ComboFix 08-10-23.08 - HP_Administrator 2008-10-24 13:00:28.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.515 [GMT -4:00]
Running from: C:\Documents and Settings\HP_Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\HP_Administrator\Desktop\CFScript.txt
* Created a new restore point
.
Error: Cfiles.dat
((((((((((((((((((((((((( Files Created from 2008-09-24 to 2008-10-24 )))))))))))))))))))))))))))))))
.
2008-10-23 00:35 . 2008-10-23 00:35 <DIR> d-------- C:\Program Files\GamesCampus
2008-10-17 04:37 . 2008-10-23 03:03 <DIR> d-------- C:\Program Files\Saga
2008-10-16 01:23 . 2008-10-16 01:24 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Dreamlords
2008-10-16 01:12 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-10-16 01:12 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2008-10-16 01:12 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-10-16 01:12 . 2006-09-28 16:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2008-10-16 01:12 . 2007-03-05 12:42 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2008-10-15 03:13 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2008-10-11 03:09 . 2008-10-11 03:23 <DIR> d-------- C:\Program Files\PoxNora
2008-10-09 01:31 . 2008-10-09 01:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\IJJIGame
2008-10-07 02:26 . 2008-10-07 02:26 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\teamspeak2
2008-10-07 02:25 . 2008-10-07 02:26 <DIR> d-------- C:\Program Files\Teamspeak2_RC2
2008-10-07 02:25 . 2008-10-07 02:25 34,064 --a------ C:\WINDOWS\system32\lhacm.acm
2008-10-06 02:31 . 2008-10-06 02:34 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-06 02:31 . 2008-10-06 02:31 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes
2008-10-06 02:31 . 2008-10-06 02:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-06 02:31 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-06 02:31 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-06 01:05 . 2008-04-23 14:02 157,152 --a------ C:\WINDOWS\system32\PubPlugin.dll
2008-10-06 01:05 . 2008-06-12 15:08 58,800 --a------ C:\WINDOWS\system32\ijjiPlugin2.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-24 16:54 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Skype
2008-10-24 12:07 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\skypePM
2008-10-24 12:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2008-10-24 05:16 --------- d-----w C:\Program Files\vSide
2008-10-20 17:19 --------- d-----w C:\Program Files\Diablo II
2008-10-17 07:45 --------- d-----w C:\Program Files\City of Heroes
2008-10-17 01:04 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-10-15 16:57 332,800 ----a-w C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-15 05:22 --------- d-----w C:\Program Files\LimeWire
2008-10-14 22:52 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\PalaceChat 3
2008-10-14 22:32 --------- d-----w C:\Program Files\PalaceChat
2008-10-13 13:24 --------- d--h--w C:\Documents and Settings\HP_Administrator\Application Data\IJJIGame
2008-10-03 17:41 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2008-10-02 07:49 --------- d-----w C:\Program Files\Graal
2008-10-01 04:16 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Azureus
2008-10-01 03:39 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2008-10-01 03:39 --------- d-----w C:\Program Files\Common Files\HP
2008-10-01 03:34 --------- d-----w C:\Program Files\VstPlugins
2008-10-01 03:34 --------- d-----w C:\Program Files\Image-Line
2008-10-01 03:28 --------- d-----w C:\Program Files\Wolfenstein - Enemy Territory
2008-09-27 19:24 --------- d-----w C:\Program Files\Dofus
2008-09-27 01:32 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\U3
2008-09-22 23:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\NexonUS
2008-09-15 11:57 1,846,016 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 11:57 1,846,016 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-09-13 22:06 2,888 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
2008-09-13 08:15 --------- d-----w C:\Program Files\Wakfu
2008-09-11 07:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI
2008-09-11 07:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-11 07:20 --------- d-----w C:\Program Files\ATI Technologies
2008-09-08 01:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Outspark
2008-09-07 03:47 0 ----a-r C:\logwmemory.bin
2008-09-07 03:47 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Soldat
2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\dllcache\srv.sys
2008-08-28 09:10 0 ----a-w C:\Documents and Settings\HP_Administrator\jagex_runescape_preferences.dat
2008-08-27 16:59 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\AVG7
2008-08-27 08:24 3,593,216 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-08-26 06:20 98,304 ---hatw C:\WINDOWS\system32\MSVRCTD.DLL
2008-08-26 06:20 243,788 ---hatw C:\WINDOWS\system32\MSVRCTDR.dll
2008-08-25 08:38 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-08-25 08:37 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-08-23 05:56 635,848 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-08-23 05:54 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-08-14 10:00 2,180,352 ------w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-08-14 09:58 2,136,064 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 09:58 2,136,064 ------w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-08-14 09:51 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-08-14 09:22 2,057,728 ------w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-08-14 09:22 2,015,744 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-14 09:22 2,015,744 ------w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-08-01 06:38 3,266,560 ----a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
2008-08-01 05:40 9,928,704 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-08-01 04:58 253,952 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-08-01 04:33 425,984 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-08-01 04:32 311,296 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-08-01 04:23 184,320 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-08-01 04:23 143,360 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-08-01 04:22 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-08-01 04:22 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-08-01 04:22 143,360 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-08-01 04:21 573,440 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-08-01 04:19 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-08-01 04:10 3,917,568 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-08-01 03:59 2,183,552 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-08-01 03:46 48,640 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-08-01 03:42 376,832 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-08-01 03:40 35,328 ----a-w C:\WINDOWS\system32\atiadlxx.dll
2008-08-01 03:40 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-08-01 03:39 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-08-01 03:34 561,152 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-08-01 01:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2007-10-01 20:13 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2007-09-19 07:41 372,736 ----a-w C:\Documents and Settings\HP_Administrator\ijl15.dll
2007-09-19 07:41 28,672 ----a-w C:\Documents and Settings\HP_Administrator\JPGI.dll
2007-09-19 07:41 258,352 ----a-w C:\Documents and Settings\HP_Administrator\unicows.dll
2007-05-03 03:55 3,670,016 ----a-w C:\Program Files\Laxelore.exe._temp
2006-06-22 20:41 5,264,976 ----a-w C:\Documents and Settings\HP_Administrator\setup.exe
2003-08-05 19:41 53,248 ----a-w C:\WINDOWS\inf\ap561.exe
2002-11-27 00:24 32,768 ----a-w C:\WINDOWS\inf\Remove561.exe
2002-11-22 23:56 118,784 ----a-w C:\WINDOWS\inf\ShowBmp.exe
2002-10-30 02:07 36,864 ----a-w C:\WINDOWS\inf\Setup8a.exe
2002-10-01 22:43 119,798 ----a-w C:\WINDOWS\inf\spca561.sys
2001-09-29 01:00 164,864 ----a-w C:\Program Files\UNWISE.EXE
2005-05-14 00:12 217,073 --sha-r C:\WINDOWS\meta4.exe
2005-10-24 18:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe
2005-10-14 04:27 422,400 --sha-r C:\WINDOWS\x2.64.exe
2005-10-08 02:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
2005-07-14 19:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 22:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-22 05:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-25 07:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2006-04-27 17:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
2005-02-28 20:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-25 07:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
((((((((((((((((((((((((((((( snapshot@2008-10-06_13.14.44.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-26 09:08:35 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:08:36 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:08:36 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:08:36 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:08:36 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:08:36 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:08:36 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:08:36 380,928 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:08:37 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 17:26:50 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:08:39 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:08:39 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:08:40 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:08:40 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:08:40 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:08:43 3,594,752 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:08:43 477,696 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:08:44 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:08:44 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:08:44 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:08:44 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:08:44 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:08:45 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:08:45 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:08:45 827,904 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB956390-IE7\update\updspapi.dll
