Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista 64 bit no icons, no task bar, no task manager


  • This topic is locked This topic is locked
103 replies to this topic

#1 ehudwill

ehudwill

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gaffney, SC
  • Local time:10:52 PM

Posted 11 April 2012 - 12:49 PM

My computer had several viruses on it. I removed them, but they left some damage. All of my icons are gone. There is no taskbar. I cannot access the task manager. I cannot access anything. I have tried booting into safe mode, but I get the same thing. I have tried accessing files through the sticky keys ease of access center, but the link is not in the dialog box when I press shift 5 times. I am sure if I could run unhide.exe it would solve the problem it is just that I cannot access anything. All I have is a blank screen with a cursor.

Edit: I cannot right click. I also tried creating a usb to autorun unhide.exe, but to no avail.

Edited by ehudwill, 11 April 2012 - 10:18 PM.
Moved from Vista to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:52 PM

Posted 12 April 2012 - 10:33 AM

Let me ask someone to help you

good luck

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,933 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:52 AM

Posted 13 April 2012 - 03:15 AM

Hello, does pressing Windows key + R bring up the run box?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#4 ehudwill

ehudwill
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gaffney, SC
  • Local time:10:52 PM

Posted 13 April 2012 - 06:53 AM

No the windows key + R does not bring up the run box. I have tried all the hot key combinations I can think of.

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,933 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:52 AM

Posted 13 April 2012 - 06:56 AM

Do you have your vista DVD? If not, start the computer and tap F8 until the advanced boot options menu comes up. Do you see the option Repair Windows?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 ehudwill

ehudwill
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gaffney, SC
  • Local time:10:52 PM

Posted 13 April 2012 - 07:06 PM

Sorry for taking so long to reply. I have a Vista recovery cd and when I try to repair it gives me an error. Do you want the error code?

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,933 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:52 AM

Posted 14 April 2012 - 03:23 AM

No need for that. :)

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 ehudwill

ehudwill
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gaffney, SC
  • Local time:10:52 PM

Posted 14 April 2012 - 08:13 AM

Okay here are the scan results. Thanks for your help, also as a side note my youngest daughter is named Elise.

Scan result of Farbar Recovery Scan Tool Version: 15-03-2012
Ran by SYSTEM at 14-04-2012 09:09:45
Running from F:\
Windows Vista ™ Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6848544 2009-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe [x]
HKLM\...\Run: [ActivControl] C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe [1228072 2009-06-04] (Promethean Technologies Group Ltd)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [128296 2008-05-23] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [417792 2009-09-04] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [141600 2009-10-28] (Apple Inc.)
HKLM-x32\...\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background [623960 2009-11-19] (Research In Motion Limited)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35760 2010-06-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [976832 2010-06-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2010-08-12] (Google)
HKLM-x32\...\Run: [SSDMonitor] "C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [104408 2010-08-05] (PC Tools)
HKLM-x32\...\Run: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [193880 2010-11-19] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [HeadlineAlley_29 Browser Plugin Loader] C:\PROGRA~2\HEADLI~2\bar\1.bin\29brmon.exe [27648 2011-04-04] (HeadlineAlley)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\Tammy\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Tammy\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [3882312 2008-12-02] (Microsoft Corporation)
HKU\Tammy\...\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [785520 2008-06-10] (The Weather Channel Interactive, Inc.)
HKU\Tammy\...\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c [353736 2010-05-22] (IncrediMail, Ltd.)
HKU\Tammy\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-07-13] (Google Inc.)
HKU\Tammy\...\Run: [Spyware Doctor] C:\Users\Tammy\Desktop\sdsetup[1].exe -min [x]
HKU\Tammy\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4785536 2012-03-07] (SUPERAntiSpyware.com)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [339968 2009-04-10] (Microsoft Corporation)

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" [144672 2009-08-28] (Apple Inc.)
2 Ati External Event Utility; C:\Windows\System32\Ati2evxx.exe [901120 2009-02-23] (ATI Technologies Inc.)
2 BBUpdate; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [249648 2011-10-13] (Microsoft Corporation)
2 FlipShare Service; "C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe" [455944 2009-11-19] ()
3 GoogleDesktopManager-051210-111108; "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [30192 2010-08-12] (Google)
2 gupdate1ca0422b74cfe60; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [133104 2009-07-13] (Google Inc.)
2 HeadlineAlley_29Service; C:\PROGRA~2\HEADLI~2\bar\1.bin\29barsvc.exe [36864 2011-04-04] (HeadlineAlley)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 p2pimsvc; C:\Windows\SysWow64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation)
3 p2psvc; C:\Windows\SysWow64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation)
2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools)
3 PNRPAutoReg; C:\Windows\SysWow64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\SysWow64\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation)
3 SCardSvr; C:\Windows\SysWow64\SCardSvr.dll [95232 2009-04-10] (Microsoft Corporation)
2 Secunia PSI Agent; "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service [994360 2011-10-13] (Secunia)
2 Themes; C:\Windows\SysWow64\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec /V [x]

========================== Drivers (Whitelisted) =============

3 ActivHidSerMini; C:\Windows\System32\Drivers\ActivHidSerMini.sys [65152 2009-05-05] (Promethean Technologies Ltd)
3 CAXHWBS2; C:\Windows\System32\Drivers\CAXHWBS2.sys [411136 2008-07-01] (Conexant Systems, Inc.)
3 prmvmouse; C:\Windows\System32\DRIVERS\activmouse.sys [7168 2009-05-05] (Promethean Technologies Ltd)
3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [17976 2010-09-01] (Secunia)
3 PTDUBus; C:\Windows\System32\Drivers\PTDUBus.sys [60672 2008-03-11] (DEVGURU Co,LTD.)
3 PTDUMdm; C:\Windows\System32\Drivers\PTDUMdm.sys [70784 2008-03-11] (DEVGURU Co,LTD.)
3 PTDUVsp; C:\Windows\System32\Drivers\PTDUVsp.sys [66688 2008-03-11] (DEVGURU Co,LTD.)
3 PTDUWWAN; C:\Windows\System32\Drivers\PTDUWWAN.sys [84480 2008-03-11] (DEVGURU Co,LTD.)
3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [4598784 2009-02-23] (ATI Technologies Inc.)
3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh64.sys [188416 2009-01-13] (Realtek Corporation )
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

