Combofix report below. Malwarebytes and HJT to follow.
ComboFix 08-06-08.2 - Laurie 2008-06-12 19:36:43.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.536 [GMT -4:00]
Running from: C:\Documents and Settings\Laurie\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Laurie\Desktop\CFScript.txt
* Created a new restore point
FILE ::
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\hgGawTlJ.dll
C:\WINDOWS\system32\mlJCRICT.dll
C:\WINDOWS\system32\taskkill.exe
C:\WINDOWS\system32\urqNghGa.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Program Files\Crawler
C:\Program Files\Crawler\adrkeys.dat
C:\Program Files\Crawler\confirm.dat
C:\Program Files\Crawler\ctbcomm.dll
C:\Program Files\Crawler\ctbr.dll
C:\Program Files\Crawler\CTConf.dat
C:\Program Files\Crawler\CTipsDef.dll
C:\Program Files\Crawler\CToolbar.exe
C:\Program Files\Crawler\CUpdate.exe
C:\Program Files\Crawler\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Languages\TBR5_FR.cab
C:\Program Files\Crawler\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Languages\TBR5_PT.cab
C:\Program Files\Crawler\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Update\domains.cab
C:\Program Files\Crawler\WebSecurityGuard.dll
C:\Program Files\Crawler\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\WSGData\domains\index.dat
C:\Program Files\Crawler\WSGData\wfilter.dat
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\taskkill.exe
C:\WINDOWS\system32\vntiho05
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ASWARKRN
-------\Service_aswArKrn
((((((((((((((((((((((((( Files Created from 2008-05-12 to 2008-06-12 )))))))))))))))))))))))))))))))
.
2008-06-10 22:02 . 2008-04-14 07:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-10 22:02 . 2008-04-14 07:01 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-07 21:41 . 2008-06-07 21:41 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-06-07 21:41 . 2008-06-07 21:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-07 16:49 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-07 16:44 . 2008-06-07 16:44 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-05 16:05 . 2008-06-05 16:05 <DIR> d-------- C:\Documents and Settings\Laurie\log
2008-06-05 16:05 . 2008-06-05 16:05 142,096 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-06-05 09:15 . 2008-06-12 19:02 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-05 09:15 . 2008-06-05 09:15 <DIR> d-------- C:\Documents and Settings\Laurie\Application Data\Malwarebytes
2008-06-05 09:15 . 2008-06-05 09:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-05 09:15 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-05 09:15 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-05 09:13 . 2008-06-05 09:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-05 09:12 . 2008-06-05 09:13 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-06-05 08:04 . 2008-06-11 00:27 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-06-05 08:04 . 2008-06-10 22:33 <DIR> d-------- C:\Documents and Settings\Laurie\Application Data\Spyware Terminator
2008-06-05 08:04 . 2008-06-12 18:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-06-05 08:04 . 2008-06-05 08:04 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-05-28 21:57 . 2008-05-28 21:57 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-28 21:57 . 2008-05-28 22:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-27 22:04 . 2008-05-27 22:04 <DIR> d-------- C:\kav
2008-05-27 22:04 . 2008-05-27 22:04 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2008-05-27 22:04 . 2008-05-27 22:04 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-05-27 22:04 . 2008-05-27 22:04 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
2008-05-27 20:45 . 2008-05-27 22:02 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Corel
2008-05-27 20:39 . 2008-05-27 20:39 <DIR> d-------- C:\New Folder
2008-05-26 06:56 . 2005-05-06 15:53 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2008-05-26 06:56 . 2005-05-06 15:35 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Intel
2008-05-26 06:56 . 2008-05-27 22:02 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-24 14:05 . 2008-05-28 21:35 <DIR> d--hs---- C:\WINDOWS\TGF1cmll
2008-05-24 14:05 . 2008-05-24 15:01 <DIR> d-------- C:\WINDOWS\system32\mZ
2008-05-24 14:05 . 2008-05-28 21:31 <DIR> d-------- C:\WINDOWS\system32\bol
2008-05-24 14:05 . 2008-06-03 23:01 <DIR> d-------- C:\Temp
2008-05-24 14:05 . 2008-05-24 14:08 <DIR> d--hs---- C:\Documents and Settings\Laurie\!
2008-05-19 17:05 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-05-19 17:05 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-07 20:49 --------- d-----w C:\Program Files\Java
2008-06-07 20:16 --------- d-----w C:\Program Files\StarOffice7
2008-06-05 12:04 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-05-28 23:31 --------- d-----w C:\Program Files\Alwil Software
2008-05-28 02:03 --------- d-----w C:\Program Files\eTeacher 4.6.1.2
2008-05-28 02:03 --------- d-----w C:\Documents and Settings\Laurie\Application Data\Lavasoft
2008-05-28 02:03 --------- d-----w C:\Documents and Settings\Laurie\Application Data\FileMaker
2008-05-28 02:03 --------- d-----w C:\Documents and Settings\Laurie\Application Data\AdobeUM
2008-05-25 15:34 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-24 20:33 --------- d-----w C:\Documents and Settings\Laurie\Application Data\LimeWire
2008-05-24 18:09 --------- d-----w C:\Program Files\LimeWire
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-29 03:11 --------- d-----w C:\Program Files\QuickTax 2007
2008-04-24 02:40 --------- d-----w C:\Program Files\FirstClass
2006-11-12 14:58 941 -c--a-w C:\Program Files\INSTALL.LOG
2006-05-15 20:14 139,228 -c--a-w C:\Program Files\NetscapeUpdater.exe
2007-06-25 12:30 952 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\WINDOWS\system32\bol ----
---- Directory of C:\WINDOWS\system32\mZ ----
---- Directory of C:\WINDOWS\TGF1cmll ----
((((((((((((((((((((((((((((( snapshot@2008-06-09_ 8.42.06.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-07 04:55:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
- 2008-06-09 12:16:14 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-12 23:39:50 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-14 11:01:02 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-03-01 13:06:20 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:06:21 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:06:21 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:06:21 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:06:21 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:23 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:06:21 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:06:21 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:06:22 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:06:22 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:06:24 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:06:24 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:06:25 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:55:46 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:06:25 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:06:26 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:06:26 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 22:36:30 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:06:28 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:06:28 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:06:29 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:06:29 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:06:29 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:06:29 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:06:30 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:06:30 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:06:31 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
+ 2003-07-15 03:43:20 87,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\ADDRPARS.DLL
+ 2003-07-15 08:14:28 350,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL
+ 2003-07-15 08:18:12 47,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE
+ 2003-07-25 23:57:20 75,832 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\DLGSETP.DLL
+ 2003-07-31 20:19:52 131,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\ENVELOPE.DLL
+ 2003-08-13 07:34:38 10,073,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE
+ 2003-08-03 15:56:16 1,146,184 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\FM20.DLL
+ 2003-07-24 04:01:40 1,949,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL
+ 2003-07-15 04:36:14 186,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL
+ 2003-07-26 00:00:16 1,157,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL
+ 2003-07-26 00:14:50 799,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL
+ 2003-07-15 04:11:42 2,139,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\GRAPH.EXE
+ 2003-07-15 03:57:44 87,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL
+ 2003-07-15 03:53:50 161,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\IETAG.DLL
+ 2003-07-24 03:32:32 121,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\IMPMAIL.DLL
+ 2003-06-18 22:31:44 758,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MDIGRAPH.DLL
+ 2003-06-18 22:31:48 17,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL
+ 2003-06-18 22:31:48 18,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL
+ 2003-06-18 22:31:46 35,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL
+ 2003-06-18 22:31:34 443,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MDIVWCTL.DLL
+ 2003-07-15 03:46:08 176,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MIMEDIR.DLL
+ 2003-07-15 03:58:04 230,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSCDM.DLL
+ 2003-07-15 03:51:50 116,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSCONV97.DLL
+ 2002-12-18 00:08:50 359,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSDMENG.DLL
+ 2002-12-18 00:08:54 1,383,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSDMINE.DLL
+ 2002-04-10 01:14:36 187,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSMDUN80.DLL
+ 2003-08-08 05:23:16 12,172,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSO.DLL
+ 2003-07-15 08:14:18 106,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL
+ 2003-07-24 03:35:26 127,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL
+ 2002-12-18 00:09:24 2,071,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSOLAP80.DLL
+ 2003-06-18 22:31:24 1,033,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSPCORE.DLL
+ 2003-07-15 04:02:14 627,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSTORDB.EXE
+ 2003-07-15 03:56:24 124,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE
+ 2003-07-24 03:40:00 482,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\MSTORES.DLL
+ 2003-07-15 08:14:26 283,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OIS.EXE
+ 2003-07-15 08:14:26 828,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OISAPP.DLL
+ 2003-07-15 08:14:26 27,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL
+ 2003-07-15 03:41:56 24,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OUTLACCT.DLL
+ 2003-08-10 04:06:42 7,522,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OUTLLIB.DLL
+ 2003-07-15 03:44:32 88,128 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OUTLMIME.DLL
+ 2003-07-15 03:45:18 196,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OUTLOOK.EXE
+ 2003-07-15 03:43:48 139,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OUTLPH.DLL
+ 2003-07-15 03:43:18 64,056 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OUTLRPC.DLL
+ 2003-08-01 20:09:04 8,086,072 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\OWC11.DLL
+ 2003-07-30 17:40:40 6,133,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\POWERPNT.EXE
+ 2003-07-15 08:18:54 430,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\PP4X322.DLL
