« previous next »
Pages: [1]

Author Topic: Computer has been running very slow/a lot of popups.  (Read 1483 times)

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« on: November 02, 2008, 12:57:18 PM »
So my computer has been having alot of problems carrying out the simplest of tasks (switching from one tab to the other without locking up) and alot of popups and spam having been coming up. So I need help fixing it up so it can actually run decent-ish.
Here is my "Hijack This" log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:58 PM, on 11/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\service.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Yahoo!\YPSR\ypsr.exe
C:\Program Files\Yahoo!\Antivirus\caaviftest.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?linkid=54834
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: {46957b7d-9ad8-fb38-c674-f29c8475b444} - {444b5748-c92f-476c-83bf-8da9d7b75964} - C:\WINDOWS\system32\tmqwaj.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {75ABCF92-9764-4DFA-A83F-5142C3905052} - C:\WINDOWS\system32\vtUonkiJ.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {D9881D61-8849-4F5E-885F-2F2D444FE543} - C:\WINDOWS\system32\xxyvstst.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [Messenger Service] service.exe
O4 - HKLM\..\Run: [0027b6eb] rundll32.exe "C:\WINDOWS\system32\txwecnbc.dll",b
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\DOCUME~1\GARRET~1\LOCALS~1\Temp\efcARheC.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\DOCUME~1\GARRET~1\LOCALS~1\Temp\mlJCrrSI.dll,c
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Program Files\Mozilla Firefox\plugins\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-21-3733785396-2961367675-4195862983-1009\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\xtras\mssysmgr.exe (User 'Compaq_Owner')
O4 - HKUS\S-1-5-21-3733785396-2961367675-4195862983-1009\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User 'Compaq_Owner')
O4 - HKUS\S-1-5-21-3733785396-2961367675-4195862983-1009\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Compaq_Owner')
O4 - HKUS\S-1-5-21-3733785396-2961367675-4195862983-1009\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Compaq_Owner')
O4 - HKUS\S-1-5-21-3733785396-2961367675-4195862983-1009\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Compaq_Owner')
O4 - HKUS\S-1-5-21-3733785396-2961367675-4195862983-1009\..\Run: [MSServer] rundll32.exe C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\opnNfCSl.dll,#1 (User 'Compaq_Owner')
O4 - HKUS\S-1-5-21-3733785396-2961367675-4195862983-1009\..\Run: [MS Juan] rundll32 "C:\WINDOWS\system32\hzlhzs.dll",run (User 'Compaq_Owner')
O4 - HKUS\S-1-5-21-3733785396-2961367675-4195862983-1015\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'gina')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZKfox000
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O20 - AppInit_DLLs: tmqwaj.dll
O20 - Winlogon Notify: vtUonkiJ - C:\WINDOWS\SYSTEM32\vtUonkiJ.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 12326 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer has been running very slow/a lot of popups.
« Reply #1 on: November 02, 2008, 01:42:25 PM »
Download this file - Combofix.exe and save it ONLY to your desktop

Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
By default it will save a copy to C:\Combofix.txt
I'll need to see this log later
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post the log from ComboFix and include a fresh Hijackthis log
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #2 on: November 02, 2008, 10:40:56 PM »
Every time I run/open "ComboFix" it will either close itself out or just come up with a blank blue screen; saying incorrect file location.
« Last Edit: November 02, 2008, 10:42:03 PM by Chuck Norris »
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer has been running very slow/a lot of popups.
« Reply #3 on: November 02, 2008, 10:54:05 PM »
Are you running ComboFix directly from your Desktop?
If not, that is the spot you want it

In addition, can you delete your copy of ComboFix
Temporarily disable your Anti-Virus software
Redownload ComboFix and then try running it again
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #4 on: November 03, 2008, 06:29:31 PM »
Yes I am running from desktop. Also if it helps you out, I believe that I got a virus over MSN, in a link with my user in it. I heard that it has messed up a lot of computers.
Logged

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #5 on: November 03, 2008, 11:36:53 PM »
Here is the log, let me know what to do next. -.-


ComboFix 08-11-03.03 - Garrett's Account 2008-11-03 22:07:23.6 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.573 [GMT -6:00]
Running from: c:\documents and settings\Garrett's Account\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\btahguls.dll
c:\windows\system32\cewyehjk.dll
c:\windows\system32\chsnmlqn.dll
c:\windows\system32\cknhtipf.dll
c:\windows\system32\dkkxstpa.dll
c:\windows\system32\dvpfimdl.dll
c:\windows\system32\fsclublo.dll
c:\windows\system32\gyvmpvep.dll
c:\windows\system32\inmehwoo.dll
c:\windows\system32\irurvagy.dll
c:\windows\system32\jlpnvirn.dll
c:\windows\system32\johulxnf.dll
.
---- Previous Run -------
.
c:\program files\FunWebProducts
c:\program files\FunWebProducts\ScreenSaver\Images\011EBCD8.urr
c:\program files\FunWebProducts\ScreenSaver\Images\05BA167B.urr
c:\program files\FunWebProducts\Shared\0D7AB5C6.dat
c:\program files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\Internet Explorer\msimg32.dll
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\2.bin\F3BROVLY.DLL
c:\program files\MyWebSearch\bar\2.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\2.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\2.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\2.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SHLLVW.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\2.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\2.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MSG.DLL
c:\program files\MyWebSearch\bar\2.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\03064188
c:\program files\MyWebSearch\bar\Cache\2A3CF138
c:\program files\MyWebSearch\bar\Cache\2A3CF6A7
c:\program files\MyWebSearch\bar\Cache\2A3CF985.bin
c:\program files\MyWebSearch\bar\Cache\2A3CFC54.bin
c:\program files\MyWebSearch\bar\Cache\2A3CFF42.bin
c:\program files\MyWebSearch\bar\Cache\2A3D0145.bin
c:\program files\MyWebSearch\bar\Cache\2A3D02BC.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search2
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Message\COMMON\ask_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.htm
c:\program files\MyWebSearch\bar\Message\COMMON\center.htm
c:\program files\MyWebSearch\bar\Message\COMMON\index.htm
c:\program files\MyWebSearch\bar\Message\COMMON\mid_dots.gif
c:\program files\MyWebSearch\bar\Message\COMMON\mws_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\protect.htm
c:\program files\MyWebSearch\bar\Message\COMMON\shocked.gif
c:\program files\MyWebSearch\bar\Message\COMMON\stop.gif
c:\program files\MyWebSearch\bar\Message\COMMON\systray.htm
c:\program files\MyWebSearch\bar\Message\COMMON\systrayp.htm
c:\program files\MyWebSearch\bar\Message\COMMON\tp_grad.gif
c:\program files\MyWebSearch\bar\Message\COMMON\warn.gif
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
C:\resycled
c:\resycled\boot.com
c:\windows\admintxt.txt
c:\windows\Downloaded Program Files\setup.inf
c:\windows\service.exe
c:\windows\system32\apoqxvrr.ini
c:\windows\system32\aptsxkkd.ini
c:\windows\system32\awtRHBTl.dll
c:\windows\system32\awtrPhIA.dll
c:\windows\system32\bcidexlt.ini
c:\windows\system32\byXNhhHW.dll
c:\windows\system32\byXOhGXP.dll
c:\windows\system32\byXopQJA.dll
c:\windows\system32\cahedptq.ini
c:\windows\system32\cbncewxt.ini
c:\windows\system32\cbXPjHAs.dll
c:\windows\system32\cdfmccet.ini
c:\windows\system32\cfjtipxl.dll
c:\windows\system32\covgoy.dll
c:\windows\system32\cspltlxi.dll
c:\windows\system32\dasgltfr.dll
c:\windows\system32\ddcYpoME.dll
c:\windows\system32\ddcYrQhi.dll
c:\windows\system32\ddmxgwti.dll
c:\windows\system32\diwqaabw.dll
c:\windows\system32\dnvfgtox.dll
c:\windows\system32\Drivers\TDSSrvdc.sys
c:\windows\system32\dxalmg.dll
c:\windows\system32\efcYOfeD.dll
c:\windows\system32\enotlbvx.dll
c:\windows\system32\enxgquxt.ini
c:\windows\system32\ersnunbg.dll
c:\windows\system32\eyaecn.dll
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\faheve.dll
c:\windows\system32\fccdddDv.dll
c:\windows\system32\fftqunko.ini
c:\windows\system32\fgonql.dll
c:\windows\system32\fjfmny.dll
c:\windows\system32\fqwxxtcu.ini
c:\windows\system32\fyeisibx.ini
c:\windows\system32\gbnunsre.ini
c:\windows\system32\gbvoiniu.dll
c:\windows\system32\gffcrxmx.ini
c:\windows\system32\guvfqfck.ini
c:\windows\system32\hdvertyr.ini
c:\windows\system32\hhsmip.dll
c:\windows\system32\hzlhzs.dll
c:\windows\system32\iifcBqnN.dll
c:\windows\system32\iifebBuT.dll
c:\windows\system32\ixltlpsc.ini
c:\windows\system32\ixtmns.dll
c:\windows\system32\iykwwnyt.dll
c:\windows\system32\iyxxflpy.dll
c:\windows\system32\jatdoxun.ini
c:\windows\system32\jcdfanyc.dll
c:\windows\system32\jkkHAqNE.dll
c:\windows\system32\jkkHAqnl.dll
c:\windows\system32\jkoojorq.ini
c:\windows\system32\jqbjsnwl.ini
c:\windows\system32\kdcbp.exe
c:\windows\system32\kerrqr.dll
c:\windows\system32\khfcbBuT.dll
c:\windows\system32\khfGxYRk.dll
c:\windows\system32\kjheywec.ini
c:\windows\system32\lbtvfubc.dll
c:\windows\system32\ljJDsSIA.dll
c:\windows\system32\llpfpa.dll
c:\windows\system32\lyjbko.dll
c:\windows\system32\minedfyu.ini
c:\windows\system32\mlJDvUlk.dll
c:\windows\system32\mmiske.dll
c:\windows\system32\ndtenkvn.ini
c:\windows\system32\nnjqab.dll
c:\windows\system32\ntycvvjo.ini
c:\windows\system32\nucmcosl.dll
c:\windows\system32\nvknetdn.dll
c:\windows\system32\olbulcsf.ini
c:\windows\system32\oowhemni.ini
c:\windows\system32\opnooPFw.dll
c:\windows\system32\oqwljmrq.dll
c:\windows\system32\otfzje.dll
c:\windows\system32\otnaig.dll
c:\windows\system32\outgwv.dll
c:\windows\system32\pmnoLcBu.dll
c:\windows\system32\pnvhhrqd.dll
c:\windows\system32\puegab.dll
c:\windows\system32\qcqlmlad.ini
c:\windows\system32\qnlkgjie.ini
c:\windows\system32\qoMeFuvw.dll
c:\windows\system32\qrmjlwqo.ini
c:\windows\system32\qumnuv.dll
c:\windows\system32\qwetem.dll
c:\windows\system32\rftlgsad.ini
c:\windows\system32\rhlvrwyt.ini
c:\windows\system32\rmmtguau.ini
c:\windows\system32\rqRIxvsp.dll
c:\windows\system32\slfcmk.dll
c:\windows\system32\slughatb.ini
c:\windows\system32\srapdrpi.dll
c:\windows\system32\ssqOfCTl.dll
c:\windows\system32\ssqPiifg.dll
c:\windows\system32\TDSSktkl.dll
c:\windows\system32\teccmfdc.dll
c:\windows\system32\tmqwaj.dll
c:\windows\system32\tstsvyxx.ini
c:\windows\system32\tstsvyxx.ini2
c:\windows\system32\tuvTkkkh.dll
c:\windows\system32\tyihoawd.dll
c:\windows\system32\tynwwkyi.ini
c:\windows\system32\uaugtmmr.dll
c:\windows\system32\uniecb.dll
c:\windows\system32\uyfdenim.dll
c:\windows\system32\vrsfaatk.dll
c:\windows\system32\vtUonkiJ.dll
c:\windows\system32\vtUopQHA.dll
c:\windows\system32\wbaaqwid.ini
c:\windows\system32\wispygpb.ini
c:\windows\system32\wnblsp.dll
c:\windows\system32\wrmpjlaw.dll
c:\windows\system32\xmxrcffg.dll
c:\windows\system32\xrglrlrs.dll
c:\windows\system32\xrsmngfu.dll
c:\windows\system32\xxyvstst.dll
c:\windows\system32\yayaAqOG.dll
c:\windows\system32\yayxutrs.dll
c:\windows\system32\ydqmwl.dll
c:\windows\system32\yjhoyi.dll
c:\windows\system32\ymyaic.dll
c:\windows\system32\yplfxxyi.ini
c:\windows\system32\zxoaiv.dll
D:\Autorun.inf

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_TDSSserv
-------\Legacy_TDSSserv
-------\Legacy_TDSSSERV.SYS
-------\Service_TDSSserv.sys


(((((((((((((((((((((((((   Files Created from 2008-10-04 to 2008-11-04  )))))))))))))))))))))))))))))))
.

