Jump to content

alvinz95

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you for your reply, but ComboFix doesn't support Windows 7, which I currently have. Is there another way I could clean my system? Thank you.
  2. Thank you to whoever helps me in advance. Basically, when I scan with Malwarebytes, 6 viruses/trojans/worms show up, and I delete them, and Malwarebytes says it is successful, but when I scan again, they come up again. MALWAREBYTES LOG: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4325 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 7/24/2010 3:06:55 PM mbam-log-2010-07-24 (15-06-55).txt Scan type: Full scan (C:\|) Objects scanned: 1073 Time elapsed: 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 4 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{18f47w1f-16rf-cyqs-u7tw-6jl7mf2k3e78} (Generic.Bot.H) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Worm.Rebhip) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Worm.Rebhip) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Worm.Rebhip) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Worm.Rebhip) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Users\CATS\AppData\Roaming\Winlog\Winlogon.exe (Generic.Bot.H) -> Quarantined and deleted successfully. ------------------ Here is the DDS: DDS (Ver_10-03-17.01) - NTFSX64 Run by CATS at 16:08:27.03 on Sat 07/24/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3835.2811 [GMT -4:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\ANIWConnService.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\WUDFHost.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Common Files\PPLiveNetwork\PPAP.exe C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe C:\Windows\SysWOW64\explorer.exe C:\Windows\SysWOW64\explorer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Users\CATS\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\CATS\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\CATS\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\CATS\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\CATS\Downloads\dds.scr C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== mLocal Page = c:\windows\syswow64\blank.htm uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - c:\program files (x86)\devicevm\browser configuration utility\AddressBarSearch.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll uRun: [Google Update] "c:\users\cats\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe" uRun: [PPS Accelerator] c:\program files (x86)\ppstream\ppsap.exe uRun: [PPAP] "c:\program files (x86)\common files\pplivenetwork\PPAP.exe" -background uRun: [HKCU] c:\users\cats\appdata\roaming\winlog\Winlogon.exe mRun: [ANIWZCS2Service] c:\program files (x86)\ani\aniwzcs2 service\WZCSLDR2.exe mRun: [D-Link D-Link RangeBooster N DWA-140] c:\program files (x86)\d-link\dwa-140 revb\AirNCFG.exe mRun: [bCU] "c:\program files (x86)\devicevm\browser configuration utility\BCU.exe" mRun: [sunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe" mRun: [TkBellExe] "c:\program files (x86)\common files\real\update_ob\realsched.exe" -osboot mRun: [RemoteControl10] "c:\program files (x86)\cyberlink\powerdvd10\PDVD10Serv.exe" mRun: [bDRegion] c:\program files (x86)\cyberlink\shared files\brs.exe mRun: [HKLM] c:\users\cats\appdata\roaming\winlog\Winlogon.exe uExplorerRun: [Policies] c:\users\cats\appdata\roaming\winlog\Winlogon.exe mExplorerRun: [Policies] c:\users\cats\appdata\roaming\winlog\Winlogon.