I only have McAfee running in real time scanning mode. MS Security Essentials rts was turned off except for weekly system scans, which I have just turned off before performing this last scan. Windows Defender is also loaded but always turned off.
Programs including IE are now loading more quickly. I still have alot of clutter on my desktop. When can I clean it and how do I get rid of all the residule stuff from all the programs that were loaded that we have been using? Is there more than the log files and the programs themselves to be removed (registry?)? Please let me know of a good cleanup proceedure. - Thank You!
Everything went smooth during the scan after I remembered to turn off McAfee. Here is the contents of the Combofix log:
Are there any other issues?
ComboFix 13-05-18.04 - Dave 05/19/2013 12:17:08.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.534 [GMT -4:00]
Running from: c:\documents and settings\Dave\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Dave\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((( Files Created from 2013-04-19 to 2013-05-19 )))))))))))))))))))))))))))))))
.
.
2013-05-19 15:44 . 2013-05-13 06:19 7016152 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{753BDF1B-5CEF-4872-A3DB-ADBD1D9BD6C9}\mpengine.dll
2013-05-19 06:22 . 2013-05-19 06:22 60872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{217C54B6-8C92-48F1-82D0-B2D12EFE7A0B}\offreg.dll
2013-05-19 03:57 . 2013-05-13 06:19 7016152 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-18 15:58 . 2013-05-18 15:58 -------- d-----w- c:\program files\ESET
2013-05-17 23:05 . 2013-05-13 06:19 7016152 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{217C54B6-8C92-48F1-82D0-B2D12EFE7A0B}\mpengine.dll
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-05-10 07:57 . 2013-05-10 07:57 49728 ----a-w- c:\windows\system32\AdobePDF.dll
2013-05-10 07:57 . 2013-05-10 07:57 25160 ----a-w- c:\windows\system32\AdobePDFUI.dll
2013-05-10 02:11 . 2013-05-10 02:11 -------- d-----w- c:\program files\CCleaner
2013-05-03 14:09 . 2013-05-03 14:09 -------- d-----w- c:\documents and settings\Dave\Local Settings\Application Data\VS Revo Group
2013-05-03 14:09 . 2013-05-03 14:09 -------- d-----w- c:\documents and settings\All Users\Application Data\VS Revo Group
2013-05-03 14:09 . 2009-12-30 15:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2013-05-03 14:09 . 2013-05-03 14:09 -------- d-----w- c:\program files\VS Revo Group
2013-04-30 17:24 . 2012-04-20 20:40 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2013-04-30 17:22 . 2013-02-19 18:09 84904 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2013-04-30 17:22 . 2013-02-19 18:11 10088 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2013-04-30 17:22 . 2013-02-19 18:10 92632 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2013-04-30 17:22 . 2013-02-19 18:09 363080 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2013-04-30 17:22 . 2013-02-19 18:08 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2013-04-30 17:22 . 2013-02-19 18:08 235264 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-04-30 17:22 . 2013-02-19 18:15 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys
2013-04-30 17:21 . 2013-04-30 17:21 -------- d-----w- c:\program files\McAfee.com
2013-04-30 17:13 . 2013-02-19 18:12 172416 ----a-w- c:\windows\system32\mfevtps.exe
2013-04-30 16:23 . 2013-04-30 16:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Citrix
2013-04-30 16:07 . 2013-04-30 16:07 -------- d-----w- c:\program files\Citrix
2013-04-30 16:07 . 2013-04-30 16:07 -------- d-----w- c:\documents and settings\Dave\Local Settings\Application Data\Citrix
2013-04-30 15:54 . 2013-04-30 15:54 -------- d-----w- c:\documents and settings\Dave\Application Data\McAfee
2013-04-29 21:40 . 2013-04-30 13:41 -------- d-----w- C:\TDSSKiller_Quarantine
2013-04-26 12:59 . 2013-04-26 12:59 -------- d-----w- c:\documents and settings\John Cusumano\Local Settings\Application Data\Mozilla
2013-04-26 12:51 . 2013-04-26 12:51 -------- d-sh--w- c:\documents and settings\John Cusumano\IECompatCache
2013-04-26 12:50 . 2013-04-26 13:25 -------- d-----w- c:\documents and settings\John Cusumano\Local Settings\Application Data\Google
2013-04-25 03:38 . 2009-01-25 16:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-04-25 03:38 . 2013-04-25 03:38 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-04-23 22:54 . 2013-04-24 02:46 -------- d-----w- c:\program files\Amazon
2013-04-23 22:51 . 2013-04-24 02:47 -------- d-----w- c:\documents and settings\Dave\Application Data\Systweak
2013-04-23 15:18 . 2013-03-27 02:18 263064 ----a-w- c:\program files\Mozilla Firefox\updated\components\browsercomps.dll
2013-04-23 15:18 . 2013-03-27 02:18 74136 ----a-w- c:\program files\Mozilla Firefox\updated\breakpadinjector.dll
2013-04-23 15:18 . 2013-03-27 02:18 19352 ----a-w- c:\program files\Mozilla Firefox\updated\AccessibleMarshal.dll
2013-04-23 15:16 . 2013-04-02 02:21 65536 ----a-w- c:\program files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
2013-04-23 15:16 . 2013-04-23 15:18 96664 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2013-04-23 15:16 . 2013-04-23 15:18 170232 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2013-04-23 15:16 . 2013-04-23 15:18 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-04-22 20:44 . 2013-04-22 20:44 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee
2013-04-21 19:28 . 2013-04-21 19:28 -------- d-----w- C:\_OTL
2013-04-20 15:10 . 2013-04-20 15:10 -------- d-----w- c:\documents and settings\Dave\Application Data\Oracle
2013-04-20 14:24 . 2013-04-20 14:24 -------- d-----w- c:\documents and settings\Dave\Local Settings\Application Data\Sun
2013-04-20 14:24 . 2013-04-20 14:24 -------- d-----w- c:\program files\Common Files\Java
