GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

View previous topic View next topic Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Sun Oct 18, 2009 12:37 am

Extra.Txt


OTL Extras logfile created on: 10/17/2009 5:30:40 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.48 Mb Total Physical Memory | 196.66 Mb Available Physical Memory | 44.05% Memory free
1.06 Gb Paging File | 0.60 Gb Available in Paging File | 56.17% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.80 Gb Total Space | 138.00 Gb Free Space | 76.75% Space Free | Partition Type: NTFS
Drive D: | 6.50 Gb Total Space | 1.19 Gb Free Space | 18.24% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RIVERA
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%ProgramFiles%\iTunes\iTunes.exe" = %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Disabled:BitLord -- ([You must be registered and logged in to see this link.]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1A103D70-5C9B-4E1A-B306-5106C68F9914}" = Microsoft Plus! Dancer LE
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}" = Cypress USB Mass Storage Driver Installation
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3912A629-0020-0005-3757-2FBA74D4DF0A}" = InterVideo WinDVD Player
"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7AA86B66-4232-4CCA-9530-51B991301376}" = D-Link Wireless N DWA-130
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB61A692-5543-4C48-979B-8CEA1C52FE9C}" = PC-Doctor 5 for Windows
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BE9FEFBA-F2F8-468B-A108-4356F73A3E9C}" = Office 2003 Tour
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4544EA-C189-41FE-9E3A-76591DDB852B}" = Roxio Easy Media Creator 7
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}" = HP Software Update
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F25B14A1-3863-41B6-9F8A-931DECA6D384}" = D-Link Wireless N DWA-130
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"05E21449-3BA3-42BF-BBDA-95205F4EA40A" = Polar Bowler from Compaq (remove only)
"220B08B4-42B6-4452-A646-5646B6CB8063" = Flip Words from Compaq (remove only)
"29FF6D07-4A15-41F1-9D5E-E0F3A58012C6" = Bounce Symphony from Compaq (remove only)
"2FC85AE2-A516-46DC-9622-BEE432D2276B" = Jewel Quest from Compaq (remove only)
"3DB5E24E-D0CE-437E-96BB-35E09A45B800" = Digby's Donuts from Compaq (remove only)
"422C7575-C10D-4795-87FA-9972765379E6" = Mah Jong Quest from Compaq (remove only)
"4A750179-4CAB-4A94-911D-36ECBC64B6B2" = SCRABBLE Blast from Compaq (remove only)
"52AEBC18-F252-4B0C-B3E1-724537D9F873" = Ricochet Lost Worlds from Compaq (remove only)
"5AF1DD17-7B06-45EF-8592-2E524E458BAB" = Insaniquarium Deluxe from Compaq (remove only)
"66195170-D19D-46C5-8FB7-8A4630071ADC" = Tradewinds from Compaq (remove only)
"75528D5F-DD82-402E-BA7C-045B7DC6A712" = Blasterball 2 from Compaq (remove only)
"8BA6F58B-7A91-461F-95F8-E34F8BD8AA4E" = Slyder from Compaq (remove only)
"AC542946-E8F0-4163-9902-A1DCB02E327F" = SCRABBLE Rack Attack from Compaq (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)
"AVG8Uninstall" = AVG Free 8.5
"AVGantiRootkit" = AVG Anti-Rootkit Free
"BitLord" = BitLord 1.1
"C43D84CD-EBFC-48D3-A330-7868C8AD415A" = Crystal Maze from Compaq (remove only)
"C6D35CCA-3F9E-4B6E-A17F-409EE7379D6B" = Boggle Supreme from Compaq (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Compaq Game Console" = Compaq Game Console and games
"Creative VF0080" = Creative WebCam Live! Pro Driver (1.01.01.1011)
"D06AB82F-D68E-405A-9886-AB8804291B6D" = Blasterball 2 Holidays from Compaq (remove only)
"D84AC71A-75E8-4709-8BA5-4B46EAC00C5E" = Bejeweled 2 Deluxe from Compaq (remove only)
"E1A0F769-A43A-4DDB-9F73-12791E453557" = Puzzle Express from Compaq (remove only)
"E618FC78-EE4F-4243-8409-078EB5E0B1F6" = Bookworm Deluxe from Compaq (remove only)
"EC103FAC-9610-4651-BD68-CCEA97C7AB02" = FATE Demo from Compaq (remove only)
"FA6A73EB-40AB-4B58-851D-3892B3C10EF6" = SCRABBLE from Compaq (remove only)
"HijackThis" = HijackThis 2.0.2
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"InstallShield_{AB61A692-5543-4C48-979B-8CEA1C52FE9C}" = PC-Doctor 5 for Windows
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PS2" = PS2
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"SM1FX_AT" = USB Storage Adapter FX (SM1)
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/27/2009 7:08:39 PM | Computer Name = RIVERA | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3474, faulting module
js3250.dll, version 4.0.0.0, fault address 0x0007b69d.

Error - 8/2/2009 9:11:34 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/2/2009 9:12:39 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/2/2009 9:15:52 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/2/2009 9:17:04 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/3/2009 3:57:52 AM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/4/2009 8:48:06 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3498, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/5/2009 8:13:26 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3498, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/5/2009 8:13:26 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3498, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/5/2009 8:13:36 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1001
Description = Fault bucket 1394815431.

[ System Events ]
Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:59 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:59 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:59 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 8:04:03 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7034
Description = The getPlus(R) Helper service terminated unexpectedly. It has done
this 1 time(s).


< End of report >

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on Sun Oct 18, 2009 2:25 am

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    C:\Documents and Settings\Compaq_Owner\Application Data\Error Safe
    C:\WINDOWS\ifotucig.dll


  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

NEXT

I see you are running a P2P application. I suggest to read the following, and then decide whether you want to keep it or not: [You must be registered and logged in to see this link.]

I see you have Viewpoint installed...
Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". I suggest you remove the program now. Navigate to Start --> Control Panel --> Add or Remove Programs and uninstall the following programs if present.

  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player
  • Viewpoint Toolbar

Let me know if you decided to uninstall it.

NEXT

Please download CKScanner by askey127 from [You must be registered and logged in to see this link.]

Save it to your desktop.

  • Doubleclick CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


NEXT

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


==

Please make sure to post the following logs in your next reply:

-OTL Fix Log
-CKScanner Log
-Security Check Log

Also, please tell me how your computer is running, and if you uninstalled Viewpoint. You may have to use 2-3 posts to fit all the contents from the logs in.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13706
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Sun Oct 18, 2009 3:55 am

Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!

OTL by OldTimer - Version 3.0.21.0 log created on 10172009_205152

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Sun Oct 18, 2009 4:12 am

I uninstalled Limewire.

For Viewpoint, I could not find any of those listed above. I did go to control panel, then Add or Remove Programs, but there was nȯne. So I uninstalled no viewpoint programs.

There was no CKFiles.txt on my desktop, so I did a search for the file...and found it in C:\Programs\Mozilla Firefox

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\wildtangent\apps\gamechannel\games\2fc85ae2-a516-46dc-9622-bee432d2276b\audio\st_win3_crackle.ogg
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\tile_firecracker-1.pnge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\tile_firecracker-2.pnge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\tile_firecracker-3.pnge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\tile_firecracker1.pnge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\kwazi3\level5-1cracktop.jpge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\kwazi5\5_lvl_5a_postcrack1.jpge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\kwazi5\5_lvl_5a_postcrack2.jpge
c:\program files\wildtangent\apps\gamechannel\games\d84ac71a-75e8-4709-8ba5-4b46eac00c5e\sounds\firecrackle.ogg
scanner sequence 3.CF.11
----- EOF -----

Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG Free 8.5
AVG Anti-Rootkit Free
McAfee Security Scan
``````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
AVG Anti-Rootkit Free
HijackThis 2.0.2
Java(TM) 6 Update 15
Adobe Flash Player 10
Adobe Reader 9.2
``````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
``````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on Sun Oct 18, 2009 9:06 am

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

AntiSpyware

  • [You must be registered and logged in to see this link.]
    SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found [You must be registered and logged in to see this link.].
  • [You must be registered and logged in to see this link.].
    Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).


NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
[You must be registered and logged in to see this link.]

Securing your computer

  • [You must be registered and logged in to see this link.] - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • [You must be registered and logged in to see this link.] replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13706
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Thu Nov 19, 2009 7:40 am

Can you help me again. The computer is running really really slow. I uninstalled Spybot and spyblaster and installed Trend Micro Antivirus & Antispyware Trial Version. I wanted to try it out. Though, the computer is running slow again. I disabled Trend Micro and ran ComboFix again. Can you check if there is something else that is wrong. Please.

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Thu Nov 19, 2009 7:41 am

ComboFix 09-11-18.07 - Compaq_Owner 11/18/2009 23:08.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.136 [GMT -8:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Search Settings
c:\program files\Search Settings\kb128\SeARchsettings.dll
c:\program files\Search Settings\kb128\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe

.
((((((((((((((((((((((((( Files Created from 2009-10-19 to 2009-11-19 )))))))))))))))))))))))))))))))
.

2009-11-19 07:05 . 2009-11-19 07:03 389120 ----a-w- c:\windows\system32\CF14187.exe
2009-11-16 13:14 . 2009-11-16 13:14 127872 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks\uninstall.exe
2009-11-13 08:48 . 2008-03-02 11:28 206608 ----a-w- c:\windows\system32\drivers\TMPassthru.sys
2009-11-07 18:13 . 2009-11-07 18:24 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Yahoo!
2009-11-04 19:27 . 2009-11-04 19:27 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-04 02:01 . 2009-11-04 02:01 152576 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 21:03 . 2009-11-03 21:03 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Search Settings
2009-11-03 20:49 . 2009-11-03 20:49 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\DivX
2009-11-03 19:59 . 2009-11-03 19:59 -------- d-----w- c:\windows\system32\custom matrices
2009-11-03 19:58 . 2009-11-03 19:58 -------- d-----w- c:\windows\system32\QuickTime
2009-11-03 19:58 . 2009-11-03 20:00 -------- d-----w- c:\windows\system32\C2MP
2009-11-01 19:15 . 2009-11-01 18:04 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-11-01 19:15 . 2009-11-01 18:04 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-11-01 19:15 . 2009-11-01 18:04 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-11-01 19:08 . 2009-11-01 19:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2009-11-01 18:04 . 2009-11-01 18:04 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-11-01 18:04 . 2009-11-01 18:04 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-11-01 18:04 . 2009-11-01 18:04 225808 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-11-01 18:04 . 2009-11-01 18:04 1223832 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-10-29 09:54 . 2009-10-29 09:59 -------- d-----w- c:\windows\SxsCaPendDel
2009-10-25 19:32 . 2003-12-11 18:15 44544 ----a-r- c:\windows\system32\MSXML4a.dll
2009-10-25 19:32 . 2003-12-11 18:15 626960 ----a-r- c:\windows\system32\hpvaut32.dll
2009-10-25 19:32 . 2003-12-11 18:15 487424 ----a-r- c:\windows\system32\hpvcp70.dll
2009-10-25 19:32 . 2003-12-11 18:15 344064 ----a-r- c:\windows\system32\hpvcr70.dll
2009-10-25 19:31 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-10-25 19:31 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
2009-10-22 17:32 . 2009-10-22 17:32 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Xilisoft Corporation
2009-10-22 17:26 . 2009-10-22 17:26 -------- d-----w- c:\program files\Xilisoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 21:34 . 2009-06-29 05:56 8950 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\wklnhst.dat
2009-11-16 13:14 . 2007-02-07 19:10 -------- d--h--w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks
2009-11-16 13:14 . 2009-06-16 06:35 4183416 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
2009-11-13 08:48 . 2005-08-03 21:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-13 08:48 . 2009-06-25 04:59 -------- d-----w- c:\program files\Trend Micro
2009-11-08 19:21 . 2005-12-09 03:17 -------- d-----w- c:\program files\Yahoo!
2009-11-07 18:24 . 2009-10-04 06:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-11-04 19:39 . 2005-08-03 21:41 -------- d-----w- c:\program files\iTunes
2009-11-04 19:38 . 2005-08-03 21:41 -------- d-----w- c:\program files\iPod
2009-11-04 02:04 . 2005-08-03 21:14 -------- d-----w- c:\program files\Java
2009-11-01 18:59 . 2009-10-12 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-29 21:02 . 2005-11-18 10:22 49896 -c--a-w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-29 09:55 . 2009-06-15 20:34 -------- d-----w- c:\program files\AVG
2009-10-29 09:50 . 2005-12-09 03:04 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-10-29 07:14 . 2009-10-18 19:40 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-29 01:08 . 2005-08-03 21:35 -------- d-----w- c:\program files\Hewlett-Packard
2009-10-29 01:08 . 2005-08-03 21:26 -------- d-----w- c:\program files\HP
2009-10-28 16:03 . 2009-10-12 20:38 -------- d-----w- c:\program files\Spybot - Search & Destroy (old)
2009-10-28 16:02 . 2007-06-13 06:30 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-28 16:02 . 2006-07-03 00:14 -------- d-----w- c:\program files\Incomplete
2009-10-24 16:42 . 2005-10-06 09:24 -------- d-----w- c:\program files\Microsoft
2009-10-21 12:13 . 2006-05-03 06:02 -------- d-----w- c:\program files\LimeWire
2009-10-19 23:13 . 2009-10-09 22:16 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Audacity
2009-10-18 18:57 . 2009-10-18 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-17 02:18 . 2009-08-03 05:17 2256 ----a-w- c:\windows\current_settings.bin
2009-10-17 00:23 . 2009-10-16 11:51 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-10-16 12:02 . 2005-08-03 21:36 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-16 11:59 . 2009-10-16 11:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-10-16 11:57 . 2009-10-16 12:03 38208 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
2009-10-16 11:57 . 2009-10-16 11:59 38208 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
