Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.809 [GMT -7:00]Running from: F:\Torrents\ComboFix.exe
* Resident AV is active
.
((((((((((((((((((((((((( Files Created from 2008-03-24 to 2008-04-24 )))))))))))))))))))))))))))))))
.
2039-03-11 21:37 . 2006-11-02 02:46 1,137,664 --a------ C:\Windows\System32\themecpl.dll.original
2008-04-23 12:17 . 2008-04-23 12:17 <DIR> d-------- C:\Users\All Users\Ubisoft
2008-04-23 12:17 . 2008-04-23 12:17 <DIR> d-------- C:\ProgramData\Ubisoft
2008-04-23 12:15 . 2007-10-12 15:14 3,734,536 --a------ C:\Windows\System32\d3dx9_36.dll
2008-04-23 12:15 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll
2008-04-23 12:15 . 2007-10-12 15:14 1,374,232 --a------ C:\Windows\System32\D3DCompiler_36.dll
2008-04-23 12:15 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll
2008-04-23 12:15 . 2007-10-02 09:56 444,776 --a------ C:\Windows\System32\d3dx10_36.dll
2008-04-23 12:15 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll
2008-04-23 12:15 . 2007-10-22 03:39 267,272 --a------ C:\Windows\System32\xactengine2_10.dll
2008-04-23 12:15 . 2007-07-20 00:57 267,112 --a------ C:\Windows\System32\xactengine2_9.dll
2008-04-23 12:15 . 2007-10-22 03:37 17,928 --a------ C:\Windows\System32\X3DAudio1_2.dll
2008-04-23 11:47 . 2008-04-23 11:47 <DIR> d-------- C:\Program Files\Ubisoft
2008-04-22 20:20 . 2008-04-23 12:16 22,328 --a------ C:\Users\Walter\AppData\Roaming\PnkBstrK.sys
2008-04-22 20:16 . 2008-04-23 12:16 2,337,865 --a------ C:\Windows\System32\pbsvc.exe
2008-04-22 19:52 . 2008-04-23 23:14 107,832 --a------ C:\Windows\System32\PnkBstrB.exe
2008-04-22 19:52 . 2008-04-22 20:16 66,872 --a------ C:\Windows\System32\PnkBstrA.exe
2008-04-22 19:52 . 2008-04-23 23:17 22,328 --a------ C:\Windows\System32\drivers\PnkBstrK.sys
2008-04-22 19:42 . 2008-04-22 19:42 319 --a------ C:\Windows\game.ini
2008-04-22 18:17 . 2008-04-22 18:17 <DIR> d--hs---- C:\Windows\ftpcache
2008-04-22 17:17 . 2008-04-22 17:17 <DIR> d-------- C:\Users\All Users\FLEXnet
2008-04-22 17:17 . 2008-04-22 17:17 <DIR> d-------- C:\ProgramData\FLEXnet
2008-04-22 15:53 . 2008-04-22 15:53 <DIR> d-------- C:\Users\All Users\ALM
2008-04-22 15:53 . 2008-04-22 15:53 <DIR> d-------- C:\ProgramData\ALM
2008-04-22 15:32 . 2008-04-22 15:32 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-04-22 14:46 . 2008-04-22 15:30 <DIR> d-------- C:\Users\Walter\AppData\Roaming\Download Manager
2008-04-21 22:55 . 2008-04-24 16:02 <DIR> d-------- C:\Users\Walter\AppData\Roaming\LimeWire
2008-04-21 22:53 . 2008-04-21 22:54 <DIR> d-------- C:\Program Files\LimeWire
2008-04-16 09:30 . 2008-04-16 16:34 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-04-14 09:31 . 2008-04-14 09:31 <DIR> d-------- C:\Users\All Users\Trymedia
2008-04-14 09:31 . 2008-04-14 09:31 <DIR> d-------- C:\ProgramData\Trymedia
2008-04-13 15:58 . 2008-04-13 15:58 <DIR> d-------- C:\Windows\System32\Kaspersky Lab
2008-04-13 15:58 . 2008-04-13 15:58 <DIR> d-------- C:\Users\All Users\Kaspersky Lab
2008-04-13 15:58 . 2008-04-13 15:58 <DIR> d-------- C:\ProgramData\Kaspersky Lab