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {95B3F550-91C4-4627-BCC4-521288C52977} - c:\program files (x86)\pplive\pptv\PPLive.exe DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - hxxp://download.gigabyte.com.tw/object/Dldrv.ocx DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab mASetup: {18F47W1F-16RF-CYQS-U7TW-6JL7MF2K3E78} - c:\users\cats\appdata\roaming\winlog\Winlogon.exe mRun-x64: [itype] "c:\program files\microsoft intellitype pro\itype.exe" mRun-x64: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun-x64: [igfxTray] c:\windows\system32\igfxtray.exe mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s ============= SERVICES / DRIVERS =============== R1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\drivers\anodlwfx.sys [2010-7-13 15872] R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2010-7-15 20520] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/07/19 00:10:19];c:\program files (x86)\cyberlink\powerdvd10\navfilter\000.fcl [2010-6-28 146928] R2 ANIWConnService;ANIWConn Service;c:\windows\system32\aniwconnservice.exe --> c:\windows\system32\ANIWConnService.exe [?] R2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\devicevm\browser configuration utility\BCUService.exe [2010-7-15 219360] R2 TeamViewer5;TeamViewer 5;c:\program files (x86)\teamviewer\version5\TeamViewer_Service.exe [2010-7-6 173352] R3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2010-7-14 894336] R3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-9-17 56344] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2010-7-15 271872] R3 netr28ux;D-Link USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28ux.sys [2010-7-13 886272] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2010-7-15 295424] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2010-3-11 35112] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\intel\intel® management engine components\uns\UNS.exe [2010-7-15 2320920] =============== Created Last 30 ================ 2010-07-24 20:05:24 0 ----a-w- c:\users\cats\defogger_reenable 2010-07-24 12:25:53 0 d-----w- c:\program files\WinRAR 2010-07-23 11:45:34 0 d-----w- c:\users\cats\appdata\roaming\mkvtoolnix 2010-07-22 03:34:38 0 d-----w- c:\program files (x86)\MKVtoolnix 2010-07-22 02:12:23 0 d-----w- c:\program files (x86)\Haali 2010-07-20 04:23:49 0 d-----w- C:\FavoriteVideo 2010-07-20 04:22:02 0 d-----w- c:\programdata\Jlcm 2010-07-20 04:21:52 0 d-----w- c:\users\cats\appdata\roaming\PPLive 2010-07-20 04:21:52 0 d-----w- c:\programdata\PPLive 2010-07-20 04:21:51 0 d-----w- c:\program files (x86)\PPLive 2010-07-20 04:21:51 0 d-----w- c:\program files (x86)\common files\PPLiveNetwork 2010-07-20 04:15:24 0 d-----w- c:\windows\syswow64\Winlog 2010-07-20 04:09:12 311808 ----a-w- c:\windows\system32\msv1_0.dll 2010-07-20 04:09:12 257024 ----a-w- c:\windows\syswow64\msv1_0.dll 2010-07-20 04:07:13 99176 ----a-w- c:\windows\syswow64\PresentationHostProxy.dll 2010-07-20 04:07:13 49472 ----a-w- c:\windows\syswow64\netfxperf.dll 2010-07-20 04:07:13 48960 ----a-w- c:\windows\system32\netfxperf.dll 2010-07-20 04:07:13 444752 ----a-w- c:\windows\system32\mscoree.dll 2010-07-20 04:07:13 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2010-07-20 04:07:13 297808 ----a-w- c:\windows\syswow64\mscoree.dll 2010-07-20 04:07:13 295264 ----a-w- c:\windows\syswow64\PresentationHost.exe 2010-07-20 04:07:13 1942856 ----a-w- c:\windows\system32\dfshim.dll 2010-07-20 04:07:13 1130824 ----a-w- c:\windows\syswow64\dfshim.dll 2010-07-20 04:07:13 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-07-20 04:00:12 1975296 ----a-w- c:\windows\system32\CertEnroll.dll 2010-07-20 04:00:12 1320960 ----a-w- c:\windows\syswow64\CertEnroll.dll 2010-07-20 04:00:12 11406336 ----a-w- c:\windows\syswow64\wmp.dll 2010-07-20 04:00:11 12625920 ----a-w- c:\windows\system32\wmploc.DLL 2010-07-20 04:00:11 12625408 ----a-w- c:\windows\syswow64\wmploc.DLL 2010-07-20 03:55:44 961024 ----a-w- c:\windows\system32\CPFilters.dll 2010-07-20 03:54:41 70656 ----a-w- c:\windows\syswow64\fontsub.dll 2010-07-20 03:54:41 46080 ----a-w- c:\windows\system32\atmlib.dll 2010-07-20 03:54:41 366080 ----a-w- c:\windows\system32\atmfd.dll 2010-07-20 03:54:41 34304 ----a-w- c:\windows\syswow64\atmlib.dll 2010-07-20 03:54:41 293888 ----a-w- c:\windows\syswow64\atmfd.dll 2010-07-20 03:54:41 100864 ----a-w- c:\windows\system32\fontsub.dll 2010-07-20 03:54:33 464896 ----a-w- c:\windows\system32\drivers\srv.sys 2010-07-20 03:54:33 162304 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-07-20 03:33:20 0 d-----w- c:\users\cats\appdata\roaming\PPStream 2010-07-19 04:10:20 0 d-----w- c:\programdata\CyberLink 2010-07-19 04:10:06 0 d-----w- c:\program files (x86)\common files\CyberLink 2010-07-19 04:09:07 29480 ----a-w- c:\windows\syswow64\msxml3a.dll 2010-07-19 04:08:20 0 d-----w- c:\programdata\Temp 2010-07-19 03:46:36 185920 ----a-w- c:\windows\syswow64\rmoc3260.dll 2010-07-19 03:46:34 6656 ----a-w- c:\windows\syswow64\pndx5016.dll 2010-07-19 03:46:34 5632 ----a-w- c:\windows\syswow64\pndx5032.dll 2010-07-19 03:46:27 0 d-----w- c:\program files (x86)\common files\xing shared 2010-07-19 03:46:21 499712 ----a-w- c:\windows\syswow64\msvcp71.dll 2010-07-19 03:46:21 348160 ----a-w- c:\windows\syswow64\msvcr71.dll 2010-07-19 03:29:39 0 d-----w- c:\program files (x86)\common files\Real 2010-07-19 03:29:38 0 d-----w- c:\programdata\Real 2010-07-19 03:19:21 0 d-----w- c:\programdata\Sun 2010-07-19 03:18:21 423656 ----a-w- c:\windows\syswow64\deployJava1.dll 2010-07-19 03:18:21 153376 ----a-w- c:\windows\syswow64\javaws.exe 2010-07-19 03:18:21 145184 ----a-w- c:\windows\syswow64\javaw.exe 2010-07-19 03:18:21 145184 ----a-w- c:\windows\syswow64\java.exe 2010-07-19 03:08:01 0 d-----w- c:\windows\syswow64\Macromed 2010-07-19 02:59:50 0 d-----w- c:\program files (x86)\uTorrent 2010-07-19 02:59:41 0 d-----w- c:\users\cats\appdata\roaming\uTorrent 2010-07-19 02:41:22 0 d-----w- c:\users\cats\appdata\roaming\Malwarebytes 2010-07-19 02:41:17 0 d-----w- c:\programdata\Malwarebytes 2010-07-19 02:41:16 24664 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-19 02:41:16 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2010-07-16 04:07:57 0 d-----w- c:\users\cats\appdata\roaming\TeamViewer 2010-07-16 04:07:33 0 d-----w- c:\program files (x86)\TeamViewer 2010-07-15 11:40:25 0 d-----w- c:\program files (x86)\obj 2010-07-15 11:40:22 0 d-----w- c:\windows\GBD 2010-07-15 11:35:23 0 d-----w- c:\programdata\InstallShield 2010-07-15 11:35:18 73728 ----a-w- c:\windows\syswow64\ISUSPM.cpl 2010-07-15 11:35:18 20520 ----a-w- c:\windows\system32\drivers\AppleCharger.sys 2010-07-15 11:35:18 0 d-----w- c:\program files\GIGABYTE 2010-07-15 11:35:18 0 d-----w- c:\program files (x86)\GIGABYTE 2010-07-15 11:34:29 0 d-----w- c:\program files\Realtek 2010-07-15 11:34:00 0 d-----w- c:\program files (x86)\Realtek 2010-07-15 11:33:59 0 d--h--w- c:\program files (x86)\Temp 2010-07-15 11:33:57 1247776 ------r- c:\windows\RtlExUpd.dll 2010-07-15 11:33:30 0 d-----w- c:\program files (x86)\common files\postureAgent 2010-07-15 11:33:17 0 d-----w- c:\program files\common files\Intel 2010-07-15 11:33:14 0 d-----w- c:\program files (x86)\common files\Intel 2010-07-15 11:33:06 271872 ----a-w- c:\windows\system32\drivers\IntcDAud.sys 2010-07-15 11:33:06 14848 ----a-w- c:\windows\system32\IntcDAuC.dll 2010-07-15 11:31:38 53248 ----a-r- c:\windows\syswow64\CSVer.dll 2010-07-15 11:31:31 0 d-----w- C:\Intel 2010-07-15 11:31:08 0 d--h--w- c:\program files (x86)\DeviceVM 2010-07-15 11:30:23 10 ----a-w- c:\windows\GSetup.ini 2010-07-14 18:58:14 0 d-----w- c:\windows\Panther 2010-07-14 18:00:04 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2010-07-14 05:09:08 0 d-----w- c:\program files\PlayReady 2010-07-14 05:05:18 894336 ----a-w- c:\windows\system32\drivers\hcw18bda.sys 2010-07-14 05:05:18 16382 ----a-w- c:\windows\system32\drivers\hcw18mlC.rom 