- 2007-12-27 14:21:25 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-10-16 05:12:50 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2007-12-27 14:21:25 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-10-16 05:12:50 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2007-12-27 14:21:26 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-10-16 05:12:50 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-12-27 14:21:21 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:42 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:21 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:44 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:22 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:44 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:22 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:45 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:23 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:46 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:23 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:46 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:23 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:47 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:24 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:47 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:24 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:48 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:26 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-16 05:12:51 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-27 14:21:26 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-10-16 05:12:51 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2007-12-27 14:21:26 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-10-16 05:12:51 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2007-12-27 14:21:26 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-10-16 05:12:52 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2007-12-27 14:21:27 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-10-16 05:12:52 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2007-12-27 14:21:24 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-10-16 05:12:49 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2006-10-10 07:55:51 36,399 ----a-w C:\WINDOWS\DIIUnin.dat
+ 2008-10-17 01:05:40 37,566 ----a-w C:\WINDOWS\DIIUnin.dat
+ 2008-10-09 07:50:03 787,904 ----a-w C:\WINDOWS\Downloaded Program Files\PurpleBean.exe
- 2007-02-28 09:08:48 2,136,064 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 09:58:27 2,136,064 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 08:38:55 2,057,600 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 08:38:57 2,015,744 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:22:14 2,015,744 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 09:10:57 2,180,352 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2005-10-21 00:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-06-23 16:57:27 124,928 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:57:27 347,136 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:57:27 214,528 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:57:27 133,120 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:57:28 63,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:20:25 70,656 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:57:29 153,088 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:57:29 230,400 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:57:29 383,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:57:29 384,512 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:57:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:57:33 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:57:34 267,776 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:20:52 625,664 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:57:35 27,648 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:57:36 459,264 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:57:36 52,224 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 17:57:40 3,592,192 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:57:39 477,696 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:57:39 193,024 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:57:40 671,232 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:57:40 102,912 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:57:40 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:57:40 105,984 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:57:40 1,159,680 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:57:41 233,472 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:57:41 826,368 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll
- 2008-09-10 07:03:52 12,288 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-10-15 07:05:07 12,288 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-09-10 07:03:52 135,168 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-10-15 07:05:07 135,168 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-09-10 07:03:52 11,264 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-10-15 07:05:07 11,264 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-09-10 07:03:52 27,136 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-10-15 07:05:07 27,136 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-09-10 07:03:52 4,096 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-10-15 07:05:07 4,096 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-09-10 07:03:53 794,624 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-10-15 07:05:08 794,624 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-09-10 07:03:52 249,856 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-10-15 07:05:07 249,856 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-09-10 07:03:53 23,040 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-10-15 07:05:08 23,040 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-09-10 07:03:52 286,720 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-10-15 07:05:07 286,720 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-09-10 07:03:52 409,600 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-10-15 07:05:07 409,600 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-06-23 16:57:27 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-08-26 07:24:28 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-03-12 20:42:30 1,123,696 ----a-w C:\WINDOWS\system32\D3DCompiler_33.dll
+ 2007-05-16 20:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll
+ 2007-07-19 22:14:42 1,358,192 ----a-w C:\WINDOWS\system32\D3DCompiler_35.dll
+ 2007-10-12 19:14:00 1,374,232 ----a-w C:\WINDOWS\system32\D3DCompiler_36.dll
+ 2008-03-05 19:56:58 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll
+ 2007-03-15 20:57:58 443,752 ----a-w C:\WINDOWS\system32\d3dx10_33.dll
+ 2007-05-16 20:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll
+ 2007-07-19 22:14:42 444,776 ----a-w C:\WINDOWS\system32\d3dx10_35.dll
+ 2007-10-02 13:56:34 444,776 ----a-w C:\WINDOWS\system32\d3dx10_36.dll
+ 2008-02-06 03:07:36 462,864 ----a-w C:\WINDOWS\system32\d3dx10_37.dll
+ 2007-05-16 20:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll
+ 2007-10-12 19:14:00 3,734,536 ----a-w C:\WINDOWS\system32\d3dx9_36.dll
+ 2008-03-05 19:56:58 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll
- 2008-06-23 16:57:27 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-08-26 07:24:28 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-06-23 16:57:27 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-06-23 16:57:27 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-06-23 16:57:27 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-08-26 07:24:28 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-06-23 16:57:28 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-08-26 07:24:28 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-06-23 16:57:29 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-06-23 16:57:29 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-06-23 16:57:29 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-06-23 16:57:29 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-06-23 16:57:33 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-08-26 07:24:29 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-06-23 16:57:34 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-08-26 07:24:29 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-06-23 16:57:35 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-06-23 16:57:36 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-06-23 16:57:36 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-06-23 16:57:39 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-06-23 16:57:39 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-08-26 07:24:30 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-06-23 16:57:40 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-08-26 07:24:30 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-06-23 16:57:40 102,912 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-08-26 07:24:30 102,912 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-06-23 16:57:40 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2008-06-23 16:57:40 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-08-26 07:24:30 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-06-23 16:57:40 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-06-23 16:57:41 233,472 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-08-26 07:24:31 233,472 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-06-23 16:57:41 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-08-26 07:24:31 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2008-06-23 16:57:27 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-06-23 16:57:27 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-06-23 16:57:27 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-08-26 07:24:28 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-10-01 13:21:37 202,528 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-10-15 07:22:53 202,528 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-06-23 16:57:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-08-26 07:24:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-06-23 09:20:25 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-06-23 16:57:29 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-06-23 16:57:29 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-06-21 05:23:54 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-06-23 16:57:29 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-06-23 16:57:29 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-06-23 16:57:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-06-23 16:57:33 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-08-26 07:24:29 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-06-23 16:57:34 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-08-26 07:24:29 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-06-23 16:57:35 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-08-26 17:28:14 16,208,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-10-07 19:19:40 16,721,856 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-06-23 16:57:36 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-06-23 16:57:36 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-06-24 17:57:40 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-08-27 08:24:32 3,593,216 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-06-23 16:57:39 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-06-23 16:57:39 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-08-26 07:24:30 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-06-23 16:57:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-08-26 07:24:30 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2006-08-17 12:28:27 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2008-10-15 16:57:55 332,800 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2008-06-23 16:57:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-08-26 07:24:30 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-06-23 16:57:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-11-30 12:39:22 17,272 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-06-23 16:57:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-08-26 07:24:30 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-06-23 16:57:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-06-23 16:57:41 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-08-26 07:24:31 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2008-06-23 16:57:41 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-08-26 07:24:31 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-22 07:37:16 17,928 ----a-w C:\WINDOWS\system32\X3DAudio1_2.dll
+ 2008-03-05 20:00:06 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll
+ 2007-10-22 07:39:54 267,272 ----a-w C:\WINDOWS\system32\xactengine2_10.dll
+ 2007-01-24 19:27:30 255,848 ----a-w C:\WINDOWS\system32\xactengine2_6.dll
+ 2007-04-04 22:55:00 261,480 ----a-w C:\WINDOWS\system32\xactengine2_7.dll
+ 2007-06-21 00:46:04 266,088 ----a-w C:\WINDOWS\system32\xactengine2_8.dll
+ 2007-07-20 04:57:12 267,112 ----a-w C:\WINDOWS\system32\xactengine2_9.dll
+ 2008-03-05 20:03:20 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll
+ 2008-03-05 20:03:54 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll
+ 2007-04-04 22:53:42 81,768 ----a-w C:\WINDOWS\system32\xinput1_3.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 67,112 2006-08-01 22:35:36 C:\Program Files\AIM\bak\aim.exe
----a-w 67,112 2006-08-01 22:35:36 C:\Program Files\AIM\aim.exe
----a-w 249,856 2005-08-11 22:30:30 C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe
----a-w 221,184 2004-08-09 12:03:58 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
----a-w 180,269 2006-03-07 18:40:59 C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe
----a-w 157,592 2006-09-14 20:09:07 C:\Program Files\DAEMON Tools\bak\daemon.exe
----a-w 157,592 2006-09-14 20:09:07 C:\Program Files\DAEMON Tools\daemon.exe
----a-w 1,064,960 2005-11-12 04:11:04 C:\Program Files\DISC\bak\DISCover.exe
----a-w 61,440 2005-11-12 04:10:00 C:\Program Files\DISC\bak\DiscUpdateMgr.exe
----a-w 171,448 2007-02-14 22:14:15 C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\bak\GoogleToolbarNotifier.exe
----a-w 369,664 2006-10-17 19:30:00 C:\Program Files\Grisoft\AVG Free\bak\avgcc.exe
----a-w 249,856 2005-11-10 00:29:16 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\bak\HPBootOp.exe
----a-w 49,152 2005-06-02 06:35:56 C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\bak\hphupd08.exe
----a-w 49,152 2005-05-12 14:12:54 C:\Program Files\HP\HP Software Update\bak\HPwuSchd2.exe
----a-w 5,354,792 2006-07-30 02:34:04 C:\Program Files\MSN Messenger\bak\MsnMsgr.Exe
----a-w 5,674,352 2007-01-19 19:54:56 C:\Program Files\MSN Messenger\msnmsgr.exe
----a-w 282,624 2006-10-26 02:58:18 C:\Program Files\QuickTime\bak\qttask.exe
----a-w 282,624 2007-04-27 16:41:54 C:\Program Files\QuickTime\qttask.exe
----a-w 90,112 2005-11-01 17:01:00 C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\bak\DMAScheduler.exe
----a-w 64,512 2005-08-06 04:56:34 C:\WINDOWS\ehome\bak\ehtray.exe
----a-w 64,512 2005-08-06 04:56:34 C:\WINDOWS\ehome\ehtray.exe
----a-w 208,952 2004-08-09 21:00:00 C:\WINDOWS\ime\imjp8_1\bak\IMJPMIG.EXE
----a-w 208,952 2004-08-09 21:00:00 C:\WINDOWS\ime\imjp8_1\imjpmig.exe
----a-w 44,032 2004-08-09 21:00:00 C:\WINDOWS\ime\imkr6_1\bak\IMEKRMIG.EXE
----a-w 44,032 2004-08-09 21:00:00 C:\WINDOWS\ime\imkr6_1\imekrmig.exe
----a-w 237,568 2005-07-23 06:14:00 C:\WINDOWS\SMINST\bak\RECGUARD.EXE
----a-w 15,360 2004-08-10 04:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-10 04:00:00 C:\WINDOWS\system32\ctfmon.exe
----a-w 59,392 2004-08-09 21:00:00 C:\WINDOWS\system32\IME\PINTLGNT\bak\ImScInst.exe
----a-w 59,392 2004-08-09 21:00:00 C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe
----a-w 455,168 2004-08-09 21:00:00 C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE
----a-w 455,168 2004-08-09 21:00:00 C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 15360]
"DW4"="C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [N/A]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"PlayNC Launcher"="C:\Program Files\NCSoft\Launcher\NCLauncher.exe" [2008-06-22 38128]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-06-03 21718312]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2008-06-13 2752512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-06 64512]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-09 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-09 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-09 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-09 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-09 455168]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-10-18 590848]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-01 257088]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 157592]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-12-27 1115728]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 C:\WINDOWS\arpwrmsg.exe]
"PCDrProfiler"="" [N/A]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-27 219136]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe [2006-03-07 36903]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPod Service"=3 (0x3)
"helpsvc"=2 (0x2)
"gusvc"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\DISC\\DiscStreamHub.exe"=
"C:\\Program Files\\DISC\\myFTP.exe"=
"C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"C:\\Program Files\\Wizet\\MapleStory\\Patcher.exe"=
"C:\\Program Files\\MAIET\\Gunz\\GunzLauncher.exe"=
"C:\\Program Files\\MAIET\\Gunz\\Gunz.exe"=
"C:\\Program Files\\Minions of Mirth\\bin\\MinionsOfMirth.exe"=
"C:\\ijji\\ENGLISH\\Gunz\\Gunz.exe"=
"C:\\Program Files\\Xfire\\Xfire.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\WINDOWS\\system32\\p3xsvr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Wizet\\MapleStory\\MapleStory.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"C:\\ijji\\ENGLISH\\u_gunz.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\IJJIGame\\PLauncher.exe"=
"C:\\WINDOWS\\Downloaded Program Files\\PurpleBean.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9842:TCP"= 9842:TCP:*:Disabled:SolidNetworkManager
"9842:UDP"= 9842:UDP:*:Disabled:SolidNetworkManager
S3 CEDRIVER53;CEDRIVER53;C:\Program Files\Cheat Engine\dbk32.sys [ ]
S3 DISK_DRIVE32;DISK_DRIVE32;C:\Documents and Settings\HP_Administrator\My Documents\MS hacks\Disk Drove\disk_1024.sys [ ]
S3 Dua1;Dua1;C:\Documents and Settings\HP_Administrator\My Documents\MS hacks\Dual Engine 2\DualEngi.sys [ ]
S3 geebers12;geebers12;C:\Documents and Settings\HP_Administrator\Desktop\Buffy Engine\nvid888.sys [ ]
S3 KIKIDRIVER;KIKIDRIVER;C:\Documents and Settings\HP_Administrator\My Documents\MS hacks\kiki.sys [ ]
S3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller;C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys [2005-03-10 227584]
S3 ¥Õ¥Ø°ê¤¤¥Í1;¥Õ¥Ø°ê¤¤¥Í1;C:\Documents and Settings\HP_Administrator\My Documents\MS hacks\Gods_hack_Pack\nvid999.sys [ ]
S3 samhid;samhid;C:\WINDOWS\system32\drivers\samhid.sys [2006-01-07 7548]
S3 sejt1;sejt1;C:\Documents and Settings\HP_Administrator\My Documents\MS hacks\AkumaEngine\sejt.sys [ ]
S3 serb1;serb1;C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Rar$EX00.063\Serbio Engine\serbio.sys [ ]
S3 XDva002;XDva002;C:\WINDOWS\system32\XDva002.sys [ ]
S3 XDva020;XDva020;C:\WINDOWS\system32\XDva020.sys [ ]
S3 XDva028;XDva028;C:\WINDOWS\system32\XDva028.sys [ ]
S3 XDva034;XDva034;C:\WINDOWS\system32\XDva034.sys [ ]
S3 XDva064;XDva064;C:\WINDOWS\system32\XDva064.sys [ ]
S3 XDva090;XDva090;C:\WINDOWS\system32\XDva090.sys [ ]
S3 XDva098;XDva098;C:\WINDOWS\system32\XDva098.sys [ ]
S3 XDva134;XDva134;C:\WINDOWS\system32\XDva134.sys [ ]
S3 XDva189;XDva189;C:\WINDOWS\system32\XDva189.sys [ ]
S3 XDva193;XDva193;C:\WINDOWS\system32\XDva193.sys [ ]
S3 XDva202;XDva202;C:\WINDOWS\system32\XDva202.sys [ ]
S3 zenx1;zenx1;C:\Documents and Settings\HP_Administrator\My Documents\MS hacks\ZenxEngine_LATEST\ZenxEngine_LATEST\zenx.sys [ ]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
\Shell\AutoRun\command - M:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fe46a66-5e13-11db-b7be-001617377011}]
\Shell\AutoRun\command - K:\autorun.exe
\Shell\directx\command - K:\DirectX9\dxsetup.exe
\Shell\setup\command - K:\setup.exe
.
Contents of the 'Scheduled Tasks' folder
2008-10-21 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 18:42]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-10-24 13:09:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-10-24 13:13:00
ComboFix-quarantined-files.txt 2008-10-24 17:12:54
ComboFix2.txt 2008-10-11 06:24:51
ComboFix3.txt 2008-10-06 19:58:37
Pre-Run: 67,855,065,088 bytes free
Post-Run: 68,147,105,792 bytes free
579 --- E O F --- 2008-10-24 07:03:23