ComboFix 10-02-23.03 - Jarrett Lowrey 02/23/2010 21:54:51.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.581 [GMT -6:00]
Running from: c:\documents and settings\Jarrett Lowrey\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Jarrett Lowrey\Desktop\CFScript.txt
AV: Charter Security Suite 9.01 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: Charter Security Suite 9.01 *enabled* {D4747503-0346-49EB-9262-997542F79BF4}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Jarrett Lowrey\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
((((((((((((((((((((((((( Files Created from 2010-01-24 to 2010-02-24 )))))))))))))))))))))))))))))))
.
2010-02-23 15:02 . 2010-02-23 15:02 -------- d-----w- c:\program files\QuickTime
2010-02-23 14:58 . 2010-02-23 14:58 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-02-23 04:42 . 2010-02-23 04:42 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\Leadertech
2010-02-23 04:41 . 2009-04-30 22:55 2687512 ----a-w- c:\windows\system32\drivers\LV302V32.SYS
2010-02-23 04:40 . 2009-04-30 23:01 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
2010-02-23 04:40 . 2009-04-30 22:57 199192 ----a-w- c:\windows\system32\lvci1201278.dll
2010-02-23 04:38 . 2010-02-23 04:41 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-02-23 04:38 . 2010-02-23 04:38 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2010-02-23 04:02 . 2010-02-23 04:02 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\Trillian
2010-02-23 04:02 . 2010-02-24 03:13 -------- d-----w- c:\program files\Trillian
2010-02-17 19:08 . 2010-02-17 19:08 -------- d-----w- c:\program files\ESET
2010-02-13 00:14 . 2010-02-13 00:14 -------- d-----w- C:\_OTM
2010-02-13 00:08 . 2010-02-13 00:08 -------- d-----w- c:\program files\ERUNT
2010-02-07 12:08 . 2010-02-08 21:39 -------- d-----w- C:\rsit
2010-02-07 12:06 . 2010-02-07 12:06 -------- d-----w- c:\program files\Trend Micro
2010-01-25 11:00 . 2010-01-25 11:11 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys
2010-01-25 11:00 . 2010-01-25 11:00 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\F-Secure
2010-01-25 11:00 . 2009-08-05 15:57 80000 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2010-01-25 10:59 . 2010-01-25 11:21 -------- d-----w- c:\program files\Charter Security Suite
2010-01-25 08:10 . 2010-02-11 23:21 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-25 08:10 . 2010-02-11 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-25 05:33 . 2010-01-25 05:33 -------- d-----w- c:\program files\TrendMicro
2010-01-25 04:24 . 2010-01-25 10:58 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg
2010-01-25 04:14 . 2010-01-25 04:14 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-24 03:58 . 2008-11-07 02:33 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\DNA
2010-02-24 03:48 . 2008-11-07 02:33 -------- d-----w- c:\program files\DNA
2010-02-24 01:56 . 2008-10-05 20:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-02-23 20:00 . 2009-04-01 06:26 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\Skype
2010-02-23 15:36 . 2006-09-19 17:41 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVU
2010-02-23 15:35 . 2006-10-19 03:31 -------- d-----w- c:\program files\ImvuTools
2010-02-23 15:08 . 2008-10-07 17:02 -------- d-----w- c:\program files\iTunes
2010-02-23 15:07 . 2006-05-30 02:02 -------- d-----w- c:\program files\iPod
2010-02-23 15:07 . 2007-07-04 17:51 -------- d-----w- c:\program files\Common Files\Apple
2010-02-23 14:03 . 2009-04-01 06:27 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\skypePM
2010-02-23 04:40 . 2006-09-29 05:58 -------- d-----w- c:\program files\Common Files\Logitech
2010-02-23 04:38 . 2006-09-29 05:57 -------- d-----w- c:\program files\Logitech
2010-02-17 19:15 . 2007-11-09 21:27 -------- d-----w- c:\program files\Winamp Remote
2010-02-13 08:52 . 2006-06-14 19:46 52704 ----a-w- c:\documents and settings\Jarrett Lowrey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-09 21:02 . 2006-05-04 08:45 -------- d-----w- c:\program files\Google
2010-02-07 12:02 . 2006-05-04 08:48 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\BitTorrent
2010-02-07 12:02 . 2006-11-30 01:17 -------- d-----w- c:\program files\BitTorrent
2010-01-25 11:00 . 2010-01-24 22:26 -------- d-----w- c:\documents and settings\All Users\Application Data\f-secure
2010-01-24 17:59 . 2010-01-09 00:27 120 ----a-w- c:\windows\Trekowuwuqecuzo.dat
2010-01-24 06:31 . 2010-01-09 00:27 0 ----a-w- c:\windows\Mkefa.bin