2010-07-14 05:05:18 158332 ----a-w- c:\windows\system32\drivers\hcw18enc.rom 2010-07-14 05:05:18 147456 ----a-w- c:\windows\system32\hcwecppp.ax 2010-07-14 05:05:18 14264 ----a-w- c:\windows\system32\drivers\hcw18mlB.rom 2010-07-14 05:05:18 141200 ----a-w- c:\windows\system32\drivers\hcw18apu.rom 2010-07-14 05:05:18 139264 ----a-w- c:\windows\system32\hcw18prop.ax 2010-07-14 05:05:18 117248 ----a-w- c:\windows\system32\hcw18CCv.ax 2010-07-13 16:06:22 270208 ------w- c:\windows\system32\MpSigStub.exe 2010-07-13 15:51:56 0 d-----w- c:\program files\Microsoft IntelliPoint 2010-07-13 15:51:40 0 d-----w- c:\program files\Microsoft IntelliType Pro 2010-07-13 15:50:21 0 d-----w- c:\windows\PCHEALTH 2010-07-13 15:50:17 0 d-sh--w- c:\windows\Installer 2010-07-13 15:45:01 3284 ----a-w- c:\windows\syswow64\ANIWZCS{E35523B5-CED0-4A02-9731-3BA790642481} 2010-07-13 15:44:48 7 ----a-w- c:\windows\syswow64\ANIWZCSUSERNAME 2010-07-13 15:26:51 0 d-----w- c:\program files (x86)\VideoLAN 2010-07-13 15:18:35 25540 ----a-w- c:\users\cats\appdata\roaming\SQLite3.dll 2010-07-13 15:17:32 147456 ----a-w- c:\windows\syswow64\ANIWConnService.exe 2010-07-13 15:17:23 5 ----a-w- c:\windows\syswow64\ANIWZCSUSERNAME{E35523B5-CED0-4A02-9731-3BA790642481} 2010-07-13 15:17:21 315392 ----a-w- c:\windows\syswow64\ANIOApi.dll 2010-07-13 15:17:06 716800 ----a-w- c:\windows\syswow64\ANIWZCS2.dll 2010-07-13 15:17:06 49152 ----a-w- c:\windows\syswow64\JJAKEn.dll 2010-07-13 15:17:06 49152 ----a-w- c:\windows\syswow64\AQCKGen.dll 2010-07-13 15:17:06 45115 ----a-w- c:\windows\syswow64\ANICtl.dll 2010-07-13 15:17:06 270336 ----a-w- c:\windows\syswow64\wnicapi.dll 2010-07-13 15:17:06 258048 ----a-w- c:\windows\syswow64\wlanapp.dll 2010-07-13 15:17:06 204800 ----a-w- c:\windows\syswow64\aIPH.dll 2010-07-13 15:17:06 1327189 ----a-w- c:\windows\syswow64\odSupp_M.dll 2010-07-13 15:17:06 0 d-----w- c:\program files (x86)\ANI 2010-07-13 15:16:42 724992 ----a-w- c:\windows\syswow64\ANIOWPS.dll 2010-07-13 15:16:42 237568 ----a-w- c:\windows\syswow64\ANIWPS.exe 2010-07-13 15:16:42 204800 ----a-w- c:\windows\syswow64\ssleay32.dll 2010-07-13 15:16:42 1110016 ----a-w- c:\windows\syswow64\libeay32.dll 2010-07-13 15:16:00 303616 ----a-w- c:\windows\system32\RaCoInstx.dll 2010-07-13 15:16:00 13931 ----a-w- c:\windows\system32\RaCoInst.dat 2010-07-13 15:15:58 886272 ----a-w- c:\windows\system32\drivers\netr28ux.sys 2010-07-13 15:15:58 15872 ----a-w- c:\windows\system32\drivers\anodlwfx.sys 2010-07-13 15:15:58 0 d-----w- c:\program files (x86)\D-Link 2010-07-13 15:06:28 0 d-sh--w- C:\Recovery ==================== Find3M ==================== 2010-07-24 20:07:29 1191 ---ha-w- c:\users\cats\appdata\roaming\cglogs.dat 2010-06-12 13:03:58 331776 ----a-w- c:\windows\system32\pptv.scr 2010-05-21 05:52:30 1192960 ----a-w- c:\windows\system32\wininet.dll 2010-05-21 05:18:06 977920 ----a-w- c:\windows\syswow64\wininet.dll 2010-05-21 05:14:50 48128 ----a-w- c:\windows\syswow64\jsproxy.dll 2010-05-19 19:48:12 144384 ----a-w- c:\windows\system32\cdd.dll 2010-05-09 09:45:57 552960 ----a-w- c:\windows\system32\msdri.dll 2010-05-09 09:14:55 641536 ----a-w- c:\windows\syswow64\CPFilters.dll 2010-05-06 12:42:05 1225216 ----a-w- c:\windows\syswow64\urlmon.dll 2010-05-06 12:41:55 606208 ----a-w- c:\windows\syswow64\mstime.dll 2010-05-06 12:41:53 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2010-05-06 12:41:53 5970944 ----a-w- c:\windows\syswow64\mshtml.dll 2010-05-06 12:41:49 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll 2010-05-06 12:41:49 10984448 ----a-w- c:\windows\syswow64\ieframe.dll 2010-05-01 15:07:05 3122176 ----a-w- c:\windows\system32\win32k.sys 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 16:08:51.87 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.