Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

View previous topic View next topic Go down

Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 6:53 pm

Here is my Hijack this report:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:37 AM, on 05/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\DOCUME~1\Max\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\Z98TWB16\launch[1].exe
C:\DOCUME~1\Max\LOCALS~1\Temp\RarSFX0\gnnfq3.exe
C:\DOCUME~1\Max\LOCALS~1\Temp\RarSFX0\hr7mm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-21-1085031214-1336601894-725345543-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [You must be registered and logged in to see this link.]
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 7375 bytes

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Belahzur on 5th June 2009, 7:19 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV. (AVG8)
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:50 pm

ComboFix 09-06-05.02 - Max 05/06/2009 12:37.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1416 [GMT -7:00]
Running from: c:\documents and settings\Max\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Drivers\sptd.sys

.
((((((((((((((((((((((((( Files Created from 2009-05-05 to 2009-06-05 )))))))))))))))))))))))))))))))
.

2009-06-05 18:34 . 2009-06-05 18:34 -------- d-----w- c:\windows\ie8updates
2009-06-05 18:34 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-06-05 18:33 . 2009-06-05 18:34 -------- dc-h--w- c:\windows\ie8
2009-06-05 18:33 . 2009-06-05 18:33 -------- d-----w- c:\windows\LastGood
2009-06-05 17:15 . 2009-06-05 17:20 -------- d-----w- c:\documents and settings\Max\DoctorWeb
2009-06-05 17:00 . 2009-06-05 17:00 -------- d-----w- c:\program files\Trend Micro
2009-06-04 23:56 . 2009-06-04 23:56 1103360 ----a-w- c:\windows\system32\tempo-setup2.exe
2009-06-04 21:19 . 2009-06-04 21:19 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-04 21:19 . 2009-06-04 21:19 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-04 21:19 . 2009-06-04 21:19 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-06-04 21:19 . 2009-06-05 16:55 -------- d-----w- c:\windows\system32\drivers\Avg
2009-05-22 22:27 . 2009-05-22 22:27 -------- d-----w- c:\documents and settings\Max\Application Data\dvdcss