2009-10-16 11:56 . 2009-10-16 11:56 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-16 11:55 . 2009-10-16 11:55 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-10-16 06:54 . 2009-09-26 03:34 -------- d-----w- c:\program files\BitLord
2009-10-14 06:30 . 2009-10-11 21:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 21:09 . 2009-10-11 21:09 -------- d-----w- c:\documents and settings\Administrator.RIVERA\Application Data\Malwarebytes
2009-10-11 12:17 . 2009-06-12 01:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 20:15 . 2005-08-03 21:52 -------- d-----w- c:\program files\Easy Internet signup
2009-10-04 06:17 . 2006-04-27 07:16 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Yahoo!
2009-09-11 14:18 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 21:54 . 2009-10-11 21:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 21:53 . 2009-10-11 21:11 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 02:42 . 2009-06-16 11:34 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-29 02:42 . 2009-06-16 11:34 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-27 19:04 . 2009-08-27 19:04 557003 ----a-w- c:\windows\system32\libmplayer.dll
2009-08-27 19:04 . 2009-08-27 19:04 811835 ----a-w- c:\windows\system32\ff_x264.dll
2009-08-27 19:03 . 2009-08-27 19:03 4456201 ----a-w- c:\windows\system32\libavcodec.dll
2009-08-26 08:00 . 2004-08-04 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 18:07 . 2009-08-25 18:07 328334 ----a-w- c:\windows\system32\ff_kernelDeint.dll
2009-08-25 17:38 . 2009-08-25 17:38 425040 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2009-08-25 16:56 . 2009-08-25 16:56 829781 ----a-w- c:\windows\system32\xvidcore.dll
2009-08-25 16:37 . 2009-08-25 16:37 146098 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2007-12-05 12:23 . 2007-12-05 12:24 774144 -c--a-w- c:\program files\RngInterstitial.dll
2007-01-16 07:32 . 2007-01-16 07:32 7168 -csha-w- c:\program files\Thumbs.db
2003-08-27 21:19 . 2009-06-08 07:19 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll
.

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Thu Nov 19, 2009 7:41 am

((((((((((((((((((((((((((((( SnapShot_2009-10-14_04.04.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 03:54 . 2009-07-12 03:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-12 08:07 . 2009-07-12 08:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 08:19 . 2009-07-12 08:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2009-07-12 02:41 . 2009-07-12 02:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2009-10-17 08:24 . 2004-08-04 01:00 20480 c:\windows\V0080Cfg.exe
+ 2009-10-17 08:24 . 2004-06-21 02:02 73728 c:\windows\twain_32\Creative\VF0080\HookWnd.dll
+ 2009-10-17 08:24 . 2004-07-16 01:02 98304 c:\windows\twain_32\Creative\VF0080\CtTwain.dll
+ 2009-11-19 03:37 . 2009-11-19 03:37 16384 c:\windows\temp\Perflib_Perfdata_270.dat
+ 2009-11-19 03:37 . 2009-11-19 03:37 16384 c:\windows\temp\Perflib_Perfdata_12c.dat
+ 2009-10-17 08:24 . 2004-05-21 01:00 20480 c:\windows\system32\V0080Srv.exe
+ 2009-10-17 08:24 . 2004-07-19 01:00 36864 c:\windows\system32\V0080Pin.dll
+ 2009-10-17 08:24 . 2004-07-26 01:00 49152 c:\windows\system32\V0080Hwx.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 61440 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpztbi10.dll
+ 2009-10-09 06:13 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2008-06-08 22:58 . 2008-06-08 22:58 60273 c:\windows\system32\pthreadGC2.dll
+ 2005-06-25 05:43 . 2009-11-19 03:42 53640 c:\windows\system32\perfc009.dat
- 2005-06-25 05:43 . 2009-08-06 00:09 53640 c:\windows\system32\perfc009.dat
- 2004-08-04 19:00 . 2008-04-14 00:12 16896 c:\windows\system32\msyuv.dll
+ 2004-08-04 19:00 . 2008-04-14 00:12 16896 c:\windows\system32\msyuv.dll
- 2009-03-08 11:31 . 2009-07-03 17:09 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 11:31 . 2009-08-29 08:08 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-01-10 22:14 . 2009-01-10 22:14 79360 c:\windows\system32\mkzlib.dll
+ 2009-01-10 22:14 . 2009-01-10 22:14 23552 c:\windows\system32\mkunicode.dll
+ 2004-08-04 12:00 . 2009-08-29 08:08 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 12:00 . 2009-07-03 17:09 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 19:00 . 2008-04-14 00:11 47616 c:\windows\system32\iyuv_32.dll
- 2004-08-04 19:00 . 2008-04-14 00:11 47616 c:\windows\system32\iyuv_32.dll
+ 2009-06-02 17:11 . 2009-06-02 17:11 98304 c:\windows\system32\ff_wmv9.dll
+ 2009-06-02 17:11 . 2009-06-02 17:11 85504 c:\windows\system32\ff_vfw.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 57344 c:\windows\system32\dpv11.dll
+ 2009-05-01 21:02 . 2009-05-01 21:02 90112 c:\windows\system32\dpl100.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-09-11 22:23 . 2009-07-03 17:09 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-04 19:00 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\msyuv.dll
- 2009-09-11 22:23 . 2009-07-03 17:09 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
- 2009-03-08 11:33 . 2009-07-03 17:09 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 11:33 . 2009-08-29 08:08 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 19:00 . 2008-04-14 00:11 47616 c:\windows\system32\dllcache\iyuv_32.dll
+ 2009-10-17 08:24 . 2002-09-17 01:04 36864 c:\windows\system32\CtRegApp.dll
+ 2009-10-17 08:24 . 2003-10-03 01:05 65536 c:\windows\system32\CtCamMgr.dll
+ 2009-08-30 22:30 . 2009-08-30 22:30 44474 c:\windows\system32\C2MP\Un_Parts.exe
+ 2008-05-25 14:39 . 2008-05-25 14:39 13824 c:\windows\system32\C2MP\StatsReader.exe
+ 2002-12-12 00:14 . 2002-12-12 00:14 13312 c:\windows\system32\C2MP\msdmo.dll
+ 2002-06-12 16:52 . 2002-06-12 16:52 23040 c:\windows\system32\C2MP\MiniCalc.exe
+ 2009-05-01 21:02 . 2009-05-01 21:02 69632 c:\windows\system32\C2MP\DivXConfig.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 28088 c:\windows\system32\bass_wv.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 18888 c:\windows\system32\bass_mpc.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 23616 c:\windows\system32\bass_flac.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 33240 c:\windows\system32\bass_ape.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 12784 c:\windows\system32\bass_alac.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 92728 c:\windows\system32\bass.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 97280 c:\windows\system32\avs.dll
+ 2009-08-11 20:21 . 2009-08-11 20:21 87552 c:\windows\system32\ac3config.exe
+ 2009-06-25 02:56 . 2009-06-25 02:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-14 04:58 . 2007-04-14 04:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-14 05:30 . 2007-04-14 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-28 08:30 . 2008-05-28 08:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2009-11-01 18:05 . 2009-11-01 18:04 24576 c:\windows\Installer\nlsdl.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 57856 c:\windows\Installer\mfcm80u.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 69632 c:\windows\Installer\mfcm80.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 96256 c:\windows\Installer\atl80.dll
+ 2009-10-16 12:03 . 2009-10-16 12:03 21504 c:\windows\Installer\3adc14c.msi
