|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
Thread Tools |
06-24-2008, 01:24 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2008
Location: Bosnia
Posts: 6
OS: WinXP SP2 pro.
|
Slow internet, somewhat slow pc
Hi, this is my firs post here. I was hoping I could get any kind of help. I'm having problems with my net speed as I'm writing this. It takes approximately 30-60 seconds to open a page here on this forum even tho I have DSL connection.
I've read a lot of other subjects regarding this issue and I didn't want to take any chances in doing something wrong so I decided to post my problem. I know it's not having to do anything with AVG8 since I've been having these slow downs for 2 days, and I uninstalled AVG anti-virus a week ago. I'm not a computer wiz but I hope you could tell me if you see any problems how to solve them. Thanks. Here's my main.txt log: __________________________________________ Deckard's System Scanner v20071014.68 Run by AD2008 on 2008-06-24 19:54:05 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 179: 2008-06-24 17:54:12 UTC - RP179 - Deckard's System Scanner Restore Point 178: 2008-06-24 14:34:13 UTC - RP178 - Installed AVG Free 8.0 177: 2008-06-23 11:32:47 UTC - RP177 - Restore Operation 176: 2008-06-23 10:45:08 UTC - RP176 - Restore Operation 175: 2008-06-22 09:08:55 UTC - RP175 - System Checkpoint -- First Restore Point -- 1: 2008-04-14 07:40:40 UTC - RP1 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-06-24 19:55:52 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\explorer.exe C:\Program Files\AVG\AVG8\avgwdsvc.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe C:\Program Files\AVG\AVG8\avgrsx.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\RTHDCPL.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Documents and Settings\AD2008\Desktop\dss.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir...ie&ar=iesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s O2 - BHO: (no name) - {0e64e841-2463-47c9-8797-daf2810bbf61} - C:\WINDOWS\system32\byXOeETj.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: AVG Security Toolbar - {a057a204-bacc-4d26-9990-79a187e2698e} - C:\Program Files\AVG\AVG8\avgtoolbar.dll O2 - BHO: Data Tracker - {EADA1EAF-22C3-D5AF-E6DF-F66433041251} - C:\WINDOWS\system32\gnwtae32.dll (file missing) O2 - BHO: (no name) - {fd7c70d7-d10b-4efc-aaed-c67de9eba0cc} - C:\WINDOWS\system32\xxyvuRHx.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Disk Knight] C:\WINDOWS\Knight.exe O4 - HKLM\..\Run: [Userinit] C:\WINDOWS\system32\cologsver.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\AD2008\lsass.exe O4 - HKLM\..\Run: [d8b63334] rundll32.exe "C:\WINDOWS\system32\tleayikp.dll",b O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [BMdb8500a8] Rundll32.exe "C:\WINDOWS\system32\pundseix.dll",s O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [JavaCore] C:\Program Files\\JavaCore\\JavaCore.exe O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1202835104781 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{2DB84FF1-A25D-4CE5-AC2F-3AF20612CACA}: NameServer = 195.222.32.10 195.222.32.20 O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: byXOeETj - C:\WINDOWS\system32\byXOeETj.dll O20 - Winlogon Notify: winubg32 - C:\WINDOWS\system32\winubg32.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\AD2008\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 5100 series -product= O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: Sandboxie Service (sbiesvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe -- End of file - 8112 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 sbiedrv - c:\program files\sandboxie\sbiedrv.sys <Not Verified; tzuk; Sandboxie> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 ForcewareWebInterface (Forceware Web Interface) - "c:\program files\nvidia corporation\networkaccessmanager\apache group\apache2\bin\apache.