lesser-equity

Magazine
Go Back   Computer Juice > Computer Software > Virus, Spyware & Security
Reload this Page

Recycler Virus

Register Site Spy Member List Donate Search Today's Posts Mark Forums Read Forum Rules


Register


Reply
Page 5 of 5 1234 5
 
Thread Tools
  #41  
Old 10th Dec 2008, 17:20
Member Group
  
ok so no need for me to run this one REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{cacd1a7a-8dbf-11dd-bd67-001fc6eaceab}]

[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{cacd1a85-8dbf-11dd-bd67-001fc6eaceab}]

[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\F]
  #42  
Old 11th Dec 2008, 10:43
Moderator Group
  
I thought you already had?
__________________
  #43  
Old 11th Dec 2008, 11:45
Member Group
  
Not yet coz i was waiting for your confirmation if i need to include the other registry in the process that you are asking me to do..do i still need to do it or just use drweb cureit? thanks!!!
  #44  
Old 11th Dec 2008, 11:48
Moderator Group
  
Go to Start > Run and type notepad.exe then click OK

Copy and paste the below into Notepad and save as fixme.reg to Your Desktop

Code:
REGEDIT4 

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cacd1a7a-8dbf-11dd-bd67-001fc6eaceab}] 

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cacd1a85-8dbf-11dd-bd67-001fc6eaceab}] 

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry.

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work.

Delete the fixme.reg from the Desktop.

----------

Now run Dr Web.
__________________
  #45  
Old 11th Dec 2008, 20:51
Member Group
  
ComboFix 08-12-07.04 - X80le 2008-12-12 11:33:21.3 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1275 [GMT 8:00]
Running from: c:\users\X80le\Desktop\ComboFix.exe
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

