Malwarebytes Installs, Won't Open Even From 'Run'

[DADA]

Attempting to run Malwarebytes on a defiantly broken machine as detailed in this thread:

http://www.malwarebytes.org/forums/index.p...art=#entry33971

[JeanInMontana]

Your sure you disabled all McAfee services? Do as much of the instructions as you can here http://www.malwarebytes.org/forums/index.php?showtopic=2936 Essential the HJT log and Panda. Don't post SBS&D log, just run it and remove anything it finds, and tell me if it's more than cookies.

[DADA]

I'm fairly certain I disabled McAfee, having double checked several times. Being that I still can't run MWB, I can't follow your instructions.

[JeanInMontana]

Yes you can, a good share don't involve opening MBAM.

[RubbeR DuckY]

What error do you receive when you try to run the product? Are you able to install the product and then not open it, or just not able to install it period?

[DADA]

I don't receive an error message when I try to run it, it acts completely unresponsive. I'm able to install it fine.

[DADA]

I was under the assumption the 'Pre-HJT Post Instructions' were arranged in step-by-step order, I apologize for the misunderstanding. Nevertheless, Panda insisted that I didn't have the minimum system requirements required to run a scan (which I do, to my knowledge). ESET Online scanned and removed a myriad of adware and trojans. HijackThis, which I've had installed for a good while previous to this, is unresponsive in the same way MBAM is. I haven't run HJT in a while and, as such, I'm unsure as to whether the last time I ran it was before or after my system contracted AV 08/09. Whatever the case, it ran as it should the last time I tried, if memory serves, anyway. This seems as good a place as any to thank you for the effort on my obstinate computer.

[JeanInMontana]

Your welcome, Im hoping we can fix you. OK at least some was removed. Let's try this special tool since I really need to see a HJT log to tell what's going on. BTW HJT is not a removal tool per se you need to know what to check for removal, it won't on it's own.

Review this article here how to use ComboFix

Be sure you cover the section on How to install and use the Windows XP Recovery Console and make sure it is installed on your machine. This is important should anything go wrong and we need to recover your PC and not lose all the data.

1. Download this file :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe save it to your desktop.

2. Double click combofix.exe. It will be a red icon with a white X on your desktop.

Follow the prompts you will get a blue cmd prompt screen and a choice to choose Y or N. Choose Y and hit enter.

3. When finished, it shall produce a log for you. This logfile is located at C:\ComboFix.txt.

Post that log and a HiJack log in your next reply

Note:

Do not mouseclick combofix's window while its running. That may cause it to stall.

[DADA]

Followed your instructions. Near what I assume to be the end of ComboFix's scan, the computer "crashed" for lack of the proper term. It displayed a blue screen that mentioned dumping the physical memory, I believe. I restarted the system and ComboFix went about its business and produced a log. I tried running HJT and, it remains unresponsive like before. Just for surplus disappointment, I confirmed that MBAM remains unresponsive as well. Here is the log produced by CF:

ComboFix 08-11-07.01 - Owner 2008-11-09 2:31:51.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.426 [GMT -6:00]

Running from: c:\documents and settings\Owner\Desktop\ComboFixx.exe

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\Owner\Application Data\SpyGuardPro

c:\documents and settings\Owner\Application Data\SpyGuardPro\avtasks.dat

c:\documents and settings\Owner\Application Data\SpyGuardPro\Logs\av.log

c:\documents and settings\Owner\Application Data\SpyGuardPro\Logs\ga6Support.log

c:\documents and settings\Owner\Application Data\SpyGuardPro\Logs\update.log

c:\temp\abW9

c:\temp\abW9\tOasF.log

c:\windows\BM9b278ccc.txt

c:\windows\BM9b278ccc.xml

c:\windows\pskt.ini

c:\windows\system32\aagrdman.ini

c:\windows\system32\agyustch.ini

c:\windows\system32\ashpojwa.ini

c:\windows\system32\atcpirtd.ini

c:\windows\system32\axrrowja.ini

c:\windows\system32\bbarygpw.ini

c:\windows\system32\bdaivyut.dll

c:\windows\system32\bdilhkfr.ini

c:\windows\system32\bhaihxyh.ini

c:\windows\system32\bhsoyrdj.ini

c:\windows\system32\bihkauwb.ini

c:\windows\system32\bkloxhyn.ini

c:\windows\system32\bsvubhjd.dll

c:\windows\system32\bucsqami.ini

c:\windows\system32\cbvmxldt.ini

c:\windows\system32\chcphgyl.ini

c:\windows\system32\csqcmosr.dll

c:\windows\system32\culdsakr.ini

c:\windows\system32\daxesvyh.dll

c:\windows\system32\ddexcbby.dll

c:\windows\system32\dfthuvar.ini

c:\windows\system32\dmcvkhhl.ini

c:\windows\system32\drjyiorl.ini

c:\windows\system32\dtbdhvqt.ini

c:\windows\system32\dtfpqtdq.ini

c:\windows\system32\eaiaxowf.ini

c:\windows\system32\ebftkgta.ini

c:\windows\system32\eihxbjqg.ini

c:\windows\system32\enksgutg.dll

c:\windows\system32\eoopvegh.dll

c:\windows\system32\epnsvc.dll

c:\windows\system32\erufsbja.ini

c:\windows\system32\ewedqops.ini

c:\windows\system32\femfwjkn.ini

c:\windows\system32\feyfmhea.ini

c:\windows\system32\fhhkj.bak1

c:\windows\system32\fhhkj.bak2

c:\windows\system32\fhhkj.ini

c:\windows\system32\fhhkj.ini2

c:\windows\system32\fhhkj.tmp

c:\windows\system32\fldylkab.ini

c:\windows\system32\fmksqclg.ini

c:\windows\system32\fngioaqj.ini

c:\windows\system32\ftahemom.ini

c:\windows\system32\fxdnsrvg.ini

c:\windows\system32\gbsyoagm.dll

c:\windows\system32\ggjdquvr.dll

c:\windows\system32\giyajckj.ini

c:\windows\system32\gkvmjeot.ini

c:\windows\system32\glocqurf.ini

c:\windows\system32\gmkxdioo.ini

c:\windows\system32\gpxabmjh.ini

c:\windows\system32\grjhqckg.ini

c:\windows\system32\grxtixgr.ini

c:\windows\system32\hacaivbk.ini

c:\windows\system32\hcsxrpnj.ini

c:\windows\system32\hgevpooe.ini

c:\windows\system32\hhjvckkh.ini

c:\windows\system32\hhsxpths.ini

c:\windows\system32\hljwwanh.dll

c:\windows\system32\hqomfmni.ini

c:\windows\system32\icldlyvv.ini

c:\windows\system32\idbcboda.ini

c:\windows\system32\idduvobe.ini

c:\windows\system32\iltcmdsl.ini

c:\windows\system32\ipvfvahw.ini

c:\windows\system32\isuwtjqi.ini

c:\windows\system32\iwrvlrur.ini

c:\windows\system32\iwtbcoyc.dll

c:\windows\system32\jaikknye.ini

c:\windows\system32\jedhikjb.ini

c:\windows\system32\jgrbqgjr.ini

c:\windows\system32\jhcvuiij.ini

c:\windows\system32\jkhhf.dll

c:\windows\system32\jmtllktv.ini

c:\windows\system32\jswhhjkw.ini

c:\windows\system32\jxyobtar.ini

c:\windows\system32\jysekmsa.ini

c:\windows\system32\kaojbaex.ini

c:\windows\system32\kaoyosek.dll

c:\windows\system32\kexvqxcm.ini

c:\windows\system32\khyxgpnm.ini

c:\windows\system32\kqdqim.dll

c:\windows\system32\kwwvottv.ini

c:\windows\system32\kypbpwma.ini

c:\windows\system32\lfrxognx.ini

c:\windows\system32\lginlfxk.ini

c:\windows\system32\lksskkvh.ini

c:\windows\system32\lnisniog.ini

c:\windows\system32\lxsesaqe.ini

c:\windows\system32\mbprvvim.ini

c:\windows\system32\mcrh.tmp

c:\windows\system32\mfudgbsn.dll

c:\windows\system32\mnkvshcg.ini

c:\windows\system32\mnodckgl.ini

c:\windows\system32\mpdkgknn.ini

c:\windows\system32\MSINET.oca

c:\windows\system32\muwbtvwy.ini

c:\windows\system32\myxrpmju.ini

c:\windows\system32\ndtupymo.ini

c:\windows\system32\ngvmtlvf.ini

c:\windows\system32\nqrkvovr.ini

c:\windows\system32\nsnsvdsc.ini

c:\windows\system32\ohqcvakw.ini

c:\windows\system32\ohxmif.dll

c:\windows\system32\oqldrbcw.ini

c:\windows\system32\oslcmfij.ini

c:\windows\system32\pgfmidjj.ini

c:\windows\system32\ptsrucri.ini

c:\windows\system32\pwwsihof.dll

c:\windows\system32\pwwyaieg.ini

c:\windows\system32\qfjyfaph.ini

c:\windows\system32\qgevlnpu.ini

c:\windows\system32\qghxyuxo.ini

c:\windows\system32\qgseftgg.ini

c:\windows\system32\qinpmqnb.ini

c:\windows\system32\qmmvftiu.ini

c:\windows\system32\qqlbjyup.ini

c:\windows\system32\qwqqnpwe.ini

c:\windows\system32\ramfxzub.dllbox

c:\windows\system32\rdwmsljf.ini

c:\windows\system32\rfdtmuad.ini

c:\windows\system32\rghdhoxf.ini

c:\windows\system32\rgscfytd.dll

c:\windows\system32\riiowpwf.ini

c:\windows\system32\rMa01yy

c:\windows\system32\rpsjibhs.ini

c:\windows\system32\rqqponji.ini

c:\windows\system32\rrvumdfl.ini

c:\windows\system32\rrwjtwgl.ini

c:\windows\system32\rshxsorp.ini

c:\windows\system32\rvwsgwcl.ini

c:\windows\system32\safhjcut.ini

c:\windows\system32\sbbgxgmo.ini

c:\windows\system32\sfsslxni.ini

c:\windows\system32\sgywxwdx.ini

c:\windows\system32\shkjmbkv.ini

c:\windows\system32\smiexgbc.ini

c:\windows\system32\spoeqyyf.ini

c:\windows\system32\sqgdbbxw.ini

c:\windows\system32\sqnwxmfs.ini

c:\windows\system32\svvaubua.ini

c:\windows\system32\tdtpycei.ini

c:\windows\system32\tfxwynfo.ini

c:\windows\system32\tgdkudnc.ini

c:\windows\system32\tniilqhl.ini

c:\windows\system32\tsowmkby.ini

c:\windows\system32\tvpmup.dll

c:\windows\system32\uiwbgvky.ini

c:\windows\system32\uiygsgja.ini

c:\windows\system32\ujotdlcb.ini

c:\windows\system32\ukbquufy.ini

c:\windows\system32\uqlalioh.ini

c:\windows\system32\urjpjqky.ini

c:\windows\system32\uvnxmvmk.ini

c:\windows\system32\uxpqvlol.ini

c:\windows\system32\uytgvwtw.ini

c:\windows\system32\vihbxgcn.ini

c:\windows\system32\vkagsdbo.ini

c:\windows\system32\vqkqgnan.ini

c:\windows\system32\vsprcoff.ini

c:\windows\system32\vsycygju.ini

c:\windows\system32\wgfxbp.dll

c:\windows\system32\wkqufruj.ini

c:\windows\system32\wlrokuka.ini

c:\windows\system32\wqkuvhed.ini

c:\windows\system32\wqvkaebu.ini

c:\windows\system32\xblgjg.dll

c:\windows\system32\xbophjhw.ini

c:\windows\system32\xfhgogne.ini

c:\windows\system32\xhuvoofp.ini

c:\windows\system32\xjokehhv.ini

c:\windows\system32\xlluxtpy.ini

c:\windows\system32\xnbxlwfu.ini

c:\windows\system32\xsarquth.ini

c:\windows\system32\xvvwceld.ini

c:\windows\system32\xxwacbws.ini

c:\windows\system32\yeshuirc.ini

c:\windows\system32\yjkbig.dll

c:\windows\system32\ymtegoxm.ini

c:\windows\system32\ynqvheiy.ini

c:\windows\system32\ypsheyep.ini

c:\windows\system32\yrkwjrnx.ini

c:\windows\system32\yrueosmg.ini

c:\windows\system32\ysnrsnhv.ini

c:\windows\system32\yvipjlgx.ini

c:\windows\system32\zfkyoh.dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_DOMAINSERVICE

((((((((((((((((((((((((( Files Created from 2008-10-09 to 2008-11-09 )))))))))))))))))))))))))))))))

.

2008-11-09 02:17 . 2008-11-09 02:17 <DIR> d-------- c:\windows\Sun

2008-11-08 22:58 . 2008-11-08 23:54 <DIR> d-------- c:\program files\EsetOnlineScanner

2008-11-08 22:49 . 2008-11-08 22:49 <DIR> d-------- c:\program files\Panda Security

2008-11-07 23:20 . 2008-11-07 23:20 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2008-11-07 23:20 . 2008-10-22 16:27 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2008-11-07 23:20 . 2008-10-22 16:27 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2008-11-07 17:42 . 2008-11-07 17:42 <DIR> d-------- c:\program files\TeaTimer (Spybot - Search & Destroy)

2008-11-07 17:42 . 2008-11-07 17:42 <DIR> d-------- c:\program files\SDHelper (Spybot - Search & Destroy)

2008-11-07 17:42 . 2008-11-07 17:42 <DIR> d-------- c:\program files\Misc. Support Library (Spybot - Search & Destroy)

2008-11-07 17:42 . 2008-11-07 17:42 <DIR> d-------- c:\program files\File Scanner Library (Spybot - Search & Destroy)

2008-11-07 17:13 . 2008-11-07 23:21 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2008-10-13 19:21 . 2008-10-13 19:22 <DIR> d-------- c:\program files\iTunes

2008-10-13 19:21 . 2008-10-13 19:21 <DIR> d-------- c:\program files\iPod

2008-10-13 19:21 . 2008-10-13 19:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-10-13 19:07 . 2008-10-13 19:12 <DIR> d-------- c:\program files\QuickTime

2008-10-13 18:45 . 2008-10-13 18:45 <DIR> d-------- c:\program files\Bonjour

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-11-09 05:09 --------- d-----w c:\program files\AIM

2008-11-08 03:21 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2008-11-07 23:49 --------- d-----w c:\program files\Spybot - Search & Destroy

2008-11-07 23:18 --------- d-----w c:\program files\McAfee

2008-10-14 01:07 --------- d-----w c:\program files\Common Files\Apple

2008-10-08 18:06 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore

2008-09-30 22:55 --------- d-----w c:\documents and settings\All Users\Application Data\SiteAdvisor

2008-09-30 22:54 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee

2008-09-30 05:58 120,896 ----a-w c:\windows\system32\wyortx.dll

2008-09-30 05:58 120,896 ----a-w c:\windows\system32\thjkgkan.dll

2008-09-30 05:58 103,488 ----a-w c:\windows\system32\fpoillup.dll

2008-09-29 05:58 122,432 ----a-w c:\windows\system32\obhuuebp.dll

2008-09-29 05:58 122,432 ----a-w c:\windows\system32\ehnmlf.dll

2008-09-29 05:58 104,512 ----a-w c:\windows\system32\uiatlxhx.dll

2008-09-28 06:01 120,896 ----a-w c:\windows\system32\wogtjxjd.dll

2008-09-28 06:01 120,896 ----a-w c:\windows\system32\fkkeuc.dll

2008-09-28 05:58 105,024 ----a-w c:\windows\system32\ejxggkfy.dll

2008-09-27 06:04 121,408 ----a-w c:\windows\system32\pctkxtbx.dll

2008-09-27 06:04 121,408 ----a-w c:\windows\system32\kjehod.dll

2008-09-27 05:58 106,048 ----a-w c:\windows\system32\cqmyclht.dll

2008-09-26 06:01 122,432 ----a-w c:\windows\system32\ecnumw.dll

2008-09-26 06:01 122,432 ----a-w c:\windows\system32\avsnjpsu.dll

2008-09-26 05:58 106,048 ----a-w c:\windows\system32\yhjhxbui.dll

2008-09-25 06:01 121,920 ----a-w c:\windows\system32\lncxkpjf.dll

2008-09-25 06:01 121,920 ----a-w c:\windows\system32\leioei.dll

2008-09-25 05:58 104,512 ----a-w c:\windows\system32\bgjkheia.dll

2008-09-24 05:58 119,872 ----a-w c:\windows\system32\rlbqmc.dll

2008-09-24 05:58 119,872 ----a-w c:\windows\system32\louaptjj.dll

2008-09-24 05:55 105,024 ----a-w c:\windows\system32\hfbgnftc.dll

2008-09-23 06:01 120,384 ----a-w c:\windows\system32\uuxjgwao.dll

2008-09-23 06:01 120,384 ----a-w c:\windows\system32\mpspbq.dll

2008-09-23 05:55 102,976 ----a-w c:\windows\system32\lwnueilh.dll

2008-09-22 06:01 121,408 ----a-w c:\windows\system32\wfjvus.dll

2008-09-22 06:01 121,408 ----a-w c:\windows\system32\stjtnbbu.dll

2008-09-22 05:55 106,048 ----a-w c:\windows\system32\jtfutdri.dll

2008-09-21 05:58 120,896 ----a-w c:\windows\system32\vvuogz.dll

2008-09-21 05:58 120,896 ----a-w c:\windows\system32\vabwbwnc.dll

2008-09-21 05:55 104,512 ----a-w c:\windows\system32\whxaonbu.dll

2008-09-20 05:58 120,384 ----a-w c:\windows\system32\leoisyax.dll

2008-09-20 05:58 120,384 ----a-w c:\windows\system32\esjaaj.dll

2008-09-20 05:52 105,536 ----a-w c:\windows\system32\ixoarcar.dll

2008-09-19 05:58 121,920 ----a-w c:\windows\system32\hjrqceqv.dll

2008-09-19 05:58 121,920 ----a-w c:\windows\system32\eixjvf.dll

2008-09-19 05:52 106,048 ----a-w c:\windows\system32\hjbiuuvf.dll

2008-09-18 05:55 120,896 ----a-w c:\windows\system32\vhwtcd.dll

2008-09-18 05:55 120,896 ----a-w c:\windows\system32\uaeqcjtk.dll

2008-09-18 05:52 105,024 ----a-w c:\windows\system32\alleabys.dll

2008-09-17 05:55 122,432 ----a-w c:\windows\system32\rdlpeo.dll

2008-09-17 05:55 122,432 ----a-w c:\windows\system32\cfojkboy.dll

2008-09-17 05:51 106,048 ----a-w c:\windows\system32\gtvcmxrr.dll

2008-09-16 15:06 120,896 ----a-w c:\windows\system32\xkacfc.dll

2008-09-16 15:06 120,896 ----a-w c:\windows\system32\ludwudgg.dll

2008-09-16 15:00 103,488 ----a-w c:\windows\system32\kqqmhqyq.dll

2008-09-15 15:06 120,896 ----a-w c:\windows\system32\iowmmeuj.dll

2008-09-15 15:06 120,896 ----a-w c:\windows\system32\bktmws.dll

2008-09-15 15:00 105,024 ----a-w c:\windows\system32\varkqlhf.dll

2008-09-14 15:06 120,896 ----a-w c:\windows\system32\ijdtma.dll

2008-09-14 15:06 120,896 ----a-w c:\windows\system32\dunnxgtj.dll

2008-09-14 15:00 104,000 ----a-w c:\windows\system32\ppwdydwb.dll

2008-09-13 15:06 119,872 ----a-w c:\windows\system32\vljuhecr.dll

2008-09-13 15:06 119,872 ----a-w c:\windows\system32\irkzku.dll

2008-09-13 15:00 104,000 ----a-w c:\windows\system32\niknldit.dll

2008-09-12 15:00 121,408 ----a-w c:\windows\system32\qosaaomd.dll

2008-09-12 15:00 121,408 ----a-w c:\windows\system32\isfitk.dll

2008-09-12 14:57 103,488 ----a-w c:\windows\system32\xlpdgjxt.dll

2008-09-11 15:03 121,408 ----a-w c:\windows\system32\ddaxlk.dll

2008-09-11 15:03 121,408 ----a-w c:\windows\system32\brestcif.dll

2008-09-11 14:57 106,560 ----a-w c:\windows\system32\dfnrjnnn.dll

2008-09-10 15:06 119,360 ----a-w c:\windows\system32\tkyczm.dll

2008-09-10 15:06 119,360 ----a-w c:\windows\system32\ggkmyvty.dll

2008-09-10 15:00 107,072 ----a-w c:\windows\system32\qmmskpwu.dll

2008-09-09 15:00 121,920 ----a-w c:\windows\system32\ofasfxnw.dll

2008-09-09 15:00 121,920 ----a-w c:\windows\system32\edavbu.dll

2008-09-09 14:57 102,976 ----a-w c:\windows\system32\bjwnltgx.dll

2008-09-08 15:03 122,944 ----a-w c:\windows\system32\hwdbqk.dll

2008-09-08 15:03 122,944 ----a-w c:\windows\system32\cbomdqaf.dll

2008-09-08 14:57 106,048 ----a-w c:\windows\system32\hjpxhqhe.dll

2008-09-07 15:00 120,384 ----a-w c:\windows\system32\tlyzlm.dll

2008-09-07 15:00 120,384 ----a-w c:\windows\system32\athbfpgp.dll

2008-09-07 14:57 108,096 ----a-w c:\windows\system32\cdwxeqxv.dll

2008-09-06 15:00 120,896 ----a-w c:\windows\system32\ukkhndyc.dll

2008-09-06 15:00 120,896 ----a-w c:\windows\system32\pjszzf.dll

2008-09-06 14:54 104,512 ----a-w c:\windows\system32\vujepxvr.dll

2008-09-05 18:23 120,896 ----a-w c:\windows\system32\sthawj.dll

2008-09-05 18:23 120,896 ----a-w c:\windows\system32\ijblyoon.dll

2008-09-05 18:20 102,976 ----a-w c:\windows\system32\imvitxwi.dll

2008-09-04 18:23 121,408 ----a-w c:\windows\system32\zkbere.dll

2008-09-04 18:23 121,408 ----a-w c:\windows\system32\jhneoypf.dll

2008-09-04 18:18 105,024 ----a-w c:\windows\system32\btcvccmd.dll

2008-09-01 17:00 111,168 ----a-w c:\windows\system32\zeuzzv.dll

2008-09-01 17:00 111,168 ----a-w c:\windows\system32\bbfpwbhq.dll

2008-09-01 16:57 104,512 ----a-w c:\windows\system32\rmfferjb.dll

2008-09-01 11:59 111,168 ----a-w c:\windows\system32\qyhsod.dll

2008-09-01 11:59 111,168 ----a-w c:\windows\system32\fhifcgll.dll

2008-09-01 11:56 82,496 ----a-w c:\windows\system32\whjhpobx.dll

2008-09-01 11:51 104,512 ----a-w c:\windows\system32\khtpntor.dll

2008-09-01 11:07 111,168 ----a-w c:\windows\system32\nnohma.dll

2008-09-01 11:07 111,168 ----a-w c:\windows\system32\nnfldxgy.dll

2008-09-01 11:04 104,512 ----a-w c:\windows\system32\xwkrevyh.dll

2008-09-01 10:51 111,168 ----a-w c:\windows\system32\toneuplh.dll

2007-08-12 04:50 56 --sh--r c:\windows\system32\30081A4A95.sys

2008-03-05 22:08 5,120 --sha-w c:\windows\system32\KGyGaAvL.sys

.

((((((((((((((((((((((((((((( snapshot@2007-11-10_16.08.46.65 )))))))))))))))))))))))))))))))))))))))))

.

+ 2007-10-29 22:35:13 1,287,680 ----a-w c:\windows\$hf_mig$\KB941568\SP2QFE\quartz.dll

+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB941568\spmsg.dll

+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB941568\spuninst.exe

+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB941568\update\spcustom.dll

+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB941568\update\update.exe

+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB941568\update\updspapi.dll

+ 2007-10-30 16:53:32 360,832 ----a-w c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys

+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB941644\spmsg.dll

+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB941644\spuninst.exe

+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB941644\update\spcustom.dll

+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB941644\update\update.exe

+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB941644\update\updspapi.dll

+ 2007-10-11 05:57:29 1,024,000 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\browseui.dll

+ 2007-10-11 05:57:29 151,040 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\cdfview.dll

+ 2007-10-11 05:57:30 1,054,208 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\danim.dll

+ 2007-10-11 05:57:30 357,888 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\dxtmsft.dll

+ 2007-10-11 05:57:30 205,824 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\dxtrans.dll

+ 2007-10-11 05:57:30 55,808 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\extmgr.dll

+ 2007-10-10 10:48:23 18,432 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\iedw.exe

+ 2007-10-11 05:57:31 251,904 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\iepeers.dll

+ 2007-10-11 05:57:31 96,256 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\inseng.dll

+ 2007-10-11 05:57:31 16,384 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\jsproxy.dll

+ 2007-10-30 09:55:21 3,065,856 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\mshtml.dll

+ 2007-10-11 05:57:36 449,024 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\mshtmled.dll

+ 2007-10-11 05:57:36 146,432 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\msrating.dll

+ 2007-10-11 05:57:37 532,480 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\mstime.dll

+ 2007-10-11 05:57:37 39,424 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\pngfilt.dll

+ 2007-10-11 05:57:39 1,498,112 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\shdocvw.dll

+ 2007-10-11 05:57:40 474,112 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\shlwapi.dll

+ 2007-10-11 05:57:40 617,984 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\urlmon.dll

+ 2007-10-11 05:57:41 666,112 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\wininet.dll

+ 2007-10-10 10:34:35 350,720 ----a-w c:\windows\$hf_mig$\KB942615\SP2QFE\xpsp3res.dll

+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB942615\spmsg.dll

+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB942615\spuninst.exe

+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB942615\update\spcustom.dll

+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB942615\update\update.exe

+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB942615\update\updspapi.dll

+ 2007-11-13 11:02:46 60,416 ----a-w c:\windows\$hf_mig$\KB942763\SP2QFE\tzchange.exe

+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB942763\spmsg.dll

+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB942763\spuninst.exe

+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB942763\update\spcustom.dll

+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB942763\update\update.exe

+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB942763\update\updspapi.dll

+ 2007-11-14 07:18:03 450,560 ----a-w c:\windows\$hf_mig$\KB942840\SP2QFE\jscript.dll

+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB942840\spmsg.dll

+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB942840\spuninst.exe

+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB942840\update\spcustom.dll

+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB942840\update\update.exe

+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB942840\update\updspapi.dll

+ 2007-10-26 03:34:01 8,460,288 ----a-w c:\windows\$hf_mig$\KB943460\SP2QFE\shell32.dll

+ 2007-10-29 10:04:03 350,720 ----a-w c:\windows\$hf_mig$\KB943460\SP2QFE\xpsp3res.dll

+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB943460\spmsg.dll

+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB943460\spuninst.exe

+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB943460\update\spcustom.dll

+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB943460\update\update.exe

+ 2007-03-06 01:23:47 371,424 ----a-w c:\windows\$hf_mig$\KB943460\update\updspapi.dll

+ 2007-11-07 09:50:47 727,040 ----a-w c:\windows\$hf_mig$\KB943485\SP2QFE\lsasrv.dll

+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB943485\spmsg.dll

+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB943485\spuninst.exe

+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB943485\update\spcustom.dll

+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB943485\update\update.exe

+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB943485\update\updspapi.dll

+ 2007-11-13 08:47:45 20,480 ----a-w c:\windows\$hf_mig$\KB944653\SP2QFE\secdrv.sys

+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB944653\spmsg.dll

+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB944653\spuninst.exe

+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB944653\update\spcustom.dll

+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB944653\update\update.exe

+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB944653\update\updspapi.dll

+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB946627\spmsg.dll

+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB946627\spuninst.exe

+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB946627\update\spcustom.dll

+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB946627\update\update.exe

+ 2007-03-06 01:23:47 371,424 ----a-w c:\windows\$hf_mig$\KB946627\update\updspapi.dll

+ 2003-07-16 20:26:37 1,740 -c----w c:\windows\$NtServicePackUninstall$\dcache.bin

+ 2002-08-29 08:32:34 2,816 -c----w c:\windows\$NtServicePackUninstall$\drmkaud.sys

+ 2003-07-16 20:35:52 184,320 -c----w c:\windows\$NtServicePackUninstall$\msh261.drv

+ 2003-07-16 20:46:14 286,720 -c----w c:\windows\$NtServicePackUninstall$\msh263.drv

+ 2001-08-18 05:37:04 22,016 -c----w c:\windows\$NtServicePackUninstall$\wdmaud.drv

+ 2003-07-16 20:51:52 132,096 -c----w c:\windows\$NtServicePackUninstall$\winspool.drv

+ 2005-08-30 03:54:26 1,287,168 -c----w c:\windows\$NtUninstallKB941568$\quartz.dll

+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB941568$\spuninst\spuninst.exe

+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB941568$\spuninst\updspapi.dll

+ 2007-10-27 22:39:36 213,216 -c----w c:\windows\$NtUninstallKB941569$\spuninst\spuninst.exe

+ 2007-10-27 22:39:46 371,424 -c----w c:\windows\$NtUninstallKB941569$\spuninst\updspapi.dll

+ 2004-08-04 07:56:46 230,400 -c----w c:\windows\$NtUninstallKB941569$\wmasf.dll

+ 2006-12-08 01:02:24 2,174,976 -c----w c:\windows\$NtUninstallKB941569$\wmvcore.dll

+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB941644$\spuninst\spuninst.exe

+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB941644$\spuninst\updspapi.dll

+ 2006-04-20 11:51:50 359,808 -c----w c:\windows\$NtUninstallKB941644$\tcpip.sys

+ 2007-08-22 13:12:15 1,022,976 -c----w c:\windows\$NtUninstallKB942615$\browseui.dll

+ 2007-08-22 13:12:15 151,040 -c----w c:\windows\$NtUninstallKB942615$\cdfview.dll

+ 2007-08-22 13:12:16 1,054,208 -c----w c:\windows\$NtUninstallKB942615$\danim.dll

+ 2007-08-22 13:12:16 357,888 -c----w c:\windows\$NtUninstallKB942615$\dxtmsft.dll

+ 2007-08-22 13:12:16 205,312 -c----w c:\windows\$NtUninstallKB942615$\dxtrans.dll

+ 2007-08-22 13:12:16 55,808 -c----w c:\windows\$NtUninstallKB942615$\extmgr.dll

+ 2007-08-21 10:30:45 18,432 -c----w c:\windows\$NtUninstallKB942615$\iedw.exe

+ 2007-08-22 13:12:16 251,392 -c----w c:\windows\$NtUninstallKB942615$\iepeers.dll

+ 2007-08-22 13:12:16 96,256 -c----w c:\windows\$NtUninstallKB942615$\inseng.dll

+ 2007-08-22 13:12:16 16,384 -c----w c:\windows\$NtUninstallKB942615$\jsproxy.dll

+ 2007-08-22 13:12:17 3,058,176 -c----w c:\windows\$NtUninstallKB942615$\mshtml.dll

+ 2007-08-22 13:12:17 449,024 -c----w c:\windows\$NtUninstallKB942615$\mshtmled.dll

+ 2007-08-22 13:12:17 146,432 -c----w c:\windows\$NtUninstallKB942615$\msrating.dll

+ 2007-08-22 13:12:17 532,480 -c----w c:\windows\$NtUninstallKB942615$\mstime.dll

+ 2007-08-22 13:12:17 39,424 -c----w c:\windows\$NtUninstallKB942615$\pngfilt.dll

+ 2007-08-22 13:12:18 1,494,528 -c----w c:\windows\$NtUninstallKB942615$\shdocvw.dll

+ 2007-08-22 13:12:18 474,112 -c----w c:\windows\$NtUninstallKB942615$\shlwapi.dll

+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB942615$\spuninst\spuninst.exe

+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB942615$\spuninst\updspapi.dll

+ 2007-08-22 13:12:18 615,424 -c----w c:\windows\$NtUninstallKB942615$\urlmon.dll

+ 2007-08-22 13:12:18 658,944 -c----w c:\windows\$NtUninstallKB942615$\wininet.dll

+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB942763$\spuninst\spuninst.exe

+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB942763$\spuninst\updspapi.dll

+ 2007-07-18 12:42:22 60,416 -c----w c:\windows\$NtUninstallKB942763$\tzchange.exe

+ 2006-05-18 05:24:25 450,560 -c----w c:\windows\$NtUninstallKB942840$\jscript.dll

+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB942840$\spuninst\spuninst.exe

+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB942840$\spuninst\updspapi.dll

+ 2006-12-19 21:52:18 8,453,632 -c----w c:\windows\$NtUninstallKB943460$\shell32.dll

+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\$NtUninstallKB943460$\spuninst\spuninst.exe

+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\$NtUninstallKB943460$\spuninst\updspapi.dll

+ 2007-08-21 10:20:02 115,712 -c----w c:\windows\$NtUninstallKB943460$\xpsp3res.dll

+ 2006-08-17 12:28:27 721,920 -c----w c:\windows\$NtUninstallKB943485$\lsasrv.dll

+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB943485$\spuninst\spuninst.exe

+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB943485$\spuninst\updspapi.dll

+ 2003-07-16 20:44:08 27,440 -c----w c:\windows\$NtUninstallKB944653$\secdrv.sys

+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB944653$\spuninst\spuninst.exe

+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB944653$\spuninst\updspapi.dll

+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\$NtUninstallKB946627$\spuninst\spuninst.exe

+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\$NtUninstallKB946627$\spuninst\updspapi.dll

+ 2008-03-25 00:33:02 1,527,056 ----a-w c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe

+ 2005-10-21 02:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE

+ 2005-10-21 02:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE

+ 2000-08-31 14:00:00 89,504 ----a-w c:\windows\fdsv.exe

+ 2000-08-31 14:00:00 80,412 ----a-w c:\windows\grep.exe

+ 2008-08-10 01:13:27 27,136 ----a-r c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe

+ 2008-10-14 00:45:19 86,016 ----a-r c:\windows\Installer\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}\PrntWzrdIco.exe

+ 2008-08-10 00:44:53 307,200 ----a-r c:\windows\Installer\{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}\SafariIco.exe

+ 2008-10-14 01:25:11 102,400 ----a-r c:\windows\Installer\{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}\iTunesIco.exe

- 2007-06-17 06:11:58 51,200 ----a-w c:\windows\NirCmd.exe

+ 2000-08-31 14:00:00 28,672 ----a-w c:\windows\NirCmd.exe

+ 2000-08-31 14:00:00 98,816 ----a-w c:\windows\sed.exe

+ 2004-08-04 08:07:21 1,788 ------w c:\windows\ServicePackFiles\i386\dcache.bin

+ 2004-08-04 06:07:57 2,944 ------w c:\windows\ServicePackFiles\i386\drmkaud.sys

+ 2004-08-04 07:56:57 188,416 ------w c:\windows\ServicePackFiles\i386\msh261.drv

+ 2004-08-04 07:56:57 294,912 ------w c:\windows\ServicePackFiles\i386\msh263.drv

+ 2004-08-04 07:56:57 23,552 ------w c:\windows\ServicePackFiles\i386\wdmaud.drv

+ 2004-08-04 07:56:57 146,432 ------w c:\windows\ServicePackFiles\i386\winspool.drv

+ 2000-08-31 14:00:00 161,792 ----a-w c:\windows\SWREG.exe

+ 2000-08-31 14:00:00 136,704 ----a-w c:\windows\SWSC.exe

+ 2000-08-31 14:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe

+ 2003-07-16 20:31:43 2,000 -c--a-w c:\windows\system\KEYBOARD.DRV

+ 2003-07-16 20:32:30 73,376 -c--a-w c:\windows\system\MCIAVI.DRV

+ 2003-07-16 20:32:32 25,264 -c--a-w c:\windows\system\MCISEQ.DRV

+ 2003-07-16 20:32:33 28,160 -c--a-w c:\windows\system\MCIWAVE.DRV

+ 2003-07-16 20:34:07 2,032 -c--a-w c:\windows\system\MOUSE.DRV

+ 2003-07-16 20:45:46 1,744 -c--a-w c:\windows\system\SOUND.DRV

+ 2003-07-16 20:47:27 3,360 -c--a-w c:\windows\system\SYSTEM.DRV

+ 2003-07-16 20:48:08 4,048 -c--a-w c:\windows\system\TIMER.DRV

+ 2003-07-16 20:49:48 2,176 -c--a-w c:\windows\system\VGA.DRV

+ 2003-07-16 20:51:14 13,600 -c--a-w c:\windows\system\WFWNET.DRV

+ 2004-08-04 07:56:57 146,432 ----a-w c:\windows\system\winspool.drv

+ 2008-08-22 01:42:03 105,536 ----a-w c:\windows\system32\abypjnod.dll

+ 2008-07-20 18:31:31 111,680 ----a-w c:\windows\system32\acbcng.dll

+ 2008-08-31 01:51:04 112,704 ----a-w c:\windows\system32\afrylhmo.dll

+ 2008-08-17 01:48:03 120,896 ----a-w c:\windows\system32\aiqilr.dll

+ 2008-07-24 05:10:46 102,464 ----a-w c:\windows\system32\ajwhtgoe.dll

+ 2008-08-14 01:36:03 104,000 ----a-w c:\windows\system32\akrlhbci.dll

+ 2008-08-30 01:45:04 106,560 ----a-w c:\windows\system32\altsbmai.dll

+ 2008-07-06 00:59:22 111,168 ----a-w c:\windows\system32\aofpep.dll

+ 2008-07-02 19:59:36 96,320 ----a-w c:\windows\system32\atgktfbe.dll

+ 2008-08-14 01:39:03 111,168 ----a-w c:\windows\system32\awcgvlgl.dll

+ 2008-08-08 00:39:23 113,216 ----a-w c:\windows\system32\axmjpl.dll

+ 2008-08-25 01:42:04 104,512 ----a-w c:\windows\system32\bpgwcubi.dll

- 2007-08-22 13:12:15 1,022,976 ----a-w c:\windows\system32\browseui.dll

+ 2007-10-11 06:13:44 1,023,488 ----a-w c:\windows\system32\browseui.dll

+ 2008-07-05 23:59:23 111,168 ----a-w c:\windows\system32\bsiarj.dll

- 2007-08-22 13:12:15 151,040 ----a-w c:\windows\system32\cdfview.dll

+ 2007-10-11 06:13:44 151,040 ----a-w c:\windows\system32\cdfview.dll

+ 2008-07-18 23:57:27 110,656 ----a-w c:\windows\system32\cjunzp.dll

+ 2003-07-16 20:25:39 10,544 -c--a-w c:\windows\system32\comm.drv

- 2007-11-10 21:13:30 32,768 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2008-11-08 02:51:00 32,768 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2007-11-10 21:13:30 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2008-11-08 02:51:00 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2008-11-08 02:51:00 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2008-07-18 00:00:27 69,184 ----a-w c:\windows\system32\cuohlipb.dll

+ 2008-07-30 22:04:45 110,656 ----a-w c:\windows\system32\cvgpfn.dll

+ 2008-07-31 22:01:54 104,512 ----a-w c:\windows\system32\cwynhxtv.dll

+ 2008-07-02 23:53:40 110,144 ----a-w c:\windows\system32\cxwpcxex.dll

+ 2008-07-31 22:07:45 113,216 ----a-w c:\windows\system32\daihla.dll

- 2007-08-22 13:12:16 1,054,208 ----a-w c:\windows\system32\danim.dll

+ 2007-10-11 06:13:44 1,054,208 ----a-w c:\windows\system32\danim.dll

+ 2004-08-04 08:07:21 1,788 ----a-w c:\windows\system32\dcache.bin

+ 2008-08-27 01:48:04 120,896 ----a-w c:\windows\system32\debfvsxx.dll

+ 2008-07-12 15:23:20 112,192 ----a-w c:\windows\system32\dichwu.dll

+ 2008-08-18 01:39:03 103,488 ----a-w c:\windows\system32\djkeudoh.dll

- 2007-08-22 13:12:15 1,022,976 -c----w c:\windows\system32\dllcache\browseui.dll

+ 2007-10-11 06:13:44 1,023,488 -c----w c:\windows\system32\dllcache\browseui.dll

- 2007-08-22 13:12:15 151,040 -c----w c:\windows\system32\dllcache\cdfview.dll

+ 2007-10-11 06:13:44 151,040 -c----w c:\windows\system32\dllcache\cdfview.dll

- 2007-08-22 13:12:16 1,054,208 -c--a-w c:\windows\system32\dllcache\danim.dll

+ 2007-10-11 06:13:44 1,054,208 -c--a-w c:\windows\system32\dllcache\danim.dll

- 2007-08-22 13:12:16 357,888 -c----w c:\windows\system32\dllcache\dxtmsft.dll

+ 2007-10-11 06:13:44 357,888 -c----w c:\windows\system32\dllcache\dxtmsft.dll

- 2007-08-22 13:12:16 205,312 -c----w c:\windows\system32\dllcache\dxtrans.dll

+ 2007-10-11 06:13:44 205,312 -c----w c:\windows\system32\dllcache\dxtrans.dll

- 2007-08-22 13:12:16 55,808 -c----w c:\windows\system32\dllcache\extmgr.dll

+ 2007-10-11 06:13:44 55,808 -c----w c:\windows\system32\dllcache\extmgr.dll

- 2007-08-21 10:30:45 18,432 -c----w c:\windows\system32\dllcache\iedw.exe

+ 2007-10-10 11:16:27 18,432 -c----w c:\windows\system32\dllcache\iedw.exe

- 2007-08-22 13:12:16 251,392 -c----w c:\windows\system32\dllcache\iepeers.dll

+ 2007-10-11 06:13:44 251,392 -c----w c:\windows\system32\dllcache\iepeers.dll

- 2007-08-22 13:12:16 96,256 -c----w c:\windows\system32\dllcache\inseng.dll

+ 2007-10-11 06:13:44 96,256 -c----w c:\windows\system32\dllcache\inseng.dll

- 2006-05-18 05:24:25 450,560 -c----w c:\windows\system32\dllcache\jscript.dll

+ 2007-11-14 07:26:56 450,560 -c----w c:\windows\system32\dllcache\jscript.dll

- 2007-08-22 13:12:16 16,384 -c----w c:\windows\system32\dllcache\jsproxy.dll

+ 2007-10-11 06:13:44 16,384 -c----w c:\windows\system32\dllcache\jsproxy.dll

+ 2003-07-16 20:31:43 2,000 -c--a-w c:\windows\system32\dllcache\keyboard.drv

- 2006-08-17 12:28:27 721,920 -c----w c:\windows\system32\dllcache\lsasrv.dll

+ 2007-11-07 09:26:56 721,920 -c----w c:\windows\system32\dllcache\lsasrv.dll

+ 2003-07-16 20:32:20 2,560 -c--a-w c:\windows\system32\dllcache\lz32.dll

+ 2003-07-16 20:32:30 73,376 -c--a-w c:\windows\system32\dllcache\mciavi.drv

+ 2003-07-16 20:32:32 25,264 -c--a-w c:\windows\system32\dllcache\mciseq.drv

+ 2003-07-16 20:32:33 28,160 -c--a-w c:\windows\system32\dllcache\mciwave.drv

+ 2003-07-16 20:34:07 2,032 -c--a-w c:\windows\system32\dllcache\mouse.drv

- 2007-08-22 13:12:17 3,058,176 -c----w c:\windows\system32\dllcache\mshtml.dll

+ 2007-10-30 10:16:33 3,058,688 -c----w c:\windows\system32\dllcache\mshtml.dll

- 2007-08-22 13:12:17 449,024 -c--a-w c:\windows\system32\dllcache\mshtmled.dll

+ 2007-10-11 06:13:45 449,024 -c--a-w c:\windows\system32\dllcache\mshtmled.dll

- 2007-08-22 13:12:17 146,432 -c----w c:\windows\system32\dllcache\msrating.dll

+ 2007-10-11 06:13:45 146,432 -c----w c:\windows\system32\dllcache\msrating.dll

- 2007-08-22 13:12:17 532,480 -c----w c:\windows\system32\dllcache\mstime.dll

+ 2007-10-11 06:13:45 532,480 -c----w c:\windows\system32\dllcache\mstime.dll

+ 2004-08-04 07:56:43 413,696 -c--a-w c:\windows\system32\dllcache\msvcp60.dll

+ 2003-07-16 20:40:01 2,944 -c--a-w c:\windows\system32\dllcache\null.sys

- 2007-08-22 13:12:17 39,424 -c----w c:\windows\system32\dllcache\pngfilt.dll

+ 2007-10-11 06:13:45 39,424 -c----w c:\windows\system32\dllcache\pngfilt.dll

- 2005-08-30 03:54:26 1,287,168 -c--a-w c:\windows\system32\dllcache\quartz.dll

+ 2007-10-29 22:43:03 1,287,680 -c--a-w c:\windows\system32\dllcache\quartz.dll

- 2007-08-22 13:12:18 1,494,528 -c----w c:\windows\system32\dllcache\shdocvw.dll

+ 2007-10-11 06:13:45 1,494,528 -c----w c:\windows\system32\dllcache\shdocvw.dll

- 2006-12-19 21:52:18 8,453,632 -c----w c:\windows\system32\dllcache\shell32.dll

+ 2007-10-26 03:36:51 8,454,656 -c----w c:\windows\system32\dllcache\shell32.dll

- 2007-08-22 13:12:18 474,112 -c----w c:\windows\system32\dllcache\shlwapi.dll

+ 2007-10-11 06:13:45 474,112 -c----w c:\windows\system32\dllcache\shlwapi.dll

+ 2003-07-16 20:45:46 1,744 -c--a-w c:\windows\system32\dllcache\sound.drv

+ 2003-07-16 20:47:27 3,360 -c--a-w c:\windows\system32\dllcache\system.drv

- 2006-04-20 11:51:50 359,808 -c----w c:\windows\system32\dllcache\tcpip.sys

+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\system32\dllcache\tcpip.sys

+ 2003-07-16 20:48:08 4,048 -c--a-w c:\windows\system32\dllcache\timer.drv

- 2007-08-22 13:12:18 615,424 -c----w c:\windows\system32\dllcache\urlmon.dll

+ 2007-10-11 06:13:45 615,424 -c--a-w c:\windows\system32\dllcache\urlmon.dll

+ 2004-08-04 03:07:56 59,264 -c--a-w c:\windows\system32\dllcache\usbaudio.sys

+ 2003-07-16 20:49:48 2,176 -c--a-w c:\windows\system32\dllcache\vga.drv

+ 2003-07-16 20:51:14 13,600 -c--a-w c:\windows\system32\dllcache\wfwnet.drv

- 2007-08-22 13:12:18 658,944 -c----w c:\windows\system32\dllcache\wininet.dll

+ 2007-10-11 06:13:45 659,456 -c----w c:\windows\system32\dllcache\wininet.dll

+ 2003-07-16 20:51:51 2,864 -c--a-w c:\windows\system32\dllcache\winsock.dll

+ 2003-07-16 20:51:52 2,112 -c--a-w c:\windows\system32\dllcache\winspool.exe

+ 2007-10-27 23:39:20 230,912 -c----w c:\windows\system32\dllcache\wmasf.dll

- 2006-12-08 01:02:24 2,174,976 -c----w c:\windows\system32\dllcache\wmvcore.dll

+ 2007-10-27 23:37:38 2,109,440 -c----w c:\windows\system32\dllcache\wmvcore.dll

+ 2003-07-16 20:52:59 2,736 -c--a-w c:\windows\system32\dllcache\wowdeb.exe

+ 2008-08-29 15:18:58 87,336 ----a-w c:\windows\system32\dns-sd.exe

+ 2008-08-29 14:53:50 61,440 ----a-w c:\windows\system32\dnssd.dll

+ 2004-08-04 06:07:57 2,944 ----a-w c:\windows\system32\drivers\drmkaud.sys

- 2006-09-19 19:44:04 15,664 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys

+ 2008-01-29 17:01:28 16,168 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys

+ 2003-07-16 20:40:01 2,944 ----a-w c:\windows\system32\drivers\null.sys

- 2003-07-16 20:44:08 27,440 -c--a-w c:\windows\system32\drivers\secdrv.sys

+ 2007-11-13 10:25:53 20,480 ----a-w c:\windows\system32\drivers\secdrv.sys

- 2006-04-20 11:51:50 359,808 ----a-w c:\windows\system32\drivers\tcpip.sys

+ 2007-10-30 17:20:55 360,064 ----a-w c:\windows\system32\drivers\tcpip.sys

+ 2004-08-04 03:07:56 59,264 ----a-w c:\windows\system32\drivers\USBAUDIO.sys

+ 2008-10-01 18:01:28 32,000 -c--a-w c:\windows\system32\DRVSTORE\usbaapl_246F92BBD6449C86FC3F3F28C40D59AC1F69C558\usbaapl.sys

- 2007-08-22 13:12:16 357,888 ----a-w c:\windows\system32\dxtmsft.dll

+ 2007-10-11 06:13:44 357,888 ----a-w c:\windows\system32\dxtmsft.dll

- 2007-08-22 13:12:16 205,312 ----a-w c:\windows\system32\dxtrans.dll

+ 2007-10-11 06:13:44 205,312 ----a-w c:\windows\system32\dxtrans.dll

+ 2007-12-30 15:26:30 78,400 ----a-w c:\windows\system32\dyjsepjj.dll

+ 2008-08-17 01:39:06 104,000 ----a-w c:\windows\system32\ecvqqgxg.dll

+ 2008-07-21 18:34:31 110,656 ----a-w c:\windows\system32\eltguc.dll

+ 2008-07-28 22:01:44 105,024 ----a-w c:\windows\system32\emmxfkpb.dll

+ 2008-08-23 01:45:03 119,872 ----a-w c:\windows\system32\enemyx.dll

+ 2008-07-22 18:34:31 111,680 ----a-w c:\windows\system32\estjubij.dll

+ 2008-08-27 01:48:04 120,896 ----a-w c:\windows\system32\ewqtqg.dll

+ 2008-08-24 01:42:03 104,512 ----a-w c:\windows\system32\exnxjtsm.dll

- 2007-08-22 13:12:16 55,808 ------w c:\windows\system32\extmgr.dll

+ 2007-10-11 06:13:44 55,808 ------w c:\windows\system32\extmgr.dll

+ 2008-07-18 23:57:27 110,656 ----a-w c:\windows\system32\fdfjeoua.dll

+ 2008-08-03 22:11:40 118,336 ----a-w c:\windows\system32\fdyjos.dll

+ 2008-08-30 01:48:04 110,656 ----a-w c:\windows\system32\fgqistkg.dll

+ 2008-08-13 01:36:03 105,024 ----a-w c:\windows\system32\fhtslkey.dll

- 2007-07-31 15:25:30 178,648 ----a-w c:\windows\system32\FNTCACHE.DAT

+ 2008-07-15 23:44:39 179,448 ----a-w c:\windows\system32\FNTCACHE.DAT

+ 2008-07-08 15:20:21 114,240 ----a-w c:\windows\system32\fpdplaqj.dll

+ 2008-07-10 15:17:25 103,488 ----a-w c:\windows\system32\fqgtukbx.dll

+ 2008-07-25 05:16:46 111,168 ----a-w c:\windows\system32\frdkqu.dll

+ 2008-08-17 01:48:03 120,896 ----a-w c:\windows\system32\fsgrqqje.dll

+ 2008-08-07 00:39:23 111,168 ----a-w c:\windows\system32\fsjxjjxu.dll

+ 2008-09-01 10:50:10 104,512 ----a-w c:\windows\system32\gcltryob.dll

- 2006-10-04 00:47:52 109,360 ----a-w c:\windows\system32\GEARAspi.dll

+ 2008-01-29 17:02:30 107,368 ----a-w c:\windows\system32\GEARAspi.dll

+ 2008-07-20 18:31:31 111,680 ----a-w c:\windows\system32\gfcdnefh.dll

+ 2008-07-27 05:16:46 110,656 ----a-w c:\windows\system32\ggcyxdlg.dll

+ 2008-07-27 21:59:48 106,560 ----a-w c:\windows\system32\gkamgyij.dll

+ 2008-07-27 05:16:46 110,656 ----a-w c:\windows\system32\gktrnk.dll

+ 2008-07-31 22:07:45 113,216 ----a-w c:\windows\system32\glyxchqe.dll

+ 2008-07-16 23:54:27 112,192 ----a-w c:\windows\system32\gpbixtrh.dll

+ 2008-08-19 01:45:03 119,872 ----a-w c:\windows\system32\gtarrqgy.dll

+ 2008-07-23 05:13:46 111,680 ----a-w c:\windows\system32\guocdb.dll

+ 2008-08-02 22:04:45 105,024 ----a-w c:\windows\system32\gvifmynd.dll

+ 2008-08-08 00:36:23 105,024 ----a-w c:\windows\system32\hblgiieu.dll

+ 2008-07-08 15:17:21 101,440 ----a-w c:\windows\system32\hdcjrhpb.dll

+ 2008-07-15 23:49:29 107,072 ----a-w c:\windows\system32\hjsfcqhd.dll

+ 2008-08-16 01:45:04 119,872 ----a-w c:\windows\system32\hkwudg.dll

+ 2008-08-26 01:42:23 104,512 ----a-w c:\windows\system32\hmuuxwdn.dll

+ 2008-08-08 00:39:23 113,216 ----a-w c:\windows\system32\hnrlkqae.dll

+ 2008-07-07 15:23:21 112,704 ----a-w c:\windows\system32\hohtxu.dll

+ 2008-07-09 15:17:32 114,240 ----a-w c:\windows\system32\hrqran.dll

+ 2008-08-10 01:33:43 106,048 ----a-w c:\windows\system32\hrrrissi.dll

+ 2008-08-31 01:51:04 112,704 ----a-w c:\windows\system32\hsimys.dll

+ 2008-07-25 05:10:46 105,024 ----a-w c:\windows\system32\hudmxfrn.dll

+ 2008-08-10 00:39:23 110,656 ----a-w c:\windows\system32\hwyfoi.dll

+ 2008-07-02 18:53:37 110,144 ----a-w c:\windows\system32\hxvwqi.dll

+ 1998-05-07 17:57:22 143,872 ------w c:\windows\system32\iacenc.dll

+ 2008-07-03 23:56:23 109,120 ----a-w c:\windows\system32\ibhidm.dll

+ 2008-09-01 10:51:05 111,168 ----a-w c:\windows\system32\idghdw.dll

+ 2008-07-26 05:16:46 111,680 ----a-w c:\windows\system32\idinox.dll

+ 2008-07-30 22:01:45 103,488 ----a-w c:\windows\system32\idktthmi.dll

- 2007-08-22 13:12:16 251,392 ----a-w c:\windows\system32\iepeers.dll

+ 2007-10-11 06:13:44 251,392 ----a-w c:\windows\system32\iepeers.dll

+ 2008-08-12 01:36:03 104,000 ----a-w c:\windows\system32\ifeprfua.dll

- 2007-08-22 13:12:16 96,256 ----a-w c:\windows\system32\inseng.dll

+ 2007-10-11 06:13:44 96,256 ----a-w c:\windows\system32\inseng.dll

+ 2008-08-11 01:42:03 112,704 ----a-w c:\windows\system32\inuhvlxh.dll

+ 2008-07-13 15:20:20 103,488 ----a-w c:\windows\system32\ioytnasu.dll

+ 2008-08-16 01:45:04 119,872 ----a-w c:\windows\system32\ipaooodr.dll

+ 2007-12-28 15:20:30 77,888 ----a-w c:\windows\system32\irqgtnbx.dll

+ 2008-07-23 05:13:46 111,680 ----a-w c:\windows\system32\islaokjp.dll

+ 1997-06-13 15:56:08 56,832 ------w c:\windows\system32\iyvu9_32.dll

- 2002-05-18 00:04:54 20,553 -c--a-w c:\windows\system32\java.exe

+ 2008-03-25 06:28:39 135,168 ----a-w c:\windows\system32\java.exe

- 2002-05-18 00:04:54 20,555 -c--a-w c:\windows\system32\javaw.exe

+ 2008-03-25 06:28:43 135,168 ----a-w c:\windows\system32\javaw.exe

+ 2008-03-25 07:37:01 139,264 ----a-w c:\windows\system32\javaws.exe

+ 2008-07-14 15:26:21 112,704 ----a-w c:\windows\system32\jcihkk.dll

+ 2008-07-06 15:15:10 113,728 ----a-w c:\windows\system32\jfqiuwif.dll

+ 2008-07-02 18:53:37 110,144 ----a-w c:\windows\system32\jfweychd.dll

+ 2008-07-19 03:51:55 105,024 ----a-w c:\windows\system32\jmcpyvfv.dll

+ 2008-07-18 23:51:27 105,024 ----a-w c:\windows\system32\jneudhlh.dll

+ 2008-08-29 01:51:04 119,872 ----a-w c:\windows\system32\jqblrl.dll

- 2006-05-18 05:24:25 450,560 ----a-w c:\windows\system32\jscript.dll

+ 2007-11-14 07:26:56 450,560 ----a-w c:\windows\system32\jscript.dll

+ 2008-07-19 03:52:05 110,656 ----a-w c:\windows\system32\jshksz.dll

+ 2008-08-28 01:48:04 119,872 ----a-w c:\windows\system32\jsnbfhus.dll

- 2007-08-22 13:12:16 16,384 ----a-w c:\windows\system32\jsproxy.dll

+ 2007-10-11 06:13:44 16,384 ----a-w c:\windows\system32\jsproxy.dll

+ 2008-07-19 18:26:34 105,024 ----a-w c:\windows\system32\jtefydri.dll

+ 2008-08-30 01:48:04 110,656 ----a-w c:\windows\system32\jwzyxb.dll

+ 2008-08-19 01:45:03 119,872 ----a-w c:\windows\system32\jydooa.dll

+ 2008-08-18 01:42:03 119,360 ----a-w c:\windows\system32\jyvlmwrt.dll

+ 2008-08-24 01:45:03 120,384 ----a-w c:\windows\system32\kckmxise.dll

+ 2003-07-16 20:31:43 2,000 -c--a-w c:\windows\system32\keyboard.drv

+ 2008-07-12 15:23:20 112,192 ----a-w c:\windows\system32\kgqfvpdq.dll

+ 2008-07-16 23:51:27 104,000 ----a-w c:\windows\system32\klnxcgfh.dll

+ 2008-09-01 01:57:04 110,656 ----a-w c:\windows\system32\knuxtbkt.dll

+ 2008-08-24 01:45:03 120,384 ----a-w c:\windows\system32\kqyvpd.dll

+ 2008-08-22 01:45:04 119,872 ----a-w c:\windows\system32\lacgka.dll

+ 2003-07-16 20:31:50 221,600 -c--a-w c:\windows\system32\lanman.drv

+ 2008-08-04 22:14:40 112,192 ----a-w c:\windows\system32\ldkcpfti.dll

+ 2008-08-01 22:04:44 105,536 ----a-w c:\windows\system32\lmaekrgu.dll

+ 2008-01-05 21:32:29 79,424 ----a-w c:\windows\system32\lmwrvryb.dll

+ 2007-07-27 20:49:02 196,683 ----a-w c:\windows\system32\lnod32apiA.dll

+ 2007-07-27 20:49:02 225,355 ----a-w c:\windows\system32\lnod32apiW.dll

+ 2005-12-06 01:25:22 139,264 ----a-w c:\windows\system32\lnod32umc.dll

+ 2005-12-05 18:37:10 106,496 ----a-w c:\windows\system32\lnod32upd.dll

+ 2008-08-15 01:39:03 111,680 ----a-w c:\windows\system32\lodswn.dll

+ 2008-08-18 01:42:03 119,360 ----a-w c:\windows\system32\lonnxn.dll

+ 2008-07-14 15:26:21 112,704 ----a-w c:\windows\system32\lotahuak.dll

- 2006-08-17 12:28:27 721,920 ----a-w c:\windows\system32\lsasrv.dll

+ 2007-11-07 09:26:56 721,920 ----a-w c:\windows\system32\lsasrv.dll

+ 2008-07-28 22:04:44 111,680 ----a-w c:\windows\system32\lyqver.dll

+ 2003-07-16 20:32:20 2,560 ----a-w c:\windows\system32\lz32.dll

+ 2008-03-25 02:32:44 218,496 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil9f.exe

+ 2008-07-02 18:34:06 74,649 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe

+ 2008-08-21 01:42:03 105,536 ----a-w c:\windows\system32\masidwdv.dll

+ 2008-07-04 23:56:23 114,240 ----a-w c:\windows\system32\maxciwuj.dll

+ 2008-08-13 01:39:03 111,168 ----a-w c:\windows\system32\mbiaivrq.dll

+ 2003-07-16 20:32:30 73,376 -c--a-w c:\windows\system32\mciavi.drv

+ 1998-08-17 09:21:54 11,776 -c--a-w c:\windows\system32\mciqtz.drv

+ 2003-07-16 20:32:32 25,264 -c--a-w c:\windows\system32\mciseq.drv

+ 2003-07-16 20:32:33 28,160 -c--a-w c:\windows\system32\mciwave.drv

+ 2008-08-04 22:14:40 112,192 ----a-w c:\windows\system32\mdjsei.dll

+ 2008-07-07 15:17:21 104,512 ----a-w c:\windows\system32\mfbnfhtk.dll

+ 2008-08-05 22:11:40 113,216 ----a-w c:\windows\system32\mfwsht.dll

+ 2008-08-15 01:39:03 111,680 ----a-w c:\windows\system32\mgxhpntk.dll

+ 2008-07-06 15:15:10 113,728 ----a-w c:\windows\system32\mjuitm.dll

+ 2008-08-12 01:42:05 111,168 ----a-w c:\windows\system32\mmbtmq.dll

+ 2003-07-16 20:34:07 2,032 -c--a-w c:\windows\system32\mouse.drv

+ 2008-08-03 22:11:40 118,336 ----a-w c:\windows\system32\mpxiwppy.dll

+ 2003-07-16 20:34:59 20,480 ----a-w c:\windows\system32\msacm32.drv

+ 2004-08-04 07:56:57 188,416 ----a-w c:\windows\system32\msh261.drv

+ 2004-08-04 07:56:57 294,912 ----a-w c:\windows\system32\msh263.drv

- 2007-08-22 13:12:17 3,058,176 ----a-w c:\windows\system32\mshtml.dll

+ 2007-10-30 10:16:33 3,058,688 ----a-w c:\windows\system32\mshtml.dll

- 2007-08-22 13:12:17 449,024 ----a-w c:\windows\system32\mshtmled.dll

+ 2007-10-11 06:13:45 449,024 ----a-w c:\windows\system32\mshtmled.dll

- 2007-08-22 13:12:17 146,432 ----a-w c:\windows\system32\msrating.dll

+ 2007-10-11 06:13:45 146,432 ----a-w c:\windows\system32\msrating.dll

- 2007-08-22 13:12:17 532,480 ----a-w c:\windows\system32\mstime.dll

+ 2007-10-11 06:13:45 532,480 ----a-w c:\windows\system32\mstime.dll

+ 2008-07-28 22:04:44 111,680 ----a-w c:\windows\system32\mtofesfh.dll

+ 2008-07-19 03:52:05 110,656 ----a-w c:\windows\system32\mujutdfo.dll

+ 2008-07-10 15:23:21 111,680 ----a-w c:\windows\system32\mwqykc.dll

+ 2008-07-07 15:23:21 112,704 ----a-w c:\windows\system32\ndjukuyu.dll

+ 2008-08-23 01:42:03 104,512 ----a-w c:\windows\system32\njeuqsxx.dll

+ 2008-07-09 15:17:32 114,240 ----a-w c:\windows\system32\nkagkjub.dll

+ 2008-08-05 22:08:39 105,536 ----a-w c:\windows\system32\nlourfaw.dll

+ 2008-07-29 22:04:44 111,680 ----a-w c:\windows\system32\nmoysrme.dll

+ 2008-07-26 05:16:46 111,680 ----a-w c:\windows\system32\npqavwty.dll

+ 2008-07-05 23:59:23 111,168 ----a-w c:\windows\system32\nsnhgdam.dll

+ 2008-08-10 00:39:23 110,656 ----a-w c:\windows\system32\nswdpfxy.dll

+ 2008-07-25 05:16:46 111,168 ----a-w c:\windows\system32\nxlcjouc.dll

+ 2008-08-10 00:36:23 106,048 ----a-w c:\windows\system32\oerpcdsx.dll

+ 2008-07-17 23:51:27 105,536 ----a-w c:\windows\system32\oihkdxqi.dll

+ 2007-12-29 15:23:30 78,912 ----a-w c:\windows\system32\okckrjwf.dll

+ 2008-08-05 22:11:40 113,216 ----a-w c:\windows\system32\okpjwirn.dll

+ 2008-02-11 15:39:26 253,952 ----a-w c:\windows\system32\OnlineScannerDLLA.dll

+ 2008-02-11 15:39:18 237,568 ----a-w c:\windows\system32\OnlineScannerDLLW.dll

+ 2008-02-08 19:53:46 110,592 ----a-w c:\windows\system32\OnlineScannerLang.dll

+ 2008-02-05 14:48:04 77,824 ----a-w c:\windows\system32\OnlineScannerUninstaller.exe

+ 2008-07-27 22:04:44 112,192 ----a-w c:\windows\system32\oxecydmf.dll

+ 2008-01-06 21:35:29 79,424 ----a-w c:\windows\system32\oxfwetbk.dll

+ 2008-07-21 18:28:31 104,000 ----a-w c:\windows\system32\pbkrwfdk.dll

+ 2008-09-01 01:48:04 106,048 ----a-w c:\windows\system32\pdyxedhw.dll

- 2007-11-09 16:01:31 66,280 ----a-w c:\windows\system32\perfc009.dat

+ 2008-11-07 21:22:06 66,280 ----a-w c:\windows\system32\perfc009.dat

- 2007-11-09 16:01:31 410,126 ----a-w c:\windows\system32\perfh009.dat

+ 2008-11-07 21:22:06 410,126 ----a-w c:\windows\system32\perfh009.dat

+ 2008-08-05 22:14:40 96,320 ----a-w c:\windows\system32\pfoovuhx.dll

+ 2008-08-28 01:45:04 105,024 ----a-w c:\windows\system32\phcuaaxg.dll

+ 2008-08-07 00:39:23 111,168 ----a-w c:\windows\system32\pligxo.dll

- 2007-08-22 13:12:17 39,424 ----a-w c:\windows\system32\pngfilt.dll

+ 2007-10-11 06:13:45 39,424 ----a-w c:\windows\system32\pngfilt.dll

+ 2008-08-20 01:45:03 119,872 ----a-w c:\windows\system32\pquxkh.dll

+ 2008-08-25 01:48:03 120,384 ----a-w c:\windows\system32\prdecoei.dll

+ 2008-07-02 19:58:47 110,144 ----a-w c:\windows\system32\pwjiig.dll

+ 2008-08-15 01:36:17 105,024 ----a-w c:\windows\system32\qbproptg.dll

+ 2008-08-29 01:45:04 104,512 ----a-w c:\windows\system32\qcgcdbav.dll

+ 2008-07-15 15:20:21 107,072 ----a-w c:\windows\system32\qdblicik.dll

+ 2008-08-31 01:45:07 104,512 ----a-w c:\windows\system32\qoymcwxr.dll

+ 2008-07-02 18:52:25 110,144 ----a-w c:\windows\system32\qqojdtay.dll

+ 2008-07-29 22:01:45 104,000 ----a-w c:\windows\system32\qthlutul.dll

- 2005-08-30 03:54:26 1,287,168 ----a-w c:\windows\system32\quartz.dll

+ 2007-10-29 22:43:03 1,287,680 ----a-w c:\windows\system32\quartz.dll

+ 2008-08-29 01:51:04 119,872 ----a-w c:\windows\system32\quivvriw.dll

+ 2008-08-01 22:10:45 117,824 ----a-w c:\windows\system32\reqsiw.dll

+ 2008-07-03 23:56:23 109,120 ----a-w c:\windows\system32\rhooqdgh.dll

+ 2008-07-09 15:17:21 101,440 ----a-w c:\windows\system32\rlffgone.dll

+ 2008-08-26 01:45:04 120,384 ----a-w c:\windows\system32\rqprqhhw.dll

+ 2008-07-02 19:58:47 110,144 ----a-w c:\windows\system32\rsxcpgka.dll

+ 2008-08-23 01:45:03 119,872 ----a-w c:\windows\system32\rtrgahwd.dll

+ 2008-07-30 22:04:45 110,656 ----a-w c:\windows\system32\rvsntucy.dll

+ 2008-07-06 00:59:22 111,168 ----a-w c:\windows\system32\rxuisriw.dll

- 2007-08-22 13:12:18 1,494,528 ----a-w c:\windows\system32\shdocvw.dll

+ 2007-10-11 06:13:45 1,494,528 ----a-w c:\windows\system32\shdocvw.dll

- 2006-12-19 21:52:18 8,453,632 ----a-w c:\windows\system32\shell32.dll

+ 2007-10-26 03:36:51 8,454,656 ----a-w c:\windows\system32\shell32.dll

- 2007-08-22 13:12:18 474,112 ----a-w c:\windows\system32\shlwapi.dll

+ 2007-10-11 06:13:45 474,112 ----a-w c:\windows\system32\shlwapi.dll

+ 2008-08-10 01:39:03 110,656 ----a-w c:\windows\system32\shmyfg.dll

+ 2008-08-22 01:45:04 119,872 ----a-w c:\windows\system32\shxmcuvd.dll

+ 2008-07-08 15:20:21 114,240 ----a-w c:\windows\system32\sitryo.dll

+ 2008-08-21 01:48:03 120,896 ----a-w c:\windows\system32\skwwmkms.dll

+ 2008-08-14 01:39:03 111,168 ----a-w c:\windows\system32\snnmxu.dll

+ 2003-07-16 20:45:46 1,744 -c--a-w c:\windows\system32\sound.drv

+ 2002-05-29 10:01:00 2,249 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_A1X0V1.DAT

+ 2002-05-29 10:01:00 2,249 -c--a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_c4259c8\E_A1X0V1.DAT

+ 2008-07-02 18:52:25 110,144 ----a-w c:\windows\system32\svmadm.dll

+ 2008-08-25 01:48:03 120,384 ----a-w c:\windows\system32\swobjd.dll

+ 2003-07-16 20:47:27 3,360 -c--a-w c:\windows\system32\system.drv

+ 2008-07-26 05:10:46 105,024 ----a-w c:\windows\system32\tdaejivl.dll

+ 2008-08-03 22:08:42 105,024 ----a-w c:\windows\system32\tdwicnfk.dll

+ 2008-08-11 01:42:03 112,704 ----a-w c:\windows\system32\tgqktl.dll

+ 2008-07-19 18:31:31 111,680 ----a-w c:\windows\system32\thlwqfme.dll

+ 2003-07-16 20:48:08 4,048 -c--a-w c:\windows\system32\timer.drv

+ 2008-08-21 01:48:03 120,896 ----a-w c:\windows\system32\tjrjxg.dll

+ 2008-08-12 01:42:05 111,168 ----a-w c:\windows\system32\tjrxefrn.dll

+ 2008-08-20 01:45:03 119,872 ----a-w c:\windows\system32\tkcxcudk.dll

+ 2008-07-27 05:10:46 105,536 ----a-w c:\windows\system32\tnqwgxdj.dll

+ 2008-07-29 22:04:44 111,680 ----a-w c:\windows\system32\tsdcyf.dll

+ 2008-07-14 15:20:21 105,536 ----a-w c:\windows\system32\txfgdwdr.dll

+ 2008-08-20 01:39:15 105,024 ----a-w c:\windows\system32\tyxsoije.dll

- 2007-07-18 12:42:22 60,416 ------w c:\windows\system32\tzchange.exe

+ 2007-11-13 11:31:11 60,416 ------w c:\windows\system32\tzchange.exe

+ 2008-07-19 18:31:31 111,680 ----a-w c:\windows\system32\udqolg.dll

+ 2008-08-01 22:10:45 117,824 ----a-w c:\windows\system32\umjlfcol.dll

+ 2004-12-07 16:11:34 258,352 ----a-w c:\windows\system32\unicows.dll

+ 2008-07-11 15:26:21 112,704 ----a-w c:\windows\system32\uowbbcel.dll

+ 2008-08-09 00:36:23 105,024 ----a-w c:\windows\system32\upddteau.dll

- 2007-08-22 13:12:18 615,424 ----a-w c:\windows\system32\urlmon.dll

+ 2007-10-11 06:13:45 615,424 ----a-w c:\windows\system32\urlmon.dll

+ 2008-09-01 10:31:03 104,512 ----a-w c:\windows\system32\uyjvtakq.dll

+ 2008-08-28 01:48:04 119,872 ----a-w c:\windows\system32\vceuas.dll

+ 2008-08-26 01:45:04 120,384 ----a-w c:\windows\system32\veqmvz.dll

+ 2003-07-16 20:49:48 2,176 -c--a-w c:\windows\system32\vga.drv

+ 2008-07-27 22:04:44 112,192 ----a-w c:\windows\system32\voiika.dll

+ 2008-08-19 01:39:03 104,000 ----a-w c:\windows\system32\vqbbnvlb.dll

+ 2008-07-10 15:23:21 111,680 ----a-w c:\windows\system32\vvwgbcqt.dll

+ 2008-08-11 01:36:03 103,488 ----a-w c:\windows\system32\vxtwupie.dll

+ 2005-11-19 18:28:15 2,272 -c--a-w c:\windows\system32\w95inf16.dll

+ 2004-08-04 07:56:57 23,552 ----a-w c:\windows\system32\wdmaud.drv

+ 2008-07-02 21:26:45 110,144 ----a-w c:\windows\system32\wdsdglvk.dll

+ 2008-08-04 22:08:39 102,976 ----a-w c:\windows\system32\wdsljffe.dll

+ 2008-07-12 15:20:20 102,464 ----a-w c:\windows\system32\wewdakhl.dll

+ 2003-07-16 20:51:14 13,600 -c--a-w c:\windows\system32\wfwnet.drv

+ 2008-08-09 00:45:23 111,680 ----a-w c:\windows\system32\wfxifi.dll

- 2007-08-22 13:12:18 658,944 ----a-w c:\windows\system32\wininet.dll

+ 2007-10-11 06:13:45 659,456 ----a-w c:\windows\system32\wininet.dll

+ 2003-07-16 20:51:51 2,864 ----a-w c:\windows\system32\winsock.dll

+ 2004-08-04 07:56:57 146,432 ----a-w c:\windows\system32\winspool.drv

+ 2003-07-16 20:51:52 2,112 -c--a-w c:\windows\system32\winspool.exe

- 2004-08-04 07:56:46 230,400 ----a-w c:\windows\system32\wmasf.dll

+ 2007-10-27 23:39:20 230,912 ----a-w c:\windows\system32\wmasf.dll

+ 2008-01-03 21:05:30 78,400 ----a-w c:\windows\system32\wmirdmbi.dll

- 2006-12-08 01:02:24 2,174,976 ----a-w c:\windows\system32\wmvcore.dll

+ 2007-10-27 23:37:38 2,109,440 ----a-w c:\windows\system32\wmvcore.dll

+ 2003-07-16 20:52:59 2,736 -c--a-w c:\windows\system32\wowdeb.exe

+ 2008-05-17 07:52:08 96,832 ----a-w c:\windows\system32\wuiitwlr.dll

+ 2008-07-17 23:57:27 112,704 ----a-w c:\windows\system32\wyhxxx.dll

+ 2008-07-20 18:28:31 105,536 ----a-w c:\windows\system32\xccjjmuh.dll

+ 2008-09-01 10:32:37 111,168 ----a-w c:\windows\system32\xgpawc.dll

+ 2008-08-09 00:45:23 111,680 ----a-w c:\windows\system32\xkkhpxrf.dll

+ 2008-08-10 01:39:03 110,656 ----a-w c:\windows\system32\xmibplmg.dll

+ 2008-07-22 18:34:31 111,680 ----a-w c:\windows\system32\xmjzfb.dll

- 2007-08-21 10:20:02 115,712 ----a-w c:\windows\system32\xpsp3res.dll

+ 2007-10-29 10:26:53 115,712 ----a-w c:\windows\system32\xpsp3res.dll

+ 2008-08-13 01:39:03 111,168 ----a-w c:\windows\system32\xuhvze.dll

+ 2008-09-01 10:32:37 111,168 ----a-w c:\windows\system32\xuusdtir.dll

+ 2008-01-04 21:29:30 79,424 ----a-w c:\windows\system32\yawlylsi.dll

+ 2008-08-16 01:39:04 104,512 ----a-w c:\windows\system32\ychrauxq.dll

+ 2008-07-02 23:53:40 110,144 ----a-w c:\windows\system32\ydvezd.dll

+ 2008-01-03 21:26:30 78,400 ----a-w c:\windows\system32\yjfybqhs.dll

+ 2008-07-21 18:34:31 110,656 ----a-w c:\windows\system32\yjvetcov.dll

+ 2008-07-17 23:57:27 112,704 ----a-w c:\windows\system32\ykugopye.dll

+ 2008-07-16 23:54:27 112,192 ----a-w c:\windows\system32\ynkvrv.dll

+ 2008-07-02 21:26:45 110,144 ----a-w c:\windows\system32\ypjnyp.dll

+ 2008-07-11 15:26:21 112,704 ----a-w c:\windows\system32\yqtesh.dll

+ 2008-08-27 01:45:03 105,536 ----a-w c:\windows\system32\ysbcjlsu.dll

+ 2008-09-01 01:57:04 110,656 ----a-w c:\windows\system32\yuytpj.dll

+ 2008-07-04 23:56:23 114,240 ----a-w c:\windows\system32\ywswku.dll

+ 2000-08-31 14:00:00 49,152 ----a-w c:\windows\VFIND.exe

+ 2000-08-31 14:00:00 68,096 ----a-w c:\windows\zip.exe

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1C1DD717-53B2-485E-A17B-C9977C205E10}]

2007-11-08 18:51 35328 --a------ c:\windows\system32\ljjjhhh.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Lttity"="c:\windows\F?nts\w?crtupd.exe" [?]

"AIM"="c:\program files\AIM\aim.exe" [2004-04-27 61440]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]

"VSOCheckTask"="c:\progra~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 151552]

"VirusScan Online"="c:\program files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 163840]

"EPSON Stylus C42 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S10IC1.EXE" [2002-04-10 74240]

"OASClnt"="c:\program files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 53248]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-10-19 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-10-19 126976]

"D-Link RangeBooster G WDA-2320"="c:\program files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exe" [2005-12-15 2490368]

"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-11-30 49152]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-04-12 180269]

"WordPerfect Office 1215"="c:\program files\WordPerfect Office 12\Programs\Registration.exe" [2004-03-08 733184]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2007-05-03 145920]

c:\documents and settings\Owner\Start Menu\Programs\Startup\

MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2007-05-07 534016]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{1C1DD717-53B2-485E-A17B-C9977C205E10}"= "c:\windows\system32\ljjjhhh.dll" [2007-11-08 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljjjhhh]

2007-11-08 18:51 35328 c:\windows\system32\ljjjhhh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=pjszzf.dll wgfxbp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

"c:\\Documents and Settings\\Owner\\Desktop\\utorrent.exe"=

"c:\\Program Files\\LimeWire\\LimeWire 4.0.7\\LimeWire.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 mrtRate;mrtRate;c:\windows\system32\drivers\mrtRate.sys [1999-08-10 34916]

S2 RVIEG01;VSC Engine;c:\program files\Cakewalk\Shared Dxi\Roland\RVIEg01.sys [ ]

S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\DRIVERS\A3AB.sys [2005-08-25 466880]

.

Contents of the 'Scheduled Tasks' folder

2008-11-04 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-10-15 c:\windows\Tasks\McDefragTask.job

- c:\program files\mcafee\mqc\QcConsol.exe [2007-12-04 12:32]

2008-11-01 c:\windows\Tasks\McQcTask.job

- c:\program files\mcafee\mqc\QcConsol.exe [2007-12-04 12:32]

.

- - - - ORPHANS REMOVED - - - -

BHO-{86c89ed7-b81c-4274-b2d8-0236ec3b8662} - c:\windows\system32\wgfxbp.dll

BHO-{E368D285-DA96-435C-85BD-46F88A0440B8} - c:\windows\system32\jkhhf.dll

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

HKCU-Run-BM9b278ccc - c:\windows\system32\jbwkwxba.dll

HKLM-Run-AVG7_CC - c:\progra~1\Grisoft\AVGFRE~1\avgcc.exe

HKLM-Run-AVG7_EMC - c:\progra~1\Grisoft\AVGFRE~1\avgemc.exe

HKLM-Run-Adobe Photo Downloader - c:\program files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe

HKLM-Run-BM9b278ccc - c:\windows\system32\jbwkwxba.dll

Notify-ramfxzub - ramfxzub.dll

.

------- Supplementary Scan -------

.

FireFox -: Profile - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\55phlfqg.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - www.theninhotline.net

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-09 02:45:47

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: c:\windows\system32\winlogon.exe

-> c:\windows\system32\ljjjhhh.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Ahead\InCD\InCDsrv.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\progra~1\Grisoft\AVG7\avgamsvr.exe

c:\progra~1\Grisoft\AVG7\avgupsvc.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\HPZipm12.exe

c:\windows\system32\wscntfy.exe

c:\program files\McAfee.com\Agent\mcagent.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\HP\Digital Imaging\bin\hpqste08.exe

c:\program files\Java\jre1.6.0_06\bin\jucheck.exe

c:\windows\system32\imapi.exe

.

**************************************************************************

.

Completion time: 2008-11-09 2:54:58 - machine was rebooted

ComboFix-quarantined-files.txt 2008-11-09 08:54:41

ComboFix2.txt 2007-11-10 22:10:51

Pre-Run: 5,524,082,688 bytes free

Post-Run: 5,564,010,496 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

1017 --- E O F --- 2008-01-09 09:05:31

[JeanInMontana]

Wow you have serious, serious issues here. You have been infected for months from the logs that got posted. Some are missing because this program does generate a HJT log. I have discussed this with the lead researcher, givin what we see, and what has been prior our recommendation is you reformat this machine. It has issues beyond malware making it impossible to completely clean and a reformat should fix it all. You can burn any files you want to save to a CD, only non executable files. Text files only. Then reformat. Start out right with a good layered defense and all system updates

All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal.

A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient.

Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan.

Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions.

MBAM

Avira Antivir

Spybot Search & Destroy Be sure to use the immunize feature.

SpywareBlaster from Javacool Software

WinPatrol by BillPStudios

SiteHound by FireTrust

RogueRemover

hpHosts

The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free

Also the full protection of MBAM is offered at a very low price For life in my signature.

You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use.