2008-04-13 09:27 . 2008-04-13 09:27 <DIR> d-------- C:\Users\Walter\AppData\Roaming\Malwarebytes
2008-04-13 09:26 . 2008-04-13 09:26 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-04-13 09:26 . 2008-04-13 09:26 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-04-13 09:26 . 2008-04-13 09:26 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-05 14:25 . 2008-04-05 14:25 <DIR> d-------- C:\Users\Walter\AppData\Roaming\Grisoft
2008-04-05 14:25 . 2008-04-05 14:25 <DIR> d-------- C:\Users\All Users\Grisoft
2008-04-05 14:25 . 2008-04-05 14:25 <DIR> d-------- C:\ProgramData\Grisoft
2008-04-05 14:25 . 2007-05-30 05:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-04-01 16:01 . 2008-04-01 16:02 131,072 --a------ C:\Windows\System32\Ikeext.etl
2008-03-29 21:43 . 2008-03-29 21:43 <DIR> d-------- C:\Program Files\Zone Labs
2008-03-29 21:42 . 2008-03-29 21:51 <DIR> d-------- C:\Windows\Internet Logs
2008-03-29 21:39 . 2008-03-29 21:40 <DIR> d-------- C:\Users\All Users\Lavasoft
2008-03-29 21:39 . 2008-03-29 21:40 <DIR> d-------- C:\ProgramData\Lavasoft
2008-03-29 21:39 . 2008-03-29 21:39 <DIR> d-------- C:\Program Files\Lavasoft
2008-03-29 21:39 . 2008-03-29 21:39 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-27 16:40 . 2008-03-29 00:18 <DIR> d-------- C:\Users\Walter\AppData\Roaming\Auslogics
2008-03-27 16:39 . 2008-03-27 16:39 <DIR> d-------- C:\Program Files\Auslogics
2008-03-26 23:49 . 2008-04-24 16:00 <DIR> d-------- C:\Program Files\Dl_cats
2008-03-26 23:40 . 2007-02-07 12:57 344,064 --a------ C:\Windows\System32\dlbtcoin.dll
2008-03-26 23:40 . 2006-08-28 15:57 126,059 --a------ C:\Windows\System32\dlbtceip.chm
2008-03-26 23:40 . 2005-08-18 05:26 40,960 --a------ C:\Windows\System32\dlbtvs.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-24 23:09 --------- d---a-w C:\ProgramData\TEMP
2008-04-24 22:52 --------- d-----w C:\Users\Walter\AppData\Roaming\uTorrent
2008-04-24 11:16 --------- d-----w C:\ProgramData\Google Updater
2008-04-24 06:13 --------- d-----w C:\Program Files\Steam
2008-04-24 04:18 --------- d-----w C:\Program Files\City of Heroes
2008-04-23 22:18 --------- d-----w C:\Program Files\ATI
2008-04-23 18:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-22 23:45 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-22 03:40 --------- d-----w C:\Program Files\McAfee
2008-04-21 03:51 --------- d-----w C:\Program Files\Microsoft Games
2008-04-04 14:31 --------- d-----w C:\Program Files\Common Files\Steam
2008-03-27 23:26 --------- d-----w C:\Program Files\Spyware Doctor
2008-03-27 06:50 --------- d-----w C:\Program Files\Dell Photo AIO Printer 922
2008-03-26 07:33 --------- d-----w C:\Program Files\Audible
2008-03-25 02:34 --------- d-----w C:\Program Files\HeroStats
2008-03-23 19:19 --------- d-----w C:\Program Files\GustoSoft
2008-03-19 21:28 --------- d-----w C:\Program Files\Common Files\xing shared
2008-03-19 21:28 --------- d-----w C:\Program Files\Common Files\Real
2008-03-19 21:27 --------- d-----w C:\Program Files\Real
2008-03-19 07:27 --------- d-----w C:\ProgramData\Messenger Plus!