2010-01-21 07:38 . 2009-11-10 02:21 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-19 21:13 . 2009-11-28 22:28 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\Azureus
2010-01-15 06:41 . 2010-01-15 06:41 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\Vivox
2010-01-15 06:40 . 2008-08-28 05:00 76774 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\Uninstall.exe
2010-01-15 06:40 . 2008-08-28 05:00 -------- d-----w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient
2010-01-15 06:38 . 2008-08-28 20:22 24512552 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\installer\SetupImvu_update.exe
2010-01-14 06:02 . 2010-01-14 06:02 -------- d-----w- c:\documents and settings\All Users\Application Data\AIM
2010-01-14 06:02 . 2010-01-14 06:01 -------- d-----w- c:\program files\AIM7
2010-01-14 06:01 . 2010-01-14 06:01 -------- d-----w- c:\program files\Common Files\Software Update Utility
2010-01-13 19:23 . 2010-01-13 19:23 92192 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\IMVUupdater.exe
2010-01-13 19:23 . 2010-01-13 19:23 52992 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\IMVUClient.exe
2010-01-13 19:23 . 2010-01-13 19:23 21760 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\IMVUQualityAgent.exe
2010-01-13 19:20 . 2010-01-13 19:20 121856 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\WriteMiniDump.exe
2010-01-13 19:18 . 2010-01-13 19:18 1251328 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\SceneWindow.dll
2010-01-13 19:18 . 2010-01-13 19:18 45568 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\npvivoxproxy.dll
2010-01-13 19:18 . 2010-01-13 19:18 54784 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\nphwndproxy.dll
2010-01-13 19:18 . 2010-01-13 19:18 16896 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\MemoryHook.dll
2010-01-13 19:17 . 2010-01-13 19:17 320000 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\cal3d.dll
2010-01-13 19:16 . 2010-01-13 19:16 198656 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\boost_python.dll
2010-01-13 19:16 . 2010-01-13 19:16 29184 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\CallStack.dll
2010-01-13 19:16 . 2010-01-13 19:16 260096 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\audiere.dll
2010-01-07 23:48 . 2008-09-07 21:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-07 23:48 . 2008-09-08 15:41 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 22:07 . 2008-09-07 21:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 22:07 . 2008-09-07 21:24 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 22:32 . 2010-01-06 22:32 7491728 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\1VivoxVoice.exe
2010-01-06 22:32 . 2010-01-06 22:32 353424 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\npvivoxvoiceplugin.dll
2010-01-04 16:56 . 2010-01-04 16:56 83456 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\smime3.dll
2010-01-04 16:56 . 2010-01-04 16:56 66560 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\nssutil3.dll
2010-01-04 16:56 . 2010-01-04 16:56 154112 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\nspr4.dll
2010-01-04 16:56 . 2010-01-04 16:56 12288 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\AccessibleMarshal.dll
2009-12-31 16:50 . 2005-05-10 00:17 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14 . 2005-07-03 02:11 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 18:05 . 2009-12-17 18:05 4924048 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\vivoxsdk.dll
2009-12-17 18:05 . 2009-12-17 18:05 330896 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\libsndfile-1.dll
2009-12-17 18:05 . 2009-12-17 18:05 275088 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\vivoxoal.dll
2009-12-17 18:05 . 2009-12-17 18:05 246416 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ortp.dll
2009-12-17 18:05 . 2009-12-17 18:05 1034896 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\dbghelp.dll
2009-12-16 18:43 . 2004-08-10 20:00 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2004-08-10 20:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 19:27 . 2005-03-02 00:59 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2005-03-02 00:34 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2005-01-19 04:26 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-01 23:58 . 2009-12-01 23:58 7490192 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\VivoxVoiceManager.exe
2009-12-01 23:58 . 2009-12-01 23:58 5005968 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\vivoxsdk.dll
2009-12-01 23:58 . 2009-12-01 23:58 345744 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\npvivoxvoiceplugin.dll
2009-12-01 23:58 . 2009-12-01 23:58 329872 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\libsndfile-1.dll
2009-12-01 23:58 . 2009-12-01 23:58 283280 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\vivoxoal.dll
2009-12-01 23:58 . 2009-12-01 23:58 246416 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\ortp.dll
2009-12-01 23:58 . 2009-12-01 23:58 184832 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\ssleay32.dll
2009-12-01 23:58 . 2009-12-01 23:58 1034896 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\DbgHelp.dll
2009-12-01 23:58 . 2009-12-01 23:58 1006080 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ui\plugins\libeay32.dll
2009-12-01 02:38 . 2009-12-01 02:38 1006080 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\libeay32.dll
2009-12-01 02:38 . 2009-12-01 02:38 184832 ----a-w- c:\documents and settings\Jarrett Lowrey\Application Data\IMVUClient\ssleay32.dll
2009-11-28 04:37 . 2010-02-04 12:10 177702 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1033.dat
2009-11-27 17:11 . 2005-06-29 01:55 1291776 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:11 . 2004-08-10 20:00 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2004-08-10 20:00 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2004-08-10 20:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2004-08-10 20:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2004-08-10 20:00 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:07 . 2004-08-10 20:00 11264 ----a-w- c:\windows\system32\msrle32.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-02-09_22.05.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-01-29 08:58 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2010-02-23 04:41 . 2006-06-22 22:29 38960 c:\windows\system32\ReinstallBackups\0016\DriverFiles\LVUSBSta.sys
+ 2010-02-23 04:41 . 2006-06-22 22:29 12080 c:\windows\system32\ReinstallBackups\0016\DriverFiles\lv302af.sys
+ 2010-02-23 04:41 . 2008-04-14 00:12 23552 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\wdmaud.drv
+ 2010-02-23 04:41 . 2008-04-13 19:45 60032 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\USBAUDIO.sys
+ 2010-02-23 04:41 . 2008-04-13 19:45 49408 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\stream.sys
+ 2010-02-23 04:41 . 2008-04-13 19:45 60160 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\drmk.sys
+ 2010-02-23 04:40 . 2004-08-10 20:00 31616 c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\usbccgp.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 38960 c:\windows\system32\ReinstallBackups\0014\DriverFiles\LVUSBSta.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 12080 c:\windows\system32\ReinstallBackups\0014\DriverFiles\lv302af.sys
+ 2010-02-23 04:41 . 2009-10-07 08:48 66456 c:\windows\system32\DRVSTORE\lvPRO5s_685A41B6169139C58E86748F017A52894085C5B9\lvselsus.sys
+ 2010-02-23 04:40 . 2009-10-07 08:49 23832 c:\windows\system32\DRVSTORE\lvPRO5c_7E82A049DF85824473F42E9D67CC3CABBABD50F6\lvuvcflt.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 38960 c:\windows\system32\DRVSTORE\lvPRO3v_15FEC8ECAA6BEA68C0FC21612FEADDD44A4973BD\LVUSBSta.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 38960 c:\windows\system32\DRVSTORE\lvPRO3s_A41D20BE5232AC177D63A3FCE8A82EE24FFCD132\LVUSBSta.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 55984 c:\windows\system32\DRVSTORE\lvPRO3s_A41D20BE5232AC177D63A3FCE8A82EE24FFCD132\lvselsus.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 20272 c:\windows\system32\DRVSTORE\lvPRO3c_EBD8B36970624B36EC4B2E9FAD935C09C1905985\lvuvcflt.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 55984 c:\windows\system32\DRVSTORE\lvPRO3c_EBD8B36970624B36EC4B2E9FAD935C09C1905985\lvselsus.sys
+ 2010-02-23 04:39 . 2006-06-22 22:29 38960 c:\windows\system32\DRVSTORE\lvPEPIv_053AB85E8EDC6770E7327C4FAE29D94C6EEBBBE4\LVUSBSta.sys
+ 2010-02-23 04:39 . 2006-06-22 22:29 38960 c:\windows\system32\DRVSTORE\lvPEPIs_BEDF1D0D384C3E45EEFD59175629D468A3C4EA26\LVUSBSta.sys
+ 2010-02-23 04:39 . 2006-06-22 22:29 12080 c:\windows\system32\DRVSTORE\lvPEPIs_BEDF1D0D384C3E45EEFD59175629D468A3C4EA26\lv302af.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 38960 c:\windows\system32\DRVSTORE\lvPEPI2v_20BBFD1F81847956C50719939EE273AFB2E8F26B\LVUSBSta.sys
+ 2010-02-23 04:40 . 2009-04-30 22:55 13976 c:\windows\system32\DRVSTORE\lvPEPI2s_99D499EFF87B07D6166F5EA387697BB6072519E5\lv302af.sys
+ 2010-02-23 04:39 . 2006-06-22 22:29 38960 c:\windows\system32\DRVSTORE\lvPEPI2s_2F938607353CB8795D6BF908842E33C42DC6F8C1\LVUSBSta.sys
+ 2010-02-23 04:39 . 2006-06-22 22:29 12080 c:\windows\system32\DRVSTORE\lvPEPI2s_2F938607353CB8795D6BF908842E33C42DC6F8C1\lv302af.sys
+ 2010-02-23 04:39 . 2006-06-22 22:29 38960 c:\windows\system32\DRVSTORE\lvELCHv_05CA596C158CFA2995C80B235E3F8A61DFCA8DCF\LVUSBSta.sys
+ 2006-05-03 18:39 . 2004-08-10 20:00 31616 c:\windows\system32\drivers\usbccgp.sys
+ 2006-09-29 06:02 . 2008-04-13 19:45 60032 c:\windows\system32\drivers\USBAUDIO.sys
- 2006-09-29 06:02 . 2008-04-13 18:45 60032 c:\windows\system32\drivers\usbaudio.sys
+ 2009-10-07 07:46 . 2009-10-07 07:46 25752 c:\windows\system32\drivers\LVPr2Mon.sys
+ 2006-09-29 06:02 . 2009-04-30 22:55 13976 c:\windows\system32\drivers\lv302af.sys
+ 2009-10-07 07:23 . 2009-10-07 07:23 13584 c:\windows\system32\drivers\iKeyLFT2.dll
+ 2004-08-04 07:08 . 2008-04-13 19:45 60160 c:\windows\system32\drivers\drmk.sys
- 2004-08-04 07:08 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2006-05-03 18:39 . 2004-08-10 20:00 31616 c:\windows\system32\dllcache\usbccgp.sys
+ 2006-09-29 06:02 . 2008-04-13 19:45 60032 c:\windows\system32\dllcache\usbaudio.sys
+ 2004-08-04 07:08 . 2008-04-13 19:45 60160 c:\windows\system32\dllcache\drmk.sys
- 2006-05-03 18:39 . 2010-02-09 21:10 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2006-05-03 18:39 . 2010-02-21 23:53 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2006-05-03 18:39 . 2010-02-21 23:53 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-05-03 18:39 . 2010-02-09 21:10 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2006-05-03 18:39 . 2010-02-21 23:53 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2006-05-03 18:39 . 2010-02-09 21:10 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-02-23 04:39 . 2010-02-23 04:39 57344 c:\windows\Installer\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}\QuickCamStartMenuS_65895B9BA1A04BCBAB7BF5673B44A0E4.exe
+ 2010-02-23 04:39 . 2010-02-23 04:39 57344 c:\windows\Installer\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}\QuickCamDesktopSho_C0678C37AA5341A4BE4781BAF94DE0CC.exe
+ 2010-02-23 04:39 . 2010-02-23 04:39 57344 c:\windows\Installer\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}\ARPPRODUCTICON.exe
+ 2010-02-23 04:41 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ksuser.dll
+ 2006-09-29 06:02 . 2009-10-07 08:50 145944 c:\windows\twain_32\QuickCam\lvWIAext.dll
+ 2010-01-21 07:31 . 2010-02-22 21:57 220245 c:\windows\system32\winsys\wdc.dll
+ 2010-02-23 04:41 . 2006-06-22 22:29 116272 c:\windows\system32\ReinstallBackups\0016\DriverFiles\lvcoinst.dll
+ 2010-02-23 04:41 . 2008-04-13 20:19 146048 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\portcls.sys
+ 2010-02-23 04:41 . 2008-04-13 20:16 141056 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ks.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 116272 c:\windows\system32\ReinstallBackups\0014\DriverFiles\lvcoinst.dll
+ 2006-09-29 06:02 . 2009-10-07 08:48 539160 c:\windows\system32\LVUI2RC.dll
+ 2006-09-29 06:02 . 2009-10-07 08:48 539160 c:\windows\system32\LVUI2.dll
+ 2006-09-29 06:02 . 2009-10-07 08:43 416280 c:\windows\system32\LVCodec2.dll
+ 2004-08-10 20:00 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
- 2004-08-10 20:00 . 2009-06-22 06:44 726528 c:\windows\system32\jscript.dll
+ 2005-01-16 04:18 . 2010-02-13 00:28 208896 c:\windows\system32\FNTCACHE.DAT
- 2005-01-16 04:18 . 2009-11-11 09:20 208896 c:\windows\system32\FNTCACHE.DAT
+ 2010-02-23 04:41 . 2009-10-07 08:39 460048 c:\windows\system32\DRVSTORE\lvPRO5v_5467CD171F985A574DB705B8BED940A9D2008D31\WUApp32.exe
+ 2010-02-23 04:41 . 2009-10-07 08:50 145944 c:\windows\system32\DRVSTORE\lvPRO5v_5467CD171F985A574DB705B8BED940A9D2008D31\lvWIAext.dll
+ 2010-02-23 04:41 . 2009-10-07 08:48 539160 c:\windows\system32\DRVSTORE\lvPRO5v_5467CD171F985A574DB705B8BED940A9D2008D31\LVUI2RC.dll
+ 2010-02-23 04:41 . 2009-10-07 08:48 539160 c:\windows\system32\DRVSTORE\lvPRO5v_5467CD171F985A574DB705B8BED940A9D2008D31\LVUI2.dll
+ 2010-02-23 04:41 . 2009-10-07 08:43 199192 c:\windows\system32\DRVSTORE\lvPRO5v_5467CD171F985A574DB705B8BED940A9D2008D31\lvcoinst.dll
+ 2010-02-23 04:41 . 2009-10-07 08:43 416280 c:\windows\system32\DRVSTORE\lvPRO5v_5467CD171F985A574DB705B8BED940A9D2008D31\lvcodec2.dll
+ 2010-02-23 04:41 . 2009-10-07 08:39 460048 c:\windows\system32\DRVSTORE\lvPRO5s_685A41B6169139C58E86748F017A52894085C5B9\WUApp32.exe
+ 2010-02-23 04:41 . 2009-10-07 08:47 266008 c:\windows\system32\DRVSTORE\lvPRO5s_685A41B6169139C58E86748F017A52894085C5B9\lvrs.sys
+ 2010-02-23 04:41 . 2009-10-07 08:46 114712 c:\windows\system32\DRVSTORE\lvPRO5s_685A41B6169139C58E86748F017A52894085C5B9\lvpopflt.sys
+ 2010-02-23 04:41 . 2009-10-07 08:43 199192 c:\windows\system32\DRVSTORE\lvPRO5s_685A41B6169139C58E86748F017A52894085C5B9\lvcoinst.dll
+ 2010-02-23 04:40 . 2003-02-21 12:42 348160 c:\windows\system32\DRVSTORE\lvPRO3v_15FEC8ECAA6BEA68C0FC21612FEADDD44A4973BD\msvcr71.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 165424 c:\windows\system32\DRVSTORE\lvPRO3v_15FEC8ECAA6BEA68C0FC21612FEADDD44A4973BD\lvWIAext.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 961072 c:\windows\system32\DRVSTORE\lvPRO3v_15FEC8ECAA6BEA68C0FC21612FEADDD44A4973BD\lvuvc.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 513584 c:\windows\system32\DRVSTORE\lvPRO3v_15FEC8ECAA6BEA68C0FC21612FEADDD44A4973BD\LVUI2RC.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 210480 c:\windows\system32\DRVSTORE\lvPRO3v_15FEC8ECAA6BEA68C0FC21612FEADDD44A4973BD\LVUI2.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 116272 c:\windows\system32\DRVSTORE\lvPRO3v_15FEC8ECAA6BEA68C0FC21612FEADDD44A4973BD\lvcoinst.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 263728 c:\windows\system32\DRVSTORE\lvPRO3v_15FEC8ECAA6BEA68C0FC21612FEADDD44A4973BD\lvcodec2.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 116272 c:\windows\system32\DRVSTORE\lvPRO3s_A41D20BE5232AC177D63A3FCE8A82EE24FFCD132\lvcoinst.dll
+ 2010-02-23 04:39 . 2003-02-21 12:42 348160 c:\windows\system32\DRVSTORE\lvPEPIv_053AB85E8EDC6770E7327C4FAE29D94C6EEBBBE4\msvcr71.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 165424 c:\windows\system32\DRVSTORE\lvPEPIv_053AB85E8EDC6770E7327C4FAE29D94C6EEBBBE4\lvWIAext.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 513584 c:\windows\system32\DRVSTORE\lvPEPIv_053AB85E8EDC6770E7327C4FAE29D94C6EEBBBE4\LVUI2RC.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 210480 c:\windows\system32\DRVSTORE\lvPEPIv_053AB85E8EDC6770E7327C4FAE29D94C6EEBBBE4\LVUI2.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 116272 c:\windows\system32\DRVSTORE\lvPEPIv_053AB85E8EDC6770E7327C4FAE29D94C6EEBBBE4\lvcoinst.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 263728 c:\windows\system32\DRVSTORE\lvPEPIv_053AB85E8EDC6770E7327C4FAE29D94C6EEBBBE4\lvcodec2.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 720176 c:\windows\system32\DRVSTORE\lvPEPIv_053AB85E8EDC6770E7327C4FAE29D94C6EEBBBE4\LV302AV.sys
+ 2010-02-23 04:39 . 2006-06-22 22:29 116272 c:\windows\system32\DRVSTORE\lvPEPIs_BEDF1D0D384C3E45EEFD59175629D468A3C4EA26\lvcoinst.dll
+ 2010-02-23 04:41 . 2009-04-30 22:53 460048 c:\windows\system32\DRVSTORE\lvPEPI2v_4022AD047131F8DA6FCF38A5AF78577F22AF2D50\WUApp32.exe
+ 2010-02-23 04:41 . 2009-04-30 23:04 145944 c:\windows\system32\DRVSTORE\lvPEPI2v_4022AD047131F8DA6FCF38A5AF78577F22AF2D50\lvWIAext.dll
+ 2010-02-23 04:41 . 2009-04-30 23:02 539160 c:\windows\system32\DRVSTORE\lvPEPI2v_4022AD047131F8DA6FCF38A5AF78577F22AF2D50\LVUI2RC.dll
+ 2010-02-23 04:41 . 2009-04-30 23:02 539160 c:\windows\system32\DRVSTORE\lvPEPI2v_4022AD047131F8DA6FCF38A5AF78577F22AF2D50\LVUI2.dll
+ 2010-02-23 04:41 . 2009-04-30 22:57 199192 c:\windows\system32\DRVSTORE\lvPEPI2v_4022AD047131F8DA6FCF38A5AF78577F22AF2D50\lvcoinst.dll
+ 2010-02-23 04:41 . 2009-04-30 22:57 416280 c:\windows\system32\DRVSTORE\lvPEPI2v_4022AD047131F8DA6FCF38A5AF78577F22AF2D50\lvcodec2.dll
+ 2010-02-23 04:40 . 2003-02-21 12:42 348160 c:\windows\system32\DRVSTORE\lvPEPI2v_20BBFD1F81847956C50719939EE273AFB2E8F26B\msvcr71.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 165424 c:\windows\system32\DRVSTORE\lvPEPI2v_20BBFD1F81847956C50719939EE273AFB2E8F26B\lvWIAext.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 513584 c:\windows\system32\DRVSTORE\lvPEPI2v_20BBFD1F81847956C50719939EE273AFB2E8F26B\LVUI2RC.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 210480 c:\windows\system32\DRVSTORE\lvPEPI2v_20BBFD1F81847956C50719939EE273AFB2E8F26B\LVUI2.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 116272 c:\windows\system32\DRVSTORE\lvPEPI2v_20BBFD1F81847956C50719939EE273AFB2E8F26B\lvcoinst.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 263728 c:\windows\system32\DRVSTORE\lvPEPI2v_20BBFD1F81847956C50719939EE273AFB2E8F26B\lvcodec2.dll
+ 2010-02-23 04:40 . 2006-06-22 22:29 720176 c:\windows\system32\DRVSTORE\lvPEPI2v_20BBFD1F81847956C50719939EE273AFB2E8F26B\LV302AV.sys
+ 2010-02-23 04:40 . 2009-04-30 22:53 460048 c:\windows\system32\DRVSTORE\lvPEPI2s_99D499EFF87B07D6166F5EA387697BB6072519E5\WUApp32.exe