2013-04-20 13:55 . 2013-04-20 13:54 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-20 13:55 . 2013-04-20 13:54 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-14 21:21 . 2013-01-18 03:43 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-14 21:21 . 2011-05-17 14:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-13 06:19 . 2013-03-15 03:23 7016152 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-05-02 06:06 . 2013-02-24 02:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-29 21:41 . 2004-08-04 12:00 187776 ----a-w- c:\windows\system32\drivers\acpi.sys
2013-04-20 13:54 . 2011-04-08 23:15 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-04-20 13:54 . 2011-04-08 23:15 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-16 22:17 . 2004-08-04 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31 . 2004-08-04 12:00 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 18:50 . 2011-12-01 15:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-08 08:36 . 2004-08-04 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2004-08-04 12:00 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-03 22:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-28 20:27 . 2013-02-02 19:01 18776 ----a-w- c:\windows\system32\roboot.exe
2013-02-27 07:56 . 2011-04-08 14:51 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-19 18:11 . 2013-02-19 18:11 91640 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2013-02-19 18:09 . 2013-02-19 18:09 565888 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2013-02-19 18:07 . 2013-02-19 18:07 133416 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2013-04-23 15:18 . 2011-04-08 20:23 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-13 1278064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2013-04-30 16:07 14232 ----a-w- c:\program files\Citrix\GoToAssist\896\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\CA Personal Firewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiMalware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=
.
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2/19/2013 2:11 PM 91640]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2/2/2013 3:51 PM 418376]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/1/2011 11:23 AM 701512]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/30/2013 1:22 PM 167784]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/30/2013 1:22 PM 167784]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/30/2013 1:22 PM 167784]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [4/30/2013 1:23 PM 169320]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [4/30/2013 1:13 PM 172416]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [4/24/2013 11:38 PM 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4/24/2013 11:38 PM 1369624]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [4/26/2013 7:55 AM 3574624]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [4/30/2013 1:22 PM 60920]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/1/2011 11:23 AM 22856]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [4/30/2013 1:22 PM 363080]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [4/30/2013 1:22 PM 84904]
R3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [4/8/2011 6:36 AM 11520]
S2 Browser Defender Update Service;Browser Defender Update Service;"c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe" --> c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [?]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [4/24/2013 11:38 PM 168384]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [4/30/2013 1:24 PM 146872]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [4/30/2013 1:22 PM 84904]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [4/30/2013 1:22 PM 92632]
S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\drivers\PCTBD.sys [11/30/2011 6:38 PM 56840]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [5/3/2013 10:09 AM 27064]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
*Deregistered* - PROCEXP100
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 08:02 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-18 21:21]
.
2013-05-18 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-04-25 18:08]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-18 13:43]
.
2013-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-18 13:43]
.
2013-05-19 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
.
2013-05-15 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-04-25 18:07]
.
2013-05-01 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-04-25 18:07]
.
2013-05-19 c:\windows\Tasks\User_Feed_Synchronization-{6BF4DEDF-0836-4F00-85A1-4922ADAAD05D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
TCP: Interfaces\{287CED10-193B-4A52-8855-6695A0930484}: NameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Dave\Application Data\Mozilla\Firefox\Profiles\5mklbtbu.default-1367331601109\
FF - prefs.js: browser.search.selectedEngine - Google
FF - ExtSQL: 2013-04-30 08:10; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files\McAfee\SiteAdvisor
FF - ExtSQL: 2013-04-30 10:20; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\documents and settings\Dave\Application Data\Mozilla\Firefox\Profiles\5mklbtbu.default-1367331601109\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2013-05-19 12:24
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1144)
c:\program files\Citrix\GoToAssist\896\G2AWinLogon.dll
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'explorer.exe'(2208)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-05-19 12:27:28
ComboFix-quarantined-files.txt 2013-05-19 16:27
ComboFix2.txt 2013-05-18 22:00
ComboFix3.txt 2013-04-20 03:44
.
Pre-Run: 429,439,172,608 bytes free
Post-Run: 429,439,950,848 bytes free
.
- - End Of File - - FB7888CD213C97D24BA52DC873F01137