========================== NetSvcs (Whitelisted) ===========
NETSVCx32: Themes

============ One Month Created Files and Folders ==============

2012-04-11 23:37 - 2012-04-11 23:37 - 0000000 ____A C:\start
2012-04-11 18:23 - 2012-04-14 04:58 - 4293054464 __ASH C:\hiberfil.sys
2012-04-11 05:28 - 2012-04-11 18:15 - 0703490 ____A C:\Windows\ntbtlog.txt
2012-04-10 13:11 - 2012-04-10 13:11 - 0000000 __SHD C:\found.000
2012-04-10 13:06 - 2012-04-10 13:06 - 0143866 ____A C:\Windows\PFRO.log
2012-04-10 10:02 - 2012-04-10 10:04 - 0240418 ____A C:\TDSSKiller.2.7.27.0_10.04.2012_14.02.57_log.txt
2012-04-10 09:55 - 2012-04-10 09:56 - 0121440 ____A C:\TDSSKiller.2.7.27.0_10.04.2012_13.55.41_log.txt
2012-04-10 09:47 - 2012-04-10 09:47 - 0000943 ____A C:\Users\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
2012-04-10 09:47 - 2012-04-10 09:47 - 0000000 ____D C:\Users\Tammy\AppData\Local\Secunia PSI
2012-04-10 09:47 - 2012-04-10 09:47 - 0000000 ____D C:\Program Files (x86)\Secunia
2012-04-10 05:02 - 2012-04-10 05:03 - 0002499 ____A C:\Users\Public\Desktop\VBG.TXT
2012-04-09 19:48 - 2012-04-09 19:48 - 0000000 ____D C:\Users\Tammy\AppData\Roaming\Malwarebytes
2012-04-09 19:47 - 2012-04-09 19:48 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-09 19:47 - 2012-04-09 19:47 - 0000950 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-04-09 19:47 - 2012-04-09 19:47 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-04-09 19:47 - 2012-04-09 19:47 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-04-09 19:47 - 2012-04-04 11:56 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-09 17:45 - 2012-04-09 17:45 - 0001758 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-04-09 17:45 - 2012-04-09 17:45 - 0000000 ____D C:\Users\Tammy\AppData\Roaming\SUPERAntiSpyware.com
2012-04-09 17:45 - 2012-04-09 17:45 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-04-09 17:45 - 2012-04-09 17:45 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-04-09 17:45 - 2012-04-09 17:45 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2012-04-09 17:40 - 2012-04-10 10:02 - 0000757 ____A C:\rkill.log
2012-04-09 17:40 - 2012-04-10 10:02 - 0000150 ____A C:\Users\Tammy\Desktop\rk-proxy.reg
2012-04-08 17:32 - 2012-04-09 06:30 - 0035328 ____A C:\Users\Tammy\Desktop\Lean on Me #1 EDAS 5523 Lillie Lewis April 9, 2012.doc
2012-04-07 23:00 - 2011-12-13 23:43 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-04-07 23:00 - 2011-12-13 23:16 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-04-07 23:00 - 2011-12-13 23:11 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-04-07 23:00 - 2011-12-13 23:04 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-04-07 23:00 - 2011-12-13 23:04 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-04-07 23:00 - 2011-12-13 23:03 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-04-07 23:00 - 2011-12-13 23:03 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-04-07 23:00 - 2011-12-13 23:01 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-04-07 23:00 - 2011-12-13 23:00 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-04-07 23:00 - 2011-12-13 22:59 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-04-07 23:00 - 2011-12-13 22:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-04-07 23:00 - 2011-12-13 22:57 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-04-07 23:00 - 2011-12-13 22:53 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-04-07 23:00 - 2011-12-13 19:30 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-04-07 23:00 - 2011-12-13 19:10 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-04-07 23:00 - 2011-12-13 19:04 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-04-07 23:00 - 2011-12-13 18:57 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-04-07 23:00 - 2011-12-13 18:57 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-04-07 23:00 - 2011-12-13 18:56 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-04-07 23:00 - 2011-12-13 18:55 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-04-07 23:00 - 2011-12-13 18:54 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-04-07 23:00 - 2011-12-13 18:53 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-04-07 23:00 - 2011-12-13 18:52 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-04-07 23:00 - 2011-12-13 18:50 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-04-07 23:00 - 2011-12-13 18:50 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-04-07 23:00 - 2011-12-13 18:47 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-04-07 08:29 - 2012-04-07 08:29 - 0000200 ____A C:\Users\Tammy\Desktop\Hormone Replacement Therapy - Hormone Therapy - BodyLogicMD.url
2012-04-05 23:09 - 2012-04-05 23:09 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-04-05 23:09 - 2012-04-05 23:09 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-04-05 23:09 - 2012-04-05 23:09 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-04-05 23:09 - 2012-04-05 23:09 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-04-05 23:09 - 2012-04-05 23:09 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0136192 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0114176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-04-05 23:09 - 2012-04-05 23:09 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-04-05 23:09 - 2012-04-05 23:09 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-04-05 23:09 - 2012-04-05 23:09 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-04-05 23:09 - 2012-04-05 23:09 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-04-05 18:22 - 2012-04-05 18:22 - 0019849 ____A C:\Users\Tammy\Desktop\MiddleWinter11[1].txt
2012-04-05 18:20 - 2012-04-05 18:20 - 0947008 ____A C:\Users\Tammy\Desktop\School Examples.mht
2012-04-05 18:20 - 2012-04-05 18:20 - 0003099 ____A C:\Users\Tammy\Desktop\pbis at home 11_12 oct[1].txt
2012-04-05 18:18 - 2012-04-05 18:42 - 3814400 ____A C:\Users\Tammy\Desktop\PBIS Presentation April 6, 2012.ppt
2012-04-05 18:18 - 2012-04-05 18:18 - 0789392 ____A C:\Users\Tammy\Desktop\Middle School PBIS Bingo Party.mht
2012-04-05 17:45 - 2012-02-14 08:49 - 0327680 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-04-05 17:45 - 2012-02-14 08:49 - 0196096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-04-05 17:45 - 2012-02-14 07:45 - 0219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2012-04-05 17:45 - 2012-02-14 07:45 - 0160768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-04-05 17:45 - 2012-02-13 06:38 - 2002944 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-04-05 17:45 - 2012-02-13 06:12 - 1172480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-04-05 17:45 - 2012-02-13 06:06 - 0834048 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-04-05 17:45 - 2012-02-13 06:03 - 1555968 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-04-05 17:45 - 2012-02-13 05:47 - 0683008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-04-05 17:45 - 2012-02-13 05:44 - 1068544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-04-05 17:45 - 2012-02-02 07:34 - 2765824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-04-05 17:39 - 2012-01-09 08:16 - 0708096 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2012-04-05 17:39 - 2012-01-09 07:54 - 0613376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2012-04-05 17:39 - 2012-01-09 06:27 - 0209920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-03-25 19:13 - 2012-03-25 19:14 - 0000000 ____D C:\Users\Tammy\Desktop\Lillie Lewis


============ 3 Months Modified Files and Folders =============

2012-04-14 09:09 - 2012-04-14 09:09 - 0000000 ____D C:\FRST
2012-04-14 04:59 - 2006-11-02 07:42 - 0032604 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-04-14 04:59 - 2006-11-02 07:42 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-04-14 04:58 - 2012-04-11 18:23 - 4293054464 __ASH C:\hiberfil.sys
2012-04-14 04:58 - 2006-11-02 07:22 - 0003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-14 04:58 - 2006-11-02 07:22 - 0003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-12 17:52 - 2009-06-16 04:31 - 1920858 ____A C:\Windows\WindowsUpdate.log
2012-04-12 16:53 - 2009-07-13 17:44 - 0000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-04-12 15:00 - 2010-09-06 15:48 - 0000266 ____A C:\Windows\Tasks\RMSchedule.job
2012-04-12 10:27 - 2011-01-16 11:15 - 0000880 ____A C:\Windows\Tasks\Google Software Updater.job
2012-04-11 23:37 - 2012-04-11 23:37 - 0000000 ____A C:\start
2012-04-11 18:15 - 2012-04-11 05:28 - 0703490 ____A C:\Windows\ntbtlog.txt
2012-04-11 05:08 - 2009-07-13 17:43 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-04-10 13:11 - 2012-04-10 13:11 - 0000000 __SHD C:\found.000
2012-04-10 13:06 - 2012-04-10 13:06 - 0143866 ____A C:\Windows\PFRO.log
2012-04-10 12:50 - 2009-07-12 14:26 - 0000000 ____D C:\Users\Tammy\Tracing
2012-04-10 12:50 - 2009-06-16 09:58 - 0000000 ____D C:\Users\All Users\Norton
2012-04-10 12:50 - 2009-06-16 09:58 - 0000000 ____D C:\ProgramData\Norton
2012-04-10 12:49 - 2009-07-10 16:36 - 0002113 ____A C:\Users\Tammy\Start Menu\Programs\Startup\VZAccess Manager.lnk
2012-04-10 12:49 - 2009-07-10 16:36 - 0002113 ____A C:\Users\Tammy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VZAccess Manager.lnk
2012-04-10 10:04 - 2012-04-10 10:02 - 0240418 ____A C:\TDSSKiller.2.7.27.0_10.04.2012_14.02.57_log.txt
2012-04-10 10:02 - 2012-04-09 17:40 - 0000757 ____A C:\rkill.log
2012-04-10 10:02 - 2012-04-09 17:40 - 0000150 ____A C:\Users\Tammy\Desktop\rk-proxy.reg
2012-04-10 09:56 - 2012-04-10 09:55 - 0121440 ____A C:\TDSSKiller.2.7.27.0_10.04.2012_13.55.41_log.txt
2012-04-10 09:47 - 2012-04-10 09:47 - 0000943 ____A C:\Users\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
2012-04-10 09:47 - 2012-04-10 09:47 - 0000000 ____D C:\Users\Tammy\AppData\Local\Secunia PSI
2012-04-10 09:47 - 2012-04-10 09:47 - 0000000 ____D C:\Program Files (x86)\Secunia
2012-04-10 09:40 - 2006-11-02 04:46 - 0703516 ____A C:\Windows\System32\PerfStringBackup.INI
2012-04-10 05:35 - 2010-08-12 18:27 - 0000000 ____D C:\Users\All Users\PC Tools
2012-04-10 05:35 - 2010-08-12 18:27 - 0000000 ____D C:\ProgramData\PC Tools
2012-04-10 05:03 - 2012-04-10 05:02 - 0002499 ____A C:\Users\Public\Desktop\VBG.TXT
2012-04-09 19:48 - 2012-04-09 19:48 - 0000000 ____D C:\Users\Tammy\AppData\Roaming\Malwarebytes
2012-04-09 19:48 - 2012-04-09 19:47 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-09 19:47 - 2012-04-09 19:47 - 0000950 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-04-09 19:47 - 2012-04-09 19:47 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-04-09 19:47 - 2012-04-09 19:47 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-04-09 19:01 - 2011-11-28 10:33 - 0000000 ____D C:\Users\Tammy\AppData\Roaming\2CDC0
2012-04-09 19:01 - 2011-04-09 18:48 - 0000000 ____D C:\Users\Tammy\Desktop\SWU Writings
2012-04-09 17:45 - 2012-04-09 17:45 - 0001758 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-04-09 17:45 - 2012-04-09 17:45 - 0000000 ____D C:\Users\Tammy\AppData\Roaming\SUPERAntiSpyware.com
2012-04-09 17:45 - 2012-04-09 17:45 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-04-09 17:45 - 2012-04-09 17:45 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-04-09 17:45 - 2012-04-09 17:45 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2012-04-09 06:30 - 2012-04-08 17:32 - 0035328 ____A C:\Users\Tammy\Desktop\Lean on Me #1 EDAS 5523 Lillie Lewis April 9, 2012.doc