+ 2003-07-31 20:21:08 1,782,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\PPTVIEW.EXE
+ 2003-07-15 03:42:26 37,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\RECALL.DLL
+ 2003-07-15 03:43:30 74,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\RM.DLL
+ 2003-08-03 15:52:32 2,808,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL
+ 2003-07-15 04:00:22 99,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\TRANSMGR.DLL
+ 2003-07-03 20:19:36 2,502,656 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\VBE6.DLL
+ 2003-08-06 18:24:20 12,037,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.5614\WINWORD.EXE
+ 2005-03-17 18:32:42 88,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\ADDRPARS.DLL
+ 2005-03-17 18:32:40 77,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\DLGSETP.DLL
+ 2005-03-25 20:27:18 132,296 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\ENVELOPE.DLL
+ 2005-05-27 05:06:54 10,095,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\EXCEL.EXE
+ 2005-03-17 18:36:34 161,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\IETAG.DLL
+ 2005-03-17 18:32:46 122,056 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\IMPMAIL.DLL
+ 2005-07-22 21:47:14 12,242,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\MSO.DLL
+ 2005-07-22 21:27:10 7,605,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\OUTLLIB.DLL
+ 2005-04-25 17:29:56 92,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\OUTLMIME.DLL
+ 2005-07-05 16:14:28 196,296 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\OUTLOOK.EXE
+ 2005-03-17 18:32:50 141,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\OUTLPH.DLL
+ 2005-03-31 17:21:32 64,200 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\OUTLRPC.DLL
+ 2005-03-17 18:32:40 74,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\RM.DLL
+ 2005-05-27 05:27:34 100,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\TRANSMGR.DLL
+ 2004-05-24 23:45:10 2,482,176 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\VBE6.DLL
+ 2005-07-22 21:21:40 12,061,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040210900063D11C8EF10054038389C\11.0.7969\WINWORD.EXE
- 2008-05-14 02:02:40 12,288 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-06-11 04:29:50 12,288 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-05-14 02:02:40 135,168 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-06-11 04:29:50 135,168 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-05-14 02:02:40 11,264 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-06-11 04:29:50 11,264 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-05-14 02:02:41 27,136 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-06-11 04:29:50 27,136 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-05-14 02:02:41 4,096 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-06-11 04:29:50 4,096 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-05-14 02:02:41 794,624 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-06-11 04:29:50 794,624 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-05-14 02:02:40 249,856 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-06-11 04:29:50 249,856 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-05-14 02:02:41 23,040 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-06-11 04:29:50 23,040 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-05-14 02:02:40 286,720 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-06-11 04:29:50 286,720 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-05-14 02:02:40 409,600 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-06-11 04:29:49 409,600 ----a-r C:\WINDOWS\Installer\{90120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-03-01 13:06:20 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:28 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 13:06:20 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:28 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-03-01 13:06:21 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:28 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:06:21 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:28 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 13:06:21 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:28 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 13:06:21 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:28 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-02-29 08:55:23 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-22 07:39:58 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-03-01 13:06:21 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:28 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 13:06:21 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:28 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-03-01 13:06:22 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:28 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:06:22 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:28 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:06:24 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:28 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 13:06:24 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:28 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 13:06:25 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:28 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-02-29 08:55:46 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-04-22 07:40:18 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-03-01 13:06:25 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:28 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-03-01 13:06:26 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:28 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 13:06:26 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:28 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 22:36:30 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-24 02:16:30 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-03-01 13:06:28 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:28 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 13:06:28 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:28 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 13:06:29 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:28 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-03-01 13:06:29 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:28 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 13:06:29 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:43:03 1,287,680 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 ------w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 ------w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ------w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2008-03-01 13:06:29 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:28 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 13:06:30 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:29 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 13:06:30 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:29 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 13:06:31 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:29 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-03-01 13:06:21 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:28 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 13:06:21 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:28 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 13:06:21 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:28 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2003-08-03 15:56:16 1,146,184 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2005-03-17 18:39:58 1,146,320 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2008-03-01 13:06:21 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:55:23 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:39:58 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 13:06:21 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:28 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 13:06:21 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:28 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 13:06:22 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:28 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 13:06:22 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:28 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 13:06:24 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:28 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 13:06:24 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 13:06:25 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:28 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-03-01 13:06:25 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:28 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2003-06-18 22:31:48 17,920 ----a-w C:\WINDOWS\system32\mdimon.dll
+ 2004-03-22 19:17:06 24,816 ----a-w C:\WINDOWS\system32\mdimon.dll
- 2008-05-09 18:35:06 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-03-01 13:06:26 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:28 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 13:06:26 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:28 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 22:36:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-24 02:16:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 13:06:28 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:28 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 13:06:28 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:28 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 13:06:29 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:28 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 13:06:29 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:28 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-03-01 13:06:29 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-10-29 22:43:03 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
- 2006-12-10 18:10:02 14,640 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2003-06-18 22:31:44 758,784 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2004-03-22 19:17:04 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2003-06-18 22:31:46 35,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2004-03-22 19:17:10 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
- 2003-06-18 22:31:44 758,784 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
+ 2004-03-22 19:17:04 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
- 2003-06-18 22:31:46 35,328 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
+ 2004-03-22 19:17:10 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
- 2003-06-18 22:31:48 18,944 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2004-03-22 19:17:08 25,840 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
- 2008-03-01 13:06:29 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:28 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 13:06:30 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:29 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 13:06:30 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:29 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2008-03-01 13:06:31 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-04-23 04:16:29 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-12 23:39:59 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_7f8.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3095D50F-F1BA-4BBC-A54D-819EEB7E0898}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{48C55D88-834B-4BE9-BC28-FEBC1E970022}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9F17EA7C-2617-48BE-B120-92FA4FD2873A}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB3E5D22-19CB-4A96-ABE1-1705278EFAB0}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 17:43 4670704]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-10-09 19:56 202544]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-09-13 17:33 155648]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-10-08 21:31 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-10-08 21:27 126976]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 15:59 385024]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 17:54 57344]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2005-05-06 15:40 26112]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 02:01 110592]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 02:05 127035]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 15:25 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 15:45 40960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-06-05 08:04 1817600]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 16:48 622592]
"SetDefPrt"="C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 19:02 49152]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 15:58 61440]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 07:55 61440]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-09 19:57 16384]
"InterWrite Device Manager"="C:\Program Files\Interwrite Learning\Interwrite Workspace\IWStarter.exe" [2007-04-27 11:36 1122304]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-10-09 19:56 202544]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-05-06 15:39:00 24576]
Monitor.lnk - C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe [2006-12-25 15:38:36 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 17:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqNghGa]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-15 19:20]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-06-05 08:04]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-15 19:16]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-10-09 19:56]
R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 13:50]
.
Contents of the 'Scheduled Tasks' folder
"2008-05-21 01:00:30 C:\WINDOWS\Tasks\Ad-Aware SE Personal.job"
- C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
"2008-06-12 22:45:33 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-12 23:04:39 C:\WINDOWS\Tasks\Disk Cleanup.job"
- C:\WINDOWS\system32\cleanmgr.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-12 19:58:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\system32\MLANG.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Apoint\ApntEx.exe
C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\verclsid.exe
.
**************************************************************************
.
Completion time: 2008-06-12 20:06:51 - machine was rebooted [Laurie]
ComboFix-quarantined-files.txt 2008-06-13 00:06:45
ComboFix2.txt 2008-06-09 12:42:33
Pre-Run: 24,947,740,672 bytes free
Post-Run: 24,995,979,264 bytes free
560 --- E O F --- 2008-06-11 04:32:12