2008-03-18 05:58 --------- d-----w C:\Program Files\Java
2008-03-18 05:56 --------- d-----w C:\Program Files\Common Files\Java
2008-03-18 05:46 --------- d-----w C:\Program Files\Trend Micro
2008-03-18 05:09 --------- d-----w C:\Users\high way to hell\AppData\Roaming\Talkback
2008-03-18 05:08 --------- d-----w C:\Users\high way to hell\AppData\Roaming\ATI
2008-03-18 04:56 128,949,234 ----a-w C:\Windows\DUMP449d.tmp
2008-03-17 09:39 --------- d-----w C:\Users\Walter\AppData\Roaming\iSilo
2008-03-17 09:39 --------- d-----w C:\Program Files\iSilo
2008-03-15 02:35 --------- d-----w C:\Users\Walter\AppData\Roaming\Talkback
2008-03-14 05:34 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-03-14 03:54 --------- d-----w C:\ProgramData\WLInstaller
2008-03-13 18:58 --------- d-----w C:\Users\Walter\AppData\Roaming\ATI
2008-03-13 18:58 --------- d-----w C:\ProgramData\ATI
2008-03-13 18:51 --------- d-----w C:\Program Files\ATI Technologies
2008-03-13 06:53 --------- d-----w C:\Program Files\CDisplay
2008-03-13 06:35 --------- d-----w C:\Users\Walter\AppData\Roaming\PC Tools
2008-03-13 06:35 --------- d-----w C:\Program Files\Google
2008-03-12 08:42 --------- d-----w C:\Program Files\Windows Live
2008-03-12 08:42 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-12 08:35 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-03-12 08:34 --------- d-----w C:\Program Files\Windows Live Favorites
2008-03-12 08:28 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-12 08:21 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-12 08:12 --------- d-----w C:\Program Files\Microsoft Works
2008-03-12 08:11 --------- d-----w C:\Program Files\MSBuild
2008-03-12 08:07 --------- d-----w C:\Program Files\Microsoft.NET
2008-03-12 08:01 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-03-12 07:47 --------- d-----w C:\Program Files\Creative
2008-03-12 07:46 --------- d-----w C:\ProgramData\Creative
2008-03-12 07:45 409,600 ----a-w C:\Windows\System32\wrap_oal.dll
2008-03-12 07:45 114,688 ----a-w C:\Windows\System32\OpenAL32.dll
2008-03-12 07:44 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-03-12 07:41 --------- d-----w C:\Users\Walter\AppData\Roaming\Apple Computer
2008-03-12 07:41 --------- d-----w C:\Program Files\iTunes
2008-03-12 07:40 --------- d-----w C:\ProgramData\Apple Computer
2008-03-12 07:40 --------- d-----w C:\Program Files\QuickTime
2008-03-12 07:40 --------- d-----w C:\Program Files\iPod
2008-03-12 07:40 --------- d-----w C:\Program Files\Bonjour
2008-03-12 07:39 --------- d-----w C:\Program Files\Apple Software Update
2008-03-12 07:38 --------- d-----w C:\ProgramData\Apple
2008-03-12 07:38 --------- d-----w C:\Program Files\Common Files\Apple
2008-03-12 07:31 --------- d-----w C:\Users\Walter\AppData\Roaming\GRETECH
2008-03-12 07:31 --------- d-----w C:\ProgramData\GRETECH
2008-03-12 07:30 --------- d-----w C:\Program Files\GRETECH
2008-03-12 07:30 --------- d-----w C:\Program Files\DAP
2008-03-12 07:07 50,688 ----a-w C:\Windows\System32\wbhelp2.dll
2008-03-12 06:51 --------- d-----w C:\ProgramData\McAfee
2008-03-12 06:49 --------- d-----w C:\Program Files\Common Files\McAfee
2008-03-12 06:46 --------- d-----w C:\Program Files\McAfee.com
2008-03-12 06:39 --------- d-----w C:\ProgramData\AOL OCP
2008-03-12 06:38 --------- d-----w C:\Users\Walter\AppData\Roaming\acccore
2008-03-12 06:38 --------- d-----w C:\Program Files\AIM6
2008-03-12 06:37 --------- d-----w C:\ProgramData\Viewpoint
2008-03-12 06:37 --------- d-----w C:\ProgramData\AOL
2008-03-12 06:37 --------- d-----w C:\Program Files\Viewpoint
2008-03-12 06:37 --------- d-----w C:\Program Files\Common Files\AOL
2008-03-12 06:27 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-12 06:23 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-03-12 06:23 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-03-12 06:22 49,664 ----a-w C:\Windows\System32\csrsrv.dll
2008-03-12 06:22 376,320 ----a-w C:\Windows\System32\winsrv.dll
2008-03-12 06:21 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2008-03-12 06:21 63,488 ----a-w C:\Windows\system32\drivers\mpsdrv.sys
2008-03-12 06:21 61,952 ----a-w C:\Windows\System32\cmifw.dll
2008-03-12 06:21 414,208 ----a-w C:\Windows\System32\msscp.dll
2008-03-12 06:21 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2008-03-12 06:21 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2008-03-12 06:21 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-03-12 06:21 23,040 ----a-w C:\Windows\system32\drivers\tunnel.sys
2008-03-12 06:21 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2008-03-12 06:21 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2008-03-12 06:21 15,360 ----a-w C:\Windows\system32\drivers\TUNMP.SYS
2008-03-12 06:20 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2008-03-12 06:20 7,680 ----a-w C:\Windows\System32\spwmp.dll
2008-03-12 06:20 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2008-03-12 06:20 2,048 ----a-w C:\Windows\System32\msxml3r.dll
2008-03-12 06:20 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2008-03-12 06:19 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-03-12 06:19 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-03-12 06:19 22,016 ----a-w C:\Windows\System32\netiougc.exe
.
((((((((((((((((((((((((((((( snapshot@2008-04-12_15.49.44.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-02 07:11:38 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
- 2008-03-12 05:09:05 53,248 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-04-23 19:14:43 53,248 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-03-12 05:09:05 12,800 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-04-23 19:14:43 12,800 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-03-12 05:09:05 473,600 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-04-23 19:14:44 473,600 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2008-03-12 05:09:01 2,676,224 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:36 2,676,224 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:02 2,846,720 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:37 2,846,720 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:02 563,712 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:37 563,712 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:02 567,296 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:38 567,296 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:03 576,000 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:39 576,000 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:03 577,024 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:39 577,024 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:03 577,536 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:40 577,536 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:04 577,536 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:40 577,536 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:04 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:41 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:05 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-23 19:14:44 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-12 05:09:05 145,920 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-04-23 19:14:44 145,920 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2008-03-12 05:09:06 159,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-04-23 19:14:45 159,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-03-12 05:09:06 364,544 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-04-23 19:14:45 364,544 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-03-12 05:09:06 178,176 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-04-23 19:14:45 178,176 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2008-03-12 05:09:04 223,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-04-23 19:14:43 223,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2008-04-12 20:00:28 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-23 22:14:21 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2006-11-02 12:36:03 2,560 ----a-w C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2006-11-02 12:36:02 2,560 ----a-w C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
- 2008-04-12 20:03:12 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-23 22:18:26 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-04-12 20:03:06 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-04-23 22:18:16 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\system\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\system\mouse.drv
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\system\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\system\vga.drv
+ 2006-11-02 07:11:39 2,048 ----a-w C:\Windows\System32\acprgwiz.dll
+ 2008-03-12 06:18:49 2,048 ----a-w C:\Windows\System32\asferror.dll
+ 2006-11-02 06:56:11 2,560 ----a-w C:\Windows\System32\bootstr.dll
+ 2006-11-02 07:38:48 2,048 ----a-w C:\Windows\System32\bridgeres.dll
- 2008-04-12 22:23:17 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-04-24 22:25:17 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-04-12 22:23:17 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-24 22:25:17 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-12 22:23:17 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-24 22:25:17 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-04-12 22:29:33 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-04-24 23:11:19 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
- 2008-03-12 18:03:42 334,664 ----a-w C:\Windows\System32\FNTCACHE.DAT
+ 2008-04-23 00:13:08 1,627,880 ----a-w C:\Windows\System32\FNTCACHE.DAT
+ 1998-05-08 04:57:22 143,872 ------w C:\Windows\System32\iacenc.dll
+ 2006-11-02 09:39:39 2,048 ----a-w C:\Windows\System32\iologmsg.dll
+ 1997-06-14 02:56:08 56,832 ------w C:\Windows\System32\iyvu9_32.dll
+ 2005-05-24 19:27:16 213,048 ----a-w C:\Windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 22:47:20 94,208 ----a-w C:\Windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 22:49:54 950,272 ----a-w C:\Windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\System32\keyboard.drv
+ 2006-11-02 07:38:59 2,048 ----a-w C:\Windows\System32\lltdres.dll
+ 2007-07-27 21:49:02 196,683 ----a-w C:\Windows\System32\lnod32apiA.dll
+ 2007-07-27 21:49:02 225,355 ----a-w C:\Windows\System32\lnod32apiW.dll
+ 2005-12-06 02:25:22 139,264 ----a-w C:\Windows\System32\lnod32umc.dll
+ 2005-12-05 19:37:10 106,496 ----a-w C:\Windows\System32\lnod32upd.dll
+ 2006-11-02 12:35:51 2,048 ----a-w C:\Windows\System32\mferror.dll
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\System32\mouse.drv
+ 2006-11-02 07:15:56 2,560 ----a-w C:\Windows\System32\msimsg.dll
+ 2006-11-02 07:18:28 2,048 ----a-w C:\Windows\System32\msprivs.dll
+ 2008-03-12 06:18:31 2,048 ----a-w C:\Windows\System32\msxml6r.dll
+ 2006-11-02 09:41:16 2,048 ----a-w C:\Windows\System32\neth.dll
+ 2006-11-02 09:41:17 2,048 ----a-w C:\Windows\System32\netmsg.dll
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\bench_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\house_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\office_24.bin
+ 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\System32\normaliz.dll
+ 2006-11-02 07:08:53 2,048 ----a-w C:\Windows\System32\oleaccrc.dll
+ 2008-02-11 16:39:26 253,952 ----a-w C:\Windows\System32\OnlineScannerDLLA.dll
+ 2008-02-11 16:39:18 237,568 ----a-w C:\Windows\System32\OnlineScannerDLLW.dll
+ 2008-02-08 20:53:46 110,592 ----a-w C:\Windows\System32\OnlineScannerLang.dll
+ 2008-02-05 15:48:04 77,824 ----a-w C:\Windows\System32\OnlineScannerUninstaller.exe
- 2008-03-20 16:08:48 104,662 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-04-17 06:23:41 104,662 ----a-w C:\Windows\System32\perfc009.dat
- 2008-03-20 16:08:48 621,314 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-04-17 06:23:41 621,314 ----a-w C:\Windows\System32\perfh009.dat
+ 2006-11-02 07:10:00 2,842 ----a-w C:\Windows\System32\redir.exe
+ 2006-11-02 09:43:00 2,560 ----a-w C:\Windows\System32\rnr20.dll
+ 2006-11-02 12:34:48 2,048 ----a-w C:\Windows\System32\SampleRes.dll
- 2008-03-12 18:05:54 6,029,312 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-04-23 21:03:35 6,029,312 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\System32\sound.drv
+ 2008-03-12 06:15:14 2,048 ----a-w C:\Windows\System32\tzres.dll
+ 2004-12-07 17:11:34 258,352 ----a-w C:\Windows\System32\unicows.dll
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\System32\vga.drv
+ 2006-11-02 07:15:27 2,048 ----a-w C:\Windows\System32\wbem\WmiApRes.dll
- 2008-04-12 20:03:33 6,690 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-561321763-1897004747-691077370-1000_UserData.bin
+ 2008-04-23 22:18:42 7,052 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-561321763-1897004747-691077370-1000_UserData.bin
- 2008-04-12 20:03:33 45,102 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-04-23 22:18:41 45,626 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-04-12 20:11:03 31,652 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-04-23 22:18:34 32,890 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-04-10 21:52:03 176,334 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2008-04-22 23:08:05 177,354 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2006-11-02 07:10:22 2,864 ----a-w C:\Windows\System32\WINSOCK.DLL
+ 2006-11-02 07:10:18 2,112 ----a-w C:\Windows\System32\WINSPOOL.EXE
+ 2006-11-02 12:35:54 2,048 ----a-w C:\Windows\System32\wmerror.dll
+ 2006-11-02 07:10:27 2,864 ----a-w C:\Windows\System32\WOWDEB.EXE
+ 2006-11-02 07:11:38 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16386_none_09eb762df5615af9\AcRes.dll
+ 2006-11-02 07:11:39 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6000.16386_none_92936507ab8702dd\acprgwiz.dll
+ 2006-11-02 06:56:11 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-strings_31bf3856ad364e35_6.0.6000.16386_none_f64b4db1100349a8\bootstr.dll
+ 2006-11-02 09:41:17 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6000.16386_none_1525f574c2807ea3\netmsg.dll
+ 2006-11-02 06:58:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16386_none_1310947a0ca7000f\tzres.dll
+ 2008-03-12 06:15:14 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16589_none_131399240ca44662\tzres.dll
+ 2008-03-12 06:15:14 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20712_none_13e1e543258f6e5b\tzres.dll
+ 2006-11-02 07:15:56 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.0.6000.16386_none_0143bc2fb699ae2d\msimsg.dll
+ 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-international-core_31bf3856ad364e35_6.0.6000.16386_none_e773a28cdcd5ef62\normaliz.dll
+ 2006-11-02 09:39:39 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iologgingdll_31bf3856ad364e35_6.0.6000.16386_none_b4a74430ff7bd85d\iologmsg.dll
+ 2006-11-02 07:18:28 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-lsa-msprivs_31bf3856ad364e35_6.0.6000.16386_none_09e22f167e7ac9b3\msprivs.dll
+ 2006-11-02 12:35:51 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16386_none_9a286d400fd699af\mferror.dll
+ 2006-11-02 12:35:57 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.16386_none_a57f2ea4437cfc78\asferror.dll
+ 2008-03-12 06:18:49 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.16585_none_a57e3226437ddd6f\asferror.dll
+ 2008-03-12 06:18:49 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.20708_none_a66151155c57e6dd\asferror.dll
+ 2006-11-02 12:35:54 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmerror_31bf3856ad364e35_6.0.6000.16386_none_351e30f1ba0b5cbe\wmerror.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16386_none_86377e9e99eb1168\msxml3r.dll
+ 2008-03-12 06:20:12 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16500_none_8688000e99af9424\msxml3r.dll
+ 2008-03-12 06:20:13 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.20613_none_8709cdcbb2d29be4\msxml3r.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16386_none_86373a4699eb5e4b\msxml6r.dll
+ 2008-03-12 06:18:31 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16472_none_863e0af099e6da25\msxml6r.dll
+ 2008-03-12 06:18:31 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.20582_none_86bcd7cfb30c95e0\msxml6r.dll
+ 2006-11-02 09:41:16 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-net-command-line-tool_31bf3856ad364e35_6.0.6000.16386_none_4ffb8f84758bff07\neth.dll
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\bench_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\house_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\office_24.bin
+ 2006-11-02 07:38:48 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6000.16386_none_05b32edf092a8853\bridgeres.dll
+ 2006-11-02 07:38:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networktopology_31bf3856ad364e35_6.0.6000.16386_none_cf1f3538fd925a7b\lltdres.dll
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\mouse.drv
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\vga.drv
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\mouse.drv
+ 2006-11-02 07:10:00 2,842 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\redir.exe
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\vga.drv
+ 2006-11-02 07:10:22 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WINSOCK.DLL
+ 2006-11-02 07:10:18 2,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WINSPOOL.EXE
+ 2006-11-02 07:10:27 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WOWDEB.EXE
+ 2006-11-02 07:08:53 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oleaccrc_31bf3856ad364e35_6.0.6000.16386_none_76f32d528a780cf2\oleaccrc.dll
+ 2006-11-02 12:34:48 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-photosamples_31bf3856ad364e35_6.0.6000.16386_none_95425ac284e42b43\SampleRes.dll
+ 2006-11-02 09:43:00 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-winsock-legacy_31bf3856ad364e35_6.0.6000.16386_none_e12e74ad149badfc\rnr20.dll
+ 2006-11-02 07:15:27 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6000.16386_none_b71d411922ad8f1f\WmiApRes.dll
+ 2006-11-02 12:35:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smierrsm.dll
+ 2006-11-02 12:35:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smierrsy.dll
+ 2006-11-02 12:35:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smimsgif.dll
+ 2008-04-23 19:15:55 96,256 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll
+ 2008-04-23 19:15:58 1,101,824 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfc80.dll
+ 2008-04-23 19:15:58 1,093,120 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfc80u.dll
+ 2008-04-23 19:15:58 69,632 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfcm80.dll
+ 2008-04-23 19:15:58 57,856 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfcm80u.dll
+ 2008-04-23 19:16:00 40,960 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80CHS.dll
+ 2008-04-23 19:16:00 45,056 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80CHT.dll
+ 2008-04-23 19:16:00 65,536 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80DEU.dll
+ 2008-04-23 19:16:00 57,344 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll
+ 2008-04-23 19:16:00 61,440 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ESP.dll
+ 2008-04-23 19:16:00 61,440 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80FRA.dll
+ 2008-04-23 19:16:00 61,440 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ITA.dll
+ 2008-04-23 19:16:00 49,152 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80JPN.dll
+ 2008-04-23 19:16:00 49,152 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80KOR.dll
+ 2008-04-23 19:16:04 65,536 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2\vcomp.dll
+ 2006-11-02 12:36:03 2,560 ----a-w C:\Windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6000.16386_none_76336ee89b768fbf\ServiceModelEvents.dll
+ 2006-11-02 12:36:02 2,560 ----a-w C:\Windows\winsxs\x86_wcf-m_sm_ins_rc_dll_31bf3856ad364e35_6.0.6000.16386_none_c6c5835b4cd99252\ServiceModelInstallRC.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-03-11 23:18 1232896]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2008-03-06 13:50 50528]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-12 23:32 68856]
"Steam"="C:\Program Files\Steam\Steam.exe" [2008-03-28 09:58 1271032]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 05:36 201728]
"Auslogics BoostSpeed 4"="C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe" [2008-03-07 12:04 250368]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 23:06 2321600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [2008-03-12 00:07 3057152]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"P17RunE"="P17RunE.dll" [2007-04-09 09:40 14848 C:\Windows\System32\P17RunE.dll]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-03-19 14:27 185896]
"DLBTCATS"="C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2007-02-12 17:34 73728]
"dlbtmon.exe"="C:\Program Files\Dell Photo AIO Printer 922\dlbtmon.exe" [2007-02-28 18:23 431600]
"Support audio cool poll"="C:\ProgramData\Dale Owns Load.4r03bp" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 02:25 6731312]
C:\Users\Walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe [2007-11-16 14:40:16 1697112]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-03-12 23:32:37 125624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{5375C627-C2F3-4286-ADE7-7DAFBCD7E952}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{222D6355-B5D0-40A7-B61A-C1C9BA899DC9}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{68C64655-F588-4742-A6D0-D5925A3D5F93}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{73FF717A-9533-43B4-BA66-B5FEEE31D5C8}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{E73C4CBD-C7AC-4F90-9817-FF364BCFED22}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{7248949B-43BA-45A4-9947-AE667739DC23}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{9DFF5E04-65B8-44E1-8CFA-BB74DB01375B}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{9BA85FCB-941C-4FB2-A2B4-82FC8AAD062D}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{DE307A62-97EF-4BB1-86CA-71FFFE7B59B0}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{2C59216C-196D-4540-8418-233CA13AAED3}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{628290DE-FDF5-4BB7-8EB7-C722DA091F29}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{F1177328-BF7F-4328-B5B1-A6DB734C957D}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{69193BC4-C2DF-4869-9532-EA30A8521921}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{0E24C346-F777-43F0-8B31-46C3BD0ADC67}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{77A54C50-DDCB-4391-AB88-8735C57A7668}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5D396C73-EF86-4D50-8AE3-3EFB2497E1D0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{C556D100-0709-460E-9412-E0E742A821A3}"= UDP:C:\Windows\System32\dlbtcoms.exe:Lexmark Communications System
"{3BA8FCCD-1B38-4F31-8B22-6DCD139DFB2E}"= TCP:C:\Windows\System32\dlbtcoms.exe:Lexmark Communications System
"{177A5AE4-F818-429E-B295-43F610C04178}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\dlbtpswx.exe:Printer Status Window
"{0CA471D2-6293-413B-B045-7A4DBF8505ED}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\dlbtpswx.exe:Printer Status Window
"{ECB5E892-5649-4CEC-93C8-44A18B855F26}"= UDP:C:\Program Files\Dell Photo AIO Printer 922\DLBTmon.exe:Device Monitor
"{34C1A860-63AC-4F24-B256-F893E622795D}"= TCP:C:\Program Files\Dell Photo AIO Printer 922\DLBTmon.exe:Device Monitor
"{647D5EF8-B3C6-4F9D-8B47-5D81B8728B25}"= UDP:C:\Program Files\Dell Photo AIO Printer 922\DLBTaiox.exe:All In One Center
"{141CB9E7-63A7-426A-9BB8-DE44B80E6D82}"= TCP:C:\Program Files\Dell Photo AIO Printer 922\DLBTaiox.exe:All In One Center
"{A3A109FF-F29C-4C43-8B75-B42256D91804}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{0AFC2C31-FF24-4812-8CC1-1264FBF0000A}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{D72D6220-768C-49E9-9D5C-7AF937970D11}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{82537A76-1267-4184-AC58-6E0B8B4CB981}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{E8CD3F3B-233D-41FF-A16C-BC69A9B4E2B8}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{FEC98D29-3236-4C3D-B023-EF4D51E36C01}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{F6DBC820-BB49-4FC1-B67E-363B185B4C61}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"{0A9A768C-327A-4801-A8A6-C76157BC55E6}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R2 41483;41483;C:\Windows\System32\41483.sys [2008-03-11 20:34]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-02-25 22:53]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-02-25 22:53]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-02 16:38]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de28d059-efe8-11dc-a5fb-806e6f6e6963}]
\shell\AutoRun\command - D:\aoesetup.exe /autorun
\shell\directx\command - D:\DirectX\dxsetup.exe
\shell\dplay\command - D:\DirectX\dplay61a.exe
\shell\dxdiag\command - D:\goodies\ar40eng.exe
\shell\dxinfo\command - D:\goodies\DirectX\dxinfo.exe
\shell\dxtest\command - D:\DirectX\dxdiag.exe
\shell\dxtool\command - D:\goodies\DirectX\dxtool.exe
\shell\log\command - D:\goodies\machine\machine.exe -l
\shell\machine\command - D:\goodies\machine\machine.exe
\shell\setup\command - D:\aoesetup.exe /autorun
\shell\zone\command - D:\goodies\mszone\zoneA600.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-04-24 22:52:05 C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-04-15 15:03:49 C:\Windows\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
"2008-04-01 08:01:00 C:\Windows\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
"2008-04-24 19:14:44 C:\Windows\Tasks\User_Feed_Synchronization-{8FF99394-19BE-4996-95CA-73822EBB8EA6}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-24 16:22:31
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLBTCATS = rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-04-24 16:47:55
ComboFix-quarantined-files.txt 2008-04-24 23:47:41
ComboFix2.txt 2008-04-13 17:16:58
ComboFix3.txt 2008-04-12 22:50:29
Pre-Run: 10,591,862,784 bytes free
Post-Run: 10,769,350,656 bytes free
479 --- E O F --- 2008-03-12 08:56:46
and i tried seeing what is making it go CPU ussage 100% but i couldnt see it, but the time that i had opend the taskmanagr it would all be back to normal, exept syste, idle process. thats about it. i dont know if that is suppost to happened or not.