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server> R2 sbiesvc (Sandboxie Service) - c:\program files\sandboxie\sbiesvc.exe <Not Verified; tzuk; Sandboxie> S2 hpdj - c:\docume~1\ad2008\locals~1\temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 5100 series -product= (file missing) -- Device Manager: Disabled ---------------------------------------------------- Class GUID: Description: PC Camera Device ID: USB\VID_0AC8&PID_0302&MI_00\6&C752BBF&0&0000 Manufacturer: Name: PC Camera PNP Device ID: USB\VID_0AC8&PID_0302&MI_00\6&C752BBF&0&0000 Service: -- Files created between 2008-05-24 and 2008-06-24 ----------------------------- 2008-06-24 16:34:24 0 d-------- C:\WINDOWS\system32\drivers\Avg 2008-06-24 16:34:24 0 d-------- C:\Documents and Settings\AD2008\Application Data\AVGTOOLBAR 2008-06-24 12:56:27 87040 --a------ C:\WINDOWS\system32\tleayikp.dll 2008-06-24 12:54:21 95232 --a------ C:\WINDOWS\system32\pundseix.dll 2008-06-24 12:53:20 428609 --ahs---- C:\WINDOWS\system32\xHRuvyxx.ini2 2008-06-24 12:53:18 285696 --a------ C:\WINDOWS\system32\xxyvuRHx.dll 2008-06-24 12:19:32 34304 --a------ C:\WINDOWS\system32\ssqOEUlk.dll 2008-06-24 12:18:55 34304 --a------ C:\WINDOWS\system32\tuvtRHwx.dll 2008-06-24 12:18:06 63920 --a------ C:\WINDOWS\system32\drivers\eac43f3d.sys 2008-06-24 12:17:56 32256 --a------ C:\WINDOWS\system32\winubg32.dll 2008-06-24 12:17:56 2 --a------ C:\-659147877 2008-06-24 12:17:42 34304 --a------ C:\WINDOWS\system32\byXOeETj.dll 2008-06-24 12:01:33 56320 -----n--- C:\WINDOWS\system32\iyvu9_32.dll 2008-06-24 12:01:33 136704 --a------ C:\WINDOWS\system32\iacenc.dll <Not Verified; Ligos Corporation; Indeo® Audio Software> 2008-06-24 12:01:32 0 d-------- C:\Program Files\Ligos 2008-06-24 11:59:55 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2008-06-24 11:45:13 0 d-------- C:\Program Files\Strategy First 2008-06-23 13:34:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-06-17 14:23:27 0 d-------- C:\VP-EYE 2008-06-15 15:33:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems(2) 2008-06-07 21:57:02 0 d-------- C:\WINDOWS\system32\Adobe 2008-06-07 21:56:52 681 --a------ C:\WINDOWS\mozver.dat 2008-06-07 19:25:51 0 d-------- C:\Program Files\Ubisoft 2008-06-07 19:25:48 1 --a------ C:\WINDOWS\system32\SI.bin 2008-06-05 14:10:29 0 d-------- C:\Program Files\Microsoft Games 2008-06-01 15:54:18 3670016 --a------ C:\Documents and Settings\AD2008\ntuser.dat -- Find3M Report --------------------------------------------------------------- 2008-06-24 19:50:05 0 d-------- C:\Documents and Settings\AD2008\Application Data\Skype 2008-06-24 17:44:57 0 d-------- C:\Documents and Settings\AD2008\Application Data\skypePM 2008-06-24 15:49:32 0 d-------- C:\Program Files\eMule 2008-06-24 15:43:08 0 d-------- C:\Program Files\Sandboxie 2008-06-23 13:34:08 0 d-------- C:\Program Files\Common Files\Adobe 2008-06-23 13:33:41 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-17 00:02:20 21104 --a------ C:\Documents and Settings\AD2008\Application Data\GDIPFONTCACHEV1.DAT 2008-06-07 22:17:32 0 d-------- C:\Documents and Settings\AD2008\Application Data\Adobe 2008-05-29 19:10:22 0 d-------- C:\Program Files\Warcraft III 2008-05-19 15:24:30 0 d-------- C:\Documents and Settings\AD2008\Application Data\WinRAR 2008-05-15 15:00:34 0 d-------- C:\Program Files\Common Files 2008-05-15 15:00:34 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-04-25 02:19:31 0 d-------- C:\Program Files\JavaCore 2008-04-25 01:43:18 0 d-------- C:\Program Files\AVG 2008-04-25 01:32:20 0 d-------- C:\Program Files\Network Associates 2008-04-25 01:31:12 0 d-------- C:\Program Files\a-squared Anti-Dialer 2008-04-25 01:08:31 0 d-------- C:\Program Files\Java 2008-04-24 15:30:11 206360 --ahs---- C:\WINDOWS\system32\uEdKnnnn.ini2 2008-04-24 14:48:52 74309 --a------ C:\WINDOWS\War3Unin.dat 2008-04-24 14:39:26 2829 --a------ C:\WINDOWS\War3Unin.pif 2008-04-24 14:39:25 139264 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller> 2008-04-24 12:51:48 0 d-------- C:\Documents and Settings\AD2008\Application Data\Mozilla 2008-04-24 12:49:10 0 d-------- C:\Program Files\Opera 2008-04-24 12:25:11 0 d-------- C:\Program Files\InetGet2 2008-04-24 11:56:50 0 d-------- C:\Documents and Settings\AD2008\Application Data\LimeWire 2008-04-24 11:49:40 0 d-------- C:\Documents and Settings\AD2008\Application Data\Opera 2008-04-24 11:49:23 0 d-------- C:\Program Files\The Witcher -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0e64e841-2463-47c9-8797-daf2810bbf61}] 24.06.2008 12:17 34304 --a------ C:\WINDOWS\system32\byXOeETj.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a057a204-bacc-4d26-9990-79a187e2698e}] 24.06.2008 16:34 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EADA1EAF-22C3-D5AF-E6DF-F66433041251}] C:\WINDOWS\system32\gnwtae32.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fd7c70d7-d10b-4efc-aaed-c67de9eba0cc}] 24.06.2008 12:53 285696 --a------ C:\WINDOWS\system32\xxyvuRHx.