ComboFix 10-04-17.07 - Preston 04/18/2010 17:34:22.8.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1580 [GMT -5:00]
Running from: c:\documents and settings\Preston\Desktop\ComboFix.exe
AV: Sunbelt VIPRE *On-access scanning disabled* (Updated) {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Internet Explorer\SETD1.tmp
c:\program files\Internet Explorer\SETD6.tmp
.
((((((((((((((((((((((((( Files Created from 2010-03-18 to 2010-04-18 )))))))))))))))))))))))))))))))
.
2010-04-18 22:13 . 2010-04-18 22:13 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-04-18 22:13 . 2007-12-05 06:41 35328 ----a-w- c:\windows\system32\nvcodins.dll
2010-04-18 22:13 . 2007-12-05 06:41 35328 ----a-w- c:\windows\system32\nvcod.dll
2010-04-18 22:13 . 2007-12-05 06:41 6901760 ----a-w- c:\windows\system32\nvoglnt.dll
2010-04-18 22:12 . 2007-12-05 06:41 1089536 ----a-w- c:\windows\system32\nvcuda.dll
2010-04-18 22:12 . 2007-12-05 06:41 385024 ----a-w- c:\windows\system32\nvapi.dll
2010-04-18 22:12 . 2007-12-05 06:41 5773568 ----a-w- c:\windows\system32\nv4_disp.dll
2010-04-18 22:12 . 2007-12-05 06:41 7435392 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-04-18 22:12 . 2010-04-18 22:12 -------- d-----w- c:\program files\Microsoft Silverlight
2010-04-18 22:11 . 2010-04-18 22:12 -------- dc-h--w- c:\windows\ie8
2010-04-18 22:08 . 2008-07-08 13:45 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin
2010-04-18 22:08 . 2006-03-22 06:21 10240 ----a-r- c:\windows\system32\bdco1ins.dll
2010-04-18 22:08 . 2006-03-14 13:45 35840 ----a-r- c:\windows\system32\nvconrm.dll
2010-04-18 22:08 . 2006-03-22 06:24 18944 ----a-r- c:\windows\system32\drivers\nvnetbus.sys
2010-04-18 22:08 . 2006-03-22 06:23 1068800 ----a-r- c:\windows\system32\drivers\nvnrm.sys
2010-04-18 22:08 . 2006-03-22 06:21 10240 ----a-r- c:\windows\system32\bdco1.dll
2010-04-18 22:08 . 2010-04-18 22:08 -------- d-----w- C:\58209d509bb6c760d0
2010-04-18 22:07 . 2007-04-17 02:46 33792 ----a-w- c:\windows\system32\drivers\AmdPPM.sys
2010-04-18 11:00 . 2010-04-18 11:00 -------- d-----w- c:\program files\VS Revo Group
2010-04-18 07:28 . 2010-01-05 09:40 69720 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2010-04-18 07:28 . 2010-01-05 09:40 13400 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2010-04-18 07:24 . 2010-04-18 07:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Sunbelt
2010-04-18 07:24 . 2010-04-18 07:24 -------- d-----w- c:\documents and settings\Preston\Application Data\Sunbelt
2010-04-18 07:22 . 2010-02-22 01:30 85080 ----a-w- c:\windows\system32\drivers\sbhips.sys
2010-04-18 07:22 . 2010-02-22 01:30 204632 ----a-w- c:\windows\system32\drivers\sbtis.sys
2010-04-18 07:22 . 2010-04-18 07:22 -------- d-----w- c:\program files\Sunbelt Software
2010-04-18 04:40 . 2010-04-18 04:40 146579236 ----a-w- C:\registrybackup.reg
2010-04-17 12:35 . 2008-04-13 16:39 142592 -c--a-w- c:\windows\system32\dllcache\aec.sys
2010-04-17 12:35 . 2008-04-13 16:39 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2010-04-15 07:02 . 2010-04-15 08:35 -------- d-----w- C:\f0b6fdfa5c5738b47c
2010-04-15 06:53 . 2010-04-15 06:53 -------- d-----w- c:\documents and settings\Preston\Application Data\MSNInstaller
2010-04-15 06:44 . 2010-04-15 06:44 -------- d-----w- c:\documents and settings\All Users\Uniblue
2010-04-15 06:43 . 2010-04-15 06:43 -------- d-----w- c:\documents and settings\Preston\Application Data\Uniblue
2010-04-15 06:09 . 2010-04-15 06:09 -------- d-----w- c:\documents and settings\Preston\Local Settings\Application Data\Mozilla
2010-04-15 06:05 . 2010-04-15 06:05 -------- d-----w- c:\documents and settings\Preston\Local Settings\Application Data\Downloaded Installations
2010-04-15 04:23 . 2010-04-15 04:23 578560 -c--a-w- c:\windows\system32\dllcache\user32.dll
2010-04-15 03:44 . 2010-04-15 03:44 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-13 12:14 . 2010-04-13 12:14 -------- d-----w- c:\windows\Options
2010-04-12 04:22 . 2010-04-12 04:22 -------- d-----w- c:\documents and settings\Preston\Application Data\Malwarebytes
2010-04-12 04:21 . 2010-04-12 04:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-09 15:01 . 2010-04-09 15:01 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2010-04-08 02:30 . 2010-04-08 02:30 503808 ----a-w- c:\documents and settings\Preston\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5c4d5997-n\msvcp71.dll
2010-04-08 02:30 . 2010-04-08 02:30 499712 ----a-w- c:\documents and settings\Preston\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5c4d5997-n\jmc.dll
2010-04-08 02:30 . 2010-04-08 02:30 348160 ----a-w- c:\documents and settings\Preston\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5c4d5997-n\msvcr71.dll
2010-04-08 02:30 . 2010-04-08 02:30 61440 ----a-w- c:\documents and settings\Preston\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6421359f-n\decora-sse.dll
2010-04-08 02:30 . 2010-04-08 02:30 12800 ----a-w- c:\documents and settings\Preston\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6421359f-n\decora-d3d.dll
2010-04-07 16:20 . 2010-04-07 16:20 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2010-04-07 00:12 . 2010-04-07 00:12 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2010-04-06 23:35 . 2010-04-06 23:35 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache
2010-04-06 23:35 . 2010-04-06 23:35 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-04-06 18:02 . 2010-04-15 03:42 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-06 18:02 . 2010-04-06 18:02 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-06 18:02 . 2010-04-06 18:02 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-18 22:13 . 2007-02-13 08:35 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-18 22:08 . 2007-02-13 17:27 -------- d-----w- c:\program files\Windows Media Connect 2
2010-04-18 21:48 . 2008-03-27 20:54 -------- d-----w- c:\program files\Steam
2010-04-18 10:05 . 2009-07-21 06:21 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-04-18 09:53 . 2009-11-02 02:08 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-04-17 06:03 . 2008-03-24 22:46 -------- d-----w- c:\documents and settings\Preston\Application Data\SolidWorks
2010-04-16 21:03 . 2004-08-04 12:00 42112 ----a-w- c:\windows\system32\drivers\imapi.sys
2010-04-15 06:34 . 2007-02-13 07:32 -------- d-----w- c:\program files\AMD
2010-04-15 03:42 . 2007-03-01 12:13 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-04-13 12:19 . 2007-05-05 07:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-04-13 12:17 . 2007-05-14 05:46 -------- d-----w- c:\documents and settings\Preston\Application Data\ICAClient
2010-04-13 12:15 . 2007-02-20 05:34 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2010-04-10 06:06 . 2007-02-13 08:31 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-10 06:06 . 2007-02-13 08:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-04-10 06:05 . 2007-04-17 09:06 40 ----a-w- c:\windows\system32\profile.dat
2010-04-08 02:37 . 2007-04-04 08:16 -------- d--h--w- c:\documents and settings\Preston\Application Data\Move Networks
2010-03-09 09:28 . 2009-07-09 08:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-24 13:11 . 2004-08-04 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-22 02:39 . 2010-02-22 02:39 27984 ----a-w- c:\windows\system32\sbbd.exe
2010-02-16 14:08 . 2004-08-04 12:00 2146304 ------w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2004-08-03 22:59 2024448 ------w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2004-08-04 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-04 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2007-02-13 09:43 . 2007-02-13 09:43 35302248 -c--a-w- c:\program files\5.05.25.00_ntune_winxp_international.exe
.
Code:
<pre>
c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt .exe
c:\program files\Common Files\Symantec Shared\ccapp .exe
c:\program files\Creative\MediaSource\Detector\ctdetect .exe
c:\program files\Creative\Shared Files\Module Loader\dllml .exe
c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\ctdvddet .exe
c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\volpanel .exe
c:\program files\NVIDIA Corporation\nTune\ntunecmd .exe
</pre>
------- Sigcheck -------
[-] 2010-03-11 . 94359CD5BB6AC1CC08088F4A4091FF1E . 3599872 . . [7.00.6000.17023] . . c:\windows\SoftwareDistribution\Download\fd907694b9730bf0b6b92a6dbc2f96ef\sp3gdr\mshtml.dll
[-] 2010-03-11 . 9289EBB759293A1381AB0C326A115AEC . 3602944 . . [7.00.6000.21228] . . c:\windows\SoftwareDistribution\Download\fd907694b9730bf0b6b92a6dbc2f96ef\sp3qfe\mshtml.dll
[7] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\SoftwareDistribution\Download\bf853aeb396b834ced5a417bda2c636f\SP3GDR\mshtml.dll
[7] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[7] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\SoftwareDistribution\Download\bf853aeb396b834ced5a417bda2c636f\SP3QFE\mshtml.dll
[7] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\mshtml.dll
[7] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\mshtml.dll
[7] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[7] 2008-08-26 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[7] 2008-04-23 . 4D612FF5D3B7EEF200595AE6F95D5E68 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
[7] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[7] 2008-03-01 . 4EE273E2B09317C1217EF0DB91F93534 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
[7] 2007-12-07 . 976C46ED4A75FC66D9C596778898CE1E . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
[7] 2007-10-30 . 54D8B404F17AA74C666F7F3AEF2AE459 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
[7] 2007-08-20 . AA8A4BD78D24FCDB96DDAEE3756AA372 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
[7] 2007-07-18 . 7CE243CFD47AD0DC431586CB8C542A11 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll
[7] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll
[7] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\ie8\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\system32\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2010-03-11 . B6AB2EB1DA4BB29079B84AC842520670 . 832512 . . [7.00.6000.17023] . . c:\windows\SoftwareDistribution\Download\fd907694b9730bf0b6b92a6dbc2f96ef\sp3gdr\wininet.dll
[-] 2010-03-11 . 7F6A9D2F3CAA7780AAFD478BF3411462 . 841216 . . [7.00.6000.21228] . . c:\windows\SoftwareDistribution\Download\fd907694b9730bf0b6b92a6dbc2f96ef\sp3qfe\wininet.dll
[7] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\SoftwareDistribution\Download\bf853aeb396b834ced5a417bda2c636f\SP3GDR\wininet.dll
[7] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[7] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\SoftwareDistribution\Download\bf853aeb396b834ced5a417bda2c636f\SP3QFE\wininet.dll
[7] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\wininet.dll
[7] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\wininet.dll
[7] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[7] 2008-08-26 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2008-04-23 . 41546B396A526918DA7995A02EA04E51 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[7] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2008-03-01 . 6316C2F0C61271C8ABDFF7429174879E . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[7] 2007-12-07 . B5B411BB229AE6EAD7652A32ED47BFB9 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[7] 2007-10-10 . 0E5D918F87EFA7D2424D66B499C7EB04 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[7] 2007-08-20 . 357D54BF94FE9D6D8505A96B5C2A3BCA . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[7] 2007-06-27 . D6ED5E042C5207553E7F5E842918137F . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[7] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[7] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\ie8\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\system32\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\system32\dllcache\wininet.dll
[7] 2004-08-04 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB925454$\wininet.dll
.
((((((((((((((((((((((((((((( SnapShot_2010-04-18_10.38.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-04 12:00 . 2006-10-19 02:47 99840 c:\windows\system32\wmpshell.dll
+ 2010-04-18 22:08 . 2009-01-07 23:20 16928 c:\windows\system32\spmsg.dll
- 2010-04-17 10:09 . 2009-01-07 23:20 16928 c:\windows\system32\spmsg.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 81920 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvwddi.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 81920 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvmctray.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 35328 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvcod.dll
+ 2010-04-18 22:08 . 2006-03-22 06:24 18944 c:\windows\system32\ReinstallBackups\0013\DriverFiles\nvnetbus.sys
+ 2010-04-18 22:08 . 2006-03-14 13:45 35840 c:\windows\system32\ReinstallBackups\0013\DriverFiles\nvconrm.dll
+ 2010-04-18 22:08 . 2006-03-22 06:21 10240 c:\windows\system32\ReinstallBackups\0013\DriverFiles\bdco1.dll
+ 2010-04-18 22:07 . 2008-04-13 18:31 35840 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\processr.sys
+ 2010-01-12 17:03 . 2010-01-12 17:03 61440 c:\windows\system32\OpenCL.dll
- 2006-12-21 17:29 . 2007-12-05 06:41 81920 c:\windows\system32\nvwddi.dll
+ 2010-01-12 03:17 . 2010-01-12 03:17 81920 c:\windows\system32\nvwddi.dll
+ 2009-03-08 09:31 . 2009-03-08 09:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 09:31 . 2009-03-08 09:31 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 09:31 . 2009-03-08 09:31 59904 c:\windows\system32\icardie.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 99840 c:\windows\system32\dllcache\wmpshell.dll
+ 2007-02-13 07:06 . 2006-10-19 02:46 64000 c:\windows\system32\dllcache\wmplayer.exe
+ 2007-02-13 07:06 . 2006-10-19 02:47 96256 c:\windows\system32\dllcache\wmpband.dll
+ 2010-04-18 22:12 . 2010-04-18 22:12 49664 c:\windows\Installer\d3211.msi
+ 2010-04-18 22:11 . 2004-08-04 12:00 37888 c:\windows\ie8\url.dll
+ 2010-04-18 22:12 . 2009-03-08 19:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 39424 c:\windows\ie8\pngfilt.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 96256 c:\windows\ie8\occache.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 56832 c:\windows\ie8\mshtmler.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 29184 c:\windows\ie8\mshta.exe
+ 2010-04-18 22:11 . 2009-04-29 04:55 52224 c:\windows\ie8\msfeedsbs.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 22016 c:\windows\ie8\licmgr10.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 15872 c:\windows\ie8\jsproxy.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 96256 c:\windows\ie8\inseng.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 35840 c:\windows\ie8\imgutil.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 93184 c:\windows\ie8\iexplore.exe
+ 2010-04-18 22:11 . 2004-08-04 12:00 62976 c:\windows\ie8\iesetup.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 48640 c:\windows\ie8\iernonce.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 81920 c:\windows\ie8\ieencode.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 34304 c:\windows\ie8\ie4uinit.exe
+ 2010-04-18 22:11 . 2009-04-29 04:55 63488 c:\windows\ie8\icardie.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 38912 c:\windows\ie8\hmmapi.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 35328 c:\windows\ie8\corpol.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 99840 c:\windows\ie8\advpack.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 61440 c:\windows\ie8\admparse.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 7168 c:\windows\system32\dllcache\asferror.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 7168 c:\windows\system32\asferror.dll
+ 2010-04-18 20:52 . 2010-04-18 20:52 3460 c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2006-10-19 02:47 . 2006-10-19 02:47 204288 c:\windows\system32\wmpsrcwp.dll
+ 2006-10-19 02:47 . 2006-10-19 02:47 130048 c:\windows\system32\wmpps.dll
+ 2006-10-19 02:47 . 2006-10-19 02:47 613376 c:\windows\system32\wmpmde.dll
+ 2006-10-19 02:47 . 2006-10-19 02:47 295936 c:\windows\system32\wmpeffects.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 314880 c:\windows\system32\wmpdxm.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 242688 c:\windows\system32\wmpasf.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 227328 c:\windows\system32\wmerror.dll
+ 2009-03-08 09:34 . 2009-03-08 09:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-04 12:00 . 2008-05-09 10:53 430080 c:\windows\system32\vbscript.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 155716 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvsvc32.exe
+ 2010-04-18 22:12 . 2007-12-05 06:41 286720 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvnt4cpl.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 188416 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvmccss.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 229376 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvmccs.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 385024 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvapi.dll
+ 2010-04-18 22:08 . 2006-03-22 06:23 261120 c:\windows\system32\ReinstallBackups\0013\DriverFiles\nvsnpu.sys
+ 2007-02-14 23:09 . 2008-07-30 01:33 446464 c:\windows\system32\nvunrm.exe
+ 2007-02-14 22:18 . 2010-01-12 17:03 592488 c:\windows\system32\NVUNINST.EXE
+ 2007-02-14 22:31 . 2010-01-12 17:03 592488 c:\windows\system32\nvudisp.exe
+ 2010-01-12 03:17 . 2010-01-12 03:17 154216 c:\windows\system32\nvsvc32.exe
+ 2010-01-12 03:17 . 2010-01-12 03:17 110696 c:\windows\system32\nvmctray.dll
+ 2010-01-12 03:17 . 2010-01-12 03:17 278120 c:\windows\system32\nvmccs.dll
+ 2010-01-12 03:17 . 2010-01-12 03:17 145000 c:\windows\system32\nvcolor.exe
+ 2009-03-08 09:32 . 2009-03-08 09:32 594432 c:\windows\system32\msfeeds.dll
+ 2004-08-04 12:00 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
+ 2009-03-08 09:22 . 2009-03-08 09:22 164352 c:\windows\system32\ieui.dll
+ 2009-03-08 09:11 . 2009-03-08 09:11 445952 c:\windows\system32\ieapfltr.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 314880 c:\windows\system32\dllcache\wmpdxm.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 242688 c:\windows\system32\dllcache\wmpasf.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 227328 c:\windows\system32\dllcache\wmerror.dll
+ 2008-05-09 10:53 . 2008-05-09 10:53 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2004-08-04 12:00 . 2006-11-01 23:31 315904 c:\windows\system32\dllcache\unregmp2.exe
+ 2009-01-07 23:20 . 2009-01-07 23:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2007-02-13 07:06 . 2006-10-19 02:47 243712 c:\windows\system32\dllcache\mpvis.dll
+ 2008-05-09 10:53 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 640000 c:\windows\system32\dllcache\dbghelp.dll
+ 2004-08-04 12:00 . 2006-11-01 23:31 315904 c:\windows\inf\unregmp2.exe
+ 2010-04-18 22:11 . 2004-08-04 12:00 276480 c:\windows\ie8\webcheck.dll
+ 2010-04-18 22:11 . 2006-12-19 18:08 852480 c:\windows\ie8\vgx.dll
+ 2010-04-18 22:11 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 615936 c:\windows\ie8\urlmon.dll
+ 2010-04-18 22:12 . 2009-01-07 23:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2010-04-18 22:12 . 2009-01-07 23:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2010-04-18 22:11 . 2006-10-23 15:34 532480 c:\windows\ie8\mstime.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 146432 c:\windows\ie8\msrating.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 146432 c:\windows\ie8\msls31.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 448512 c:\windows\ie8\mshtmled.dll
+ 2010-04-18 22:11 . 2009-04-29 04:55 459264 c:\windows\ie8\msfeeds.dll
+ 2010-04-18 22:11 . 2009-08-13 15:16 512000 c:\windows\ie8\jscript.dll
+ 2010-04-18 22:11 . 2009-04-29 04:55 268288 c:\windows\ie8\iertutil.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 251904 c:\windows\ie8\iepeers.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 323584 c:\windows\ie8\iedkcs32.dll
+ 2010-04-18 22:11 . 2009-04-29 04:55 383488 c:\windows\ie8\ieapfltr.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 221184 c:\windows\ie8\ieakui.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 216576 c:\windows\ie8\ieaksie.dll
+ 2010-04-18 22:11 . 2004-08-04 12:00 139264 c:\windows\ie8\ieakeng.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 205312 c:\windows\ie8\dxtrans.dll
+ 2010-04-18 22:11 . 2006-10-23 15:34 357888 c:\windows\ie8\dxtmsft.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 8231936 c:\windows\system32\wmploc.dll
+ 2006-10-19 02:47 . 2006-10-19 02:47 1661440 c:\windows\system32\wmpencen.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 2498560 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvwss.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 3710976 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvvitvs.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 6901760 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvoglnt.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 1228800 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvmobls.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 3420160 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvgames.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 6549504 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvdisps.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 1089536 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvcuda.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 8523776 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nvcpl.dll
+ 2010-04-18 22:12 . 2007-12-05 06:41 7435392 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nv4_mini.sys
+ 2010-04-18 22:12 . 2007-12-05 06:41 5773568 c:\windows\system32\ReinstallBackups\0014\DriverFiles\nv4_disp.dll
+ 2010-04-18 22:08 . 2006-03-22 06:23 1068800 c:\windows\system32\ReinstallBackups\0013\DriverFiles\nvnrm.sys
+ 2010-01-12 17:03 . 2010-01-12 17:03 2283526 c:\windows\system32\nvdata.bin
+ 2010-01-12 17:03 . 2010-01-12 17:03 2259560 c:\windows\system32\nvcuvid.dll
+ 2010-01-12 17:03 . 2010-01-12 17:03 4077672 c:\windows\system32\nvcuvenc.dll
+ 2009-03-08 09:32 . 2009-03-08 09:32 1985024 c:\windows\system32\iertutil.dll
+ 2009-02-07 02:07 . 2009-02-07 02:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2004-08-04 12:00 . 2006-10-19 02:47 8231936 c:\windows\system32\dllcache\wmploc.dll
+ 2009-01-07 23:20 . 2009-01-07 23:20 1497088 c:\windows\system32\dllcache\shdocvw.dll
+ 2007-02-13 07:06 . 2006-11-01 23:31 1669120 c:\windows\system32\dllcache\setup_wm.exe
+ 2009-01-07 23:20 . 2009-01-07 23:20 1022976 c:\windows\system32\dllcache\browseui.dll
+ 2010-04-18 22:11 . 2009-04-29 04:55 6066176 c:\windows\ie8\ieframe.dll
+ 2010-04-18 22:11 . 2008-07-09 14:25 2455488 c:\windows\ie8\ieapfltr.dat
+ 2004-08-04 12:00 . 2006-10-19 02:47 10834432 c:\windows\system32\wmp.dll
+ 2010-01-12 03:17 . 2010-01-12 03:17 13666408 c:\windows\system32\nvcpl.dll
+ 2010-01-12 17:03 . 2010-01-12 17:03 11632640 c:\windows\system32\nvcompiler.dll
+ 2009-03-08 09:39 . 2009-03-08 09:39 11063808 c:\windows\system32\ieframe.dll
+ 2004-08-04 12:00 . 2006-10-19 02:47 10834432 c:\windows\system32\dllcache\wmp.dll
+ 2006-12-12 19:49 . 2010-01-12 17:03 10276768 c:\windows\system32\dllcache\nv4_mini.sys
+ 2010-04-18 22:12 . 2010-04-18 22:12 15710720 c:\windows\Installer\d3217.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-08-08 16:28 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SBAMTray"="c:\program files\Sunbelt Software\VIPRE\SBAMTray.exe" [2010-02-22 1291600]
"nwiz"="nwiz.exe" [N/A]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-12 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-12 13666408]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Calendar Sync.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk
backup=c:\windows\pss\Google Calendar Sync.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Program Neighborhood Agent.lnk
backup=c:\windows\pss\Program Neighborhood Agent.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 -c----r- c:\windows\Alcmtr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-12-12 13:30 132392 -c--a-w- c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2006-08-17 17:32 17920 ----a-w- c:\windows\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
2006-12-12 15:46 20480 ----a-w- c:\windows\system32\Ctxfihlp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 -c--a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDTray]
2004-09-03 08:58 65536 ------w- c:\program files\Ahead\ODD Toolkit\dvdtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneV]
2004-06-15 01:54 200704 ----a-w- c:\program files\Gigabyte\ET5\GUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GBB36X Configure]
2006-06-02 08:46 385024 ------r- c:\windows\system32\JMRaidTool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
c:\documents and settings\Preston\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2008-08-08 16:27 1083176 ----a-w- c:\program files\Nero\Nero8\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
c:\program files\iTunes\iTunesHelper.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Codec Update Service]