2012-04-07 23:05 - 2009-07-10 08:11 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-04-07 23:05 - 2009-07-10 08:11 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-04-07 08:29 - 2012-04-07 08:29 - 0000200 ____A C:\Users\Tammy\Desktop\Hormone Replacement Therapy - Hormone Therapy - BodyLogicMD.url
2012-04-07 07:09 - 2009-07-18 14:04 - 0006836 ____A C:\Users\Tammy\AppData\Local\d3d9caps.dat
2012-04-05 23:48 - 2006-11-02 05:33 - 0000000 ____D C:\Windows\rescache
2012-04-05 23:33 - 2006-11-02 07:21 - 0322216 ____A C:\Windows\System32\FNTCACHE.DAT
2012-04-05 23:29 - 2006-11-02 05:33 - 0000000 ___SD C:\Windows\Downloaded Program Files
2012-04-05 23:29 - 2006-11-02 05:33 - 0000000 ___RD C:\Windows\Offline Web Pages
2012-04-05 23:29 - 2006-11-02 05:33 - 0000000 ____D C:\Windows\PolicyDefinitions
2012-04-05 23:13 - 2011-12-18 00:06 - 0000197 ____A C:\Windows\System32\MRT.INI
2012-04-05 23:10 - 2006-11-02 04:35 - 56297240 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-04-05 23:10 - 2006-11-02 04:16 - 0008798 ____A C:\Windows\SysWOW64\icrav03.rat
2012-04-05 23:10 - 2006-11-02 04:16 - 0001988 ____A C:\Windows\SysWOW64\ticrf.rat
2012-04-05 23:10 - 2006-11-01 22:36 - 0008798 ____A C:\Windows\System32\icrav03.rat
2012-04-05 23:10 - 2006-11-01 22:36 - 0001988 ____A C:\Windows\System32\ticrf.rat
2012-04-05 23:09 - 2012-04-05 23:09 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-04-05 23:09 - 2012-04-05 23:09 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-04-05 23:09 - 2012-04-05 23:09 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-04-05 23:09 - 2012-04-05 23:09 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-04-05 23:09 - 2012-04-05 23:09 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0136192 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0114176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-04-05 23:09 - 2012-04-05 23:09 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-04-05 23:09 - 2012-04-05 23:09 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-04-05 23:09 - 2012-04-05 23:09 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-04-05 23:09 - 2012-04-05 23:09 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-04-05 23:09 - 2012-04-05 23:09 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-04-05 23:09 - 2012-04-05 23:09 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-04-05 18:42 - 2012-04-05 18:18 - 3814400 ____A C:\Users\Tammy\Desktop\PBIS Presentation April 6, 2012.ppt
2012-04-05 18:22 - 2012-04-05 18:22 - 0019849 ____A C:\Users\Tammy\Desktop\MiddleWinter11[1].txt
2012-04-05 18:20 - 2012-04-05 18:20 - 0947008 ____A C:\Users\Tammy\Desktop\School Examples.mht
2012-04-05 18:20 - 2012-04-05 18:20 - 0003099 ____A C:\Users\Tammy\Desktop\pbis at home 11_12 oct[1].txt
2012-04-05 18:18 - 2012-04-05 18:18 - 0789392 ____A C:\Users\Tammy\Desktop\Middle School PBIS Bingo Party.mht
2012-04-04 11:56 - 2012-04-09 19:47 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-03-25 19:14 - 2012-03-25 19:13 - 0000000 ____D C:\Users\Tammy\Desktop\Lillie Lewis
2012-03-24 19:26 - 2012-02-05 05:06 - 0000000 ____D C:\Users\Tammy\Desktop\Dr. Flemings 5424
2012-03-24 18:39 - 2011-11-28 10:34 - 0000000 ____D C:\Users\Tammy\AppData\Roaming\C0C32
2012-03-24 18:35 - 2009-08-16 18:21 - 0002651 ____A C:\Users\Tammy\Desktop\Microsoft Office Word 2007.lnk
2012-02-18 00:31 - 2009-06-16 10:03 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-02-14 08:49 - 2012-04-05 17:45 - 0327680 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-02-14 08:49 - 2012-04-05 17:45 - 0196096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-02-14 07:45 - 2012-04-05 17:45 - 0219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2012-02-14 07:45 - 2012-04-05 17:45 - 0160768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-02-13 06:38 - 2012-04-05 17:45 - 2002944 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-02-13 06:12 - 2012-04-05 17:45 - 1172480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-02-13 06:06 - 2012-04-05 17:45 - 0834048 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-02-13 06:03 - 2012-04-05 17:45 - 1555968 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-13 05:47 - 2012-04-05 17:45 - 0683008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-02-13 05:44 - 2012-04-05 17:45 - 1068544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-02-12 18:39 - 2012-02-12 18:39 - 0148222 ____A C:\Users\Tammy\Desktop\IDEA Issues with student legal article.pdf
2012-02-12 18:25 - 2012-02-12 18:25 - 0062589 ____A C:\Users\Tammy\Desktop\Legal issues in school health services and school psychology.pdf
2012-02-12 07:44 - 2010-08-08 12:28 - 0000000 ____D C:\Users\Tammy\Desktop\Church Stuff
2012-02-12 06:05 - 2012-02-12 06:05 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-02-12 06:05 - 2012-02-12 06:05 - 0149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-02-12 06:05 - 2012-02-12 06:05 - 0149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-02-12 06:05 - 2012-02-12 05:42 - 0472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-02-12 05:53 - 2012-02-12 05:53 - 0000000 ____D C:\Users\Tammy\AppData\Roaming\FxDrCl
2012-02-12 05:47 - 2009-07-09 11:43 - 0000000 ____D C:\Users\Tammy\AppData\LocalLow
2012-02-12 05:46 - 2012-02-12 05:46 - 0001876 ____A C:\Users\Public\Desktop\Dr. CleanUp.lnk
2012-02-12 05:46 - 2012-02-12 05:46 - 0000448 ____A C:\user.js
2012-02-12 05:46 - 2012-02-12 05:46 - 0000000 ____D C:\Users\Tammy\AppData\Roaming\Fixie
2012-02-12 05:46 - 2012-02-12 05:46 - 0000000 ____D C:\Users\All Users\Fixie
2012-02-12 05:46 - 2012-02-12 05:46 - 0000000 ____D C:\ProgramData\Fixie
2012-02-12 05:46 - 2012-02-12 05:46 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-02-12 05:46 - 2012-02-12 05:46 - 0000000 ____D C:\Program Files (x86)\Incredibar.com
2012-02-12 05:46 - 2012-02-12 05:46 - 0000000 ____D C:\Program Files (x86)\DrCleanUp
2012-02-12 05:42 - 2012-02-12 05:42 - 0000000 ____D C:\Users\All Users\Sun
2012-02-12 05:42 - 2012-02-12 05:42 - 0000000 ____D C:\ProgramData\Sun
2012-02-12 05:41 - 2012-02-12 05:40 - 0007790 ____A C:\Windows\SysWOW64\jupdate-1.6.0_30-b12.log
2012-02-12 05:41 - 2009-06-16 09:45 - 0000000 ____D C:\Program Files (x86)\Java
2012-02-05 19:57 - 2012-02-05 19:57 - 0026112 ____A C:\Users\Tammy\Desktop\http moms homeroom test scores.doc
2012-02-05 05:10 - 2010-08-09 05:10 - 0000000 ____D C:\Users\Tammy\Desktop\Tammy's Stuff
2012-02-02 20:20 - 2012-02-02 20:20 - 0167914 ____A C:\Users\Tammy\Desktop\Praxis II Test 0411[1].pdf
2012-02-02 17:39 - 2012-02-02 17:39 - 0012179 ____A C:\Users\Tammy\Documents\Conclusion - Gage's Science Fair Project.docx
2012-02-02 07:34 - 2012-04-05 17:45 - 2765824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 10%
Total physical RAM: 8189.27 MB
Available physical RAM: 7357.21 MB
Total Pagefile: 7770.27 MB
Available Pagefile: 7318.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:916.82 GB) (Free:714.77 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:7.89 GB) NTFS
3 Drive e: (CD_ROM) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
4 Drive f: () (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 932 GB 0 B
Disk 1 Online 7634 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 32 KB
Partition 2 Primary 15 GB 40 MB
Partition 3 Primary 917 GB 15 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 FAT Partition 39 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D RECOVERY NTFS Partition 15 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 917 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7629 MB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT32 Removable 7629 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-04-12 16:44

======================= End Of Log ==========================

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,933 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:52 AM

Posted 14 April 2012 - 08:25 AM

Hi again,

Can you give me the startup repair error? Also, did you attempt a system restore?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 ehudwill

ehudwill
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gaffney, SC
  • Local time:10:52 PM

Posted 14 April 2012 - 12:59 PM

Here is the startup repair error, "Startup Repair cannot repair this computer automatically"
I did attempt a system restore several times.
Here is the message it give me, "System Restore failed due to an unspecified error. Catastrophic failure (0x8000FFFF)"

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,933 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:52 AM

Posted 14 April 2012 - 01:33 PM

Usually you'll see some more details why Startup Repair can't fix it, can you post me these?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 ehudwill

ehudwill
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gaffney, SC
  • Local time:10:52 PM

Posted 14 April 2012 - 02:03 PM

I clicked on the details part and this is what it posted.
Problem signature:
Problem Event Name: StartupRepairV2
Problem Signature 01: ExternalMedia
Problem Signature 02: 6.0.6001.18000.0.0.0.0
Problem Signature 03: 0
Problem Signature 04: 65537
Problem Signature 05: unknown
Problem Signature 06: NoOsInstalled
Problem Signature 07: 0
Problem Signature 08: 1
Problem Signature 09: FixPartitionTable
Problem Signature 10: 1168
OS Version: 6.0.6001.2.1.0.256.1
Locale ID: 1033

Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,933 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:52 AM

Posted 14 April 2012 - 02:11 PM

That helps a lot, thank you!

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Press Tool at the top
  • Choose Open Terminal
  • Type the following and press enter:

    dd if=/dev/sda of=mbr.bin bs=512 count=1

  • Press Enter
  • After it has finished a file will be located on your USB drive named mbr.bin
  • Remove the USB drive and insert it back in your working computer and navigate to mbr.bin, zip it up and attach it to your next reply.

This will allow me to have a look at the MasterBootRecord of your drive and see if it is infected.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 ehudwill

ehudwill
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gaffney, SC
  • Local time:10:52 PM

Posted 14 April 2012 - 08:12 PM

How do I attach a file. I keep looking for how to do it, but I don't see it.

#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,933 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:52 AM

Posted 15 April 2012 - 05:52 AM

My apologies, that is not possible in the Am I Infected forum. I have moved this topic, please try again. :)

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users