Update... In an attempt to make Win Recovery Console available, I ran ComboFix... as it installed the recovery console to begin with (if memory serves?)... and it detected rootkit activity, restarted, and ran completely NOT in safe mode (which heretofore had not been possible due to BSoD), and produced the following log.
ComboFix 11-04-10.03 - Family 04/11/2011 7:25.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.529 [GMT -4:00]
Running from: c:\documents and settings\Family\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infected copy of c:\windows\system32\drivers\volsnap.sys was found and disinfected
Restored copy from - Kitty had a snack :p
.
((((((((((((((((((((((((( Files Created from 2011-03-11 to 2011-04-11 )))))))))))))))))))))))))))))))
.
.
2011-04-10 01:12 . 2011-04-04 03:12 566272 ----a-w- c:\windows\aswMBR.exe
2011-04-04 21:35 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-04 21:35 . 2011-04-04 21:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-02 04:01 . 2009-08-06 23:23 215920 ----a-w- c:\windows\system32\muweb.dll
2011-04-02 04:01 . 2009-08-06 23:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-03-31 05:42 . 2011-03-23 14:11 6792528 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31FB10FC-6760-43C0-8FFA-7F2B2C39EFE9}\mpengine.dll
2011-03-31 05:42 . 2011-02-02 22:11 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-31 05:11 . 2011-03-31 05:11 -------- d-----w- c:\program files\Microsoft Security Client
2011-03-31 04:57 . 2011-03-31 05:02 -------- d-----w- c:\program files\Common Files\Adobe
2011-03-30 06:47 . 2011-03-30 06:47 388096 ----a-r- c:\documents and settings\Family\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-30 06:47 . 2011-03-30 06:47 -------- d-----w- c:\program files\Trend Micro
2011-03-30 06:25 . 2011-03-30 15:13 -------- d-----w- C:\fixwareout
2011-03-30 06:24 . 2011-03-30 06:24 -------- d-sh--w- c:\documents and settings\Family\PrivacIE
2011-03-30 06:23 . 2011-03-30 06:23 -------- d-sh--w- c:\documents and settings\Family\IETldCache
2011-03-30 06:18 . 2011-03-30 06:21 -------- dc-h--w- c:\windows\ie8
2011-03-30 06:05 . 2011-03-30 06:05 -------- d-----w- C:\406d617140359f8588
2011-03-27 12:37 . 2011-03-27 12:37 -------- d-----w- c:\documents and settings\Family\Application Data\SUPERAntiSpyware.com
2011-03-27 12:37 . 2011-03-27 12:37 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-03-27 12:27 . 2010-05-26 14:45 18816 ------w- c:\windows\system32\SAVRKBootTasks.sys
2011-03-27 11:49 . 2011-03-27 11:49 -------- d-----w- c:\program files\Sophos
2011-03-27 03:10 . 2011-03-27 03:30 -------- d-----w- c:\program files\Windows Live Safety Center
2011-03-25 19:23 . 2011-03-25 19:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2011-03-25 14:35 . 2011-03-30 06:17 -------- d-----w- c:\program files\Google
2011-03-25 14:33 . 2011-03-27 13:02 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-03-25 14:33 . 2011-03-25 14:33 -------- d-----w- c:\program files\AVAST Software
2011-03-25 14:01 . 2011-03-25 14:01 -------- d-----w- C:\22757301c2cec3b88f7921
2011-03-25 13:48 . 2011-03-25 13:48 -------- d-----w- C:\34d5f23ccae87fa8543c203eb8
2011-03-21 01:34 . 2011-03-21 01:34 -------- d-----w- c:\documents and settings\Family\Application Data\Malwarebytes
2011-03-21 01:17 . 2011-03-21 01:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-03-21 01:11 . 2011-03-21 02:06 -------- d-----w- c:\documents and settings\Administrator
2011-03-13 23:30 . 2011-03-13 23:30 -------- d-----w- c:\documents and settings\Family\Application Data\Template
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2011-02-09 13:53 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2011-02-09 13:53 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2011-02-02 07:58 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2011-01-27 11:57 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2011-01-21 14:44 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-03-31_04.48.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 23:41 . 2009-07-11 23:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2009-05-06 23:30 . 2008-11-10 15:41 67472 c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2009-05-06 23:30 . 2008-11-10 15:41 67472 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
+ 2009-05-06 23:30 . 2008-11-10 15:41 32656 c:\windows\system32\msonpmon.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 08:31 . 2009-03-08 08:31 66560 c:\windows\system32\mshtmled.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 08:31 . 2009-03-08 08:31 55296 c:\windows\system32\msfeedsbs.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 43520 c:\windows\system32\licmgr10.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 25600 c:\windows\system32\jsproxy.dll
- 2009-03-08 08:33 . 2009-03-08 08:33 25600 c:\windows\system32\jsproxy.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2009-03-08 08:31 . 2009-03-08 08:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-03-08 08:31 . 2009-03-08 08:31 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2009-03-08 08:33 . 2009-03-08 08:33 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-04-09 02:30 . 2011-04-09 02:30 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
- 2009-05-06 23:45 . 2009-05-06 23:45 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
- 2009-05-06 23:30 . 2009-05-06 23:31 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-05-06 23:30 . 2011-04-11 10:41 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-05-06 23:30 . 2011-04-11 10:41 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-05-06 23:30 . 2009-05-06 23:31 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-05-06 23:30 . 2009-05-06 23:31 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-05-06 23:30 . 2011-04-11 10:41 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-05-06 23:45 . 2009-05-06 23:45 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2011-04-09 02:30 . 2011-04-09 02:30 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2010-06-26 01:47 . 2010-06-26 01:47 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-26 01:47 . 2011-04-06 05:50 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2009-05-06 23:44 . 2009-05-06 23:44 25214 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\MSWorks.exe
+ 2009-05-06 23:44 . 2011-04-04 21:28 25214 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\MSWorks.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\ViewerPS.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\reader_sl.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 84896 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlr.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\eula.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrotextextractor.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32Info.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 62376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acroiehelpershim.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroIEHelper.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\Acrofx32.dll
+ 2007-06-21 13:04 . 2007-06-21 13:04 13152 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F990_worksup.dll
+ 2007-06-21 13:04 . 2007-06-21 13:04 14176 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F839_WkImgL90.dll
+ 2006-10-26 21:03 . 2006-10-26 21:03 78648 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\INTLDATE.DLL
+ 2009-04-03 22:01 . 2009-04-03 22:01 71504 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\XL12CNVP.DLL
+ 2009-04-03 21:57 . 2009-04-03 21:57 21320 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\WRD12EXE.EXE
+ 2006-07-24 17:50 . 2006-07-24 17:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\VBAME.DLL
+ 2008-10-25 12:18 . 2008-10-25 12:18 72568 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\ONFILTER.DLL
+ 2008-10-25 12:18 . 2008-10-25 12:18 98696 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\ONENOTEM.EXE
+ 2006-07-24 17:50 . 2006-07-24 17:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\MSADDNDR.DLL
+ 2006-10-27 04:17 . 2006-10-27 04:17 11072 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 12096 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\WORDPOL.DLL
+ 2006-10-27 05:58 . 2006-10-27 05:58 33080 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\VPREVIEW.EXE
+ 2009-05-06 23:29 . 2009-05-06 23:29 12080 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\VBIDEPOL.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 64288 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\VBIDEPIA.DLL
+ 2006-10-26 21:04 . 2006-10-26 21:04 76624 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-10-26 21:04 . 2006-10-26 21:04 19784 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 21:04 . 2006-10-26 21:04 51008 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 21:04 . 2006-10-26 21:04 27456 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 21:04 . 2006-10-26 21:04 58168 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 21:05 . 2006-10-26 21:05 86840 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 21:04 . 2006-10-26 21:04 29976 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 15672 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\SMARTTAGINSTALL.EXE
+ 2006-10-27 02:49 . 2006-10-27 02:49 34104 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\SETLANG.EXE
+ 2006-10-26 21:04 . 2006-10-26 21:04 19784 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 40424 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\REFIEBAR.DLL
+ 2006-10-27 04:13 . 2006-10-27 04:13 38168 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 21:05 . 2006-10-26 21:05 77144 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 12112 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\PPTPOL.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 46936 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OSETUPPS.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 18760 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OPHPROXY.DLL
+ 2006-10-27 03:24 . 2006-10-27 03:24 72504 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-27 03:24 . 2006-10-27 03:24 98632 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-27 02:59 . 2006-10-27 02:59 16728 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OMUOPTINPS.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 23392 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OISCTRL.DLL
+ 2006-10-27 22:11 . 2006-10-27 22:11 54680 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OFFRHD.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 11544 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OFFICEPL.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 65824 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 12104 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSTAGPOL.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 20280 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSTAGPIA.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 43832 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSSH.DLL
+ 2006-10-27 22:26 . 2006-10-27 22:26 35152 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSOSTYLE.DLL
+ 2006-10-27 02:56 . 2006-10-27 02:56 67408 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSONPUI.DLL
+ 2006-10-27 02:56 . 2006-10-27 02:56 32592 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSONPMON.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 67896 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSOHTMED.EXE
+ 2006-10-27 22:01 . 2006-10-27 22:01 76088 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSOHEV.DLL
+ 2006-10-27 04:13 . 2006-10-27 04:13 26936 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-27 02:48 . 2006-10-27 02:48 14664 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 19768 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSMH.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 89400 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\METCONV.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 12096 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\GRAPHPOL.DLL
+ 2006-10-26 21:04 . 2006-10-26 21:04 75576 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\FORM.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 12096 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\EXCELPOL.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 53576 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\AUTHZAX.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 56120 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 15160 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-27 22:00 . 2006-10-27 22:00 47976 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2009-04-02 18:35 . 2009-04-02 18:35 16712 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\PXBPROXY.DLL
+ 2009-04-02 18:35 . 2009-04-02 18:35 68496 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\PXBCOM.EXE
+ 2006-10-27 04:13 . 2006-10-27 04:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\XL12CNVP.DLL
+ 2006-10-27 22:11 . 2006-10-27 22:11 21264 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-27 04:07 . 2006-10-27 04:07 17680 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\PXBPROXY.DLL
+ 2006-10-27 04:07 . 2006-10-27 04:07 67920 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\PXBCOM.EXE
+ 2011-03-31 07:01 . 2009-03-08 08:33 12288 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-03-31 07:01 . 2009-03-08 08:31 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-03-31 07:01 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-03-31 07:01 . 2009-03-08 08:34 43008 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-03-31 07:01 . 2009-03-08 08:33 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2011-04-08 03:33 . 2011-04-08 03:33 10576 c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2011-04-08 03:33 . 2011-04-08 03:33 11112 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2011-04-08 03:34 . 2011-04-08 03:34 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2011-04-08 03:33 . 2011-04-08 03:33 11136 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2011-04-08 03:35 . 2011-04-08 03:35 11152 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2011-04-08 03:33 . 2011-04-08 03:33 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2011-04-08 03:34 . 2011-04-08 03:34 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2011-04-08 03:33 . 2011-04-08 03:33 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2011-04-08 03:33 . 2011-04-08 03:33 19320 c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 916480 c:\windows\system32\wininet.dll
- 2009-03-08 08:33 . 2009-03-08 08:33 420352 c:\windows\system32\vbscript.dll
+ 2011-03-31 04:27 . 2010-03-10 06:15 420352 c:\windows\system32\vbscript.dll
+ 2009-05-06 23:30 . 2008-11-10 15:41 864144 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2009-05-06 23:30 . 2008-11-10 15:41 864144 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 206848 c:\windows\system32\occache.dll
- 2009-03-08 08:32 . 2009-03-08 08:32 611840 c:\windows\system32\mstime.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 611840 c:\windows\system32\mstime.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 602112 c:\windows\system32\msfeeds.dll
+ 2011-03-31 04:27 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
- 2009-03-08 08:33 . 2009-03-08 08:33 726528 c:\windows\system32\jscript.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 184320 c:\windows\system32\iepeers.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 387584 c:\windows\system32\iedkcs32.dll
+ 2011-03-31 04:27 . 2010-12-20 12:55 173568 c:\windows\system32\ie4uinit.exe
- 2008-06-25 01:16 . 2011-02-09 12:49 249496 c:\windows\system32\FNTCACHE.DAT
+ 2008-06-25 01:16 . 2011-04-09 02:25 249496 c:\windows\system32\FNTCACHE.DAT
+ 2010-10-25 01:25 . 2010-10-25 01:25 165264 c:\windows\system32\drivers\MpFilter.sys
+ 2011-03-31 04:27 . 2010-12-20 23:59 916480 c:\windows\system32\dllcache\wininet.dll
- 2009-03-08 08:33 . 2009-03-08 08:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2011-03-31 04:27 . 2010-03-10 06:15 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 206848 c:\windows\system32\dllcache\occache.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 611840 c:\windows\system32\dllcache\mstime.dll
- 2009-03-08 08:32 . 2009-03-08 08:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-03-31 04:27 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
- 2009-03-08 08:33 . 2009-03-08 08:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2011-03-31 04:27 . 2010-12-20 12:55 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-05-26 22:53 . 2009-05-26 22:53 579072 c:\windows\Installer\30bd6.msp
+ 2010-07-23 05:03 . 2010-07-23 05:03 338432 c:\windows\Installer\21e99.msp
+ 2011-03-31 05:11 . 2011-03-31 05:11 786432 c:\windows\Installer\21167.msi
+ 2011-03-31 05:11 . 2011-03-31 05:11 479744 c:\windows\Installer\21161.msi
+ 2011-03-31 05:11 . 2011-03-31 05:11 301056 c:\windows\Installer\2115c.msi
+ 2010-08-04 19:13 . 2010-08-04 19:13 686080 c:\windows\Installer\1f751.msp
+ 2011-04-04 21:27 . 2011-04-04 21:27 248832 c:\windows\Installer\1e9f1.msi
- 2009-05-06 23:30 . 2009-05-06 23:31 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-05-06 23:30 . 2011-04-11 10:41 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-05-06 23:30 . 2009-05-06 23:31 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-05-06 23:30 . 2011-04-11 10:41 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-05-06 23:30 . 2011-04-11 10:41 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2009-05-06 23:30 . 2009-05-06 23:31 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2009-05-06 23:30 . 2009-05-06 23:31 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-05-06 23:30 . 2011-04-11 10:41 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
- 2009-05-06 23:27 . 2009-05-06 23:27 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2011-04-06 22:57 . 2011-04-06 22:57 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2009-05-06 23:44 . 2009-05-06 23:44 693600 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe
+ 2009-05-06 23:44 . 2011-04-04 21:28 693600 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe
- 2009-05-06 23:44 . 2009-05-06 23:44 947552 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe
+ 2009-05-06 23:44 . 2011-04-04 21:28 947552 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe
- 2009-05-06 23:44 . 2009-05-06 23:44 709984 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe
+ 2009-05-06 23:44 . 2011-04-04 21:28 709984 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 390552 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\pdfshell.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 101288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlrShim.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 135568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\nppdf32.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 681872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\JP2KLib.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AiodLite.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 702352 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroPDF.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 294808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrobroker.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\a3dutils.dll
+ 2007-06-21 13:04 . 2007-06-21 13:04 173408 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F378_WkProof.dll
+ 2007-06-21 13:04 . 2007-06-21 13:04 161120 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F366_wkcvqr01.dll
+ 2007-06-22 13:48 . 2007-06-22 13:48 972128 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F365_wkcvqd01.dll
+ 2007-06-21 13:04 . 2007-06-21 13:04 132448 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F22623_WkImg90.dll
+ 2007-06-22 13:48 . 2007-06-22 13:48 972128 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F20987_wkwpqd.dll
+ 2007-06-21 13:04 . 2007-06-21 13:04 161120 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F20985_wkwpqrtf.dll
+ 2009-04-03 21:57 . 2009-04-03 21:57 509256 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\WRD12CVR.DLL
+ 2009-04-03 22:11 . 2009-04-03 22:11 408424 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\WINWORD.EXE
+ 2011-04-08 03:35 . 2011-04-08 03:35 350064 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\PPTPIA.DLL
+ 2009-04-03 22:04 . 2009-04-03 22:04 521064 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\POWERPNT.EXE
+ 2008-10-25 11:52 . 2008-10-25 11:52 664968 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\ONBTTNOL.DLL
+ 2008-10-25 11:52 . 2008-10-25 11:52 604056 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\ONBTTNIE.DLL
+ 2006-07-24 17:50 . 2006-07-24 17:50 125744 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\MSSTDFMT.DLL
+ 2008-11-04 08:13 . 2008-11-04 08:13 118128 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\MSCONV97.DLL
+ 2006-10-26 21:05 . 2006-10-26 21:05 530760 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 781104 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-10-27 22:23 . 2006-10-27 22:23 347432 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-26 21:05 . 2006-10-26 21:05 126784 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-10-27 03:06 . 2006-10-27 03:06 439600 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-27 03:13 . 2006-10-27 03:13 503624 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2009-05-06 23:29 . 2009-05-06 23:29 248632 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-27 04:07 . 2006-10-27 04:07 368968 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\PPSLAX.DLL
+ 2006-10-27 22:04 . 2006-10-27 22:04 465200 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 04:30 . 2006-10-27 04:30 482088 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-07-27 01:53 . 2006-07-27 01:53 459080 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 03:23 . 2006-10-27 03:23 782720 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-27 22:39 . 2006-10-27 22:39 687432 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-27 03:32 . 2006-10-27 03:32 604000 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 285008 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 998208 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 274744 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-20 15:37 . 2006-10-20 15:37 637744 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OGALEGIT.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 416544 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OFFICE.DLL
+ 2006-10-27 03:06 . 2006-10-27 03:06 232816 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-27 02:55 . 2006-10-27 02:55 538904 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-27 02:55 . 2006-10-27 02:55 145688 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSTORE.EXE
+ 2006-10-27 02:55 . 2006-10-27 02:55 832800 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 20:56 . 2006-10-26 20:56 505136 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-27 02:50 . 2006-10-27 02:50 672024 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 21:47 . 2006-10-26 21:47 727840 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSPROOF6.DLL
+ 2006-10-26 20:56 . 2006-10-26 20:56 436520 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-27 02:56 . 2006-10-27 02:56 864080 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSONPDRV.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 428816 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-27 21:59 . 2006-10-27 21:59 161080 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 20:58 . 2006-10-26 20:58 117552 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 02:55 . 2006-10-27 02:55 828704 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 178488 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\IETAG.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 173328 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 150320 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\GRAPHPIA.DLL
+ 2006-10-27 22:09 . 2006-10-27 22:09 983376 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-27 02:48 . 2006-10-27 02:48 439568 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 106824 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\DSSM.EXE
+ 2006-10-27 03:12 . 2006-10-27 03:12 189760 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 205616 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-27 22:41 . 2006-10-27 22:41 399640 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 371568 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 224104 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 551800 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 289648 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 260976 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 392048 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-27 22:00 . 2006-10-27 22:00 387960 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 279352 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 207736 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 629616 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 338800 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-27 22:00 . 2006-10-27 22:00 191360 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-27 22:00 . 2006-10-27 22:00 576376 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 03:49 . 2006-10-27 03:49 509200 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\WRD12CVR.DLL
+ 2006-10-27 03:12 . 2006-10-27 03:12 396592 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\MOC.EXE
+ 2006-10-27 02:49 . 2006-10-27 02:49 970528 c:\windows\Installer\$PatchCache$\Managed\00002109010090400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2011-03-31 07:01 . 2009-03-08 08:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2011-03-31 07:01 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2011-03-31 07:01 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2011-03-31 07:02 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2011-03-31 07:02 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2011-03-31 07:02 . 2009-06-22 06:44 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2011-03-31 07:00 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2011-03-31 07:00 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2011-03-31 07:00 . 2009-03-08 08:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2011-03-31 07:01 . 2009-03-08 08:34 914944 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-03-31 07:01 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-03-31 07:01 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-03-31 07:01 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-03-31 07:01 . 2009-03-08 08:32 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-03-31 07:01 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-03-31 07:01 . 2009-03-08 08:33 246784 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-03-31 07:01 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-03-31 07:01 . 2009-03-08 08:35 742912 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-03-31 07:01 . 2009-03-08 18:09 391536 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-03-31 07:01 . 2009-03-08 08:32 173056 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2011-04-08 03:33 . 2011-04-08 03:33 423784 c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2011-04-08 03:34 . 2011-04-08 03:34 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2011-04-10 14:26 . 2011-04-10 14:26 350064 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2011-04-08 03:33 . 2011-04-08 03:33 149352 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 1210880 c:\windows\system32\urlmon.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 5961216 c:\windows\system32\mshtml.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 1991680 c:\windows\system32\iertutil.dll
+ 2009-08-18 03:33 . 2009-08-18 03:33 1193832 c:\windows\system32\FM20.DLL
+ 2011-03-31 04:27 . 2010-12-20 23:59 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 5961216 c:\windows\system32\dllcache\mshtml.dll
+ 2011-03-31 04:27 . 2010-12-20 23:59 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2010-04-24 21:07 . 2010-04-24 21:07 4667392 c:\windows\Installer\30bff.msp
+ 2009-04-04 21:10 . 2009-04-04 21:10 1282560 c:\windows\Installer\30bfd.msp
+ 2009-04-04 21:10 . 2009-04-04 21:10 7888384 c:\windows\Installer\30bf6.msp
+ 2009-04-04 21:10 . 2009-04-04 21:10 9926144 c:\windows\Installer\30bed.msp
+ 2009-10-16 11:08 . 2009-10-16 11:08 2237952 c:\windows\Installer\30be7.msp
+ 2009-08-18 17:08 . 2009-08-18 17:08 1373696 c:\windows\Installer\30bc6.msp
+ 2009-04-04 21:10 . 2009-04-04 21:10 7888384 c:\windows\Installer\2a4d6.msp
+ 2009-04-04 21:10 . 2009-04-04 21:10 9926144 c:\windows\Installer\2a4d4.msp
+ 2010-11-10 20:54 . 2010-11-10 20:54 2307584 c:\windows\Installer\243e5.msi
+ 2009-08-18 17:08 . 2009-08-18 17:08 1373696 c:\windows\Installer\21e9b.msp
+ 2011-03-31 05:03 . 2011-03-31 05:03 2283008 c:\windows\Installer\21139.msi
+ 2009-08-05 11:49 . 2009-08-05 11:49 3457024 c:\windows\Installer\20dc4.msp
+ 2010-03-24 22:54 . 2010-03-24 22:54 2516992 c:\windows\Installer\20dc2.msp
+ 2010-04-24 21:07 . 2010-04-24 21:07 4667392 c:\windows\Installer\20db1.msp
+ 2010-02-21 05:03 . 2010-02-21 05:03 4472832 c:\windows\Installer\1f779.msp
+ 2010-08-13 22:01 . 2010-08-13 22:01 8993280 c:\windows\Installer\1f762.msp
+ 2010-08-13 22:00 . 2010-08-13 22:00 9404928 c:\windows\Installer\1f740.msp
+ 2009-08-05 11:49 . 2009-08-05 11:49 3457024 c:\windows\Installer\1f72d.msp
+ 2009-02-25 23:08 . 2009-02-25 23:08 8311808 c:\windows\Installer\1f44c.msp
+ 2010-08-13 21:59 . 2010-08-13 21:59 8182272 c:\windows\Installer\1f36e.msp
+ 2009-04-24 16:31 . 2009-04-24 16:31 1425920 c:\windows\Installer\1f362.msp
+ 2010-08-13 22:02 . 2010-08-13 22:02 2545664 c:\windows\Installer\1f34a.msp
+ 2010-10-07 22:43 . 2010-10-07 22:43 1980416 c:\windows\Installer\1f33e.msp
+ 2009-07-27 08:31 . 2009-07-27 08:31 3738624 c:\windows\Installer\1f31b.msp
+ 2010-11-24 14:51 . 2010-11-24 14:51 2190336 c:\windows\Installer\1ea09.msp
- 2009-05-06 23:30 . 2009-05-06 23:31 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-05-06 23:30 . 2011-04-11 10:41 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-05-06 23:44 . 2011-04-04 21:28 1099104 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe
- 2009-05-06 23:44 . 2009-05-06 23:44 1099104 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe
- 2009-05-06 23:44 . 2009-05-06 23:44 1242464 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe
+ 2009-05-06 23:44 . 2011-04-04 21:28 1242464 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 2207632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\rt3d.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 6222744 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\authplay.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 5503368 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AGM.dll
+ 2010-11-10 16:49 . 2010-11-10 16:49 1216416 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AdobeCollabSync.exe
+ 2010-11-10 16:49 . 2010-11-10 16:49 1289624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.exe
+ 2007-06-22 13:44 . 2007-06-22 13:44 2901344 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F22194_wksssdb.dll
+ 2009-04-03 21:57 . 2009-04-03 21:57 4671320 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\WRD12CNV.DLL
+ 2008-11-21 07:12 . 2008-11-21 07:12 3750256 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\VVIEWER.DLL
+ 2008-10-25 13:35 . 2008-10-25 13:35 1847160 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\VVIEWDWG.DLL
+ 2008-08-26 02:50 . 2008-08-26 02:50 2585592 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\VBE6.DLL
+ 2008-11-10 06:41 . 2008-11-10 06:41 2014584 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\PPTVIEW.EXE
+ 2009-04-03 22:04 . 2009-04-03 22:04 8468840 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\PPCORE.DLL
+ 2009-03-06 08:00 . 2009-03-06 08:00 6596472 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\ONMAIN.DLL
+ 2008-11-10 14:49 . 2008-11-10 14:49 1165680 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\ONLIBS.DLL
+ 2008-11-25 02:16 . 2008-11-25 02:16 1020776 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\ONENOTE.EXE
+ 2009-02-05 15:36 . 2009-02-05 15:36 1640800 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\OGL.DLL
+ 2009-04-03 22:21 . 2009-04-03 22:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\OARTCONV.DLL
+ 2009-03-06 08:26 . 2009-03-06 08:26 5291376 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\IPEDITOR.DLL
+ 2008-11-21 03:06 . 2008-11-21 03:06 1194848 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\FM20.DLL
+ 2006-10-26 21:05 . 2006-10-26 21:05 1181520 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-27 05:58 . 2006-10-27 05:58 3732792 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2006-10-27 06:00 . 2006-10-27 06:00 1841984 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL
+ 2006-09-30 07:42 . 2006-09-30 07:42 2583344 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-27 21:57 . 2006-10-27 21:57 2330968 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-27 22:04 . 2006-10-27 22:04 7980848 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2006-10-27 03:07 . 2006-10-27 03:07 6536992 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-10-27 22:03 . 2006-10-27 22:03 6579512 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-27 03:24 . 2006-10-27 03:24 1165112 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 22:03 . 2006-10-27 22:03 1018664 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-27 03:14 . 2006-10-27 03:14 7033152 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-26 21:47 . 2006-10-26 21:47 1512304 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\NLSD0000.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 6635320 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-27 22:10 . 2006-10-27 22:10 5281592 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-27 03:02 . 2006-10-27 03:02 2526520 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-27 02:21 . 2006-10-27 02:21 1682232 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-26 21:10 . 2006-10-26 21:10 1190688 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2009-05-06 23:29 . 2009-05-06 23:29 1276720 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\EXCELPIA.DLL
+ 2006-10-27 22:00 . 2006-10-27 22:00 1751904 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2009-04-03 21:57 . 2009-04-03 21:57 4671320 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\WRD12CNV.DLL
+ 2009-04-02 18:35 . 2009-04-02 18:35 1787216 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\PPCNV.DLL
+ 2009-02-05 15:36 . 2009-02-05 15:36 1640800 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\OGL.DLL
+ 2006-10-27 22:11 . 2006-10-27 22:11 4235560 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-27 04:08 . 2006-10-27 04:08 1764112 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\PPCNV.DLL
+ 2006-10-27 22:18 . 2006-10-27 22:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-27 03:42 . 2006-10-27 03:42 8423224 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-27 02:49 . 2006-10-27 02:49 1011488 c:\windows\Installer\$PatchCache$\Managed\00002109010090400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2011-03-31 07:01 . 2009-03-08 08:34 1206784 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-03-31 07:01 . 2009-03-08 08:41 5937152 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-03-31 07:01 . 2009-03-08 08:32 1985024 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2011-04-08 03:34 . 2011-04-08 03:34 1279848 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2010-12-21 09:29 . 2010-12-21 09:29 11080704 c:\windows\system32\ieframe.dll
+ 2010-12-21 09:29 . 2010-12-21 09:29 11080704 c:\windows\system32\dllcache\ieframe.dll
+ 2009-04-04 15:36 . 2009-04-04 15:36 21390848 c:\windows\Installer\2555a.msp
+ 2009-04-04 21:09 . 2009-04-04 21:09 15190016 c:\windows\Installer\25548.msp
+ 2011-01-30 20:44 . 2011-01-30 20:44 12425728 c:\windows\Installer\243e6.msp
+ 2011-01-30 20:44 . 2011-01-30 20:44 12425728 c:\windows\Installer\2113a.msp
+ 2011-04-06 05:47 . 2011-04-06 05:47 20304384 c:\windows\Installer\1f471.msp
+ 2008-08-11 15:49 . 2008-08-11 15:49 22457344 c:\windows\Installer\1f454.msp
+ 2011-04-04 21:28 . 2011-04-04 21:28 20303872 c:\windows\Installer\1ea13.msp
+ 2009-04-04 11:35 . 2009-04-04 11:35 36977152 c:\windows\Installer\1cd3f.msp
+ 2009-04-04 11:35 . 2009-04-04 11:35 38325760 c:\windows\Installer\1cd35.msp
+ 2010-11-10 16:49 . 2010-11-10 16:49 23724952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.dll
+ 2006-10-27 22:14 . 2006-10-27 22:14 14151456 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\OART.DLL
+ 2009-04-03 22:01 . 2009-04-03 22:01 15108448 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\XL12CNV.EXE
+ 2009-04-03 22:11 . 2009-04-03 22:11 17740136 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\WWLIB.DLL
+ 2009-04-03 22:21 . 2009-04-03 22:21 16037736 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\OART.DLL
+ 2009-04-03 22:46 . 2009-04-03 22:46 17314688 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\MSO.DLL
+ 2009-04-03 22:11 . 2009-04-03 22:11 18330984 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\EXCEL.EXE
+ 2006-10-27 22:23 . 2006-10-27 22:23 17483560 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-27 22:07 . 2006-10-27 22:07 17891112 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2009-04-03 22:01 . 2009-04-03 22:01 15108448 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\XL12CNV.EXE
+ 2006-10-27 04:13 . 2006-10-27 04:13 14674216 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2011-03-31 07:01 . 2009-03-08 08:39 11063808 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
+ 2009-04-04 21:08 . 2009-04-04 21:08 343058432 c:\windows\Installer\2a4ca.msp
+ 2009-04-04 21:08 . 2009-04-04 21:08 343058432 c:\windows\Installer\2556b.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-08-27 136176]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-30 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-01-16 1418536]
"HP Mobile Broadband"="c:\swsetup\HPQWWAN\HPMobileBroadband.exe" [2009-01-09 455224]
"Syncables"="c:\program files\syncables\syncables desktop\Syncables.exe" [2009-04-02 173360]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2009-02-18 21:41 737280 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 21:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 21:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\syncables\\syncables desktop\\jre\\bin\\javaw.exe"=
"c:\\Documents and Settings\\Family\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
.
R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [3/27/2011 8:27 AM 18816]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [5/6/2009 7:23 PM 113664]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [3/2/2009 5:03 PM 38912]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/25/2011 10:36 AM 136176]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"d:\lavasoft\Ad-Aware\AAWService.exe" --> d:\lavasoft\Ad-Aware\AAWService.exe [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\6.tmp --> c:\windows\system32\6.tmp [?]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-25 14:35]
.
2011-03-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909066308-1455673721-3417402953-1006Core.job
- c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-27 16:53]
.
2011-04-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909066308-1455673721-3417402953-1006UA.job
- c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-27 16:53]
.
2011-04-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 16:26]
.
2011-04-11 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 16:26]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.yahoo.comIE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-04-11 07:32
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\TEMP\TMP0000114471C18635676C1D0C 524288 bytes
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\6.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(112)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-04-11 07:34:41
ComboFix-quarantined-files.txt 2011-04-11 11:34
ComboFix2.txt 2011-03-31 04:50
.
Pre-Run: 147,694,657,536 bytes free
Post-Run: 147,691,335,680 bytes free
.
- - End Of File - - 4F0DD7F8AD8F49F35C02C2490E793B26