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [05.07.2007 10:08 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [15.06.2007 10:45 C:\WINDOWS\SkyTel.exe] "Alcmtr"="ALCMTR.EXE" [03.05.2005 12:43 C:\WINDOWS\Alcmtr.exe] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [10.11.2006 13:35] "Disk Knight"="C:\WINDOWS\Knight.exe" [] "Userinit"="C:\WINDOWS\system32\cologsver.exe" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22.02.2008 04:25] "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 11:50] "amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [23.07.2007 12:06] "LSA Shellu"="C:\Documents and Settings\AD2008\lsass.exe" [] "d8b63334"="C:\WINDOWS\system32\tleayikp.dll" [24.06.2008 12:56] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [24.06.2008 16:34] "BMdb8500a8"="C:\WINDOWS\system32\pundseix.dll" [24.06.2008 12:54] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04.08.2004 01:56] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18.10.2007 12:34] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [01.02.2008 18:22] "JavaCore"="C:\Program Files\\JavaCore\\JavaCore.exe" [] "SandboxieControl"="C:\Program Files\Sandboxie\SbieCtrl.exe" [05.03.2008 11:29] C:\Documents and Settings\AD2008\Start Menu\Programs\Startup\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16.3.2005 19:16:50] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13.2.2001 2:01:04] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{0E64E841-2463-47C9-8797-DAF2810BBF61}"= C:\WINDOWS\system32\byXOeETj.dll [24.06.2008 12:17 34304] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byXOeETj] byXOeETj.dll 24.06.2008 12:17 34304 C:\WINDOWS\system32\byXOeETj.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32] winubg32.dll 24.06.2008 12:17 32256 C:\WINDOWS\system32\winubg32.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\xxyvuRHx [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Reserved] @="Driver Group" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{379a8126-e469-11dc-ad1d-001d60eb259d}] auto\command- G:\Knight.exe open AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open explore\command- G:\Knight.exe open find\command- G:\Knight.exe open install\command- G:\Knight.exe open open\command- G:\Knight.exe open [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b9911e2-e243-11dc-ad16-001d60eb259d}] auto\command- G:\Knight.exe open AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open explore\command- G:\Knight.exe open find\command- G:\Knight.exe open install\command- G:\Knight.exe open open\command- G:\Knight.exe open [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8fd6404-d9bb-11dc-850f-001d60eb259d}] AutoRun\command- G:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea66a9fc-e788-11dc-ad29-001d60eb259d}] auto\command- G:\Knight.exe open AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open explore\command- G:\Knight.exe open find\command- G:\Knight.exe open install\command- G:\Knight.exe open open\command- G:\Knight.exe open [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{72637363-7069-7374-652E-336D65747300}] C:\WINDOWS\system32\cscripts.exe -- End of Deckard's System Scanner: finished at 2008-06-24 19:57:24 ------------ |
|
     |
|
06-28-2008, 01:55 PM
|
#2 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Location: Ontario, Canada
Posts: 2,544
OS: Windows XP Pro
|
Re: Slow internet, somewhat slow pc
Hi Salty_Grain,
Sorry for the delay in looking into your log, as we are extremely busy in this section of the forums. If you still require assistance and are not seeking help elsewhere, then please carry out my instructions. Please subscribe to this thread so that you are notified when you receive a reply. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Add Subscription. -------------------------------------------------------------- Please visit this webpage for instructions for downloading and running ComboFix: http://www.bleepingcomputer.com/comb...o-use-combofix IMPORTANT: Make sure you install the Recovery Console before running ComboFix. Reply back with the following:
__________________
 Proud Member of ASAP Proud Member of UNITE Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
06-29-2008, 03:37 AM
|
#3 (permalink) | ||
|
Registered User
Join Date: Jun 2008
Location: Bosnia
Posts: 6
OS: WinXP SP2 pro.