c:\windows\system32\acovcnt.exe

((((((((((((((((((((((((( Files Created from 2008-11-12 to 2008-12-12 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-12-10 10:29 --------- d-----w c:\programdata\Microsoft Help
2008-12-10 09:52 --------- d-----w c:\programdata\Symantec
2008-12-10 02:14 --------- d-----w c:\programdata\Symantec Temporary Files
2008-12-05 16:25 --------- d-----w c:\program files\CCleaner
2008-12-05 16:24 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-12-03 11:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 11:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-11-22 18:07 --------- d-----w c:\users\X80le\AppData\Roaming\CyberLink
2008-11-22 03:58 --------- d-----w c:\users\X80le\AppData\Roaming\Malwarebytes
2008-11-22 03:58 --------- d-----w c:\programdata\Malwarebytes
2008-11-13 03:20 --------- d-----w c:\program files\EsetOnlineScanner
2008-11-11 08:32 --------- d-----w c:\programdata\avg8
2008-11-11 08:18 --------- d-----w c:\program files\AVG
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 02:11 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_ 00_00.Wdf
2008-11-01 02:11 --------- d-----w c:\users\X80le\AppData\Roaming\Canon
2008-11-01 01:47 --------- d-----w c:\programdata\ZoomBrowser
2008-11-01 01:47 --------- d-----w c:\program files\Canon
2008-11-01 01:45 --------- d-----w c:\program files\Common Files\Canon
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe
2008-10-29 02:46 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-10-22 01:22 2,048 ----a-w c:\windows\System32\tzres.dll
2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll
2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll
2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll
2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-10-16 06:08 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-10-16 05:56 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll
2008-10-15 02:00 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BC F6}
2008-10-15 02:00 --------- d-----w c:\program files\iTunes
2008-10-15 01:59 --------- d-----w c:\program files\iPod
2008-10-02 19:49 19,778 ----a-w c:\windows\E220AutoRunLog.tmp
2008-09-30 08:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-01-21 02:57 174 --sha-w c:\program files\desktop.ini
2008-09-08 03:06 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2008-09-08 03:06 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-09-08 03:06 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-12-09_10.31.09.30 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-11-02 07:11:38 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
+ 2008-03-08 01:58:43 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
- 2008-11-13 03:26:19 593,920 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-12-10 10:29:03 593,920 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-11-13 03:26:19 12,288 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-12-10 10:29:03 12,288 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-11-13 03:26:19 86,016 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-12-10 10:29:03 86,016 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-11-13 03:26:18 135,168 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-12-10 10:29:02 135,168 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-11-13 03:26:19 11,264 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-12-10 10:29:03 11,264 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-11-13 03:26:19 27,136 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-12-10 10:29:03 27,136 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-11-13 03:26:19 4,096 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-12-10 10:29:03 4,096 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-11-13 03:26:19 794,624 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-12-10 10:29:03 794,624 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-11-13 03:26:19 249,856 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-12-10 10:29:03 249,856 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-11-13 03:26:18 61,440 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-12-10 10:29:02 61,440 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-11-13 03:26:19 23,040 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-12-10 10:29:03 23,040 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-11-13 03:26:18 286,720 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-12-10 10:29:02 286,720 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-11-13 03:26:18 409,600 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-12-10 10:29:02 409,600 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-11-13 03:28:59 1,165,584 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-12-10 10:29:21 1,165,584 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2008-11-13 03:28:59 20,240 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-10 10:29:21 20,240 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-11-13 03:28:59 217,864 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2008-12-10 10:29:21 217,864 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
- 2008-11-13 03:28:59 18,704 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-12-10 10:29:21 18,704 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-11-13 03:28:59 35,088 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-12-10 10:29:21 35,088 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-13 03:28:59 845,584 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-12-10 10:29:21 845,584 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2008-11-13 03:28:59 922,384 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-12-10 10:29:21 922,384 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-13 03:28:59 272,648 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-12-10 10:29:21 272,648 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
- 2008-11-13 03:28:59 888,080 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-12-10 10:29:21 888,080 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-11-13 03:28:59 1,172,240 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-10 10:29:21 1,172,240 ----a-r c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-12-09 02:01:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2008-12-12 02:21:52 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
- 2008-12-09 02:01:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2008-12-12 02:21:52 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
- 2008-12-09 02:29:35 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-12-12 02:32:29 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-08-21 03:20:44 2,552,618 -c--a-w c:\windows\ServiceProfiles\NetworkService\AppData\ Roaming\Microsoft\SoftwareLicensing\tokens.dat
+ 2008-12-12 00:55:08 2,552,618 -c--a-w c:\windows\ServiceProfiles\NetworkService\AppData\ Roaming\Microsoft\SoftwareLicensing\tokens.dat
- 2008-12-09 02:29:40 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.D AT
+ 2008-12-12 02:32:24 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.D AT
+ 2008-12-12 02:32:24 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.d at.LOG1
- 2008-12-09 01:54:32 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2008-12-12 02:06:53 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
- 2008-12-09 01:54:32 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-12 02:06:53 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-12-09 01:54:32 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2008-12-12 02:06:53 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
- 2008-01-21 02:33:07 1,696,256 ----a-w c:\windows\System32\gameux.dll
+ 2008-03-08 04:21:55 1,695,744 ----a-w c:\windows\System32\gameux.dll
- 2008-10-02 03:49:14 6,068,736 ----a-w c:\windows\System32\ieframe.dll
+ 2008-10-16 04:47:29 6,068,736 ----a-w c:\windows\System32\ieframe.dll
- 2008-10-02 03:49:14 270,336 ----a-w c:\windows\System32\iertutil.dll
+ 2008-10-16 04:47:29 270,336 ----a-w c:\windows\System32\iertutil.dll
- 2008-10-02 03:49:14 28,160 ----a-w c:\windows\System32\jsproxy.dll
+ 2008-10-16 04:47:30 28,160 ----a-w c:\windows\System32\jsproxy.dll
- 2008-01-21 02:35:04 94,720 ----a-w c:\windows\System32\logagent.exe
+ 2008-06-23 01:58:43 94,720 ----a-w c:\windows\System32\logagent.exe
- 2008-01-21 02:35:06 2,867,712 ----a-w c:\windows\System32\mf.dll
+ 2008-06-23 01:59:25 2,868,736 ----a-w c:\windows\System32\mf.dll
- 2008-10-02 03:49:15 3,578,880 ----a-w c:\windows\System32\mshtml.dll
+ 2008-10-16 04:47:30 3,578,880 ----a-w c:\windows\System32\mshtml.dll
- 2008-10-02 03:49:16 671,232 ----a-w c:\windows\System32\mstime.dll
+ 2008-10-16 04:47:32 671,232 ----a-w c:\windows\System32\mstime.dll
- 2008-12-09 02:07:35 101,350 ----a-w c:\windows\System32\perfc009.dat
+ 2008-12-12 02:26:40 100,766 ----a-w c:\windows\System32\perfc009.dat
- 2008-12-09 02:07:35 595,684 ----a-w c:\windows\System32\perfh009.dat
+ 2008-12-12 02:26:40 594,698 ----a-w c:\windows\System32\perfh009.dat
- 2008-04-24 04:58:20 11,580,416 ----a-w c:\windows\System32\shell32.dll
+ 2008-11-06 13:14:25 11,580,928 ----a-w c:\windows\System32\shell32.dll
- 2008-12-09 02:11:41 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-12-12 00:53:45 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2008-10-02 03:49:19 1,166,336 ----a-w c:\windows\System32\urlmon.dll
+ 2008-10-16 04:47:34 1,166,336 ----a-w c:\windows\System32\urlmon.dll
- 2008-12-09 02:03:11 9,012 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4281483017-775441335-2446592685-1000_UserData.bin
+ 2008-12-12 00:56:40 9,416 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4281483017-775441335-2446592685-1000_UserData.bin
- 2008-12-09 02:03:11 85,838 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2008-12-12 00:56:40 85,838 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
- 2008-12-09 02:03:09 43,012 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2008-12-12 00:56:36 43,314 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
- 2008-01-21 02:35:04 996,352 ----a-w c:\windows\System32\WMNetMgr.dll
+ 2008-06-23 01:59:26 996,352 ----a-w c:\windows\System32\WMNetMgr.dll
- 2008-01-21 02:35:05 2,386,944 ----a-w c:\windows\System32\WMVCORE.DLL
+ 2008-06-23 01:59:25 2,386,944 ----a-w c:\windows\System32\WMVCORE.DLL
- 2008-12-09 01:16:59 35,937,733 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001 c50b5_blobs.bin
+ 2008-12-10 10:27:54 48,132,381 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001 c50b5_blobs.bin
+ 2008-11-01 03:33:48 28,672 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6000.16772_none_7fd1e e2663d3b893\Apphlpdm.dll
+ 2008-11-01 03:24:17 28,672 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6000.20949_none_8082f ea17cd2b312\Apphlpdm.dll
+ 2008-11-01 03:44:34 28,672 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6001.18165_none_81c5f d9660ef7998\Apphlpdm.dll
+ 2008-10-31 03:35:04 28,672 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6001.22299_none_82332 bc57a21d291\Apphlpdm.dll
+ 2008-10-31 23:23:42 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16772_none_09f24c89f5 5cce48\AcRes.dll
+ 2008-10-31 23:23:36 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20949_none_0aa35d050e 5bc8c7\AcRes.dll
+ 2008-03-08 01:58:43 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.18165_none_0be65bf9f2 788f4d\AcRes.dll
+ 2008-10-31 01:05:22 2,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.22299_none_0c538a290b aae846\AcRes.dll
+ 2008-11-01 03:33:48 2,144,256 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.16772_none_09f44d1df5 5b00f6\AcGenral.dll
+ 2008-11-01 03:24:15 2,144,768 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.20949_none_0aa55d990e 59fb75\AcGenral.dll
+ 2008-11-01 03:44:34 2,154,496 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6001.18165_none_0be85c8df2 76c1fb\AcGenral.dll
+ 2008-10-31 03:35:04 2,154,496 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6001.22299_none_0c558abd0b a91af4\AcGenral.dll
+ 2008-11-01 03:33:48 449,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.16772_none_09f54d67f5 5a1a4d\AcSpecfc.dll
+ 2008-11-01 03:24:15 450,560 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.20949_none_0aa65de30e 5914cc\AcSpecfc.dll
+ 2008-11-01 03:44:34 460,288 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6001.18165_none_0be95cd7f2 75db52\AcSpecfc.dll
+ 2008-10-31 03:35:04 460,288 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6001.22299_none_0c568b070b a8344b\AcSpecfc.dll
+ 2008-11-01 03:33:48 537,600 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16772_none_09f64db1f5 5933a4\AcLayers.dll
+ 2008-11-01 03:33:48 173,056 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16772_none_09f64db1f5 5933a4\AcXtrnal.dll
+ 2008-11-01 03:24:15 537,600 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20949_none_0aa75e2d0e 582e23\AcLayers.dll
+ 2008-11-01 03:24:15 173,056 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20949_none_0aa75e2d0e 582e23\AcXtrnal.dll
+ 2008-11-01 03:44:34 541,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.18165_none_0bea5d21f2 74f4a9\AcLayers.dll
+ 2008-11-01 03:44:34 173,056 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.18165_none_0bea5d21f2 74f4a9\AcXtrnal.dll
+ 2008-10-31 03:35:04 541,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.22299_none_0c578b510b a74da2\AcLayers.dll
+ 2008-10-31 03:35:04 173,056 ----a-w c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.22299_none_0c578b510b a74da2\AcXtrnal.dll
+ 2008-10-16 04:40:33 124,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16764_none_a9a84 a59f5d70728\advpack.dll
+ 2008-10-16 04:19:25 124,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20937_none_aa555 9ad0ed99c4b\advpack.dll
+ 2008-10-29 06:20:29 2,923,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83 bb287ccdb7e3\explorer.exe
+ 2008-10-28 02:15:02 2,923,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033 cb5995cd990b\explorer.exe
+ 2008-10-29 06:29:41 2,927,104 ----a-w c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177 ca9879e978e8\explorer.exe
+ 2008-10-30 03:59:17 2,927,616 ----a-w c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4 f8c7931bd1e1\explorer.exe
+ 2008-11-01 03:33:49 1,687,040 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16772_none_ 3fd0636ec44d63f6\gameux.dll
+ 2008-10-31 23:38:08 4,247,552 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16772_none_ 3fd0636ec44d63f6\GameUXLegacyGDFs.dll
+ 2008-11-01 03:25:02 1,686,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20949_none_ 408173e9dd4c5e75\gameux.dll
+ 2008-10-31 23:38:11 4,247,552 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20949_none_ 408173e9dd4c5e75\GameUXLegacyGDFs.dll
+ 2008-03-08 04:21:55 1,695,744 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18165_none_ 41c472dec16924fb\gameux.dll
+ 2008-11-01 01:21:40 4,240,384 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18165_none_ 41c472dec16924fb\GameUXLegacyGDFs.dll
+ 2008-10-31 03:35:06 1,696,256 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22299_none_ 4231a10dda9b7df4\gameux.dll
+ 2008-10-31 01:17:43 4,240,384 ----a-w c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22299_none_ 4231a10dda9b7df4\GameUXLegacyGDFs.dll
+ 2008-10-21 05:16:20 297,472 ----a-w c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6000.16766_none_575d8f7 04c563751\gdi32.dll
+ 2008-10-21 05:07:18 297,472 ----a-w c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6000.20940_none_57f6cc3 d65690456\gdi32.dll
+ 2008-10-21 05:25:18 296,960 ----a-w c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6001.18159_none_59519ee 04971f856\gdi32.dll
+ 2008-10-21 05:21:43 297,472 ----a-w c:\windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6001.22291_none_59a7f9a b62b73d2c\gdi32.dll
+ 2008-10-16 04:40:37 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.1 6764_none_eba35409166fed27\pngfilt.dll
+ 2008-10-16 04:23:20 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.2 0937_none_ec50635c2f72824a\pngfilt.dll
+ 2008-10-16 04:40:37 1,160,192 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.1 6764_none_b2bffcbbd9d0648b\urlmon.dll
+ 2008-10-16 04:23:50 1,163,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.2 0937_none_b36d0c0ef2d2f9ae\urlmon.dll
+ 2008-10-16 04:47:34 1,166,336 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.1 8157_none_b4b40c2bd6ec2590\urlmon.dll
+ 2008-10-16 04:38:28 1,166,848 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.2 2288_none_b51e397cf0213284\urlmon.dll
+ 2008-10-16 04:40:36 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.1 6764_none_dea28b847f7923fa\mstime.dll
+ 2008-10-16 04:22:03 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.2 0937_none_df4f9ad7987bb91d\mstime.dll
+ 2008-10-16 04:47:32 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.1 8157_none_e0969af47c94e4ff\mstime.dll
+ 2008-10-16 04:38:25 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.2 2288_none_e100c84595c9f1f3\mstime.dll
+ 2008-10-21 23:31:22 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16767_none_132 73c340c95d620\tzres.dll
+ 2008-10-22 03:43:38 18,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16767_none_132 73c340c95d620\tzupd.exe
+ 2008-10-21 23:30:56 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20941_none_13c 0790125a8a325\tzres.dll
+ 2008-10-22 01:13:26 18,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20941_none_13c 0790125a8a325\tzupd.exe
+ 2008-10-22 01:22:11 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18160_none_150 678d409c2b5b0\tzres.dll
+ 2008-01-21 02:33:14 18,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18160_none_150 678d409c2b5b0\tzupd.exe
+ 2008-10-22 01:04:22 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22292_none_157 1a66f22f6dbfb\tzres.dll
+ 2008-10-22 03:34:43 18,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22292_none_157 1a66f22f6dbfb\tzupd.exe
+ 2008-10-16 04:40:35 27,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6764_none_ffc5d85da4d98b1e\jsproxy.dll
+ 2008-10-16 04:40:37 826,368 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6764_none_ffc5d85da4d98b1e\wininet.dll
+ 2008-10-16 04:40:37 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.1 6764_none_ffc5d85da4d98b1e\WininetPlugin.dll
+ 2008-10-16 04:20:49 27,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 0937_none_0072e7b0bddc2041\jsproxy.dll
+ 2008-10-16 04:24:00 827,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 0937_none_0072e7b0bddc2041\wininet.dll
+ 2008-10-16 04:24:00 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.2 0937_none_0072e7b0bddc2041\WininetPlugin.dll
+ 2008-10-16 04:47:30 28,160 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8157_none_01b9e7cda1f54c23\jsproxy.dll
+ 2008-10-16 04:47:35 827,392 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8157_none_01b9e7cda1f54c23\wininet.dll
+ 2008-02-22 05:01:41 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.1 8157_none_01b9e7cda1f54c23\WininetPlugin.dll
+ 2008-10-16 04:38:24 28,160 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2288_none_0224151ebb2a5917\jsproxy.dll
+ 2008-10-16 04:38:28 827,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2288_none_0224151ebb2a5917\wininet.dll
+ 2008-10-16 04:38:28 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.2 2288_none_0224151ebb2a5917\WininetPlugin.dll
+ 2008-01-21 02:34:01 2,455,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16764_no ne_f96efb376ec50571\ieapfltr.dat
+ 2008-10-16 04:40:34 383,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16764_no ne_f96efb376ec50571\ieapfltr.dll
+ 2008-01-21 02:34:01 2,455,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20937_no ne_fa1c0a8a87c79a94\ieapfltr.dat
+ 2008-10-16 04:20:23 380,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20937_no ne_fa1c0a8a87c79a94\ieapfltr.dll
+ 2008-10-16 04:40:34 347,136 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16764_ none_95a333ef84aa8b9f\dxtmsft.dll
+ 2008-10-16 04:40:34 214,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16764_ none_95a333ef84aa8b9f\dxtrans.dll
+ 2008-10-16 04:20:03 347,136 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20937_ none_965043429dad20c2\dxtmsft.dll
+ 2008-10-16 04:20:03 214,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20937_ none_965043429dad20c2\dxtrans.dll
+ 2008-10-16 04:40:35 477,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16764_none_4 605ce47466b3e2c\mshtmled.dll
+ 2008-10-16 04:21:41 477,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20937_none_4 6b2dd9a5f6dd34f\mshtmled.dll
+ 2008-10-16 04:40:35 3,593,216 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16764_none _111ff77c252ff454\mshtml.dll
+ 2008-10-16 04:21:40 3,595,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20937_none _11cd06cf3e328977\mshtml.dll
+ 2008-10-16 04:47:30 3,578,880 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18157_none _131406ec224bb559\mshtml.dll
+ 2008-10-16 04:38:25 3,579,392 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22288_none _137e343d3b80c24d\mshtml.dll
+ 2008-10-16 04:40:34 63,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16764_none_5878 64466744805d\icardie.dll
+ 2008-10-16 04:20:23 63,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.20937_none_5925 739980471580\icardie.dll
+ 2008-10-16 04:40:06 26,624 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_n one_2d3ee4e91d04fa01\ieUnatt.exe
+ 2008-10-16 04:42:58 634,024 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_n one_2d3ee4e91d04fa01\iexplore.exe
+ 2008-10-16 02:13:16 26,624 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_n one_2debf43c36078f24\ieUnatt.exe
+ 2008-10-16 04:27:53 634,024 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_n one_2debf43c36078f24\iexplore.exe
+ 2008-10-16 04:40:34 267,776 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16764_n one_45808f398f8aa97b\iertutil.dll
+ 2008-10-16 04:40:37 134,144 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16764_n one_45808f398f8aa97b\sqmapi.dll
+ 2008-10-16 04:20:24 267,776 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20937_n one_462d9e8ca88d3e9e\iertutil.dll
+ 2008-10-16 04:23:41 134,144 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20937_n one_462d9e8ca88d3e9e\sqmapi.dll
+ 2008-10-16 04:47:29 270,336 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18157_n one_47749ea98ca66a80\iertutil.dll
+ 2008-01-21 02:34:16 129,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18157_n one_47749ea98ca66a80\sqmapi.dll
+ 2008-10-16 04:38:24 270,848 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22288_n one_47decbfaa5db7774\iertutil.dll
+ 2008-10-16 04:38:27 129,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22288_n one_47decbfaa5db7774\sqmapi.dll
+ 2008-10-16 04:40:06 70,656 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16764_none_c3ad9 a04617fc2a6\ie4uinit.exe
+ 2008-10-16 04:40:34 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16764_none_c3ad9 a04617fc2a6\iernonce.dll
+ 2008-10-16 04:40:34 56,320 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16764_none_c3ad9 a04617fc2a6\iesetup.dll
+ 2008-10-16 02:13:06 70,656 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20937_none_c45aa 9577a8257c9\ie4uinit.exe
+ 2008-10-16 04:20:24 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20937_none_c45aa 9577a8257c9\iernonce.dll
+ 2008-10-16 04:20:24 56,320 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20937_none_c45aa 9577a8257c9\iesetup.dll
+ 2008-10-16 04:40:34 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16764_none_29d2 b074682f9803\iebrshim.dll
+ 2008-11-01 03:33:49 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16772_none_29c5 dff468398146\iebrshim.dll
+ 2008-10-16 04:20:23 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20937_none_2a7f bfc781322d26\iebrshim.dll
+ 2008-11-01 03:25:13 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20949_none_2a76 f06f81387bc5\iebrshim.dll
+ 2008-11-01 03:44:36 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6001.18165_none_2bb9 ef646555424b\iebrshim.dll
+ 2008-10-31 03:35:06 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6001.22299_none_2c27 1d937e879b44\iebrshim.dll
+ 2008-10-16 04:40:34 6,066,176 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16764_none_627f5 17fb1258281\ieframe.dll
+ 2008-10-16 04:40:34 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16764_none_627f5 17fb1258281\ieui.dll
+ 2008-10-16 04:20:24 6,068,224 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20937_none_632c6 0d2ca2817a4\ieframe.dll
+ 2008-10-16 04:20:24 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20937_none_632c6 0d2ca2817a4\ieui.dll
+ 2008-10-16 04:47:29 6,068,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18157_none_64736 0efae414386\ieframe.dll
+ 2008-01-21 02:34:25 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18157_none_64736 0efae414386\ieui.dll
+ 2008-10-16 04:38:24 6,069,760 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22288_none_64dd8 e40c776507a\ieframe.dll
+ 2008-10-16 04:38:24 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22288_none_64dd8 e40c776507a\ieui.dll
+ 2008-10-16 04:40:06 263,168 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16764_none_e678 bdfe94a8d6b9\ieinstal.exe
+ 2008-10-16 02:13:30 263,168 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20937_none_e725 cd51adab6bdc\ieinstal.exe
+ 2008-10-16 04:40:06 301,568 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16764_none_0b20f3 1ad723966b\ieuser.exe
+ 2008-10-16 02:13:32 301,568 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20937_none_0bce02 6df0262b8e\ieuser.exe
+ 2008-06-23 01:52:48 2,855,424 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_no ne_9a80f4cc0f93e171\mf.dll
+ 2008-06-22 22:34:28 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_no ne_9a80f4cc0f93e171\mferror.dll
+ 2008-06-23 01:52:18 24,576 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_no ne_9a80f4cc0f93e171\mfpmp.exe
+ 2008-06-23 01:52:48 98,816 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_no ne_9a80f4cc0f93e171\mfps.dll
+ 2008-06-23 01:52:29 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16708_no ne_9a80f4cc0f93e171\rrinstaller.exe
+ 2008-06-23 01:45:58 2,855,424 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_no ne_9ac5b0e728e5c385\mf.dll
+ 2008-06-22 22:30:28 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_no ne_9ac5b0e728e5c385\mferror.dll
+ 2008-06-22 23:56:54 24,576 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_no ne_9ac5b0e728e5c385\mfpmp.exe
+ 2008-06-23 01:46:00 98,816 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_no ne_9ac5b0e728e5c385\mfps.dll
+ 2008-06-22 23:56:20 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.20864_no ne_9ac5b0e728e5c385\rrinstaller.exe
+ 2008-06-23 01:59:25 2,868,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_no ne_9c03e1ac0d053e06\mf.dll
+ 2006-11-02 12:34:47 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_no ne_9c03e1ac0d053e06\mferror.dll
+ 2008-01-21 02:35:05 24,576 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_no ne_9c03e1ac0d053e06\mfpmp.exe
+ 2008-01-21 02:35:06 98,816 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_no ne_9c03e1ac0d053e06\mfps.dll
+ 2008-01-21 02:35:05 53,248 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18096_no ne_9c03e1ac0d053e06\rrinstaller.exe
+ 2008-06-23 01:41:40 2,868,224 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_no ne_9cf0d03d25d8122c\mf.dll
+ 2008-06-23 00:00:57 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_no ne_9cf0d03d25d8122c\mferror.dll
+ 2008-06-23 00:01:07 24,576 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_no ne_9cf0d03d25d8122c\mfpmp.exe
+ 2008-06-23 01:39:32 98,816 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_no ne_9cf0d03d25d8122c\mfps.dll
+ 2008-06-23 00:00:33 53,248 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22208_no ne_9cf0d03d25d8122c\rrinstaller.exe
+ 2008-06-23 01:52:15 94,720 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-logagent_31bf3856ad364e35_6.0.6000.16708_none_e962 51c7c4db0f0d\logagent.exe
+ 2008-06-22 23:58:14 94,720 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-logagent_31bf3856ad364e35_6.0.6000.20864_none_e9a7 0de2de2cf121\logagent.exe
+ 2008-06-23 01:58:43 94,720 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-logagent_31bf3856ad364e35_6.0.6001.18096_none_eae5 3ea7c24c6ba2\logagent.exe
+ 2008-06-23 00:02:10 94,720 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-logagent_31bf3856ad364e35_6.0.6001.22208_none_ebd2 2d38db1f3fc8\logagent.exe
+ 2008-06-23 01:52:51 996,352 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmnetmgr_31bf3856ad364e35_6.0.6000.16708_none_4567 bba6c17416fd\WMNetMgr.dll
+ 2008-06-23 01:49:03 996,352 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmnetmgr_31bf3856ad364e35_6.0.6000.20864_none_45ac 77c1dac5f911\WMNetMgr.dll
+ 2008-06-23 01:59:26 996,352 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmnetmgr_31bf3856ad364e35_6.0.6001.18096_none_46ea a886bee57392\WMNetMgr.dll
+ 2008-06-23 01:42:23 996,864 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmnetmgr_31bf3856ad364e35_6.0.6001.22208_none_47d7 9717d7b847b8\WMNetMgr.dll
+ 2008-06-23 01:52:51 2,433,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.16708_none_05544 95dd8a9b82d\WMVCORE.DLL
+ 2008-06-23 01:49:11 2,436,096 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.20864_none_05990 578f1fb9a41\WMVCORE.DLL
+ 2008-06-23 01:59:25 2,386,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.18096_none_06d73 63dd61b14c2\WMVCORE.DLL
+ 2008-06-23 01:41:43 2,386,944 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.22208_none_07c42 4ceeeede8e8\WMVCORE.DLL
+ 2008-11-06 12:57:06 11,315,712 ----a-w c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.16774_none_69fb3 fd2150a82e8\shell32.dll
+ 2008-11-06 12:59:14 11,320,832 ----a-w c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.20951_none_6a977 d7d2e1a9bf2\shell32.dll
+ 2008-11-06 13:14:25 11,580,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.18167_none_6bef4 f42122643ed\shell32.dll
+ 2008-11-06 12:59:27 11,582,976 ----a-w c:\windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.22303_none_6cb5c c532b16d3dc\shell32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\AD SMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 08:08 143360 --a------ c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Google Update"="c:\users\X80le\AppData\Local\Google\Updat e\GoogleUpdate.exe" [2008-09-04 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IM ESC\IMSCMIG.EXE" [2006-10-27 32560]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
"msacm.clmp3enc"= c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALUAlert]
--a------ 2007-08-23 20:34 152952 c:\program files\Symantec\LiveUpdate\ALUNOTIFY.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-09-03 20:12 111936 c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 289576 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
--a------ 2008-03-18 08:59 2289664 c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 17:43 4670704 c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)
  #46  
Old 11th Dec 2008, 20:52
Member Group
  
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{2573AF6E-4420-460D-B360-47E6FFDFB35A}"= c:\program files\ASUSTek\ASUSDVD\PowerDVD.EXE:CyberLink PowerDVD
"{1A063077-ABC5-43E9-98FC-D09DFDB73C4E}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{C910D8D9-91DC-49D2-9BAA-6E4029495793}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{26A2DECA-A4B6-49F3-8060-4070E543505A}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{3E7312D1-5E0F-44BD-85FE-28C0F0C2EA2F}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{A4988C1A-0A82-4B48-BD6E-F8A6D44F588C}"= UDP:c:\program files\Symantec AntiVirus\Rtvscan.exe:Symantec Antivirus
"{CD143528-E032-4B6C-9493-32BC83551EFA}"= TCP:c:\program files\Symantec AntiVirus\Rtvscan.exe:Symantec Antivirus
"{F07D88BB-0FE5-444E-83E9-31DCD7DC787E}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{33DE57E4-57F4-4CB4-A9A5-F15ADF37EBE2}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{51308F0D-4B2A-4620-A12A-0D8D43A40ACA}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{B4DC49C8-02CE-43D4-ADB8-6246E348DC80}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{FD3A1F1E-DAEF-4799-950F-CEE6813C5F41}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{926071A3-257A-44E0-B009-3073F4BA73E7}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{B8E3D35D-BFBD-4111-89E0-8BE5F3C72EB7}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{1C8CB5FC-4EB4-4322-9963-DDFE8469D29A}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{5AE2D551-9A5B-42DC-AA03-A48D083873E6}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows \system32\drivers\psd.sys [2007-01-25 39080]
S1 IDSvix86;Symantec Intrusion Prevention Driver;\??\c:\progra~2\Symantec\DEFINI~1\SymcData\ ipsdefs\20081210.002\IDSvix86.sys [2008-12-12 270384]
S2 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [2007-08-25 149352]
S3 COH_Mon;COH_Mon;\??\c:\windows\system32\Drivers\CO H_Mon.sys [2007-05-29 23888]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\pro gram files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-09-03 99376]
S3 SYMNDISV;SYMNDISV;c:\windows\system32\Drivers\SYMN DISV.SYS [2008-06-13 41008]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1f48810a-8fd8-11dd-9d30-001fc6eaceab}]
\shell\Auto\command - setup.exe
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe

*Newly Created Service* - COMHOST
*Newly Created Service* - ECACHE

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2008-12-05 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\users\X80le\AppData\Local\Google\Update\GoogleU pdate.exe [2008-09-04 10:34]

2008-11-10 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - X80le.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-27 01:18]
.
- - - - ORPHANS REMOVED - - - -

HKLM-RunOnce-<NO NAME> - (no file)


.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FireFox -: Profile - c:\users\X80le\AppData\Roaming\Mozilla\Firefox\Pro files\7tdoti5o.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - about:blank
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
FF -: plugin - c:\users\X80le\AppData\Local\Google\Update\1.2.131 .27\npGoogleOneClick6.dll
.
.
------- File Associations -------
.
inifile=%SystemRoot%\System32\NOTEPAD.EXE %1"
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-12 11:35:13
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\users\X80le\AppData\Local\Temp\catchme.dll 53248 bytes executable
C:\ADSM_PData_0150

scan completed successfully
hidden files: 2

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(320)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
Completion time: 2008-12-12 11:36:00
ComboFix-quarantined-files.txt 2008-12-12 03:35:58
ComboFix2.txt 2008-12-10 01:48:32
ComboFix3.txt 2008-12-09 02:32:17

Pre-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
Post-Run: 48,975,310,848 bytes free

470 --- E O F --- 2008-12-10 10:29:42

tried sending the screenshot of the location o fhte $recycle.bin in your evilfantasy@yahoo.com however it bounced back
  #47  
Old 11th Dec 2008, 22:36
Moderator Group
  
That's OK, it's evilfantasy69.

Download DrWeb CureIt & save it to your desktop.

Scan with DrWeb-CureIt as follows:
  • Double-click on drweb-cureit.exe and then click Start.
  • An Express Scan of your PC notice will appear.
  • Under Start the Express Scan Now Click OK to start.
    • This is a short scan that will scan the files currently running in memory.
    • If or when something is found, click the Yes button when it asks you if you want to cure it.
  • Once the short scan has finished, Click Options > Change settings
  • Choose the Scan tab and UNcheck Heuristic analysis and click OK
  • Back at the main window, select the Complete scan button.
  • Then click the Green Arrow Start Scanning button on the right and the scan will start.
    • Click Yes to all if it asks if you want to cure/move any file(s).
  • When the scan is done.
  • In the Dr.Web CureIt menu on top left, click File and choose Save report list.
  • Save the DrWeb.csv report to your Desktop.
  • Exit Dr.Web Cureit.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, Right-click the Dr.Web log on the desktop and choose Open With > Notepad
  • Copy and paste that log in the next reply
__________________
  #48  
Old 17th Jan 2009, 14:57
Member Group
  
Hi Evilfantasy, Happy New year, sorry for not replying on this thread. been busy lately. my laptop is ok now how do i remove combo fix? thanks for all the help
  #49  
Old 17th Jan 2009, 17:12
Moderator Group
  
  • Click START then RUN
  • Now type Combofix /u in the runbox
  • Make sure there's a space between Combofix and /u
  • Then hit Enter.
  • The above procedure will:
  • Delete the following:
  • ComboFix and its associated files and folders.
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Set a new, clean Restore Point.

----------

Download random's system information tool (RSIT) by random/random from and save it to your Desktop.
  • Double click on RSIT.exe to run.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open.
  • log.txt <will be maximized and info.txt <will be minimized
  • Please post the contents of both logs in the next reply.
__________________
Reply
Page 5 of 5 1234 5

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright ©2006 - 2009 Computer Juice.
Contact - Privacy - Sitemap - Top

Powered by vBulletin® Copyright ©2000 - 2009 Jelsoft Enterprises Ltd. SEO by vBSEO ©2009, Crawlability, Inc.