2008-11-03 19:52 . 2008-11-03 19:52   172   --ah-----   C:\sqmnoopt02.sqm
2008-11-03 19:52 . 2008-11-03 19:52   172   --ah-----   C:\sqmdata02.sqm
2008-11-02 22:51 . 2008-11-02 22:51   76,288   --a------   c:\windows\system32\rytrevdh.dll
2008-11-02 22:44 . 2008-11-02 22:44   76,288   --a------   c:\windows\system32\uctxxwqf.dll
2008-11-02 22:43 . 2008-11-02 22:44   113,152   --a------   c:\windows\system32\lisebgwl.dll
2008-11-02 19:14 . 2008-11-03 05:21   98,410   --a------   c:\windows\webconfig32.exe
2008-11-02 12:31 . 2008-11-02 12:31   <DIR>   d--------   c:\program files\Sun
2008-11-01 22:43 . 2008-11-01 22:43   112,128   --a------   c:\windows\system32\vnexenor.dll
2008-11-01 22:43 . 2008-11-01 22:43   112,128   --a------   c:\windows\system32\ntxqfoxt.dll
2008-11-01 22:43 . 2008-11-01 22:43   77,312   ---------   c:\windows\system32\oknuqtff.dll
2008-11-01 17:04 . 2008-11-01 17:04   112,128   --a------   c:\windows\system32\qlmpitqw.dll
2008-11-01 16:41 . 2008-11-01 16:41   268   --ah-----   C:\sqmdata01.sqm
2008-11-01 16:41 . 2008-11-01 16:41   244   --ah-----   C:\sqmnoopt01.sqm
2008-11-01 14:18 . 2008-11-01 14:18   244   --ah-----   C:\sqmnoopt00.sqm
2008-11-01 14:18 . 2008-11-01 14:18   232   --ah-----   C:\sqmdata00.sqm
2008-11-01 13:34 . 2008-11-01 13:34   102,400   --a------   c:\windows\system32\ymbrtueo.dll
2008-11-01 13:34 . 2008-11-01 13:34   69,120   ---------   c:\windows\system32\tywrvlhr.dll
2008-10-31 04:24 . 2008-10-31 04:24   68,608   ---------   c:\windows\system32\rrvxqopa.dll
2008-10-29 04:22 . 2008-10-29 04:22   68,608   ---------   c:\windows\system32\tlxedicb.dll
2008-10-27 10:03 . 2008-10-27 10:03   102,400   --a------   c:\windows\system32\rerhxfxt.dll
2008-10-27 04:31 . 2008-10-27 04:31   1,025   --a------   c:\windows\sysinf_32.exe
2008-10-24 10:49 . 2008-10-24 10:49   102,400   --a------   c:\windows\system32\uiarvkpr.dll
2008-10-23 10:49 . 2008-10-23 10:49   101,376   --a------   c:\windows\system32\xgxkudiw.dll
2008-10-23 10:48 . 2008-10-23 10:48   69,632   ---------   c:\windows\system32\lwnsjbqj.dll
2008-10-21 18:54 . 2008-10-31 20:44   30   --a------   c:\documents and settings\Garrett's Account\jagex_runescape_preferences.dat
2008-10-20 16:58 . 2008-10-20 17:06   49,714   --a------   c:\documents and settings\Garrett's Account\javamon.exe

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-02 23:57   ---------   d-----w   c:\program files\Canon
2008-11-02 18:56   ---------   d--h--w   c:\program files\InstallShield Installation Information
2008-11-02 18:30   ---------   d-----w   c:\program files\Java
2008-10-15 16:57   332,800   ----a-w   c:\windows\system32\dllcache\netapi32.dll
2008-10-03 17:41   6,066,176   ----a-w   c:\windows\system32\dllcache\ieframe.dll
2008-10-01 22:36   ---------   d-----w   c:\documents and settings\Garrett's Account\Application Data\FrostWire
2008-09-21 05:23   ---------   d-----w   c:\program files\SwiftKit
2008-09-21 05:19   ---------   d-----w   c:\documents and settings\All Users\Application Data\SwiftKit
2008-09-15 11:57   1,846,016   ----a-w   c:\windows\system32\win32k.sys
2008-09-15 11:57   1,846,016   ----a-w   c:\windows\system32\dllcache\win32k.sys
2008-09-08 21:02   ---------   d-----w   c:\program files\Moyea
2008-08-28 10:04   333,056   ----a-w   c:\windows\system32\dllcache\srv.sys
2008-08-27 08:24   3,593,216   ----a-w   c:\windows\system32\dllcache\mshtml.dll
2008-08-25 08:38   13,824   ----a-w   c:\windows\system32\dllcache\ieudinit.exe
2008-08-25 08:37   70,656   ----a-w   c:\windows\system32\dllcache\ie4uinit.exe
2008-08-23 05:56   635,848   ----a-w   c:\windows\system32\dllcache\iexplore.exe
2008-08-23 05:54   161,792   ----a-w   c:\windows\system32\dllcache\ieakui.dll
2008-08-14 10:00   2,180,352   ----a-w   c:\windows\system32\ntoskrnl.exe
2008-08-14 10:00   2,180,352   ----a-w   c:\windows\system32\dllcache\ntoskrnl.exe
2008-08-14 09:58   2,136,064   ----a-w   c:\windows\system32\dllcache\ntkrnlmp.exe
2008-08-14 09:51   138,368   ----a-w   c:\windows\system32\dllcache\afd.sys
2008-08-14 09:22   2,057,728   ----a-w   c:\windows\system32\ntkrnlpa.exe
2008-08-14 09:22   2,057,728   ----a-w   c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 09:22   2,015,744   ----a-w   c:\windows\system32\dllcache\ntkrpamp.exe
2003-03-18 01:27   307,904   -c--a-w   c:\windows\inf\wg311nd5.sys
.

(((((((((((((((((((((((((((((   snapshot@2007-12-27_23.12.28.34   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:48:44   297,984   ----a-w   c:\windows\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-07-12 23:28:55   765,952   ----a-w   c:\windows\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB938127-IE7\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:20:44   755,576   ----a-w   c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2007-10-30 16:53:32   360,832   ----a-w   c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB941644\update\updspapi.dll
+ 2008-03-19 09:40:27   1,845,888   ----a-w   c:\windows\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-12-04 18:29:10   551,936   ----a-w   c:\windows\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-11-07 09:50:47   727,040   ----a-w   c:\windows\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-07 02:01:07   124,928   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:57:52   347,136   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 02:01:07   214,528   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 02:01:07   133,120   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 02:01:07   63,488   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28   70,656   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 02:01:08   153,088   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 02:01:08   230,400   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02   161,792   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38   2,455,488   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 02:01:08   383,488   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 02:01:08   388,096   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 02:01:10   6,067,200   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 02:01:10   44,544   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 02:01:11   267,776   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29   13,824   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45   625,664   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 02:01:11   27,648   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 02:01:11   459,264   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 02:01:11   52,224   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 02:01:12   3,593,216   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 02:01:12   478,208   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 02:01:13   193,024   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 02:01:13   671,232   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 02:01:13   102,912   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:57:26   44,544   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 02:01:13   105,984   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 02:01:13   1,162,752   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 02:01:13   233,472   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 02:01:13   825,344   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33   14,048   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:22:39   213,216   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:22:31   22,752   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56   716,000   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2008-02-20 05:19:35   147,968   ----a-w   c:\windows\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:49:36   45,568   ----a-w   c:\windows\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59   179,712   ----a-w   c:\windows\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-05-02 13:30:08   83,968   ----a-w   c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:49   83,968   ----a-w   c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:42:10   83,968   ----a-w   c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:20:44   755,576   ----a-w   c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-03-01 13:03:00   124,928   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 13:03:00   347,136   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 13:03:00   214,528   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 13:03:00   132,608   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 13:03:00   63,488   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56   70,656   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 13:03:00   153,088   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 13:03:00   230,400   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25   161,792   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38   2,455,488   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 13:03:00   383,488   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 13:03:00   388,608   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 13:03:01   6,067,712   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 13:03:01   44,544   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 13:03:01   267,776   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56   13,824   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22   625,664   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 13:03:01   27,648   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 13:03:01   459,264   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 13:03:01   52,224   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 13:03:01   3,593,216   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 13:03:01   478,208   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 13:03:01   193,024   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 13:03:01   671,232   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 13:03:01   102,912   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 13:03:01   44,544   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 13:03:02   105,984   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 13:03:02   1,162,752   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 13:03:02   233,472   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 13:03:02   827,392   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33   14,048   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:22:39   213,216   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:22:31   22,752   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56   716,000   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-20 06:52:43   282,624   ----a-w   c:\windows\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:22:33   14,048   ----a-w   c:\windows\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:22:39   213,216   ----a-w   c:\windows\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:22:31   22,752   ----a-w   c:\windows\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:22:56   716,000   ----a-w   c:\windows\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:23:47   371,424   ----a-w   c:\windows\$hf_mig$\KB948881\update\updspapi.dll
+ 2008-01-23 04:56:21   554,008   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11   518,944   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11   326,432   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11   1,516,568   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11   355,112   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-27 07:39:13   151,583   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12   60,192   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12   248,608   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12   219,936   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12   355,104   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13   432,928   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13   322,336   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13   559,904   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13   264,992   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13   838,432   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-12-10 12:41:14   621,344   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14   355,104   ----a-w   c:\windows\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-23 03:35:35   124,928   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 03:35:35   347,136   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 03:35:35   214,528   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 03:35:35   132,608   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 03:35:35   63,488   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19   70,656   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 03:35:35   153,088   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 03:35:35   230,400   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38   161,792   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38   2,455,488   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 03:35:35   383,488   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 03:35:35   388,608   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 03:35:36   6,068,224   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 03:35:36   44,544   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 03:35:36   267,776   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19   13,824   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46   625,664   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 03:35:36   27,648   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 03:35:36   459,264   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 03:35:36   52,224   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 03:35:36   3,593,728   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 03:35:36   478,208   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 03:35:36   193,024   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 03:35:36   671,232   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 03:35:36   102,912   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 03:35:36   44,544   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 03:35:36   105,984   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 03:35:36   1,162,752   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 03:35:36   233,472   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 03:35:36   827,392   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33   14,048   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:22:39   213,216   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:22:31   22,752   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56   716,000   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51   203,008   ----a-w   c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52   203,136   ----a-w   c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17   203,136   ----a-w   c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:06:43   253,952   ----a-w   c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58   253,952   ----a-w   c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18   253,952   ----a-w   c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18   755,576   ----a-w   c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19   382,840   ----a-w   c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:39:39   683,520   ----a-w   c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:04:26   691,712   ----a-w   c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-12 05:22:26   691,712   ----a-w   c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:31   755,576   ----a-w   c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00   62,976   ----a-w   c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28   62,976   ----a-w   c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51   62,976   ----a-w   c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51   17,272   ----a-w   c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:51   231,288   ----a-w   c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:51   26,488   ----a-w   c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-13 09:52:16   272,128   ----a-w   c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-13 11:05:51   272,128   ----a-w   c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-13 11:27:43   272,128   ----a-w   c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51   17,272   ----a-w   c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:51   231,288   ----a-w   c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:51   26,488   ----a-w   c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 11:00:16   272,128   ----a-w   c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 12:30:49   272,128   ----a-w   c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 12:36:35   272,128   ----a-w   c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51   17,272   ----a-w   c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:18:51   231,288   ----a-w   c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:18:51   26,488   ----a-w   c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:40   1,288,192   ----a-w   c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40   1,288,192   ----a-w   c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15   1,288,192   ----a-w   c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51   17,272   ----a-w   c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51   231,288   ----a-w   c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51   26,488   ----a-w   c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:08:32   100,352   ----a-w   c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08   138,368   ----a-w   c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11   147,968   ----a-w   c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11   245,248   ----a-w   c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42   360,960   ----a-w   c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39   225,920   ----a-w   c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08   138,496   ----a-w   c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57   147,968   ----a-w   c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57   245,248   ----a-w   c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12   361,600   ----a-w   c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27   225,856   ----a-w   c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03   138,496   ----a-w   c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05   147,968   ----a-w   c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05   245,248   ----a-w   c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02   361,600   ----a-w   c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44   225,856   ----a-w   c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18   755,576   ----a-w   c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19   382,840   ----a-w   c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:00   331,776   ----a-w   c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:33:02   331,776   ----a-w   c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:38:05   331,776   ----a-w   c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:18:51   17,272   ----a-w   c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:18:51   231,288   ----a-w   c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:18:51   26,488   ----a-w   c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:28:00   74,240   ----a-w   c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16   74,240   ----a-w   c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10   74,240   ----a-w   c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:01:38   124,928   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 16:01:38   347,136   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:01:39   214,528   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 16:01:39   132,608   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 16:01:39   63,488   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18   70,656   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 16:01:39   153,088   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 16:01:39   230,400   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53   161,792   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38   2,455,488   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 16:01:40   383,488   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 16:01:40   388,608   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 16:01:43   6,068,736   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 16:01:43   44,544   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 16:01:44   267,776   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18   13,824   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52   625,664   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 16:01:46   27,648   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 16:01:46   459,264   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 16:01:46   52,224   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 16:01:49   3,594,240   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 16:01:49   477,696   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 16:01:49   193,024   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 16:01:50   671,232   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 16:01:50   102,912   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 16:01:50   44,544   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 16:01:50   105,984   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 16:01:51   1,162,752   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 16:01:51   233,472   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 16:01:51   827,904   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33   14,048   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:22:39   213,216   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:22:31   22,752   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56   716,000   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-08-26 09:08:35   124,928   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:08:36   347,136   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:08:36   214,528   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:08:36   132,608   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:08:36   63,488   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21   70,656   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:08:36   153,088   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:08:36   230,400   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50   161,792   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38   2,455,488   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:08:36   380,928   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:08:37   388,608   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 17:26:50   6,068,224   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:08:39   44,544   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:08:39   267,776   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21   13,824   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16   635,848   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:08:40   27,648   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:08:40   459,264   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:08:40   52,224   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:08:43   3,594,752   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:08:43   477,696   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:08:44   193,024   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:08:44   671,232   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:08:44   102,912   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:08:44   44,544   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:08:44   105,984   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:08:45   1,162,752   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:08:45   233,472   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:08:45   827,904   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36   14,048   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:22:41   213,216   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:22:34   22,752   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59   716,000   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:23:51   371,424   ----a-w   c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2006-05-25 15:29:04   213,216   -c----w   c:\windows\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe
+ 20
« Last Edit: November 03, 2008, 11:38:14 PM by Chuck Norris »
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer has been running very slow/a lot of popups.
« Reply #6 on: November 04, 2008, 12:36:02 AM »
Good work, I see you got ComboFix running properly

Can you now do the following
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
       
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
       
  • Make sure that everything is checked, and click Remove Selected.
        * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
       
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

In addition, can you post a fresh Hijackthis log
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #7 on: November 04, 2008, 11:09:26 PM »
"The scan may take some time to finish,so please be patient."
Yea, almost 5hours. But here it it anyways.

Malwarebytes' Anti-Malware 1.30
Database version: 1366
Windows 5.1.2600 Service Pack 2

11/4/2008 9:58:41 PM
mbam-log-2008-11-04 (21-58-41).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|H:\|I:\|J:\|)
Objects scanned: 157962
Time elapsed: 4 hour(s), 57 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 22
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 326

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f80c1d93-0d22-436e-963e-9d3156997a4e} (Adware.Accoona) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1da5bb55-340a-4bba-83f1-bd82a4372f1d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.100;85.255.112.217 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{cd373ffa-9cbf-48e3-a726-ddb2b3b9e9dd}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.100;85.255.112.217 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{cd373ffa-9cbf-48e3-a726-ddb2b3b9e9dd}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.100;85.255.112.217 -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ssqQjKBu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ddcBRhiF.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ddcBSJbc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\nnnllJCS.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\efcaWomM.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\efcCspNf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\efcDWOHw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\fccdbCRi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\wvUkLCts.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\xxyvwVNd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\xxyvwXQG.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\cbXPgdEv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\cbXPheeD.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\cbXQjgHB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\geBqRlIY.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\hgGvtUOF.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\hgGwUmmn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\hgGxULdD.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\hgGxUOhf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkkICrPj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\tuvTlmND.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\urqNHXrO.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\urqOIbBr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\vtUnnlIA.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\awtsPHbY.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\pmnkKdDU.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\pmnmkijI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\pmnmnKDV.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\khfGwUmn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ljJARkHb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ljJYqrqR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\qoMcayVN.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\qoMfgGwU.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\rqRIaXQj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\rqRKBUKC.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\opnkkkkk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\opnmLbaW.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\2I1XRMA4\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\2I1XRMA4\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\2I1XRMA4\nd82m0[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\2I1XRMA4\nd82m0[3] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\2I1XRMA4\cntr[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\BDSP0H36\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\REZIW9HV\is167398[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\REZIW9HV\cntr[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\REZIW9HV\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\REZIW9HV\upd105320[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\REZIW9HV\4l1gd[1].dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\XKYDVGNX\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\XKYDVGNX\is167464[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\XKYDVGNX\is167398_2[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\XKYDVGNX\is167464[3].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\gina\Local Settings\Temporary Internet Files\Content.IE5\QRKP896P\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\gina\Local Settings\Temporary Internet Files\Content.IE5\QRKP896P\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\gina\Local Settings\Temporary Internet Files\Content.IE5\SJ2L052V\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\gina\Local Settings\Temporary Internet Files\Content.IE5\SJ2L052V\is167464[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\gina\Local Settings\Temporary Internet Files\Content.IE5\YDOT8R01\is167464[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\Internet Explorer\msimg32.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3BROVLY.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3DTACTL.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3HISTSW.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3POPSWT.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3REPROX.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3RESTUB.DLL.vir (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3SCHMON.EXE.vir (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3SHLLVW.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3MSG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\awtRHBTl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\awtrPhIA.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\btahguls.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\byXNhhHW.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\byXOhGXP.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\byXopQJA.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\cbXPjHAs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\cewyehjk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\cfjtipxl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\cknhtipf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\cspltlxi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ddcYpoME.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ddcYrQhi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ddmxgwti.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\diwqaabw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\dkkxstpa.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\dnvfgtox.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\dvpfimdl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\dxalmg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\efcYOfeD.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\enotlbvx.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ersnunbg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\eyaecn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\faheve.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\fccdddDv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\fgonql.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\fjfmny.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\fsclublo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\gbvoiniu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\gyvmpvep.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\hhsmip.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\hzlhzs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\iifcBqnN.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\iifebBuT.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\irurvagy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ixtmns.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\iykwwnyt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\iyxxflpy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\jcdfanyc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\jkkHAqNE.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\jkkHAqnl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\johulxnf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\kerrqr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\khfcbBuT.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\khfGxYRk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\lbtvfubc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\llpfpa.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\lyjbko.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\mlJDvUlk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\mmiske.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\nnjqab.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\nucmcosl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\nvknetdn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\opnooPFw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\oqwljmrq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\otfzje.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\otnaig.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\outgwv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\pmnoLcBu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\pnvhhrqd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\puegab.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\qoMeFuvw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\qumnuv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\qwetem.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\rqRIxvsp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\slfcmk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\srapdrpi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ssqOfCTl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ssqPiifg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\teccmfdc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\tmqwaj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\tuvTkkkh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\tyihoawd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\uyfdenim.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\vrsfaatk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\vtUopQHA.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\wnblsp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\wrmpjlaw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\xmxrcffg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\xrsmngfu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\xxyvstst.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\yayaAqOG.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\yayxutrs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ydqmwl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\ymyaic.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\zxoaiv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP929\A0324774.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP929\A0324775.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP937\A0330015.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP937\A0330022.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP937\A0330024.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330168.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330169.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330170.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330171.DLL (Adware.AskSBAR) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330173.dll (Adware.AskSBAR) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330174.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330175.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330192.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330193.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330194.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330195.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330196.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330197.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330198.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330199.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330200.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330201.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330202.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330203.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330205.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330206.EXE (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330207.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330208.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330209.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330211.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330212.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330213.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330214.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330216.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330217.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330218.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330219.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330220.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330221.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330223.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330224.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330225.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330226.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330234.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330237.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330242.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330244.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330245.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330246.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330249.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330251.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330253.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330255.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330256.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330257.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330258.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330260.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330261.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330262.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330264.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330265.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330266.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330267.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330269.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330270.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330274.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330204.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330222.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330241.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330259.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330311.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330347.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330278.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330279.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330280.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330281.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330283.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330284.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330285.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330287.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330288.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330289.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330292.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330293.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330294.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330296.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330298.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330299.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330301.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330302.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330304.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330306.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330307.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330310.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330312.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330313.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330314.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330315.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330316.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330317.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330320.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330322.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330323.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330327.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330328.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330330.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330331.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330332.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330333.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330334.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330335.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330336.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330340.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330341.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330342.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330345.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330346.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330349.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330350.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330351.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330352.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330353.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330355.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP941\A0330357.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330582.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330581.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330584.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330585.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330586.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330587.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330588.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330590.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2466A83D-1B81-456E-9766-38C2B7E48210}\RP942\A0330592.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qlmpitqw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lisebgwl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oknuqtff.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntxqfoxt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rerhxfxt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrvxqopa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rytrevdh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vnexenor.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwnsjbqj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xgxkudiw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tywrvlhr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uctxxwqf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uiarvkpr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ymbrtueo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\sysinf_32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
« Last Edit: November 04, 2008, 11:12:57 PM by Chuck Norris »
Logged

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #8 on: November 04, 2008, 11:11:15 PM »
And here is the new "HijackThis" log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:10:48 PM, on 11/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\update\update.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?linkid=54834
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O20 - AppInit_DLLs: tmqwaj.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 8916 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer has been running very slow/a lot of popups.
« Reply #9 on: November 04, 2008, 11:20:05 PM »
Quote
Yea, almost 4hours of time. But here it it anyways.
That is a bit amount of time, typically the full scan takes about an hour or so
Normally, you would just have to do a Quick scan, which won't take near that amount of time

But for now, to see what we're left with
Can you do one more step
Delete your copy of ComboFix from desktop

Temporarily disable your Anti-Virus software

Then, REDownload this file - Combofix.exe and save it ONLY to your desktop
We'll need it in a bit

Do a "System scan only" with Hijackthis and put a check next to these entries:

O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O20 - AppInit_DLLs: tmqwaj.dll


After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis


Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
By default it will save a copy to C:\Combofix.txt
I'll need to see this log later
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post the log from ComboFix and include a fresh Hijackthis log
Let me know how things are now running
« Last Edit: November 04, 2008, 11:21:12 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #10 on: November 05, 2008, 09:13:28 AM »
Deleted the three checked items, here is the "ComboFix" log.

