ComboFix 10-03-20.06 - HP_Owner 3/2010 Tue 9:40.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.932.81.1033.18.894.466 [GMT -4:00]
Running from: c:\documents and settings\HP_Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\HP_Owner\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FILE ::
"c:\documents and settings\hp_owner\start menu\programs\startup\powerreg scheduler.exe"
"c:\windows\downloaded program files\hgstart9usa.exe"
"d:\i386\apps\app22084\src\hpsummer2005.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\hp_owner\start menu\programs\startup\powerreg scheduler.exe
c:\program files\wildtangent\
c:\program files\wildtangent\\Apps\ActiveLauncher\ActiveLauncher.ini
c:\program files\wildtangent\\Apps\ActiveLauncher\ActiveLauncher0200.dll
c:\program files\wildtangent\\Apps\CDA\CDAEngine0400.dll
c:\program files\wildtangent\\Apps\CDA\CDALogger.dll
c:\program files\wildtangent\\Apps\CDA\CDAUninstall.exe
c:\program files\wildtangent\\Apps\CDA\ControlPanel\CDA\about.html
c:\program files\wildtangent\\Apps\CDA\ControlPanel\CDA\cache.html
c:\program files\wildtangent\\Apps\CDA\ControlPanel\CDA\updates.html
c:\program files\wildtangent\\Apps\CDA\ControlPanel\DMMP\index.html
c:\program files\wildtangent\\Apps\CDA\ControlPanel\DRM\index.html
c:\program files\wildtangent\\Apps\CDA\ControlPanel\index.html
c:\program files\wildtangent\\Apps\CDA\ControlPanel\nav.html
c:\program files\wildtangent\\Apps\CDA\ControlPanel\Webd\index.html
c:\program files\wildtangent\\Apps\CDA\ControlPanel\wt.gif
c:\program files\wildtangent\\Apps\CDA\GameData\queue.dat
c:\program files\wildtangent\\Apps\CDA\OtherLicenses.txt
c:\program files\wildtangent\\Apps\CDA\wt.ico
c:\program files\wildtangent\\Apps\CDA\wtControlPanel.cpl
c:\program files\wildtangent\\Apps\DRM0302.dll
c:\program files\wildtangent\\Apps\DRM0302java.jar
c:\program files\wildtangent\\Apps\GameChannel\Games\14DD9322-0AAE-4DA4-90A9-EB42CF296127\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\14DD9322-0AAE-4DA4-90A9-EB42CF296127\opsp.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\14DD9322-0AAE-4DA4-90A9-EB42CF296127\sg.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\36317AE4-57EC-4F3E-B828-009A3DD96BE8\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\bonus1_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\demo_1_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\demo_2_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\demo_3_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\demo_4_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\demo_5_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\tutorial1_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\tutorial2_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\3F34F72F-9BB0-4B73-8312-558953ACF56F\previews\tutorial3_map.png
c:\program files\wildtangent\\Apps\GameChannel\Games\58D1A004-6D3C-480A-9E0D-FAA58F3C2A62\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\58D1A004-6D3C-480A-9E0D-FAA58F3C2A62\options.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\6723E59E-322A-417A-8E03-27A61E18253C\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\741C4983-B139-407A-AD4E-3D6C7B29704B\config.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\741C4983-B139-407A-AD4E-3D6C7B29704B\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\7CEF0F00-BA1B-4861-A102-38CC86CA622B\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\7CEF0F00-BA1B-4861-A102-38CC86CA622B\options.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\8C4E79CC-03E1-43AA-9910-9A5113F24603\data.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\8C4E79CC-03E1-43AA-9910-9A5113F24603\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502\data.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\B2D3332F-EA2D-42B3-8E4A-F74D052BCBC1\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\B41503CB-5FE0-47E0-87C1-47BA8E660BCC\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A\ws.js
c:\program files\wildtangent\\Apps\GameChannel\Games\D11F7128-8CBD-408B-8BF8-034604DEDD42\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292\settings
c:\program files\wildtangent\\Apps\GameChannel\Games\E2A4EA31-80A1-4460-9510-631AF4D6A636\buyPage.js
c:\program files\wildtangent\\Apps\GameChannel\Games\E2A4EA31-80A1-4460-9510-631AF4D6A636\clientOptions.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\E2A4EA31-80A1-4460-9510-631AF4D6A636\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Games\F5215F01-DFC0-475D-A910-6F1AF94E807E\def.dat
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\background.jpg
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\bucket-over.png
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\bucket.png
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\close-over.jpg
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\customersupport-over.jpg
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\downarrow-on.gif
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\downarrow.gif
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\getmoregames-over.jpg
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\keyboardmouse.png
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\no-over.png
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\no.png
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\nothumb.jpg
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\remote.png
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\spacer.gif
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\stylesheet.css
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\uparrow-on.gif
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\uparrow.gif
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\yes-over.png
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\600h\yes.png
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\browse.exe
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\dialog.htm
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\dp.js
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\gamelauncher.exe
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\gamelauncher.htm
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\icon.ico
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\scripts\games.js
c:\program files\wildtangent\\Apps\GameChannel\Notifications\hpwelcome\scripts\nav.js
c:\program files\wildtangent\\Apps\gcpostuninstall.exe
c:\program files\wildtangent\\Apps\icon.ico
c:\program files\wildtangent\\Apps\onplay.exe
c:\program files\wildtangent\\Apps\rDRM0302.dll
c:\program files\wildtangent\\Apps\sm_action.ico
c:\program files\wildtangent\\Apps\sm_adventure.ico
c:\program files\wildtangent\\Apps\sm_arcade.ico
c:\program files\wildtangent\\Apps\sm_contests.ico
c:\program files\wildtangent\\Apps\sm_popular.ico
c:\program files\wildtangent\\Apps\sm_puzzle.ico
c:\program files\wildtangent\\Apps\sm_sports.ico
c:\program files\wildtangent\\Apps\sm_strategy.ico
c:\program files\wildtangent\\Apps\sm_wildboards.ico
c:\program files\wildtangent\\Components\wtAppConfig0200.dll
c:\program files\wildtangent\\Components\wtCache0200.dll
c:\program files\wildtangent\\Components\wtCookie0200.dll
c:\program files\wildtangent\\Components\wtDownloader0200.dll
c:\program files\wildtangent\\Components\wtGameData0200.dll
c:\program files\wildtangent\\Components\wtGUI0200.dll
c:\program files\wildtangent\\Components\wtIO0200.dll
c:\program files\wildtangent\\Components\wtKernel0200.dll
c:\program files\wildtangent\\Components\wtLua0200.dll
c:\program files\wildtangent\\Components\wtNetworking0200.dll
c:\program files\wildtangent\\Components\wtPropertyBag0200.dll
c:\program files\wildtangent\\Components\wtScript0200.dll
c:\program files\wildtangent\\Components\wtSerialization0200.dll
c:\program files\wildtangent\\Components\wtStreamProcessing0200.dll
c:\program files\wildtangent\\Components\wtSystem0200.dll
c:\program files\wildtangent\\Components\wtSystemConfig0200.dll
c:\program files\wildtangent\\Components\wtUserSupport0200.dll
c:\program files\wildtangent\\Components\wtXml0200.dll
c:\program files\wildtangent\\LFS\AppConfig\CDA.wtcfg
c:\program files\wildtangent\\LFS\Cache\Cache.dat
c:\program files\wildtangent\\LFS\CDAData\Checkin\download.html
c:\program files\wildtangent\\LFS\CDAData\Checkin\downloadTrayIconData.cdas
c:\program files\wildtangent\\LFS\CDAData\Checkin\icon.ico
c:\program files\wildtangent\\LFS\CDAData\Checkin\install.html
c:\program files\wildtangent\\LFS\CDAData\Checkin\install_complete.html
c:\program files\wildtangent\\LFS\CDAData\Checkin\install_progress.html
c:\program files\wildtangent\\LFS\CDAData\Checkin\installTrayIconData.cdas
c:\program files\wildtangent\\LFS\CDAData\Checkin\inuse.html
c:\program files\wildtangent\\LFS\CDAData\Checkin\inuseitems.html
c:\program files\wildtangent\\LFS\CDAData\Checkin\items.html
c:\program files\wildtangent\\LFS\CDAData\Checkin\style.css
c:\program files\wildtangent\\LFS\CDAData\Checkin\wt.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\CDAOnlyScreen\style.css
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\CDAOnlyScreen\uninstall_prompt.html
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\ErrorScreen\style.css
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\ErrorScreen\uninstall_error.html
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\FinishedScreen\style.css
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\FinishedScreen\uninstall_complete.html
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\bc.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\bl.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\br.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\btm.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\cancel-over.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\cancel.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\finish-over.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\finish.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\header.jpg
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\le.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\mb.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\next-over.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\next.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\re.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\retry-over.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\Images\retry.gif
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\InUseScreen\inuse.html
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\InUseScreen\items.html
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\InUseScreen\style.css
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\ProgressScreen\style.css
c:\program files\wildtangent\\LFS\CDAData\UninstallerUI\ProgressScreen\uninstall_progress.html
c:\program files\wildtangent\\LFS\Scripts\Common\CL01.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\CL01_Files.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\CL01_LFSInit.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\CL01_Registry.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\CL01_Scheduler.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\CL01_String.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\CL01_User.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\DpidLibrary_01.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\MasterUpdateLibrary_01.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\UI_Stub.cdas
c:\program files\wildtangent\\LFS\Scripts\Common\UrlUpdateList.cdas
c:\program files\wildtangent\\LFS\Scripts\Downloaded\MasterUpdate.cdas
c:\program files\wildtangent\\LFS\Scripts\GameData.log
c:\program files\wildtangent\\LFS\Scripts\Install\CPL_fileList.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\CPL_uninstall.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\DMMP_fileList.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\DMMP_install.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\DMMP_Uninstall.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\DRM0302_fileList.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\DRM0302_install.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\DRM0302_Uninstall.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\UI_checkin.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\Webd331_filelist.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\Webd331_Uninstall.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\Webd4_1_1_fileList.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\Webd4_1_1_install.cdas
c:\program files\wildtangent\\LFS\Scripts\Install\Webd4_1_1_Uninstall.cdas
c:\program files\wildtangent\\LFS\Scripts\Uninstall\DMMP.cdanfo
c:\program files\wildtangent\\LFS\Scripts\Uninstall\DRM0302.cdanfo
c:\program files\wildtangent\\LFS\Scripts\Uninstall\Uninstaller.cdas
c:\program files\wildtangent\\LFS\Scripts\Uninstall\Webd331.cdanfo
c:\program files\wildtangent\\LFS\Scripts\Uninstall\Webd4_1_1.cdanfo
c:\program files\wildtangent\\LFS\System\wt.sto
c:\program files\wildtangent\\LFS\TaskStore\Bandwidth.cdaes
c:\program files\wildtangent\\LFS\TaskStore\Bandwidth.cdaet
c:\program files\wildtangent\\LFS\TaskStore\CreateAppConfig.cdaed
c:\program files\wildtangent\\LFS\TaskStore\CreateAppConfig.cdaes
c:\program files\wildtangent\\LFS\TaskStore\CreateAppConfig.cdaet
c:\program files\wildtangent\\LFS\TaskStore\GameData.cdaed
c:\program files\wildtangent\\LFS\TaskStore\GameData.cdaes
c:\program files\wildtangent\\LFS\TaskStore\GameData.cdaet
c:\program files\wildtangent\\LFS\TaskStore\Maint.cdaed
c:\program files\wildtangent\\LFS\TaskStore\Maint.cdaes
c:\program files\wildtangent\\LFS\TaskStore\Maint.cdaet
c:\program files\wildtangent\\LFS\TaskStore\MigrateDpid.cdaed
c:\program files\wildtangent\\LFS\TaskStore\MigrateDpid.cdaes
c:\program files\wildtangent\\LFS\TaskStore\MigrateDpid.cdaet
c:\program files\wildtangent\\LFS\TaskStore\NewUser.cdaed
c:\program files\wildtangent\\LFS\TaskStore\NewUser.cdaes
c:\program files\wildtangent\\LFS\TaskStore\NewUser.cdaet
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateLibrary01.cdas
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateNormal.cdaed
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateNormal.cdaes
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateNormal.cdaet
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateQuick.cdaed
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateQuick.cdaes
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateQuick.cdaet
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateRestart.cdaed
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateRestart.cdaes
c:\program files\wildtangent\\LFS\TaskStore\PersistentUpdateRestart.cdaet
c:\program files\wildtangent\\LFS\TaskStore\ShutdownTest.cdaed
c:\program files\wildtangent\\LFS\TaskStore\ShutdownTest.cdaes
c:\program files\wildtangent\\LFS\TaskStore\ShutdownTest.cdaet
c:\program files\wildtangent\\LFS\TaskStore\SystemConfiguration.cdaed
c:\program files\wildtangent\\LFS\TaskStore\SystemConfiguration.cdaes
c:\program files\wildtangent\\LFS\TaskStore\SystemConfiguration.cdaet
c:\program files\wildtangent\\LFS\TaskStore\updatecda.cdaet
c:\program files\wildtangent\\LFS\TaskStore\UrlUpdate.cdaed
c:\program files\wildtangent\\LFS\TaskStore\UrlUpdate.cdaes
c:\program files\wildtangent\\LFS\TaskStore\UrlUpdate.cdaet
c:\program files\wildtangent\\LFS\TaskStore\verify.cdaes
c:\program files\wildtangent\\LFS\TaskStore\verify.cdaet
c:\program files\wildtangent\\LFS\TaskStore\WeeklyCDA.cdaes
c:\program files\wildtangent\\LFS\TaskStore\WeeklyCDA.cdaet
c:\program files\wildtangent\\LicenseStores\WT\029DCD25-76A5-48e8-9DC1-062D2834960A.wtlic
c:\program files\wildtangent\\LicenseStores\WT\058D8AB2-0002-4963-8BEF-C53407A55AB8.wtlic
c:\program files\wildtangent\\LicenseStores\WT\1B582D5A-05F4-4db0-B102-C6D2DB918432.wtlic
c:\program files\wildtangent\\LicenseStores\WT\262A5CE3-8F27-44D5-A8A1-6A7B46A46B1A.wtlic
c:\program files\wildtangent\\LicenseStores\WT\5C360522-2C85-4f21-AE16-6A9418BBA671.wtlic
c:\program files\wildtangent\\LicenseStores\WT\5F7E059C-CAEF-43ad-9378-DD87D8B6B154.wtlic
c:\program files\wildtangent\\LicenseStores\WT\663B3761-603B-4a7f-84C3-E4B22FC55514.wtlic
c:\program files\wildtangent\\LicenseStores\WT\6B57A67C-2FDE-45c9-A9CE-DFB37E064CA2.wtlic
c:\program files\wildtangent\\LicenseStores\WT\6DEEEEDF-6404-4f02-AE07-4F4CB1A3D5F6.wtlic
c:\program files\wildtangent\\LicenseStores\WT\6E19C296-7722-4e20-A653-2CEA4DCBF293.wtlic
c:\program files\wildtangent\\LicenseStores\WT\A7456F43-E255-4c09-90BD-81EC82890C69.wtlic
c:\program files\wildtangent\\LicenseStores\WT\B2F422C1-3F25-4731-9CC9-1EBD63C09201.wtlic
c:\program files\wildtangent\\LicenseStores\WT\BCBEABA9-E474-475f-8966-7F777840D3A9.wtlic
c:\program files\wildtangent\\LicenseStores\WT\C558B8C5-EFC2-4643-84C5-F4F2596C29C4.wtlic
c:\program files\wildtangent\\LicenseStores\WT\D50F01E1-31B0-4be6-B9D1-ED53D3BFD5BD.wtlic
c:\program files\wildtangent\\LicenseStores\WT\e4ecfc27-a439-4015-8525-9cfd06b6d203.wtlic
c:\program files\wildtangent\\LicenseStores\WT\FAE5F8B1-E98F-48ca-A6DA-5516E6011963.wtlic
c:\program files\wildtangent\\LicenseStores\WT\WT.sto
c:\windows\downloaded program files\hgstart9usa.exe
d:\i386\apps\app22084\src\hpsummer2005.exe
.
((((((((((((((((((((((((( Files Created from 2010-02-23 to 2010-03-23 )))))))))))))))))))))))))))))))
.
2010-03-23 02:46 . 2010-03-23 02:47 -------- d-----w- C:\ERDNT
2010-03-22 20:19 . 2010-03-22 20:19 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\SupportSoft
2010-03-21 21:20 . 2009-06-30 13:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-03-21 21:19 . 2010-03-21 21:19 -------- d-----w- c:\program files\Panda Security
2010-03-21 21:12 . 2010-03-21 21:12 -------- d-----w- c:\program files\CCleaner
2010-03-21 04:37 . 2010-03-21 04:37 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-20 21:16 . 2010-03-21 04:36 -------- d-----w- C:\RECYCLER(2)
2010-03-18 13:53 . 2010-03-23 12:33 -------- d-----w- C:\WTablet
2010-03-18 03:10 . 2010-03-18 03:10 2157 ----a-w- c:\documents and settings\HP_Owner\Application Data\.purple\certificates\x509\tls_peers\omega.contacts.msn.com
2010-03-18 02:44 . 2010-03-18 02:44 2145 ----a-w- c:\documents and settings\HP_Owner\Application Data\.purple\certificates\x509\tls_peers\ows.messenger.msn.com
2010-03-18 01:15 . 2010-03-18 01:15 1065 ----a-w- c:\documents and settings\HP_Owner\Application Data\.purple\certificates\x509\tls_peers\gmail.com
2010-03-18 01:15 . 2010-03-18 01:15 1089 ----a-w- c:\documents and settings\HP_Owner\Application Data\.purple\certificates\x509\tls_peers\login.yahoo.com
2010-03-18 01:15 . 2010-03-18 01:15 2095 ----a-w- c:\documents and settings\HP_Owner\Application Data\.purple\certificates\x509\tls_peers\login.live.com
2010-03-16 15:36 . 2010-03-16 15:36 -------- d-----w- c:\program files\iPod
2010-03-16 15:36 . 2010-03-16 15:37 -------- d-----w- c:\program files\iTunes
2010-03-16 15:36 . 2010-03-16 15:37 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-03-16 15:35 . 2010-03-16 15:35 -------- d-----w- c:\program files\Bonjour
2010-03-16 15:34 . 2010-03-16 15:34 -------- d-----w- c:\program files\Apple Software Update
2010-03-16 15:34 . 2010-03-16 15:34 -------- d-----w- c:\documents and settings\Mom-mom\Local Settings\Application Data\Apple
2010-03-16 15:32 . 2010-03-16 15:36 -------- d-----w- c:\program files\Common Files\Apple
2010-03-15 21:13 . 2010-03-15 21:13 503808 ----a-w- c:\documents and settings\HP_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-203b1fa8-n\msvcp71.dll
2010-03-15 21:13 . 2010-03-15 21:13 499712 ----a-w- c:\documents and settings\HP_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-203b1fa8-n\jmc.dll
2010-03-15 21:13 . 2010-03-15 21:13 348160 ----a-w- c:\documents and settings\HP_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-203b1fa8-n\msvcr71.dll
2010-03-15 21:13 . 2010-03-15 21:13 61440 ----a-w- c:\documents and settings\HP_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7a035832-n\decora-sse.dll
2010-03-15 21:13 . 2010-03-15 21:13 12800 ----a-w- c:\documents and settings\HP_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7a035832-n\decora-d3d.dll
2010-03-15 04:21 . 2010-03-15 04:21 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-03-15 02:58 . 2010-03-15 02:58 348160 ----a-w- c:\documents and settings\Mom-mom\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-69ffba6d-n\msvcr71.dll
2010-03-15 02:58 . 2010-03-15 02:58 503808 ----a-w- c:\documents and settings\Mom-mom\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-69ffba6d-n\msvcp71.dll
2010-03-15 02:58 . 2010-03-15 02:58 499712 ----a-w- c:\documents and settings\Mom-mom\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-69ffba6d-n\jmc.dll
2010-03-15 02:58 . 2010-03-15 02:58 61440 ----a-w- c:\documents and settings\Mom-mom\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-564f17db-n\decora-sse.dll
2010-03-15 02:58 . 2010-03-15 02:58 12800 ----a-w- c:\documents and settings\Mom-mom\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-564f17db-n\decora-d3d.dll
2010-03-14 22:58 . 2010-03-15 00:13 -------- d-----w- c:\documents and settings\Mom-mom\Application Data\WTouch
2010-03-14 16:42 . 2010-03-14 16:42 2165 ----a-w- c:\documents and settings\HP_Owner\Application Data\.purple\certificates\x509\tls_peers\rsi.hotmail.com
2010-03-13 16:20 . 2010-03-23 13:36 -------- d-----w- c:\documents and settings\LocalService\Application Data\WTablet
2010-03-13 03:21 . 2010-03-21 04:35 -------- d-----w- c:\documents and settings\Mom-mom\Application Data\WTablet
2010-03-12 20:22 . 2010-03-12 20:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
2010-03-12 20:22 . 2010-03-12 20:22 -------- d-----w- c:\program files\Corel
2010-03-12 19:36 . 2010-03-23 13:38 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\WTablet
2010-03-12 19:36 . 2010-03-12 23:24 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\WTouch
2010-03-12 19:36 . 2009-07-15 16:13 220968 ------w- c:\windows\system32\Touch_Tablet.dll
2010-03-12 19:35 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-03-12 19:35 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2010-03-12 19:14 . 2010-03-12 19:14 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-07 18:22 . 2010-03-07 18:22 13264416 ----a-w- c:\documents and settings\HP_Owner\Application Data\Dropbox\cache\Dropbox-update-0.7.110.exe
2010-02-26 05:10 . 2010-02-26 05:10 21979992 ----a-w- c:\documents and settings\HP_Owner\Application Data\Dropbox\bin\Dropbox.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-22 19:43 . 2010-02-13 22:31 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\foobar2000
2010-03-21 23:47 . 2009-12-06 04:44 0 ----a-w- c:\documents and settings\HP_Owner\Local Settings\Application Data\prvlcl.dat
2010-03-21 21:15 . 2006-07-13 15:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-03-21 04:37 . 2007-08-22 15:46 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\gtk-2.0
2010-03-20 22:21 . 2009-02-19 19:16 -------- d-----w- c:\program files\Unity
2010-03-18 13:52 . 2009-09-19 19:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-18 03:54 . 2009-07-23 04:21 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\.purple
2010-03-16 16:10 . 2005-07-21 05:00 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Apple Computer
2010-03-16 15:50 . 2005-07-21 18:54 -------- d-----w- c:\documents and settings\Mom-mom\Application Data\Apple Computer
2010-03-16 15:49 . 2005-07-22 01:57 85048 ----a-w- c:\documents and settings\Mom-mom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-16 15:34 . 2009-12-12 05:23 -------- d-----w- c:\program files\QuickTime Alternative
2010-03-16 15:34 . 2005-06-16 19:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-03-15 21:12 . 2009-02-12 14:13 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-15 21:01 . 2005-06-16 19:16 -------- d-----w- c:\program files\Java
2010-03-12 20:52 . 2005-07-22 01:57 85048 ----a-w- c:\documents and settings\HP_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-12 20:52 . 2007-07-12 23:30 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Corel
2010-03-12 19:36 . 2010-03-12 19:36 -------- d-----w- c:\program files\WTouch
2010-03-12 19:36 . 2010-03-12 19:35 -------- d-----w- c:\program files\Tablet
2010-03-12 19:15 . 2009-07-23 16:50 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-12 19:14 . 2009-07-23 16:50 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-12 19:14 . 2009-07-23 16:50 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-11 20:52 . 2005-06-16 19:16 -------- d-----w- c:\program files\Common Files\Java
2010-03-09 20:57 . 2005-08-18 00:26 9766 ----a-w- c:\documents and settings\HP_Owner\Application Data\wklnhst.dat
2010-03-07 18:24 . 2009-09-24 01:16 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Dropbox
2010-03-07 18:23 . 2009-09-24 01:16 91696 ----a-w- c:\documents and settings\HP_Owner\Application Data\Dropbox\bin\Uninstall.exe
2010-02-24 23:55 . 2009-12-07 06:11 1890 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-02-24 23:55 . 2009-12-07 06:11 1890 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-02-23 20:42 . 2006-02-08 16:09 -------- d-----w- c:\program files\Watchtower
2010-02-20 04:35 . 2010-02-20 04:35 -------- d-----w- c:\program files\Pidgin
2010-02-15 22:41 . 2010-02-15 22:41 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-02-13 22:31 . 2010-02-13 22:31 -------- d-----w- c:\program files\foobar2000
2010-02-13 18:48 . 2006-11-12 19:42 -------- d--h--r- c:\documents and settings\HP_Owner\Application Data\yahoo!
2010-02-13 18:48 . 2006-05-05 17:59 -------- d-----w- c:\documents and settings\All Users\Application Data\yahoo!
2010-02-13 18:48 . 2006-05-05 17:57 -------- d-----w- c:\program files\Yahoo!
2010-02-13 18:44 . 2009-04-12 17:34 -------- d-----w- c:\program files\Pando Networks
2010-02-13 18:29 . 2005-06-16 19:53 -------- d-----w- c:\program files\Easy Internet signup
2010-02-13 01:05 . 2010-02-13 01:05 -------- d-----w- c:\program files\Livestream Procaster
2010-02-11 01:55 . 2008-02-29 20:19 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\uTorrent
2010-02-08 22:49 . 2009-08-24 21:45 -------- d-----w- c:\program files\LMMS 0.4.5
2010-02-08 22:48 . 2010-02-08 22:48 -------- d-----w- c:\program files\LMMS 0.4.6
2010-02-06 16:02 . 2010-02-06 16:02 -------- d-----w- c:\program files\SystemRequirementsLab
2010-02-06 16:02 . 2010-02-06 16:02 138240 ----a-w- c:\documents and settings\HP_Owner\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2010-02-06 16:02 . 2010-02-06 16:02 138240 ----a-w- c:\documents and settings\HP_Owner\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2010-02-06 16:02 . 2010-02-06 16:02 138240 ----a-w- c:\documents and settings\HP_Owner\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2010-02-06 16:02 . 2010-02-06 16:02 138240 ----a-w- c:\documents and settings\HP_Owner\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2010-02-06 16:02 . 2010-02-06 16:02 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\SystemRequirementsLab
2010-01-29 21:03 . 2009-05-21 18:21 1025536 ----a-w- c:\documents and settings\HP_Owner\Application Data\Scirra\Temp.exe
2010-01-29 21:03 . 2008-12-19 16:18 106496 ----a-w- c:\documents and settings\HP_Owner\Application Data\Scirra\Installer.exe
2010-01-29 21:03 . 2008-11-02 13:29 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Scirra
2010-01-20 01:49 . 2008-06-02 03:41 1 ----a-w- c:\documents and settings\HP_Owner\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-01-07 20:07 . 2009-09-19 19:32 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 20:07 . 2009-09-19 19:32 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 05:37 . 2005-03-20 20:15 245760 ----a-w- c:\windows\system32\Flux.scr
2010-01-04 22:50 . 2009-11-27 01:44 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2007-07-12 23:30 . 2007-07-12 23:30 848 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\common files\webroot shared\ ----
2006-04-12 18:50 . 2003-09-11 09:00 37888 ----a-w- c:\program files\common files\webroot shared\\WinUtils.dll
2006-04-12 18:50 . 2003-10-08 09:00 42496 ----a-w- c:\program files\common files\webroot shared\\ShellWash.dll
2006-04-12 18:50 . 2003-09-11 09:00 33280 ----a-w- c:\program files\common files\webroot shared\\Office.dll
2006-04-12 18:50 . 2003-09-11 09:00 34816 ----a-w- c:\program files\common files\webroot shared\\Nscp.dll
2006-04-12 18:50 . 2003-09-11 09:00 31744 ----a-w- c:\program files\common files\webroot shared\\Internet.dll
(((((((((((((((((((((((((((((
SnapShot@2010-03-21_20.25.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-23 13:36 . 2010-03-23 13:36 16384 c:\windows\Temp\Perflib_Perfdata_7a8.dat
- 2005-01-26 21:58 . 2010-03-14 16:41 71868 c:\windows\system32\perfc009.dat
+ 2005-01-26 21:58 . 2010-03-22 19:59 71868 c:\windows\system32\perfc009.dat
+ 2005-01-26 21:58 . 2010-03-22 19:59 442602 c:\windows\system32\perfh009.dat
- 2005-01-26 21:58 . 2010-03-14 16:41 442602 c:\windows\system32\perfh009.dat
+ 2004-08-04 04:00 . 2004-08-04 04:00 245248 c:\windows\system32\mswsock.dll
- 2004-08-04 04:00 . 2008-06-20 17:41 245248 c:\windows\system32\mswsock.dll
+ 2004-08-04 04:00 . 2005-07-26 04:20 243200 c:\windows\system32\es.dll
+ 2008-08-20 20:19 . 2007-10-30 17:20 360064 c:\windows\system32\drivers\tcpip.sys
- 2008-06-20 11:51 . 2007-10-30 17:20 360064 c:\windows\system32\dllcache\tcpip.sys
+ 2008-08-20 20:19 . 2007-10-30 17:20 360064 c:\windows\system32\dllcache\tcpip.sys
- 2008-06-20 17:46 . 2004-08-04 04:00 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-04 04:00 . 2004-08-04 04:00 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-04 04:00 . 2005-07-26 04:20 243200 c:\windows\system32\dllcache\es.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\HP_Owner\Application Data\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\HP_Owner\Application Data\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\HP_Owner\Application Data\Dropbox\bin\DropboxExt.13.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpySweeper"="c:\program files\Webroot\Spy Sweeper\SpySweeper.exe" [2005-01-06 3552256]
"Window Washer"="c:\program files\Webroot\Washer\wwDisp.exe" [2003-10-08 198144]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-25 245760]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-06-16 180269]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [2004-07-27 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 75520]
"QuickTime Task"="c:\program files\QuickTime Alternative\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-12 19:14 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\biosyer]
[BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[BU]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 22:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Livestream Procaster]
2009-12-17 20:44 6477088 ----a-w- c:\program files\Livestream Procaster\Procaster.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\HP_Owner\\Desktop\\Desktop\\new indie\\vanpri101\\ƒ”ƒ@ƒ“ƒK[ƒhƒvƒŠƒ“ƒZƒX\\LunaPort.exe"=
"c:\\Program Files\\Pidgin\\pidgin.exe"=
"c:\\Documents and Settings\\HP_Owner\\My Documents\\Webby Fun\\nvu-1.0\\nvu.exe"=
"c:\\Program Files\\WorldOfGoo\\WorldOfGoo.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Documents and Settings\\HP_Owner\\Desktop\\Desktop\\doujin\\AkatsukiBK\\Akatsuki BK\\akatsukibk.exe"=
"c:\\Program Files\\Opera 10 Beta\\opera.exe"=
"c:\\Documents and Settings\\HP_Owner\\Desktop\\Desktop\\Guilty_Gear_XX_Reload\\Guilty_Gear_XX_Reload\\ggxx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6900:TCP"= 6900:TCP:login-server_sql
"6121:TCP"= 6121:TCP:char-server_sql
"5121:TCP"= 5121:TCP:map-server_sql
"7500:UDP"= 7500:UDP:Lunaport
"1110:TCP"= 1110:TCP:Wanderlust
"1110:UDP"= 1110:UDP:Wanderlust
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [3/21/2010 5:20 PM 28552]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [7/23/2009 12:50 PM 216200]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [7/23/2009 12:50 PM 242696]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3/12/2010 3:14 PM 308064]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [3/12/2010 3:35 PM 4408616]
R2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [3/12/2010 3:36 PM 112936]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/26/2009 9:44 PM 691696]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.yahoo.com/uDefault_Search_URL =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktopuSearchMigratedDefaultURL =
hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7mStart Page =
hxxp://www.yahoo.com/mSearch Bar =
hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.htmluInternet Connection Wizard,ShellNext =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktopuInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) =
hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.comIE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cabFF - ProfilePath - c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\o43jd9p5.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.yahoo.com/search?fr=ffsp1&p=FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage -
hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:officialFF - prefs.js: keyword.URL -
hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p=FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\o43jd9p5.default\extensions\wildpocketsloader@simopsstudios.com\plugins\npWildPocketsLoader.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\NPSWF32.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -
BHO-{87B39588-5A6D-466D-ABE5-1EF3E113F0E7} - (no file)
BHO-{c5850c95-19ec-4721-9c26-9038fb726f26} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-03-23 09:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-815478324-241836720-3004507354-1009\Software\InterVideo\Common\AUDIODEC\û0*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-815478324-241836720-3004507354-1009\Software\SecuROM\License information*]
"datasecu"=hex:a1,22,19,07,81,28,c7,35,8e,73,4f,27,85,45,42,c5,9c,76,cc,14,87,
44,d7,ae,6c,81,a1,7f,89,73,35,b3,1d,3c,d8,5d,87,ee,55,7c,fe,ea,37,5e,e8,87,\
"rkeysecu"=hex:bc,9a,c5,64,d2,95,55,68,e7,36,14,89,a7,c6,31,0c
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(496)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-03-23 09:49:56
ComboFix-quarantined-files.txt 2010-03-23 13:49
ComboFix2.txt 2010-03-21 20:56
ComboFix3.txt 2010-03-21 20:28
ComboFix4.txt 2010-03-20 20:53
ComboFix5.txt 2010-03-23 13:39
Pre-Run: 102,899,179,520 bytes free
Post-Run: 102,853,574,656 bytes free
- - End Of File - - 3815B57A1127F49ACC7CECC6DF19BAC3