i have removed the video game software and run the script for combo fix.
here is the latest log:
ComboFix 09-02-15.01 - richa verma 2009-02-16 23:31:06.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.551 [GMT -6:00]
Running from: c:\documents and settings\richa verma\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\richa verma\Desktop\CFScript.txt
AV: AVG 7.5.524 *On-access scanning enabled* (Outdated)
FW: AVG Firewall 7.5.419 *enabled*
FW: Norton Internet Worm Protection *disabled*
* Created a new restore point
FILE ::
C:\1682312257
C:\nwurjr.exe
C:\wgqjqf.exe
c:\windows\instsp1.exe
c:\windows\system32\8082d7bc-3a62-1231-404c-019c903eda46.exe
c:\windows\system32\geBqRliG.dll
c:\windows\system32\lxxhofkb.dll
c:\windows\system32\nse23.dll
c:\windows\system32\wcctrmuh.dll
c:\windows\system32\whogmsgzyukzq.exe
c:\windows\system32\wtzakzla.dll
c:\windows\Tasks\utqykkts.job
C:\xbwemas.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\1682312257
C:\nwurjr.exe
c:\program files\Mozilla Firefox\components\srff.dll
C:\wgqjqf.exe
c:\windows\instsp1.exe
c:\windows\system32\bavavugo.dll
c:\windows\system32\edugijoj.ini
c:\windows\system32\erepadof.ini
c:\windows\system32\fodapere.dll
c:\windows\system32\geBqRliG.dll
c:\windows\system32\jojigude.dll
c:\windows\system32\kurulofi.dll
c:\windows\system32\lavagubu.dll
c:\windows\system32\lxxhofkb.dll
c:\windows\system32\nse23.dll
c:\windows\system32\wcctrmuh.dll
c:\windows\system32\wtzakzla.dll
c:\windows\system32\yumafiba.dll
c:\windows\system32\zazohiji.dll
c:\windows\Tasks\utqykkts.job
C:\xbwemas.exe
.
((((((((((((((((((((((((( Files Created from 2009-01-17 to 2009-02-17 )))))))))))))))))))))))))))))))
.
2009-02-08 03:41 . 2009-02-08 04:24 <DIR> d-------- c:\windows\system32\CatRoot_bak
2009-02-08 03:40 . 2008-06-13 07:10 272,128 --------- c:\windows\system32\drivers\bthport.sys
2009-02-08 03:40 . 2008-06-13 07:10 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-02-08 01:56 . 2009-02-08 01:56 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\AdobeUM
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-17 05:39 --------- d-----w c:\documents and settings\richa verma\Application Data\AVG7
2009-02-17 05:22 --------- d-----w c:\program files\WildTangent
2009-02-16 14:54 --------- d-----w c:\documents and settings\richa verma\Application Data\Skype
2009-02-08 07:29 6,656 ----a-w c:\windows\system32\drivers\aec.sys
2009-02-08 06:51 --------- d-----w c:\program files\QuickTime
2009-02-08 05:51 --------- d-----w c:\program files\TVUPlayer
2009-02-07 18:37 6,656 ----a-w c:\windows\system32\drivers\arp1394.sys
2009-01-08 21:15 --------- d-----w c:\program files\Webtools
2008-12-25 05:16 102,664 ----a-w c:\windows\system32\drivers\tmcomm.sys
2008-12-25 05:07 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
.
((((((((((((((((((((((((((((( SnapShot@2009-02-08_ 2.45.28.83 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-10 18:36:11 369,664 ----a-w c:\windows\$hf_mig$\KB942830\SP2QFE\asp51.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB942830\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB942830\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB942830\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB942830\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB942830\update\updspapi.dll
+ 2008-01-10 05:09:31 257,024 ----a-w c:\windows\$hf_mig$\KB942831\SP2QFE\infocomm.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB942831\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB942831\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB942831\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB942831\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB942831\update\updspapi.dll
+ 2008-05-02 13:30:08 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:49 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:42:10 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-07-07 20:06:43 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-05-07 04:55:40 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:08:32 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-06-24 16:28:00 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-08-28 07:52:53 74,752 ----a-w c:\windows\$hf_mig$\KB953155\SP2QFE\msw3prt.dll
+ 2008-08-28 07:52:53 104,960 ----a-w c:\windows\$hf_mig$\KB953155\SP2QFE\win32spl.dll
+ 2008-08-28 07:46:02 74,752 ----a-w c:\windows\$hf_mig$\KB953155\SP3GDR\msw3prt.dll
+ 2008-08-28 07:46:02 104,960 ----a-w c:\windows\$hf_mig$\KB953155\SP3GDR\win32spl.dll
+ 2008-08-28 07:30:20 74,752 ----a-w c:\windows\$hf_mig$\KB953155\SP3QFE\msw3prt.dll
+ 2008-08-28 07:30:20 104,960 ----a-w c:\windows\$hf_mig$\KB953155\SP3QFE\win32spl.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB953155\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB953155\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB953155\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB953155\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB953155\update\updspapi.dll
+ 2008-10-22 09:47:25 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-10-23 12:51:04 284,160 ----a-w c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:43:42 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-06-13 13:10:50 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 09:08:48 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 09:58:27 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 08:38:55 2,057,600 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 08:38:57 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:22:14 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 09:10:57 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2007-10-10 23:55:51 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2006-10-17 16:58:06 346,624 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2007-10-10 23:55:51 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2007-10-10 23:55:51 132,608 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2007-10-10 23:55:51 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2007-10-10 10:59:40 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2007-10-10 23:55:51 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2007-10-10 23:55:51 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2007-10-10 23:55:52 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2007-10-10 23:55:52 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2007-10-10 23:55:54 6,065,664 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2007-10-10 23:55:55 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2007-10-10 23:55:55 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2007-10-10 10:59:40 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2007-10-10 10:59:52 625,152 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2007-10-10 23:55:56 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2007-10-10 23:55:56 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2007-10-10 23:55:56 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2007-10-10 23:55:58 478,208 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2007-10-10 23:55:58 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2007-10-10 23:55:59 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2007-10-10 23:55:59 102,400 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2006-10-17 16:58:08 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:55:59 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2007-10-10 23:56:00 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2007-10-10 23:56:00 232,960 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2007-10-10 23:56:00 824,832 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2007-10-30 23:42:28 3,590,656 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
+ 2009-02-13 05:54:18 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2007-10-10 23:55:51 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:38:34 124,928 ----a-w c:\windows\system32\advpack.dll
- 2007-10-10 23:55:51 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:38:34 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
- 2004-08-04 12:00:00 138,496 -c--a-w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 09:51:43 138,368 -c----w c:\windows\system32\dllcache\afd.sys
- 2006-04-18 04:23:00 369,664 -c--a-w c:\windows\system32\dllcache\asp51.dll
+ 2008-01-10 18:44:47 369,664 -c--a-w c:\windows\system32\dllcache\asp51.dll
- 2006-06-26 17:37:10 148,480 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
- 2006-10-17 16:58:06 346,624 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:38:34 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2007-10-10 23:55:51 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:38:34 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:45 243,200 -c--a-w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:32:22 253,952 -c--a-w c:\windows\system32\dllcache\es.dll
- 2007-10-10 23:55:51 132,608 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:38:35 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
- 2007-06-19 13:31:19 282,112 -c--a-w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 13:01:36 283,648 -c--a-w c:\windows\system32\dllcache\gdi32.dll
- 2007-10-10 23:55:51 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:38:35 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2007-10-10 10:59:40 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:11:09 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2007-10-10 23:55:51 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:38:35 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2007-10-10 23:55:51 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:38:35 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2007-10-10 05:46:55 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2007-10-10 23:55:52 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:38:35 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2007-10-10 23:55:52 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:38:35 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2007-10-10 23:55:54 6,065,664 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:38:37 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2007-10-10 23:55:55 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:38:37 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2007-10-10 23:55:55 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:38:37 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2007-10-10 10:59:40 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2007-10-10 10:59:52 625,152 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c--a-w c:\windows\system32\dllcache\iexplore.exe
- 2007-08-21 06:15:44 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
- 2004-08-04 12:00:00 257,024 -c--a-w c:\windows\system32\dllcache\infocomm.dll
+ 2008-01-10 05:20:21 257,024 -c--a-w c:\windows\system32\dllcache\infocomm.dll
- 2007-10-10 23:55:56 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:38:37 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
- 2005-01-28 20:44:28 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-10 11:52:04 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
- 2004-08-04 21:00:00 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:30:33 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
- 2005-06-29 01:46:00 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:23:05 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
- 2007-10-10 23:55:56 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:38:37 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2007-10-10 23:55:56 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:38:37 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-10-30 23:42:28 3,590,656 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-13 06:40:02 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2007-10-10 23:55:58 478,208 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:38:38 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2007-10-10 23:55:58 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:38:38 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2007-10-10 23:55:59 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:38:39 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2004-08-04 12:00:00 72,704 -c--a-w c:\windows\system32\dllcache\msw3prt.dll
+ 2008-08-28 08:00:38 74,752 -c--a-w c:\windows\system32\dllcache\msw3prt.dll
- 2004-08-04 12:00:00 245,248 -c--a-w c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:41:10 245,248 -c--a-w c:\windows\system32\dllcache\mswsock.dll
- 2007-06-26 06:08:16 1,104,896 -c--a-w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:42:02 1,106,944 -c--a-w c:\windows\system32\dllcache\msxml3.dll
- 2006-08-17 12:28:27 332,288 -c--a-w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 16:57:55 332,800 -c--a-w c:\windows\system32\dllcache\netapi32.dll
- 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 09:58:27 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 08:38:55 2,057,600 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 09:22:14 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
- 2007-02-28 09:10:57 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
- 2007-10-10 23:55:59 102,400 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:38:39 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
- 2006-10-17 16:58:08 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:38:39 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2007-10-29 22:43:03 1,287,680 -c--a-w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 -c--a-w c:\windows\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w c:\windows\system32\dllcache\rmcast.sys
- 2006-08-14 10:34:41 332,928 -c--a-w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21 333,184 -c--a-w c:\windows\system32\dllcache\srv.sys
- 2006-08-21 13:52:08 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:15:47 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
- 2006-04-20 11:51:50 359,808 -c--a-w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w c:\windows\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
- 2007-10-10 23:55:59 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:38:39 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
- 2007-10-10 23:56:00 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:38:39 1,160,192 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2007-10-10 23:56:00 232,960 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:38:39 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-09-06 05:30:42 241,704 -c----w c:\windows\system32\dllcache\wgaLogon.dll
+ 2008-09-06 05:29:58 917,032 -c----w c:\windows\system32\dllcache\WgaTray.exe
- 2007-03-08 13:47:48 1,843,584 -c--a-w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 11:57:41 1,846,016 -c--a-w c:\windows\system32\dllcache\win32k.sys
- 2004-08-04 12:00:00 101,888 -c--a-w c:\windows\system32\dllcache\win32spl.dll
+ 2008-08-28 08:00:38 104,448 -c--a-w c:\windows\system32\dllcache\win32spl.dll
- 2007-10-10 23:56:00 824,832 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:38:40 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2005-01-28 20:44:28 1,027,072 -c--a-w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2008-06-10 12:28:36 1,028,096 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-12-07 05:29:34 2,374,472 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-10 13:07:24 2,376,760 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
- 2006-06-26 17:37:10 148,480 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w c:\windows\system32\dnsapi.dll
- 2004-08-04 12:00:00 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2006-07-13 08:48:58 202,240 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 11:57:21 333,184 ----a-w c:\windows\system32\drivers\srv.sys
- 2006-04-20 11:51:50 359,808 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2006-10-17 16:58:06 346,624 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:38:34 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2007-10-10 23:55:51 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:38:34 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2005-07-26 04:39:45 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:32:22 253,952 ----a-w c:\windows\system32\es.dll
- 2007-10-10 23:55:51 132,608 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:38:35 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2007-06-29 13:39:29 254,272 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-02-13 15:11:16 254,272 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2007-06-19 13:31:19 282,112 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 13:01:36 283,648 ----a-w c:\windows\system32\gdi32.dll
- 2007-10-10 23:55:51 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:38:35 63,488 ----a-w c:\windows\system32\icardie.dll
- 2007-10-10 10:59:40 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:11:09 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2007-10-10 23:55:51 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:38:35 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2007-10-10 23:55:51 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:38:35 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2007-10-10 05:46:55 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2007-10-10 23:55:52 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:38:35 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2007-10-10 23:55:52 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:38:35 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2007-10-10 23:55:54 6,065,664 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:38:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2007-10-10 23:55:55 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:38:37 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2007-10-10 23:55:55 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:38:37 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2007-10-10 10:59:40 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2007-08-21 06:15:44 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w c:\windows\system32\inetcomm.dll
- 2006-04-18 04:23:00 369,664 ----a-w c:\windows\system32\inetsrv\asp.dll
+ 2008-01-10 18:44:47 369,664 ----a-w c:\windows\system32\inetsrv\asp.dll
- 2004-08-04 12:00:00 257,024 ----a-w c:\windows\system32\inetsrv\infocomm.dll
+ 2008-01-10 05:20:21 257,024 ----a-w c:\windows\system32\inetsrv\infocomm.dll
- 2009-02-08 08:43:31 224,323 ----a-w c:\windows\system32\inetsrv\MetaBase.bin
+ 2009-02-17 05:41:37 224,323 ----a-w c:\windows\system32\inetsrv\MetaBase.bin
- 2007-10-10 23:55:56 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:38:37 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2007-04-24 15:32:06 1,485,696 ----a-w c:\windows\system32\LegitCheckControl.DLL
+ 2008-09-06 05:30:06 1,480,232 ----a-w c:\windows\system32\LegitCheckControl.dll
- 2005-01-28 20:44:28 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-10 11:52:04 96,768 ----a-w c:\windows\system32\logagent.exe
- 2005-06-29 01:46:00 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:23:05 74,240 ----a-w c:\windows\system32\mscms.dll
- 2007-10-10 23:55:56 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:38:37 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2007-10-10 23:55:56 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:38:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2007-10-30 23:42:28 3,590,656 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:40:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2007-10-10 23:55:58 478,208 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:38:38 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2007-10-10 23:55:58 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:38:38 193,024 ----a-w c:\windows\system32\msrating.dll
- 2007-10-10 23:55:59 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:38:39 671,232 ----a-w c:\windows\system32\mstime.dll
- 2004-08-04 12:00:00 72,704 ----a-w c:\windows\system32\msw3prt.dll
+ 2008-08-28 08:00:38 74,752 ----a-w c:\windows\system32\msw3prt.dll
- 2004-08-04 12:00:00 245,248 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:41:10 245,248 ----a-w c:\windows\system32\mswsock.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:42:02 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 20:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 22:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2006-08-17 12:28:27 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:57:55 332,800 ----a-w c:\windows\system32\netapi32.dll
- 2007-02-28 08:38:57 2,015,744 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 09:22:14 2,015,744 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2007-02-28 09:08:48 2,136,064 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 09:58:27 2,136,064 ----a-w c:\windows\system32\ntoskrnl.exe
- 2007-10-10 23:55:59 102,400 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:38:39 102,912 ----a-w c:\windows\system32\occache.dll
- 2006-10-17 16:58:08 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:38:39 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2007-10-29 22:43:03 1,287,680 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 ----a-w c:\windows\system32\quartz.dll
- 2005-10-12 23:12:25 14,048 ----a-w c:\windows\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w c:\windows\system32\spmsg.dll
- 2006-08-21 13:52:08 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:15:47 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2007-11-13 11:31:11 60,416 ----a-w c:\windows\system32\tzchange.exe
+ 2008-10-22 09:47:07 62,976 ----a-w c:\windows\system32\tzchange.exe
- 2007-10-10 23:55:59 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:38:39 105,984 ----a-w c:\windows\system32\url.dll
- 2007-10-10 23:56:00 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:38:39 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2007-10-10 23:56:00 232,960 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:38:39 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-09-06 05:30:42 241,704 ------w c:\windows\system32\WgaLogon.dll
+ 2008-09-06 05:29:58 917,032 ------w c:\windows\system32\WgaTray.exe
- 2007-03-08 13:47:48 1,843,584 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 11:57:41 1,846,016 ----a-w c:\windows\system32\win32k.sys
- 2004-08-04 12:00:00 101,888 ----a-w c:\windows\system32\win32spl.dll
+ 2008-08-28 08:00:38 104,448 ----a-w c:\windows\system32\win32spl.dll
- 2007-10-10 23:56:00 824,832 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:38:40 826,368 ----a-w c:\windows\system32\wininet.dll
- 2005-01-28 20:44:28 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2008-06-10 12:28:36 1,028,096 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-12-07 05:29:34 2,374,472 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-10 13:07:24 2,376,760 ----a-w c:\windows\system32\WMVCore.dll
+ 2009-02-17 05:37:38 16,384 ----atw c:\windows\temp\Perflib_Perfdata_524.dat
+ 2008-09-30 22:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 22:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-04-15 17:54:19 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2787EA8E-8D87-48af-88AD-B30246C917AB}]
2008-09-30 14:59 514096 --a------ c:\program files\SearchPerks! Perk Counter\Bmbho.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6eff921b-b6c8-469f-a455-5db8ba9cc4c7}]
c:\windows\system32\virelumu.dll [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2787EA8E-8D87-48af-88AD-B30246C917AB}"= "c:\program files\SearchPerks! Perk Counter\Bmbho.dll" [2008-09-30 514096]
[HKEY_CLASSES_ROOT\clsid\{2787ea8e-8d87-48af-88ad-b30246c917ab}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{2787EA8E-8D87-48AF-88AD-B30246C917AB}"= "c:\program files\SearchPerks! Perk Counter\Bmbho.dll" [2008-09-30 514096]
[HKEY_CLASSES_ROOT\clsid\{2787ea8e-8d87-48af-88ad-b30246c917ab}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2006-11-30 4662776]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" [2007-08-05 450816]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208]
"AdwareAlert"="c:\program files\AdwareAlert\AdwareAlert.exe" [2007-07-31 8770800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-08-31 180269]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-31 761946]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-04-11 102400]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-23 131072]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-06-14 278528]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 454656]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2006-01-26 40960]
"AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 579584]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-17 c:\windows\system32\CHDAudPropShortcut.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2007-10-27 219136]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
HP Pavilion Webcam Tray Icon.lnk - c:\program files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe [2006-08-20 98304]
HP Photosmart Premier Fast Start.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2005-09-24 73728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.X264"= x264vfw.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\
0sprestrt\
0sprestrt\
0sprestrt
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AvgCoreSvc"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\richa verma\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\HPQ\\Shared\\HpqToaster.exe"=
R1 AntiSpyFilter;AntiSpyFilter;c:\windows\system32\drivers\antispyfilter.sys [2007-08-06 18672]
S2 AdwareAlertSrv;AdwareAlert Scanning Engine;c:\program files\AdwareAlert\AdwareAlertSrv.srv.exe [2007-07-31 58608]
.
Contents of the 'Scheduled Tasks' folder
2009-02-17 c:\windows\Tasks\AdwareAlert Scheduled Scan.job
- c:\program files\AdwareAlert\AdwareAlert.exe [2007-07-31 12:11]
2009-02-17 c:\windows\Tasks\AdwareAlert Scheduled Scan.job
- c:\program files\AdwareAlert [2007-08-06 11:45]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-sotafobeha - c:\windows\system32\vozipizo.dll
MSConfigStartUp-WildTangent CDA - c:\program files\WildTangent\Apps\CDA\GameDrvr.exe
.
------- Supplementary Scan -------
.
uDefault_Search_URL =
hxxp://www.google.com/ieuSearchMigratedDefaultURL =
hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar =
hxxp://us.rd.yahoo.com/customize/ie/def ... earch.htmluSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} -
hxxp://webeffective.keynote.com/applica ... uncher.cabDPF: {D4F3F795-7712-4D92-91DF-AEB055D8AC73} -
hxxp://rms2.invokesolutions.com/events/ ... mpTest.ocxDPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} -
hxxp://rms2.invokesolutions.com/events/ ... MILive.cabFF - ProfilePath - c:\documents and settings\richa verma\Application Data\Mozilla\Firefox\Profiles\dvtk7fmi.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://www13.yoog.com/search.php?q=FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com/FF - prefs.js: keyword.URL -
hxxp://www13.yoog.com/search.php?q=FF - plugin: c:\documents and settings\richa verma\Application Data\Mozilla\Firefox\Profiles\dvtk7fmi.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\documents and settings\richa verma\Application Data\Mozilla\Firefox\Profiles\dvtk7fmi.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071102000004.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPcol305.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl -
hxxp://www13.yoog.com/search.php?q=FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL -
hxxp://www13.yoog.com/search.php?q=FF - user.js: keyword.enabled - true
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-02-16 23:41:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe?????? ???@???????????????@? ????]????????@???????@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\snmp.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\spool\drivers\w32x86\3\WrtProc.exe
c:\progra~1\HPQ\Shared\HPQTOA~1.EXE
c:\progra~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
c:\program files\Hp\Digital Imaging\bin\hpqimzone.exe
c:\program files\Java\jre1.6.0_05\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2009-02-16 23:45:14 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-17 05:44:54
ComboFix2.txt 2009-02-13 05:53:26
ComboFix3.txt 2009-02-08 08:46:40
Pre-Run: 55,552,020,480 bytes free
Post-Run: 55,776,063,488 bytes free
612 --- E O F --- 2009-02-13 06:00:20