ComboFix 08-11-04.02 - Garrett's Account 2008-11-04 22:33:41.7 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.512 [GMT -6:00]
Running from: c:\documents and settings\Garrett's Account\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\_004292_.tmp.dll
c:\windows\system32\_004293_.tmp.dll
c:\windows\system32\_004294_.tmp.dll
c:\windows\system32\_004295_.tmp.dll
c:\windows\system32\_004302_.tmp.dll
c:\windows\system32\_004303_.tmp.dll
c:\windows\system32\_004304_.tmp.dll
c:\windows\system32\_004305_.tmp.dll
c:\windows\system32\_004307_.tmp.dll
c:\windows\system32\_004308_.tmp.dll
c:\windows\system32\_004311_.tmp.dll
c:\windows\system32\_004312_.tmp.dll
c:\windows\system32\_004314_.tmp.dll
c:\windows\system32\_004315_.tmp.dll
c:\windows\system32\_004316_.tmp.dll
c:\windows\system32\_004318_.tmp.dll
c:\windows\system32\_004321_.tmp.dll
c:\windows\system32\_004322_.tmp.dll
c:\windows\system32\_004326_.tmp.dll
c:\windows\system32\_004327_.tmp.dll
c:\windows\system32\_004329_.tmp.dll
c:\windows\system32\_004332_.tmp.dll
c:\windows\system32\_004334_.tmp.dll
c:\windows\system32\_004335_.tmp.dll
c:\windows\system32\_004336_.tmp.dll
c:\windows\system32\_004337_.tmp.dll
c:\windows\system32\_004338_.tmp.dll
c:\windows\system32\_004341_.tmp.dll
c:\windows\system32\_004342_.tmp.dll
c:\windows\system32\_004343_.tmp.dll
c:\windows\system32\_004344_.tmp.dll
c:\windows\system32\_004345_.tmp.dll
c:\windows\system32\_004350_.tmp.dll
c:\windows\system32\_004352_.tmp.dll

.
(((((((((((((((((((((((((   Files Created from 2008-10-05 to 2008-11-05  )))))))))))))))))))))))))))))))
.

2008-11-04 22:39 . 2008-11-04 22:39   <DIR>   d--------   c:\windows\LastGood
2008-11-04 22:38 . 2008-11-04 22:38   2,763   --a------   c:\windows\system32\spupdsvc.inf
2008-11-04 22:26 . 2008-11-04 22:26   <DIR>   d--------   c:\windows\system32\scripting
2008-11-04 22:26 . 2008-11-04 22:26   <DIR>   d--------   c:\windows\system32\en
2008-11-04 22:26 . 2008-11-04 22:26   <DIR>   d--------   c:\windows\system32\bits
2008-11-04 22:26 . 2008-11-04 22:26   <DIR>   d--------   c:\windows\l2schemas
2008-11-04 22:22 . 2008-11-04 22:26   <DIR>   d--------   c:\windows\ServicePackFiles
2008-11-04 22:13 . 2008-11-04 22:13   <DIR>   d--------   c:\windows\EHome
2008-11-04 16:23 . 2008-11-04 16:23   <DIR>   d--------   c:\program files\Malwarebytes' Anti-Malware
2008-11-04 16:23 . 2008-11-04 16:23   <DIR>   d--------   c:\documents and settings\Garrett's Account\Application Data\Malwarebytes
2008-11-04 16:23 . 2008-11-04 16:23   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-04 16:23 . 2008-10-22 16:10   38,496   --a------   c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-04 16:23 . 2008-10-22 16:10   15,504   --a------   c:\windows\system32\drivers\mbam.sys
2008-11-03 19:52 . 2008-11-03 19:52   172   --ah-----   C:\sqmnoopt02.sqm
2008-11-03 19:52 . 2008-11-03 19:52   172   --ah-----   C:\sqmdata02.sqm
2008-11-02 19:14 . 2008-11-03 05:21   98,410   --a------   c:\windows\webconfig32.exe
2008-11-02 12:31 . 2008-11-02 12:31   <DIR>   d--------   c:\program files\Sun
2008-11-01 16:41 . 2008-11-01 16:41   268   --ah-----   C:\sqmdata01.sqm
2008-11-01 16:41 . 2008-11-01 16:41   244   --ah-----   C:\sqmnoopt01.sqm
2008-11-01 14:18 . 2008-11-01 14:18   244   --ah-----   C:\sqmnoopt00.sqm
2008-11-01 14:18 . 2008-11-01 14:18   232   --ah-----   C:\sqmdata00.sqm
2008-10-29 04:22 . 2008-10-29 04:22   68,608   ---------   c:\windows\system32\tlxedicb.dll
2008-10-21 18:54 . 2008-10-31 20:44   30   --a------   c:\documents and settings\Garrett's Account\jagex_runescape_preferences.dat
2008-10-20 16:58 . 2008-10-20 17:06   49,714   --a------   c:\documents and settings\Garrett's Account\javamon.exe

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-05 04:29   45,056   ----a-w   c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2008-11-05 04:29   44,032   ----a-w   c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2008-11-02 23:57   ---------   d-----w   c:\program files\Canon
2008-11-02 18:56   ---------   d--h--w   c:\program files\InstallShield Installation Information
2008-11-02 18:30   ---------   d-----w   c:\program files\Java
2008-10-03 17:41   6,066,176   ----a-w   c:\windows\system32\dllcache\ieframe.dll
2008-10-01 22:36   ---------   d-----w   c:\documents and settings\Garrett's Account\Application Data\FrostWire
2008-09-21 05:23   ---------   d-----w   c:\program files\SwiftKit
2008-09-21 05:19   ---------   d-----w   c:\documents and settings\All Users\Application Data\SwiftKit
2008-09-08 21:02   ---------   d-----w   c:\program files\Moyea
2008-08-27 08:24   3,593,216   ----a-w   c:\windows\system32\dllcache\mshtml.dll
2008-08-25 08:38   13,824   ----a-w   c:\windows\system32\dllcache\ieudinit.exe
2008-08-25 08:37   70,656   ----a-w   c:\windows\system32\dllcache\ie4uinit.exe
2008-08-23 05:56   635,848   ----a-w   c:\windows\system32\dllcache\iexplore.exe
2008-08-23 05:54   161,792   ----a-w   c:\windows\system32\dllcache\ieakui.dll
2003-03-18 01:27   307,904   -c--a-w   c:\windows\inf\wg311nd5.sys
.

------- Sigcheck -------

2005-03-02 12:19  577024  1800f293bccc8ede8a70e12b88d80036   c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 09:48  578048  7aa4f6c00405dfc4b70ed4214e7d687b   c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
2007-03-08 09:36  577536  b409909f6e2e8a7067076ed748abf1e7   c:\windows\$NtServicePackUninstall$\user32.dll
2004-08-04 06:00  577024  c72661f8552ace7c5c85e16a3cf505c4   c:\windows\$NtUninstallKB890859$\user32.dll
2005-03-02 12:09  577024  de2db164bbb35db061af0997e4499054   c:\windows\$NtUninstallKB925902$\user32.dll
2008-04-13 18:12  578560  b26b135ff1b9f60c9388b4a7d16f600b   c:\windows\ServicePackFiles\i386\user32.dll
2008-04-13 18:12  578560  b26b135ff1b9f60c9388b4a7d16f600b   c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\user32.dll
2007-03-08 09:36  577536  b409909f6e2e8a7067076ed748abf1e7   c:\windows\system32\user32.dll

2007-06-13 04:23  1033216  97bd6515465659ff8f3b7be375b2ea87   c:\windows\explorer.exe
2007-06-13 05:26  1033216  7712df0cdde3a5ac89843e61cd5b3658   c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 04:23  1033216  97bd6515465659ff8f3b7be375b2ea87   c:\windows\$NtServicePackUninstall$\explorer.exe
2004-08-04 06:00  1032192  a0732187050030ae399b241436565e64   c:\windows\$NtUninstallKB938828$\explorer.exe
2008-04-13 18:12  1033728  12896823fb95bfb3dc9b46bcaedc9923   c:\windows\ServicePackFiles\i386\explorer.exe
2008-04-13 18:12  1033728  12896823fb95bfb3dc9b46bcaedc9923   c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe

2005-06-10 18:17  57856  ad3d9d191aea7b5445fe1d82ffbb4788   c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2005-06-10 17:53  57856  da81ec57acd4cdc3d4c51cf3d409af9f   c:\windows\$NtServicePackUninstall$\spoolsv.exe
2004-08-04 06:00  57856  7435b108b935e42ea92ca94f59c8e717   c:\windows\$NtUninstallKB896423$\spoolsv.exe
2008-04-13 18:12  57856  d8e14a61acc1d4a6cd0d38aebac7fa3b   c:\windows\ServicePackFiles\i386\spoolsv.exe
2008-04-13 18:12  57856  d8e14a61acc1d4a6cd0d38aebac7fa3b   c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\spoolsv.exe
2005-06-10 17:53  57856  da81ec57acd4cdc3d4c51cf3d409af9f   c:\windows\system32\spoolsv.exe
.
(((((((((((((((((((((((((((((   snapshot_2008-11-03_22.29.44.17   )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB938464_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22   382,840   -c----w   c:\windows\$NtUninstallKB938464_0$\spuninst\updspapi.dll
- 2004-08-04 12:00:00   34,816   -c--a-w   c:\windows\Help\sniffpol.dll
+ 2008-04-14 00:12:06   34,816   ----a-w   c:\windows\Help\sniffpol.dll
- 2004-08-04 12:00:00   33,280   -c--a-w   c:\windows\Help\sstub.dll
+ 2008-04-14 00:12:07   33,280   ----a-w   c:\windows\Help\sstub.dll
- 2004-08-04 12:00:00   279,040   -c--a-w   c:\windows\Help\tshoot.dll
+ 2008-04-14 00:12:07   279,040   ----a-w   c:\windows\Help\tshoot.dll
- 2005-05-26 23:22:01   10,752   -c--a-w   c:\windows\hh.exe
+ 2008-04-14 00:12:21   10,752   ----a-w   c:\windows\hh.exe
- 2004-08-04 12:00:00   220,160   -c--a-w   c:\windows\ime\mscandui.dll
+ 2008-04-14 00:11:58   220,160   ----a-w   c:\windows\ime\mscandui.dll
- 2004-08-04 12:00:00   130,048   -c--a-w   c:\windows\ime\SOFTKBD.DLL
+ 2008-04-14 00:12:06   130,048   ----a-w   c:\windows\ime\softkbd.dll
- 2004-08-04 12:00:00   62,976   -c--a-w   c:\windows\ime\SPGRMR.dll
+ 2008-04-13 16:43:18   62,976   ----a-w   c:\windows\ime\spgrmr.dll
- 2004-08-04 12:00:00   250,880   ----a-w   c:\windows\ime\SPTIP.dll
+ 2008-04-14 00:12:06   250,368   ----a-w   c:\windows\ime\sptip.dll
+ 2008-01-18 15:13:09   2,247   ------w   c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51   18,917   ------w   c:\windows\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46   13,801   ------w   c:\windows\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 00:11:31   25,600   ------w   c:\windows\Installer\tsclientmsitrans\tscupdc.dll
- 2004-08-04 12:00:00   24,064   -c--a-w   c:\windows\msagent\agentanm.dll
+ 2008-04-14 00:11:48   24,064   ----a-w   c:\windows\msagent\agentanm.dll
- 2004-08-04 12:00:00   214,016   -c--a-w   c:\windows\msagent\agentctl.dll
+ 2008-04-14 00:11:48   214,016   ----a-w   c:\windows\msagent\agentctl.dll
- 2006-10-12 14:02:52   42,496   ----a-w   c:\windows\msagent\agentdp2.dll
+ 2008-04-14 00:11:48   42,496   ----a-w   c:\windows\msagent\agentdp2.dll
- 2007-03-09 13:46:24   57,344   ----a-w   c:\windows\msagent\agentdpv.dll
+ 2008-04-14 00:11:48   57,344   ----a-w   c:\windows\msagent\agentdpv.dll
- 2004-08-04 12:00:00   49,152   -c--a-w   c:\windows\msagent\agentmpx.dll
+ 2008-04-14 00:11:48   49,152   ----a-w   c:\windows\msagent\agentmpx.dll
- 2004-08-04 12:00:00   24,064   -c--a-w   c:\windows\msagent\agentpsh.dll
+ 2008-04-14 00:11:48   24,064   ----a-w   c:\windows\msagent\agentpsh.dll
- 2004-08-04 12:00:00   44,032   -c--a-w   c:\windows\msagent\agentsr.dll
+ 2008-04-14 00:11:48   44,032   ----a-w   c:\windows\msagent\agentsr.dll
- 2006-10-12 11:09:53   256,512   ----a-w   c:\windows\msagent\agentsvr.exe
+ 2008-04-14 00:12:12   256,512   ----a-w   c:\windows\msagent\agentsvr.exe
- 2004-08-04 12:00:00   24,064   -c--a-w   c:\windows\msagent\agtintl.dll
+ 2008-04-14 00:11:49   24,064   ----a-w   c:\windows\msagent\agtintl.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59   19,456   ----a-w   c:\windows\msagent\intl\agt0405.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59   19,456   ----a-w   c:\windows\msagent\intl\agt0406.dll
- 2004-08-04 12:00:00   21,504   -c--a-w   c:\windows\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00   21,504   ----a-w   c:\windows\msagent\intl\agt0407.dll
- 2004-08-04 12:00:00   22,016   -c--a-w   c:\windows\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00   22,016   ----a-w   c:\windows\msagent\intl\agt0408.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28   19,968   ----a-w   c:\windows\msagent\intl\agt0409.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00   19,456   ----a-w   c:\windows\msagent\intl\agt040b.dll
- 2004-08-04 12:00:00   21,504   -c--a-w   c:\windows\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00   21,504   ----a-w   c:\windows\msagent\intl\agt040c.dll
- 2004-08-04 12:00:00   19,968   -c--a-w   c:\windows\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00   19,968   ----a-w   c:\windows\msagent\intl\agt040e.dll
- 2004-08-04 12:00:00   20,992   -c--a-w   c:\windows\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00   20,992   ----a-w   c:\windows\msagent\intl\agt0410.dll
- 2004-08-04 12:00:00   20,992   -c--a-w   c:\windows\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01   20,992   ----a-w   c:\windows\msagent\intl\agt0413.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01   19,456   ----a-w   c:\windows\msagent\intl\agt0414.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01   19,456   ----a-w   c:\windows\msagent\intl\agt0415.dll
- 2004-08-04 12:00:00   20,480   -c--a-w   c:\windows\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01   20,480   ----a-w   c:\windows\msagent\intl\agt0416.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01   19,456   ----a-w   c:\windows\msagent\intl\agt0419.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01   19,456   ----a-w   c:\windows\msagent\intl\agt041d.dll
- 2004-08-04 12:00:00   19,456   -c--a-w   c:\windows\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01   19,456   ----a-w   c:\windows\msagent\intl\agt041f.dll
- 2004-08-04 12:00:00   20,992   -c--a-w   c:\windows\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02   20,992   ----a-w   c:\windows\msagent\intl\agt0816.dll
- 2004-08-04 12:00:00   20,480   -c--a-w   c:\windows\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02   20,480   ----a-w   c:\windows\msagent\intl\agt0c0a.dll
- 2004-08-04 12:00:00   39,936   -c--a-w   c:\windows\msagent\mslwvtts.dll
+ 2008-04-14 00:12:00   39,936   ----a-w   c:\windows\msagent\mslwvtts.dll
- 2006-06-03 11:40:49   33,792   ------w   c:\windows\network diagnostic\custsat.dll
+ 2008-04-14 00:11:51   33,792   ------w   c:\windows\network diagnostic\custsat.dll
- 2006-10-10 12:44:50   557,568   ------w   c:\windows\network diagnostic\xpnetdiag.exe
+ 2008-04-13 18:53:32   558,080   ------w   c:\windows\network diagnostic\xpnetdiag.exe
- 2004-08-04 12:00:00   69,120   -c--a-w   c:\windows\NOTEPAD.EXE
+ 2008-04-14 00:12:29   69,120   ----a-w   c:\windows\notepad.exe
- 2004-08-04 12:00:00   768,512   -c--a-w   c:\windows\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 00:12:21   769,024   ----a-w   c:\windows\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-04 12:00:00   743,936   ----a-w   c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 00:12:21   744,448   ----a-w   c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-04 12:00:00   18,944   -c--a-w   c:\windows\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 00:12:21   18,432   ----a-w   c:\windows\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-04 12:00:00   158,208   -c--a-w   c:\windows\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 00:12:27   169,984   ----a-w   c:\windows\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-04 12:00:00   376,320   -c--a-w   c:\windows\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 00:11:59   376,832   ----a-w   c:\windows\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-04 12:00:00   102,400   -c--a-w   c:\windows\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 00:12:02   102,912   ----a-w   c:\windows\pchealth\helpctr\binaries\pchshell.dll
- 2005-05-07 05:32:10   83,187   -c--a-w   c:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2008-11-05 04:31:21   83,187   ----a-w   c:\windows\pchealth\helpctr\OfflineCache\index.dat
- 2005-05-07 05:32:10   6,958   ----a-w   c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-11-05 04:31:21   7,328   ----a-w   c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-04 12:00:00   150,528   -c--a-w   c:\windows\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 00:12:38   150,528   ----a-w   c:\windows\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-04 12:00:00   151,552   -c--a-w   c:\windows\PeerNet\sqldb20.dll
+ 2008-04-14 00:12:06   151,552   ----a-w   c:\windows\PeerNet\sqldb20.dll
- 2004-08-04 12:00:00   462,848   -c--a-w   c:\windows\PeerNet\sqlqp20.dll
+ 2008-04-14 00:12:06   462,848   ----a-w   c:\windows\PeerNet\sqlqp20.dll
- 2004-08-04 12:00:00   110,592   -c--a-w   c:\windows\PeerNet\sqlse20.dll
+ 2008-04-14 00:12:06   110,592   ----a-w   c:\windows\PeerNet\sqlse20.dll
- 2004-08-04 18:00:00   146,432   ----a-w   c:\windows\regedit.exe
+ 2008-04-14 00:12:32   146,432   ----a-w   c:\windows\regedit.exe
+ 2008-04-13 18:46:18   53,376   ------w   c:\windows\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50   12,288   ------w   c:\windows\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20   48,128   ------w   c:\windows\ServicePackFiles\i386\61883.sys
+ 2008-04-14 00:11:48   100,352   ------w   c:\windows\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 00:11:48   136,192   ------w   c:\windows\ServicePackFiles\i386\aaclient.dll
+ 2004-08-04 03:32:22   231,552   ------w   c:\windows\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-04 03:32:32   84,480   ------w   c:\windows\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 00:11:48   39,424   ------w   c:\windows\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 00:12:11   184,320   ------w   c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 00:11:48   1,852,928   ------w   c:\windows\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 00:11:48   451,072   ------w   c:\windows\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 00:11:48   141,312   ------w   c:\windows\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 00:11:48   115,712   ------w   c:\windows\ServicePackFiles\i386\aclui.dll
+ 2008-04-13 18:36:35   187,776   ------w   c:\windows\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 00:11:48   245,248   ------w   c:\windows\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 00:11:48   193,536   ------w   c:\windows\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 00:12:12   4,096   ------w   c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 00:11:48   98,304   ------w   c:\windows\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 00:11:48   116,224   ------w   c:\windows\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 00:11:48   20,540   ------w   c:\windows\ServicePackFiles\i386\admin.dll
+ 2008-04-14 00:12:12   16,439   ------w   c:\windows\ServicePackFiles\i386\admin.exe
+ 2004-08-04 03:32:24   10,880   ------w   c:\windows\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 00:11:48   61,440   ------w   c:\windows\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 00:11:48   175,616   ------w   c:\windows\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 00:11:48   143,360   ------w   c:\windows\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 00:11:48   68,096   ------w   c:\windows\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 00:11:48   263,680   ------w   c:\windows\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 00:11:48   4,255   ------w   c:\windows\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 00:11:48   3,967   ------w   c:\windows\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 00:11:48   3,615   ------w   c:\windows\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 00:11:48   3,647   ------w   c:\windows\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 00:11:48   3,135   ------w   c:\windows\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 00:11:48   3,711   ------w   c:\windows\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 00:11:48   3,775   ------w   c:\windows\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 00:11:48   617,472   ------w   c:\windows\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 00:11:48   99,840   ------w   c:\windows\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23   142,592   ------w   c:\windows\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23   138,112   ------w   c:\windows\ServicePackFiles\i386\afd.sys
+ 2008-04-14 00:11:48   24,064   ------w   c:\windows\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 00:11:48   214,016   ------w   c:\windows\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 00:11:48   42,496   ------w   c:\windows\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 00:11:48   57,344   ------w   c:\windows\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 00:11:48   49,152   ------w   c:\windows\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 00:11:48   24,064   ------w   c:\windows\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 00:11:48   44,032   ------w   c:\windows\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 00:12:12   256,512   ------w   c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38   42,368   ------w   c:\windows\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39   44,928   ------w   c:\windows\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00   21,504   ------w   c:\windows\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00   22,016   ------w   c:\windows\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28   19,968   ------w   c:\windows\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00   19,456   ------w   c:\windows\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00   21,504   ------w   c:\windows\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00   19,456   ------w   c:\windows\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00   19,968   ------w   c:\windows\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00   20,992   ------w   c:\windows\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01   20,992   ------w   c:\windows\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01   20,480   ------w   c:\windows\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01   19,456   ------w   c:\windows\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01   19,456   ------w   c:\windows\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02   19,456   ------w   c:\windows\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02   20,992   ------w   c:\windows\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02   20,480   ------w   c:\windows\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 00:11:49   24,064   ------w   c:\windows\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 00:12:12   98,304   ------w   c:\windows\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 00:12:12   44,544   ------w   c:\windows\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38   42,752   ------w   c:\windows\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 00:11:49   17,408   ------w   c:\windows\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39   43,008   ------w   c:\windows\ServicePackFiles\i386\amdagp.sys
+ 2008-04-13 18:31:32   37,376   ------w   c:\windows\ServicePackFiles\i386\amdk6.sys
+ 2008-04-13 18:31:33   37,760   ------w   c:\windows\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 00:11:49   70,656   ------w   c:\windows\ServicePackFiles\i386\amstream.dll
+ 2004-08-04 03:31:20   36,224   ------w   c:\windows\ServicePackFiles\i386\an983.sys
+ 2008-04-14 00:11:49   125,952   ------w   c:\windows\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 00:11:49   331,264   ------w   c:\windows\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25   60,800   ------w   c:\windows\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 00:11:49   65,024   ------w   c:\windows\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27   14,336   ------w   c:\windows\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 00:12:12   25,088   ------w   c:\windows\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30   96,512   ------w   c:\windows\ServicePackFiles\i386\atapi.sys