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-05 18:37 . 2008-05-03 18:41 -------- d-----w- c:\program files\LimeWire
2009-06-05 18:37 . 2008-05-27 15:08 -------- d-----w- c:\program files\BitLord
2009-06-05 16:59 . 2009-04-06 18:31 -------- d-----w- c:\documents and settings\Max\Application Data\DNA
2009-06-05 16:57 . 2009-03-30 00:55 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-05 16:49 . 2009-04-06 18:31 -------- d-----w- c:\program files\DNA
2009-06-05 16:49 . 2008-05-01 09:38 -------- d-----w- c:\program files\lg_fwupdate
2009-06-05 00:56 . 2008-05-01 10:24 -------- d-----w- c:\program files\Lavasoft
2009-06-04 21:20 . 2008-05-01 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-06-04 21:19 . 2008-08-03 01:02 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-13 21:33 . 2009-02-04 01:04 -------- d-----w- c:\documents and settings\Max\Application Data\vlc
2009-05-07 03:54 . 2008-06-02 18:50 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-05-07 03:53 . 2008-06-02 18:49 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-04-23 01:10 . 2009-04-23 01:10 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-04-21 17:21 . 2008-05-03 18:44 -------- d-----w- c:\program files\Java
2009-04-21 17:20 . 2009-04-21 17:20 152576 ----a-w- c:\documents and settings\Max\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-12 05:18 . 2008-09-02 02:46 77627 ----a-w- c:\windows\War3Unin.dat
2009-04-11 03:17 . 2009-04-11 03:17 -------- d-----w- c:\program files\Microsoft
2009-04-11 03:16 . 2009-04-11 01:25 -------- d-----w- c:\documents and settings\All Users\Application Data\WindowsLiveInstaller
2009-04-11 03:16 . 2009-04-11 01:25 -------- d-----w- c:\program files\Windows Live
2009-04-11 01:25 . 2008-05-03 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-04-06 20:53 . 2009-04-06 20:53 52105 ----a-w- c:\documents and settings\All Users\Application Data\IJJIGame\uninst.exe
2009-04-06 20:53 . 2009-04-06 20:53 -------- d-----w- c:\documents and settings\All Users\Application Data\IJJIGame
2009-04-06 20:32 . 2009-04-06 20:32 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-03-28 02:35 . 2008-05-01 10:02 15040 ----a-w- c:\documents and settings\Max\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-24 23:36 . 2009-03-24 23:36 152576 ----a-w- c:\documents and settings\Max\Application Data\Sun\Java\jre1.6.0_12\lzma.dll
2009-03-12 08:17 . 2009-03-26 01:07 2902048 -c--a-w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-03-09 19:06 . 2009-03-26 01:10 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-03-09 12:19 . 2008-12-07 17:31 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-03-08 21:21 . 2009-03-08 21:21 2771706 ----a-w- c:\windows\inf\SET51.tmp
2009-03-08 21:09 . 2009-03-08 21:09 391536 ----a-w- c:\windows\system32\SET80.tmp
2009-03-08 11:41 . 2009-03-08 11:41 5937152 ----a-w- c:\windows\system32\SET95.tmp
2009-03-08 11:35 . 2009-03-08 11:35 385024 ----a-w- c:\windows\system32\SET76.tmp
2009-03-08 11:34 . 2009-03-08 11:34 914944 ----a-w- c:\windows\system32\SETA6.tmp
2009-03-08 11:34 . 2009-03-08 11:34 1206784 ----a-w- c:\windows\system32\SETA2.tmp
2009-03-08 11:34 . 2009-03-08 11:34 1469440 ----a-w- c:\windows\system32\SET8B.tmp
2009-03-08 11:34 . 2009-03-08 11:34 236544 ----a-w- c:\windows\system32\SETA4.tmp
2009-03-08 11:34 . 2009-03-08 11:34 43008 ----a-w- c:\windows\system32\SET8F.tmp
2009-03-08 11:34 . 2009-03-08 11:34 105984 ----a-w- c:\windows\system32\SETA1.tmp
2009-03-08 11:34 . 2009-03-08 11:34 193536 ----a-w- c:\windows\system32\SET9A.tmp
2009-03-08 11:34 . 2009-03-08 11:34 109568 ----a-w- c:\windows\system32\SET9D.tmp
2009-03-08 11:33 . 2009-03-08 11:33 18944 ----a-w- c:\windows\system32\SET73.tmp
2009-03-08 11:33 . 2009-03-08 11:33 25600 ----a-w- c:\windows\system32\SET8E.tmp
2009-03-08 11:33 . 2009-03-08 11:33 726528 ----a-w- c:\windows\system32\SET8D.tmp
2009-03-08 11:33 . 2009-03-08 11:33 229376 ----a-w- c:\windows\system32\SET7C.tmp
2009-03-08 11:33 . 2009-03-08 11:33 420352 ----a-w- c:\windows\system32\SETA3.tmp
2009-03-08 11:33 . 2009-03-08 11:33 125952 ----a-w- c:\windows\system32\SET7B.tmp
2009-03-08 11:32 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\SET70.tmp
2009-03-08 11:32 . 2009-03-08 11:32 173056 ----a-w- c:\windows\system32\SET78.tmp
2009-03-08 11:32 . 2009-03-08 11:32 163840 ----a-w- c:\windows\system32\SET7D.tmp
2009-03-08 11:32 . 2009-03-08 11:32 71680 ----a-w- c:\windows\system32\SET87.tmp
2009-03-08 11:32 . 2009-03-08 11:32 55808 ----a-w- c:\windows\system32\SET85.tmp
2009-03-08 11:32 . 2009-03-08 11:32 128512 ----a-w- c:\windows\system32\SET71.tmp
2009-03-08 11:32 . 2009-03-08 11:32 94720 ----a-w- c:\windows\system32\SET8C.tmp
2009-03-08 11:32 . 2009-03-08 11:32 611840 ----a-w- c:\windows\system32\SET9C.tmp
2009-03-08 11:31 . 2009-03-08 11:31 183808 ----a-w- c:\windows\system32\SET84.tmp
2009-03-08 11:31 . 2009-03-08 11:31 348160 ----a-w- c:\windows\system32\SET74.tmp
2009-03-08 11:31 . 2009-03-08 11:31 34816 ----a-w- c:\windows\system32\SET8A.tmp
2009-03-08 11:31 . 2009-03-08 11:31 216064 ----a-w- c:\windows\system32\SET75.tmp
2009-03-08 11:31 . 2009-03-08 11:31 46592 ----a-w- c:\windows\system32\SET9E.tmp
2009-03-08 11:31 . 2009-03-08 11:31 66560 ----a-w- c:\windows\system32\SET97.tmp
2009-03-08 11:31 . 2009-03-08 11:31 48128 ----a-w- c:\windows\system32\SET98.tmp
2009-03-08 11:31 . 2009-03-08 11:31 45568 ----a-w- c:\windows\system32\SET93.tmp
2009-03-08 11:31 . 2009-03-08 11:31 1638912 ----a-w- c:\windows\system32\SET96.tmp
2009-03-08 11:30 . 2009-03-08 11:30 66560 ----a-w- c:\windows\system32\SET9F.tmp
2009-03-08 11:22 . 2009-03-08 11:22 156160 ----a-w- c:\windows\system32\SET99.tmp
2009-03-08 11:15 . 2009-03-08 11:15 57667 ----a-w- c:\windows\system32\SET89.tmp
2009-04-01 00:43 . 2009-04-01 00:43 53248 ----a-w- c:\program files\mozilla firefox\plugins\uc_luminary_launching.dll
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-30 04:10 . 2008-07-30 04:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2008-05-01 09:45 . 2009-01-08 01:21 26144 c:\windows\system32\spupdsvc.exe
+ 2008-05-03 19:27 . 2009-01-08 01:20 16928 c:\windows\system32\spmsg.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2006-02-28 12:00 . 2009-06-05 18:39 67312 c:\windows\system32\perfc009.dat
+ 2009-01-08 01:20 . 2009-01-08 01:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 24576 c:\windows\system32\nlsdl.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 55296 c:\windows\system32\msfeedsbs.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 83968 c:\windows\system32\mscories.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 97800 c:\windows\system32\infocardapi.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 36864 c:\windows\system32\ieudinit.exe
+ 2009-01-08 01:20 . 2009-01-08 01:20 26112 c:\windows\system32\idndl.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 11264 c:\windows\system32\icardres.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 59904 c:\windows\system32\icardie.dll
+ 2008-07-30 04:10 . 2008-07-30 04:10 73720 c:\windows\system32\dxva2.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2009-03-08 11:34 . 2009-03-08 11:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2009-03-08 11:24 . 2009-03-08 11:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 96760 c:\windows\system32\dfshim.dll

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:51 pm

+ 2008-07-30 06:40 . 2008-07-30 06:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 04:10 . 2008-07-30 04:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
- 2006-10-21 05:21 . 2006-10-21 05:21 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 04:10 . 2008-07-30 04:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-30 02:32 . 2008-07-30 02:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 18:17 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2005-09-23 14:28 . 2005-09-23 14:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 14:28 . 2005-09-23 14:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2005-09-23 14:28 . 2005-09-23 14:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2007-04-13 10:21 . 2007-04-13 10:21 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:51 pm

+ 2009-06-05 18:33 . 2008-04-14 00:12 37888 c:\windows\ie8\url.dll
+ 2009-06-05 18:33 . 2009-03-08 21:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-06-05 18:33 . 2008-04-14 00:12 39424 c:\windows\ie8\pngfilt.dll
+ 2009-06-05 18:33 . 2008-04-14 00:12 96256 c:\windows\ie8\occache.dll
+ 2009-06-05 18:33 . 2008-04-13 16:26 56832 c:\windows\ie8\mshtmler.dll
+ 2009-06-05 18:33 . 2008-04-14 00:12 29184 c:\windows\ie8\mshta.exe
+ 2009-06-05 18:33 . 2008-04-14 00:11 22016 c:\windows\ie8\licmgr10.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 15872 c:\windows\ie8\jsproxy.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 96256 c:\windows\ie8\inseng.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 35840 c:\windows\ie8\imgutil.dll
+ 2009-06-05 18:33 . 2008-04-14 00:12 93184 c:\windows\ie8\iexplore.exe
+ 2009-06-05 18:33 . 2008-04-14 00:11 62976 c:\windows\ie8\iesetup.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 48640 c:\windows\ie8\iernonce.dll
+ 2009-06-05 18:33 . 2009-02-20 08:10 81920 c:\windows\ie8\ieencode.dll
+ 2009-06-05 18:33 . 2008-04-14 00:12 34304 c:\windows\ie8\ie4uinit.exe
+ 2009-06-05 18:33 . 2008-04-14 00:11 38912 c:\windows\ie8\hmmapi.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 35328 c:\windows\ie8\corpol.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 99840 c:\windows\ie8\advpack.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 61440 c:\windows\ie8\admparse.dll
+ 2009-06-05 18:36 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-06-05 18:40 . 2009-06-05 18:40 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\ec83ec80653eb20ccc6ed42075c90aee\Microsoft.VisualC.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-06-05 18:38 . 2009-06-05 18:38 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-06-05 18:38 . 2009-06-05 18:38 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-06-05 18:38 . 2009-06-05 18:38 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-06-05 18:38 . 2009-06-05 18:38 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-06-05 18:36 . 2009-06-05 18:36 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2009-02-10 00:21 . 2009-02-10 00:21 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2005-09-23 14:29 . 2005-09-23 14:29 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-04-13 10:21 . 2007-04-13 10:21 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2007-04-13 10:20 . 2007-04-13 10:20 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-06-05 18:34 . 2009-03-08 11:35 2048 c:\windows\ie8updates\KB971180-IE8\iecompat.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 04:26 . 2008-07-30 04:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:52 pm

- 2008-08-17 04:52 . 2008-04-14 00:12 121856 c:\windows\system32\xmllite.dll
+ 2008-08-17 04:52 . 2009-01-08 01:21 121856 c:\windows\system32\xmllite.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2008-07-30 02:59 . 2008-07-30 02:59 161296 c:\windows\system32\UIAutomationCore.dll
+ 2009-02-10 00:20 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-02-10 00:20 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-02-10 00:20 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-02-10 00:20 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2006-10-15 00:40 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-10-15 00:42 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2006-10-15 00:42 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2006-10-15 00:42 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2006-10-15 00:43 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-30 03:35 . 2008-07-30 03:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-30 02:59 . 2008-07-30 02:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-02-28 12:00 . 2009-06-05 18:39 432356 c:\windows\system32\perfh009.dat
+ 2009-03-08 11:32 . 2009-03-08 11:32 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 265720 c:\windows\system32\msdbg2.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 282112 c:\windows\system32\mscoree.dll
+ 2009-03-08 11:22 . 2009-03-08 11:22 164352 c:\windows\system32\ieui.dll
+ 2009-03-08 11:11 . 2009-03-08 11:11 445952 c:\windows\system32\ieapfltr.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 622080 c:\windows\system32\icardagt.exe
+ 2008-07-30 04:10 . 2008-07-30 04:10 493048 c:\windows\system32\evr.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 109568 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2009-03-08 21:09 . 2009-03-08 21:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 183808 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 21:09 . 2009-03-08 21:09 391536 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 06:40 . 2008-07-30 06:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-30 01:47 . 2008-07-30 01:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 06:15 . 2008-07-30 06:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:52 pm

+ 2008-07-30 06:40 . 2008-07-30 06:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 03:35 . 2008-07-30 03:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-30 02:59 . 2008-07-30 02:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-30 02:16 . 2008-07-30 02:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-30 02:24 . 2008-07-30 02:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-30 02:16 . 2008-07-30 02:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 11:59 . 2008-11-25 11:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-04-13 10:21 . 2007-04-13 10:21 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-04-13 10:21 . 2007-04-13 10:21 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2007-04-13 10:21 . 2007-04-13 10:21 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2007-04-13 10:21 . 2007-04-13 10:21 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2005-09-23 14:29 . 2005-09-23 14:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 14:29 . 2005-09-23 14:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-04-13 10:21 . 2007-04-13 10:21 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 14:28 . 2005-09-23 14:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 18:16 . 2008-07-25 18:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-04-13 10:20 . 2007-04-13 10:20 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2005-09-23 14:28 . 2005-09-23 14:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 18:17 . 2008-07-25 18:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2009-06-05 18:34 . 2007-11-30 12:39 382840 c:\windows\ie8updates\KB971180-IE8\spuninst\updspapi.dll
+ 2009-06-05 18:34 . 2007-11-30 12:39 231288 c:\windows\ie8updates\KB971180-IE8\spuninst\spuninst.exe

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:53 pm

+ 2009-06-05 18:33 . 2009-02-20 08:10 666112 c:\windows\ie8\wininet.dll
+ 2009-06-05 18:33 . 2008-04-14 00:12 276480 c:\windows\ie8\webcheck.dll
+ 2009-06-05 18:33 . 2008-04-14 00:12 851968 c:\windows\ie8\vgx.dll
+ 2009-06-05 18:33 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll
+ 2009-06-05 18:33 . 2009-02-20 08:10 619520 c:\windows\ie8\urlmon.dll
+ 2009-06-05 18:33 . 2009-01-08 01:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-06-05 18:33 . 2009-01-08 01:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-06-05 18:33 . 2008-04-14 00:12 532480 c:\windows\ie8\mstime.dll
+ 2009-06-05 18:33 . 2008-04-14 00:12 146432 c:\windows\ie8\msrating.dll
+ 2009-06-05 18:33 . 2006-02-28 12:00 146432 c:\windows\ie8\msls31.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 449024 c:\windows\ie8\mshtmled.dll
+ 2009-06-05 18:33 . 2008-05-09 10:53 512000 c:\windows\ie8\jscript.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 251904 c:\windows\ie8\iepeers.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 323584 c:\windows\ie8\iedkcs32.dll
+ 2009-06-05 18:33 . 2006-02-28 12:00 221184 c:\windows\ie8\ieakui.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 216576 c:\windows\ie8\ieaksie.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 143360 c:\windows\ie8\ieakeng.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 205312 c:\windows\ie8\dxtrans.dll
+ 2009-06-05 18:33 . 2008-04-14 00:11 357888 c:\windows\ie8\dxtmsft.dll
+ 2009-06-05 18:36 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-06-05 18:36 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-06-05 18:36 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-06-05 18:36 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-06-05 18:36 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\45067d0793a09d3431d26bfa55c5a76a\sysglobl.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-06-05 18:38 . 2009-06-05 18:38 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
- 2009-02-10 00:21 . 2009-02-10 00:21 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-06-05 18:38 . 2009-06-05 18:38 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2009-02-10 00:20 . 2009-02-10 00:20 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:53 pm

+ 2009-06-05 18:36 . 2009-06-05 18:36 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2009-02-10 00:20 . 2009-02-10 00:20 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-02-10 00:21 . 2009-02-10 00:21 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-09-24 00:08 . 2008-09-24 00:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2009-02-10 00:20 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-02-10 00:20 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-02-10 00:20 . 2008-07-07 00:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-02-10 00:20 . 2008-07-07 00:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2006-10-15 04:22 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:54 pm

+ 2009-03-08 11:32 . 2009-03-08 11:32 1985024 c:\windows\system32\iertutil.dll
+ 2009-02-07 04:07 . 2009-02-07 04:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2009-01-08 01:20 . 2009-01-08 01:20 1022976 c:\windows\system32\dllcache\browseui.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-30 01:47 . 2008-07-30 01:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-30 01:47 . 2008-07-30 01:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 06:40 . 2008-07-30 06:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-06 02:35 . 2008-12-06 02:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-12-06 03:12 . 2008-12-06 03:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 11:59 . 2008-11-25 11:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 18:17 . 2008-07-25 18:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 11:59 . 2008-11-25 11:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 18:16 . 2008-07-25 18:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2009-06-05 18:33 . 2009-02-20 08:11 3068416 c:\windows\ie8\mshtml.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\283ecfbaa6a6fab76c8b544a4a89d5ce\System.Data.OracleClient.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-06-05 18:37 . 2009-06-05 18:37 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-06-05 18:36 . 2009-06-05 18:36 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-06-05 18:39 . 2009-06-05 18:39 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-03-08 11:39 . 2009-03-08 11:39 11063808 c:\windows\system32\ieframe.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-06-05 18:42 . 2009-06-05 18:42 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-06-05 18:41 . 2009-06-05 18:41 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-06-05 18:40 . 2009-06-05 18:40 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:54 pm

.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-07 3885408]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-05-04 249856]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-28 518488]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-04 1947928]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-18 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-04 21:19 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0autocheck lsdelete\0autocheck lsdelete\0autocheck lsdelete\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"g:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"g:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"g:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\Program Files\\Mass Effect\\Binaries\\MassEffect.exe"=
"g:\\Program Files\\Mass Effect\\MassEffectLauncher.exe"=
"g:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"g:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"g:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"g:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"g:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"g:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"g:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"=
"g:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe"=
"g:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"g:\\Program Files\\World of Warcraft\\Repair.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"g:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10558:TCP"= 10558:TCP:BitComet 10558 TCP
"10558:UDP"= 10558:UDP:BitComet 10558 UDP
"6881:TCP"= 6881:TCP:Blizzard Downloader: 6881

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [25/03/2009 6:10 PM 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [04/06/2009 2:19 PM 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [04/06/2009 2:19 PM 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [04/06/2009 2:19 PM 298776]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [09/03/2009 12:06 PM 1005904]
S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [01/05/2008 2:45 AM 26144]

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 7:54 pm

--- Other Services/Drivers In Memory ---

*NewlyCreated* - FONTCACHE3.0.0.0
*Deregistered* - DwShield000044A8

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 01:10]
.
.
------- Supplementary Scan -------
.
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
FF - ProfilePath - c:\documents and settings\Max\Application Data\Mozilla\Firefox\Profiles\5qaiczfx.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-06-05 12:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1085031214-1336601894-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:78,c3,e2,02,d8,1d,ba,39,b4,b4,7e,d7,92,de,c5,43,2f,4f,11,9b,1e,2c,6c,
42,c7,10,6d,49,c6,96,51,79,de,9b,82,49,3c,46,ef,8a,09,2f,2d,db,23,be,ef,18,\
"??"=hex:a1,fd,30,f0,18,16,a9,7d,c9,37,ea,0d,5d,f5,85,ff
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(832)
c:\windows\system32\nvappfilter.dll
.
Completion time: 2009-06-05 12:39
ComboFix-quarantined-files.txt 2009-06-05 19:39
ComboFix2.txt 2009-06-05 16:54

Pre-Run: 12,460,089,344 bytes free
Post-Run: 12,533,854,208 bytes free

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
806 --- E O F --- 2009-05-13 10:01

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Belahzur on 5th June 2009, 8:10 pm

Now open a new notepad file.
Input this into the notepad file:

KILLALL::

File::
c:\windows\system32\tempo-setup2.exe
c:\windows\system32\SET80.tmp
c:\windows\system32\SET95.tmp
c:\windows\system32\SET76.tmp
c:\windows\system32\SETA6.tmp
c:\windows\system32\SETA2.tmp
c:\windows\system32\SET8B.tmp
c:\windows\system32\SETA4.tmp
c:\windows\system32\SET8F.tmp
c:\windows\system32\SETA1.tmp
c:\windows\system32\SET9A.tmp
c:\windows\system32\SET9D.tmp
c:\windows\system32\SET73.tmp
c:\windows\system32\SET8E.tmp
c:\windows\system32\SET8D.tmp
c:\windows\system32\SET7C.tmp
c:\windows\system32\SETA3.tmp
c:\windows\system32\SET7B.tmp
c:\windows\system32\SET70.tmp
c:\windows\system32\SET78.tmp
c:\windows\system32\SET7D.tmp
c:\windows\system32\SET87.tmp
c:\windows\system32\SET85.tmp
c:\windows\system32\SET71.tmp
c:\windows\system32\SET8C.tmp
c:\windows\system32\SET9C.tmp
c:\windows\system32\SET84.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SET8A.tmp
c:\windows\system32\SET75.tmp
c:\windows\system32\SET9E.tmp
c:\windows\system32\SET97.tmp
c:\windows\system32\SET98.tmp
c:\windows\system32\SET93.tmp
c:\windows\system32\SET96.tmp
c:\windows\system32\SET9F.tmp
c:\windows\system32\SET99.tmp
c:\windows\system32\SET89.tmp

Folder::
c:\program files\LimeWire
c:\program files\BitLord
c:\program files\DNA

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\DNA\\btdna.exe"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10558:TCP"=-
"10558:UDP"=-

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 11:39 pm

ComboFix 09-06-05.02 - Max 05/06/2009 14:13.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1532 [GMT -7:00]
Running from: c:\documents and settings\Max\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Max\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\windows\system32\SET70.tmp"
"c:\windows\system32\SET71.tmp"
"c:\windows\system32\SET73.tmp"
"c:\windows\system32\SET74.tmp"
"c:\windows\system32\SET75.tmp"
"c:\windows\system32\SET76.tmp"
"c:\windows\system32\SET78.tmp"
"c:\windows\system32\SET7B.tmp"
"c:\windows\system32\SET7C.tmp"
"c:\windows\system32\SET7D.tmp"
"c:\windows\system32\SET80.tmp"
"c:\windows\system32\SET84.tmp"
"c:\windows\system32\SET85.tmp"
"c:\windows\system32\SET87.tmp"
"c:\windows\system32\SET89.tmp"
"c:\windows\system32\SET8A.tmp"
"c:\windows\system32\SET8B.tmp"
"c:\windows\system32\SET8C.tmp"
"c:\windows\system32\SET8D.tmp"
"c:\windows\system32\SET8E.tmp"
"c:\windows\system32\SET8F.tmp"
"c:\windows\system32\SET93.tmp"
"c:\windows\system32\SET95.tmp"
"c:\windows\system32\SET96.tmp"
"c:\windows\system32\SET97.tmp"
"c:\windows\system32\SET98.tmp"
"c:\windows\system32\SET99.tmp"
"c:\windows\system32\SET9A.tmp"
"c:\windows\system32\SET9C.tmp"
"c:\windows\system32\SET9D.tmp"
"c:\windows\system32\SET9E.tmp"
"c:\windows\system32\SET9F.tmp"
"c:\windows\system32\SETA1.tmp"
"c:\windows\system32\SETA2.tmp"
"c:\windows\system32\SETA3.tmp"
"c:\windows\system32\SETA4.tmp"
"c:\windows\system32\SETA6.tmp"
"c:\windows\system32\tempo-setup2.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\BitLord
c:\program files\BitLord\BitLord.xml
c:\program files\BitLord\Downloads.xml
c:\program files\BitLord\lang\lang_ar_ae.xml
c:\program files\BitLord\lang\lang_bg_bg.xml
c:\program files\BitLord\lang\lang_ca_es.xml
c:\program files\BitLord\lang\lang_cz_cz.xml
c:\program files\BitLord\lang\lang_da_dk.xml
c:\program files\BitLord\lang\lang_de_de.xml
c:\program files\BitLord\lang\lang_el_gr.xml
c:\program files\BitLord\lang\lang_en_us.xml
c:\program files\BitLord\lang\lang_es_ar.xml
c:\program files\BitLord\lang\lang_es_es.xml
c:\program files\BitLord\lang\lang_et_ee.xml
c:\program files\BitLord\lang\lang_fi_fi.xml
c:\program files\BitLord\lang\lang_fr_fr.xml
c:\program files\BitLord\lang\lang_gl_es.xml
c:\program files\BitLord\lang\lang_he_il.xml
c:\program files\BitLord\lang\lang_hu_hu.xml
c:\program files\BitLord\lang\lang_it_it.xml
c:\program files\BitLord\lang\lang_jp_jp.xml
c:\program files\BitLord\lang\lang_ko_kr.xml
c:\program files\BitLord\lang\lang_nb_no.xml
c:\program files\BitLord\lang\lang_nl_nl.xml
c:\program files\BitLord\lang\lang_pl_pl.xml
c:\program files\BitLord\lang\lang_pt_br.xml
c:\program files\BitLord\lang\lang_pt_pt.xml
c:\program files\BitLord\lang\lang_ro_ro.xml
c:\program files\BitLord\lang\lang_ru_ru.xml
c:\program files\BitLord\lang\lang_sk_sk.xml
c:\program files\BitLord\lang\lang_sl_si.xml
c:\program files\BitLord\lang\lang_sr_sr.xml
c:\program files\BitLord\lang\lang_sv_se.xml
c:\program files\BitLord\lang\lang_th_th.xml
c:\program files\BitLord\lang\lang_tr_tr.xml
c:\program files\BitLord\lang\lang_va_es.xml
c:\program files\BitLord\lang\lang_zh_tw.xml
c:\program files\BitLord\rules\ipfilter.dat
c:\program files\BitLord\Torrents\Jethro Tull.torrent
c:\program files\BitLord\Torrents\Jethro Tull.xml
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\program files\LimeWire
c:\program files\LimeWire\hs_err_pid3044.log
c:\program files\LimeWire\Incomplete\T-3888642-The Spill Canvas- Staplegunned.mp3
c:\program files\LimeWire\Incomplete\T-4115631-Linking Park - My December.mp3
c:\program files\LimeWire\Incomplete\T-4449219-Linkin Park - Papercut.mp3
c:\program files\LimeWire\Incomplete\T-4491005-Linking Park & Jay-Z - 99 problems.mp3
c:\program files\LimeWire\Incomplete\T-4503217-Linkin Park - Numb.mp3
c:\program files\LimeWire\Incomplete\T-4899915-Linkin Park - Easier To Run2.mp3
c:\program files\LimeWire\Incomplete\T-4979541-Linking Park - What I've Done.mp3
c:\program files\LimeWire\Incomplete\T-4983744-Linkin Park - Transformers Soundtrack - 01 - What I've Done(1).mp3
c:\program files\LimeWire\Incomplete\T-5015556-Linking Park - Crawling.mp3
c:\program files\LimeWire\Incomplete\T-5091186-Nine Inch Nails - The Perfect Drug .mp3
c:\program files\LimeWire\Incomplete\T-5125224-Linking Park - Somewhere I Belong.mp3
c:\program files\LimeWire\Incomplete\T-5125608-Linkin Park - Somwhere I Belong.mp3
c:\program files\LimeWire\Incomplete\T-5688396-Linkin Park - Shadow Of The Day.mp3
c:\program files\LimeWire\Incomplete\T-6024448-Linkin Park- Dust In The Wind (Acoustic Guitar).mp3
c:\windows\system32\tempo-setup2.exe

.
((((((((((((((((((((((((( Files Created from 2009-05-05 to 2009-06-05 )))))))))))))))))))))))))))))))

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 11:40 pm

.

2009-06-05 19:50 . 2009-06-05 19:50 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-06-05 19:45 . 2009-06-05 19:45 -------- d-sh--w- c:\documents and settings\Max\PrivacIE
2009-06-05 19:45 . 2009-06-05 19:45 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-06-05 19:45 . 2009-06-05 19:45 -------- d-sh--w- c:\documents and settings\Max\IETldCache
2009-06-05 18:34 . 2009-06-05 18:34 -------- d-----w- c:\windows\ie8updates
2009-06-05 18:34 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-06-05 18:33 . 2009-06-05 18:34 -------- dc-h--w- c:\windows\ie8
2009-06-05 17:15 . 2009-06-05 17:20 -------- d-----w- c:\documents and settings\Max\DoctorWeb
2009-06-05 17:00 . 2009-06-05 17:00 -------- d-----w- c:\program files\Trend Micro
2009-06-04 21:19 . 2009-06-04 21:19 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-04 21:19 . 2009-06-04 21:19 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-04 21:19 . 2009-06-04 21:19 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-06-04 21:19 . 2009-06-05 16:55 -------- d-----w- c:\windows\system32\drivers\Avg
2009-05-22 22:27 . 2009-05-22 22:27 -------- d-----w- c:\documents and settings\Max\Application Data\dvdcss

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-05 22:40 . 2008-05-01 09:38 -------- d-----w- c:\program files\lg_fwupdate
2009-06-05 16:59 . 2009-04-06 18:31 -------- d-----w- c:\documents and settings\Max\Application Data\DNA
2009-06-05 16:57 . 2009-03-30 00:55 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-05 00:56 . 2008-05-01 10:24 -------- d-----w- c:\program files\Lavasoft
2009-06-04 21:20 . 2008-05-01 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-06-04 21:19 . 2008-08-03 01:02 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-13 21:33 . 2009-02-04 01:04 -------- d-----w- c:\documents and settings\Max\Application Data\vlc
2009-05-07 03:54 . 2008-06-02 18:50 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-05-07 03:53 . 2008-06-02 18:49 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-04-23 01:10 . 2009-04-23 01:10 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-04-21 17:21 . 2008-05-03 18:44 -------- d-----w- c:\program files\Java
2009-04-21 17:20 . 2009-04-21 17:20 152576 ----a-w- c:\documents and settings\Max\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-12 05:18 . 2008-09-02 02:46 77627 ----a-w- c:\windows\War3Unin.dat
2009-04-11 03:17 . 2009-04-11 03:17 -------- d-----w- c:\program files\Microsoft
2009-04-11 03:16 . 2009-04-11 01:25 -------- d-----w- c:\documents and settings\All Users\Application Data\WindowsLiveInstaller
2009-04-11 03:16 . 2009-04-11 01:25 -------- d-----w- c:\program files\Windows Live
2009-04-11 01:25 . 2008-05-03 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-04-06 20:53 . 2009-04-06 20:53 52105 ----a-w- c:\documents and settings\All Users\Application Data\IJJIGame\uninst.exe
2009-03-28 02:35 . 2008-05-01 10:02 15040 ----a-w- c:\documents and settings\Max\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-24 23:36 . 2009-03-24 23:36 152576 ----a-w- c:\documents and settings\Max\Application Data\Sun\Java\jre1.6.0_12\lzma.dll
2009-03-12 08:17 . 2009-03-26 01:07 2902048 -c--a-w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-03-09 19:06 . 2009-03-26 01:10 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-03-09 12:19 . 2008-12-07 17:31 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-03-08 11:34 . 2006-02-28 12:00 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2006-02-28 12:00 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2006-02-28 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2006-02-28 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2006-02-28 12:00 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2006-02-28 12:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 11:31 . 2006-02-28 12:00 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2006-02-28 12:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2006-02-28 12:00 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2006-02-28 12:00 156160 ----a-w- c:\windows\system32\msls31.dll
2009-04-01 00:43 . 2009-04-01 00:43 53248 ----a-w- c:\program files\mozilla firefox\plugins\uc_luminary_launching.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-06-05_19.38.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-05 22:40 . 2009-06-05 22:40 16384 c:\windows\temp\Perflib_Perfdata_704.dat
+ 2009-06-05 22:40 . 2009-06-05 22:40 16384 c:\windows\temp\Perflib_Perfdata_1d4.dat
+ 2009-02-10 00:20 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 46592 c:\windows\system32\pngfilt.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 66560 c:\windows\system32\mshtmled.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 25600 c:\windows\system32\jsproxy.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 94720 c:\windows\system32\inseng.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 55808 c:\windows\system32\iernonce.dll
+ 2006-10-15 00:43 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-06-05 22:40 . 2008-12-17 05:59 109080 c:\windows\temp\logishrd\LVPrcInj01.dll
+ 2006-10-15 04:21 . 2008-07-06 12:06 575488 c:\windows\system32\xpsshhdr.dll
+ 2006-02-28 12:00 . 2009-03-08 11:34 236544 c:\windows\system32\webcheck.dll
+ 2006-02-28 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2009-02-10 00:20 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2006-10-15 00:44 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2006-10-15 00:43 . 2008-07-06 12:06 117760 c:\windows\system32\prntvpt.dll
+ 2006-02-28 12:00 . 2009-03-08 11:34 109568 c:\windows\system32\occache.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 611840 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2009-03-08 11:34 193536 c:\windows\system32\msrating.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 726528 c:\windows\system32\jscript.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 183808 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2009-03-08 21:09 391536 c:\windows\system32\iedkcs32.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 163840 c:\windows\system32\ieakui.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 229376 c:\windows\system32\ieaksie.dll
+ 2006-02-28 12:00 . 2009-03-08 11:33 125952 c:\windows\system32\ieakeng.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 173056 c:\windows\system32\ie4uinit.exe
- 2008-05-01 17:20 . 2009-03-28 20:20 103032 c:\windows\system32\FNTCACHE.DAT
+ 2008-05-01 17:20 . 2009-06-05 19:44 103032 c:\windows\system32\FNTCACHE.DAT
+ 2006-02-28 12:00 . 2009-03-08 11:31 216064 c:\windows\system32\dxtrans.dll
+ 2006-02-28 12:00 . 2009-03-08 11:31 348160 c:\windows\system32\dxtmsft.dll
+ 2006-10-15 04:21 . 2008-07-06 12:06 575488 c:\windows\system32\dllcache\xpsshhdr.dll
+ 2008-04-21 06:44 . 2009-03-08 11:34 914944 c:\windows\system32\dllcache\wininet.dll
+ 2008-05-09 10:53 . 2009-03-08 11:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2006-10-15 00:44 . 2008-07-06 10:50 597504 c:\windows\system32\dllcache\printfilterpipelinesvc.exe
+ 2006-02-28 12:00 . 2009-03-08 11:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2008-05-09 10:53 . 2009-03-08 11:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2006-02-28 12:00 . 2009-03-08 11:32 128512 c:\windows\system32\advpack.dll

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 11:40 pm

+ 2009-06-05 20:01 . 2009-06-05 20:01 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-06-05 20:02 . 2009-06-05 20:02 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\f48e3419fb2cb012fd160ae801600ae7\System.Messaging.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-06-05 20:00 . 2009-06-05 20:00 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-06-05 20:00 . 2009-06-05 20:00 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-06-05 20:01 . 2009-06-05 20:01 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-06-05 20:01 . 2009-06-05 20:01 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-06-05 20:01 . 2009-06-05 20:01 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-06-05 20:00 . 2009-06-05 20:00 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-06-05 20:01 . 2009-06-05 20:01 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2006-10-15 04:22 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll
+ 2006-02-28 12:00 . 2009-03-08 11:34 1206784 c:\windows\system32\urlmon.dll
+ 2006-02-28 12:00 . 2009-03-08 11:41 5937152 c:\windows\system32\mshtml.dll
+ 2006-10-15 04:22 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll
+ 2008-06-26 08:15 . 2009-03-08 11:34 1206784 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-21 06:44 . 2009-03-08 11:41 5937152 c:\windows\system32\dllcache\mshtml.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-06-05 20:02 . 2009-06-05 20:02 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-06-05 20:00 . 2009-06-05 20:00 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-06-05 20:00 . 2009-06-05 20:00 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-06-05 20:00 . 2009-06-05 20:00 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-06-05 20:01 . 2009-06-05 20:01 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-06-05 20:00 . 2009-06-05 20:00 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-07 3885408]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-05-04 249856]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-28 518488]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-04 1947928]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-18 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 11:40 pm

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-04 21:19 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0autocheck lsdelete\0autocheck lsdelete\0autocheck lsdelete\0autocheck lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"g:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"g:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"g:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\Program Files\\Mass Effect\\Binaries\\MassEffect.exe"=
"g:\\Program Files\\Mass Effect\\MassEffectLauncher.exe"=
"g:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"g:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"g:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"g:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"g:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"g:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"g:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"=
"g:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe"=
"g:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"g:\\Program Files\\World of Warcraft\\Repair.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"g:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6881:TCP"= 6881:TCP:Blizzard Downloader: 6881

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [25/03/2009 6:10 PM 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [04/06/2009 2:19 PM 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [04/06/2009 2:19 PM 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [04/06/2009 2:19 PM 298776]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [09/03/2009 12:06 PM 1005904]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 01:10]
.
.
------- Supplementary Scan -------
.
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
FF - ProfilePath - c:\documents and settings\Max\Application Data\Mozilla\Firefox\Profiles\5qaiczfx.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-06-05 15:40
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1085031214-1336601894-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:78,c3,e2,02,d8,1d,ba,39,b4,b4,7e,d7,92,de,c5,43,2f,4f,11,9b,1e,2c,6c,
42,c7,10,6d,49,c6,96,51,79,de,9b,82,49,3c,46,ef,8a,09,2f,2d,db,23,be,ef,18,\
"??"=hex:a1,fd,30,f0,18,16,a9,7d,c9,37,ea,0d,5d,f5,85,ff
.
--------------------- DLLs Loaded Under Running Processes ---------------------

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 5th June 2009, 11:40 pm

- - - - - - - > 'lsass.exe'(812)
c:\windows\system32\nvappfilter.dll

- - - - - - - > 'explorer.exe'(6772)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\nvappfilter.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\rundll32.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-06-05 15:42 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-05 22:42
ComboFix2.txt 2009-06-05 19:39
ComboFix3.txt 2009-06-05 16:54

Pre-Run: 12,674,895,872 bytes free
Post-Run: 12,660,609,024 bytes free

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
408 --- E O F --- 2009-05-13 10:01

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Belahzur on 5th June 2009, 11:48 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Darkmaximus on 6th June 2009, 12:02 am

As far as i can tell, all is good.

Thank you very much for your assistance.

Darkmaximus
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-06-05
OS OS : XP Pro
Points Points : 27479
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Winblusoft-Most of it is removed just wanted to make sure there is nothing else.

Post by Origin on 6th June 2009, 12:05 am

Glad we could help Wink



Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31533
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum