please take a look at logs

Status
Not open for further replies.
E

El loco

In Runtime
Messages
125
Comp been acting weird today. windows live doesn't sign in , calendar had April 25th 2010 as date, firefox wasn't my default browser, my antivirus (avast) appears to have been deleted. I tried using restore point but there is only one and it is for April 25 2010 9 am...

anyways here are my logs. Combofix is huge

ComboFix 10-01-12.02 - Mike 01/12/2010 16:50:21.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.958.574 [GMT -5:00]
Running from: c:\documents and settings\Mike\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
C:\LOG.TXT
c:\windows\system32\SIntf16.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_APPLE_MOBILE_DEVICE
-------\Service_Apple Mobile Device


((((((((((((((((((((((((( Files Created from 2009-12-12 to 2010-01-12 )))))))))))))))))))))))))))))))
.

2010-04-25 17:33 . 2010-04-25 17:33 262144 ----a-w- C:\ntuser.dat
2010-01-12 21:24 . 2010-01-12 21:24 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-10 03:39 . 2010-01-10 03:44 -------- d-----w- c:\program files\Children of the Nile - Enhanced Edition

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-12 21:41 . 2009-11-13 17:13 -------- d-----w- c:\program files\Alwil Software
2010-01-12 21:28 . 2009-07-18 21:18 -------- d-----w- c:\program files\Yahoo!
2010-01-12 21:27 . 2009-07-18 22:20 -------- d-----w- c:\documents and settings\Mike\Application Data\Yahoo!
2010-01-12 21:24 . 2009-07-18 21:19 -------- d-----w- c:\documents and settings\Yosley\Application Data\Yahoo!
2010-01-12 21:24 . 2009-07-18 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-01-12 21:23 . 2008-02-25 19:32 -------- d-----w- c:\program files\Windows Live
2010-01-11 20:34 . 2008-03-29 12:20 -------- d-----w- c:\program files\Google
2010-01-11 18:03 . 2008-06-17 18:51 -------- d-----w- c:\program files\Diablo II
2010-01-11 18:03 . 2008-06-04 02:47 81347 -c--a-w- c:\windows\DIIUnin.dat
2010-01-11 14:35 . 2008-10-18 23:57 -------- d-----w- c:\documents and settings\Mike\Application Data\Winamp
2010-01-10 04:04 . 2009-12-12 19:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Avery
2010-01-09 19:40 . 2008-01-23 21:52 -------- d-----w- c:\documents and settings\Mike\Application Data\U3
2010-01-09 17:18 . 2008-01-23 17:04 135856 ----a-w- c:\documents and settings\Yosley\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-15 22:14 . 2009-12-12 04:43 -------- d-----w- c:\program files\Free Easy Burner
2009-12-15 11:24 . 2008-02-12 00:55 -------- d-----w- c:\documents and settings\Mike\Application Data\uTorrent
2009-12-13 15:54 . 2008-01-23 21:06 135856 ----a-w- c:\documents and settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-12 22:00 . 2008-10-20 23:41 -------- d-----w- c:\program files\Activision
2009-12-12 19:25 . 2008-01-23 17:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-12 07:08 . 2009-07-16 17:55 -------- d-----w- c:\program files\Ubisoft
2009-12-12 05:14 . 2009-12-12 05:14 -------- d-----w- c:\program files\Bethesda Softworks
2009-12-12 04:40 . 2008-09-22 19:48 -------- d-----w- c:\program files\Common Files\Nero
2009-12-12 04:39 . 2008-09-22 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-12-09 01:44 . 2009-12-09 02:02 19236 ----a-w- C:\mediamp3.dat
2009-12-02 01:28 . 2009-10-06 23:49 -------- d-----w- c:\documents and settings\Mike\Application Data\gtk-2.0
2009-12-01 02:11 . 2009-12-01 02:11 -------- d-----w- c:\documents and settings\Mike\Application Data\GameRanger
2009-11-27 21:37 . 2008-01-31 21:56 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-27 21:37 . 2008-01-31 22:00 138936 -c--a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-27 21:37 . 2008-01-31 21:56 214504 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-27 20:51 . 2009-11-27 20:51 1207984 ----a-w- c:\documents and settings\Mike\Application Data\GameRanger\GameRanger\GameRanger.exe
2009-11-27 20:50 . 2009-11-27 20:50 155312 ----a-w- c:\documents and settings\Mike\Application Data\GameRanger\GameRanger\Data\GameRanger.dll
2009-11-26 16:47 . 2009-10-23 05:01 -------- d-----w- c:\program files\PokerStars
2009-11-25 18:19 . 2009-11-25 18:19 -------- d-----w- c:\documents and settings\Guest\Application Data\Malwarebytes
2009-11-22 04:56 . 2008-09-22 19:51 -------- d-----w- c:\documents and settings\Mike\Application Data\Nero
2009-11-22 04:14 . 2008-02-05 19:16 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-19 15:54 . 2009-11-19 15:54 48816 ----a-w- c:\documents and settings\Mike\Application Data\GameRanger\GameRanger\Data\GameRangerLaunch.dll
2009-11-15 21:58 . 2009-11-15 21:58 2368 ----a-w- c:\windows\system32\SVKP.sys
2009-11-15 21:53 . 2009-11-15 21:53 -------- d-----w- c:\program files\JoWooD
2009-11-14 15:15 . 2008-03-28 16:53 -------- d-----w- c:\documents and settings\Yosley\Application Data\Apple Computer
2009-11-14 05:39 . 2009-11-14 05:39 138240 ----a-w- c:\documents and settings\Mike\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2009-11-14 05:39 . 2009-11-14 05:39 138240 ----a-w- c:\documents and settings\Mike\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2009-11-14 05:39 . 2009-11-14 05:39 138240 ----a-w- c:\documents and settings\Mike\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2009-11-14 05:39 . 2009-11-14 05:39 138240 ----a-w- c:\documents and settings\Mike\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2009-11-14 05:39 . 2008-02-03 03:35 -------- d-----w- c:\documents and settings\Mike\Application Data\SystemRequirementsLab
2009-11-01 15:01 . 2009-11-01 15:01 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-22 14:29 . 2009-08-12 20:41 4045528 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
 
((((((((((((((((((((((((((((( SnapShot_2009-10-22_14.22.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 05:02 . 2009-07-12 05:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2006-12-02 05:46 . 2006-12-02 05:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
- 2006-12-02 04:46 . 2006-12-02 04:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2009-07-12 01:54 . 2009-07-12 01:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
- 2006-12-02 04:08 . 2006-12-02 04:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
- 2006-12-02 04:26 . 2006-12-02 04:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:26 . 2006-12-02 05:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
- 2006-12-02 04:25 . 2006-12-02 04:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2009-07-12 06:07 . 2009-07-12 06:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 06:19 . 2009-07-12 06:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2006-12-02 03:56 . 2006-12-02 03:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
- 2006-12-02 02:56 . 2006-12-02 02:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2009-07-12 00:41 . 2009-07-12 00:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2010-01-12 22:00 . 2010-01-12 22:00 16384 c:\windows\Temp\Perflib_Perfdata_774.dat
+ 2009-07-16 18:04 . 2009-09-04 22:44 69464 c:\windows\system32\XAPOFX1_3.dll
+ 2009-07-16 18:04 . 2008-10-27 15:04 70992 c:\windows\system32\XAPOFX1_2.dll
- 2009-07-16 18:04 . 2008-10-15 11:03 70992 c:\windows\system32\XAPOFX1_2.dll
+ 2009-07-16 18:04 . 2009-03-16 19:18 22360 c:\windows\system32\X3DAudio1_6.dll
- 2009-07-16 18:04 . 2009-03-16 18:18 22360 c:\windows\system32\X3DAudio1_6.dll
- 2009-07-16 18:04 . 2008-10-15 11:03 23376 c:\windows\system32\X3DAudio1_5.dll
+ 2009-07-16 18:04 . 2008-10-27 15:04 23376 c:\windows\system32\X3DAudio1_5.dll
+ 2008-01-23 17:18 . 2009-08-07 00:24 44768 c:\windows\system32\wups2.dll
+ 2008-01-23 16:41 . 2009-08-07 00:24 35552 c:\windows\system32\wups.dll
+ 2006-09-28 23:56 . 2006-11-02 06:46 55296 c:\windows\system32\WudfSvc.dll
+ 2006-09-29 01:13 . 2006-11-02 06:46 87552 c:\windows\system32\WUDFCoinstaller.dll
+ 2008-01-23 16:41 . 2009-08-07 00:24 53472 c:\windows\system32\wuauclt.exe
+ 2006-11-02 12:00 . 2006-11-02 12:00 24136 c:\windows\system32\winusb.dll
+ 2009-12-12 04:43 . 2003-01-26 17:41 40960 c:\windows\system32\SSubTmr6.dll
+ 2008-01-23 17:22 . 2006-10-09 02:53 23856 c:\windows\system32\spupdsvc.exe
- 2008-01-23 17:22 . 2006-10-16 20:10 23856 c:\windows\system32\spupdsvc.exe
+ 2009-11-13 15:17 . 2009-08-07 00:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-11-13 15:17 . 2009-08-07 00:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2004-08-07 00:17 . 2009-10-09 13:23 64080 c:\windows\system32\perfc009.dat
+ 2004-08-07 00:17 . 2010-01-12 21:19 64080 c:\windows\system32\perfc009.dat
+ 2008-01-23 18:42 . 2010-04-25 17:33 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-12-12 04:43 . 1998-07-13 03:00 15360 c:\windows\system32\inetfr.DLL
+ 2009-12-12 04:43 . 1998-07-13 22:53 44544 c:\windows\system32\GIF89.DLL
+ 2006-09-29 00:00 . 2006-11-02 05:54 82560 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 23:55 . 2006-11-02 05:54 76672 c:\windows\system32\drivers\WudfPf.sys
+ 2006-11-02 12:00 . 2006-11-02 12:00 39368 c:\windows\system32\drivers\winusb.sys
+ 2009-04-08 22:13 . 2009-09-10 18:54 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2009-04-08 22:13 . 2009-09-10 18:53 19160 c:\windows\system32\drivers\mbam.sys
+ 2008-01-23 16:41 . 2009-08-07 00:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2008-01-23 16:41 . 2009-08-07 00:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2001-08-17 22:36 . 2004-08-07 00:15 13824 c:\windows\system32\dllcache\wowfaxui.dll
+ 2001-08-17 14:02 . 2004-08-07 00:15 58112 c:\windows\system32\dllcache\vdmindvd.sys
+ 2001-08-17 22:36 . 2004-08-07 00:15 49211 c:\windows\system32\dllcache\usrvpa.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 45116 c:\windows\system32\dllcache\usrvoica.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 49209 c:\windows\system32\dllcache\usrv80a.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 41019 c:\windows\system32\dllcache\usrsvpia.dll
+ 2001-08-17 22:37 . 2004-08-07 00:15 69700 c:\windows\system32\dllcache\usrshuta.exe
+ 2001-08-17 22:36 . 2004-08-07 00:15 49211 c:\windows\system32\dllcache\usrsdpia.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 77883 c:\windows\system32\dllcache\usrrtosa.dll
+ 2001-08-17 22:37 . 2004-08-07 00:15 61508 c:\windows\system32\dllcache\usrprbda.exe
+ 2001-08-17 22:37 . 2004-08-07 00:15 77891 c:\windows\system32\dllcache\usrmlnka.exe
+ 2001-08-17 22:36 . 2004-08-07 00:15 53305 c:\windows\system32\dllcache\usrlbva.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 86073 c:\windows\system32\dllcache\usrfaxa.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 77890 c:\windows\system32\dllcache\usrdpa.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 69699 c:\windows\system32\dllcache\usrcoina.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 61500 c:\windows\system32\dllcache\usrcntra.dll
+ 2008-01-23 11:34 . 2004-08-04 00:56 74240 c:\windows\system32\dllcache\usbui.dll
+ 2004-08-03 23:08 . 2004-08-04 05:05 16000 c:\windows\system32\dllcache\usbintel.sys
 
+ 2001-08-17 14:03 . 2004-08-07 00:15 23936 c:\windows\system32\dllcache\usbcamd2.sys
+ 2001-08-17 14:03 . 2004-08-07 00:15 23808 c:\windows\system32\dllcache\usbcamd.sys
+ 2004-08-03 23:03 . 2004-08-04 05:05 12416 c:\windows\system32\dllcache\tunmp.sys
+ 2001-08-17 14:06 . 2004-08-07 00:15 21376 c:\windows\system32\dllcache\tsbvcap.sys
+ 2001-08-17 14:01 . 2004-08-07 00:15 51712 c:\windows\system32\dllcache\tosdvd.sys
+ 2008-01-23 11:33 . 2004-08-04 00:56 74752 c:\windows\system32\dllcache\storprop.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 72192 c:\windows\system32\dllcache\sprio800.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 70656 c:\windows\system32\dllcache\sprio600.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 69632 c:\windows\system32\dllcache\spnike.dll
+ 2004-08-03 23:09 . 2004-08-04 05:05 25472 c:\windows\system32\dllcache\sonydcam.sys
+ 2004-08-04 02:59 . 2004-08-04 02:59 10240 c:\windows\system32\dllcache\sffp_sd.sys
+ 2004-08-04 02:59 . 2004-08-04 02:59 11136 c:\windows\system32\dllcache\sffdisk.sys
+ 2004-08-04 02:59 . 2004-08-04 02:59 15488 c:\windows\system32\dllcache\serenum.sys
+ 2004-08-04 04:56 . 2004-08-04 04:56 29184 c:\windows\system32\dllcache\sdhcinst.dll
+ 2004-08-04 03:07 . 2004-08-04 03:07 67584 c:\windows\system32\dllcache\sdbus.sys
+ 2004-08-04 02:59 . 2004-08-04 02:59 96256 c:\windows\system32\dllcache\scsiport.sys
+ 2001-08-17 13:24 . 2004-08-07 00:15 12032 c:\windows\system32\dllcache\riodrv.sys
+ 2001-08-17 13:24 . 2004-08-07 00:15 12032 c:\windows\system32\dllcache\rio8drv.sys
+ 2004-08-04 00:56 . 2004-08-04 05:05 35328 c:\windows\system32\dllcache\pid.dll
+ 2004-08-04 02:59 . 2004-08-04 02:59 25088 c:\windows\system32\dllcache\pciidex.sys
+ 2004-08-04 03:07 . 2004-08-04 03:07 68224 c:\windows\system32\dllcache\pci.sys
+ 2004-08-03 22:59 . 2004-08-04 05:05 42496 c:\windows\system32\dllcache\p3.sys
+ 2001-08-17 13:24 . 2004-08-07 00:15 12032 c:\windows\system32\dllcache\nikedrv.sys
+ 2004-08-04 00:56 . 2004-08-04 05:05 17408 c:\windows\system32\dllcache\msyuv.dll
+ 2004-08-03 23:08 . 2004-08-04 05:05 30080 c:\windows\system32\dllcache\modem.sys
+ 2004-08-03 23:07 . 2004-08-04 05:05 63744 c:\windows\system32\dllcache\mf.sys
+ 2004-08-04 00:56 . 2004-08-04 05:05 47616 c:\windows\system32\dllcache\iyuv_32.dll
+ 2004-08-07 00:16 . 2004-08-07 00:16 35840 c:\windows\system32\dllcache\isapnp.sys
+ 2004-08-04 02:59 . 2004-08-04 02:59 36096 c:\windows\system32\dllcache\intelppm.sys
+ 2004-08-04 03:08 . 2004-08-04 03:08 24960 c:\windows\system32\dllcache\hidparse.sys
+ 2004-08-04 03:08 . 2004-08-04 03:08 36224 c:\windows\system32\dllcache\hidclass.sys
+ 2001-08-17 13:57 . 2004-08-07 00:15 12160 c:\windows\system32\dllcache\fsvga.sys
+ 2001-08-17 22:36 . 2004-08-07 00:15 55296 c:\windows\system32\dllcache\dvdplay.exe
+ 2004-08-04 00:56 . 2004-08-04 05:05 52224 c:\windows\system32\dllcache\dmutil.dll
+ 2004-08-04 02:59 . 2004-08-04 02:59 36352 c:\windows\system32\dllcache\disk.sys
+ 2004-08-03 22:59 . 2004-08-04 05:05 36480 c:\windows\system32\dllcache\crusoe.sys
+ 2001-08-17 13:24 . 2004-08-07 00:15 11776 c:\windows\system32\dllcache\cpqdap01.sys
+ 2004-08-04 04:56 . 2009-08-07 00:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2004-08-07 00:15 . 2004-08-07 00:15 13952 c:\windows\system32\dllcache\cbidf2k.sys
+ 2004-08-04 04:56 . 2004-08-04 04:56 30208 c:\windows\system32\dllcache\bthserv.dll
+ 2004-08-04 04:56 . 2004-08-04 04:56 20992 c:\windows\system32\dllcache\bthci.dll
+ 2004-08-03 22:59 . 2004-08-04 05:05 37376 c:\windows\system32\dllcache\amdk7.sys
+ 2004-08-03 22:59 . 2004-08-04 05:05 36992 c:\windows\system32\dllcache\amdk6.sys
+ 2004-08-07 00:15 . 2004-08-07 00:15 11648 c:\windows\system32\dllcache\acpiec.sys
+ 2004-08-04 03:10 . 2004-08-04 03:10 53248 c:\windows\system32\dllcache\1394bus.sys
+ 2009-12-12 04:43 . 1998-07-12 23:00 32768 c:\windows\system32\CMDLGFR.DLL
+ 2004-08-04 04:56 . 2009-08-07 00:24 96480 c:\windows\system32\cdm.dll
+ 2009-11-26 19:25 . 2009-06-15 18:31 81920 c:\windows\system32\_pdfxp.dll
+ 2009-11-22 02:31 . 2009-11-22 02:31 32256 c:\windows\Installer\fc1bf7.msi
+ 2009-11-14 05:39 . 2009-11-14 05:39 20992 c:\windows\Installer\d6f84d.msi
+ 2010-04-25 17:20 . 2010-04-25 17:20 27136 c:\windows\Installer\4d5e3.msi
+ 2010-04-25 17:19 . 2010-04-25 17:19 83456 c:\windows\Installer\4d5d9.msi
+ 2010-04-25 17:19 . 2010-04-25 17:19 58880 c:\windows\Installer\4d5d4.msi
+ 2009-10-30 23:26 . 2009-10-30 23:26 22528 c:\windows\Installer\2313573.msi
- 2009-08-01 05:12 . 2009-08-01 05:12 62304 c:\windows\Installer\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}\IconWlc.exe
+ 2010-04-25 17:20 . 2010-04-25 17:20 62304 c:\windows\Installer\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}\IconWlc.exe
+ 2010-01-11 20:34 . 2010-01-11 20:34 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-01-11 20:34 . 2010-01-11 20:34 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-01-11 20:34 . 2010-01-11 20:34 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-01-11 20:34 . 2010-01-11 20:34 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-01-11 20:34 . 2010-01-11 20:34 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-01-11 20:34 . 2010-01-11 20:34 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-01-11 20:34 . 2010-01-11 20:34 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ARPPRODUCTICON.exe
- 2009-10-09 13:11 . 2009-10-09 13:11 80395 c:\windows\Installer\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}\MsblIco.Exe
+ 2010-04-25 17:20 . 2010-04-25 17:20 80395 c:\windows\Installer\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}\MsblIco.Exe
+ 2009-12-08 06:33 . 2009-12-08 06:33 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
- 2009-08-15 16:39 . 2009-08-15 16:39 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-12-07 19:45 . 2006-09-28 23:56 55808 c:\windows\$NtUninstallWudf01005$\wudfsvc.dll
+ 2009-12-07 19:45 . 2006-09-29 00:00 82944 c:\windows\$NtUninstallWudf01005$\wudfrd.sys
+ 2009-12-07 19:45 . 2006-09-28 23:55 77568 c:\windows\$NtUninstallWudf01005$\wudfpf.sys
+ 2009-12-07 19:45 . 2006-09-29 01:13 95344 c:\windows\$NtUninstallWudf01005$\wudfcoinstaller.dll
+ 2009-12-07 19:45 . 2006-11-02 05:54 71168 c:\windows\$NtUninstallWudf01005$\spuninst\WudfCustom.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 3200 c:\windows\system32\dllcache\wowfax.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 8192 c:\windows\system32\dllcache\tsbyuv.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 8192 c:\windows\system32\dllcache\streamci.dll
+ 2004-08-07 00:17 . 2004-08-07 00:17 3328 c:\windows\system32\dllcache\pciide.sys
+ 2004-08-07 00:17 . 2004-08-07 00:17 3456 c:\windows\system32\dllcache\oprghdlr.sys
+ 2004-08-04 04:56 . 2004-08-04 04:56 7168 c:\windows\system32\dllcache\hccoin.dll
+ 2008-01-23 11:34 . 2001-08-17 13:46 6400 c:\windows\system32\dllcache\enum1394.sys
+ 2009-07-12 05:02 . 2009-07-12 05:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-12 05:05 . 2009-07-12 05:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 07:54 . 2008-07-29 07:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2009-07-12 06:12 . 2009-07-12 06:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 06:09 . 2009-07-12 06:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 06:08 . 2009-07-12 06:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2006-06-05 18:14 . 2006-06-05 18:14 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
- 2006-06-05 19:14 . 2006-06-05 19:14 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
- 2006-06-05 19:14 . 2006-06-05 19:14 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 18:14 . 2006-06-05 18:14 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
- 2006-06-05 19:14 . 2006-06-05 19:14 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2006-06-05 18:14 . 2006-06-05 18:14 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2009-12-12 22:53 . 2009-09-04 22:44 515416 c:\windows\system32\XAudio2_5.dll
+ 2009-07-16 18:04 . 2009-03-16 19:18 517448 c:\windows\system32\XAudio2_4.dll
- 2009-07-16 18:04 . 2009-03-16 18:18 517448 c:\windows\system32\XAudio2_4.dll
+ 2009-07-16 18:04 . 2008-10-27 15:04 514384 c:\windows\system32\XAudio2_3.dll
- 2009-07-16 18:04 . 2008-10-15 11:03 514384 c:\windows\system32\XAudio2_3.dll
+ 2009-12-12 22:53 . 2009-09-04 22:44 238936 c:\windows\system32\xactengine3_5.dll
+ 2009-07-16 18:04 . 2009-03-16 19:18 235352 c:\windows\system32\xactengine3_4.dll
- 2009-07-16 18:04 . 2009-03-16 18:18 235352 c:\windows\system32\xactengine3_4.dll
+ 2009-07-16 18:04 . 2008-10-27 15:04 235856 c:\windows\system32\xactengine3_3.dll
- 2009-07-16 18:04 . 2008-10-15 11:03 235856 c:\windows\system32\xactengine3_3.dll
+ 2008-01-23 16:41 . 2009-08-07 00:24 209632 c:\windows\system32\wuweb.dll
+ 2006-09-28 23:56 . 2006-11-02 06:46 309760 c:\windows\system32\WUDFx.dll
+ 2006-09-28 23:56 . 2006-11-02 05:54 164352 c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 23:56 . 2006-11-02 06:46 143360 c:\windows\system32\WudfHost.exe
+ 2008-01-23 16:41 . 2009-08-07 00:24 327896 c:\windows\system32\wucltui.dll
+ 2008-01-23 16:41 . 2009-08-07 00:23 575704 c:\windows\system32\wuapi.dll
+ 2009-12-12 04:43 . 2005-02-24 17:51 348160 c:\windows\system32\WMAFile.dll
+ 2009-12-12 04:43 . 2000-10-01 23:00 119568 c:\windows\system32\VB6FR.DLL
+ 2006-03-17 20:49 . 2006-03-17 20:49 368640 c:\windows\system32\twnlib4.dll
+ 2009-11-26 19:25 . 2002-07-22 17:05 455168 c:\windows\system32\spool\drivers\w32x86\PSCRIPT5.DLL
+ 2009-11-26 19:25 . 2002-07-22 17:05 129024 c:\windows\system32\spool\drivers\w32x86\ps5UI.dll
+ 2009-11-26 19:25 . 2002-07-22 17:05 455168 c:\windows\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2009-11-26 19:25 . 2002-07-22 17:05 129024 c:\windows\system32\spool\drivers\w32x86\3\ps5UI.dll
+ 2004-08-07 00:17 . 2010-01-12 21:19 406990 c:\windows\system32\perfh009.dat
- 2004-08-07 00:17 . 2009-10-09 13:23 406990 c:\windows\system32\perfh009.dat
+ 2007-07-31 00:18 . 2009-08-07 00:23 215920 c:\windows\system32\muweb.dll
+ 2008-01-23 22:02 . 2009-08-07 00:23 274288 c:\windows\system32\mucltui.dll
+ 2009-12-12 04:43 . 1998-07-13 03:00 141312 c:\windows\system32\MSCMCFR.DLL
+ 2009-11-03 00:24 . 2009-11-03 00:24 257440 c:\windows\system32\Macromed\Flash\FlashUtil10d.exe
+ 2009-12-12 04:43 . 2008-09-25 02:33 484352 c:\windows\system32\lame_enc.dll
+ 2008-07-04 15:23 . 2008-07-04 15:23 802816 c:\windows\system32\imagXRA7.dll
+ 2008-07-04 15:23 . 2008-07-04 15:23 258048 c:\windows\system32\imagXR7.dll
+ 2008-07-04 15:23 . 2008-07-04 15:23 497296 c:\windows\system32\imagXpr7.dll
+ 2008-01-23 11:32 . 2009-12-13 15:50 446904 c:\windows\system32\FNTCACHE.DAT
+ 2008-01-23 16:41 . 2009-08-07 00:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2008-01-23 16:41 . 2009-08-07 00:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2008-01-23 16:41 . 2009-08-07 00:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2004-08-04 04:56 . 2004-08-04 04:56 108032 c:\windows\system32\dllcache\wshbth.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 102457 c:\windows\system32\dllcache\usrv42a.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 323641 c:\windows\system32\dllcache\usrdtea.dll
+ 2004-08-04 03:07 . 2004-08-04 03:07 119936 c:\windows\system32\dllcache\pcmcia.sys
+ 2001-08-17 22:36 . 2004-08-07 00:15 157696 c:\windows\system32\dllcache\paqsp.dll
+ 2001-08-17 22:36 . 2004-08-07 00:15 147968 c:\windows\system32\dllcache\mdwmdmsp.dll
+ 2004-08-07 00:16 . 2004-08-07 00:16 125056 c:\windows\system32\dllcache\ftdisk.sys
+ 2004-08-04 04:56 . 2004-08-04 04:56 193024 c:\windows\system32\dllcache\fsquirt.exe
+ 2001-08-17 14:02 . 2004-08-07 00:15 262528 c:\windows\system32\dllcache\cinemst2.sys
+ 2009-12-12 22:53 . 2009-09-04 22:29 235344 c:\windows\system32\d3dx11_42.dll
+ 2009-12-12 22:53 . 2009-09-04 22:29 453456 c:\windows\system32\d3dx10_42.dll
+ 2009-07-16 18:04 . 2009-03-09 20:27 453456 c:\windows\system32\d3dx10_41.dll
- 2009-07-16 18:04 . 2009-03-09 19:27 453456 c:\windows\system32\d3dx10_41.dll
- 2009-07-16 18:04 . 2008-10-15 10:22 452440 c:\windows\system32\d3dx10_40.dll
+ 2009-07-16 18:04 . 2008-10-15 11:22 452440 c:\windows\system32\d3dx10_40.dll
+ 2009-11-22 02:30 . 2009-11-22 02:30 424960 c:\windows\Installer\fc1bf2.msi
+ 2009-11-01 15:03 . 2009-11-01 15:03 796672 c:\windows\Installer\5e1810.msi
+ 2010-04-25 17:20 . 2010-04-25 17:20 430080 c:\windows\Installer\4d5e9.msi
+ 2010-04-25 17:20 . 2010-04-25 17:20 152576 c:\windows\Installer\4d5de.msi
+ 2010-04-25 17:19 . 2010-04-25 17:19 107008 c:\windows\Installer\4d5cf.msi
+ 2009-11-10 23:18 . 2009-11-10 23:18 219648 c:\windows\Installer\1ee7541.msi
+ 2009-12-12 22:53 . 2009-12-12 22:53 331264 c:\windows\Installer\17cab4f.msi
+ 2009-10-23 20:56 . 2009-10-23 20:56 122880 c:\windows\Installer\150e60c.msi
 
+ 2009-11-01 15:09 . 2009-11-01 15:09 102400 c:\windows\Installer\{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}\iTunesIco.exe
+ 2009-10-24 15:37 . 2009-11-09 04:34 295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
- 2009-08-15 16:39 . 2009-08-15 16:39 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-12-07 19:45 . 2006-09-28 23:56 316416 c:\windows\$NtUninstallWudf01005$\wudfx.dll
+ 2009-12-07 19:45 . 2006-09-28 23:56 165376 c:\windows\$NtUninstallWudf01005$\wudfplatform.dll
+ 2009-12-07 19:45 . 2006-09-28 23:56 146432 c:\windows\$NtUninstallWudf01005$\wudfhost.exe
+ 2009-12-07 19:45 . 2006-10-09 02:51 379184 c:\windows\$NtUninstallWudf01005$\spuninst\updspapi.dll
+ 2009-12-07 19:45 . 2006-10-09 02:51 221488 c:\windows\$NtUninstallWudf01005$\spuninst\spuninst.exe
+ 2009-12-07 19:46 . 2006-10-09 02:53 379184 c:\windows\$NtUninstallwinusb0100$\spuninst\updspapi.dll
+ 2009-12-07 19:46 . 2006-10-09 02:53 221488 c:\windows\$NtUninstallwinusb0100$\spuninst\spuninst.exe
+ 2009-07-12 05:02 . 2009-07-12 05:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
- 2006-12-02 04:25 . 2006-12-02 04:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
- 2006-12-02 04:25 . 2006-12-02 04:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2009-07-12 01:46 . 2009-07-12 01:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-12 01:46 . 2009-07-12 01:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2008-01-23 16:41 . 2009-08-07 00:23 1929952 c:\windows\system32\wuaueng.dll
+ 2008-06-10 17:40 . 2010-01-12 21:25 2109644 c:\windows\system32\Restore\rstrlog.dat
+ 2008-07-04 15:23 . 2008-07-04 15:23 1757184 c:\windows\system32\imagX7.dll
+ 2008-01-23 16:41 . 2009-08-07 00:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2009-12-12 22:53 . 2009-09-04 22:29 1892184 c:\windows\system32\D3DX9_42.dll
+ 2009-07-16 18:04 . 2009-03-09 20:27 4178264 c:\windows\system32\D3DX9_41.dll
- 2009-07-16 18:04 . 2009-03-09 19:27 4178264 c:\windows\system32\D3DX9_41.dll
- 2009-07-16 18:04 . 2008-10-15 10:22 4379984 c:\windows\system32\D3DX9_40.dll
+ 2009-07-16 18:04 . 2008-10-15 11:22 4379984 c:\windows\system32\D3DX9_40.dll
+ 2009-12-12 22:53 . 2009-09-04 22:29 5501792 c:\windows\system32\d3dcsx_42.dll
+ 2009-12-12 22:53 . 2009-09-04 22:29 1974616 c:\windows\system32\D3DCompiler_42.dll
+ 2009-07-16 18:04 . 2009-03-09 20:27 1846632 c:\windows\system32\D3DCompiler_41.dll
- 2009-07-16 18:04 . 2009-03-09 19:27 1846632 c:\windows\system32\D3DCompiler_41.dll
+ 2009-07-16 18:04 . 2008-10-15 11:22 2036576 c:\windows\system32\D3DCompiler_40.dll
- 2009-07-16 18:04 . 2008-10-15 10:22 2036576 c:\windows\system32\D3DCompiler_40.dll
+ 2009-12-12 04:43 . 2005-02-24 18:11 1212416 c:\windows\system32\AudioInfos.dll
+ 2009-12-12 04:43 . 2005-03-11 23:37 1986560 c:\windows\system32\AudFile.dll
+ 2009-11-01 15:09 . 2009-11-01 15:09 4454912 c:\windows\Installer\5e1fb0.msi
+ 2009-10-24 15:37 . 2009-10-24 15:37 4192256 c:\windows\Installer\503f63.msi
+ 2009-11-01 18:16 . 2009-11-01 18:16 4733440 c:\windows\Installer\3065eb4.msp
+ 2010-01-11 20:34 . 2010-01-11 20:34 1262080 c:\windows\Installer\123874f.msi
- 2009-08-15 16:39 . 2009-08-15 16:39 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-08-15 16:39 . 2009-08-15 16:39 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-12 22:52 . 2009-12-12 22:52 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-15 04:42 . 2008-10-15 04:42 13219184 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A3100000030\8.1.3\AcroRd32.dll
+ 2009-12-12 19:22 . 2009-12-12 19:22 81306112 c:\windows\Downloaded Installations\{6DF5124E-3A7B-49D1-8139-8FECA9984084}\DesignPro 5.4 Limited Edition.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-01-17 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= c:\documents and settings\Mike\Desktop\frontpage.swf
FriendlyName=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\kav\\kav7\\setup.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\Bf2_w32ded.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\BF2.exe"=
"c:\\Program Files\\Strategy First\\Europa Universalis 2\\EU2.exe"=
"c:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:mad:xpsp2res.dll,-22009

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2/5/2008 2:16 PM 717296]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [11/15/2009 4:58 PM 2368]
R2 WUSB54GSv2SVC;WUSB54GSv2SVC;c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe [1/23/2008 12:01 PM 41025]
R3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [9/2/2008 7:33 AM 100352]
S2 a2AntiMalware;a-squared Anti-Malware Service;"c:\program files\a-squared Anti-Malware\a2service.exe" --> c:\program files\a-squared Anti-Malware\a2service.exe [?]
S2 gupdate1c9f7db41a482ee;Google Update Service (gupdate1c9f7db41a482ee);c:\program files\Google\Update\GoogleUpdate.exe [6/28/2009 5:29 AM 133104]
S3 cpuz130;cpuz130;\??\c:\docume~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 lgusbsmodem;LGE Mobile USB Modem;c:\windows\system32\DRIVERS\lgusbsmodem.sys --> c:\windows\system32\DRIVERS\lgusbsmodem.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2009-11-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34]

2010-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 10:28]

2010-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 10:28]
.
.
 
------- Supplementary Scan -------
.
uStart Page = hxxp://espanol.yahoo.com
mStart Page = hxxp://espanol.yahoo.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\documents and settings\Mike\Application Data\Mozilla\Firefox\Profiles\en8u1vpy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://espanol.search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: keyword.URL - hxxp://espanol.search.yahoo.com/search?fr=ffds1&p=
FF - plugin: c:\documents and settings\Mike\Application Data\Mozilla\Firefox\Profiles\en8u1vpy.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npagent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.ytff.general.dontshowhpoffer, true.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Search Protection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe
AddRemove-Lords2 Siege Pack - c:\sierra\Lords2\Uninst.isu
AddRemove-RedBaronII - c:\sierra\RedBaronII\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-01-12 17:01
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x865671F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7550fc3
\Driver\ACPI -> ACPI.sys @ 0xf72abcb8
\Driver\atapi -> 0x865671f8
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058241c
ParseProcedure -> 0x862721b0
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058241c
ParseProcedure -> 0x862721b0
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3896)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GSv2.exe
c:\windows\system32\WgaTray.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-01-12 17:06:43 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-12 22:06
ComboFix2.txt 2009-10-22 14:24
ComboFix3.txt 2009-08-12 22:35
ComboFix4.txt 2009-04-08 23:39
ComboFix5.txt 2010-01-12 21:49

Pre-Run: 24,126,586,880 bytes free
Post-Run: 24,338,706,432 bytes free

Current=8 Default=8 Failed=7 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - 3DFDD21B5F3288EDC7BFD43013EC6120
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:23:56 PM, on 1/12/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GSv2.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! en Espaol
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! en Espaol
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1201108691495
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1201111902218
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FA321D1-4CEB-4ACA-A79E-90901D650B46}: NameServer = 167.206.245.130,167.206.245.129
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Unknown owner - C:\Program Files\a-squared Anti-Malware\a2service.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c9f7db41a482ee) (gupdate1c9f7db41a482ee) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: WUSB54GSv2SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Mike\Desktop\frontpage.swf

--
End of file - 7631 bytes
 
Malwarebytes' Anti-Malware 1.44
Database version: 3550
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

1/12/2010 5:21:56 PM
mbam-log-2010-01-12 (17-21-56).txt

Scan type: Quick Scan
Objects scanned: 133055
Time elapsed: 4 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
Remove

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O17 - HKLM\System\CS2\Services\Tcpip\..\{0FA321D1-4CEB-4ACA-A79E-90901D650B46}: NameServer = 167.206.245.130,167.206.245.129

Then upgrade to SP3 and IE8
 
Osiris said:
Remove

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O17 - HKLM\System\CS2\Services\Tcpip\..\{0FA321D1-4CEB-4ACA-A79E-90901D650B46}: NameServer = 167.206.245.130,167.206.245.129

Then upgrade to SP3 and IE8
Click to expand...
removed those. And I don't understand why I have earlier SP and IE.
Any idea what happened? Was it a virus?/

Thanks for help
 
Status
Not open for further replies.

Similar threads

J
Freezing up
Replies
5
Views
3K
jetsmell
J
T
Hijackthis Log Win 10 Can Anybody look at this?
Replies
1
Views
3K
carnageX
carnageX
alex_boothby
Excel Help
Replies
2
Views
2K
Technician1
Technician1
Celery
Easter weekend sale at Harbor Freight
2 3
Replies
24
Views
3K
Technician1
Technician1
M
computer suddenly slowed down.
Replies
0
Views
3K
mike3dp
M
Back
Top Bottom