+ 2009-10-16 11:59 . 2009-10-16 11:59 27648 c:\windows\Installer\3adc140.msi
+ 2009-11-03 20:03 . 2009-11-03 20:03 10134 c:\windows\Installer\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}\ARPPRODUCTICON.exe
+ 2009-10-14 10:12 . 2009-07-03 17:09 12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_4749f896\System.Drawing.Design.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_c94e156d\CustomMarshalers.dll
+ 2009-10-14 10:06 . 2008-04-14 00:11 57344 c:\windows\$NtUninstallKB974571$\msasn1.dll
+ 2009-10-14 10:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975467\update\spcustom.dll
+ 2009-10-14 10:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975467\spmsg.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975025\update\spcustom.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975025\spmsg.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974571\update\spcustom.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974571\spmsg.dll
+ 2009-09-04 20:57 . 2009-09-04 20:57 58880 c:\windows\$hf_mig$\KB974571\SP3QFE\msasn1.dll
+ 2009-10-14 10:12 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB974455-IE8\update\spcustom.dll
+ 2009-10-14 10:12 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB974455-IE8\spmsg.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 12800 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\xpshims.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 55296 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeedsbs.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 25600 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\jsproxy.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974112\update\spcustom.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974112\spmsg.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973525\update\spcustom.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973525\spmsg.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB971486\update\spcustom.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB971486\spmsg.dll
+ 2009-10-14 10:07 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB969059\update\spcustom.dll
+ 2009-10-14 10:07 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB969059\spmsg.dll
- 2004-08-04 19:00 . 2004-08-04 19:00 8192 c:\windows\system32\tsbyuv.dll
+ 2004-08-04 19:00 . 2001-08-18 05:36 8192 c:\windows\system32\tsbyuv.dll
+ 2009-10-17 08:24 . 2004-08-11 03:22 3525 c:\windows\system32\drivers\CamH2111.bin
+ 2009-10-17 08:24 . 2004-08-11 03:22 3525 c:\windows\system32\drivers\CamF2111.bin
+ 2004-08-04 19:00 . 2001-08-18 05:36 8192 c:\windows\system32\dllcache\tsbyuv.dll
+ 2003-12-26 19:26 . 2003-12-26 19:26 9216 c:\windows\system32\C2MP\OGMCalc.exe
+ 2004-03-04 20:00 . 2004-03-04 20:00 6144 c:\windows\system32\C2MP\AviC.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 8664 c:\windows\system32\bass_tta.dll
+ 2009-07-12 08:12 . 2009-07-12 08:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 08:09 . 2009-07-12 08:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 08:08 . 2009-07-12 08:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2008-12-03 22:11 . 2008-12-03 22:11 180224 c:\windows\system32\xvidvfw.dll
+ 2004-08-04 12:00 . 2009-04-02 06:02 604160 c:\windows\system32\wmspdmod.dll
+ 2008-08-26 22:11 . 2008-08-26 22:11 987136 c:\windows\system32\VSFilter.dll
+ 2004-12-10 09:03 . 2004-12-10 09:03 438272 c:\windows\system32\vp6vfw.dll
+ 2009-10-17 08:24 . 2004-06-10 01:00 126976 c:\windows\system32\V0080Vfw.dll
+ 2009-10-17 08:24 . 2004-06-29 01:55 106496 c:\windows\system32\V0080Sti.dll
+ 2009-01-10 22:17 . 2009-01-10 22:17 163840 c:\windows\system32\ts.dll
+ 2009-05-01 21:02 . 2009-05-01 21:02 200704 c:\windows\system32\ssldivx.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 172032 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpztbu10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 163840 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzstw10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 385024 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzstc10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 180315 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzsnt10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 679936 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzslk10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 331776 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzpre10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 487424 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzpm310.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 200704 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzjui10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 352256 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzime10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 647168 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzeng10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 344064 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzcon10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 196608 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzcoi10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 286720 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzcfg10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 196608 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpz2ku10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 168758 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpf2vw10.dat
+ 2009-10-25 19:31 . 2005-07-23 03:25 172032 c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe
+ 2005-06-25 05:43 . 2009-11-19 03:42 382022 c:\windows\system32\perfh009.dat
- 2005-06-25 05:43 . 2009-08-06 00:09 382022 c:\windows\system32\perfh009.dat
+ 2004-04-20 22:00 . 2004-04-20 22:00 172032 c:\windows\system32\OptimFROG.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 120832 c:\windows\system32\ogm.dll
+ 2004-08-04 12:00 . 2009-08-29 08:08 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2009-07-03 17:09 206848 c:\windows\system32\occache.dll
- 2004-08-04 19:00 . 2008-04-14 00:12 294912 c:\windows\system32\msh263.drv
+ 2004-08-04 19:00 . 2008-04-14 00:12 294912 c:\windows\system32\msh263.drv
+ 2009-03-08 11:32 . 2009-08-29 08:08 594432 c:\windows\system32\msfeeds.dll
- 2009-03-08 11:32 . 2009-07-03 17:09 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-10 22:16 . 2009-01-10 22:16 141312 c:\windows\system32\mp4.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 159744 c:\windows\system32\mmfinfo.dll
+ 2009-01-10 22:16 . 2009-01-10 22:16 148480 c:\windows\system32\mkx.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 135168 c:\windows\system32\mkv2vfr.exe
+ 2009-11-04 02:04 . 2009-10-11 12:17 149280 c:\windows\system32\javaws.exe
- 2009-08-11 07:56 . 2009-07-25 12:23 149280 c:\windows\system32\javaws.exe
+ 2009-11-04 02:04 . 2009-10-11 12:17 145184 c:\windows\system32\javaw.exe
- 2009-08-11 07:56 . 2009-07-25 12:23 145184 c:\windows\system32\javaw.exe
- 2009-08-11 07:56 . 2009-07-25 12:23 145184 c:\windows\system32\java.exe
+ 2009-11-04 02:04 . 2009-10-11 12:17 145184 c:\windows\system32\java.exe
+ 2004-08-04 12:00 . 2009-08-29 08:08 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2009-07-03 17:09 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2009-08-29 08:08 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2009-08-28 10:35 173056 c:\windows\system32\ie4uinit.exe
- 2004-08-04 12:00 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2007-07-05 01:33 . 2007-07-05 01:33 892928 c:\windows\system32\iconv.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 344064 c:\windows\system32\hpzcon10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 196608 c:\windows\system32\hpzcoi10.dll
+ 2009-01-10 22:16 . 2009-01-10 22:16 335872 c:\windows\system32\gdsmux.exe
+ 2005-06-25 05:42 . 2009-11-11 11:26 192976 c:\windows\system32\FNTCACHE.DAT
+ 2009-06-02 17:15 . 2009-06-02 17:15 113152 c:\windows\system32\ff_unrar.dll
+ 2009-06-02 17:15 . 2009-06-02 17:15 146944 c:\windows\system32\ff_tremor.dll
+ 2009-06-02 17:15 . 2009-06-02 17:15 183296 c:\windows\system32\ff_samplerate.dll
+ 2009-06-02 17:14 . 2009-06-02 17:14 178688 c:\windows\system32\ff_libmad.dll
+ 2009-06-02 17:14 . 2009-06-02 17:14 486400 c:\windows\system32\ff_libfaad2.dll
+ 2009-06-02 17:13 . 2009-06-02 17:13 257024 c:\windows\system32\ff_libdts.dll
+ 2009-06-02 17:13 . 2009-06-02 17:13 142848 c:\windows\system32\ff_liba52.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 246784 c:\windows\system32\dxr.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 196608 c:\windows\system32\dtu100.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 103424 c:\windows\system32\dsmux.exe
+ 2009-10-17 08:24 . 2004-10-09 09:51 503507 c:\windows\system32\drivers\V0080Dev.sys
+ 2008-08-05 21:59 . 2008-08-05 21:59 344064 c:\windows\system32\dpus11.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 593920 c:\windows\system32\dpuGUI11.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 294912 c:\windows\system32\dpu11.dll
+ 2004-08-04 12:00 . 2009-04-02 06:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2009-04-29 04:46 . 2009-08-29 08:08 916480 c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 12:00 . 2008-10-03 10:15 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-04 12:00 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
- 2009-03-08 11:34 . 2009-07-03 17:09 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 11:34 . 2009-08-29 08:08 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 594432 c:\windows\system32\dllcache\msfeeds.dll
- 2009-09-11 22:23 . 2009-07-03 17:09 594432 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-04 19:00 . 2008-04-13 19:16 141056 c:\windows\system32\dllcache\ks.sys
- 2009-09-11 22:23 . 2009-07-03 17:09 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-03-08 11:31 . 2009-08-29 08:08 184320 c:\windows\system32\dllcache\iepeers.dll
- 2009-03-08 11:31 . 2009-07-03 17:09 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 21:09 . 2009-08-29 08:08 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 11:32 . 2009-08-28 10:35 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-03-08 11:32 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-05-01 21:03 . 2009-05-01 21:03 528384 c:\windows\system32\DivXsm.exe
+ 2009-05-01 21:02 . 2009-05-01 21:02 685056 c:\windows\system32\DivX.dll
+ 2009-08-30 22:30 . 2009-08-30 22:30 241288 c:\windows\system32\C2MP\Uninst.exe
+ 2007-02-19 15:28 . 2007-02-19 15:28 117974 c:\windows\system32\C2MP\GSpot27.dat
+ 2007-02-22 20:08 . 2007-02-22 20:08 925696 c:\windows\system32\C2MP\GSpot.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 150520 c:\windows\system32\bass_aac.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 102400 c:\windows\system32\avss.dll
+ 2009-01-10 22:16 . 2009-01-10 22:16 108032 c:\windows\system32\avi.dll
- 2007-04-14 04:58 . 2007-04-14 04:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 04:56 . 2007-04-14 04:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 05:30 . 2007-04-14 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-28 08:30 . 2008-05-28 08:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-11-01 18:05 . 2009-11-01 18:04 126208 c:\windows\Installer\tmdbg32.dll
+ 2009-11-01 18:05 . 2009-11-01 18:04 626688 c:\windows\Installer\msvcr80.dll
+ 2009-11-01 18:05 . 2009-11-01 18:04 548864 c:\windows\Installer\msvcp80.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 479232 c:\windows\Installer\msvcm80.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 159168 c:\windows\Installer\libexpat.dll
+ 2009-11-04 19:30 . 2009-11-04 19:30 796672 c:\windows\Installer\e44d32c.msi
+ 2009-10-29 09:54 . 2009-10-29 09:54 424448 c:\windows\Installer\1cd8a1d.msi
+ 2009-11-04 19:39 . 2009-11-04 19:39 102400 c:\windows\Installer\{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}\iTunesIco.exe
+ 2009-11-05 11:01 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-05 11:01 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
+ 2009-10-14 10:12 . 2009-07-03 17:09 915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll
+ 2009-10-14 10:12 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll
+ 2009-10-14 10:12 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe
+ 2009-10-14 10:12 . 2009-07-03 17:09 206848 c:\windows\ie8updates\KB974455-IE8\occache.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll
+ 2009-10-14 10:12 . 2009-07-03 11:01 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe
+ 2009-10-14 10:06 . 2009-10-14 10:06 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b773dc85\System.Drawing.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_51ccb6a4\System.Drawing.Design.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_aa3e128c\CustomMarshalers.dll
+ 2009-10-14 10:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975467$\spuninst\updspapi.dll
+ 2009-10-14 10:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe
+ 2009-10-14 10:02 . 2009-06-25 08:25 136192 c:\windows\$NtUninstallKB975467$\msv1_0.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975025$\spuninst\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974571$\spuninst\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe
+ 2009-10-14 10:06 . 2008-10-03 10:15 247326 c:\windows\$NtUninstallKB974112$\strmdll.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974112$\spuninst\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973525$\spuninst\updspapi.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971486$\spuninst\updspapi.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe
+ 2009-10-14 10:07 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB969059$\spuninst\updspapi.dll
+ 2009-10-14 10:07 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe
+ 2009-10-14 10:11 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB958869$\spuninst\updspapi.dll
+ 2009-10-14 10:11 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe
+ 2009-10-14 10:07 . 2006-10-19 04:47 603648 c:\windows\$NtUninstallKB954155_WM9$\wmspdmod.dll
+ 2009-10-14 10:07 . 2007-07-27 17:41 382840 c:\windows\$NtUninstallKB954155_WM9$\spuninst\updspapi.dll
+ 2009-10-14 10:07 . 2007-07-27 17:41 231288 c:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe
+ 2009-10-14 10:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975467\update\updspapi.dll
+ 2009-10-14 10:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975467\update\update.exe
