system
39
what does that dell thing mean?
Here is the 1st part of ComboFix log. The difference I have this time is that ComboFix runs in normal mode. It used to require safe mode.
ComboFix 11-07-29.01 - Tim 07/29/2011 12:48:24.7.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.525 [GMT -5:00]
Running from: c:\downloads\ComboFix.exe
AV: Kaspersky Internet Security Disabled/Updated {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security Disabled {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Sygate Personal Firewall Disabled {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
- Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-06-28 to 2011-07-29 )))))))))))))))))))))))))))))))
.
.
2011-07-02 16:03 . 2011-07-02 16:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-29 13:36 . 2011-06-18 03:14 21064 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-06-02 14:02 . 2005-08-16 10:18 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-29 14:11 . 2011-06-04 04:19 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 14:11 . 2011-06-04 04:19 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-02 15:31 . 2005-08-16 10:40 692736 ----a-w- c:\windows\system32\inetcomm.dll
2001-12-03 23:09 . 2011-01-04 22:17 90112 ----a-w- c:\program files\internet explorer\plugins\DjVuControl.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-22_19.36.13 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-12-14 07:08 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2005-08-16 10:18 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
- 2005-08-16 10:18 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll
- 2006-01-10 05:50 . 2011-07-23 19:03 6162 c:\windows\system32\KGyGaAvL.sys
- 2006-01-10 05:50 . 2011-06-17 02:59 6162 c:\windows\system32\KGyGaAvL.sys
- 2005-08-16 10:18 . 2011-04-26 11:07 293376 c:\windows\system32\winsrv.dll
- 2005-08-16 10:18 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
- 2005-08-16 10:18 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
- 2011-07-02 16:03 . 2011-07-02 16:03 243360 c:\windows\system32\Macromed\Flash\FlashUtil10u_Plugin.exe
- 2005-08-16 10:27 . 2011-04-13 18:19 337848 c:\windows\system32\FNTCACHE.DAT
- 2005-08-16 10:27 . 2011-07-13 14:40 337848 c:\windows\system32\FNTCACHE.DAT
- 2010-06-18 17:45 . 2011-04-26 11:07 293376 c:\windows\system32\dllcache\winsrv.dll
- 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
- 2008-12-05 06:54 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
- 2010-01-27 01:07 . 2011-07-02 16:03 6271648 c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2008-10-16 13:17 . 2011-06-02 14:02 1858944 c:\windows\system32\dllcache\win32k.sys
- 2006-01-05 19:36 . 2011-07-13 14:21 49089992 c:\windows\system32\MRT.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note empty entries & legit default entries are not shown
REGEDIT4