c:\program files\Essentials Codec Pack\update.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
c:\progra~1\SBCLIG~1\SMARTB~1\MotiveSB.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
c:\program files\Messenger\msmsgs.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
c:\program files\MSN Messenger\msnmsgr.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
c:\program files\Microsoft Security Essentials\msseces.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MtdAcqu]
2006-03-08 13:56 278528 -c----w- c:\program files\Creative\MediaSource5\MtdAcqu.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-12-02 20:29 2221352 -c--a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-11-06 13:25 570664 -c--a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-01-12 03:17 13666408 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-01-12 03:17 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlaxoUpdate]
2007-10-10 21:46 226890 -c--a-w- c:\program files\Plaxo\2.13.1.2\PlaxoHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
c:\program files\QuickTime\qttask.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RCSystem]
c:\program files\Creative\Shared Files\Module Loader\DLLML.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-05-27 02:47 16208384 ------r- c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2008-08-08 16:28 2049320 -c--a-w- c:\program files\Nero\Nero8\InCD\NBHGui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 -c----r- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-03-12 04:08 1217872 ----a-w- c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\Java\jre6\bin\jusched.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
c:\program files\Common Files\Real\Update_OB\realsched.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SolidWorks Licensing Service"=3 (0x3)
"NeroRegInCDSrv"=2 (0x2)
"Nero BackItUp Scheduler 3"=2 (0x2)
"MSSQLServerADHelper"=3 (0x3)
"MSSQL$MICROSOFTSMLBIZ"=2 (0x2)
"LightScribeService"=2 (0x2)
"iPod Service"=3 (0x3)
"gusvc"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"gupdate"=2 (0x2)
"WZCSVC"=2 (0x2)
"UPS"=3 (0x3)
"TrkWks"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SoundMovieServer"=3 (0x3)
"mnmsrvc"=3 (0x3)
"LiveUpdate"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"ISSVC"=2 (0x2)
"nTuneService"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [4/18/2010 2:28 AM 13400]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [10/14/2009 3:39 AM 95024]
R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [4/18/2010 2:22 AM 204632]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [4/18/2010 2:28 AM 69720]
R2 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [4/18/2010 2:22 AM 85080]
R2 SBPIMSvc;SB Recovery Service;c:\program files\Sunbelt Software\VIPRE\SBPIMSvc.exe [2/21/2010 9:39 PM 181584]
R3 TunRDriverV32;TunRDriverV32;c:\windows\system32\drivers\TunRDriverV32.sys [8/9/2007 2:35 AM 506496]
R3 TunRVideo32;TunRVideo32;c:\windows\system32\drivers\TunRVideo32.sys [3/28/2008 6:19 PM 3768]
S0 AmdAcpi;AmdAcpi Bus Filter Driver; [x]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2/14/2007 12:20 AM 646392]
S2 SBAMSvc;VIPRE Antivirus;c:\program files\Sunbelt Software\VIPRE\SBAMSvc.exe [2/21/2010 9:40 PM 2726000]
S3 amdtools;AMD Special Tools Driver; [x]
S3 ctlsb16;Creative SB16/AWE32/AWE64 Driver (WDM);c:\windows\system32\drivers\ctlsb16.sys [2/13/2007 4:51 AM 96256]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S4 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [8/8/2008 11:28 AM 53032]
S4 SoundMovieServer;SoundMovieServer;c:\windows\system32\snmvtsvc.exe [3/28/2008 6:19 PM 184320]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {3D5F4B42-A6AD-4F31-BC6B-C4BA6AAEF08B} - hxxps://www.wm-mobile.ubs.com/md/plugin/excel_mobil/excel.cab
.
- - - - ORPHANS REMOVED - - - -
AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-18 17:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,29,91,af,8a,62,28,57,48,91,52,3e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,29,91,af,8a,62,28,57,48,91,52,3e,\
.
Completion time: 2010-04-18 17:44:20
ComboFix-quarantined-files.txt 2010-04-18 22:44
ComboFix2.txt 2010-04-18 11:32
ComboFix3.txt 2010-04-18 10:42
ComboFix4.txt 2010-04-18 07:14
ComboFix5.txt 2010-04-18 22:33
Pre-Run: 68,782,198,784 bytes free
Post-Run: 68,754,870,272 bytes free
Current=3 Default=3 Failed=4 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - FB8BB57ECF35FB4DFE9F375D6D074B6B