+ 2009-10-14 10:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975467\spuninst.exe
+ 2009-09-11 14:13 . 2009-09-11 14:13 136704 c:\windows\$hf_mig$\KB975467\SP3QFE\msv1_0.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975025\update\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975025\update\update.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975025\spuninst.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974571\update\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974571\update\update.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974571\spuninst.exe
+ 2009-10-14 10:12 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974455-IE8\update\updspapi.dll
+ 2009-10-14 10:12 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB974455-IE8\update\update.exe
+ 2009-10-14 10:12 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB974455-IE8\spuninst.exe
+ 2009-10-13 21:30 . 2009-08-29 08:01 916480 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 206848 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\occache.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 594432 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeeds.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 246272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieproxy.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 184320 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iepeers.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 387584 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iedkcs32.dll
+ 2009-10-13 21:30 . 2009-08-28 10:07 173056 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ie4uinit.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974112\update\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974112\update\update.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974112\spuninst.exe
+ 2009-08-26 08:03 . 2009-08-26 08:03 247326 c:\windows\$hf_mig$\KB974112\SP3QFE\strmdll.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973525\update\updspapi.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973525\update\update.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973525\spuninst.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971486\update\updspapi.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971486\update\update.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB971486\spuninst.exe
+ 2009-10-14 10:07 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
+ 2009-10-14 10:07 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969059\update\update.exe
+ 2009-10-14 10:07 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969059\spuninst.exe
+ 2009-10-13 21:29 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-07-12 03:46 . 2009-07-12 03:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-12 03:46 . 2009-07-12 03:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2009-10-17 08:24 . 2001-08-23 08:25 1706800 c:\windows\twain_32\Creative\VF0080\GdiPlus.dll
+ 2004-08-04 12:00 . 2009-08-14 13:21 1850624 c:\windows\system32\win32k.sys
+ 2008-11-06 16:37 . 2008-11-06 16:37 1585664 c:\windows\system32\VC80CRTRedist.msi
+ 2004-08-04 12:00 . 2009-08-29 08:08 1208832 c:\windows\system32\urlmon.dll
- 2004-08-04 12:00 . 2009-07-03 17:09 1208832 c:\windows\system32\urlmon.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 7331840 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpztbx10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 1695744 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzrm310.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 3182592 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzr3210.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 1589248 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzimc10.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 1435648 c:\windows\system32\query.dll
+ 2004-08-04 12:00 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
+ 2008-11-06 16:37 . 2008-11-06 16:37 3596288 c:\windows\system32\qt-dx331.dll
+ 2004-08-04 19:00 . 2009-08-04 15:13 2145280 c:\windows\system32\ntoskrnl.exe
- 2004-08-04 19:00 . 2009-02-06 11:06 2145280 c:\windows\system32\ntoskrnl.exe
- 2004-08-04 19:00 . 2009-02-06 10:32 2023936 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 19:00 . 2009-08-04 14:20 2023936 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 12:00 . 2009-10-22 09:19 5939712 c:\windows\system32\mshtml.dll
+ 2009-05-01 21:02 . 2009-05-01 21:02 1044480 c:\windows\system32\libdivx.dll
+ 2009-03-08 11:32 . 2009-08-29 08:08 1985536 c:\windows\system32\iertutil.dll
- 2009-03-08 11:32 . 2009-07-03 17:09 1985536 c:\windows\system32\iertutil.dll
+ 2009-10-17 08:24 . 2004-05-21 06:05 1125376 c:\windows\system32\drivers\V0080Evx.sys
+ 2009-04-17 12:26 . 2009-08-14 13:21 1850624 c:\windows\system32\dllcache\win32k.sys
+ 2009-04-29 04:46 . 2009-08-29 08:08 1208832 c:\windows\system32\dllcache\urlmon.dll
- 2009-04-29 04:46 . 2009-07-03 17:09 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-06-13 02:40 . 2009-08-05 03:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-06-13 02:40 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-06-13 02:40 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-02-08 02:02 . 2009-02-08 02:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-08 02:02 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-06-13 02:40 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-06-13 02:40 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-04-29 04:46 . 2009-10-22 09:19 5939712 c:\windows\system32\dllcache\mshtml.dll
- 2009-09-11 22:23 . 2009-07-03 17:09 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-05-12 18:46 . 2009-05-12 18:46 1650992 c:\windows\system32\C2MP\npdivx32.dll
+ 2008-05-28 08:35 . 2008-05-28 08:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 05:35 . 2007-04-14 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 05:35 . 2007-04-14 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 08:35 . 2008-05-28 08:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-14 04:50 . 2007-04-14 04:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-28 07:43 . 2008-05-28 07:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 1093120 c:\windows\Installer\mfc80u.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 1101824 c:\windows\Installer\mfc80.dll
+ 2009-11-04 19:39 . 2009-11-04 19:39 4454912 c:\windows\Installer\e44dad5.msi
+ 2009-11-03 20:03 . 2009-11-03 20:03 1603584 c:\windows\Installer\93ce61f.msi
+ 2009-11-01 19:08 . 2009-11-01 19:08 3204096 c:\windows\Installer\52fc5.msi
+ 2009-10-16 12:02 . 2009-10-16 12:02 3940352 c:\windows\Installer\3adc146.msi
+ 2009-11-05 11:01 . 2009-08-29 08:08 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll
+ 2009-10-14 10:12 . 2009-07-19 13:18 5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll
+ 2009-06-13 02:40 . 2009-08-05 03:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-06-13 02:40 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-06-13 02:40 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-08 02:02 . 2009-02-08 02:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-08 02:02 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-06-13 02:40 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-06-13 02:40 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-14 10:05 . 2009-10-14 10:05 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_f2099334\System.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_38233a9e\System.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_82d2af0f\System.Xml.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_65dc8259\System.Xml.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_e112058d\System.Windows.Forms.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_43691044\System.Windows.Forms.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_38386980\System.Drawing.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f61a2c51\System.Design.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_0f6b4a91\System.Design.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e99f0118\mscorlib.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a5795710\mscorlib.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-03-31 11:14 . 2009-03-31 11:14 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-03-31 11:14 . 2009-03-31 11:14 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-14 10:03 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
+ 2009-10-14 10:03 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrpamp.exe
+ 2009-10-14 10:03 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
+ 2009-10-14 10:03 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntkrnlmp.exe
+ 2009-10-14 10:07 . 2008-04-14 00:12 1435648 c:\windows\$NtUninstallKB969059$\query.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 1209344 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\urlmon.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 5942272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 1986048 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iertutil.dll
+ 2009-10-13 21:29 . 2009-08-04 13:56 2189312 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
+ 2009-10-13 21:29 . 2009-08-04 13:17 2023936 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe
+ 2009-08-05 01:47 . 2009-08-05 01:47 2066176 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
+ 2009-10-13 21:29 . 2009-08-04 13:54 2145280 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe
+ 2009-07-17 16:01 . 2009-07-17 16:01 1435648 c:\windows\$hf_mig$\KB969059\SP3QFE\query.dll
+ 2009-06-11 09:02 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe
+ 2009-03-08 11:39 . 2009-08-29 08:08 11069440 c:\windows\system32\ieframe.dll
+ 2009-07-20 01:48 . 2009-08-29 08:08 11069440 c:\windows\system32\dllcache\ieframe.dll
+ 2009-08-11 04:08 . 2009-08-11 04:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-10 21:09 . 2009-08-10 21:09 17254912 c:\windows\Installer\6f2fa5.msp
+ 2009-10-14 10:12 . 2009-07-20 01:48 11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll
+ 2009-08-29 20:31 . 2009-08-29 20:31 11069952 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Thu Nov 19, 2009 7:42 am

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2006-07-05 4538368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"SM1BG"="c:\windows\SM1BG.EXE" [2003-08-27 94208]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 253952]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152]
"D-Link D-Link Wireless N DWA-130"="c:\program files\D-Link\DWA-130\AirNCFG.exe" [2008-10-01 1679360]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-11-01 1020248]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"TMRUBottedTray"="c:\program files\Trend Micro\RUBotted\TMRUBottedTray.exe" [2008-11-06 288088]
"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2005-01-24 544768]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [5/20/2009 1:09 PM 143360]
R2 RUBotted;Trend Micro RUBotted Service;c:\program files\Trend Micro\RUBotted\TMRUBotted.exe [11/13/2009 12:48 AM 582992]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [11/1/2009 10:04 AM 36368]
R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [11/1/2009 11:15 AM 50704]
R3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\TMPassthru.sys [11/13/2009 12:48 AM 206608]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [11/1/2009 11:15 AM 689416]
S3 RTL8192u;Realtek RTL8192U Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192u.sys [5/20/2009 1:07 PM 443776]
S3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\drivers\TMPassthru.sys [11/13/2009 12:48 AM 206608]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contents of the 'Scheduled Tasks' folder

2009-11-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\odo29sgx.default\
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\windows\system32\C2MP\npdivx32.dll
FF - hȋdden: XUL Cache: {DF30700B-ED43-408A-90BB-8FA0A69AE598} - c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-11-18 23:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-11-18 23:29
ComboFix-quarantined-files.txt 2009-11-19 07:29
ComboFix2.txt 2009-10-14 05:47
ComboFix3.txt 2009-10-14 04:13
ComboFix4.txt 2009-06-25 04:34

Pre-Run: 142,114,787,328 bytes free
Post-Run: 142,287,659,008 bytes free

- - End Of File - - 3D1C2B5D2D7DAE354FE2ADFD293C14DD

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Belahzur on Thu Nov 19, 2009 7:58 pm

Please download GooredFix from one of the locations below and save it to your Desktop
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Fri Nov 20, 2009 8:49 am

GooredFix by jpshortstuff (18.11.09.1)
Log created at 00:46 on 20/11/2009 (Compaq_Owner)
Firefox version 3.5.5 (en-US)

========== GooredScan ==========

Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{DF30700B-ED43-408A-90BB-8FA0A69AE598} -> Success!
Deleting C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598} -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
[You must be registered and logged in to see this link.] [20:03 03/11/2009]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [22:11 09/10/2009]
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [07:56 11/08/2009]
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [02:04 04/11/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [01:27 12/06/2009]

-=E.O.F=-

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Belahzur on Fri Nov 20, 2009 5:08 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on Fri Nov 20, 2009 7:58 pm

I ran the combofix...but the black screen appeared, the one which ask you how you like to restart... "Last Configuration Safe Mood with networking, etc, Start Normal" Though, I when I clicked enter on any of the options it returned me back to the same black screen with the same commands. I tried all the other options, i.e. reboot, but still it returned me back to the black screen. The last thing I read was it was deleting a file: C:\\....iide.exe or something similar to that.

So the only thing that the computer allowed me to do was a PC recovery. I lost all my files, but then again, the computer is fast.
Thank you!

rockrlife
Novice
Novice

Status :
Online
Offline

Posts : 24
Joined : 2009-10-13
OS : Microsoft Window XP Home Edition

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum