2009-09-24 20:32 252,928 a------- d:\windows\system32\dxdiag.exe
2009-09-24 20:31 519,680 a------- d:\windows\system32\d3d11.dll
2009-09-24 20:31 486,912 a------- d:\windows\system32\d3d10level9.dll
2009-09-24 20:31 161,280 a------- d:\windows\system32\d3d10_1.dll
2009-09-24 20:31 218,112 a------- d:\windows\system32\d3d10_1core.dll
2009-09-24 20:31 1,030,144 a------- d:\windows\system32\d3d10.dll
2009-09-24 20:31 828,928 a------- d:\windows\system32\d2d1.dll
2009-09-24 20:30 481,792 a------- d:\windows\system32\dxgi.dll
2009-09-24 20:30 190,464 a------- d:\windows\system32\d3d10core.dll
2009-09-24 20:27 1,064,448 a------- d:\windows\system32\DWrite.dll
2009-09-24 20:27 793,088 a------- d:\windows\system32\FntCache.dll
2009-09-24 20:27 37,888 a------- d:\windows\system32\cdd.dll
2009-09-24 17:54 258,048 a------- d:\windows\system32\winspool.drv
2009-09-24 17:54 667,648 a------- d:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 17:54 26,112 a------- d:\windows\system32\printfilterpipelineprxy.dll
2009-08-21 20:01 56 a---h--- d:\programdata\ezsidmv.dat
2009-08-21 20:01 56 a---h--- d:\progra~2\ezsidmv.dat
2009-05-05 19:04 12,978 a------- d:\users\cece\appdata\roaming\nvModes.dat
2009-03-26 02:02 139,030 a------- d:\windows\inf\perflib\0411\perfi.dat
2009-03-26 02:02 139,030 a------- d:\windows\inf\perflib\0411\perfh.dat
2009-03-26 02:02 30,674 a------- d:\windows\inf\perflib\0411\perfd.dat
2009-03-26 02:02 30,674 a------- d:\windows\inf\perflib\0411\perfc.dat
2009-03-25 12:45 174 a--sh--- d:\program files\desktop.ini
2006-11-02 07:40 287,440 a------- d:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:40 287,440 a------- d:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:40 30,674 a------- d:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:40 30,674 a------- d:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- d:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- d:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- d:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- d:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 23:43:23.57 ===============

Attached Files



#21 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,250 posts

Posted 21 December 2009 - 12:09 AM

stargazercece, Looks good. Go ahead and delete DDS. Any questions before I close this thread?

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
Topics are closed after 5 days without response
 


#22 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,250 posts

Posted 23 December 2009 - 11:32 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
Topics are closed after 5 days without response
 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users