+ 2010-02-23 04:40 . 2009-04-30 23:01 265496 c:\windows\system32\DRVSTORE\lvPEPI2s_99D499EFF87B07D6166F5EA387697BB6072519E5\lvrs.sys
+ 2010-02-23 04:40 . 2009-04-30 22:57 199192 c:\windows\system32\DRVSTORE\lvPEPI2s_99D499EFF87B07D6166F5EA387697BB6072519E5\lvcoinst.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 116272 c:\windows\system32\DRVSTORE\lvPEPI2s_2F938607353CB8795D6BF908842E33C42DC6F8C1\lvcoinst.dll
+ 2010-02-23 04:40 . 2009-04-30 22:53 460048 c:\windows\system32\DRVSTORE\lvELCHv_C913F138AE598F3E209DDE0B8ECE2F1694FFE1C9\WUApp32.exe
+ 2010-02-23 04:40 . 2009-04-30 23:04 145944 c:\windows\system32\DRVSTORE\lvELCHv_C913F138AE598F3E209DDE0B8ECE2F1694FFE1C9\lvWIAext.dll
+ 2010-02-23 04:40 . 2009-04-30 23:02 539160 c:\windows\system32\DRVSTORE\lvELCHv_C913F138AE598F3E209DDE0B8ECE2F1694FFE1C9\LVUI2RC.dll
+ 2010-02-23 04:40 . 2009-04-30 23:02 539160 c:\windows\system32\DRVSTORE\lvELCHv_C913F138AE598F3E209DDE0B8ECE2F1694FFE1C9\LVUI2.dll
+ 2010-02-23 04:40 . 2009-04-30 22:57 199192 c:\windows\system32\DRVSTORE\lvELCHv_C913F138AE598F3E209DDE0B8ECE2F1694FFE1C9\lvcoinst.dll
+ 2010-02-23 04:40 . 2009-04-30 22:57 416280 c:\windows\system32\DRVSTORE\lvELCHv_C913F138AE598F3E209DDE0B8ECE2F1694FFE1C9\lvcodec2.dll
+ 2010-02-23 04:40 . 2009-04-30 22:56 495768 c:\windows\system32\DRVSTORE\lvELCHv_C913F138AE598F3E209DDE0B8ECE2F1694FFE1C9\LV561AV.sys
+ 2010-02-23 04:39 . 2003-02-21 12:42 348160 c:\windows\system32\DRVSTORE\lvELCHv_05CA596C158CFA2995C80B235E3F8A61DFCA8DCF\msvcr71.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 165424 c:\windows\system32\DRVSTORE\lvELCHv_05CA596C158CFA2995C80B235E3F8A61DFCA8DCF\lvWIAext.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 513584 c:\windows\system32\DRVSTORE\lvELCHv_05CA596C158CFA2995C80B235E3F8A61DFCA8DCF\LVUI2RC.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 210480 c:\windows\system32\DRVSTORE\lvELCHv_05CA596C158CFA2995C80B235E3F8A61DFCA8DCF\LVUI2.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 116272 c:\windows\system32\DRVSTORE\lvELCHv_05CA596C158CFA2995C80B235E3F8A61DFCA8DCF\lvcoinst.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 263728 c:\windows\system32\DRVSTORE\lvELCHv_05CA596C158CFA2995C80B235E3F8A61DFCA8DCF\lvcodec2.dll
+ 2010-02-23 04:39 . 2006-06-22 22:29 293808 c:\windows\system32\DRVSTORE\lvELCHv_05CA596C158CFA2995C80B235E3F8A61DFCA8DCF\LV561AV.sys
- 2004-08-04 07:15 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2004-08-04 07:15 . 2008-04-13 20:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2004-08-04 07:15 . 2008-04-13 20:19 146048 c:\windows\system32\dllcache\portcls.sys
- 2008-05-09 10:53 . 2009-06-22 06:44 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:53 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
+ 2010-02-23 14:59 . 2010-02-23 14:59 796672 c:\windows\Installer\244da22.msi
+ 2010-02-23 15:08 . 2010-02-23 15:08 102400 c:\windows\Installer\{81063354-9060-42B2-A000-1EBE96778AA9}\iTunesIco.exe
+ 2010-02-23 19:56 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-02-23 19:56 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-02-23 19:56 . 2009-06-22 06:44 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2010-02-23 20:08 . 2010-02-23 20:08 221184 c:\windows\ERDNT\AutoBackup\2-23-2010\Users\00000002\UsrClass.dat
+ 2010-02-23 20:08 . 2005-10-20 18:02 163328 c:\windows\ERDNT\AutoBackup\2-23-2010\ERDNT.EXE
+ 2010-02-22 22:02 . 2010-02-22 22:02 221184 c:\windows\ERDNT\AutoBackup\2-22-2010\Users\00000002\UsrClass.dat
+ 2010-02-22 22:02 . 2005-10-20 18:02 163328 c:\windows\ERDNT\AutoBackup\2-22-2010\ERDNT.EXE
+ 2010-02-21 23:55 . 2010-02-21 23:55 221184 c:\windows\ERDNT\AutoBackup\2-21-2010\Users\00000002\UsrClass.dat
+ 2010-02-21 23:55 . 2005-10-20 18:02 163328 c:\windows\ERDNT\AutoBackup\2-21-2010\ERDNT.EXE
+ 2010-02-20 18:26 . 2010-02-20 18:26 221184 c:\windows\ERDNT\AutoBackup\2-20-2010\Users\00000002\UsrClass.dat
+ 2010-02-20 18:26 . 2005-10-20 18:02 163328 c:\windows\ERDNT\AutoBackup\2-20-2010\ERDNT.EXE
+ 2010-02-17 18:52 . 2010-02-17 18:52 221184 c:\windows\ERDNT\AutoBackup\2-17-2010\Users\00000002\UsrClass.dat
+ 2010-02-17 18:52 . 2005-10-20 18:02 163328 c:\windows\ERDNT\AutoBackup\2-17-2010\ERDNT.EXE
+ 2010-02-15 13:12 . 2010-02-15 13:12 221184 c:\windows\ERDNT\AutoBackup\2-15-2010\Users\00000002\UsrClass.dat
+ 2010-02-15 13:12 . 2005-10-20 18:02 163328 c:\windows\ERDNT\AutoBackup\2-15-2010\ERDNT.EXE
+ 2010-02-15 02:52 . 2010-02-15 02:52 221184 c:\windows\ERDNT\AutoBackup\2-14-2010\Users\00000002\UsrClass.dat