|
Re: Slow internet, somewhat slow pc
I know you're quite busy here, there's no need to appologuise.
Since last post I've some additional problems with my pc. Sometimes all my desktop icons and windows task bar just vanish and the only way to restore them is to restart my pc. Since running ComboFix and DSS i've seen some improvements regardin my internet problems, but still, from time to time it runs extremely slowly. I've subscribed to the thread, and here are my new logs: p.s. for some reason after doing the DSS scan it shows me only the main.txt log but not the extra.txt and i don't know why since i'm doing the very exact same thing. Quote:
Quote:
|
||
|
|
|
|
06-29-2008, 07:58 AM
|
#4 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Location: Ontario, Canada
Posts: 2,544
OS: Windows XP Pro
|
Re: Slow internet, somewhat slow pc
Hello, there is still some active malware present in your logs, so it is going to take a few rounds to cleanup.
------------------------------------------------ Open notepad and copy/paste the text in the quotebox below into it: Code:
http://www.techsupportforum.com/security-center/hijackthis-log-help/262674-slow-internet-somewhat-slow-pc.html#post1553093
Collect::
C:\WINDOWS\system32\pundseix.dll
C:\WINDOWS\system32\ssqOEUlk.dll
C:\WINDOWS\system32\tuvtRHwx.dll
C:\WINDOWS\system32\drivers\eac43f3d.sys
C:\WINDOWS\system32\winubg32.dll
C:\-659147877
C:\WINDOWS\system32\byXOeETj.dll
C:\WINDOWS\system32\sgahpkeq.dll
C:\WINDOWS\system32\kcwprdph.dll
C:\WINDOWS\system32\oglpjdgd.dll
C:\WINDOWS\system32\eqcdllsg.dll
C:\WINDOWS\system32\wdamgnor.dll
C:\WINDOWS\system32\oqbcuboo.dll
C:\WINDOWS\system32\gNoXEfii.ini2
C:\WINDOWS\system32\iifEXoNg.dll
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0e64e841-2463-47c9-8797-daf2810bbf61}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a057a204-bacc-4d26-9990-79a187e2698e}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d89adb7c-a596-49bd-8808-511b38d9a948}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EADA1EAF-22C3-D5AF-E6DF-F66433041251}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Disk Knight"=-
"Userinit"=-
"BMdb8500a8"=-
"d8b63334"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{379a8126-e469-11dc-ad1d-001d60eb259d}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b9911e2-e243-11dc-ad16-001d60eb259d}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8fd6404-d9bb-11dc-850f-001d60eb259d}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea66a9fc-e788-11dc-ad29-001d60eb259d}]
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{72637363-7069-7374-652E-336D65747300}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{0E64E841-2463-47C9-8797-DAF2810BBF61}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byXOeETj]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32]
 Referring to the picture above, drag CFScript into ComboFix.exe Follow the prompts, and post the resulting log, C:\ComboFix.txt Warning: Do not mouseclick combofix's window whilst it's running. That may cause it to stall When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture a file to submit for analysis. Please submit "[4]-Submit_Date_Time.zip" by following the prompts.
__________________
Proud Member of ASAP Proud Member of UNITE Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
06-29-2008, 10:12 AM
|
#5 (permalink) |
|
Registered User
Join Date: Jun 2008
Location: Bosnia
Posts: 6
OS: WinXP SP2 pro.
|
Re: Slow internet, somewhat slow pc
Code:
ComboFix 08-06-20.4 - AD2008 2008-06-29 18:11:40.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.115 [GMT 2:00] Running from: C:\Documents and Settings\AD2008\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\AD2008\Desktop\CFScript.txt * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\-659147877 C:\WINDOWS\pskt.ini C:\WINDOWS\system32\byXOeETj.dll C:\WINDOWS\system32\drivers\eac43f3d.sys C:\WINDOWS\system32\eqcdllsg.dll C:\WINDOWS\system32\gNoXEfii.ini C:\WINDOWS\system32\gNoXEfii.ini2 C:\WINDOWS\system32\iifEXoNg.dll C:\WINDOWS\system32\kcwprdph.dll C:\WINDOWS\system32\oglpjdgd.dll C:\WINDOWS\system32\oqbcuboo.dll C:\WINDOWS\system32\pundseix.dll C:\WINDOWS\system32\rongmadw.ini C:\WINDOWS\system32\ssqOEUlk.dll C:\WINDOWS\system32\tuvtRHwx.dll C:\WINDOWS\system32\wdamgnor.dll C:\WINDOWS\system32\winubg32.dll C:\WINDOWS\system32\xptrifse.ini . ((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-29 ))))))))))))))))))))))))))))))) . 2008-06-29 16:34 . 2008-06-29 16:34 87,040 --a------ C:\WINDOWS\system32\esfirtpx.dll 2008-06-29 16:32 . 2008-06-29 16:32 95,232 --a------ C:\WINDOWS\system32\wvrlerjg.dll 2008-06-29 11:47 . 2008-06-29 11:56 354 --ahs---- C:\WINDOWS\system32\qekphags.ini 2008-06-29 11:47 . 2008-06-29 11:47 0 --a------ C:\WINDOWS\BMdb8500a8.xml 2008-06-25 12:35 . 2008-06-25 12:35 <DIR> d-------- C:\Program Files\Trend Micro 2008-06-25 03:33 . 2008-06-25 03:33 <DIR> d-------- C:\Program Files\Panda Security 2008-06-24 19:53 . 2008-06-24 19:53 <DIR> d-------- C:\Deckard 2008-06-24 16:34 . 2008-06-29 10:26 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-06-24 16:34 . 2008-06-26 16:40 <DIR> d-------- C:\Documents and Settings\AD2008\Application Data\AVGTOOLBAR 2008-06-24 16:34 . 2008-06-24 16:34 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-06-24 16:34 . 2008-06-24 16:34 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-06-24 15:43 . 2008-06-25 21:43 1,594 --a------ C:\WINDOWS\Sandboxie.ini 2008-06-24 12:18 . 2008-06-29 18:58 63,920 --a------ C:\WINDOWS\system32\drivers\eac43f3d.sys 2008-06-24 12:18 . 2008-06-24 12:18 29 --a------ C:\WINDOWS\system32\uqtadagq.tmp 2008-06-24 12:01 . 2008-06-24 12:01 <DIR> d-------- C:\Program Files\Ligos 2008-06-24 12:01 . 2000-06-23 14:05 136,704 --a------ C:\WINDOWS\system32\iacenc.dll 2008-06-24 12:01 . 2000-06-22 13:09 56,320 --a------ C:\WINDOWS\system32\iyvu9_32.dll 2008-06-24 11:59 . 1998-10-29 19:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-06-24 11:45 . 2008-06-24 11:45 <DIR> d-------- C:\Program Files\Strategy First 2008-06-17 14:23 . 2008-06-17 14:24 <DIR> d-------- C:\VP-EYE 2008-06-15 15:33 . 2008-06-23 13:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems(2) 2008-06-07 22:33 . 2008-06-07 22:33 268 --ah----- C:\sqmdata19.sqm 2008-06-07 22:33 . 2008-06-07 22:33 244 --ah----- C:\sqmnoopt19.sqm 2008-06-07 21:57 . 2008-06-23 13:34 <DIR> d-------- C:\WINDOWS\system32\Adobe 2008-06-07 21:56 . 2008-06-07 21:57 681 --a------ C:\WINDOWS\mozver.dat 2008-06-07 19:25 . 2008-06-07 19:25 <DIR> d-------- C:\Program Files\Ubisoft 2008-06-07 19:25 . 2008-06-07 19:25 1 --a------ C:\WINDOWS\system32\SI.bin 2008-06-07 00:47 . 2008-06-07 00:47 268 --ah----- C:\sqmdata18.sqm 2008-06-07 00:47 . 2008-06-07 00:47 244 --ah----- C:\sqmnoopt18.sqm 2008-06-06 10:30 . 2008-06-06 10:30 268 --ah----- C:\sqmdata17.sqm 2008-06-06 10:30 . 2008-06-06 10:30 244 --ah----- C:\sqmnoopt17.sqm 2008-06-06 00:30 . 2008-06-06 00:30 268 --ah----- C:\sqmdata16.sqm 2008-06-06 00:30 . 2008-06-06 00:30 244 --ah----- C:\sqmnoopt16.sqm 2008-06-05 14:10 . 2008-06-05 14:10 <DIR> d-------- C:\Program Files\Microsoft Games 2008-06-05 01:44 . 2008-06-05 01:44 268 --ah----- C:\sqmdata15.sqm 2008-06-05 01:44 . 2008-06-05 01:44 244 --ah----- C:\sqmnoopt15.sqm 2008-06-04 14:21 . 2008-06-04 14:21 268 --ah----- C:\sqmdata14.sqm 2008-06-04 14:21 . 2008-06-04 14:21 244 --ah----- C:\sqmnoopt14.sqm 2008-06-04 00:55 . 2008-06-04 00:55 268 --ah----- C:\sqmdata13.sqm 2008-06-04 00:55 . 2008-06-04 00:55 244 --ah----- C:\sqmnoopt13.sqm 2008-06-02 14:16 . 2008-06-02 14:16 268 --ah----- C:\sqmdata12.sqm 2008-06-02 14:16 . 2008-06-02 14:16 244 --ah----- C:\sqmnoopt12.sqm 2008-06-02 01:23 . 2008-06-02 01:23 268 --ah----- C:\sqmdata11.sqm 2008-06-02 01:23 . 2008-06-02 01:23 244 --ah----- C:\sqmnoopt11.sqm 2008-05-31 23:44 . 2008-05-31 23:44 268 --ah----- C:\sqmdata10.sqm 2008-05-31 23:44 . 2008-05-31 23:44 244 --ah----- C:\sqmnoopt10.sqm 2008-05-31 19:42 . 2008-05-31 19:42 268 --ah----- C:\sqmdata09.sqm 2008-05-31 19:42 . 2008-05-31 19:42 244 --ah----- C:\sqmnoopt09.sqm 2008-05-30 22:36 . 2008-05-30 22:36 268 --ah----- C:\sqmdata08.sqm 2008-05-30 22:36 . 2008-05-30 22:36 244 --ah----- C:\sqmnoopt08.sqm . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-29 15:52 --------- d-----w C:\Documents and Settings\AD2008\Application Data\Skype 2008-06-29 14:31 --------- d-----w C:\Documents and Settings\AD2008\Application Data\skypePM 2008-06-24 23:34 --------- d-----w C:\Program Files\Common Files\Adobe 2008-06-24 14:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8 2008-06-24 13:49 --------- d-----w C:\Program Files\eMule 2008-06-24 13:43 --------- d-----w C:\Program Files\Sandboxie 2008-06-23 11:33 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-16 22:02 21,104 ----a-w C:\Documents and Settings\AD2008\Application Data\GDIPFONTCACHEV1.DAT 2008-05-29 17:10 --------- d-----w C:\Program Files\Warcraft III 2008-05-15 13:00 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared 2008-04-24 12:39 2,829 ----a-w C:\WINDOWS\War3Unin.pif 2008-04-24 12:39 139,264 ----a-w C:\WINDOWS\War3Unin.exe 2008-02-13 19:46 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat . ((((((((((((((((((((((((((((( snapshot@2008-06-29_11.46.31.28 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-19 09:40:27 1,845,888 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys + 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll + 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe + 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll + 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll + 2007-12-18 14:32:13 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\jscript.dll + 2007-12-18 14:32:13 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\vbscript.dll + 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spmsg.dll + 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spuninst.exe + 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\spcustom.dll + 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\updspapi.dll + 2008-02-20 05:19:35 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll + 2008-02-20 18:49:36 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll + 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll + 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe + 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll + 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll + 2008-02-16 09:32:03 1,024,000 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\browseui.dll + 2008-02-16 09:32:03 151,040 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\cdfview.dll + 2008-02-16 09:32:03 1,054,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\danim.dll + 2008-02-16 09:32:04 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtmsft.dll + 2008-02-16 09:32:04 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtrans.dll + 2008-02-16 09:32:04 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\extmgr.dll + 2008-02-15 09:07:53 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iedw.exe + 2008-02-16 09:32:04 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iepeers.dll + 2008-02-16 09:32:04 96,256 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\inseng.dll + 2008-02-16 09:32:04 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\jsproxy.dll + 2008-02-16 09:32:06 3,066,880 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtml.dll + 2008-02-16 09:32:06 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtmled.dll + 2008-02-16 09:32:06 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\msrating.dll + 2008-02-16 09:32:07 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mstime.dll + 2008-02-16 09:32:07 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\pngfilt.dll + 2008-02-16 09:32:08 1,499,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shdocvw.dll + 2008-02-16 09:32:08 474,112 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shlwapi.dll + 2008-02-16 09:32:08 618,496 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\urlmon.dll + 2008-02-16 09:32:09 666,112 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll + 2008-02-15 09:06:21 351,744 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\xpsp3res.dll + 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB947864\spmsg.dll + 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864\spuninst.exe + 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\spcustom.dll + 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\updspapi.dll + 2008-02-20 06:52:43 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll + 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll + 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe + 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll + 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll - 2008-02-12 22:10:45 68,608 -c--a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2008-06-29 09:50:43 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2008-02-12 22:10:49 72,192 -c--a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-06-29 09:50:51 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2008-02-12 22:10:49 4,308,992 -c--a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-06-29 09:50:26 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2008-02-12 22:10:49 482,304 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-06-29 09:50:53 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2008-02-12 22:10:47 2,878,976 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2008-06-29 09:50:34 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2008-02-12 22:10:43 258,048 -c--a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2008-06-29 09:50:57 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2008-02-12 22:10:43 114,176 -c--a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2008-06-29 09:50:57 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2008-02-12 22:10:51 260,096 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2008-06-29 09:50:51 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2008-02-12 22:10:46 5,025,792 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2008-06-29 09:50:31 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2008-02-12 22:10:45 10,752 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2008-06-29 09:50:39 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2008-02-12 22:10:43 503,808 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2008-06-29 09:50:32 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2008-02-12 22:10:44 13,312 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2008-06-29 09:50:42 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2008-02-12 22:10:47 8,192 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2008-06-29 09:50:46 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2008-02-12 22:10:47 36,864 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2008-06-29 09:50:48 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2008-02-12 22:10:48 5,632 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-06-29 09:50:48 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2008-02-12 22:10:44 413,696 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-06-29 09:50:58 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2008-02-12 22:10:44 36,864 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-06-29 09:50:58 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2008-02-12 22:10:44 647,168 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2008-06-29 09:50:59 655,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2008-02-12 22:10:45 73,728 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2008-06-29 09:51:00 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2008-02-12 22:10:44 745,472 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-06-29 09:50:49 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2008-02-12 22:10:52 110,592 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-06-29 09:50:47 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2008-02-12 22:10:51 372,736 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2008-06-29 09:50:46 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2008-02-12 22:10:42 28,672 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2008-06-29 09:50:54 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2008-02-12 22:10:51 667,648 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-06-29 09:50:45 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2008-02-12 22:10:52 5,632 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2008-06-29 09:50:27 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2008-02-12 22:10:43 12,800 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-06-29 09:50:56 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2008-02-12 22:10:43 32,768 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2008-06-29 09:50:44 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2008-02-12 22:10:43 7,168 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2008-06-29 09:50:44 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2008-02-12 22:10:50 110,592 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2008-06-29 09:50:49 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2008-02-12 22:10:45 81,920 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2008-06-29 09:50:50 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2008-02-12 22:10:50 389,120 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2008-06-29 09:50:33 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2008-02-12 22:10:49 716,800 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2008-06-29 09:50:35 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2008-02-12 22:10:43 884,736 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2008-06-29 09:50:36 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2008-02-12 22:10:47 5,050,368 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2008-06-29 09:51:01 5,070,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2008-02-12 22:10:46 188,416 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2008-06-29 09:50:59 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2008-02-12 22:10:46 397,312 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2008-06-29 09:50:40 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2008-02-12 22:10:46 81,920 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2008-06-29 09:50:55 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2008-02-12 22:10:51 700,416 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-06-29 09:50:28 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2008-02-12 22:10:49 368,640 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2008-06-29 09:50:56 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2008-02-12 22:10:51 258,048 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-06-29 09:50:55 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2008-02-12 22:10:50 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2008-06-29 09:50:53 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2008-02-12 22:10:50 131,072 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap. |
