i cant start spybot s&d or anything else

[rainshield]

Hi, today i was accidently downloaded and installed adwarealert. After that there's alot of pops up come up, so i try to run spybot S&D but it doesnt start up on both normal or safemode, either i cant run hjackthis too, i try to download some malware remover but none of those programs can start up. Everytime i try to run any program it always show up the error :"16 bit ms-dos subsystem, the NTVDM CPU has encountered an illegal instruction CS:0543 IP:a31aOP:f28fef8ff9 Choose 'close' to terminate the application". i have no idea how to fix it now, i'll be appreciated with any helps here. Thanks

 

[katana]

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

1. Please Read All Instructions Carefully
2. If you don't understand something, stop and ask! Don't keep going on.
3. Please do not run any other tools or scans whilst I am helping you
4. Please continue to respond until I give you the "All Clear"
   (Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------




Download and Run RSIT

• Please download Random's System Information Tool by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open:
  • log.txt will be opened maximized.
  • info.txt will be opened minimized.
• Please post the contents of both log.txt and info.txt.

 

[rainshield]

1st of all, thanks for the helping katana, here's the report from it:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Owner at 2008-11-01 20:08:12
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 13 GB (38%) free of 34 GB
Total RAM: 1015 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:08:20 PM, on 11/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\System32\hphmon05.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Norton AntiVirus\SAVScan.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\interMute\SpamSubtract\SpamSub.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Avant Browser\avant.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn8\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn8\yt.dll
O2 - BHO: (no name) - {199f7219-281e-44d9-99eb-83e6febb0ddd} - (no file)
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: (no name) - {3803463F-8961-4B32-B904-BE3DD440108A} - (no file)
O2 - BHO: (no name) - {3FAECE6F-50DF-012D-8A48-5CC07026D6C9} - (no file)
O2 - BHO: (no name) - {4BCA41D6-331E-4BE1-BC76-8324139B7B51} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {53F933B8-E2CE-43A8-AC86-4FB1C4F4BCB9} - (no file)
O2 - BHO: (no name) - {5606a88c-3e11-456b-ae5a-c3f84669fe83} - (no file)
O2 - BHO: (no name) - {648D6416-DDA1-4A1A-AB38-A5840045B8DD} - (no file)
O2 - BHO: (no name) - {6B221E01-F517-4959-8C41-81948E7F2F17} - (no file)
O2 - BHO: (no name) - {7C5D3A32-B9EC-4AAA-B0B2-FDB51BAEF699} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9CF1B841-60AD-4133-A48B-A169E4D6CD6F} - (no file)
O2 - BHO: (no name) - {9E91EF7B-6846-45C3-A8AB-67CF7C900783} - (no file)
O2 - BHO: (no name) - {B8ED0C5B-6745-48F6-912F-89E261C09FB9} - (no file)
O2 - BHO: (no name) - {BD3731B6-C62E-446F-8D03-235B55DD24D0} - (no file)
O2 - BHO: (no name) - {CF88E393-625C-4BC4-AA09-D6DF9B2FAEE6} - (no file)
O2 - BHO: (no name) - {d35830bf-164c-415b-b7f8-7ff495fe850e} - (no file)
O2 - BHO: (no name) - {DAC648E5-0B3A-4CED-9396-7404A9378AA0} - (no file)
O2 - BHO: (no name) - {db4c955d-da75-4083-a1c3-56d8c5588ada} - (no file)
O2 - BHO: (no name) - {ffb5caf7-151f-4a97-8c98-71cb8538a13d} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn8\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer]
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2]
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRA~1\SUPERA~1\SUPERA~1.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - S-1-5-18 Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe (User 'Default user')
O4 - .DEFAULT User Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe (User 'Default user')
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1197326184125
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197329200375
O20 - AppInit_DLLs: orncez.dll
O20 - Winlogon Notify: qoMfFvWN - C:\WINDOWS\
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

--
End of file - 11221 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\hqnmcmfm.job
C:\WINDOWS\tasks\iuhbjwzo.job
C:\WINDOWS\tasks\Symantec NetDetect.job
C:\WINDOWS\tasks\upjvotcn.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn8\yt.dll [2007-12-18 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{199f7219-281e-44d9-99eb-83e6febb0ddd}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3803463F-8961-4B32-B904-BE3DD440108A}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3FAECE6F-50DF-012D-8A48-5CC07026D6C9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4BCA41D6-331E-4BE1-BC76-8324139B7B51}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53F933B8-E2CE-43A8-AC86-4FB1C4F4BCB9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5606a88c-3e11-456b-ae5a-c3f84669fe83}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{648D6416-DDA1-4A1A-AB38-A5840045B8DD}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B221E01-F517-4959-8C41-81948E7F2F17}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C5D3A32-B9EC-4AAA-B0B2-FDB51BAEF699}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF1B841-60AD-4133-A48B-A169E4D6CD6F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E91EF7B-6846-45C3-A8AB-67CF7C900783}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8ED0C5B-6745-48F6-912F-89E261C09FB9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BD3731B6-C62E-446F-8D03-235B55DD24D0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF88E393-625C-4BC4-AA09-D6DF9B2FAEE6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d35830bf-164c-415b-b7f8-7ff495fe850e}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DAC648E5-0B3A-4CED-9396-7404A9378AA0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db4c955d-da75-4083-a1c3-56d8c5588ada}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffb5caf7-151f-4a97-8c98-71cb8538a13d}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - c:\Program Files\Norton AntiVirus\NavShExt.dll [2003-08-17 103592]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! ¤u¨ã¦C - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn8\yt.dll [2007-12-18 817936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe [2004-01-26 32881]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-08-20 118784]
"HPHUPD05"=c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [2003-08-21 49152]
"HPHmon05"=C:\WINDOWS\System32\hphmon05.exe [2003-08-21 483328]
"KBD"=C:\HP\KBD\KBD.EXE [2008-05-13 2093568]
"UpdateManager"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2004-01-26 151597]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2008-05-29 179712]
"VTTimer"= []
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-06-27 29344]
"LTMSG"=LTMSG.exe 7 []
"PS2"= []
"HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-12 172032]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
"AlcxMonitor"=C:\WINDOWS\ALCXMNTR.EXE [2004-09-07 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"= []
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe /VeohHide []
"SUPERAntiSpyware"=C:\PROGRA~1\SUPERA~1\SUPERA~1.EXE []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Compaq Connections.lnk - C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe
SBC Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe

C:\Documents and Settings\Owner\Start Menu\Programs\Startup
spamsubtract.lnk - C:\Program Files\interMute\SpamSubtract\SpamSub.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="orncez.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-08-20 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\qoMfFvWN]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Avant Browser\avant.exe"="C:\Program Files\Avant Browser\avant.exe:*:Enabled:Avant Browser"
"C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe"="C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe:*isabled:BackWeb-1940576"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Rhapsody\rhapsody.exe"="C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:Rhapsody Media Player"
"C:\Program Files\Steam\steamapps\1life1love4ever\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\1life1love4ever\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Downloads\Silkroad_Full-Client_Downloader.exe"="C:\Downloads\Silkroad_Full-Client_Downloader.exe:*:Enabled:Full-Client Downloader"
"C:\Program Files\World of Warcraft\WoW-1.12.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.12.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"F:\game\Steam\steamapps\1life1love4ever\counter-strike\hl.exe"="F:\game\Steam\steamapps\1life1love4ever\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2008-11-01 20:08:12 ----D---- C:\rsit
2008-10-31 22:22:05 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-10-31 22:21:47 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-31 22:21:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-30 18:04:11 ----SH---- C:\WINDOWS\system32\aanxtbko.ini
2008-10-29 18:01:08 ----SH---- C:\WINDOWS\system32\xmenjukq.ini
2008-10-29 17:49:30 ----D---- C:\WINDOWS\system32\EV19
2008-10-29 17:49:22 ----A---- C:\WINDOWS\system32\prun.exe
2008-10-29 17:13:23 ----HD---- C:\WINDOWS\PIF

======List of files/folders modified in the last 1 months======

2008-11-01 19:57:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-01 19:44:30 ----D---- C:\WINDOWS\TEMP
2008-11-01 19:43:33 ----SHD---- C:\WINDOWS\Installer
2008-11-01 19:43:19 ----D---- C:\WINDOWS
2008-11-01 19:41:54 ----D---- C:\WINDOWS\system32\drivers
2008-11-01 19:41:20 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-01 18:47:24 ----SHD---- C:\Config.Msi
2008-11-01 17:53:20 ----RD---- C:\Program Files
2008-11-01 01:05:36 ----D---- C:\WINDOWS\system32
2008-11-01 01:04:35 ----D---- C:\WINDOWS\system32\olixds01
2008-11-01 01:04:35 ----D---- C:\WINDOWS\system32\IDME
2008-10-31 18:23:08 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-31 18:11:53 ----D---- C:\Downloads
2008-10-31 18:01:17 ----A---- C:\WINDOWS\system32\efebc4f8-.txt
2008-10-31 16:00:23 ----SD---- C:\WINDOWS\Tasks
2008-10-31 13:40:12 ----AC---- C:\WINDOWS\wininit.ini
2008-10-31 13:40:07 ----D---- C:\Program Files\Common Files
2008-10-31 03:40:16 ----D---- C:\Program Files\Mozilla Firefox
2008-10-30 18:31:51 ----D---- C:\WINDOWS\Prefetch
2008-10-30 18:31:31 ----D---- C:\WINDOWS\system32\?ymbols
2008-10-29 20:29:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-29 20:28:58 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-29 17:49:59 ----D---- C:\temp
2008-10-15 16:30:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-15 16:30:24 ----HD---- C:\WINDOWS\inf
2008-10-15 16:21:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-15 15:58:16 ----D---- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-10-15 00:47:38 ----D---- C:\Documents and Settings\All Users\Application Data\yahoo!
2008-10-03 09:14:30 ----D---- C:\Program Files\Spybot - Search & Destroy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 SAVRT;SAVRT; \??\c:\Program Files\Norton AntiVirus\SAVRT.SYS []
R1 SAVRTPEL;SAVRTPEL; \??\c:\Program Files\Norton AntiVirus\SAVRTPEL.SYS []
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-12-05 11392]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-01-21 267384]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-08-15 12032]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-10-01 2279424]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2004-08-20 737874]
R3 ltmodem5;Agere Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-07-01 652497]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-01-26 28256]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040129.004\NAVENG.Sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040129.004\NavEx15.Sys []
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2002-07-29 23808]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-03 37376]
S1 SASDIFSV;SASDIFSV; \??\C:\PROGRA~1\SUPERA~1\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys []
S2 mrtRate;mrtRate; C:\WINDOWS\system32\drivers\mrtRate.sys []
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-11-20 122110]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-11-20 99002]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-12 391424]
S3 catchme;catchme; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys []
S3 FragFX;FragFX NT service; C:\WINDOWS\System32\Drivers\FragFX.sys [2008-01-03 29824]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SIS162u;%sis162.Service.DispName%; C:\WINDOWS\System32\DRIVERS\sis162u.sys [2004-05-27 154112]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-12-06 429440]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-01-21 26424]
S3 TnIDriver;TnIDriver; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\tni19.tmp []
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-10-16 117760]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2003-08-15 255136]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2003-08-15 234656]
R2 navapsvc;Norton AntiVirus Auto Protect Service; c:\Program Files\Norton AntiVirus\navapsvc.exe [2003-08-17 158376]
R2 SAVScan;SAVScan; c:\Program Files\Norton AntiVirus\SAVScan.exe [2003-08-10 193816]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 ccPwdSvc;Symantec Password Validation; c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2003-08-15 87200]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-03 267776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2005-01-21 206552]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]

-----------------EOF-----------------

 

[rainshield]

info.txt logfile of random's system information tool 1.04 2008-11-01 20:08:28

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.56 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
Advertisement Service-->C:\WINDOWS\system32\prun.exe Uninstall
AdwareAlert-->MsiExec.exe /X{3D3E16B8-170A-4516-83F2-0F989B8CC5DD}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Avant Browser (remove only)-->"C:\Program Files\Avant Browser\uninst.exe"
Blackhawk Striker from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\F07504C6-20C5-4BFE-83A0-523FB2455E72\Uninstall.exe"
Blasterball 2 from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\75528D5F-DD82-402E-BA7C-045B7DC6A712\Uninstall.exe"
Bounce Symphony from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\29FF6D07-4A15-41F1-9D5E-E0F3A58012C6\Uninstall.exe"
CC_ccStart-->MsiExec.exe /I{D6414CC7-F215-467F-88B1-546ED863F35B}
ccCommon-->MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Compaq Connections-->C:\WINDOWS\BWUnin-6.2.3.66L.exe -AppId 1940576
Compaq Instant Support-->C:\PROGRA~1\COMPAQ~2\UNWISE.EXE C:\PROGRA~1\COMPAQ~2\INSTALL.LOG
Counter-Strike-->"C:\PROGRA~1\Steam\steam.exe" steam://uninstall/10
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Excavation from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\C679AA5F-C2C8-4EA8-9CD1-504A39AEC264\Uninstall.exe"
Five Card Frenzy from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\2FDCC229-354D-4279-ABEF-CE17E355BFFA\Uninstall.exe"
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
HijackThis 2.0.2-->"C:\PROGRA~1\TRENDM~1\HIJACK~1\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
hp deskjet 3600-->msiexec /x{7CA32143-2DAC-4F5F-9BAA-2AB3707EF192}
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photo & Imaging 3.5 - HP Devices-->C:\Program Files\HP\Digital Imaging\{15B9DC72-73F9-4d99-9E28-848D66DA8D99}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
IntelliMover Data Transfer Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Kaspersky Online Scanner-->C:\WINDOWS\System32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
KBD-->C:\HP\KBD\KBD.EXE uninstalled
K-Lite Codec Pack 2.88 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LaserJet 1018-->C:\Program Files\Zenographics\{7FAA09AA-BFFA-42E4-97D2-3079766D2454}\setup.exe -u "HPLJInstaller.dll=Hplj1018.inf"
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.90 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Matroska Pack - Lazy Man's MKV 0.9.9-->"C:\Program Files\LD-Anime\unins000.exe"
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2004 System Pack-->MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Money 2004-->MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition-->MsiExec.exe /I{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works 7.0-->MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSRedist-->MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
MUSICMATCH® Jukebox-->C:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.exe
Norton AntiVirus 2004 (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe /X
Norton AntiVirus 2004-->MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus Parent MSI-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
NVIDIA GART Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA GART Driver
Orbital from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\26DC0ED6-93A7-43C1-8DC5-EC16079580F9\Uninstall.exe"
Otto from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\8A225900-C06D-41DD-B66C-43840D472758\Uninstall.exe"
Overball from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\FA7F5211-C629-4711-BD82-7DFFB08CB518\Uninstall.exe"
PC-Doctor for Windows-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
Polar Bowler from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\05E21449-3BA3-42BF-BBDA-95205F4EA40A\Uninstall.exe"
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2004-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8} anything
RealOne Player-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Security Update for Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Slyder from Compaq (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\8BA6F58B-7A91-461F-95F8-E34F8BD8AA4E\Uninstall.exe"
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SpamSubtract-->C:\PROGRA~1\INTERM~1\SPAMSU~1\UNWISE.EXE /U C:\PROGRA~1\INTERM~1\SPAMSU~1\INSTALL.LOG
Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Starcraft-->C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SymNet-->MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{C35BF80A-6284-485E-AE18-023AA8C43185}\setup.exe -runfromtemp -l0x0409
Viewpoint Media Player (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Yahoo! ¤u¨ã¦C-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager-->C:\WINDOWS\System32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->C:\WINDOWS\System32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Zone Deluxe Games-->MsiExec.exe /I{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}

=====HijackThis Backups=====

O4 - HKCU\..\Run: [Notn] "C:\WINDOWS\System32\SCURIT~1\wuaclt.exe" -vt yazb
O2 - BHO: (no name) - {95CB3857-A0E7-F21B-EE5B-FD8A45862C97} - C:\WINDOWS\System32\cnsi.dll (file missing)
O4 - HKCU\..\Run: [Omht] C:\WINDOWS\??stem32\?poolsv.exe
O4 - .DEFAULT User Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (User 'Default user')

======Hosts File======

127.0.0.1 localhost

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\services
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

 

[katana]

Information

I see that MalwareBytes is installed, did that not run properly ?
----------------------------------------------------------- -----------------------------------------------------------

Step 1


Backup the Registry

• Download ERUNT to your desktop
• Double-click on the file to install the program
• Untick the NTREGOPT desktop shortcut option
• Click No when you get the option to run Erunt at Windows startup.
• During the installation, tick Launch Erunt
• Accept the defaults for running a backup
• Erunt will then backup your registry

----------------------------------------------------------- -----------------------------------------------------------
Step 2


Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  See HERE for help
  
• Double click on ComboFix.exe & follow the prompts.
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

----------------------------------------------------------- -----------------------------------------------------------


Logs/Information to Post in Reply
Please post the following logs/Information in your reply

• ComboFix Log

 

[rainshield]

thanks katana for helping, yes i installed malwarebytes other days, and i did run it to clear some malware. btw, i did follow all your step, but on step 2 after installed the combofix, i run it, there's loading bar on my screen, but nothing happened, i turned off every anti-virus or anti-spybot, anti-malware, but still cant get the combofix to load up. How i can fix this ?

 

[katana]

Please post the log from the MalwareBytes run. It should be here ..
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Delete the copy of ComboFix that you have and download the updated one and then try running it again.

 

[rainshield]

thanks for the reply, here is the walmarebyte log:
Malwarebytes' Anti-Malware 1.30
Database version: 1354
Windows 5.1.2600 Service Pack 2

11/1/2008 5:52:29 PM
mbam-log-2008-11-01 (17-52-29).txt

Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 151832
Time elapsed: 41 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 31

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6b221e01-f517-4959-8c41-81948e7f2f17} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9e91ef7b-6846-45c3-a8ab-67cf7c900783} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e91ef7b-6846-45c3-a8ab-67cf7c900783} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\g]eeV\mWhjlnspB (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\exefile\shell\open\command\ (Broken.OpenCommand) -> Bad: (C:\WINDOWS\svchost.com "%1" %*) Good: ("%1" %*) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118414.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118416.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118418.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118420.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118422.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118423.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118424.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118425.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118426.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118427.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118428.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118429.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118430.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118431.dll (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118432.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118433.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118434.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118435.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118436.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118437.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118438.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118439.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118440.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118442.exe (Adware.Trafficsol) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118444.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118462.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118468.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118469.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP465\A0118470.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

 

[rainshield]

and here is the combofix log, sorry i have to spit it in many posts bcuz it's too long.
ComboFix 08-11-02.04 - Owner 2008-11-03 1:46:13.10 - NTFSx86
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\Owner\My Documents\ASKS~1
C:\Documents and Settings\Owner\My Documents\ICROSO~1.NET
C:\Documents and Settings\Owner\My Documents\ICROSO~1.NET\t?skmgr.exe
C:\Documents and Settings\Owner\My Documents\MBOLS~1
C:\Program Files\Common Files\ppatch~1
C:\WINDOWS\directx.sys
C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll
C:\WINDOWS\IA
C:\WINDOWS\netdx.dat
C:\WINDOWS\svchost.com
C:\WINDOWS\system32\aadenwhc.ini
C:\WINDOWS\system32\aanxtbko.ini
C:\WINDOWS\system32\akjjhqhu.ini
C:\WINDOWS\system32\biddttkt.ini
C:\WINDOWS\system32\cfbsfohn.ini
C:\WINDOWS\system32\cqxtebrq.ini
C:\WINDOWS\system32\DKknmnnn.ini
C:\WINDOWS\system32\DKknmnnn.ini2
C:\WINDOWS\system32\ehdlgsis.ini
C:\WINDOWS\system32\ekrogbqk.ini
C:\WINDOWS\system32\fiyppunx.ini
C:\WINDOWS\system32\fwojiwxv.ini
C:\WINDOWS\system32\gvkngbxe.ini
C:\WINDOWS\system32\hghypcac.ini
C:\WINDOWS\system32\hkhhunre.ini
C:\WINDOWS\system32\hmhobldo.ini
C:\WINDOWS\system32\hqkvymfx.ini
C:\WINDOWS\system32\hxirhplu.ini
C:\WINDOWS\system32\hylafnwx.ini
C:\WINDOWS\system32\icroso~1.net
C:\WINDOWS\system32\icvepaao.ini
C:\WINDOWS\system32\igsmdhpn.ini
C:\WINDOWS\system32\imdejsvk.ini2
C:\WINDOWS\system32\imdejsvk.tmp
C:\WINDOWS\system32\irymvqeo.ini
C:\WINDOWS\system32\jlfkidxk.ini
C:\WINDOWS\system32\jovsyjvh.ini
C:\WINDOWS\system32\kdywkoen.ini
C:\WINDOWS\system32\kiipxbsj.ini
C:\WINDOWS\system32\kvbpduiu.ini
C:\WINDOWS\system32\lahhvcat.ini
C:\WINDOWS\system32\mmoedlxu.ini
C:\WINDOWS\system32\mrollcbf.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\mvugyopj.ini
C:\WINDOWS\system32\npemydcn.ini
C:\WINDOWS\system32\nqsdvphd.ini
C:\WINDOWS\system32\nvdntquu.ini
C:\WINDOWS\system32\ofkwqfbj.ini
C:\WINDOWS\system32\ofniqtgv.ini
C:\WINDOWS\system32\oojdrnko.ini
C:\WINDOWS\system32\oUFLknnn.ini
C:\WINDOWS\system32\oUFLknnn.ini2
C:\WINDOWS\system32\oxymncyi.ini
C:\WINDOWS\system32\peijagrx.ini
C:\WINDOWS\system32\phanwixv.ini
C:\WINDOWS\system32\plccgffl.ini
C:\WINDOWS\system32\qevqbamx.ini
C:\WINDOWS\system32\qgimrdho.ini
C:\WINDOWS\system32\qnmemxbs.ini
C:\WINDOWS\system32\qowtngbp.ini
C:\WINDOWS\system32\raqkhhkq.ini
C:\WINDOWS\system32\rkccqfxw.ini
C:\WINDOWS\system32\uBdccccf.ini
C:\WINDOWS\system32\uBdccccf.ini2
C:\WINDOWS\system32\ueqepwsk.ini
C:\WINDOWS\system32\uomkvfrt.ini
C:\WINDOWS\system32\vbflgppg.ini
C:\WINDOWS\system32\vfcmfdqi.ini
C:\WINDOWS\system32\vthhhpek.ini
C:\WINDOWS\system32\vvauqdea.ini
C:\WINDOWS\system32\vwkyoggn.ini
C:\WINDOWS\system32\xmenjukq.ini
C:\WINDOWS\system32\xuirgwdx.ini
C:\WINDOWS\system32\yhsentak.ini
C:\WINDOWS\system32\ymbols~1
C:\WINDOWS\system32\ymbols~1\?ymbols\
C:\WINDOWS\system32\ymbols~1\services.exe
C:\WINDOWS\Tasks\hqnmcmfm.job
C:\WINDOWS\Tasks\iuhbjwzo.job
C:\WINDOWS\Tasks\upjvotcn.job

----- BITS: Possible infected sites -----

hxxp://kakoitodomen.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_TnIDriver


((((((((((((((((((((((((( Files Created from 2008-10-03 to 2008-11-03 )))))))))))))))))))))))))))))))
.

2008-11-02 22:57 . 2008-11-02 22:57 <DIR> d-------- C:\Program Files\ERUNT
2008-11-01 20:08 . 2008-11-01 20:08 <DIR> d-------- C:\rsit
2008-10-31 22:22 . 2008-10-31 22:22 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-10-31 22:21 . 2008-10-31 22:22 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-31 22:21 . 2008-10-31 22:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-31 22:21 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-31 22:21 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-30 18:42 . 2008-10-30 18:42 4,286 --a------ C:\WINDOWS\system32\Jamster.ico
2008-10-29 17:49 . 2008-11-01 01:04 <DIR> d-------- C:\WINDOWS\system32\EV19
2008-10-29 17:49 . 2008-10-29 17:49 34,304 --a------ C:\WINDOWS\system32\prun.exe
2008-10-29 17:13 . 2008-10-29 17:13 <DIR> d--h----- C:\WINDOWS\PIF
2008-10-15 16:21 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-10-15 16:21 . 2001-08-17 14:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-10-15 16:18 . 2008-01-03 21:28 29,824 --a------ C:\WINDOWS\system32\drivers\FragFX.sys
2008-10-15 00:47 . 2008-10-15 00:47 262,144 --a------ C:\ntuser.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-02 10:52 --------- d-----w C:\Program Files\Avant Browser
2008-11-02 10:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-30 04:29 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-10-30 04:28 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-10-15 23:58 --------- d-----w C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-10-15 08:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\yahoo!
2008-10-03 17:14 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-30 22:09 --------- d-----w C:\Program Files\Starcraft
2008-09-03 06:26 --------- d--h--w C:\Program Files\Zenographics
2008-09-03 06:26 --------- d-----w C:\Program Files\Hewlett-Packard
2008-08-19 06:35 115,712 ----a-w C:\WINDOWS\system32\wsxinxak.dll
2008-08-19 06:35 115,712 ----a-w C:\WINDOWS\system32\knsasu.dll
2008-08-19 06:26 89,600 ----a-w C:\WINDOWS\system32\dhxdqkjj.dll
2008-08-16 01:35 100,096 ----a-w C:\WINDOWS\system32\saapslaw.dll
2008-08-15 01:34 89,088 ----a-w C:\WINDOWS\system32\gayywavw.dll
2008-08-14 01:35 89,600 ----a-w C:\WINDOWS\system32\avyfiywp.dll
2008-08-13 01:33 89,088 ----a-w C:\WINDOWS\system32\khyvmkan.dll
2008-08-12 01:31 89,088 ----a-w C:\WINDOWS\system32\ufavrghg.dll
2007-09-02 10:50 304,453 ----a-w C:\Documents and Settings\Owner\mcc.exe
2007-09-02 06:01 160,768 ----a-w C:\Documents and Settings\Owner\gotgo.exe

 

[rainshield]

+ 2004-09-29 22:31:17 134,912 -c--a-w C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ipnat.sys
+ 2004-10-14 18:34:51 7,168 -c--a-w C:\WINDOWS\$hf_mig$\KB886185\spmsg.dll
+ 2004-10-14 18:36:16 169,984 -c--a-w C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe
+ 2004-10-14 18:36:15 21,504 -c--a-w C:\WINDOWS\$hf_mig$\KB886185\update\spcustom.dll
+ 2004-10-14 18:34:52 654,848 -c--a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
+ 2004-10-13 16:21:24 1,694,208 -c--a-w C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
+ 2004-10-14 19:34:52 7,168 -c--a-w C:\WINDOWS\$hf_mig$\KB887472\spmsg.dll
+ 2004-10-14 19:36:18 169,984 -c--a-w C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe
+ 2004-10-14 19:36:16 21,504 -c--a-w C:\WINDOWS\$hf_mig$\KB887472\update\spcustom.dll
+ 2004-10-14 19:34:54 654,848 -c--a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
+ 2006-02-15 00:30:07 142,464 -c--a-w C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB900485\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB900485\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB900485\update\updspapi.dll
+ 2005-08-30 04:13:42 1,287,680 -c--a-w C:\WINDOWS\$hf_mig$\KB904706\SP2QFE\quartz.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB904706\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB904706\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB904706\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB904706\update\updspapi.dll
+ 2006-03-24 04:47:44 49,152 -c--a-w C:\WINDOWS\$hf_mig$\KB904942\SP2QFE\wdigest.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB904942\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB904942\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB904942\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB904942\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB904942\update\updspapi.dll
+ 2006-07-14 15:52:22 121,856 -c--a-w C:\WINDOWS\$hf_mig$\KB915865\SP2QFE\xmllite.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
+ 2005-10-12 23:12:33 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2006-03-17 01:08:10 262,656 -c--a-w C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys
+ 2005-10-12 23:16:49 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll
+ 2005-10-12 23:16:49 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe
+ 2005-10-12 23:16:49 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB916595\update\spcustom.dll
+ 2005-10-12 23:16:51 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
+ 2005-10-12 23:16:56 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB916595\update\updspapi.dll
+ 2006-11-27 15:17:10 539,136 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\msftedit.dll
+ 2006-11-27 15:17:10 433,664 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\riched20.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB918118\update\updspapi.dll
+ 2006-10-12 13:54:18 42,496 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdp2.dll
+ 2006-10-12 13:54:18 57,344 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdpv.dll
+ 2006-10-12 11:54:07 256,512 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe
+ 2006-10-16 10:29:15 248,320 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\xpsp3res.dll
+ 2005-10-12 23:16:49 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\spmsg.dll
+ 2005-10-12 23:16:49 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\spuninst.exe
+ 2005-10-12 23:16:49 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\update\spcustom.dll
+ 2005-10-12 23:16:51 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
+ 2005-10-12 23:16:56 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB920213\update\updspapi.dll
+ 2006-06-14 08:50:19 172,416 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys
+ 2006-06-14 08:50:19 6,272 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
+ 2006-06-14 09:17:04 82,944 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB920872\update\updspapi.dll
+ 2007-05-17 11:25:21 549,888 -c--a-w C:\WINDOWS\$hf_mig$\KB921503\SP2QFE\oleaut32.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB921503\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB921503\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB921503\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB921503\update\updspapi.dll
+ 2006-08-21 12:26:44 16,896 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltlib.dll
+ 2006-08-21 09:43:32 23,040 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe
+ 2006-08-21 09:43:32 128,768 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.sys
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
+ 2005-10-12 23:12:33 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB922582\update\updspapi.dll
+ 2006-10-13 12:41:38 64,000 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwapi32.dll
+ 2006-10-13 12:41:38 142,336 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
+ 2006-10-13 10:39:12 163,456 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwrdr.sys
+ 2006-10-13 12:41:38 65,536 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwwks.dll
+ 2005-10-12 23:16:49 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\spmsg.dll
+ 2005-10-12 23:16:49 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\spuninst.exe
+ 2005-10-12 23:16:49 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\update\spcustom.dll
+ 2005-10-12 23:16:51 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
+ 2005-10-12 23:16:56 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB923980\update\updspapi.dll
+ 2006-08-17 12:37:49 726,528 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\lsasrv.dll
+ 2006-08-17 12:37:49 337,408 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\netapi32.dll
+ 2006-08-17 12:37:49 132,096 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\wkssvc.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB924270\update\updspapi.dll
+ 2007-03-08 15:48:36 282,112 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\gdi32.dll
+ 2007-03-08 15:48:36 40,960 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\mf3216.dll
+ 2007-03-08 15:48:36 578,048 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
+ 2007-03-08 13:49:49 1,843,968 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\win32k.sys
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB925902\update\updspapi.dll
+ 2006-10-19 13:59:58 713,216 -c--a-w C:\WINDOWS\$hf_mig$\KB926255\SP2QFE\sxs.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB926255\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB926255\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB926255\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB926255\update\updspapi.dll
+ 2006-10-16 17:14:17 122,880 -c--a-w C:\WINDOWS\$hf_mig$\KB926436\SP2QFE\oledlg.dll
+ 2005-10-12 23:16:49 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB926436\spmsg.dll
+ 2005-10-12 23:16:49 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB926436\spuninst.exe
+ 2005-10-12 23:16:49 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB926436\update\spcustom.dll
+ 2005-10-12 23:16:51 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
+ 2005-10-12 23:16:56 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB926436\update\updspapi.dll
+ 2006-12-26 13:18:55 536,576 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msado15.dll
+ 2006-12-26 13:18:55 180,224 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msadomd.dll
+ 2006-12-26 13:18:55 200,704 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msadox.dll
+ 2006-12-26 13:18:55 102,400 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msjro.dll
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB927779\update\updspapi.dll
+ 2006-12-19 18:47:14 333,824 -c--a-w C:\WINDOWS\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB927802\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB927802\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB927802\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB927802\update\updspapi.dll
+ 2007-04-18 16:14:43 2,854,400 -c--a-w C:\WINDOWS\$hf_mig$\KB927891\SP2QFE\msi31.dll
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB927891\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB927891\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB927891\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB927891\update\updspapi.dll
+ 2006-12-19 21:50:10 8,458,752 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shell32.dll
+ 2006-12-19 21:50:10 135,168 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
+ 2006-12-19 16:10:56 248,320 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\xpsp3res.dll
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB928255\update\updspapi.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB928843\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB928843\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB928843\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB928843\update\updspapi.dll
+ 2007-05-16 15:32:55 86,528 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\directdb.dll
+ 2007-05-16 15:32:55 683,520 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\inetcomm.dll
+ 2007-05-16 15:32:56 1,314,816 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\msoe.dll
+ 2007-05-16 15:32:56 510,976 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\wab32.dll
+ 2007-05-16 15:32:56 85,504 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\wabimp.dll
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB929123\update\updspapi.dll
+ 2007-03-17 13:45:03 292,864 -c--a-w C:\WINDOWS\$hf_mig$\KB930178\SP2QFE\winsrv.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB930178\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB930178\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB930178\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB930178\update\updspapi.dll
+ 2007-02-09 11:23:36 574,976 -c--a-w C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB930916\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB930916\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB930916\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB930916\update\updspapi.dll
+ 2007-02-05 20:19:14 185,344 -c--a-w C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB931261\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB931261\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB931261\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB931261\update\updspapi.dll
+ 2007-02-28 09:53:04 2,137,600 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlmp.exe
+ 2007-02-28 09:15:56 2,059,392 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
+ 2007-02-28 09:15:59 2,017,280 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrpamp.exe
+ 2007-02-28 09:55:14 2,182,144 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB931784\update\updspapi.dll
+ 2007-03-09 13:58:57 57,344 -c--a-w C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\agentdpv.dll
+ 2007-03-09 11:28:00 248,320 -c--a-w C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\xpsp3res.dll
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB932168\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB932168\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB932168\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB932168\update\updspapi.dll
+ 2008-02-26 11:48:44 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-07-09 13:16:16 582,656 -c--a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\rpcrt4.dll
+ 2007-06-19 07:24:36 350,720 -c--a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\xpsp3res.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB933729\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB933729\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB933729\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
+ 2005-10-12 23:12:33 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB933729\update\updspapi.dll
+ 2007-04-16 16:07:27 986,112 -c--a-w C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB935839\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB935839\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB935839\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB935839\update\updspapi.dll
+ 2007-04-25 20:32:22 144,896 -c--a-w C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB935840\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB935840\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB935840\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB935840\update\updspapi.dll
+ 2007-06-26 06:06:12 1,104,896 -c--a-w C:\WINDOWS\$hf_mig$\KB936021\SP2QFE\msxml3.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB936021\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB936021\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB936021\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB936021\update\updspapi.dll
+ 2007-04-23 10:14:23 364,160 -c--a-w C:\WINDOWS\$hf_mig$\KB936357\SP2QFE\update.sys
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB936357\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB936357\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB936357\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB936357\update\updspapi.dll
+ 2007-07-12 23:28:55 765,952 -c--a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2007-06-26 15:16:01 851,968 -c--a-w C:\WINDOWS\$hf_mig$\KB938127\SP2QFE\vgx.dll
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB938127\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB938127\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB938127\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB938127\update\updspapi.dll
+ 2007-06-13 11:26:03 1,033,216 ----a-w C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
+ 2005-10-12 23:12:25 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB938828\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB938828\spuninst.exe
+ 2005-10-12 23:12:25 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB938828\update\spcustom.dll
+ 2005-10-12 23:12:29 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
+ 2005-10-12 23:12:34 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB938828\update\updspapi.dll
+ 2007-06-19 13:37:21 282,112 -c--a-w C:\WINDOWS\$hf_mig$\KB938829\SP2QFE\gdi32.dll
+ 2006-01-19 19:29:19 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB938829\spmsg.dll
+ 2006-01-19 19:29:19 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB938829\spuninst.exe
+ 2006-01-19 19:29:19 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB938829\update\spcustom.dll
+ 2006-01-19 19:29:19 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
+ 2006-01-19 19:29:19 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB938829\update\updspapi.dll
+ 2007-08-21 06:25:02 683,520 -c--a-w C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
+ 2007-10-29 22:35:13 1,287,680 -c--a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-30 16:53:32 360,832 -c--a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
+ 2008-03-19 09:40:27 1,845,888 -c--a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-10-10 23:47:27 124,928 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:47:27 214,528 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:47:27 132,608 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:47:27 63,488 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47 70,656 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:47:27 153,088 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:47:27 230,400 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20 161,792 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-07-01 03:31:33 2,455,488 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:47:27 383,488 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:47:27 388,096 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:47:27 6,067,200 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:47:27 44,544 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:47:27 267,776 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47 13,824 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56 625,664 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:47:28 27,648 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:47:28 459,264 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:47:28 52,224 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:48:49 3,593,216 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:47:28 478,208 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:47:28 193,024 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:47:28 671,232 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:47:28 102,912 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:47:28 105,984 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:47:29 1,162,240 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:47:29 233,472 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:47:29 825,344 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-06-30 20:22:56 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-10-11 05:57:29 1,024,000 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\browseui.dll
+ 2007-10-11 05:57:29 151,040 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\cdfview.dll
+ 2007-10-11 05:57:30 1,054,208 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\danim.dll
+ 2007-10-11 05:57:30 357,888 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\dxtmsft.dll
+ 2007-10-11 05:57:30 205,824 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\dxtrans.dll
+ 2007-10-11 05:57:30 55,808 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\extmgr.dll
+ 2007-10-10 10:48:23 18,432 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\iedw.exe
+ 2007-10-11 05:57:31 251,904 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\iepeers.dll
+ 2007-10-11 05:57:31 96,256 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\inseng.dll
+ 2007-10-11 05:57:31 16,384 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\jsproxy.dll
+ 2007-10-30 09:55:21 3,065,856 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mshtml.dll
+ 2007-10-11 05:57:36 449,024 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mshtmled.dll
+ 2007-10-11 05:57:36 146,432 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\msrating.dll
+ 2007-10-11 05:57:37 532,480 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mstime.dll
+ 2007-10-11 05:57:37 39,424 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\pngfilt.dll
+ 2007-10-11 05:57:39 1,498,112 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\shdocvw.dll
+ 2007-10-11 05:57:40 474,112 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\shlwapi.dll
+ 2007-10-11 05:57:40 617,984 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\urlmon.dll
+ 2007-10-11 05:57:41 666,112 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\wininet.dll
+ 2007-10-10 10:34:35 350,720 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\xpsp3res.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB942615\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 -c--a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-04 18:29:10 551,936 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-11-07 09:50:47 727,040 -c--a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-07 02:01:07 124,928 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:57:52 347,136 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 02:01:07 214,528 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 02:01:07 133,120 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 02:01:07 63,488 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 02:01:08 153,088 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 02:01:08 230,400 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-07-01 03:31:33 2,455,488 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 02:01:08 383,488 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 02:01:08 388,096 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 02:01:10 6,067,200 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 02:01:10 44,544 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 02:01:11 267,776 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 02:01:11 27,648 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 02:01:11 459,264 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 02:01:11 52,224 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 02:01:12 3,593,216 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 02:01:12 478,208 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 02:01:13 193,024 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 02:01:13 671,232 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 02:01:13 102,912 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:57:26 44,544 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 02:01:13 105,984 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 02:01:13 1,162,752 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 02:01:13 233,472 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 02:01:13 825,344 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 -c--a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2008-02-20 05:19:35 147,968 -c--a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:49:36 45,568 -c--a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-03-01 13:03:00 124,928 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 13:03:00 347,136 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 13:03:00 214,528 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 13:03:00 132,608 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 13:03:00 63,488 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 13:03:00 153,088 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 13:03:00 230,400 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 13:03:00 383,488 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 13:03:00 388,608 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 13:03:01 6,067,712 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 13:03:01 44,544 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 13:03:01 267,776 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 13:03:01 27,648 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 13:03:01 459,264 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 13:03:01 52,224 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 13:03:01 3,593,216 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 13:03:01 478,208 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 13:03:01 193,024 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 13:03:01 671,232 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 13:03:01 102,912 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 13:03:01 44,544 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 13:03:02 105,984 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 13:03:02 1,162,752 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 13:03:02 233,472 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 13:03:02 827,392 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-20 06:52:43 282,624 -c--a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:22:33 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:22:39 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:22:31 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:23:47 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll

 

[rainshield]

+ 2007-12-10 12:41:11 1,516,568 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-27 07:39:13 151,583 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-12-10 12:41:14 621,344 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:22:36 14,048 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:22:34 22,752 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:23:51 371,424 -c--a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-23 03:35:35 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 03:35:35 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 03:35:35 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 03:35:35 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 03:35:35 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 03:35:35 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 03:35:35 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 03:35:35 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 03:35:35 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 03:35:36 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 03:35:36 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 03:35:36 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 03:35:36 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 03:35:36 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 03:35:36 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 03:35:36 3,593,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 03:35:36 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 03:35:36 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 03:35:36 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 03:35:36 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 03:35:36 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 03:35:36 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 03:35:36 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 03:35:36 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 03:35:36 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-06-13 09:52:16 272,128 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-13 11:05:51 272,128 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-13 11:27:43 272,128 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 11:00:16 272,128 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 12:30:49 272,128 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 12:36:35 272,128 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2003-01-14 07:53:24 50,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\1394bus.sys
+ 2006-08-16 12:14:23 95,232 -c----w C:\WINDOWS\$NtServicePackUninstall$\6to4svc.dll
+ 2002-11-21 01:50:50 179,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe
+ 2003-02-20 05:15:36 1,821,696 -c----w C:\WINDOWS\$NtServicePackUninstall$\acgenral.dll
+ 2003-08-16 02:43:38 406,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclayers.dll
+ 2003-08-16 02:54:28 125,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclua.dll
+ 2003-08-16 02:54:36 107,008 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclui.dll
+ 2003-08-16 02:55:08 179,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
+ 2003-08-16 02:55:06 219,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\acspecfc.dll
+ 2003-08-16 02:54:30 181,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\activeds.dll
+ 2003-08-16 04:25:50 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe
+ 2003-08-16 04:25:44 98,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\actxprxy.dll
+ 2003-08-16 04:25:46 255,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\acverfyr.dll
+ 2003-08-16 04:25:50 107,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\acxtrnal.dll
+ 2002-05-15 03:08:54 20,540 -c----w C:\WINDOWS\$NtServicePackUninstall$\admin.dll
+ 2002-05-15 03:08:54 16,439 -c----w C:\WINDOWS\$NtServicePackUninstall$\admin.exe
+ 2003-08-16 04:26:04 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\admparse.dll
+ 2003-08-16 07:41:00 162,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsldp.dll
+ 2003-08-16 07:40:44 139,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsldpc.dll
+ 2003-08-16 07:40:36 62,464 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsmsext.dll
+ 2003-08-16 07:41:00 239,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsnt.dll
+ 2003-08-16 07:40:54 558,080 -c----w C:\WINDOWS\$NtServicePackUninstall$\advapi32.dll
+ 2003-08-16 07:40:58 91,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\advpack.dll
+ 2002-08-29 06:16:38 142,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\aec.sys
+ 2003-08-16 07:40:56 131,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\afd.sys
+ 2003-08-16 07:40:50 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentanm.dll
+ 2003-08-16 08:27:10 204,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentctl.dll
+ 2003-08-16 08:27:16 35,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentdp2.dll
+ 2003-08-16 08:27:04 44,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentmpx.dll
+ 2003-08-16 08:27:06 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentpsh.dll
+ 2003-08-16 08:27:04 39,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentsr.dll
+ 2003-08-16 08:27:24 235,008 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe
+ 2001-08-18 04:58:00 25,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
+ 2003-08-16 01:52:20 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\agtintl.dll
+ 2003-08-16 01:53:10 91,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\ahui.exe
+ 2003-08-16 01:54:06 41,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\alg.exe
+ 2003-08-16 01:54:06 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\alrsvc.dll
+ 2003-08-16 09:37:54 32,000 -c----w C:\WINDOWS\$NtServicePackUninstall$\amdk6.sys
+ 2003-08-16 09:37:54 32,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\amdk7.sys
+ 2002-12-12 15:14:32 64,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\amstream.dll
+ 2003-08-16 01:56:20 115,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\apphelp.dll
+ 2003-08-16 09:37:54 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\arp1394.sys
+ 2002-12-12 06:16:58 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\asferror.dll
+ 2003-08-16 02:03:08 14,366 -c----w C:\WINDOWS\$NtServicePackUninstall$\asfsipc.dll
+ 2003-08-16 02:03:02 77,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\asycfilt.dll
+ 2003-08-16 02:03:00 13,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\asyncmac.sys
+ 2003-08-16 02:03:00 22,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\at.exe
+ 2002-10-24 22:59:48 87,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
+ 2003-08-16 02:07:30 74,810 -c----w C:\WINDOWS\$NtServicePackUninstall$\atl.dll
+ 2003-08-16 02:11:10 10,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe
+ 2003-08-16 02:11:28 57,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmarpc.sys
+ 2003-08-16 02:11:16 272,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmfd.dll
+ 2003-08-16 02:11:10 53,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmlane.sys
+ 2003-08-16 02:11:10 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmlib.dll
+ 2003-08-16 02:11:08 38,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\audiosrv.dll
+ 2002-05-15 03:08:54 20,540 -c----w C:\WINDOWS\$NtServicePackUninstall$\author.dll
+ 2002-05-15 03:08:54 16,439 -c----w C:\WINDOWS\$NtServicePackUninstall$\author.exe
+ 2005-03-02 18:20:03 53,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\authz.dll
+ 2003-08-16 09:27:44 565,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
+ 2003-08-16 02:27:42 578,560 -c----w C:\WINDOWS\$NtServicePackUninstall$\autoconv.exe
+ 2003-08-16 09:28:00 558,592 -c----w C:\WINDOWS\$NtServicePackUninstall$\autofmt.exe
+ 2003-08-16 02:27:04 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\autolfn.exe
+ 2003-08-16 02:27:06 76,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\avifil32.dll
+ 2003-08-16 02:54:22 44,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\basesrv.dll
+ 2003-08-16 02:54:28 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\batmeter.dll
+ 2003-08-16 02:54:22 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\batt.dll
+ 2003-02-18 01:16:26 11,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\bdasup.sys
+ 2003-08-16 04:25:38 14,848 -c----w C:\WINDOWS\$NtServicePackUninstall$\bidispl.dll
+ 2004-07-01 22:08:18 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\bitsprx2.dll
+ 2004-07-01 22:08:18 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\bitsprx3.dll
+ 2002-12-12 09:09:20 232,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\blackbox.dll
+ 2003-08-16 08:27:30 68,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\bridge.sys
+ 2003-08-16 09:15:34 62,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\browselc.dll
+ 2003-08-16 09:15:36 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\browser.dll
+ 2006-09-04 06:23:53 1,027,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\browseui.dll
+ 2003-08-16 09:16:02 71,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\browsewm.dll
+ 2003-08-16 08:52:26 59,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\cabinet.dll
+ 2003-08-16 01:51:58 80,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\cabview.dll
+ 2004-03-30 01:48:36 364,544 -c----w C:\WINDOWS\$NtServicePackUninstall$\callcont.dll
+ 2003-08-16 01:54:22 45,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\camocx.dll
+ 2005-07-26 04:30:34 220,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrv.dll
+ 2003-08-16 01:54:04 85,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrvps.dll
+ 2005-07-26 04:30:38 581,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrvut.dll
+ 2003-02-18 01:16:26 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\ccdecode.sys
+ 2003-08-16 01:56:22 59,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdfs.sys
+ 2004-12-08 02:43:02 143,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdfview.dll
+ 2005-09-10 02:04:32 2,025,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdosys.dll
+ 2003-08-16 01:56:18 47,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
+ 2003-08-16 01:56:40 186,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\certcli.dll
+ 2003-08-16 01:58:20 436,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\certmgr.dll
+ 2002-11-27 10:03:32 159,232 -c----w C:\WINDOWS\$NtServicePackUninstall$\cewmdm.dll
+ 2003-08-16 02:00:20 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgbkend.dll
+ 2003-08-16 02:00:24 16,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgmgr32.dll
+ 2002-05-15 03:08:54 188,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe
+ 2003-08-16 02:07:52 1,267,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\cimwin32.dll
+ 2006-06-22 05:19:48 64,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\ciodm.dll
+ 2003-08-16 02:07:28 5,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe
+ 2003-08-16 02:11:08 46,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\classpnp.sys
+ 2005-07-26 04:30:38 110,080 -c----w C:\WINDOWS\$NtServicePackUninstall$\clbcatex.dll
+ 2005-07-26 04:30:41 497,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\clbcatq.dll
+ 2003-08-16 02:11:08 61,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe
+ 2003-08-16 02:11:26 127,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\cliconfg.dll
+ 2003-08-16 02:11:08 45,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe
+ 2003-08-16 02:26:58 98,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe
+ 2003-08-16 02:26:54 30,720 -c----w C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe
+ 2003-08-16 02:27:12 54,272 -c----w C:\WINDOWS\$NtServicePackUninstall$\clusapi.dll
+ 2003-08-16 02:27:10 12,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmcfg32.dll
+ 2003-08-16 02:26:56 375,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmd.exe
+ 2003-08-16 02:26:56 324,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmdial32.dll
+ 2003-08-16 02:27:10 41,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe
+ 2003-08-16 02:44:02 35,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe
+ 2003-08-16 02:42:52 174,592 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmprops.dll
+ 2003-08-16 02:42:42 54,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe
+ 2003-08-16 02:42:38 36,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmutil.dll
+ 2003-08-16 10:22:58 45,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\cnbjmon.dll
+ 2005-07-26 04:30:41 62,464 -c----w C:\WINDOWS\$NtServicePackUninstall$\colbact.dll
+ 2005-07-26 04:30:42 187,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\comadmin.dll
+ 2006-08-25 15:53:55 561,664 -c----w C:\WINDOWS\$NtServicePackUninstall$\comctl32.dll
+ 2003-08-16 02:54:22 258,048 -c----w C:\WINDOWS\$NtServicePackUninstall$\comdlg32.dll
+ 2003-08-16 04:24:06 238,592 -c----w C:\WINDOWS\$NtServicePackUninstall$\compatui.dll
+ 2003-08-16 04:24:04 222,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\compstui.dll
+ 2003-08-16 07:40:24 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe
+ 2003-08-16 07:40:54 792,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\comres.dll
+ 2005-07-26 04:30:49 1,179,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\comsvcs.dll
+ 2005-07-26 04:31:11 499,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\comuid.dll
+ 2003-08-16 07:40:48 995,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\conf.exe
+ 2003-08-16 07:40:18 45,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\confmrsl.dll
+ 2003-08-16 08:27:10 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\conime.exe
+ 2003-08-16 09:15:20 14,877 -c----w C:\WINDOWS\$NtServicePackUninstall$\corpol.dll
+ 2003-08-16 03:57:56 57,400 -c----w C:\WINDOWS\$NtServicePackUninstall$\cplexe.exe
+ 2003-08-16 01:51:58 158,720 -c----w C:\WINDOWS\$NtServicePackUninstall$\credui.dll
+ 2003-08-16 09:37:54 31,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\crusoe.sys
+ 2002-09-24 05:10:26 544,256 -c----w C:\WINDOWS\$NtServicePackUninstall$\crypt32.dll
+ 2003-08-16 01:51:56 70,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptdlg.dll
+ 2003-08-16 01:51:58 29,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptdll.dll
+ 2003-08-16 01:54:20 48,640 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptext.dll
+ 2003-08-16 01:54:02 53,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptnet.dll
+ 2003-03-26 07:40:14 53,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
+ 2003-07-25 07:40:22 477,696 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptui.dll
+ 2004-10-28 01:29:54 92,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscdll.dll
+ 2003-08-16 01:54:00 102,450 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscript.exe
+ 2003-08-16 01:54:18 307,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscui.dll
+ 2003-08-16 01:54:00 29,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\csrsrv.dll
+ 2003-08-16 01:54:00 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
+ 2003-08-16 01:54:00 13,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe
+ 2002-07-07 09:01:46 114,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\custsat.dll
+ 2002-12-12 15:14:32 1,177,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d8.dll
+ 2002-12-12 15:14:32 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d8thk.dll
+ 2003-05-31 00:00:02 1,634,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d9.dll
+ 2003-05-31 00:00:02 797,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3dim700.dll
+ 2003-08-16 02:55:34 557,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\dao360.dll
+ 2003-08-16 02:53:46 51,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\dataclen.dll
+ 2003-08-16 02:53:46 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\davclnt.dll
+ 2003-08-16 09:54:52 489,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbghelp.dll
+ 2003-08-16 02:53:44 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbmsrpcn.dll
+ 2003-10-28 11:12:42 61,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbnetlib.dll
+ 2003-08-16 02:53:42 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbnmpntw.dll
+ 2003-08-16 04:23:34 1,740 -c----w C:\WINDOWS\$NtServicePackUninstall$\dcache.bin
+ 2003-08-16 04:23:34 40,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\dcap32.dll
+ 2003-08-16 04:23:52 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\dciman32.dll
+ 2003-08-16 04:23:30 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe
+ 2002-12-12 15:14:32 284,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll
+ 2002-12-12 15:14:32 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddrawex.dll
+ 2003-08-16 04:23:46 70,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\defrag.exe
+ 2003-05-31 00:00:02 132,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\devenum.dll
+ 2003-08-16 07:40:08 263,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\devmgr.dll
+ 2003-08-16 07:40:04 76,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe
+ 2003-08-16 08:26:50 99,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe
+ 2003-08-16 08:27:00 35,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgsnap.dll
+ 2003-08-16 08:27:00 113,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgui.dll
+ 2003-08-16 08:27:00 25,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfsshlex.dll
+ 2003-08-16 08:27:00 103,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\dgnet.dll
+ 2006-05-19 12:15:32 103,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\dhcpcsvc.dll
+ 2003-08-16 09:15:16 522,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\dialer.exe
+ 2003-08-16 09:15:34 79,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\diantz.exe
+ 2003-08-16 09:15:30 55,296 -c----w C:\WINDOWS\$NtServicePackUninstall$\digest.dll
+ 2003-08-16 01:50:22 151,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\dinput.dll
+ 2003-08-16 01:50:28 168,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\dinput8.dll
+ 2006-02-27 21:31:38 75,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\directdb.dll
+ 2003-08-16 01:50:02 33,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\disk.sys
+ 2003-08-16 01:51:56 13,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\diskdump.sys
+ 2003-08-16 01:51:58 145,920 -c----w C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe
+ 2003-08-16 01:54:02 294,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\dlimport.exe
+ 2003-08-16 01:53:58 4,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe
+ 2003-08-16 01:54:04 204,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe
+ 2002-12-12 15:14:32 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmband.dll
+ 2003-08-16 01:54:02 780,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmboot.sys
+ 2002-12-12 15:14:32 58,368 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmcompos.dll
+ 2003-08-16 01:53:58 184,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmdskmgr.dll
+ 2002-12-12 15:14:32 171,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmime.dll
+ 2003-08-16 01:53:58 146,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmio.sys
+ 2002-12-12 15:14:32 33,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmloader.dll
+ 2003-08-16 01:56:14 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe
+ 2002-12-12 15:14:32 76,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmscript.dll
+ 2003-08-16 01:56:12 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmserver.dll
+ 2002-12-12 15:14:32 98,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmstyle.dll
+ 2002-12-12 15:14:32 100,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmsynth.dll
+ 2002-12-12 15:14:32 116,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmusic.dll
+ 2001-08-17 20:59:58 50,048 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmusic.sys
+ 2003-08-16 10:22:58 50,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmutil.dll
+ 2006-06-26 17:47:50 140,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\dnsapi.dll
+ 2003-08-16 01:56:10 44,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\dnsrslvr.dll
+ 2003-08-16 01:56:10 45,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\docprop2.dll
+ 2003-08-16 01:58:08 53,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\dosx.exe
+ 2003-08-16 01:58:06 115,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpcdll.dll
+ 2002-12-12 15:14:32 28,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe
+ 2002-12-12 15:14:32 217,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\dplayx.dll
+ 2002-12-12 15:14:32 77,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpmodemx.dll
+ 2002-12-12 15:14:32 3,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnaddr.dll
+ 2002-12-12 15:14:32 723,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnet.dll
+ 2003-03-25 00:00:02 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnhpast.dll
+ 2003-03-25 00:00:02 68,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnhupnp.dll
+ 2002-12-12 15:14:32 3,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnlobby.dll
+ 2002-12-12 15:14:32 16,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe
+ 2002-12-12 15:14:32 19,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvacm.dll
+ 2002-12-12 15:14:32 381,952 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvoice.dll
+ 2002-12-12 15:14:32 80,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe
+ 2002-12-12 15:14:32 112,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvvox.dll
+ 2002-12-12 15:14:32 76,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpwsockx.dll
+ 2002-12-12 09:50:18 301,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmclien.dll
+ 2002-08-29 09:32:34 57,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmk.sys
+ 2002-08-29 08:32:34 2,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys
+ 2002-12-12 08:34:42 82,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmstor.dll
+ 2002-12-12 09:09:22 678,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmv2clt.dll
+ 2003-08-16 02:02:54 11,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\drprov.dll
+ 2003-08-16 02:04:52 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\ds32gt.dll
+ 2002-12-12 15:14:32 186,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsdmo.dll
+ 2002-12-12 15:14:32 491,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsdmoprp.dll
+ 2003-08-16 02:04:58 84,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\dskquota.dll
+ 2002-12-12 15:14:32 355,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsound.dll
+ 2002-12-12 15:14:32 1,294,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsound3d.dll
+ 2003-08-16 02:07:22 135,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsprop.dll
+ 2003-08-16 02:07:20 3,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsprpres.dll
+ 2003-08-16 02:07:22 227,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsquery.dll
+ 2003-08-16 02:07:20 47,104 -c----w C:\WINDOWS\$NtServicePackUninstall$\dssec.dll
+ 2003-08-16 02:07:46 124,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\dssenh.dll
+ 2003-08-16 02:07:22 106,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsuiext.dll
+ 2002-12-12 15:14:32 18,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\dswave.dll
+ 2003-08-16 02:11:02 9,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe
+ 2003-08-16 02:11:36 263,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\duser.dll
+ 2003-08-16 02:11:02 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe
+ 2003-08-16 02:11:06 180,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe
+ 2002-12-12 15:14:32 602,624 -c----w C:\WINDOWS\$NtServicePackUninstall$\dx7vb.dll
+ 2003-05-31 00:00:02 1,189,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\dx8vb.dll
+ 2003-05-31 00:00:02 937,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe
+ 2003-05-31 00:00:02 1,675,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxdiagn.dll
+ 2003-08-16 02:26:10 68,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxg.sys
+ 2003-08-16 02:26:24 498,205 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxmasf.dll
+ 2003-08-16 02:27:12 802,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxmrtp.dll
+ 2006-06-09 22:35:50 351,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxtmsft.dll
+ 2006-06-09 22:35:30 192,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxtrans.dll
+ 2003-08-16 02:53:42 165,376 -c----w C:\WINDOWS\$NtServicePackUninstall$\els.dll
+ 2002-12-12 15:14:32 18,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\encapi.dll
+ 2002-11-26 21:15:52 166,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\encdec.dll
+ 2003-08-16 02:53:36 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\ersvc.dll
+ 2005-07-26 04:31:12 227,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\es.dll
+ 2005-10-20 22:33:08 991,232 -c----w C:\WINDOWS\$NtServicePackUninstall$\esent.dll
+ 2003-08-16 04:23:36 235,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\esscli.dll
+ 2003-08-16 04:23:08 178,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe
+ 2003-08-16 07:40:02 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
+ 2003-08-16 07:39:58 96,256 -c----w C:\WINDOWS\$NtServicePackUninstall$\evntagnt.dll
+ 2003-08-16 07:39:52 22,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe
+ 2003-08-16 07:39:50 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\evntrprv.dll
+ 2003-08-16 07:40:20 84,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe
+ 2003-08-16 08:26:42 1,004,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
+ 2003-08-16 08:26:36 380,445 -c----w C:\WINDOWS\$NtServicePackUninstall$\expsrv.dll
+ 2003-08-16 08:26:18 40,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe
+ 2003-08-16 09:15:36 145,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
+ 2003-08-16 09:15:46 565,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\fastprox.dll
+ 2003-08-16 09:15:02 66,560 -c----w C:\WINDOWS\$NtServicePackUninstall$\faultrep.dll
+ 2003-08-16 09:15:24 26,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\fdc.sys
+ 2003-08-16 09:15:18 18,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\feclient.dll
+ 2003-08-16 01:50:00 323,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\filemgmt.dll
+ 2003-08-16 01:50:20 25,088 -c----w C:\WINDOWS\$NtServicePackUninstall$\findstr.exe
+ 2004-08-20 22:01:15 82,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\fldrclnr.dll
+ 2003-08-16 01:52:14 19,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\flpydisk.sys
+ 2003-08-16 01:52:28 361,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\fontext.dll
+ 2003-08-16 01:53:56 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\fontview.exe
+ 2003-08-16 01:53:54 32,828 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp40ext.dll
+ 2002-05-15 03:08:54 184,435 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4amsft.dll
+ 2002-05-15 03:08:54 82,035 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4anscp.dll
+ 2002-05-15 03:08:54 147,513 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4apws.dll
+ 2002-05-15 03:08:54 127,034 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4areg.dll
+ 2002-05-15 03:08:54 102,509 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4atxt.dll
+ 2002-05-15 03:08:54 618,605 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4autl.dll
+ 2002-05-15 03:08:54 41,020 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4avnb.dll
+ 2002-05-15 03:08:54 32,826 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4avss.dll
+ 2002-05-15 03:08:54 49,212 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4awebs.dll
+ 2002-05-15 03:08:54 872,557 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp4awel.dll
+ 2002-05-15 03:08:54 14,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp98sadm.exe
+ 2002-05-15 03:08:54 109,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe
+ 2002-05-15 03:08:54 24,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe
+ 2002-05-15 03:08:54 20,541 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpadmdll.dll
+ 2002-05-15 03:08:54 188,494 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe
+ 2002-05-15 03:08:54 94,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpencode.dll
+ 2002-05-15 03:08:54 20,541 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpexedll.dll
+ 2002-05-15 03:08:54 598,071 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpmmc.dll
+ 2002-05-15 03:08:56 208,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpmmcsat.dll
+ 2002-05-15 03:08:54 20,538 -c----w C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe
+ 2003-08-16 01:54:00 8,832 -c----w C:\WINDOWS\$NtServicePackUninstall$\framebuf.dll
+ 2003-08-16 01:54:02 174,592 -c----w C:\WINDOWS\$NtServicePackUninstall$\framedyn.dll
+ 2003-08-16 01:56:08 40,448 -c----w C:\WINDOWS\$NtServicePackUninstall$\ftp.exe
+ 2003-08-16 01:58:26 443,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsapi.dll
+ 2003-08-16 01:58:04 130,048 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe
+ 2003-08-16 01:58:06 68,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxscom.dll
+ 2003-08-16 01:58:22 271,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxscomex.dll
+ 2003-08-16 01:58:04 216,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe
+ 2003-08-16 01:58:02 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsdrv.dll
+ 2003-08-16 01:58:02 53,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsevent.dll
+ 2003-08-16 01:58:02 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsext32.dll
+ 2003-08-16 02:00:06 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsmon.dll
+ 2003-08-16 02:00:30 122,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsocm.dll
+ 2003-08-16 02:00:04 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsperf.dll
+ 2003-08-16 02:00:04 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsres.dll
+ 2003-08-16 02:00:28 559,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsst.dll
+ 2003-08-16 02:00:34 250,368 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe
+ 2003-08-16 02:00:34 236,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxst30.dll
+ 2003-08-16 02:00:18 391,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxstiff.dll
+ 2003-08-16 02:00:08 149,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsui.dll
+ 2003-08-16 02:00:12 185,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxswzrd.dll
+ 2003-08-16 02:00:26 395,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\fxsxp32.dll
+ 2006-01-02 22:38:03 260,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\gdi32.dll
+ 2003-08-16 02:04:52 116,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\glu32.dll
+ 2003-08-16 02:07:18 9,728 -c----w C:\WINDOWS\$NtServicePackUninstall$\gpkrsrc.dll
+ 2003-08-16 02:11:00 37,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe
+ 2003-08-16 02:10:56 114,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\guitrn.dll
+ 2003-08-16 02:10:56 100,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\guitrn_a.dll
+ 2003-08-16 02:10:56 53,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\h323cc.dll
+ 2004-03-30 01:48:36 593,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\h323msp.dll
+ 2003-08-16 09:37:54 127,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\hal.dll
+ 2002-08-29 10:40:56 5,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\hccoin.dll
+ 2004-03-30 01:34:15 741,376 -c----w C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe
+ 2003-08-16 02:53:38 703,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe
+ 2005-05-25 22:44:31 10,752 -c----w C:\WINDOWS\$NtServicePackUninstall$\hh.exe
+ 2005-05-27 01:59:52 38,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\hhsetup.dll
+ 2003-08-16 10:22:58 22,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\hid.dll
+ 2003-08-16 04:22:52 34,560 -c----w C:\WINDOWS\$NtServicePackUninstall$\hidclass.sys
+ 2003-08-16 04:22:52 23,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\hidparse.sys
+ 2003-08-16 07:40:04 36,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\hmmapi.dll
+ 2003-08-16 07:40:10 240,640 -c----w C:\WINDOWS\$NtServicePackUninstall$\hnetcfg.dll
+ 2003-08-16 07:39:52 315,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\hnetwiz.dll
+ 2003-08-16 08:26:10 35,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\hostmib.dll
+ 2003-08-16 08:26:36 137,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\hotplug.dll
+ 2003-08-16 01:49:58 8,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe
+ 2003-08-16 01:49:58 39,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\htui.dll
+ 2004-11-17 17:57:01 493,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\hypertrm.dll
+ 2002-08-29 09:06:38 51,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys
+ 2003-08-16 01:53:56 116,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\iasrad.dll
+ 2003-08-16 01:56:32 9,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\icaapi.dll
+ 2003-08-16 01:56:30 110,592 -c----w C:\WINDOWS\$NtServicePackUninstall$\iccvid.dll
+ 2005-06-29 01:54:58 237,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\icm32.dll
+ 2003-08-16 01:56:10 3,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\icmp.dll
+ 2003-08-16 01:56:04 3,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\iconlib.dll
+ 2003-08-16 01:58:02 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwconn.dll
+ 2003-08-16 01:58:02 208,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe
+ 2003-08-16 01:58:02 77,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe
+ 2003-08-16 01:58:02 69,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwdial.dll
+ 2003-08-16 01:58:00 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwdl.dll
+ 2003-08-16 01:58:04 155,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwhelp.dll
+ 2003-08-16 01:58:04 61,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwphbk.dll
+ 2003-08-16 01:58:06 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe

 

[katana]

Step 1

XXXX
Custom CFScript

• Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
  
  

  http://forums.spybot.info/showthread.php?p=249201#post249201
  Comment:: Files from Katana
  Collect::[4]
  C:\WINDOWS\system32\avyfiywp.dll
  C:\WINDOWS\system32\ufavrghg.dll
  C:\WINDOWS\system32\saapslaw.dll
  C:\WINDOWS\system32\wsxinxak.dll
  C:\WINDOWS\system32\prun.exe
  C:\Documents and Settings\Owner\mcc.exe
  C:\Documents and Settings\Owner\gotgo.exe
  
  DirLook::
  C:\WINDOWS\system32\EV19
  File::
  C:\WINDOWS\system32\knsasu.dll
  C:\WINDOWS\system32\dhxdqkjj.dll
  C:\WINDOWS\system32\gayywavw.dll
  C:\WINDOWS\system32\khyvmkan.dll

• Save this as CFScript.txt and place it on your desktop.
  
  
  
  
  
  
  
• Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
• ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
• When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.
• A window will open asking you to ensure you are connected to the internet, this is so a file can be submitted for analysis.
• Click OK and follow the instructions to submit the file.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

----------------------------------------------------------- -----------------------------------------------------------
Step 2

Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- This scan is best done from IE (Internet Explorer)
NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Go Here http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html

Read the Requirements and limitations before you click Accept.
Once the database has downloaded, click My Computer in the left pane
Now go and put the kettle on !
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.


**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


----------------------------------------------------------- -----------------------------------------------------------
Step 3

Logs/Information to Post in Reply
Please post the following logs/Information in your reply

• ComboFix Log
• Kaspersky Log
• How are things running now ?

 

[rainshield]

+ 2003-08-16 02:00:22 45,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\icwutil.dll
+ 2003-08-16 02:00:26 113,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\idq.dll
+ 2003-08-16 02:00:04 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\ie4uinit.exe
+ 2003-08-16 02:00:26 126,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\ieakeng.dll
+ 2003-08-16 02:00:30 204,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\ieaksie.dll
+ 2003-08-16 02:00:14 294,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\iedkcs32.dll
+ 2006-02-24 23:24:42 236,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\iepeers.dll
+ 2003-08-16 02:03:38 23,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\iernonce.dll
+ 2003-08-16 02:02:56 59,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\iesetup.dll
+ 2003-08-16 02:06:40 91,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe
+ 2003-08-16 02:04:52 99,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe
+ 2003-08-16 02:05:14 125,952 -c----w C:\WINDOWS\$NtServicePackUninstall$\ifmon.dll
+ 2003-08-16 02:04:48 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\igmpagnt.dll
+ 2003-08-16 02:04:54 468,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\iis.dll
+ 2003-08-16 02:04:48 73,728 -c----w C:\WINDOWS\$NtServicePackUninstall$\ils.dll
+ 2003-08-16 09:05:02 126,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\imagehlp.dll
+ 2003-08-16 02:04:48 123,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\imapi.exe
+ 2003-08-16 02:04:48 39,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\imapi.sys
+ 2003-08-16 07:25:50 99,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\imekrcic.dll
+ 2003-08-16 07:26:30 80,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\imekrmbx.dll
+ 2003-08-16 02:04:46 36,922 -c----w C:\WINDOWS\$NtServicePackUninstall$\imeshare.dll
+ 2003-08-16 02:04:46 30,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\imgutil.dll
+ 2003-08-16 08:18:04 360,494 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpcic.dll
+ 2003-08-16 08:17:58 716,857 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpcus.dll
+ 2003-08-16 08:17:58 81,977 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpdct.dll
+ 2003-08-16 08:17:58 307,258 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpdct.exe
+ 2003-08-16 08:17:26 155,706 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpdsvr.exe
+ 2003-08-16 08:17:58 196,666 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpinst.exe
+ 2003-08-16 08:57:58 208,953 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjpmig.exe
+ 2003-08-16 08:58:00 233,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjprw.exe
+ 2003-08-16 08:58:10 262,201 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjputy.exe
+ 2003-08-16 02:23:58 274,490 -c----w C:\WINDOWS\$NtServicePackUninstall$\imjputyc.dll
+ 2003-08-16 02:07:16 103,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\imm32.dll
+ 2003-08-16 02:07:48 266,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetcfg.dll
+ 2006-02-27 21:31:54 596,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetcomm.dll
+ 2006-08-16 12:14:23 31,232 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetmib1.dll
+ 2003-08-16 02:07:14 68,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetpp.dll
+ 2003-08-16 02:07:30 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetppui.dll
+ 2006-02-27 21:31:50 47,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetres.dll
+ 2003-08-16 02:10:54 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe
+ 2003-08-16 02:10:54 144,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\initpki.dll
+ 2003-08-16 02:10:56 114,176 -c----w C:\WINDOWS\$NtServicePackUninstall$\input.dll
+ 2004-08-26 18:53:48 69,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\inseng.dll
+ 2003-08-16 02:24:42 4,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\intelide.sys
+ 2003-08-16 02:23:54 51,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe
+ 2006-08-16 12:14:23 83,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\iphlpapi.dll
+ 2003-08-16 02:23:34 19,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipinip.sys
+ 2003-08-16 02:42:30 79,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipnat.sys
+ 2004-03-30 01:48:36 439,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipnathlp.dll
+ 2003-08-16 02:42:00 318,464 -c----w C:\WINDOWS\$NtServicePackUninstall$\ippromon.dll
+ 2003-08-16 02:53:16 33,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\iprip.dll
+ 2006-05-13 10:13:31 74,368 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys
+ 2006-05-14 09:13:41 334,848 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipsecsnp.dll
+ 2006-05-14 09:13:41 159,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipsecsvc.dll
+ 2006-05-14 09:13:41 364,544 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipsmsnap.dll
+ 2006-08-16 09:28:55 48,640 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe
+ 2006-08-16 12:14:23 54,272 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipv6mon.dll
+ 2003-08-16 07:40:02 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe
+ 2002-11-15 03:58:02 120,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir41_qc.dll
+ 2002-11-15 03:58:02 338,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir41_qcx.dll
+ 2002-11-15 03:58:02 755,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir50_32.dll
+ 2002-11-15 03:58:04 200,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir50_qc.dll
+ 2002-11-15 03:58:04 183,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\ir50_qcx.dll
+ 2003-08-16 07:39:40 10,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\irenum.sys
+ 2003-08-16 08:26:26 77,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\isign32.dll
+ 2003-08-16 09:14:46 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\isrdbg32.dll
+ 2005-05-27 01:59:52 143,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\itircl.dll
+ 2005-05-27 01:59:52 128,000 -c----w C:\WINDOWS\$NtServicePackUninstall$\itss.dll
+ 2003-08-16 09:14:46 91,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\iuctl.dll
+ 2003-08-26 01:06:50 182,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\iuengine.dll
+ 2003-08-16 09:15:02 49,664 -c----w C:\WINDOWS\$NtServicePackUninstall$\ixsso.dll
+ 2003-08-16 10:22:58 45,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\iyuv_32.dll
+ 2006-04-28 18:58:48 12,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\jsproxy.dll
+ 2002-08-29 08:27:02 23,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys
+ 2003-08-16 02:07:08 7,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\kd1394.dll
+ 2005-06-15 17:50:24 285,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\kerberos.dll
+ 2006-07-05 10:46:36 928,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll
+ 2003-08-16 02:10:50 146,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\keymgr.dll
+ 2002-08-29 08:32:30 159,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\kmixer.sys
+ 2003-08-16 02:10:54 92,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\krnl386.exe
+ 2003-08-16 02:10:54 23,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\krnlprov.dll
+ 2002-12-12 15:14:32 130,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\ks.sys
+ 2003-08-16 09:24:06 79,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\ksecdd.sys
+ 2002-12-12 15:14:32 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\ksuser.dll
+ 2002-12-12 06:16:58 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\laprxy.dll
+ 2003-08-16 04:22:30 367,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\licdll.dll
+ 2003-08-16 04:22:52 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\licmgr10.dll
+ 2003-08-16 04:21:54 57,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\licwmi.dll
+ 2005-09-01 01:49:29 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\linkinfo.dll
+ 2003-08-16 04:22:06 12,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\lmhsvc.dll
+ 2003-08-16 04:22:44 29,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\lmmib2.dll
+ 2003-08-16 04:22:14 381,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\lmrt.dll
+ 2003-08-16 07:39:28 91,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\loadperf.dll
+ 2003-08-16 07:39:36 202,752 -c----w C:\WINDOWS\$NtServicePackUninstall$\localsec.dll
+ 2003-08-16 07:39:38 295,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\localspl.dll
+ 2003-08-16 07:39:26 10,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\localui.dll
+ 2002-12-04 08:50:10 68,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\locator.exe
+ 2003-08-16 07:39:36 17,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\log.dll
+ 2002-12-12 06:04:20 81,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\logagent.exe
+ 2003-08-16 08:26:02 219,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\logon.scr
+ 2003-08-16 08:26:02 504,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\logonui.exe
+ 2003-08-16 08:25:56 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\lpdsvc.dll
+ 2003-08-16 08:25:54 18,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\lpk.dll
+ 2003-08-16 08:26:14 8,704 -c----w C:\WINDOWS\$NtServicePackUninstall$\lprhelp.dll
+ 2003-08-16 08:25:54 17,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\lprmon.dll
+ 2004-10-28 01:29:54 681,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\lsasrv.dll
+ 2003-08-16 08:25:50 11,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
+ 2002-11-21 01:50:52 67,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\magnify.exe
+ 2003-08-16 01:49:52 79,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\makecab.exe
+ 2003-08-16 01:51:46 12,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\mcastmib.dll
+ 2003-08-16 01:52:04 80,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\mciavi32.dll
+ 2002-12-12 15:14:32 34,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\mciqtz32.dll
+ 2003-08-16 01:53:48 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\mciseq.dll
+ 2003-08-16 01:53:46 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\mciwave.dll
+ 2003-08-16 02:04:44 108,544 -c----w C:\WINDOWS\$NtServicePackUninstall$\mdminst.dll
+ 2003-08-16 10:22:58 62,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\mf.sys
+ 2004-03-30 01:48:36 36,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\mf3216.dll
+ 2003-08-16 07:39:42 995,383 -c----w C:\WINDOWS\$NtServicePackUninstall$\mfc42.dll
+ 2003-08-16 07:40:08 995,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\mfc42u.dll
+ 2003-08-16 08:25:54 20,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\mfcsubs.dll
+ 2003-08-16 08:25:48 12,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\mgmtapi.dll
+ 2003-08-16 09:14:24 17,920 -c----w C:\WINDOWS\$NtServicePackUninstall$\midimap.dll
+ 2003-08-16 09:14:32 179,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\migism.dll
+ 2003-08-16 09:14:30 170,496 -c----w C:\WINDOWS\$NtServicePackUninstall$\migism_a.dll
+ 2003-08-16 09:14:28 56,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\miglibnt.dll
+ 2003-08-16 09:14:32 98,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\migload.exe
+ 2002-12-12 06:08:46 782,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\migrate.exe
+ 2005-07-22 23:03:37 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe
+ 2002-11-21 02:22:36 230,400 -c----w C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe
+ 2003-08-16 01:49:52 226,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\migwiz_a.exe
+ 2003-08-16 01:52:08 577,024 -c----w C:\WINDOWS\$NtServicePackUninstall$\mlang.dll
+ 2003-08-16 01:51:54 774,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmc.exe
+ 2003-08-16 01:51:42 66,560 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmcbase.dll
+ 2003-08-16 01:52:24 1,128,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmcndmgr.dll
+ 2003-08-16 01:51:42 46,592 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmcshext.dll
+ 2003-08-16 01:53:44 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmfutil.dll
+ 2003-08-16 01:54:10 68,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\mmsystem.dll
+ 2003-08-16 01:54:02 32,256 -c----w C:\WINDOWS\$NtServicePackUninstall$\mnmdd.dll
+ 2003-08-16 01:53:42 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe
+ 2003-08-16 01:54:02 196,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\mobsync.dll
+ 2003-08-16 01:54:02 135,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe
+ 2003-08-16 10:22:58 28,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\modem.sys
+ 2003-08-16 01:56:24 145,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\modemui.dll
+ 2003-08-16 01:56:00 15,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe
+ 2003-08-16 01:56:16 104,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\mofd.dll
+ 2003-08-16 01:58:20 210,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\moricons.dll
+ 2003-08-16 09:37:54 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\mouclass.sys
+ 2003-08-16 01:57:58 37,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys
+ 2002-12-21 04:06:00 3,366,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe
+ 2002-12-12 10:12:02 316,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\mp43dmod.dll
+ 2002-12-12 06:16:58 384,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\mp4sdmod.dll
+ 2003-02-18 01:16:26 15,104 -c----w C:\WINDOWS\$NtServicePackUninstall$\mpe.sys
+ 2002-12-12 08:34:40 241,664 -c----w C:\WINDOWS\$NtServicePackUninstall$\mpg4dmod.dll
+ 2003-08-16 02:02:16 116,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe
+ 2003-08-16 02:01:52 4,639 -c----w C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe
+ 2003-08-16 02:04:48 55,808 -c----w C:\WINDOWS\$NtServicePackUninstall$\mpr.dll
+ 2003-08-16 02:04:42 79,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\mprapi.dll
+ 2002-12-12 06:16:58 352,256 -c----w C:\WINDOWS\$NtServicePackUninstall$\mpvis.dll
+ 2005-04-26 01:58:03 173,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\mrxdav.sys
+ 2006-05-05 09:31:04 433,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys
+ 2003-08-16 08:25:46 67,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\msacm32.dll
+ 2003-08-16 08:25:50 307,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadce.dll
+ 2003-08-16 08:25:44 20,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcer.dll
+ 2003-08-16 08:25:46 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcf.dll
+ 2003-08-16 08:25:42 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcfr.dll
+ 2006-03-23 06:05:25 135,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadco.dll
+ 2003-08-16 08:25:38 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcor.dll
+ 2003-08-16 08:26:02 53,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadcs.dll
+ 2003-08-16 08:26:04 147,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadds.dll
+ 2003-08-16 08:26:02 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\msaddsr.dll
+ 2003-08-16 09:14:24 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\msader15.dll
+ 2003-08-16 09:15:08 487,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\msado15.dll
+ 2003-08-16 09:14:26 159,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadomd.dll
+ 2003-08-16 09:14:16 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\msador15.dll
+ 2003-08-16 09:14:30 180,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadox.dll
+ 2003-08-16 09:14:16 53,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\msadrh15.dll
+ 2003-08-16 09:14:12 3,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\msafd.dll
+ 2003-08-16 09:14:12 80,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\msapsspc.dll
+ 2004-03-30 01:48:36 51,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\msasn1.dll
+ 2003-08-16 01:49:48 203,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\mscandui.dll
+ 2005-06-29 01:54:58 68,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\mscms.dll
+ 2003-08-16 01:49:46 65,536 -c----w C:\WINDOWS\$NtServicePackUninstall$\msconf.dll
+ 2003-08-16 01:49:46 145,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe
+ 2003-08-16 01:49:44 12,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\mscpx32r.dll
+ 2003-08-16 01:50:06 36,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\mscpxl32.dll
+ 2003-08-16 01:50:06 266,752 -c----w C:\WINDOWS\$NtServicePackUninstall$\msctf.dll
+ 2003-08-16 01:49:44 67,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\msctfp.dll
+ 2003-08-16 01:51:40 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdadc.dll
+ 2003-08-16 01:51:40 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaenum.dll
+ 2003-08-16 01:51:40 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaer.dll
+ 2003-08-16 01:52:08 221,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaora.dll
+ 2003-08-16 01:51:40 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaorar.dll
+ 2003-08-16 01:51:58 73,728 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaosp.dll
+ 2003-08-16 01:51:38 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaprsr.dll
+ 2003-08-16 01:51:44 180,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaprst.dll
+ 2003-08-16 01:52:02 188,416 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaps.dll
+ 2003-08-16 01:51:40 110,592 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdarem.dll
+ 2003-08-16 01:51:36 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaremr.dll
+ 2003-10-28 11:09:50 126,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdart.dll
+ 2003-08-16 01:51:36 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdasc.dll
+ 2003-08-16 01:51:40 303,104 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdasql.dll
+ 2003-08-16 01:51:34 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdasqlr.dll
+ 2003-08-16 01:53:40 86,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdatl3.dll
+ 2003-08-16 01:53:40 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdatt.dll
+ 2003-08-16 01:54:00 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdaurl.dll
+ 2003-08-16 01:53:40 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdfmap.dll
+ 2002-12-12 15:14:32 13,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdmo.dll
+ 2003-08-16 01:53:38 6,144 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe
+ 2003-08-16 01:54:02 54,784 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtclog.dll
+ 2006-03-01 19:44:39 368,640 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtcprx.dll
+ 2006-03-01 19:44:39 974,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtctm.dll
+ 2006-03-01 19:44:39 150,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdtcuiu.dll
+ 2003-02-18 01:21:50 52,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdv.sys
+ 2003-08-16 01:55:54 4,126 -c----w C:\WINDOWS\$NtServicePackUninstall$\msdxmlc.dll
+ 2003-08-16 01:55:56 512,031 -c----w C:\WINDOWS\$NtServicePackUninstall$\msexch40.dll
+ 2003-08-16 01:56:08 319,519 -c----w C:\WINDOWS\$NtServicePackUninstall$\msexcl40.dll
+ 2003-08-16 01:59:54 18,048 -c----w C:\WINDOWS\$NtServicePackUninstall$\msfs.sys
+ 2003-08-16 02:00:38 504,832 -c----w C:\WINDOWS\$NtServicePackUninstall$\msftedit.dll
+ 2004-03-30 01:48:36 971,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgina.dll
+ 2003-08-16 01:59:52 33,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgpc.sys
+ 2003-08-16 02:00:38 3,346,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgr3en.dll
+ 2003-08-16 02:00:06 57,374 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgrocm.dll
+ 2002-08-21 04:39:42 109,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgsc.dll
+ 2002-08-21 06:08:36 221,215 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgslang.dll
+ 2003-10-22 06:06:41 32,256 -c----w C:\WINDOWS\$NtServicePackUninstall$\msgsvc.dll
+ 2003-08-16 01:59:52 184,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\msh261.drv
+ 2003-08-16 09:37:54 286,720 -c----w C:\WINDOWS\$NtServicePackUninstall$\msh263.drv
+ 2003-08-16 02:01:52 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\mshta.exe
+ 2006-06-30 18:28:26 2,703,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\mshtml.dll
+ 2003-08-16 02:02:12 440,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\mshtmled.dll
+ 2003-08-16 02:01:52 56,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\mshtmler.dll
+ 2006-02-27 21:29:32 44,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\msident.dll
+ 2003-08-16 02:01:50 5,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\msidle.dll
+ 2005-08-05 17:23:27 230,400 -c----w C:\WINDOWS\$NtServicePackUninstall$\msieftp.dll
+ 2003-08-16 02:04:46 4,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\msimg32.dll
+ 2006-02-27 21:32:04 56,832 -c----w C:\WINDOWS\$NtServicePackUninstall$\msimn.exe
+ 2003-08-16 02:04:56 143,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\msimtf.dll
+ 2003-08-16 02:04:42 348,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\msinfo.dll
+ 2003-08-16 02:07:00 34,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe
+ 2003-08-16 02:08:02 1,503,262 -c----w C:\WINDOWS\$NtServicePackUninstall$\msjet40.dll
+ 2003-08-16 02:07:30 348,195 -c----w C:\WINDOWS\$NtServicePackUninstall$\msjetol1.dll
+ 2003-08-16 09:07:30 348,195 -c----w C:\WINDOWS\$NtServicePackUninstall$\msjetoledb40.dll
+ 2003-08-16 02:07:00 151,626 -c----w C:\WINDOWS\$NtServicePackUninstall$\msjint40.dll
+ 2003-08-16 02:07:00 90,112 -c----w C:\WINDOWS\$NtServicePackUninstall$\msjro.dll
+ 2003-08-16 02:06:58 53,322 -c----w C:\WINDOWS\$NtServicePackUninstall$\msjter40.dll
+ 2003-08-16 02:07:04 241,695 -c----w C:\WINDOWS\$NtServicePackUninstall$\msjtes40.dll
+ 2002-12-12 15:14:32 7,424 -c----w C:\WINDOWS\$NtServicePackUninstall$\mskssrv.sys
+ 2003-08-16 02:07:18 22,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\mslbui.dll
+ 2003-08-16 02:10:44 213,023 -c----w C:\WINDOWS\$NtServicePackUninstall$\msltus40.dll
+ 2003-08-16 02:10:42 36,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\mslwvtts.dll
+ 2002-08-21 06:08:38 1,511,453 -c----w C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe
+ 2002-12-12 09:09:22 253,952 -c----w C:\WINDOWS\$NtServicePackUninstall$\msnetobj.dll
+ 2003-08-16 02:53:02 319,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\msnsspc.dll
+ 2003-08-16 02:52:50 112,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\msobcomm.dll
+ 2003-08-16 02:52:42 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\msobdl.dll

 

[rainshield]

i think my pc is infected so badly. I try to follow your step, but when i drag the CFScripts file in combofix, it say the application is not found, then when i click on combofix, it doesnt work anymore, and it look like things get exactly the way it started, after i think the combofix even effect to my pc, now i cant open any programs, everytime i click anything, it only come up with "open with" menu. i try to scan with skarperskyscan but my java is not up to date, so i downloaded 1.5 version, but the IE so extremely slow now, and it keep on getting stalled...the pc is way so slow. Is there anyway to fix it, please help me with this

 

[katana]

Please delete the copy of ComboFix that you have and download an updated copy from one of the links below

• Please visit this webpage for instructions on using ComboFix:
  http://www.bleepingcomputer.com/combofix/how-to-use-combofix
  
  ComboFix.exe 1
  ComboFix.exe 2
  ComboFix.exe 3
  
• You must download it to and run it from your Desktop
• Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.

Custom CFScript

• Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
  
  

  KillAll::
  Files::
  C:\WINDOWS\system32\avyfiywp.dll
  C:\WINDOWS\system32\ufavrghg.dll
  C:\WINDOWS\system32\saapslaw.dll
  C:\WINDOWS\system32\wsxinxak.dll
  C:\WINDOWS\system32\prun.exe
  C:\Documents and Settings\Owner\mcc.exe
  C:\Documents and Settings\Owner\gotgo.exe
  
  DirLook::
  C:\WINDOWS\system32\EV19
  File::
  C:\WINDOWS\system32\knsasu.dll
  C:\WINDOWS\system32\dhxdqkjj.dll
  C:\WINDOWS\system32\gayywavw.dll
  C:\WINDOWS\system32\khyvmkan.dll

• Save this as CFScript.txt and place it on your desktop.
  
  
  
  
  
  
  
• Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
• ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
• When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

 

[rainshield]

after i reinstalled the combofix, but look like it doesnt load up, when i drag and drop the CFScript file in, it say "application is not found", then i try to open the combofix itself, but it only pop up with "open with" program window. So i restart my pc and change it to "SAFE MODE" and finally able to do it, here the log :
ComboFix 08-11-03.06 - Owner 2008-11-04 8:43:31.11 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.800 [GMT -8:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt

FILE ::
c:\windows\system32\dhxdqkjj.dll
c:\windows\system32\gayywavw.dll
c:\windows\system32\khyvmkan.dll
c:\windows\system32\knsasu.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Owner\gotgo.exe
c:\documents and settings\Owner\mcc.exe
c:\windows\system32\avyfiywp.dll
c:\windows\system32\dhxdqkjj.dll
c:\windows\system32\gayywavw.dll
c:\windows\system32\khyvmkan.dll
c:\windows\system32\knsasu.dll
c:\windows\system32\prun.exe
c:\windows\system32\saapslaw.dll
c:\windows\system32\ufavrghg.dll
c:\windows\system32\wsxinxak.dll

.
((((((((((((((((((((((((( Files Created from 2008-10-04 to 2008-11-04 )))))))))))))))))))))))))))))))
.

2008-11-03 23:09 . 2008-11-03 23:39 1,374 --a------ c:\windows\imsins.BAK
2008-11-03 15:48 . 2008-11-03 15:46 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-03 15:48 . 2008-11-03 15:46 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-03 07:11 . 2008-11-04 08:24 <DIR> d-------- c:\windows\system32\CatRoot_bak
2008-11-03 06:55 . 2008-08-14 01:51 138,368 -----c--- c:\windows\system32\dllcache\afd.sys
2008-11-02 22:57 . 2008-11-02 22:57 <DIR> d-------- c:\program files\ERUNT
2008-11-01 20:08 . 2008-11-01 20:08 <DIR> d-------- C:\rsit
2008-10-31 22:22 . 2008-10-31 22:22 <DIR> d-------- c:\documents and settings\Owner\Application Data\Malwarebytes
2008-10-31 22:21 . 2008-10-31 22:22 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-10-31 22:21 . 2008-10-31 22:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-31 22:21 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-10-31 22:21 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-10-30 18:42 . 2008-10-30 18:42 4,286 --a------ c:\windows\system32\Jamster.ico
2008-10-29 17:49 . 2008-11-01 01:04 <DIR> d-------- c:\windows\system32\EV19
2008-10-29 17:13 . 2008-10-29 17:13 <DIR> d--h----- c:\windows\PIF
2008-10-15 16:21 . 2001-08-17 14:02 9,600 --a------ c:\windows\system32\drivers\hidusb.sys
2008-10-15 16:21 . 2001-08-17 14:02 9,600 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2008-10-15 16:18 . 2008-01-03 21:28 29,824 --a------ c:\windows\system32\drivers\FragFX.sys
2008-10-15 00:47 . 2008-10-15 00:47 262,144 --a------ C:\ntuser.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-03 23:45 --------- d-----w c:\program files\Java
2008-11-02 10:52 --------- d-----w c:\program files\Avant Browser
2008-11-02 10:45 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-30 04:29 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-30 04:28 --------- d-----w c:\program files\SUPERAntiSpyware
2008-10-15 23:58 --------- d-----w c:\documents and settings\Owner\Application Data\Yahoo!
2008-10-15 08:47 --------- d-----w c:\documents and settings\All Users\Application Data\yahoo!
2008-10-03 17:14 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-09-30 22:09 --------- d-----w c:\program files\Starcraft
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\win32k.sys
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-14 10:00 2,180,352 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 09:22 2,057,728 ----a-w c:\windows\system32\ntkrnlpa.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of c:\windows\system32\EV19 ----



((((((((((((((((((((((((((((( snapshot_2008-11-03_ 5.08.16.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 09:58:27 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 08:38:55 2,057,600 -c----w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:22:14 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 09:10:57 2,180,352 -c----w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-04-23 04:16:28 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-04-23 04:16:28 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-04-23 04:16:28 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-04-23 04:16:28 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-04-23 04:16:28 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-04-22 07:39:58 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-04-23 04:16:28 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-04-23 04:16:28 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-04-23 04:16:28 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-04-23 04:16:28 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-04-23 04:16:28 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-04-23 04:16:28 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-04-23 04:16:28 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-04-22 07:40:18 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-04-23 04:16:28 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-04-23 04:16:28 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-04-23 04:16:28 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-04-24 06:16:30 3,591,680 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-04-23 04:16:28 478,208 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-04-23 04:16:28 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-04-23 04:16:28 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-04-23 04:16:28 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-04-23 04:16:28 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:28 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-04-23 04:16:29 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-04-23 04:16:29 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-04-23 04:16:29 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2007-05-31 21:35:22 6,420,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
- 2008-06-11 07:09:45 12,288 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-11-04 07:42:14 12,288 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-06-11 07:09:45 135,168 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-11-04 07:42:13 135,168 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-06-11 07:09:45 11,264 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-11-04 07:42:14 11,264 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-06-11 07:09:46 27,136 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-11-04 07:42:14 27,136 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-06-11 07:09:46 4,096 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-11-04 07:42:14 4,096 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-06-11 07:09:46 794,624 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-11-04 07:42:14 794,624 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-06-11 07:09:45 249,856 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-11-04 07:42:14 249,856 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-06-11 07:09:46 23,040 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-11-04 07:42:14 23,040 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-06-11 07:09:45 286,720 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-11-04 07:42:13 286,720 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-06-11 07:09:44 409,600 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-11-04 07:42:13 409,600 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-04-23 04:16:28 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-04-23 04:16:28 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2008-04-23 04:16:28 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-04-23 04:16:28 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-07-07 20:32:22 253,952 -c----w c:\windows\system32\dllcache\es.dll
- 2008-04-23 04:16:28 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-26 07:24:28 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
- 2008-04-23 04:16:28 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-04-22 07:39:58 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-23 04:16:28 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-04-23 04:16:28 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-04-20 05:07:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2008-04-23 04:16:28 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-04-23 04:16:28 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-04-23 04:16:28 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-04-23 04:16:28 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-26 07:24:29 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-04-23 04:16:28 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-04-22 07:39:58 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-04-22 07:40:18 625,664 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2007-08-21 06:15:44 683,520 -c----w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 -c----w c:\windows\system32\dllcache\inetcomm.dll
- 2008-04-23 04:16:28 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-04 07:56:42 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:30:33 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-06-24 16:23:05 74,240 -c----w c:\windows\system32\dllcache\mscms.dll
- 2008-04-23 04:16:28 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-04-23 04:16:28 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-24 06:16:30 3,591,680 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-27 08:24:32 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-04-23 04:16:28 478,208 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2008-04-23 04:16:28 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-26 07:24:30 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2008-04-23 04:16:28 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-26 07:24:30 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2006-08-17 12:28:27 332,288 -c----w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 16:57:55 332,800 -c----w c:\windows\system32\dllcache\netapi32.dll
- 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 09:58:27 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 08:38:55 2,057,600 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 09:22:14 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
- 2007-02-28 09:10:57 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-04-23 04:16:28 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-04-23 04:16:28 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2006-08-14 10:34:41 332,928 -c----w c:\windows\system32\dllcache\srv.sys
+ 2008-08-28 10:04:17 333,056 -c----w c:\windows\system32\dllcache\srv.sys
- 2008-04-23 04:16:28 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-04-23 04:16:29 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
- 2008-04-23 04:16:29 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
- 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 11:57:41 1,846,016 -c----w c:\windows\system32\dllcache\win32k.sys
- 2008-04-23 04:16:29 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 06:14:14 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\drivers\srv.sys
- 2008-04-23 04:16:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-04-23 04:16:28 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2005-07-26 04:39:45 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:32:22 253,952 ----a-w c:\windows\system32\es.dll
- 2008-04-23 04:16:28 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-08-26 07:24:28 133,120 ------w c:\windows\system32\extmgr.dll
- 2008-04-09 07:47:50 162,728 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-04 08:50:10 162,728 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-04-23 04:16:28 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-08-26 07:24:28 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-04-22 07:39:58 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-04-23 04:16:28 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-04-23 04:16:28 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-04-20 05:07:51 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\ieakui.dll
- 2008-04-23 04:16:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-04-23 04:16:28 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2008-04-23 04:16:28 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-04-23 04:16:28 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-08-26 07:24:29 44,544 ------w c:\windows\system32\iernonce.dll
- 2008-04-23 04:16:28 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-08-26 07:24:29 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-04-22 07:39:58 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2007-08-21 06:15:44 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w c:\windows\system32\inetcomm.dll
- 2004-01-26 10:24:04 24,681 -c--a-w c:\windows\system32\java.exe
+ 2008-11-03 23:46:13 144,792 ----a-w c:\windows\system32\java.exe
- 2004-01-26 10:24:04 28,779 -c--a-w c:\windows\system32\javaw.exe
+ 2008-11-03 23:46:13 144,792 ----a-w c:\windows\system32\javaw.exe
+ 2008-11-03 23:46:13 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-04-23 04:16:28 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2005-06-29 01:46:00 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:23:05 74,240 ----a-w c:\windows\system32\mscms.dll
- 2008-04-23 04:16:28 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-04-23 04:16:28 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-04-24 06:16:30 3,591,680 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-27 08:24:32 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-04-23 04:16:28 478,208 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-04-23 04:16:28 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-08-26 07:24:30 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-04-23 04:16:28 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-08-26 07:24:30 671,232 ------w c:\windows\system32\mstime.dll
- 2006-08-17 12:28:27 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:57:55 332,800 ----a-w c:\windows\system32\netapi32.dll
- 2008-04-23 04:16:28 102,912 ------w c:\windows\system32\occache.dll
+ 2008-08-26 07:24:30 102,912 ------w c:\windows\system32\occache.dll
- 2008-04-23 04:16:28 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2007-11-30 11:18:51 17,272 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll
- 2007-11-13 11:31:11 60,416 -c----w c:\windows\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-04-23 04:16:28 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-08-26 07:24:30 105,984 ----a-w c:\windows\system32\url.dll
- 2008-04-23 04:16:29 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 ----a-w c:\windows\system32\urlmon.dll
- 2008-04-23 04:16:29 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-26 07:24:31 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2006-10-19 05:47:20 295,936 ------w c:\windows\system32\wmpeffects.dll
+ 2008-06-25 02:12:58 295,936 ------w c:\windows\system32\wmpeffects.dll
+ 2008-04-15 17:54:19 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [BU]
"SUPERAntiSpyware"="c:\progra~1\SUPERA~1\SUPERA~1.EXE" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-03 136600]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-20 118784]
"HPHUPD05"="c:\program files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-21 49152]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-08-21 483328]
"KBD"="c:\hp\KBD\KBD.EXE" [2008-05-13 2093568]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-01-26 151597]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2008-05-29 179712]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-06-27 29344]
"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-12 172032]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"LTMSG"="LTMSG.exe" [2008-03-19 c:\windows\ltmsg.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE]
"VTTimer"="" [BU]
"PS2"="" [BU]

c:\documents and settings\Default User\Start Menu\Programs\Startup\
spamsubtract.lnk - c:\program files\interMute\SpamSubtract\SpamSub.exe [2004-01-27 557056]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
spamsubtract.lnk - c:\program files\interMute\SpamSubtract\SpamSub.exe [2004-01-27 557056]

c:\documents and settings\Owner\Start Menu\Programs\Startup\
spamsubtract.lnk - c:\program files\interMute\SpamSubtract\SpamSub.exe [2004-01-27 557056]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Compaq Connections.lnk - c:\program files\Compaq Connections\1940576\Program\BackWeb-1940576.exe [2004-01-26 16384]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-09-16 237568]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-01-19 409088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qoMfFvWN]
[BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=orncez.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Avant Browser\\avant.exe"=
"c:\\Program Files\\Compaq Connections\\1940576\\Program\\BackWeb-1940576.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
"f:\\game\\Steam\\steamapps\\1life1love4ever\\counter-strike\\hl.exe"=

S2 JavaQuickStarterService;Java Quick Starter;c:\program files\Java\jre6\bin\jqs.exe [2008-11-03 152984]
S3 FragFX;FragFX NT service;c:\windows\system32\Drivers\FragFX.sys [2008-01-03 29824]

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder

2008-11-04 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2003-06-19 00:17]
.
- - - - ORPHANS REMOVED - - - -

BHO-{199f7219-281e-44d9-99eb-83e6febb0ddd} - (no file)
BHO-{3803463F-8961-4B32-B904-BE3DD440108A} - (no file)
BHO-{3FAECE6F-50DF-012D-8A48-5CC07026D6C9} - (no file)
BHO-{4BCA41D6-331E-4BE1-BC76-8324139B7B51} - (no file)
BHO-{53F933B8-E2CE-43A8-AC86-4FB1C4F4BCB9} - (no file)
BHO-{5606a88c-3e11-456b-ae5a-c3f84669fe83} - (no file)
BHO-{648D6416-DDA1-4A1A-AB38-A5840045B8DD} - (no file)
BHO-{7C5D3A32-B9EC-4AAA-B0B2-FDB51BAEF699} - (no file)
BHO-{9CF1B841-60AD-4133-A48B-A169E4D6CD6F} - (no file)
BHO-{B8ED0C5B-6745-48F6-912F-89E261C09FB9} - (no file)
BHO-{BD3731B6-C62E-446F-8D03-235B55DD24D0} - (no file)
BHO-{CF88E393-625C-4BC4-AA09-D6DF9B2FAEE6} - (no file)
BHO-{d35830bf-164c-415b-b7f8-7ff495fe850e} - (no file)
BHO-{DAC648E5-0B3A-4CED-9396-7404A9378AA0} - (no file)
BHO-{db4c955d-da75-4083-a1c3-56d8c5588ada} - (no file)
BHO-{ffb5caf7-151f-4a97-8c98-71cb8538a13d} - (no file)



**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-04 08:47:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
Completion time: 2008-11-04 8:51:50
ComboFix-quarantined-files.txt 2008-11-04 16:50:48
ComboFix2.txt 2008-11-03 14:16:06
ComboFix3.txt 2007-12-10 21:55:46

Pre-Run: 14,323,392,512 bytes free
Post-Run: 14,317,535,232 bytes free

387 --- E O F --- 2008-11-04 07:42:20




p/s: i just wondering, why it's only work on safe mode, not normal window, and the biggiest problem on my pc is i still cant open any other program yet.

 

[katana]

we need to get an online scan to find out what is going on.

Please try Kaspersky again if not in IE then try it in Firefox

 

[rainshield]

is it ok if i scan it on "safe mode" window? bcuz my IE or firefox got errors and stalled everytime i try the scan. here is the kaspersky log i scanned from "safe mode" window:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, November 4, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, November 04, 2008 19:09:24
Records in database: 1369646
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 112641
Threat name: 148
Infected objects: 749
Suspicious objects: 0
Duration of the scan: 02:13:28


File name / Threat name / Threats count
C:\cmdcons\autochk.exe Infected: Virus.Win32.Neshta.a 1
C:\cmdcons\autofmt.exe Infected: Virus.Win32.Neshta.a 1
C:\cmdcons\system32\smss.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\Racing.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\start.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\_C035477C-FD53-405C-A0B2-CA237A502FBF.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Administrator\My Documents\87098.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Administrator\My Documents\My Received Files\WPEXP.rar Infected: HackTool.Win32.Sniffer.WpePro.a 1
C:\Documents and Settings\Administrator\My Documents\My Received Files\WPEXP.rar Infected: HackTool.Win32.Sniffer.WpePro.w 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\AIMinst.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\AIMLang.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\alsetup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\ampx.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\inst.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\instopts.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\migrator.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\muinst.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\ocpinst.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\setup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\tbsetup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\toolbar.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_6.0.28.3\vwpt.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\AIMinst.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\AIMLang.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\alsetup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\aoldlmgr.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\aolsetup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\bsetutil.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\migrator.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\ocpinst.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\setup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\tbsetup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\toolbar.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\unagi3.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4268.0.4\vwpt.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2717_symnet$20consumer_5.4.4_english\DlayUpdt.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2717_symnet$20consumer_5.4.4_english\Message.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2717_symnet$20consumer_5.4.4_english\setup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem4641_symnet_4.7.2_english\Message.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem4641_symnet_4.7.2_english\setup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Default User\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\Racing.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Default User\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\start.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Default User\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\_C035477C-FD53-405C-A0B2-CA237A502FBF.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Default User\My Documents\87098.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Default User\My Documents\My Received Files\WPEXP.rar Infected: HackTool.Win32.Sniffer.WpePro.a 1
C:\Documents and Settings\Default User\My Documents\My Received Files\WPEXP.rar Infected: HackTool.Win32.Sniffer.WpePro.w 1
C:\Documents and Settings\Owner\Application Data\Real\Update\GOOGLE_DESKTOP\gdssetup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Application Data\Real\Update\GOOGLE_TOOLBAR\googletoolbarinstaller.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\ccsetup211.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\erunt-setup.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\FindAWF.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\HiJackThis\HijackThis.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\hjsplit\hjsplit.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\nrx50\NeoRAGEx 5.0.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\OTMoveIt.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\RSIT.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\SDFix.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\SSEv4.1\SSEv4.1.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Desktop\Super Simple ESP v3.7\SSEv3.7.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\Racing.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\start.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\Local Settings\Application Data\Wildtangent\Cdacache\C035477C-FD53-405C-A0B2-CA237A502FBF\_C035477C-FD53-405C-A0B2-CA237A502FBF.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\My Documents\87098.exe Infected: Virus.Win32.Neshta.a 1
C:\Documents and Settings\Owner\My Documents\My Received Files\Release.rar Infected: Trojan.Win32.Inject.ae 1
C:\Documents and Settings\Owner\My Documents\My Received Files\WPEXP.rar Infected: HackTool.Win32.Sniffer.WpePro.a 1
C:\Documents and Settings\Owner\My Documents\My Received Files\WPEXP.rar Infected: HackTool.Win32.Sniffer.WpePro.w 1
C:\Documents and Settings\Owner\My Documents\ventrilo_3.0.0_Windows_i386\Ventrilo.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\absetup.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\Firefox Setup 3.0.3.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\HJTInstall.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\mbam-setup.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\msgr9us.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\setupxv.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\SUPERAntiSpyware\msiexec.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\SUPERAntiSpyware.exe Infected: Virus.Win32.Neshta.a 1
C:\Downloads\yahoo_firefox_setup-3.0.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\AddDevicePath.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\AUTOMOD.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\automod32.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\autorun.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\blocks\BBoot\HP_EndBuild_for_BBoot_ALL_WW_0000-16.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\blocks\BBoot\Power_Options_System_Standby_Off_ALL_WW_0000-01.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\blocks\EJECT.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\blocks\FINIS.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\blocks\GREPINATOR.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\blocks\ISRUNNING.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\EJECT.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\IniMerge.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\MsgBoxPlus.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\restore.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\burnboot\UINI.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\COMMANDS.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\DISTILL.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\DM.exe Infected: Virus.Win32.Neshta.a 1

 

[rainshield]

C:\hp\bin\firewallnorton\CDSTART.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\firewallnorton\MSI\WIN9X\INSTMSI.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\firewallnorton\MSI\WINNT\INSTMSI.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\firewallnorton\NPF\ALERULES.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\firewallnorton\NPF.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\firewallnorton\SUPPORT\DCOM98\DCOM98.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\firewallnorton\SUPPORT\LIVEREG\LRSETUP.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\firewallnorton\SUPPORT\LUPDATE\LUSETUP.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\FullScreen.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\HPBI.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\hpdmi.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\HPLocale.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\HtmlMsg.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\IniMerge.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\IsRunning.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\iTunes\NewShortcut4_8C3BCD70236347B8A53EEE8A82FD5C78.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\KillIt.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\omnipass\Setup.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\omnipass\weblink\Setup.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\OSType.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\ProcessLogger.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\Progress.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\PwrMgt.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\Python-2.2.1.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\RefCount.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\replace.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\RPCOPY.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\SETLEVEL.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\SetRes.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\TransientMessage.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\TrialHTML\Office 2003 Edition 60 Day Trial.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\UIni.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\USBPwrMGMT.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\bin\win32all-146.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\audio_realtek\Alcxmntr.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\keyboard\PS2.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\modem_Agere_Sequoia\agrsmdel.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\modem_Agere_Sequoia\AGRSMMsg.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\CopyInf.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\hpbvspst.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\hpzglu08.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\install.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\instmsia.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\instmsiw.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\program files\Hewlett-Packard\hp deskjet assistant\bin\browser.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\setup.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\util\common\hpfpdi08.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\util\common\hpzghl08.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\printers\deskjet\util\common\hpzpin08.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\video_Intel\hkcmd.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\video_Intel\igfxcfg.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\video_Intel\igfxdiag.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\video_Intel\igfxext.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\drivers\video_Intel\igfxtray.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\EasyHomeNet\splash.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\MicrosoftNetworkGuide\netguide.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\MicrosoftNetworkGuide\run.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\shortcut.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\Splash\Entertainment\splash.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\Splash\HotDeals\splash.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\Splash\Security\showdetto.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\Splash\Security\splash.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\warranty\EN\splash.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\warranty\EN_CA\splash.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\warranty\EN_US\splash.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\DTIcons\warranty\runner.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\IAccess\IAccess.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\KBD\KBUPDATE.EXE Infected: Virus.Win32.Neshta.a 1
C:\hp\KBD\STATIC\Common\hpkey.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\OrgTut\OrgTut.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42NA1MCA\LaunchMsn.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-ARA.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-CHS.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-CHT.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-DAN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-DEU.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-ENU.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-ESN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-FIN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-FRA.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-ITA.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-JPN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-KOR.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-NLD.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-NOR.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-PTG.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-SVE.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-TRK.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1CDC\files\ALL\CD Creator.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Arabic\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Dan\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Eng\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Fin\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Fr\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Ger\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\It\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Jpn\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Kor\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\NL\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Nor\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Port\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\SC\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Sp\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\SW\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\TC\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1HTM\src\Turk\Q832894.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\CHS\WindowsXP-KB821431-x86-CHS.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\CHT\WindowsXP-KB821431-x86-CHT.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\CSY\WindowsXP-KB821431-x86-CSY.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\DAN\WindowsXP-KB821431-x86-DAN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\DEU\WindowsXP-KB821431-x86-DEU.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\ELL\WindowsXP-KB821431-x86-ELL.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\ENU\WindowsXP-KB821431-x86-ENU.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\ESN\WindowsXP-KB821431-x86-ESN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\FIN\WindowsXP-KB821431-x86-FIN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\FRA\WindowsXP-KB821431-x86-FRA.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\HEB\WindowsXP-KB821431-x86-HEB.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\HUN\ARA\WindowsXP-KB821431-x86-ARA.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\HUN\WindowsXP-KB821431-x86-HUN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\ITA\WindowsXP-KB821431-x86-ITA.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\JPN\WindowsXP-KB821431-x86-JPN.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\KOR\WindowsXP-KB821431-x86-KOR.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\NLD\WindowsXP-KB821431-x86-NLD.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\NOR\WindowsXP-KB821431-x86-NOR.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\PLK\WindowsXP-KB821431-x86-PLK.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\PTB\WindowsXP-KB821431-x86-PTB.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\PTG\WindowsXP-KB821431-x86-PTG.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\RUS\WindowsXP-KB821431-x86-RUS.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\SVE\WindowsXP-KB821431-x86-SVE.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1IPD\src\TRK\WindowsXP-KB821431-x86-TRK.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App00153.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App00292.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App00491.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App02995.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App04827.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App05447.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App05705.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App09961.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App16827.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App17421.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App18716.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App19169.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App19718.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App19895.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App23281.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App24464.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App26962.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App29358.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\App99993.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW1REC\src\xApp14604.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW3SEQ\Agere_Cheetah_Modem_6386-01.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\patches\42WW3SEQ\Agere_Sequoia_Modem_6960-01.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\recovery\wizard\SWR_Wizard.exe Infected: Virus.Win32.Neshta.a

 

[rainshield]

C:\hp\region\wallpaper\wp.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\support\HPSysInfo.exe Infected: Virus.Win32.Neshta.a 1
C:\hp\vinetlink\autorun.exe Infected: Virus.Win32.Neshta.a 1
C:\My Shared Folder\klite27rc1.exe Infected: Virus.Win32.Neshta.a 1
C:\NVIDIA\Win2KXP\71.89\nvudisp.exe Infected: Virus.Win32.Neshta.a 1
C:\NVIDIA\Win2KXP\71.89\setup.exe Infected: Virus.Win32.Neshta.a 1
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe Infected: Trojan-Downloader.Win32.Agent.awf 1
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe Infected: Trojan-Downloader.Win32.Agent.awf 1
C:\Program Files\Common Files\Real\Toolbar\RealBar.dll Infected: not-a-virus:AdWare.Win32.MegaSearch.s 1
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 1
C:\Program Files\Norton AntiVirus\Quarantine\003A49A9 Infected: not-a-virus:AdWare.Win32.BetterInternet.b 1
C:\Program Files\Norton AntiVirus\Quarantine\00717F33 Infected: Trojan-Downloader.Win32.Small.cxx 1
C:\Program Files\Norton AntiVirus\Quarantine\00A03FB1 Infected: Trojan-Downloader.Win32.Intexp.d 1
C:\Program Files\Norton AntiVirus\Quarantine\00C63E9D Infected: Email-Worm.Win32.Delf.i 1
C:\Program Files\Norton AntiVirus\Quarantine\045640FA Infected: Trojan-Downloader.Win32.Dyfuca.gen 1
C:\Program Files\Norton AntiVirus\Quarantine\062439CD Infected: Trojan.Win32.EliteBar.d 1
C:\Program Files\Norton AntiVirus\Quarantine\070C5A6F Infected: Trojan-GameThief.Win32.Nilage.pa 1
C:\Program Files\Norton AntiVirus\Quarantine\070F046C Infected: Trojan-Downloader.Win32.Small.ctk 1
C:\Program Files\Norton AntiVirus\Quarantine\0A092DBF Infected: Trojan-Downloader.Win32.Small.cxx 1
C:\Program Files\Norton AntiVirus\Quarantine\0AC13353 Infected: Trojan-Downloader.Win32.IstBar.ij 1
C:\Program Files\Norton AntiVirus\Quarantine\0B640FA0 Infected: Trojan-Downloader.Win32.Dyfuca.eg 1
C:\Program Files\Norton AntiVirus\Quarantine\0BB44433 Infected: Trojan-Downloader.Win32.Small.cux 1
C:\Program Files\Norton AntiVirus\Quarantine\0BCA05A8 Infected: Trojan-Downloader.Win32.Dyfuca.du 1
C:\Program Files\Norton AntiVirus\Quarantine\0C3B469B Infected: Trojan-Downloader.Win32.Small.cxx 1
C:\Program Files\Norton AntiVirus\Quarantine\0D450303 Infected: Trojan-Downloader.Win32.VB.hj 1
C:\Program Files\Norton AntiVirus\Quarantine\0D482D00 Infected: Trojan-Spy.Win32.Small.fe 1
C:\Program Files\Norton AntiVirus\Quarantine\0D4C56FC Infected: Trojan-Spy.Win32.Agent.hq 1
C:\Program Files\Norton AntiVirus\Quarantine\0D4F00F9 Infected: Trojan-Spy.Win32.Delf.ig 1
C:\Program Files\Norton AntiVirus\Quarantine\0D522AF5 Infected: Trojan-Spy.Win32.Small.fe 1
C:\Program Files\Norton AntiVirus\Quarantine\0D5654F1 Infected: HackTool.Win32.Sniffer.WpePro.a 1
C:\Program Files\Norton AntiVirus\Quarantine\0D597EEE Infected: HackTool.Win32.Sniffer.WpePro.w 1
C:\Program Files\Norton AntiVirus\Quarantine\0D5C28EA Infected: Trojan-Clicker.Win32.Small.cc 1
C:\Program Files\Norton AntiVirus\Quarantine\0D6950DC Infected: Trojan-Downloader.Win32.PurityScan.cq 1
C:\Program Files\Norton AntiVirus\Quarantine\0D6C7AD8 Infected: Trojan-Downloader.Win32.Small.cxx 1
C:\Program Files\Norton AntiVirus\Quarantine\0D7024D5 Infected: Trojan-Downloader.Win32.TSUpdate.o 1
C:\Program Files\Norton AntiVirus\Quarantine\0D7024D5 Infected: not-a-virus:AdWare.Win32.Mostofate.u 1
C:\Program Files\Norton AntiVirus\Quarantine\0D7678CD Infected: not-a-virus:AdWare.Win32.MediaMotor.p 1
C:\Program Files\Norton AntiVirus\Quarantine\0D7D4CC6 Infected: Trojan-Downloader.Win32.Qoologic.bj 1
C:\Program Files\Norton AntiVirus\Quarantine\0D8076C3 Infected: not-a-virus:AdWare.Win32.CommAd.a 2
C:\Program Files\Norton AntiVirus\Quarantine\0D8076C3 Infected: not-a-virus:Monitor.Win32.NetMon.a 1
C:\Program Files\Norton AntiVirus\Quarantine\0D874ABB Infected: not-a-virus:AdWare.Win32.ImiBar.h 1
C:\Program Files\Norton AntiVirus\Quarantine\0D8A554A Infected: Trojan-Downloader.Win32.Small.cke 1
C:\Program Files\Norton AntiVirus\Quarantine\0D8A74B8 Infected: not-a-virus:AdWare.Win32.MediaMotor.i 1
C:\Program Files\Norton AntiVirus\Quarantine\0D8D1EB4 Infected: Backdoor.Win32.Agent.bpk 1
C:\Program Files\Norton AntiVirus\Quarantine\0D8D7F47 Infected: Trojan-Downloader.Win32.Small.cke 1
C:\Program Files\Norton AntiVirus\Quarantine\0D9048B1 Infected: not-a-virus:AdWare.Win32.BetterInternet.s 1
C:\Program Files\Norton AntiVirus\Quarantine\0D9472AD Infected: Trojan-Downloader.Win32.Adload.a 1
C:\Program Files\Norton AntiVirus\Quarantine\0D971CA9 Infected: Trojan.Win32.Dialer.ay 1
C:\Program Files\Norton AntiVirus\Quarantine\0D9A46A6 Infected: not-a-virus:AdWare.Win32.Maxifiles.u 1
C:\Program Files\Norton AntiVirus\Quarantine\0D9D70A2 Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\0DA11A9F Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\0DA4449B Infected: not-a-virus:AdWare.Win32.WinAD.bj 1
C:\Program Files\Norton AntiVirus\Quarantine\0DA76E97 Infected: not-a-virus:AdWare.Win32.PurityScan.u 1
C:\Program Files\Norton AntiVirus\Quarantine\0DAA1894 Infected: Trojan-Downloader.Win32.VB.hw 1
C:\Program Files\Norton AntiVirus\Quarantine\0DAE4290 Infected: Trojan-Downloader.Win32.Dyfuca.ey 1
C:\Program Files\Norton AntiVirus\Quarantine\0DB16C8D Infected: Trojan-Downloader.Win32.IstBar.ij 1
C:\Program Files\Norton AntiVirus\Quarantine\0DB41689 Infected: not-a-virus:AdWare.Win32.MediaMotor.l 1
C:\Program Files\Norton AntiVirus\Quarantine\0DB84086 Infected: Trojan-Dropper.Win32.VB.nn 1
C:\Program Files\Norton AntiVirus\Quarantine\0DBE147E Infected: Trojan-Downloader.Win32.TSUpdate.r 1
C:\Program Files\Norton AntiVirus\Quarantine\0DC13E7B Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Program Files\Norton AntiVirus\Quarantine\0DC56877 Infected: not-a-virus:AdWare.Win32.SurfAccuracy.d 1
C:\Program Files\Norton AntiVirus\Quarantine\0DC81274 Infected: Trojan-Downloader.Win32.IstBar.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\0DCB3C70 Infected: Trojan-Dropper.Win32.Small.qn 1
C:\Program Files\Norton AntiVirus\Quarantine\0DCE666C Infected: Trojan-Downloader.Win32.Small.ckh 1
C:\Program Files\Norton AntiVirus\Quarantine\0DD21069 Infected: not-a-virus:AdWare.Win32.CASClient.d 1
C:\Program Files\Norton AntiVirus\Quarantine\0DD53A65 Infected: Trojan.Win32.Crypt.t 1
C:\Program Files\Norton AntiVirus\Quarantine\0DD86462 Infected: Trojan-Downloader.Win32.TSUpdate.n 1
C:\Program Files\Norton AntiVirus\Quarantine\0DD86462 Infected: Trojan-Downloader.Win32.TSUpdate.p 1
C:\Program Files\Norton AntiVirus\Quarantine\0DD86462 Infected: Trojan-Downloader.Win32.TSUpdate.l 1
C:\Program Files\Norton AntiVirus\Quarantine\0DD86462 Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Program Files\Norton AntiVirus\Quarantine\0DDF385A Infected: Packed.Win32.NSAnti.r 1
C:\Program Files\Norton AntiVirus\Quarantine\0DE26257 Infected: Trojan-Downloader.Win32.Small.cxx 1
C:\Program Files\Norton AntiVirus\Quarantine\0DE50C53 Infected: Trojan-Downloader.Win32.Dyfuca.dt 1
C:\Program Files\Norton AntiVirus\Quarantine\0DE83650 Infected: Trojan-Downloader.Win32.VB.kq 1
C:\Program Files\Norton AntiVirus\Quarantine\0DEC604C Infected: Trojan-Downloader.Win32.IstBar.gen 1
C:\Program Files\Norton AntiVirus\Quarantine\0DEF0A48 Infected: Trojan-Downloader.Win32.IstBar.gen 1
C:\Program Files\Norton AntiVirus\Quarantine\0DF6774A Infected: Trojan-Downloader.Win32.Small.skn 1
C:\Program Files\Norton AntiVirus\Quarantine\0EB2232B Infected: not-a-virus:AdWare.Win32.WinAD.bl 1
C:\Program Files\Norton AntiVirus\Quarantine\0F2636A8 Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\1020291E Infected: not-a-virus:AdWare.Win32.CASClient.a 1
C:\Program Files\Norton AntiVirus\Quarantine\121948F7 Infected: Email-Worm.Win32.Delf.i 1
C:\Program Files\Norton AntiVirus\Quarantine\138F3EAA Infected: not-a-virus:AdWare.Win32.CASClient.i 1
C:\Program Files\Norton AntiVirus\Quarantine\14573FCF Infected: Trojan-PSW.Win32.Sinowal.ad 1
C:\Program Files\Norton AntiVirus\Quarantine\14AA665E Infected: Trojan.Win32.ExitWin.z 1
C:\Program Files\Norton AntiVirus\Quarantine\15D27527 Infected: Trojan.Win32.Dialer.ay 1
C:\Program Files\Norton AntiVirus\Quarantine\15DB4702 Infected: Trojan-Downloader.Win32.Small.atl 1
C:\Program Files\Norton AntiVirus\Quarantine\163712E1 Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\175A41A7 Infected: not-a-virus:AdWare.Win32.BookedSpace.g 1
C:\Program Files\Norton AntiVirus\Quarantine\17C137AE Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\18272DB6 Infected: Trojan-Downloader.Win32.Small.cxx 1
C:\Program Files\Norton AntiVirus\Quarantine\188D23BD Infected: Trojan-Spy.Win32.Small.fe 1
C:\Program Files\Norton AntiVirus\Quarantine\1CDD760A Infected: Trojan-GameThief.Win32.Nilage.pa 1
C:\Program Files\Norton AntiVirus\Quarantine\1CE93B3A Infected: Trojan-GameThief.Win32.Nilage.pa 1
C:\Program Files\Norton AntiVirus\Quarantine\1CF34722 Infected: not-a-virus:AdWare.Win32.BookedSpace.g 1
C:\Program Files\Norton AntiVirus\Quarantine\1D7F343E Infected: Trojan-Downloader.Win32.Tibs.cn 1
C:\Program Files\Norton AntiVirus\Quarantine\1DAA04F5 Infected: Trojan-Downloader.Win32.Agent.anh 1
C:\Program Files\Norton AntiVirus\Quarantine\1E091C47 Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\203C147C Infected: Trojan-Spy.Win32.SCKeyLog.au 1
C:\Program Files\Norton AntiVirus\Quarantine\22837636 Infected: Trojan-Proxy.Win32.Agent.ji 1
C:\Program Files\Norton AntiVirus\Quarantine\2285079E Infected: not-a-virusownloader.Win32.WinFixer.l 1
C:\Program Files\Norton AntiVirus\Quarantine\22A31A13 Infected: Trojan-Downloader.Win32.Small.yj 1
C:\Program Files\Norton AntiVirus\Quarantine\22A7440F Infected: Trojan-Dropper.Win32.Agent.mu 1
C:\Program Files\Norton AntiVirus\Quarantine\22FA4549 Infected: Trojan-Downloader.Win32.Small.skn 1
C:\Program Files\Norton AntiVirus\Quarantine\235173AD Infected: Trojan.Win32.Dialer.ay 1
C:\Program Files\Norton AntiVirus\Quarantine\23547550 Infected: Backdoor.Win32.Dumador.ft 1
C:\Program Files\Norton AntiVirus\Quarantine\23571F4D Infected: Trojan-Dropper.Win32.Agent.mu 1
C:\Program Files\Norton AntiVirus\Quarantine\235A4949 Infected: Trojan.Win32.EliteBar.c 1
C:\Program Files\Norton AntiVirus\Quarantine\235D7346 Infected: Trojan-PSW.Win32.Sinowal.ad 1
C:\Program Files\Norton AntiVirus\Quarantine\23B769B4 Infected: Trojan.Win32.Crypt.t 1
C:\Program Files\Norton AntiVirus\Quarantine\23C10C95 Infected: Trojan.Win32.Opnis.n 1
C:\Program Files\Norton AntiVirus\Quarantine\23DA2EBD Infected: Trojan-Dropper.Win32.Agent.mu 1
C:\Program Files\Norton AntiVirus\Quarantine\2413191E Infected: Packed.Win32.NSAnti.r 1
C:\Program Files\Norton AntiVirus\Quarantine\247C6068 Infected: Trojan.Win32.EliteBar.d 1
C:\Program Files\Norton AntiVirus\Quarantine\24FC5B28 Infected: Trojan-Downloader.Win32.Small.cgy 1
C:\Program Files\Norton AntiVirus\Quarantine\275574E8 Infected: Email-Worm.Win32.Delf.i 1
C:\Program Files\Norton AntiVirus\Quarantine\27581EE4 Infected: Trojan-Downloader.Win32.Small.cgy 1
C:\Program Files\Norton AntiVirus\Quarantine\275C48E1 Infected: Trojan-Proxy.Win32.Small.em 1
C:\Program Files\Norton AntiVirus\Quarantine\277A1824 Infected: Trojan-Downloader.Win32.Small.cyb 1
C:\Program Files\Norton AntiVirus\Quarantine\28EB6CB2 Infected: Email-Worm.Win32.Locksky.ag 1
C:\Program Files\Norton AntiVirus\Quarantine\2930737A Infected: Trojan-Clicker.Win32.Small.ja 1
C:\Program Files\Norton AntiVirus\Quarantine\2A0365F5 Infected: Trojan-Dropper.Win32.Agent.mu 1
C:\Program Files\Norton AntiVirus\Quarantine\2AE10D01 Infected: Exploit.Java.ByteVerify 2
C:\Program Files\Norton AntiVirus\Quarantine\2AE10D01 Infected: Trojan-Downloader.Java.OpenConnection.aa 1
C:\Program Files\Norton AntiVirus\Quarantine\2B027BE7 Infected: Trojan-Downloader.Win32.Tibs.fj 1
C:\Program Files\Norton AntiVirus\Quarantine\2B336B1A Infected: not-a-virus:AdWare.Win32.BetterInternet.h 1
C:\Program Files\Norton AntiVirus\Quarantine\2B607275 Infected: Trojan-Downloader.Win32.Small.awa 1
C:\Program Files\Norton AntiVirus\Quarantine\2B91683F Infected: Trojan-Dropper.Win32.Small.amf 1
C:\Program Files\Norton AntiVirus\Quarantine\2BBC0A10 Infected: Trojan-GameThief.Win32.Nilage.pa 1
C:\Program Files\Norton AntiVirus\Quarantine\2E15439C Infected: Trojan-Downloader.Win32.VB.kq 1
C:\Program Files\Norton AntiVirus\Quarantine\2E731BF1 Infected: Trojan-Proxy.Win32.Agent.df 1
C:\Program Files\Norton AntiVirus\Quarantine\2EE12FAB Infected: not-a-virus:AdWare.Win32.Maxifiles.l 1
C:\Program Files\Norton AntiVirus\Quarantine\2EE63695 Infected: Trojan.Win32.Kolweb.b 1
C:\Program Files\Norton AntiVirus\Quarantine\2FDC6086 Infected: not-a-virus:AdWare.Win32.CASClient.a 2
C:\Program Files\Norton AntiVirus\Quarantine\2FE90126 Infected: Trojan-Spy.Win32.Delf.ig 1
C:\Program Files\Norton AntiVirus\Quarantine\30337126 Infected: Email-Worm.Win32.Locksky.aj 1
C:\Program Files\Norton AntiVirus\Quarantine\30573EFF Infected: Trojan.Win32.Small.ev 1
C:\Program Files\Norton AntiVirus\Quarantine\30D20EF4 Infected: Trojan-PSW.Win32.Sinowal.aa 1
C:\Program Files\Norton AntiVirus\Quarantine\328C3BE8 Infected: Email-Worm.Win32.Locksky.aj 1
C:\Program Files\Norton AntiVirus\Quarantine\34276321 Infected: Trojan-Dropper.Win32.Agent.aac 1
C:\Program Files\Norton AntiVirus\Quarantine\348555F1 Infected: not-a-virusownloader.Win32.WinFixer.o 1
C:\Program Files\Norton AntiVirus\Quarantine\34F8133D Infected: Trojan-Downloader.Win32.Small.cxx 1
C:\Program Files\Norton AntiVirus\Quarantine\36FD3282 Infected: Trojan.Win32.StartPage.aw 1
C:\Program Files\Norton AntiVirus\Quarantine\3A0B75A3 Infected: Trojan-Downloader.Win32.VB.nh 1
C:\Program Files\Norton AntiVirus\Quarantine\3A726BAA Infected: not-a-virus:AdWare.Win32.WinAD.cx 1
C:\Program Files\Norton AntiVirus\Quarantine\3B363A06 Infected: Trojan-Downloader.Win32.Tibs.cn 1
C:\Program Files\Norton AntiVirus\Quarantine\3BA627ED Infected: Trojan-Downloader.Win32.TSUpdate.n 1
C:\Program Files\Norton AntiVirus\Quarantine\3BA627ED Infected: Trojan-Downloader.Win32.TSUpdate.r 1
C:\Program Files\Norton AntiVirus\Quarantine\3BA627ED Infected: Trojan-Downloader.Win32.TSUpdate.l 1
C:\Program Files\Norton AntiVirus\Quarantine\3BA627ED Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Program Files\Norton AntiVirus\Quarantine\3C1275B7 Infected: Trojan-Proxy.Win32.Agent.jw 1
C:\Program Files\Norton AntiVirus\Quarantine\3CD42DAB Infected: Trojan-Downloader.Win32.Tibs.cn 1
C:\Program Files\Norton AntiVirus\Quarantine\3D997D92 Infected: Trojan.Win32.EliteBar.c 1
C:\Program Files\Norton AntiVirus\Quarantine\40CC514C Infected: Trojan-Downloader.Win32.Small.atl 1
C:\Program Files\Norton AntiVirus\Quarantine\425A29F3 Infected: Trojan-Downloader.Win32.Tibs.cs 1
C:\Program Files\Norton AntiVirus\Quarantine\4403746B Infected: Trojan-Dropper.Win32.Delf.th 1
C:\Program Files\Norton AntiVirus\Quarantine\44904FDB Infected: Trojan-Downloader.Win32.Small.cux 1
C:\Program Files\Norton AntiVirus\Quarantine\453D5679 Infected: not-a-virus:AdWare.Win32.CommAd.a 2
C:\Program Files\Norton AntiVirus\Quarantine\453D5679 Infected: not-a-virus:Monitor.Win32.NetMon.a 1
C:\Program Files\Norton AntiVirus\Quarantine\46681DB0 Infected: not-a-virus:AdWare.Win32.ImiBar.h 1
C:\Program Files\Norton AntiVirus\Quarantine\46DD0A06 Infected: Trojan-Downloader.Win32.Qoologic.c 1
C:\Program Files\Norton AntiVirus\Quarantine\478C7A27 Infected: Trojan.Win32.Dialer.pw 1
C:\Program Files\Norton AntiVirus\Quarantine\47B43309 Infected: Trojan-Clicker.Win32.Agent.ac 1
C:\Program Files\Norton AntiVirus\Quarantine\483A6A48 Infected: Trojan-Spy.Win32.Agent.hq 1
C:\Program Files\Norton AntiVirus\Quarantine\4C5D2875 Infected: not-a-virus:AdWare.Win32.BookedSpace.e 1
C:\Program Files\Norton AntiVirus\Quarantine\4D6939F9 Infected: Trojan-Downloader.Win32.Tiny.ba 1
C:\Program Files\Norton AntiVirus\Quarantine\4D7A47AB.htm Infected: Exploit.HTML.IframeBof 1
C:\Program Files\Norton AntiVirus\Quarantine\4E374ADA.htm Infected: Exploit.HTML.IframeBof 1
C:\Program Files\Norton AntiVirus\Quarantine\4ED40505 Infected: Trojan-Spy.Win32.Small.fe 1
C:\Program Files\Norton AntiVirus\Quarantine\519263A7 Infected: Trojan-Downloader.Win32.Small.cqy 1
C:\Program Files\Norton AntiVirus\Quarantine\51F859AF Infected: not-a-virus:AdWare.Win32.E2Give.d 1
C:\Program Files\Norton AntiVirus\Quarantine\52573203 Infected: Trojan.Win32.Agent.oh 1
C:\Program Files\Norton AntiVirus\Quarantine\52BA3636 Infected: Email-Worm.Win32.Locksky.aj 1
C:\Program Files\Norton AntiVirus\Quarantine\537E7A71 Infected: Trojan-Downloader.Win32.Agent.aaf 1
C:\Program Files\Norton AntiVirus\Quarantine\57E226F6 Infected: Trojan-Downloader.Win32.CWS.s 1
C:\Program Files\Norton AntiVirus\Quarantine\58276FDC Infected: not-a-virus:AdWare.Win32.CASClient.d 1
C:\Program Files\Norton AntiVirus\Quarantine\584D07D4 Infected: Email-Worm.Win32.Locksky.ag 1
C:\Program Files\Norton AntiVirus\Quarantine\5A1F6110 Infected: Trojan-Downloader.Win32.TSUpdate.o 1
C:\Program Files\Norton AntiVirus\Quarantine\5A1F6110 Infected: not-a-virus:AdWare.Win32.Mostofate.u 1
C:\Program Files\Norton AntiVirus\Quarantine\5A9E4C6D Infected: Trojan.Win32.Crypt.t 1
C:\Program Files\Norton AntiVirus\Quarantine\5B1E7986 Infected: Trojan-Proxy.Win32.Xorpix.ac 1
C:\Program Files\Norton AntiVirus\Quarantine\5BC1245A Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\5CBD299E Infected: not-a-virus:AdWare.Win32.Mostofate.u 1
C:\Program Files\Norton AntiVirus\Quarantine\5D231FA6 Infected: Trojan.Win32.Crypt.t 1
C:\Program Files\Norton AntiVirus\Quarantine\5D5D5264 Infected: Trojan-Downloader.Win32.Small.cgy 1
C:\Program Files\Norton AntiVirus\Quarantine\5D8915AD Infected: Trojan-Downloader.Win32.IstBar.gen 1
C:\Program Files\Norton AntiVirus\Quarantine\5DEF0BB5 Infected: Trojan-Downloader.Win32.Small.buy 1
C:\Program Files\Norton AntiVirus\Quarantine\5DEF0BB5 Infected: not-a-virus:AdWare.Win32.Mostofate.u 1
C:\Program Files\Norton AntiVirus\Quarantine\5E5501BD Infected: Trojan-Spy.Win32.Delf.ig 1
C:\Program Files\Norton AntiVirus\Quarantine\5F2E7327 Infected: Trojan.Win32.Crypt.t 1
C:\Program Files\Norton AntiVirus\Quarantine\5F4741D8 Infected: Trojan-Downloader.Win32.Small.bgl 1
C:\Program Files\Norton AntiVirus\Quarantine\62FF3A66 Infected: Trojan-Downloader.Win32.Tiny.ba 1
C:\Program Files\Norton AntiVirus\Quarantine\638C7566 Infected: Trojan-Downloader.Win32.Agent.aly 1
C:\Program Files\Norton AntiVirus\Quarantine\63F03744 Infected: not-a-virus:AdWare.Win32.MediaMotor.o 1
C:\Program Files\Norton AntiVirus\Quarantine\664855A1 Infected: Trojan-Downloader.Win32.Dyfuca.ey 1
C:\Program Files\Norton AntiVirus\Quarantine\666713D4 Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\684D659D Infected: Trojan-Downloader.Win32.Small.cxx 1
C:\Program Files\Norton AntiVirus\Quarantine\697F47B4 Infected: not-a-virus:AdWare.Win32.MediaMotor.p 1
C:\Program Files\Norton AntiVirus\Quarantine\69B05B76 Infected: HackTool.Win32.Sniffer.WpePro.a 1
C:\Program Files\Norton AntiVirus\Quarantine\69DD2008 Infected: Trojan-Mailfinder.Win32.Agent.l 1
C:\Program Files\Norton AntiVirus\Quarantine\69E53DBB Infected: Trojan-Proxy.Win32.Small.bt 1
C:\Program Files\Norton AntiVirus\Quarantine\6B110940 Infected: Trojan-Downloader.Win32.Qoologic.ax 1
C:\Program Files\Norton AntiVirus\Quarantine\6D8865D0 Infected: not-a-virus:AdWare.Win32.PurityScan.ak 1
C:\Program Files\Norton AntiVirus\Quarantine\6DD853BF Infected: Trojan-Downloader.Win32.Small.skn 1
C:\Program Files\Norton AntiVirus\Quarantine\6FAB3B45 Infected: Trojan-Downloader.Win32.Small.buy 1
C:\Program Files\Norton AntiVirus\Quarantine\6FAB3B45 Infected: not-a-virus:AdWare.Win32.Mostofate.u 1
C:\Program Files\Norton AntiVirus\Quarantine\7183471C Infected: Trojan-Downloader.Win32.Agent.aly 1
C:\Program Files\Norton AntiVirus\Quarantine\72315B3C Infected: not-a-virus:AdWare.Win32.BetterInternet 1
C:\Program Files\Norton AntiVirus\Quarantine\73DD219C Infected: Trojan-Downloader.Win32.IstBar.ij 1
C:\Program Files\Norton AntiVirus\Quarantine\744317A3 Infected: not-a-virus:AdWare.Win32.SideFind 1
C:\Program Files\Norton AntiVirus\Quarantine\74A90DAB Infected: Trojan-Downloader.Win32.Adload.jm 1
C:\Program Files\Norton AntiVirus\Quarantine\74FB0A76 Infected: Trojan-Dropper.Win32.Delf.th 1
C:\Program Files\Norton AntiVirus\Quarantine\751003B2 Infected: not-a-virus:AdWare.Win32.BookedSpace.e 1
C:\Program Files\Norton AntiVirus\Quarantine\75166E33 Infected: Trojan.Win32.Agent.oh 1
C:\Program Files\Norton AntiVirus\Quarantine\75191830 Infected: Trojan-GameThief.Win32.Nilage.pa 1
C:\Program Files\Norton AntiVirus\Quarantine\756E5C07 Infected: Trojan-Downloader.Win32.Small.awa 1
C:\Program Files\Norton AntiVirus\Quarantine\757679BA Infected: HackTool.Win32.Sniffer.WpePro.w 1
C:\Program Files\Norton AntiVirus\Quarantine\75997DA4 Infected: Exploit.Java.ByteVerify 2
C:\Program Files\Norton AntiVirus\Quarantine\75997DA4 Infected: Trojan-Downloader.Java.OpenConnection.aa 1
C:\Program Files\Norton AntiVirus\Quarantine\76283505 Infected: Trojan-Downloader.Win32.Small.awa 1
C:\Program Files\Norton AntiVirus\Quarantine\765356D7 Infected: Trojan-Dropper.Win32.Small.amf 1
C:\Program Files\Norton AntiVirus\Quarantine\768022A4 Infected: Trojan-GameThief.Win32.Nilage.pa 1
C:\Program Files\Norton AntiVirus\Quarantine\771F145C Infected: Trojan-Spy.Win32.Delf.ig 1
C:\Program Files\Norton AntiVirus\Quarantine\78F749EF Infected: Exploit.Java.ByteVerify 2
C:\Program Files\Norton AntiVirus\Quarantine\78F749EF Infected: Trojan-Downloader.Java.OpenConnection.aa 1
C:\Program Files\Norton AntiVirus\Quarantine\7AF82E1D Infected: Trojan-Downloader.Win32.Small.atl 1
C:\Program Files\Norton AntiVirus\Quarantine\7C2E1E65 Infected: Trojan-Dropper.Win32.Mudrop.cd 1
C:\Program Files\Norton AntiVirus\Quarantine\7C34725E Infected: Trojan-Downloader.Win32.Small.dgk 1
C:\Program Files\Norton AntiVirus\Quarantine\7C371C5A Infected: Trojan-Downloader.Win32.Tibs.fj 1
C:\Program Files\Norton AntiVirus\Quarantine\7C44444C Infected: Trojan-Proxy.Win32.Xmiler.c 1
C:\Program Files\Norton AntiVirus\Quarantine\7C9D31EB Infected: Trojan-Dropper.Win32.Small.amf 1
C:\Program Files\Norton AntiVirus\Quarantine\7CAA59DD Infected: Trojan-Downloader.Win32.Busky.gen 1
C:\Program Files\Norton AntiVirus\Quarantine\7DD91A8E Infected: Trojan-Downloader.Win32.Small.cux 1
C:\Program Files\Norton AntiVirus\Quarantine\7EBA77D1 Infected: Trojan-PSW.Win32.Sinowal.ad 1
C:\Program Files\Norton AntiVirus\Quarantine\7F9E3AC3 Infected: Packed.Win32.NSAnti.r 1
C:\Program Files\Norton AntiVirus\Quarantine\7FD453A2 Infected: not-a-virus:AdWare.Win32.AdSquash.g 1
C:\Program Files\Winamp\winampa.exe Infected: Trojan.Win32.Small.uf 1
C:\Program Files\Windows Media Player\wmplayer.exe.tmp Infected: Trojan-Downloader.Win32.Pacer.e 1
C:\Python22\Lib\site-packages\UnWisePW32.exe Infected: Virus.Win32.Neshta.a 1
C:\Python22\UNWISE.EXE Infected: Virus.Win32.Neshta.a 1
C:\qoobox\Hiv-backup\ERDNT.EXE Infected: Virus.Win32.Neshta.a 1
C:\qoobox\Quarantine\C\Documents and Settings\Owner\My Documents\ICROSO~1.NET\tаskmgr.exe.vir Infected: Virus.Win32.Neshta.a 1
C:\qoobox\Quarantine\C\WINDOWS\svchost.com.vir Infected: Virus.Win32.Neshta.a 1
C:\qoobox\Quarantine\C\WINDOWS\system32\knsasu.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.csr 1
C:\qoobox\Quarantine\[4]-Submit_2008-11-04@8.42.zip Infected: Virus.Win32.Neshta.a 2
C:\qoobox\Quarantine\[4]-Submit_2008-11-04@8.42.zip Infected: Trojan.Win32.VB.gip 1
C:\qoobox\Quarantine\[4]-Submit_2008-11-04@8.42.zip Infected: not-a-virus:AdWare.Win32.SuperJuan.csr 1
C:\Saga\Super Popup Blocker\popkill.exe Infected: Virus.Win32.Neshta.a 1
C:\Saga\Super Popup Blocker\unins000.exe Infected: Virus.Win32.Neshta.a 1
C:\SDFix\apps\download.exe Infected: Virus.Win32.Neshta.a 1