+ 2010-02-15 02:52 . 2005-10-20 18:02 163328 c:\windows\ERDNT\AutoBackup\2-14-2010\ERDNT.EXE
+ 2010-02-13 00:16 . 2010-02-13 00:16 221184 c:\windows\ERDNT\AutoBackup\2-12-2010\Users\00000002\UsrClass.dat
+ 2010-02-13 00:16 . 2005-10-20 18:02 163328 c:\windows\ERDNT\AutoBackup\2-12-2010\ERDNT.EXE
+ 2010-02-13 00:10 . 2010-02-13 00:10 221184 c:\windows\ERDNT\2-12-2010\Users\00000002\UsrClass.dat
+ 2010-02-13 00:10 . 2005-10-20 18:02 163328 c:\windows\ERDNT\2-12-2010\ERDNT.EXE
+ 2010-02-23 04:41 . 2009-10-07 08:49 6756632 c:\windows\system32\DRVSTORE\lvPRO5v_5467CD171F985A574DB705B8BED940A9D2008D31\lvuvc.sys
+ 2010-02-23 04:40 . 2006-06-22 22:29 1413424 c:\windows\system32\DRVSTORE\lvPRO3s_A41D20BE5232AC177D63A3FCE8A82EE24FFCD132\lvpopflt.sys
+ 2010-02-23 04:41 . 2009-04-30 22:55 2687512 c:\windows\system32\DRVSTORE\lvPEPI2v_4022AD047131F8DA6FCF38A5AF78577F22AF2D50\LV302V32.SYS
+ 2010-02-23 04:39 . 2010-02-23 04:39 5183488 c:\windows\Installer\aaa59.msi
+ 2010-02-23 15:08 . 2010-02-23 15:08 4449280 c:\windows\Installer\244e451.msi
+ 2010-02-23 15:02 . 2010-02-23 15:02 9473024 c:\windows\Installer\244dcb5.msi
+ 2010-02-23 20:08 . 2010-02-23 20:08 7380992 c:\windows\ERDNT\AutoBackup\2-23-2010\Users\00000001\NTUSER.DAT
+ 2010-02-22 22:02 . 2010-02-22 22:02 7380992 c:\windows\ERDNT\AutoBackup\2-22-2010\Users\00000001\NTUSER.DAT
+ 2010-02-21 23:55 . 2010-02-21 23:55 7380992 c:\windows\ERDNT\AutoBackup\2-21-2010\Users\00000001\NTUSER.DAT
+ 2010-02-20 18:26 . 2010-02-20 18:26 7380992 c:\windows\ERDNT\AutoBackup\2-20-2010\Users\00000001\NTUSER.DAT
+ 2010-02-17 18:52 . 2010-02-17 18:52 7380992 c:\windows\ERDNT\AutoBackup\2-17-2010\Users\00000001\NTUSER.DAT
+ 2010-02-15 13:12 . 2010-02-15 13:12 7380992 c:\windows\ERDNT\AutoBackup\2-15-2010\Users\00000001\NTUSER.DAT
+ 2010-02-15 02:52 . 2010-02-15 02:52 7380992 c:\windows\ERDNT\AutoBackup\2-14-2010\Users\00000001\NTUSER.DAT
+ 2010-02-13 00:16 . 2010-02-13 00:16 7380992 c:\windows\ERDNT\AutoBackup\2-12-2010\Users\00000001\NTUSER.DAT
+ 2010-02-13 00:10 . 2010-02-13 00:10 7380992 c:\windows\ERDNT\2-12-2010\Users\00000001\NTUSER.DAT
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-02-26 17:25 809864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-02-26 809864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-02-26 809864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-12 67128]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-10-17 323392]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"ManyCam"="c:\program files\ManyCam 2.4\ManyCam.exe" [2009-12-19 1824040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SoundMan"="SOUNDMAN.EXE" [2005-09-22 90112]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-03 32768]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-12 45056]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-17 397312]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-03-03 1667584]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"nwiz"="nwiz.exe" [2005-12-01 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"F-Secure Manager"="c:\program files\Charter Security Suite\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files\Charter Security Suite\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-16 141608]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2009-11-11 6373376]
c:\documents and settings\Jarrett Lowrey\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-3-11 67128]
Wireless 802.11g USB Adapter.lnk - c:\program files\Wireless 802.11g USB Adapter\ZDWlan.exe [2004-11-19 425984]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisallowRun"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"= opera.exe
"2"= firefox.exe
"3"= chrome.exe
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Amazon Unbox.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Amazon Unbox.lnk
backup=c:\windows\pss\Amazon Unbox.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2006-05-10 00:24 50760 ----a-w- c:\program files\Common Files\AOL\1146683963\ee\aolsoftware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
2009-11-11 01:43 6373376 ----a-w- c:\program files\MySpace\IM\MySpaceIM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-25 23:43 1217808 ----a-w- c:\program files\Valve\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ADVService"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\1146683963\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1146683963\\ee\\aim6.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\1146683963\\ee\\AOLServiceHost.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\kid_venom@sbcglobal.net\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\kid_venom@sbcglobal.net\\half-life 2 deathmatch\\hl2.exe"=
"c:\\Program Files\\Fox\\Aliens versus Predator\\avp.exe"=
"c:\\Program Files\\BitPim\\bitpim.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\kid_venom@sbcglobal.net\\counter-strike\\hl.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\kid_venom@sbcglobal.net\\day of defeat\\hl.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\kid_venom@sbcglobal.net\\source sdk base\\hl2.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Roger Wilco\\roger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\AIM7\\aim.exe"=
"c:\\Documents and Settings\\Jarrett Lowrey\\Application Data\\IMVUClient\\1VivoxVoice.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58636:TCP"= 58636:TCP:Pando Media Booster
"58636:UDP"= 58636:UDP:Pando Media Booster
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [1/25/2010 5:00 AM 33920]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [1/25/2010 5:00 AM 80000]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Charter Security Suite\HIPS\drivers\fshs.sys [1/25/2010 4:59 AM 68064]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/10/2007 3:15 PM 24652]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Charter Security Suite\Anti-Virus\minifilter\fsgk.sys [1/25/2010 4:59 AM 107104]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [1/14/2008 4:06 AM 21632]
S2 gupdate1c9b292cbf256d2;Google Update Service (gupdate1c9b292cbf256d2);c:\program files\Google\Update\GoogleUpdate.exe [4/1/2009 12:26 AM 133104]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Charter Security Suite\ORSP Client\fsorsp.exe [1/25/2010 4:59 AM 56000]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Charter Security Suite\Anti-Virus\win2k\fsfilter.sys [1/25/2010 4:59 AM 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Charter Security Suite\Anti-Virus\win2k\fsrec.sys [1/25/2010 4:59 AM 25184]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - ASNDIS5
*NewlyCreated* - INT15.SYS
.
Contents of the 'Scheduled Tasks' folder
2010-02-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:34]
2010-02-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-05 09:31]
2010-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-01 06:26]
2010-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-01 06:26]
2010-02-24 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-02-26 17:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/def ... earch.html
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Backward &Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: Si&milar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
IE: Visit in 3D
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Jarrett Lowrey\Start Menu\Programs\IMVU\Run IMVU.lnk
LSP: c:\program files\Charter Security Suite\FSPS\program\FSLSP.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-LogitechQuickCamRibbon - c:\program files\Logitech\QuickCam10\QuickCam10.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-23 22:04
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-3752651221-2062959184-26027061-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Erogos\~0{0_0~0*0J0W0ƒ0v0Š0è}-*SOšHr-*]
"Order"=hex:08,00,00,00,02,00,00,00,1c,01,00,00,01,00,00,00,02,00,00,00,86,00,
00,00,00,00,00,00,78,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,66,00,32,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(740)
c:\program files\charter security suite\hips\fshook32.dll
- - - - - - - > 'lsass.exe'(796)
c:\program files\Charter Security Suite\FSPS\program\FSLSP.DLL
c:\program files\charter security suite\hips\fshook32.dll
- - - - - - - > 'explorer.exe'(2884)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Charter Security Suite\FSPS\program\FSLSP.DLL
c:\program files\charter security suite\scanner-interface\fsgkiapi.dll
.
Completion time: 2010-02-23 22:06:54
ComboFix-quarantined-files.txt 2010-02-24 04:06
ComboFix2.txt 2010-02-09 22:09
ComboFix3.txt 2010-02-09 21:06
Pre-Run: 35,077,976,064 bytes free
Post-Run: 35,032,723,456 bytes free
Current=4 Default=4 Failed=2 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 55D72DF3A70783D79A2D44AF0912FD01
Malwarebytes' Anti-Malware 1.44
Database version: 3782
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2/23/2010 10:12:46 PM
mbam-log-2010-02-23 (22-12-46).txt
Scan type: Quick Scan
Objects scanned: 130418
Time elapsed: 4 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)