|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
Thread Tools |
07-09-2008, 04:20 PM
|
#1 (permalink) |
|
Registered User
Join Date: Dec 2007
Posts: 58
OS: xp home service pk 2
|
[SOLVED] Instant Email Notification
can any one tell me what does error loading c windows/system 32 uxddwqbn.dll i
ts come up rundll every time i switch the pc up a box comes up saying error how do i sort it out please
__________________
one evertonian is worth 20 liverpudlians !! Last edited by neil1967 : 07-09-2008 at 04:21 PM. |
|
     
|
|
07-22-2008, 05:08 AM
|
#2 (permalink) | |
|
Analyst, Security Team
Join Date: Nov 2007
Location: Manchester, UK
Posts: 676
OS: W2K SP4 + XP SP2 + Vista
|
Re: Instant Email Notification
Quote:
My name is Katana and I will be helping you to remove any infection(s) that you may have. Please observe these rules while we work: 1. If you don't know, stop and ask! Don't keep going on. 2. Please reply to this thread. Do not start a new topic. 3. Please continue to respond until I give you the "All Clear" (Just because you can't see a problem doesn't mean it isn't there) If you can do those three things, everything should go smoothly :D Please Note, your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe ---------------------------------------------------------------------------------------- I apologize for the delay in responding, but as you can probably see the forums are quite busy. Unfortunately there are far more people needing help than there are helpers. If you still require help please post a fresh HJT log Click here to download HJTinstall.exe
Installed Programs Please could you give me a list of the programs that are installed.
Click on save list button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad into your next post.
__________________
   |
|
|
|
|
|
07-22-2008, 09:29 AM
|
#3 (permalink) |
|
Registered User
Join Date: Dec 2007
Posts: 58
OS: xp home service pk 2
|
Re: Instant Email Notification
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:28:20, on 22/07/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [b4b0718c] rundll32.exe "C:\WINDOWS\system32\uxddwqbn.dll",b O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 1 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Search - ?p=ZKxdm022YYGB O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanc...instmodule.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1215292041203 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1010107221171 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1199305386078 O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-15577bad6ae1feac.spaces.l...d/MsnPUpld.cab O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/W...gPublisher.exe O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/...ploader4_5.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 10718 bytes
__________________
one evertonian is worth 20 liverpudlians !! |
|
|
|
|
07-22-2008, 09:34 AM
|
#4 (permalink) |
|
Registered User
Join Date: Dec 2007
Posts: 58
OS: xp home service pk 2
|
Re: Instant Email Notification
Adobe Flash Player ActiveX
Adobe Reader 8.1.2 Adobe® Photoshop® Album Starter Edition 3.2 AVG Free 8.0 BlueSoleil Camfrog Video Chat 4.0 (remove only) CamfrogWEB Advanced ActiveX Plugin (remove only) DivX Player DivX Web Player D-Link VGA Webcam Driver Magician 3.27 EPSON Attach To Email EPSON Easy Photo Print EPSON File Manager EPSON Printer Software EPSON Scan Assistant EPSON Web-To-Page ESD68 User's Guide Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer Highlight Viewer (Windows Live Toolbar) HijackThis 2.0.2 InterVideo Installer InterVideo WinDVD 4 InterVideo WinDVD Creator InterVideo WinRip Java(TM) 6 Update 3 Java(TM) 6 Update 5 Kermit Map Button (Windows Live Toolbar) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 1 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.0 Microsoft Office XP Professional with FrontPage Microsoft Visual C++ 2005 Redistributable MSN MSXML 4.0 SP2 (KB936181) Nero 7 Ultra Edition neroxml NVIDIA Drivers PIXresizer 2.0.3 PPLive 1.9 SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile Composite Device Software Samsung Mobile phone USB driver Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio 3 Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB950759) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Smart Menus (Windows Live Toolbar) SopCast 2.0.4 Spybot - Search & Destroy TVAnts 1.0 Update for Windows XP (KB942763) Update for Windows XP (KB951978) vanBasco's Karaoke Player Windows Communication Foundation Windows Live Favorites for Windows Live Toolbar Windows Live installer Windows Live Messenger Windows Live OneCare safety scanner Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Toolbar Windows Live Toolbar Extension (Windows Live Toolbar) Windows Media Format 11 runtime Windows Media Format Runtime Windows Presentation Foundation Windows Workflow Foundation Windows XP Service Pack 3 WinRAR archiver Yahoo! Extras Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Messenger Yahoo! Toolbar
__________________
one evertonian is worth 20 liverpudlians !! |
|
|
|
|
07-22-2008, 09:36 AM
|
#5 (permalink) | |
|
Analyst, Security Team
Join Date: Nov 2007
Location: Manchester, UK
Posts: 676
OS: W2K SP4 + XP SP2 + Vista
|
Re: Instant Email Notification
Disable Teatimer
First step:
Fix With HJT Close all other windows and then start HiJack This Click Do A System Scan Only When it has finished scanning put a check next to the following lines IF still present Quote:
Now click Fix checked Click yes to any prompts Close HijackThis Malwarebytes' Anti-Malware Please download Malwarebytes' Anti-Malware to your desktop.
__________________
|
|
|
|
|
|
07-23-2008, 04:45 AM
|
#6 (permalink) |
|
Registered User
Join Date: Dec 2007
Posts: 58
OS: xp home service pk 2
|
Re: Instant Email Notification
Malwarebytes' Anti-Malware 1.22
Database version: 982 Windows 5.1.2600 Service Pack 3 12:45:40 23/07/2008 mbam-log-7-23-2008 (12-45-40).txt Scan type: Full Scan (C:\|) Objects scanned: 103377 Time elapsed: 54 minute(s), 8 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 28 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\Downloaded Program Files\PURen-gb.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
__________________
one evertonian is worth 20 liverpudlians !! |
|
|
|
|
07-23-2008, 05:05 AM
|
#7 (permalink) |
|
Analyst, Security Team
Join Date: Nov 2007
Location: Manchester, UK
Posts: 676
OS: W2K SP4 + XP SP2 + Vista
|
Re: Instant Email Notification
Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix: Bleeping Computer ComboFix Tutorial Post the log from ComboFix when you've accomplished that, along with a new HijackThis log. A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a forum helper
__________________
|
|
|
|
|
07-23-2008, 05:50 AM
|
#9 (permalink) |
|
Registered User
Join Date: Dec 2007
Posts: 58
OS: xp home service pk 2
|
Re: Instant Email Notification
The text that you have entered is too long (359728 characters). Please shorten it to 100000 characters long. cant do a log
__________________
one evertonian is worth 20 liverpudlians !! |
|
|
|
|
07-23-2008, 03:48 PM
|
#10 (permalink) |
|
Registered User
Join Date: Dec 2007
Posts: 58
OS: xp home service pk 2
|
Re: Instant Email Notification
ComboFix 08-07-22.4 - neil rush 2008-07-23 13:15:03.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.192 [GMT 1:00] Running from: C:\Documents and Settings\neil rush\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\nbqwddxu.ini . ((((((((((((((((((((((((( Files Created from 2008-06-23 to 2008-07-23 ))))))))))))))))))))))))))))))) . 2008-07-23 11:40 . 2008-07-23 11:40 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-07-23 11:40 . 2008-07-23 11:40 <DIR> d-------- C:\Documents and Settings\neil rush\Application Data\Malwarebytes 2008-07-23 11:40 . 2008-07-23 11:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-23 11:40 . 2008-07-20 20:21 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-07-23 11:40 . 2008-07-20 20:21 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-07-22 17:27 . 2008-07-22 17:27 <DIR> d-------- C:\Program Files\Trend Micro 2008-07-18 17:40 . 2008-07-18 17:40 <DIR> d-------- C:\WINDOWS\system32\Adobe 2008-07-17 15:44 . 2008-07-17 15:44 <DIR> d-------- C:\Documents and Settings\neil rush\Application Data\Samsung 2008-07-17 15:42 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll 2008-07-17 15:41 . 2008-07-17 15:41 <DIR> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers 2008-07-17 15:41 . 2008-07-17 15:44 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys 2008-07-17 15:41 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico 2008-07-17 15:40 . 2008-07-17 15:40 <DIR> d-------- C:\Program Files\Samsung 2008-07-07 02:41 . 2008-07-07 02:41 <DIR> d-------- C:\WINDOWS\system32\scripting 2008-07-07 02:41 . 2008-07-07 02:41 <DIR> d-------- C:\WINDOWS\system32\en 2008-07-07 02:41 . 2008-07-07 02:41 <DIR> d-------- C:\WINDOWS\system32\bits 2008-07-07 02:41 . 2008-07-07 02:41 <DIR> d-------- C:\WINDOWS\l2schemas 2008-07-07 02:35 . 2008-07-07 02:42 <DIR> d-------- C:\WINDOWS\ServicePackFiles 2008-07-07 02:24 . 2008-07-07 02:24 <DIR> d-------- C:\WINDOWS\EHome 2008-07-07 02:12 . 2008-04-14 01:12 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll 2008-07-07 02:11 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys 2008-07-07 02:10 . 2008-04-14 01:11 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll 2008-07-07 01:21 . 2008-07-07 01:21 44,032 --ahs---- C:\WINDOWS\Thumbs.db 2008-07-07 01:01 . 2008-07-07 01:01 <DIR> d-------- C:\WINDOWS\LastGood(2) 2008-07-05 19:15 . 2008-07-11 19:36 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-07-04 13:17 . 2008-07-04 13:17 268 --ah----- C:\sqmdata08.sqm 2008-07-04 13:17 . 2008-07-04 13:17 244 --ah----- C:\sqmnoopt08.sqm 2008-07-04 13:09 . 2008-05-08 15:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-07-04 13:01 . 2008-06-13 12:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-07-04 12:51 . 2008-07-04 12:51 268 --ah----- C:\sqmdata07.sqm 2008-07-04 12:51 . 2008-07-04 12:51 244 --ah----- C:\sqmnoopt07.sqm 2008-06-25 21:13 . 2008-07-07 01:01 <DIR> d-------- C:\Documents and Settings\Administrator 2008-06-23 21:32 . 2008-06-23 21:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Bluetooth 2008-06-23 21:27 . 2008-06-23 21:27 <DIR> d-------- C:\Program Files\IVT Corporation . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-23 11:52 --------- d-----w C:\Documents and Settings\neil rush\Application Data\Camfrog 2008-07-17 21:06 --------- d-----w C:\Program Files\Windows Live Safety Center 2008-07-17 14:40 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-04 17:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8 2008-07-04 11:55 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys 2008-07-04 11:55 76,040 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys 2008-07-04 11:55 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll 2008-06-25 19:45 --------- d-----w C:\Program Files\Conduit 2008-06-25 19:45 --------- d-----w C:\Program Files\1Club.FM 2008-06-25 19:41 --------- d-----w C:\Program Files\DivX 2008-06-25 18:38 --------- d-----w C:\Program Files\Starcraft 2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-15 10:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Musicnotes 2008-06-13 19:24 --------- d-----w C:\Documents and Settings\neil rush\Application Data\uTorrent 2008-06-13 11:05 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys 2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\system32\wshext.dll 2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll 2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll 2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll 2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe 2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe 2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll 2008-02-03 17:06 3,900 ----a-w C:\Program Files\interrnd7 (75 x 75).jpg 2008-02-03 17:05 5,423 ----a-w C:\Program Files\interrnd7 (100 x 100).jpg . ((((((((((((((((((((((((((((( snapshot@2008-07-04_12.29.03.78 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-27 10:46:15 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP3QFE\tzchange.exe - 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll + 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll - 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe + 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe - 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll + 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll - 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe + 2007-11-30 11:18:51 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe - 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll + 2007-11-30 11:18:51 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll - 2006-10-04 14:05:26 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll + 2008-04-14 00:11:48 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll - 2006-02-28 12:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll + 2008-04-14 00:11:48 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll - 2006-02-28 12:00:00 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll + 2008-04-14 00:11:48 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll - 2006-02-28 12:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll + 2008-04-14 00:11:48 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll - 2006-02-28 12:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll + 2008-04-14 00:11:48 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll - 2006-02-28 12:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll + 2008-04-14 00:11:48 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll + 2008-06-13 11:05:51 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys - 2006-02-28 12:00:00 1,032,192 ----a-w C:\WINDOWS\explorer.exe + 2008-04-14 00:12:19 1,033,728 ----a-w C:\WINDOWS\explorer.exe - 2006-02-28 12:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll + 2008-04-14 00:12:06 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll - 2006-02-28 12:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll + 2008-04-14 00:12:07 33,280 ----a-w C:\WINDOWS\Help\sstub.dll - 2006-02-28 12:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll + 2008-04-14 00:12:07 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll - 2006-02-28 12:00:00 10,752 ----a-w C:\WINDOWS\hh.exe + 2008-04-14 00:12:21 10,752 ----a-w C:\WINDOWS\hh.exe - 2006-02-28 12:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll + 2008-04-14 00:11:58 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll - 2006-02-28 12:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL + 2008-04-14 00:12:06 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll - 2006-02-28 12:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll + 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll - 2006-02-28 12:00:00 250,880 ----a-w C:\WINDOWS\ime\SPTIP.dll + 2008-04-14 00:12:06 250,368 ----a-w C:\WINDOWS\ime\sptip.dll - 2006-02-28 12:00:00 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe + 2008-04-14 00:12:38 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe - 2008-01-02 18:40:52 29,926 ----a-r C:\WINDOWS\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe + 2008-07-07 11:36:58 29,926 ----a-r C:\WINDOWS\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe + 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat + 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs + 2007-10-30 10  46 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs+ 2008-04-14 00:11:31 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll - 2006-02-28 12:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll + 2008-04-14 00:11:48 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll - 2006-02-28 12:00:00 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll + 2008-04-14 00:11:48 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll - 2006-02-28 12:00:00 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll + 2008-04-14 00:11:48 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll - 2006-02-28 12:00:00 58,880 ----a-w C:\WINDOWS\msagent\agentdpv.dll + 2008-04-14 00:11:48 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll - 2006-02-28 12:00:00 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll + 2008-04-14 00:11:48 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll - 2006-02-28 12:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll + 2008-04-14 00:11:48 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll - 2006-02-28 12:00:00 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll + 2008-04-14 00:11:48 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll - 2006-02-28 12:00:00 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe + 2008-04-14 00:12:12 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe - 2006-02-28 12:00:00 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll + 2008-04-14 00:11:49 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll + 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll + 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll - 2006-02-28 12:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll + 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll - 2006-02-28 12:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll + 2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll + 2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll + 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll - 2006-02-28 12:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll + 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll - 2006-02-28 12:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll + 2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll - 2006-02-28 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll + 2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll - 2006-02-28 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll + 2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll + 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll + 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll - 2006-02-28 12:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll + 2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll + 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll + 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll - 2006-02-28 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll + 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll - 2006-02-28 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll + 2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll - 2006-02-28 12:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll + 2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll - 2006-02-28 12:00:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll + 2008-04-14 00:12:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll + 2008-04-14 00:11:51 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll + 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe - 2006-02-28 12:00:00 69,120 ----a-w C:\WINDOWS\notepad.exe + 2008-04-14 00:12:29 69,120 ----a-w C:\WINDOWS\notepad.exe - 2006-02-28 12:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe + 2008-04-14 00:12:21 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe - 2006-02-28 12:00:00 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe + 2008-04-14 00:12:21 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe - 2006-02-28 12:00:00 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe + 2008-04-14 00:12:21 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe - 2006-02-28 12:00:00 158,208 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe + 2008-04-14 00:12:27 169,984 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe - 2006-02-28 12:00:00 376,320 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll + 2008-04-14 00:11:59 376,832 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll - 2006-02-28 12:00:00 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll + 2008-04-14 00:12:02 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll - 2006-02-28 12:00:00 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll + 2008-04-14 00:12:02 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - 2008-01-02 18:35:01 76,487 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat + 2008-07-07 01:46:41 76,487 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat - 2008-01-02 18:35:01 2,378 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin + 2008-07-07 01:46:41 2,748 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin - 2006-02-28 12:00:00 150,528 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe + 2008-04-14 00:12:38 150,528 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe - 2006-02-28 12:00:00 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll + 2008-04-14 00:12:06 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll - 2006-02-28 12:00:00 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll + 2008-04-14 00:12:06 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll - 2006-02-28 12:00:00 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll + 2008-04-14 00:12:06 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll - 2006-02-28 12:00:00 146,432 ----a-w C:\WINDOWS\regedit.exe + 2008-04-14 00:12:32 146,432 ----a-w C:\WINDOWS\regedit.exe + 2008-04-13 18:46:18 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys + 2008-04-13 18:40:50 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys + 2008-04-13 18:46:20 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys + 2008-04-14 00:11:48 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll + 2008-04-14 00:11:48 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll + 2004-08-03 21:32:22 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys + 2004-08-03 21:32:32 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys + 2008-04-14 00:11:48 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll + 2008-04-14 00:12:11 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe + 2008-04-14 00:11:48 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll + 2008-04-14 00:11:48 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll + 2008-04-14 00:11:48 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll + 2008-04-14 00:11:48 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll + 2008-04-13 18:36:35 187,776 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys + 2008-04-14 00:11:48 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll + 2008-04-14 00:11:48 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\activeds.dll + 2008-04-14 00:12:12 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe + 2008-04-14 00:11:48 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\actxprxy.dll + 2008-04-14 00:11:48 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\acxtrnal.dll + 2008-04-14 00:11:48 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\admin.dll + 2008-04-14 00:12:12 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe + 2004-08-03 21:32:24 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\admjoy.sys + 2008-04-14 00:11:48 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\admparse.dll + 2008-04-14 00:11:48 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\adsldp.dll + 2008-04-14 00:11:48 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\adsldpc.dll + 2008-04-14 00:11:48 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\adsmsext.dll + 2008-04-14 00:11:48 263,680 ------w C:\WINDOWS\ServicePackFiles\i386\adsnt.dll + 2008-04-14 00:11:48 4,255 ------w C:\WINDOWS\ServicePackFiles\i386\adv01nt5.dll + 2008-04-14 00:11:48 3,967 ------w C:\WINDOWS\ServicePackFiles\i386\adv02nt5.dll + 2008-04-14 00:11:48 3,615 ------w C:\WINDOWS\ServicePackFiles\i386\adv05nt5.dll + 2008-04-14 00:11:48 3,647 ------w C:\WINDOWS\ServicePackFiles\i386\adv07nt5.dll + 2008-04-14 00:11:48 3,135 ------w C:\WINDOWS\ServicePackFiles\i386\adv08nt5.dll + 2008-04-14 00:11:48 3,711 ------w C:\WINDOWS\ServicePackFiles\i386\adv09nt5.dll + 2008-04-14 00:11:48 3,775 ------w C:\WINDOWS\ServicePackFiles\i386\adv11nt5.dll + 2008-04-14 00:11:48 617,472 ------w C:\WINDOWS\ServicePackFiles\i386\advapi32.dll + 2008-04-14 00:11:48 99,840 ------w C:\WINDOWS\ServicePackFiles\i386\advpack.dll + 2008-04-13 16:39:23 142,592 ------w C:\WINDOWS\ServicePackFiles\i386\aec.sys + 2008-04-13 19:19:23 138,112 ------w C:\WINDOWS\ServicePackFiles\i386\afd.sys + 2008-04-14 00:11:48 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentanm.dll + 2008-04-14 00:11:48 214,016 ------w C:\WINDOWS\ServicePackFiles\i386\agentctl.dll + 2008-04-14 00:11:48 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\agentdp2.dll + 2008-04-14 00:11:48 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\agentdpv.dll + 2008-04-14 00:11:48 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\agentmpx.dll + 2008-04-14 00:11:48 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentpsh.dll + 2008-04-14 00:11:48 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\agentsr.dll + 2008-04-14 00:12:12 256,512 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe + 2008-04-13 18:36:38 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\agp440.sys + 2008-04-13 18:36:39 44,928 ------w C:\WINDOWS\ServicePackFiles\i386\agpcpq.sys + 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0401.dll + 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0404.dll + 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0405.dll + 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0406.dll + 2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt0407.dll + 2007-04-02 18:26:00 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\agt0408.dll + 2008-04-13 17:32:28 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt0409.dll + 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040b.dll + 2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt040c.dll + 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040d.dll + 2007-04-02 18:26:00 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt040e.dll + 2007-04-02 18:26:00 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0410.dll + 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0411.dll + 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0412.dll + 2007-04-02 18:26:01 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0413.dll + 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0414.dll + 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0415.dll + 2007-04-02 18:26:01 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0416.dll + 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0419.dll + 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041d.dll + 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041f.dll + 2007-04-02 18:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0804.dll + 2007-04-02 18:26:02 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0816.dll + 2007-04-02 18:26:02 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0c0a.dll + 2008-04-14 00:11:49 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agtintl.dll + 2008-04-14 00:12:12 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\ahui.exe + 2008-04-14 00:12:12 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\alg.exe + 2008-04-13 18:36:38 42,752 ------w C:\WINDOWS\ServicePackFiles\i386\alim1541.sys + 2008-04-14 00:11:49 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\alrsvc.dll + 2008-04-13 18:36:39 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\amdagp.sys + 2008-04-13 18:31:32 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\amdk6.sys + 2008-04-13 18:31:33 37,760 ------w C:\WINDOWS\ServicePackFiles\i386\amdk7.sys + 2008-04-14 00:11:49 70,656 ------w C:\WINDOWS\ServicePackFiles\i386\amstream.dll + 2004-08-03 21:31:20 36,224 ------w C:\WINDOWS\ServicePackFiles\i386\an983.sys + 2008-04-14 00:11:49 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\apphelp.dll + 2008-04-14 00:11:49 331,264 ------w C:\WINDOWS\ServicePackFiles\i386\aqueue.dll + 2008-04-13 18:51:25 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\arp1394.sys + 2008-04-14 00:11:49 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\asycfilt.dll + 2008-04-13 18:57:27 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys + 2008-04-14 00:12:12 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\at.exe + 2008-04-13 18:40:30 96,512 ------w C:\WINDOWS\ServicePackFiles\i386\atapi.sys + 2004-08-03 21:29:30 56,623 ------w C:\WINDOWS\ServicePackFiles\i386\ati1btxx.sys + 2004-08-03 21:29:30 11,615 ------w C:\WINDOWS\ServicePackFiles\i386\ati1mdxx.sys + 2004-08-03 21:29:30 12,047 ------w C:\WINDOWS\ServicePackFiles\i386\ati1pdxx.sys + 2004-08-03 21:29:32 30,671 ------w C:\WINDOWS\ServicePackFiles\i386\ati1raxx.sys + 2004-08-03 21:29:32 63,663 ------w C:\WINDOWS\ServicePackFiles\i386\ati1rvxx.sys + 2004-08-03 21:29:32 26,367 ------w C:\WINDOWS\ServicePackFiles\i386\ati1snxx.sys + 2004-08-03 21:29:32 21,343 ------w C:\WINDOWS\ServicePackFiles\i386\ati1ttxx.sys + 2004-08-03 21:29:32 36,463 ------w C:\WINDOWS\ServicePackFiles\i386\ati1tuxx.sys + 2004-08-03 21:29:32 29,455 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xbxx.sys + 2004-08-03 21:29:32 34,735 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xsxx.sys + 2008-04-14 00:11:49 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\ati2cqag.dll + 2008-04-14 00:11:49 377,984 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvaa.dll + 2008-04-14 00:11:49 201,728 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvag.dll + 2004-08-03 21:29:28 327,040 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtaa.sys + 2004-08-03 21:29:28 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtag.sys + 2008-04-14 00:11:49 870,784 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d1ag.dll + 2008-04-14 00:11:49 1,057,760 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d2ag.dll + 2008-04-14 00:11:50 1,888,992 ------w C:\WINDOWS\ServicePackFiles\i386\ati3duag.dll + 2004-08-03 21:29:28 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\atinbtxx.sys + 2004-08-03 21:29:30 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinmdxx.sys + 2004-08-03 21:29:30 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\atinpdxx.sys + 2004-08-03 21:29:30 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\atinraxx.sys + 2004-08-03 21:29:32 104,960 ------w C:\WINDOWS\ServicePackFiles\i386\atinrvxx.sys + 2004-08-03 21:29:32 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\atinsnxx.sys + 2004-08-03 21:29:32 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinttxx.sys + 2004-08-03 21:29:32 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\atintuxx.sys + 2004-08-03 21:29:32 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\atinxbxx.sys + 2004-08-03 21:29:32 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\atinxsxx.sys + 2008-04-14 00:11:50 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativtmxx.dll + 2008-04-14 00:11:50 516,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativvaxx.dll + 2008-04-14 00:11:50 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\atl.dll + 2008-04-14 00:12:12 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\atmadm.exe + 2008-04-13 18:51:25 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\atmarpc.sys + 2008-04-14 00:09:01 285,696 ------w C:\WINDOWS\ServicePackFiles\i386\atmfd.dll + 2008-04-13 18:51:30 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\atmlane.sys + 2008-04-14 00:11:50 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\atmlib.dll + 2008-04-14 00:12:12 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\ |
![[SOLVED] Instant Email Notification](http://www.techsupportforum.com/cwd/iconimages/hijackthis-log-help/solved-instant-email-notification.gif)