+ 2004-08-04 03:29:30   56,623   ------w   c:\windows\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-04 03:29:30   11,615   ------w   c:\windows\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-04 03:29:30   12,047   ------w   c:\windows\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-04 03:29:32   30,671   ------w   c:\windows\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-04 03:29:32   63,663   ------w   c:\windows\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-04 03:29:32   26,367   ------w   c:\windows\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-04 03:29:32   21,343   ------w   c:\windows\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-04 03:29:32   36,463   ------w   c:\windows\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-04 03:29:32   29,455   ------w   c:\windows\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-04 03:29:32   34,735   ------w   c:\windows\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 00:11:49   229,376   ------w   c:\windows\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 00:11:49   377,984   ------w   c:\windows\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 00:11:49   201,728   ------w   c:\windows\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-04 03:29:28   327,040   ------w   c:\windows\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-04 03:29:28   701,440   ------w   c:\windows\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 00:11:49   870,784   ------w   c:\windows\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 00:11:49   1,057,760   ------w   c:\windows\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 00:11:50   1,888,992   ------w   c:\windows\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-04 03:29:28   57,856   ------w   c:\windows\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-04 03:29:30   13,824   ------w   c:\windows\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-04 03:29:30   14,336   ------w   c:\windows\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-04 03:29:30   52,224   ------w   c:\windows\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-04 03:29:32   104,960   ------w   c:\windows\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-04 03:29:32   28,672   ------w   c:\windows\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-04 03:29:32   13,824   ------w   c:\windows\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-04 03:29:32   73,216   ------w   c:\windows\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-04 03:29:32   31,744   ------w   c:\windows\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-04 03:29:32   63,488   ------w   c:\windows\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 00:11:50   32,768   ------w   c:\windows\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 00:11:50   516,768   ------w   c:\windows\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 00:11:50   58,880   ------w   c:\windows\ServicePackFiles\i386\atl.dll
+ 2008-04-14 00:12:12   11,264   ------w   c:\windows\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25   59,904   ------w   c:\windows\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 00:09:01   285,696   ------w   c:\windows\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30   55,808   ------w   c:\windows\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 00:11:50   30,208   ------w   c:\windows\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 00:12:12   12,288   ------w   c:\windows\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 00:11:50   21,183   ------w   c:\windows\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 00:11:50   11,359   ------w   c:\windows\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 00:11:50   25,471   ------w   c:\windows\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 00:11:50   14,143   ------w   c:\windows\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 00:11:50   17,279   ------w   c:\windows\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 00:11:50   42,496   ------w   c:\windows\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 00:12:12   14,336   ------w   c:\windows\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 00:11:50   20,540   ------w   c:\windows\ServicePackFiles\i386\author.dll
+ 2008-04-14 00:12:12   16,439   ------w   c:\windows\ServicePackFiles\i386\author.exe
+ 2008-04-14 00:11:50   62,464   ------w   c:\windows\ServicePackFiles\i386\authz.dll
+ 2008-04-14 00:12:12   588,800   ------w   c:\windows\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 00:12:12   602,624   ------w   c:\windows\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 00:12:13   580,608   ------w   c:\windows\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 00:12:13   11,264   ------w   c:\windows\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20   38,912   ------w   c:\windows\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07   13,696   ------w   c:\windows\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 00:11:50   84,992   ------w   c:\windows\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 00:11:50   233,472   ------w   c:\windows\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 00:11:50   52,736   ------w   c:\windows\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 00:11:50   29,184   ------w   c:\windows\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 00:11:50   8,704   ------w   c:\windows\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32   14,208   ------w   c:\windows\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21   11,776   ------w   c:\windows\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 00:11:50   17,408   ------w   c:\windows\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 00:11:50   8,192   ------w   c:\windows\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 00:11:50   7,168   ------w   c:\windows\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 00:11:50   7,168   ------w   c:\windows\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 00:12:13   71,680   ------w   c:\windows\ServicePackFiles\i386\blastcln.exe
+ 2008-04-13 18:53:23   71,552   ------w   c:\windows\ServicePackFiles\i386\bridge.sys
+ 2008-04-13 17:03:24   63,488   ------w   c:\windows\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 00:11:50   77,824   ------w   c:\windows\ServicePackFiles\i386\browser.dll
+ 2008-04-14 00:11:50   1,025,024   ------w   c:\windows\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 00:11:50   78,336   ------w   c:\windows\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 00:11:50   20,992   ------w   c:\windows\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33   17,024   ------w   c:\windows\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33   37,888   ------w   c:\windows\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34   101,120   ------w   c:\windows\ServicePackFiles\i386\bthpan.sys
+ 2008-04-13 18:46:32   273,024   ------w   c:\windows\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31   36,480   ------w   c:\windows\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 00:11:50   30,208   ------w   c:\windows\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29   18,944   ------w   c:\windows\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 00:11:50   50,688   ------w   c:\windows\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 00:11:50   218,112   ------w   c:\windows\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 00:11:50   60,416   ------w   c:\windows\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 00:11:50   84,480   ------w   c:\windows\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 00:12:13   19,968   ------w   c:\windows\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 00:11:50   385,024   ------w   c:\windows\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 00:11:50   121,856   ------w   c:\windows\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 00:11:50   50,688   ------w   c:\windows\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 00:11:50   150,016   ------w   c:\windows\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 00:11:50   226,304   ------w   c:\windows\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 00:11:50   85,504   ------w   c:\windows\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 00:11:50   625,664   ------w   c:\windows\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23   17,024   ------w   c:\windows\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21   63,744   ------w   c:\windows\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 00:11:50   151,040   ------w   c:\windows\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 00:11:50   66,560   ------w   c:\windows\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 00:11:50   2,091,520   ------w   c:\windows\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46   62,976   ------w   c:\windows\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 00:11:50   194,560   ------w   c:\windows\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 00:11:50   457,728   ------w   c:\windows\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 00:11:50   38,912   ------w   c:\windows\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 00:09:05   16,896   ------w   c:\windows\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 00:12:14   188,480   ------w   c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 00:11:50   15,423   ------w   c:\windows\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58   8,192   ------w   c:\windows\ServicePackFiles\i386\changer.sys
+ 2008-04-14 00:11:50   148,480   ------w   c:\windows\ServicePackFiles\i386\cic.dll
+ 2008-04-14 00:11:50   1,358,848   ------w   c:\windows\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 00:11:50   69,120   ------w   c:\windows\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 00:12:14   5,632   ------w   c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22   49,536   ------w   c:\windows\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 00:11:50   110,592   ------w   c:\windows\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 00:11:50   498,688   ------w   c:\windows\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 00:12:14   64,000   ------w   c:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 00:11:50   77,824   ------w   c:\windows\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 00:12:14   20,480   ------w   c:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 00:12:14   102,912   ------w   c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 00:12:14   33,280   ------w   c:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 00:11:50   58,368   ------w   c:\windows\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37   13,952   ------w   c:\windows\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 00:11:50   15,872   ------w   c:\windows\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 00:12:14   389,120   ------w   c:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 00:11:50   344,064   ------w   c:\windows\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 00:12:14   25,600   ------w   c:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 00:12:15   39,936   ------w   c:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 00:11:50   185,344   ------w   c:\windows\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 00:11:50   13,312   ------w   c:\windows\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 00:12:15   63,488   ------w   c:\windows\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 00:11:50   39,424   ------w   c:\windows\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 00:11:50   47,104   ------w   c:\windows\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 00:11:50   79,360   ------w   c:\windows\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-13 16:44:16   17,920   ------w   c:\windows\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 00:11:51   60,416   ------w   c:\windows\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 00:11:51   28,160   ------w   c:\windows\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 00:11:51   195,072   ------w   c:\windows\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 00:11:51   617,472   ------w   c:\windows\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 00:11:51   276,992   ------w   c:\windows\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 00:11:51   252,928   ------w   c:\windows\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37   10,240   ------w   c:\windows\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 00:11:51   229,376   ------w   c:\windows\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 00:11:51   97,792   ------w   c:\windows\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 00:12:15   9,728   ------w   c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 00:12:15   6,144   ------w   c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 00:11:51   792,064   ------w   c:\windows\ServicePackFiles\i386\comres.dll
+ 2008-04-14 00:11:51   274,944   ------w   c:\windows\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 00:11:51   167,424   ------w   c:\windows\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 00:11:51   1,267,200   ------w   c:\windows\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 00:11:51   539,648   ------w   c:\windows\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 00:12:15   1,032,192   ------w   c:\windows\ServicePackFiles\i386\conf.exe
+ 2008-04-14 00:11:51   45,056   ------w   c:\windows\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 00:11:51   357,888   ------w   c:\windows\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 00:12:15   27,648   ------w   c:\windows\ServicePackFiles\i386\conime.exe
+ 2008-04-14 00:11:51   35,328   ------w   c:\windows\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 00:11:51   12,800   ------w   c:\windows\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 00:11:51   163,840   ------w   c:\windows\ServicePackFiles\i386\credui.dll
+ 2008-04-13 18:31:32   36,736   ------w   c:\windows\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 00:11:51   599,040   ------w   c:\windows\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 00:11:51   74,752   ------w   c:\windows\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 00:11:51   33,280   ------w   c:\windows\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 00:11:51   53,760   ------w   c:\windows\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 00:11:51   64,512   ------w   c:\windows\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 00:11:51   62,464   ------w   c:\windows\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 00:11:51   512,512   ------w   c:\windows\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 00:11:51   101,888   ------w   c:\windows\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 00:12:15   139,264   ------w   c:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 00:11:51   326,656   ------w   c:\windows\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 00:11:51   32,256   ------w   c:\windows\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 00:12:15   6,144   ------w   c:\windows\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 00:12:16   15,360   ------w   c:\windows\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 00:11:51   249,856   ------w   c:\windows\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 00:11:51   33,792   ------w   c:\windows\ServicePackFiles\i386\custsat.dll
+ 2004-08-04 03:32:26   48,640   ------w   c:\windows\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 00:11:51   1,179,648   ------w   c:\windows\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 00:11:51   8,192   ------w   c:\windows\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 00:11:51   1,689,088   ------w   c:\windows\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 00:11:51   824,320   ------w   c:\windows\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 00:11:51   1,054,208   ------w   c:\windows\ServicePackFiles\i386\danim.dll
+ 2008-03-25 04:50:25   554,008   ------w   c:\windows\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 00:11:51   54,272   ------w   c:\windows\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 00:11:51   165,376   ------w   c:\windows\ServicePackFiles\i386\datime.dll
+ 2008-04-14 00:11:51   25,088   ------w   c:\windows\ServicePackFiles\i386\davclnt.dll
+ 2008-04-14 00:11:51   640,000   ------w   c:\windows\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 00:11:51   24,576   ------w   c:\windows\ServicePackFiles\i386\dbmsrpcn.dll
+ 2008-04-14 00:11:51   110,592   ------w   c:\windows\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 00:11:51   28,672   ------w   c:\windows\ServicePackFiles\i386\dbnmpntw.dll
+ 2008-04-14 00:25:26   1,804   ------w   c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:11:51   40,960   ------w   c:\windows\ServicePackFiles\i386\dcap32.dll
+ 2008-04-14 00:11:51   8,704   ------w   c:\windows\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 00:12:16   6,144   ------w   c:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 00:12:16   30,208   ------w   c:\windows\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 00:11:51   279,552   ------w   c:\windows\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 00:11:51   27,136   ------w   c:\windows\ServicePackFiles\i386\ddrawex.dll
+ 2008-04-14 00:12:16   25,088   ------w   c:\windows\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 00:11:51   59,904   ------w   c:\windows\ServicePackFiles\i386\devenum.dll
+ 2008-04-14 00:11:51   282,624   ------w   c:\windows\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 00:12:16   82,944   ------w   c:\windows\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 00:12:16   105,472   ------w   c:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 00:11:51   39,424   ------w   c:\windows\ServicePackFiles\i386\dfrgsnap.dll
+ 2008-04-14 00:11:51   124,416   ------w   c:\windows\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 00:11:51   28,672   ------w   c:\windows\ServicePackFiles\i386\dfsshlex.dll
+ 2008-04-14 00:11:51   111,104   ------w   c:\windows\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 00:11:51   126,976   ------w   c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 00:11:52   379,904   ------w   c:\windows\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 00:11:52   48,640   ------w   c:\windows\ServicePackFiles\i386\dhcpqec.dll
+ 2008-04-14 00:12:17   539,136   ------w   c:\windows\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 00:12:17   87,040   ------w   c:\windows\ServicePackFiles\i386\diantz.exe
+ 2004-08-04 12:00:00   884,712   ------w   c:\windows\ServicePackFiles\i386\digcore.exe
+ 2008-04-14 00:11:52   68,608   ------w   c:\windows\ServicePackFiles\i386\digest.dll
+ 2008-04-14 00:11:52   19,456   ------w   c:\windows\ServicePackFiles\i386\dimsntfy.dll
+ 2008-04-14 00:11:52   39,936   ------w   c:\windows\ServicePackFiles\i386\dimsroam.dll
+ 2008-04-14 00:11:52   158,720   ------w   c:\windows\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 00:11:52   181,760   ------w   c:\windows\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 00:11:52   86,528   ------w   c:\windows\ServicePackFiles\i386\directdb.dll
+ 2008-04-13 18:40:47   36,352   ------w   c:\windows\ServicePackFiles\i386\disk.sys
+ 2008-04-14 00:11:52   1,504,256   ------w   c:\windows\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-13 18:40:44   14,208   ------w   c:\windows\ServicePackFiles\i386\diskdump.sys
+ 2008-04-14 00:12:17   163,840   ------w   c:\windows\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 00:11:52   32,768   ------w   c:\windows\ServicePackFiles\i386\dispex.dll
+ 2008-04-14 00:12:17   5,120   ------w   c:\windows\ServicePackFiles\i386\dllhost.exe
+ 2008-04-13 18:40:51   8,320   ------w   c:\windows\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 00:12:17   224,768   ------w   c:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 00:11:52   28,672   ------w   c:\windows\ServicePackFiles\i386\dmband.dll
+ 2008-04-13 18:44:48   799,744   ------w   c:\windows\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 00:11:52   61,440   ------w   c:\windows\ServicePackFiles\i386\dmcompos.dll
+ 2008-04-14 00:11:52   285,184   ------w   c:\windows\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 00:11:52   200,704   ------w   c:\windows\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 00:11:52   181,248   ------w   c:\windows\ServicePackFiles\i386\dmime.dll
+ 2008-04-13 18:44:46   153,344   ------w   c:\windows\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 00:11:52   35,840   ------w   c:\windows\ServicePackFiles\i386\dmloader.dll
+ 2008-04-14 00:12:17   15,872   ------w   c:\windows\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 00:11:52   82,432   ------w   c:\windows\ServicePackFiles\i386\dmscript.dll
+ 2008-04-14 00:11:52   23,552   ------w   c:\windows\ServicePackFiles\i386\dmserver.dll
+ 2008-04-14 00:11:52   105,984   ------w   c:\windows\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 00:11:52   103,424   ------w   c:\windows\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 00:11:52   104,448   ------w   c:\windows\ServicePackFiles\i386\dmusic.dll
+ 2008-04-13 18:45:01   52,864   ------w   c:\windows\ServicePackFiles\i386\dmusic.sys
+ 2008-04-14 00:11:52   52,224   ------w   c:\windows\ServicePackFiles\i386\dmutil.dll
+ 2008-04-14 00:11:52   147,968   ------w   c:\windows\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 00:11:52   45,568   ------w   c:\windows\ServicePackFiles\i386\dnsrslvr.dll
+ 2008-04-14 00:11:52   48,128   ------w   c:\windows\ServicePackFiles\i386\docprop2.dll
+ 2004-08-04 12:00:00   53,840   ------w   c:\windows\ServicePackFiles\i386\dosx.exe
+ 2008-04-14 00:11:52   26,112   ------w   c:\windows\ServicePackFiles\i386\dot3api.dll
+ 2008-04-14 00:11:52   57,856   ------w   c:\windows\ServicePackFiles\i386\dot3cfg.dll
+ 2008-04-14 00:11:52   39,936   ------w   c:\windows\ServicePackFiles\i386\dot3clnt.dll
+ 2008-04-14 00:11:52   9,216   ------w   c:\windows\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-14 00:11:52   56,320   ------w   c:\windows\ServicePackFiles\i386\dot3msm.dll
+ 2008-04-14 00:11:52   132,096   ------w   c:\windows\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 00:11:52   650,752   ------w   c:\windows\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-13 18:39:46   206,976   ------w   c:\windows\ServicePackFiles\i386\dot4.sys
+ 2008-04-13 21:00:49   103,424   ------w   c:\windows\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-14 00:12:17   29,696   ------w   c:\windows\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 00:11:52   229,888   ------w   c:\windows\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 00:11:52   23,552   ------w   c:\windows\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 00:09:19   3,072   ------w   c:\windows\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 00:11:52   375,296   ------w   c:\windows\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 00:11:52   35,328   ------w   c:\windows\ServicePackFiles\i386\dpnhpast.dll
+ 2008-04-14 00:11:52   60,928   ------w   c:\windows\ServicePackFiles\i386\dpnhupnp.dll
+ 2008-04-14 00:09:20   3,072   ------w   c:\windows\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 00:12:17   17,920   ------w   c:\windows\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 00:11:52   21,504   ------w   c:\windows\ServicePackFiles\i386\dpvacm.dll
+ 2008-04-14 00:11:52   212,480   ------w   c:\windows\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 00:12:18   83,456   ------w   c:\windows\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 00:11:52   116,736   ------w   c:\windows\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 00:11:52   57,344   ------w   c:\windows\ServicePackFiles\i386\dpwsockx.dll
+ 2008-04-13 18:45:14   60,160   ------w   c:\windows\ServicePackFiles\i386\drmk.sys
+ 2008-04-13 18:45:13   2,944   ------w   c:\windows\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 00:11:52   14,336   ------w   c:\windows\ServicePackFiles\i386\drprov.dll
+ 2004-08-04 12:00:00   4,656   ------w   c:\windows\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-14 00:11:52   16,384   ------w   c:\windows\ServicePackFiles\i386\ds32gt.dll
+ 2008-04-14 00:11:52   181,248   ------w   c:\windows\ServicePackFiles\i386\dsdmo.dll
+ 2008-04-14 00:11:52   71,680   ------w   c:\windows\ServicePackFiles\i386\dsdmoprp.dll
+ 2008-04-14 00:11:52   92,672   ------w   c:\windows\ServicePackFiles\i386\dskquota.dll
+ 2008-04-14 00:11:52   155,648   ------w   c:\windows\ServicePackFiles\i386\dskquoui.dll
+ 2008-04-14 00:11:52   367,616   ------w   c:\windows\ServicePackFiles\i386\dsound.dll
+ 2008-04-14 00:11:52   1,293,824   ------w   c:\windows\ServicePackFiles\i386\dsound3d.dll
+ 2008-04-14 00:11:52   142,848   ------w   c:\windows\ServicePackFiles\i386\dsprop.dll
+ 2008-04-13 17:09:30   4,096   ------w   c:\windows\ServicePackFiles\i386\dsprpres.dll
+ 2008-04-14 00:11:52   239,104   ------w   c:\windows\ServicePackFiles\i386\dsquery.dll
+ 2008-04-14 00:11:52   51,200   ------w   c:\windows\ServicePackFiles\i386\dssec.dll
+ 2008-04-13 17:37:57   138,752   ------w   c:\windows\ServicePackFiles\i386\dssenh.dll
+ 2008-04-14 00:11:52   113,152   ------w   c:\windows\ServicePackFiles\i386\dsuiext.dll
+ 2008-04-14 00:11:52   19,456   ------w   c:\windows\ServicePackFiles\i386\dswave.dll
+ 2008-04-14 00:12:18   10,752   ------w   c:\windows\ServicePackFiles\i386\dumprep.exe
+ 2008-04-14 00:11:52   304,128   ------w   c:\windows\ServicePackFiles\i386\duser.dll
+ 2008-04-14 00:12:18   17,920   ------w   c:\windows\ServicePackFiles\i386\dvdupgrd.exe
+ 2008-04-14 00:12:18   180,224   ------w   c:\windows\ServicePackFiles\i386\dwwin.exe
+ 2008-04-14 00:11:52   619,008   ------w   c:\windows\ServicePackFiles\i386\dx7vb.dll
+ 2008-04-14 00:11:52   1,227,264   ------w   c:\windows\ServicePackFiles\i386\dx8vb.dll
+ 2008-04-14 00:12:18   1,298,432   ------w   c:\windows\ServicePackFiles\i386\dxdiag.exe
+ 2008-04-14 00:11:52   2,113,536   ------w   c:\windows\ServicePackFiles\i386\dxdiagn.dll
+ 2008-04-13 18:38:29   71,168   ------w   c:\windows\ServicePackFiles\i386\dxg.sys
+ 2008-04-14 00:11:52   357,888   ------w   c:\windows\ServicePackFiles\i386\dxtmsft.dll
+ 2008-04-14 00:11:52   205,312   ------w   c:\windows\ServicePackFiles\i386\dxtrans.dll
+ 2008-04-14 00:11:52   30,720   ------w   c:\windows\ServicePackFiles\i386\eapolqec.dll
+ 2008-04-14 00:11:52   184,832   ------w   c:\windows\ServicePackFiles\i386\eapp3hst.dll
+ 2008-04-14 00:11:52   126,976   ------w   c:\windows\ServicePackFiles\i386\eappcfg.dll
+ 2008-04-14 00:11:52   94,208   ------w   c:\windows\ServicePackFiles\i386\eappgnui.dll
+ 2008-04-14 00:11:52   180,224   ------w   c:\windows\ServicePackFiles\i386\eapphost.dll
+ 2008-04-14 00:11:52   40,960   ------w   c:\windows\ServicePackFiles\i386\eappprxy.dll
+ 2008-04-14 00:11:52   59,392   ------w   c:\windows\ServicePackFiles\i386\eapqec.dll
+ 2008-04-14 00:11:52   33,792   ------w   c:\windows\ServicePackFiles\i386\eapsvc.dll
+ 2008-04-14 00:11:52   175,616   ------w   c:\windows\ServicePackFiles\i386\ediskeer.dll
+ 2008-04-14 00:11:53   183,296   ------w   c:\windows\ServicePackFiles\i386\els.dll
+ 2008-04-14 00:11:53   20,480   ------w   c:\windows\ServicePackFiles\i386\encapi.dll
+ 2008-04-14 00:11:53   186,880   ------w   c:\windows\ServicePackFiles\i386\encdec.dll
+ 2008-04-13 16:26:02   40,960   ------w   c:\windows\ServicePackFiles\i386\ep9res.dll
+ 2004-07-17 16:39:36   120,320   ------w   c:\windows\ServicePackFiles\i386\epcl5res.dll
+ 2008-04-14 00:11:53   23,040   ------w   c:\windows\ServicePackFiles\i386\ersvc.dll
+ 2008-04-14 00:11:53   246,272   ------w   c:\windows\ServicePackFiles\i386\es.dll
+ 2008-04-14 00:11:53   1,082,368   ------w   c:\windows\ServicePackFiles\i386\esent.dll
+ 2008-04-14 00:11:53   247,808   ------w   c:\windows\ServicePackFiles\i386\esscli.dll
+ 2004-08-04 03:32:28   137,088   ------w   c:\windows\ServicePackFiles\i386\essm2e.sys
+ 2008-04-14 00:12:19   193,024   ------w   c:\windows\ServicePackFiles\i386\eudcedit.exe
+ 2008-04-14 00:11:53   56,320   ------w   c:\windows\ServicePackFiles\i386\eventlog.dll
+ 2008-04-14 00:11:53   101,888   ------w   c:\windows\ServicePackFiles\i386\evntagnt.dll
+ 2008-04-14 00:12:19   24,064   ------w   c:\windows\ServicePackFiles\i386\evntcmd.exe
+ 2008-04-14 00:11:53   21,504   ------w   c:\windows\ServicePackFiles\i386\evntrprv.dll
+ 2008-04-14 00:12:19   92,160   ------w   c:\windows\ServicePackFiles\i386\evntwin.exe
+ 2008-04-14 00:11:53   380,445   ------w   c:\windows\ServicePackFiles\i386\expsrv.dll
+ 2008-04-14 00:11:53   55,808   ------w   c:\windows\ServicePackFiles\i386\extmgr.dll
+ 2008-04-14 00:12:19   24,064   ------w   c:\windows\ServicePackFiles\i386\extrac32.exe
+ 2008-04-14 00:11:53   125,952   ------w   c:\windows\ServicePackFiles\i386\exts.dll
+ 2008-04-14 00:09:30   7,168   ------w   c:\windows\ServicePackFiles\i386\f3ahvoas.dll
+ 2008-04-13 19:14:29   143,744   ------w   c:\windows\ServicePackFiles\i386\fastfat.sys
+ 2008-04-14 00:11:53   472,064   ------w   c:\windows\ServicePackFiles\i386\fastprox.dll
+ 2008-04-14 00:11:53   80,384   ------w   c:\windows\ServicePackFiles\i386\faultrep.dll
+ 2008-04-14 00:12:20   20,992   ------w   c:\windows\ServicePackFiles\i386\faxpatch.exe
+ 2008-04-13 18:40:25   27,392   ------w   c:\windows\ServicePackFiles\i386\fdc.sys
+ 2008-04-14 00:11:53   21,504   ------w   c:\windows\ServicePackFiles\i386\feclient.dll
+ 2008-04-14 00:11:53   337,920   ------w   c:\windows\ServicePackFiles\i386\filemgmt.dll
+ 2008-04-14 00:12:20   27,136   ------w   c:\windows\ServicePackFiles\i386\findstr.exe
+ 2008-04-13 18:33:28   44,544   ------w   c:\windows\ServicePackFiles\i386\fips.sys
+ 2008-04-14 00:11:53   87,552   ------w   c:\windows\ServicePackFiles\i386\fldrclnr.dll
+ 2008-04-13 18:40:25   20,480   ------w   c:\windows\ServicePackFiles\i386\flpydisk.sys
+ 2008-04-14 00:11:53   16,896   ------w   c:\windows\ServicePackFiles\i386\fltlib.dll
+ 2008-04-14 00:12:20   23,040   ------w   c:\windows\ServicePackFiles\i386\fltmc.exe
+ 2008-04-13 18:32:59   129,792   ------w   c:\windows\ServicePackFiles\i386\fltmgr.sys
+ 2008-04-14 00:11:53   382,976   ------w   c:\windows\ServicePackFiles\i386\fontext.dll
+ 2008-04-14 00:11:53   80,896   ------w   c:\windows\ServicePackFiles\i386\fontsub.dll
+ 2008-04-14 00:12:20   20,992   ------w   c:\windows\ServicePackFiles\i386\fontview.exe
+ 2008-04-14 00:12:20   7,680   ------w   c:\windows\ServicePackFiles\i386\forcedos.exe
+ 2004-08-04 03:31:24   34,173   ------w   c:\windows\ServicePackFiles\i386\forehe.sys
+ 2008-04-14 00:12:42   29,696   ------w   c:\windows\ServicePackFiles\i386\format.com
+ 2008-04-14 00:11:53   32,828   ------w   c:\windows\ServicePackFiles\i386\fp40ext.dll
+ 2008-04-14 00:11:53   184,435   ------w   c:\windows\ServicePackFiles\i386\fp4amsft.dll
+ 2008-04-14 00:11:53   82,035   ------w   c:\windows\ServicePackFiles\i386\fp4anscp.dll
+ 2008-04-14 00:11:53   147,513   ------w   c:\windows\ServicePackFiles\i386\fp4apws.dll
+ 2008-04-14 00:11:53   49,210   ------w   c:\windows\ServicePackFiles\i386\fp4areg.dll
+ 2008-04-14 00:11:53   102,509   ------w   c:\windows\ServicePackFiles\i386\fp4atxt.dll
+ 2008-04-14 00:11:53   618,605   ------w   c:\windows\ServicePackFiles\i386\fp4autl.dll
+ 2008-04-14 00:11:53   41,020   ------w   c:\windows\ServicePackFiles\i386\fp4avnb.dll
+ 2008-04-14 00:11:53   32,826   ------w   c:\windows\ServicePackFiles\i386\fp4avss.dll
+ 2008-04-14 00:11:53   49,212   ------w   c:\windows\ServicePackFiles\i386\fp4awebs.dll
+ 2008-04-14 00:11:53   876,653   ------w   c:\windows\ServicePackFiles\i386\fp4awel.dll
+ 2008-04-14 00:12:20   15,120   ------w   c:\windows\ServicePackFiles\i386\fp98sadm.exe
+ 2008-04-14 00:12:20   109,840   ------w   c:\windows\ServicePackFiles\i386\fp98swin.exe
+ 2008-04-14 00:12:20   24,632   ------w   c:\windows\ServicePackFiles\i386\fpadmcgi.exe
+ 2008-04-14 00:11:53   20,541   ------w   c:\windows\ServicePackFiles\i386\fpadmdll.dll
+ 2008-04-14 00:12:20   188,494   ------w   c:\windows\ServicePackFiles\i386\fpcount.exe
+ 2008-04-14 00:11:53   94,208   ------w   c:\windows\ServicePackFiles\i386\fpencode.dll
+ 2008-04-14 00:11:53   20,541   ------w   c:\windows\ServicePackFiles\i386\fpexedll.dll
+ 2008-04-14 00:11:53   598,071   ------w   c:\windows\ServicePackFiles\i386\fpmmc.dll
+ 2007-04-02 16:36:04   208,896   ------w   c:\windows\ServicePackFiles\i386\fpmmcsat.dll
+ 2008-04-14 00:12:20   20,538   ------w   c:\windows\ServicePackFiles\i386\fpremadm.exe
+ 2008-04-14 00:12:20   28,728   ------w   c:\windows\ServicePackFiles\i386\fpsrvadm.exe
+ 2008-04-14 00:09:33   9,344   ------w   c:\windows�
Logged

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #11 on: November 05, 2008, 09:16:29 AM »
And here is the "HijackThis" log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:14:33 AM, on 11/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?linkid=54834
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 8623 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer has been running very slow/a lot of popups.
« Reply #12 on: November 05, 2008, 09:40:34 AM »
Can you scan a few files for me please

Can you do the following
go to this link

http://www.virustotal.com/flash/index_en.html
Copy and paste the following bold line to the space next to  'Upload a File'
Or Browse to the file

c:\windows\webconfig32.exe
Then use the SEND FILE button
Let it finish scanning
Could you post back the results this scan back here please
Or better yet, just link to the results page

Do the same for the next ones
c:\windows\system32\tlxedicb.dll
c:\documents and settings\Garrett's Account\javamon.exe
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #13 on: November 05, 2008, 05:39:12 PM »
Here they are:

http://www.virustotal.com/analisis/d0916bd...64ba302e3ae1196

http://www.virustotal.com/vt/en/recepcion?...2707e69cd19ca19
Didn't work for some reason.

And it said the third file "c:\documents and settings\Garrett's Account\javamon.exe" was the same as the first file you had me scan. http://www.virustotal.com/reanalisis.html?...0f971153acecc48
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer has been running very slow/a lot of popups.
« Reply #14 on: November 05, 2008, 06:24:22 PM »
Quote
And it said the third file "c:\documents and settings\Garrett's Account\javamon.exe" was the same as the first file you had me scan.

No, it just meant that the file you scanned, was scanned before on Virustotal site
You scanned a different filename, but same size, so let's see if we can get them both

Download > [color=\"red\"]OTMoveIt3[/color] <[/url] by OldTimer.
  • Save it to your desktop.
  • Double-click OTMoveIt3.exe to run it.
  • Copy the entries below in Blue to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose "Copy"):

    ================================================

    [color=\"#4169E1\"]:Files
    c:\windows\webconfig32.exe
    c:\windows\system32\tlxedicb.dll
    c:\documents and settings\Garrett's Account\javamon.exe
    c:\documents and settings\Garrett's Account\java_plugin.exe
    [EmptyTemp][/color]


    ======================================================
  • Return to OTMoveIt3, right-click on the "Paste List of Files/Folders to be Moved" window  and choose "Paste".
  • Click the red "[color=\"red\"]MoveIt![/color]" button.
  • Close OTMoveIt when it has completed.
[color=\"red\"]Note[/color]:  If an entry cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose "Yes".

A Log should open, can you post it back here
If no log opens
OTMoveIt would of created a log at this location
C:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log <-indicates date_time of log

**Let me know how things are now running
« Last Edit: November 05, 2008, 06:26:04 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #15 on: November 05, 2008, 09:08:23 PM »
Here is the log.
========== FILES ==========
c:\windows\webconfig32.exe moved successfully.
File/Folder c:\windows\system32\tlxedicb.dll not found.
c:\documents and settings\Garrett's Account\javamon.exe moved successfully.
File/Folder c:\documents and settings\Garrett's Account\java_plugin.exe not found.
File/Folder [EmptyTemp] not found.
 
OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 11052008_200003


And the computer seems to be running smoother, however I haven't really done much on it to test it. The popups and spam seem to be reduced to the minimum. Thanks for your help so far.
« Last Edit: November 05, 2008, 09:09:23 PM by Chuck Norris »
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer has been running very slow/a lot of popups.
« Reply #16 on: November 05, 2008, 09:43:41 PM »
Quote
The popups and spam seem to be reduced to the minimum. Thanks for your help so far.

Are you still getting the same popups you were getting before?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline ___

  • Hero Member
  • *****
  • Posts: 637
  • Karma: +0/-0
    • View Profile
Computer has been running very slow/a lot of popups.
« Reply #17 on: November 07, 2008, 06:01:19 PM »
Not that I have seen, I was getting one for "sexvid" or something like that, but it seems to have stopped.
Thanks for your help.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer has been running very slow/a lot of popups.
« Reply #18 on: November 08, 2008, 11:30:55 PM »
Let's clean some of the tools we used
I would opt to hold onto Malwarebytes AntiMalware
Update and run a Quick Scan occassionally

Then, * Go to START> RUN and copy and paste next command :

ComboFix /u

Make sure there's a space between Combofix and /
Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore.

OTMoveit3
  • Double-click OTMoveIt3.exe to run it.
  • Click the Cleanup! button
    A list will be downloaded>>Allow it Internet access if prompted by your Firewall
    Don't change anything in this list
  • Select Yes at the prompt
    Wait for the confirmation box to open to reboot the computer
    Don't mouseclick during the wait as you may cause the tool to stall
  • Select Yes to reboot Now
NOTE: This procedure will also delete OTMoveit.exe from desktop

Take a look at miekiemoes' site with other ideas on How to prevent Malware:
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »