Hi askey127:
I followed your instructions. Here's the log file:
ComboFix 09-05-26.02 - Owner 05/28/2009 0:24.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.382.86 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
FILE ::
"c:\\ocqkmoc.exe"
.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-28 )))))))))))))))))))))))))))))))
.
2009-05-27 00:35 . 2009-05-27 00:35 -------- d--h--w c:\windows\PIF
2009-05-27 00:29 . 2009-05-27 00:29 -------- d-----w c:\documents and settings\Owner\Local Settings\Application Data\WinZip
2009-05-27 00:28 . 2009-05-27 00:29 -------- d-----w c:\documents and settings\All Users\Application Data\WinZip
2009-05-26 20:46 . 2009-05-26 20:46 -------- d-----w c:\program files\Viewpoint
2009-05-26 20:45 . 2009-05-26 20:48 -------- d-----w c:\program files\AIM6
2009-05-25 04:17 . 2009-05-25 04:17 -------- d-----w c:\documents and settings\Owner\Application Data\WinPatrol
2009-05-25 04:17 . 2009-05-25 04:17 -------- d-----w c:\docume~1\Owner\APPLIC~1\WinPatrol
2009-05-25 04:16 . 2009-05-25 04:16 -------- d-----w c:\program files\BillP Studios
2009-05-25 03:58 . 2009-05-25 03:58 -------- d-----w c:\program files\Bluetack
2009-05-22 04:54 . 2009-05-22 04:54 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-21 02:15 . 2009-05-21 02:15 -------- d-----w c:\documents and settings\Owner\Application Data\Malwarebytes
2009-05-21 02:15 . 2009-05-21 02:15 -------- d-----w c:\docume~1\Owner\APPLIC~1\Malwarebytes
2009-05-21 02:14 . 2009-04-06 19:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-21 02:14 . 2009-04-06 19:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-21 02:14 . 2009-05-21 02:14 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-21 02:14 . 2009-05-21 02:15 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-21 01:44 . 2009-05-21 01:44 -------- d-----w c:\program files\CCleaner
2009-05-18 03:04 . 2004-08-04 03:10 38912 -c--a-w c:\windows\system32\dllcache\avc.sys
2009-05-17 23:42 . 2009-05-17 23:42 -------- d-----w c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-05-17 23:40 . 2009-05-17 23:40 -------- d-----w c:\documents and settings\Owner\Local Settings\Application Data\Downloaded Installations
2009-05-05 04:48 . 2004-08-04 04:56 116224 -c--a-w c:\windows\system32\dllcache\xrxwiadr.dll
2009-05-05 04:48 . 2001-08-18 02:36 23040 -c--a-w c:\windows\system32\dllcache\xrxwbtmp.dll
2009-05-05 04:48 . 2001-08-18 02:36 17408 -c--a-w c:\windows\system32\dllcache\xrxscnui.dll
2009-05-05 04:48 . 2001-08-18 02:37 27648 -c--a-w c:\windows\system32\dllcache\xrxftplt.exe
2009-05-05 04:48 . 2001-08-18 02:37 4608 -c--a-w c:\windows\system32\dllcache\xrxflnch.exe
2009-05-05 04:48 . 2001-08-18 02:37 99865 -c--a-w c:\windows\system32\dllcache\xlog.exe
2009-05-05 04:47 . 2001-08-17 16:11 16970 -c--a-w c:\windows\system32\dllcache\xem336n5.sys
2009-05-05 04:47 . 2004-08-04 02:29 19455 -c--a-w c:\windows\system32\dllcache\wvchntxx.sys
2009-05-05 04:47 . 2004-08-04 03:10 19328 -c--a-w c:\windows\system32\dllcache\wstcodec.sys
2009-05-05 04:47 . 2004-08-04 02:29 12063 -c--a-w c:\windows\system32\dllcache\wsiintxx.sys
2009-05-05 04:47 . 2004-08-04 04:56 8192 -c--a-w c:\windows\system32\dllcache\wshirda.dll
2009-05-05 04:47 . 2004-08-04 03:07 8832 -c--a-w c:\windows\system32\dllcache\wmiacpi.sys
2009-05-05 04:47 . 2004-08-04 02:31 154624 -c--a-w c:\windows\system32\dllcache\wlluc48.sys
2009-05-05 04:47 . 2001-08-17 16:12 34890 -c--a-w c:\windows\system32\dllcache\wlandrv2.sys
2009-05-05 04:47 . 2001-08-17 17:28 771581 -c--a-w c:\windows\system32\dllcache\winacisa.sys
2009-05-05 04:47 . 2001-08-18 02:36 53760 -c--a-w c:\windows\system32\dllcache\wiamsmud.dll
2009-05-05 04:45 . 2001-08-17 17:28 397502 -c--a-w c:\windows\system32\dllcache\vpctcom.sys
2009-05-05 04:45 . 2001-08-17 17:28 604253 -c--a-w c:\windows\system32\dllcache\vmodem.sys
2009-05-05 04:45 . 2001-08-17 16:14 249402 -c--a-w c:\windows\system32\dllcache\vinwm.sys
2009-05-05 04:45 . 2001-08-17 17:49 24576 -c--a-w c:\windows\system32\dllcache\viairda.sys
2009-05-05 04:45 . 2004-08-04 04:56 53760 -c--a-w c:\windows\system32\dllcache\vfwwdm32.dll
2009-05-05 04:45 . 2004-08-04 04:56 11325 -c--a-w c:\windows\system32\dllcache\vchnt5.dll
2009-05-05 04:45 . 2001-08-17 17:28 687999 -c--a-w c:\windows\system32\dllcache\usrwdxjs.sys
2009-05-05 04:45 . 2001-08-17 17:28 765884 -c--a-w c:\windows\system32\dllcache\usrti.sys
2009-05-05 04:45 . 2001-08-17 17:28 113762 -c--a-w c:\windows\system32\dllcache\usrpda.sys
2009-05-05 04:45 . 2001-08-17 17:28 7556 -c--a-w c:\windows\system32\dllcache\usroslba.sys
2009-05-05 04:45 . 2001-08-17 17:28 224802 -c--a-w c:\windows\system32\dllcache\usr1807a.sys
2009-05-05 04:45 . 2001-08-17 17:28 794399 -c--a-w c:\windows\system32\dllcache\usr1806v.sys
2009-05-05 04:45 . 2001-08-17 17:28 793598 -c--a-w c:\windows\system32\dllcache\usr1806.sys
2009-05-05 04:43 . 2001-08-17 17:48 11520 -c--a-w c:\windows\system32\dllcache\twotrack.sys
2009-05-05 04:42 . 2001-08-17 16:14 123995 -c--a-w c:\windows\system32\dllcache\tjisdn.sys
2009-05-05 04:42 . 2001-08-17 16:51 138528 -c--a-w c:\windows\system32\dllcache\tgiulnt5.sys
2009-05-05 04:42 . 2001-08-17 18:56 81408 -c--a-w c:\windows\system32\dllcache\tgiul50.dll
2009-05-05 04:42 . 2004-08-04 03:00 149376 -c--a-w c:\windows\system32\dllcache\tffsport.sys
2009-05-05 04:42 . 2001-08-17 16:13 17129 -c--a-w c:\windows\system32\dllcache\tdkcd31.sys
2009-05-05 04:42 . 2001-08-17 16:13 37961 -c--a-w c:\windows\system32\dllcache\tdk100b.sys
2009-05-05 04:42 . 2001-08-17 17:49 30464 -c--a-w c:\windows\system32\dllcache\tbatm155.sys
2009-05-05 04:42 . 2001-08-17 17:52 7040 -c--a-w c:\windows\system32\dllcache\tandqic.sys
2009-05-05 04:42 . 2001-08-17 16:50 36640 -c--a-w c:\windows\system32\dllcache\t2r4mini.sys
2009-05-05 04:42 . 2001-08-17 18:56 172768 -c--a-w c:\windows\system32\dllcache\t2r4disp.dll
2009-05-05 04:42 . 2001-08-18 02:36 94293 -c--a-w c:\windows\system32\dllcache\sxports.dll
2009-05-05 04:42 . 2001-08-17 17:50 103936 -c--a-w c:\windows\system32\dllcache\sx.sys
2009-05-05 04:40 . 2001-08-18 02:36 106584 -c--a-w c:\windows\system32\dllcache\spdports.dll
2009-05-05 04:39 . 2004-08-04 03:07 6912 -c--a-w c:\windows\system32\dllcache\smbclass.sys
2009-05-05 04:38 . 2001-08-17 16:50 68608 -c--a-w c:\windows\system32\dllcache\sis6306p.sys
2009-05-05 04:37 . 2001-08-17 17:51 17280 -c--a-w c:\windows\system32\dllcache\scr111.sys
2009-05-05 04:36 . 2001-08-17 16:50 41216 -c--a-w c:\windows\system32\dllcache\s3mt3d.sys
2009-05-05 04:35 . 2004-08-04 03:10 59648 -c--a-w c:\windows\system32\dllcache\rfcomm.sys
2009-05-05 04:35 . 2001-08-18 02:36 86097 -c--a-w c:\windows\system32\dllcache\reslog32.dll
2009-05-05 04:35 . 2004-08-04 02:41 13776 -c--a-w c:\windows\system32\dllcache\recagent.sys
2009-05-05 04:35 . 2001-08-17 17:51 19584 -c--a-w c:\windows\system32\dllcache\rasirda.sys
2009-05-05 04:35 . 2001-08-17 17:28 714762 -c--a-w c:\windows\system32\dllcache\r2mdmkxx.sys
2009-05-05 04:35 . 2001-08-17 17:28 899146 -c--a-w c:\windows\system32\dllcache\r2mdkxga.sys
2009-05-05 04:35 . 2001-08-18 02:36 41472 -c--a-w c:\windows\system32\dllcache\qvusd.dll
2009-05-05 04:35 . 2001-08-17 17:53 3328 -c--a-w c:\windows\system32\dllcache\qv2kux.sys
2009-05-05 04:35 . 2004-08-04 03:00 6016 -c--a-w c:\windows\system32\dllcache\qic157.sys
2009-05-05 04:35 . 2001-08-17 17:28 130942 -c--a-w c:\windows\system32\dllcache\ptserlv.sys
2009-05-05 04:35 . 2001-08-17 17:28 112574 -c--a-w c:\windows\system32\dllcache\ptserlp.sys
2009-05-05 04:35 . 2001-08-17 17:28 128286 -c--a-w c:\windows\system32\dllcache\ptserli.sys
2009-05-05 04:35 . 2004-08-04 04:56 159232 -c--a-w c:\windows\system32\dllcache\ptpusd.dll
2009-05-05 04:33 . 2001-08-18 02:36 86016 -c--a-w c:\windows\system32\dllcache\pctspk.exe
2009-05-05 04:32 . 2001-08-17 18:05 25088 -c--a-w c:\windows\system32\dllcache\ovca.sys
2009-05-05 04:32 . 2001-08-17 17:28 54186 -c--a-w c:\windows\system32\dllcache\otcsercb.sys
2009-05-05 04:32 . 2001-08-17 16:12 43689 -c--a-w c:\windows\system32\dllcache\otceth5.sys
2009-05-05 04:32 . 2001-08-17 16:12 27209 -c--a-w c:\windows\system32\dllcache\otc06x5.sys
2009-05-05 04:32 . 2001-08-17 16:20 54528 -c--a-w c:\windows\system32\dllcache\opl3sax.sys
2009-05-05 04:32 . 2004-08-04 03:10 61056 -c--a-w c:\windows\system32\dllcache\ohci1394.sys
2009-05-05 04:32 . 2001-08-17 16:50 198144 -c--a-w c:\windows\system32\dllcache\nv3.sys
2009-05-05 04:32 . 2001-08-18 02:36 123776 -c--a-w c:\windows\system32\dllcache\nv3.dll
2009-05-05 04:32 . 2004-08-04 02:41 180360 -c--a-w c:\windows\system32\dllcache\ntmtlfax.sys
2009-05-05 04:32 . 2001-08-17 16:49 51552 -c--a-w c:\windows\system32\dllcache\ntgrip.sys
2009-05-05 04:32 . 2001-08-17 17:47 9344 -c--a-w c:\windows\system32\dllcache\ntapm.sys
2009-05-05 04:30 . 2001-08-17 18:56 35392 -c--a-w c:\windows\system32\dllcache\n9i128.dll
2009-05-05 04:29 . 2004-08-04 03:00 22016 -c--a-w c:\windows\system32\dllcache\msircomm.sys
2009-05-05 04:29 . 2001-08-17 18:02 35200 -c--a-w c:\windows\system32\dllcache\msgame.sys
2009-05-05 04:29 . 2001-08-17 17:48 6016 -c--a-w c:\windows\system32\dllcache\msfsio.sys
2009-05-05 04:29 . 2004-08-04 03:10 51328 -c--a-w c:\windows\system32\dllcache\msdv.sys
2009-05-05 04:29 . 2004-08-04 03:10 15360 -c--a-w c:\windows\system32\dllcache\mpe.sys
2009-05-05 04:29 . 2001-08-17 17:48 12160 -c--a-w c:\windows\system32\dllcache\mouhid.sys
2009-05-05 04:29 . 2001-08-17 17:57 16128 -c--a-w c:\windows\system32\dllcache\modemcsa.sys
2009-05-05 04:29 . 2001-08-17 17:52 6528 -c--a-w c:\windows\system32\dllcache\miniqic.sys
2009-05-05 04:29 . 2001-08-17 16:50 320384 -c--a-w c:\windows\system32\dllcache\mgaum.sys
2009-05-05 04:29 . 2001-08-17 18:56 235648 -c--a-w c:\windows\system32\dllcache\mgaud.dll
2009-05-05 04:29 . 2004-08-04 03:00 26112 -c--a-w c:\windows\system32\dllcache\memstpci.sys
2009-05-05 04:27 . 2001-08-17 16:12 20573 -c--a-w c:\windows\system32\dllcache\lne100.sys
2009-05-05 04:27 . 2001-08-17 16:11 25065 -c--a-w c:\windows\system32\dllcache\lmndis3.sys
2009-05-05 04:27 . 2001-08-17 17:51 15744 -c--a-w c:\windows\system32\dllcache\lit220p.sys
2009-05-05 04:27 . 2004-08-04 02:59 34688 -c--a-w c:\windows\system32\dllcache\lbrtfdc.sys
2009-05-05 04:27 . 2001-08-17 16:12 26442 -c--a-w c:\windows\system32\dllcache\lanepic5.sys
2009-05-05 04:27 . 2001-08-17 16:12 19016 -c--a-w c:\windows\system32\dllcache\ktc111.sys
2009-05-05 04:27 . 2001-08-18 02:36 37376 -c--a-w c:\windows\system32\dllcache\kousd.dll
2009-05-05 04:27 . 2001-08-18 02:36 242176 -c--a-w c:\windows\system32\dllcache\kdsusd.dll
2009-05-05 04:27 . 2001-08-18 02:36 45568 -c--a-w c:\windows\system32\dllcache\kdsui.dll
2009-05-05 04:27 . 2004-08-04 02:58 14848 -c--a-w c:\windows\system32\dllcache\kbdhid.sys
2009-05-05 04:26 . 2001-08-17 17:49 26624 -c--a-w c:\windows\system32\dllcache\irstusb.sys
2009-05-05 04:26 . 2001-08-17 17:51 18688 -c--a-w c:\windows\system32\dllcache\irsir.sys
2009-05-05 04:26 . 2004-08-04 04:56 27136 -c--a-w c:\windows\system32\dllcache\irmon.dll
2009-05-05 04:26 . 2004-08-04 04:56 152576 -c--a-w c:\windows\system32\dllcache\irftp.exe
2009-05-05 04:26 . 2001-08-17 17:49 23552 -c--a-w c:\windows\system32\dllcache\irmk7.sys
2009-05-05 04:26 . 2004-08-04 03:00 87424 -c--a-w c:\windows\system32\dllcache\irda.sys
2009-05-05 04:26 . 2001-08-17 16:12 45632 -c--a-w c:\windows\system32\dllcache\ip5515.sys
2009-05-05 04:26 . 2001-08-18 02:36 90200 -c--a-w c:\windows\system32\dllcache\io8ports.dll
2009-05-05 04:26 . 2001-08-17 17:50 38784 -c--a-w c:\windows\system32\dllcache\io8.sys
2009-05-05 04:26 . 2001-08-17 17:47 13056 -c--a-w c:\windows\system32\dllcache\inport.sys
2009-05-05 04:24 . 2004-08-04 02:41 1041536 -c--a-w c:\windows\system32\dllcache\hsfdpsp2.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-26 20:46 . 2006-02-01 09:32 -------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2009-05-26 20:45 . 2006-02-01 09:31 -------- d-----w c:\program files\Common Files\AOL
2009-05-26 02:32 . 2008-07-13 18:32 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-05-22 04:54 . 2006-02-01 09:26 -------- d-----w c:\program files\Java
2009-05-22 04:28 . 2006-02-01 09:29 -------- d-----w c:\program files\Common Files\Adobe
2009-05-20 21:43 . 2009-04-05 02:24 0 ----a-w c:\windows\Fzubaneyafisequ.bin
2009-05-17 23:43 . 2006-02-01 09:21 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-17 22:20 . 2008-03-15 23:54 16384 ----a-w c:\windows\DCEBoot.exe
2009-05-17 05:32 . 2008-01-22 00:17 -------- d-----w c:\documents and settings\Owner\Application Data\LimeWire
2009-05-17 05:32 . 2008-01-22 00:17 -------- d-----w c:\docume~1\Owner\APPLIC~1\LimeWire
2009-05-03 23:24 . 2009-04-22 14:17 7 ----a-w c:\windows\system32\nar.bin
2009-05-03 21:52 . 2006-04-23 15:31 -------- d-----w c:\documents and settings\All Users\Application Data\Kodak
2009-05-03 21:51 . 2006-04-23 15:30 -------- d-----w c:\program files\Kodak
2009-04-23 18:59 . 2009-04-05 02:24 300 ----a-w c:\windows\Rgizakihe.dat
2009-04-22 13:19 . 2008-09-27 21:59 192512 ----a-w c:\windows\system32\kdfvmgr.exe
2009-04-22 13:19 . 2008-09-27 21:59 77824 ----a-w c:\windows\system32\kdfapi.dll
2009-04-22 13:19 . 2008-09-27 21:59 53248 ----a-w c:\windows\system32\Kdfhok.dll
2009-04-22 13:17 . 2008-09-27 21:59 722472 ----a-w c:\windows\system32\kdfmgr.exe
2009-04-19 07:14 . 2006-02-01 09:21 -------- d-----w c:\program files\CyberLink
2009-04-19 07:11 . 2006-02-01 09:31 -------- d-----w c:\program files\BigFix
2009-04-19 04:02 . 2009-04-19 04:01 -------- d-----w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-19 04:02 . 2009-04-19 04:01 -------- d-----w c:\program files\iTunes
2009-04-19 04:01 . 2009-04-19 04:01 -------- d-----w c:\program files\iPod
2009-04-19 04:00 . 2009-04-19 04:00 -------- d-----w c:\program files\Bonjour
2009-04-19 04:00 . 2009-04-19 03:59 -------- d-----w c:\program files\QuickTime
2009-04-19 03:58 . 2009-04-19 03:58 -------- d-----w c:\program files\Apple Software Update
2009-04-13 22:55 . 2006-04-12 00:18 -------- d-----w c:\documents and settings\Owner\Application Data\Canon
2009-04-13 22:55 . 2006-04-12 00:18 -------- d-----w c:\docume~1\Owner\APPLIC~1\Canon
2009-04-13 22:54 . 2009-04-13 22:54 -------- d--h--w c:\program files\CanonBJ
2009-04-05 01:49 . 2009-04-05 01:49 -------- d-----w c:\documents and settings\Owner\Application Data\MSNInstaller
2009-04-05 01:49 . 2009-04-05 01:49 -------- d-----w c:\docume~1\Owner\APPLIC~1\MSNInstaller
2009-04-04 03:44 . 2009-03-28 19:37 0 ----a-w c:\windows\system32\drivers\da13ac3e.sys
2009-04-02 20:00 . 2008-09-27 19:02 52752 ----a-w c:\windows\system32\drivers\tmactmon.sys
2009-04-02 20:00 . 2008-09-27 19:02 52624 ----a-w c:\windows\system32\drivers\tmevtmgr.sys
2009-04-02 20:00 . 2008-09-27 19:02 142864 ----a-w c:\windows\system32\drivers\tmcomm.sys
2009-03-27 03:10 . 1601-01-01 00:12 61440 --sha-w c:\windows\system32\bajukeko.exe
2009-03-19 20:32 . 2009-04-19 04:02 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-16 18:18 . 2009-04-19 06:55 69448 ----a-w c:\windows\system32\XAPOFX1_3.dll
2009-03-16 18:18 . 2009-04-19 06:55 517448 ----a-w c:\windows\system32\XAudio2_4.dll
2009-03-16 18:18 . 2009-04-19 06:55 235352 ----a-w c:\windows\system32\xactengine3_4.dll
2009-03-16 18:18 . 2009-04-19 06:55 22360 ----a-w c:\windows\system32\X3DAudio1_6.dll
2009-03-09 19:27 . 2009-04-19 06:55 453456 ----a-w c:\windows\system32\d3dx10_41.dll
2009-03-09 19:27 . 2009-04-19 06:55 1846632 ----a-w c:\windows\system32\D3DCompiler_41.dll
2009-03-09 19:27 . 2009-04-19 06:55 4178264 ----a-w c:\windows\system32\D3DX9_41.dll
2009-03-08 18:22 . 2009-03-08 18:22 1241088 ----a-w c:\windows\system32\SETC9.tmp
2009-03-08 18:21 . 2009-03-08 18:21 2771706 ------w c:\windows\inf\SETA4.tmp
2009-03-08 18:21 . 2009-03-08 18:21 2771706 ------w c:\windows\inf\SET50.tmp
2009-03-08 18:21 . 2009-03-08 18:21 13460 ------w c:\windows\inf\IEM\
0409\SETA5.tmp
2009-03-08 18:21 . 2009-03-08 18:21 13460 ------w c:\windows\inf\IEM\
0409\SET51.tmp
2009-03-08 18:21 . 2009-03-08 18:21 10240 ------w c:\windows\system32\SETB8.tmp
2009-03-08 18:09 . 2009-03-08 18:09 391536 ----a-w c:\windows\system32\SETC6.tmp
2009-03-08 08:41 . 2009-03-08 08:41 5937152 ----a-w c:\windows\system32\SETDB.tmp
2009-03-08 08:39 . 2009-03-08 08:39 11063808 ----a-w c:\windows\system32\SETC8.tmp
2009-03-08 08:35 . 2009-03-08 08:35 385024 ----a-w c:\windows\system32\SETBC.tmp
2009-03-08 08:34 . 2009-03-08 08:34 914944 ----a-w c:\windows\system32\SETEB.tmp
2009-03-08 08:34 . 2009-03-08 08:34 1206784 ----a-w c:\windows\system32\SETE7.tmp
2009-03-08 08:34 . 2009-03-08 08:34 1469440 ----a-w c:\windows\system32\SETD1.tmp
2009-03-08 08:34 . 2009-03-08 08:34 236544 ----a-w c:\windows\system32\SETE9.tmp
2009-03-08 08:34 . 2009-03-08 08:34 208384 ------w c:\windows\system32\SETEA.tmp
2009-03-08 08:34 . 2009-03-08 08:34 43008 ----a-w c:\windows\system32\SETD5.tmp
2009-03-08 08:34 . 2009-03-08 08:34 105984 ----a-w c:\windows\system32\SETE6.tmp
2009-03-08 08:34 . 2009-03-08 08:34 193536 ----a-w c:\windows\system32\SETE0.tmp
2009-03-08 08:34 . 2009-03-08 08:34 109568 ----a-w c:\windows\system32\SETE3.tmp
2009-03-08 08:33 . 2009-03-08 08:33 18944 ----a-w c:\windows\system32\SETB9.tmp
2009-03-08 08:33 . 2009-03-08 08:33 25600 ----a-w c:\windows\system32\SETD4.tmp
2009-03-08 08:33 . 2009-03-08 08:33 726528 ----a-w c:\windows\system32\SETD3.tmp
2009-03-08 08:33 . 2009-03-08 08:33 229376 ----a-w c:\windows\system32\SETC2.tmp
2009-03-08 08:33 . 2009-03-08 08:33 420352 ----a-w c:\windows\system32\SETE8.tmp
2009-03-08 08:33 . 2009-03-08 08:33 125952 ----a-w c:\windows\system32\SETC1.tmp
2009-03-08 08:32 . 2009-03-08 08:32 72704 ----a-w c:\windows\system32\SETB6.tmp
2009-03-08 08:32 . 2009-03-08 08:32 173056 ----a-w c:\windows\system32\SETBE.tmp
2009-03-08 08:32 . 2009-03-08 08:32 163840 ----a-w c:\windows\system32\SETC3.tmp
2009-03-08 08:32 . 2009-03-08 08:32 71680 ----a-w c:\windows\system32\SETCD.tmp
2009-03-08 08:32 . 2009-03-08 08:32 55808 ----a-w c:\windows\system32\SETCB.tmp
2009-03-08 08:32 . 2009-03-08 08:32 128512 ----a-w c:\windows\system32\SETB7.tmp
2009-03-08 08:32 . 2009-03-08 08:32 94720 ----a-w c:\windows\system32\SETD2.tmp
2009-03-08 08:32 . 2009-03-08 08:32 594432 ----a-w c:\windows\system32\SETD6.tmp
2009-03-08 08:32 . 2009-03-08 08:32 1985024 ----a-w c:\windows\system32\SETCC.tmp
2009-03-08 08:32 . 2009-03-08 08:32 611840 ----a-w c:\windows\system32\SETE2.tmp
2009-03-08 08:31 . 2009-03-08 08:31 183808 ----a-w c:\windows\system32\SETCA.tmp
2009-03-08 08:31 . 2009-03-08 08:31 13312 ------w c:\windows\system32\SETD8.tmp
2009-03-08 08:31 . 2009-03-08 08:31 59904 ----a-w c:\windows\system32\SETBD.tmp
2009-03-08 08:31 . 2009-03-08 08:31 55296 ----a-w c:\windows\system32\SETD7.tmp
2009-03-08 08:31 . 2009-03-08 08:31 348160 ----a-w c:\windows\system32\SETBA.tmp
2009-03-08 08:31 . 2009-03-08 08:31 34816 ----a-w c:\windows\system32\SETD0.tmp
2009-03-08 08:31 . 2009-03-08 08:31 216064 ----a-w c:\windows\system32\SETBB.tmp
2009-03-08 08:31 . 2009-03-08 08:31 46592 ----a-w c:\windows\system32\SETE4.tmp
2009-03-08 08:31 . 2009-03-08 08:31 66560 ----a-w c:\windows\system32\SETDD.tmp
2009-03-08 08:31 . 2009-03-08 08:31 48128 ----a-w c:\windows\system32\SETDE.tmp
2009-03-08 08:31 . 2009-03-08 08:31 45568 ----a-w c:\windows\system32\SETD9.tmp
2009-03-08 08:31 . 2009-03-08 08:31 1638912 ----a-w c:\windows\system32\SETDC.tmp
2009-03-08 08:30 . 2009-03-08 08:30 66560 ----a-w c:\windows\system32\SETE5.tmp
2009-03-08 08:22 . 2009-03-08 08:22 164352 ------w c:\windows\system32\SETCE.tmp
2009-03-08 08:22 . 2009-03-08 08:22 156160 ----a-w c:\windows\system32\SETDF.tmp
2009-03-08 08:15 . 2009-03-08 08:15 57667 ----a-w c:\windows\system32\SETCF.tmp
2009-03-08 08:11 . 2009-03-08 08:11 445952 ----a-w c:\windows\system32\SETC5.tmp
2009-03-06 14:00 . 2004-08-26 16:12 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:18 . 2004-08-26 16:12 826368 ----a-w c:\windows\system32\wininet.dll
2008-09-12 02:33 . 2008-09-12 02:33 27976 ----a-w c:\program files\mozilla firefox\plugins\atgpcdec.dll
2008-09-12 02:33 . 2008-09-12 02:33 125848 ----a-w c:\program files\mozilla firefox\plugins\atgpcext.dll
2006-07-13 01:10 . 2006-07-13 01:10 53283 ----a-w c:\program files\mozilla firefox\plugins\NCScnet.dll
2006-07-13 01:10 . 2006-07-13 01:10 1044514 ----a-w c:\program files\mozilla firefox\plugins\NCSEcw.dll
2006-07-13 01:10 . 2006-07-13 01:10 98339 ----a-w c:\program files\mozilla firefox\plugins\NCSUtil.dll
2007-12-28 22:24 . 2007-12-28 22:24 1031619 --sh--w c:\windows\system32\irlxqiwr.tmp
.
((((((((((((((((((((((((((((( SnapShot@2009-05-26_22.14.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-28 03:41 . 2009-05-28 03:41 16384 c:\windows\Temp\Perflib_Perfdata_108.dat
+ 2004-08-26 16:12 . 2009-02-03 20:08 55808 c:\windows\system32\secur32.dll
- 2004-08-26 16:12 . 2004-08-04 19:00 55808 c:\windows\system32\secur32.dll
+ 2004-08-26 16:12 . 2009-02-06 09:54 35328 c:\windows\system32\sc.exe
+ 2004-08-26 16:12 . 2009-02-20 18:09 44544 c:\windows\system32\pngfilt.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 44544 c:\windows\system32\pngfilt.dll
- 2004-08-26 16:12 . 2009-03-08 16:40 60828 c:\windows\system32\perfc009.dat
+ 2004-08-26 16:12 . 2009-05-26 23:29 60828 c:\windows\system32\perfc009.dat
+ 2004-08-26 18:00 . 2008-06-12 14:16 91648 c:\windows\system32\mtxoci.dll
- 2004-08-26 16:12 . 2006-03-01 19:42 66560 c:\windows\system32\mtxclu.dll
+ 2004-08-26 16:12 . 2008-06-12 14:16 66560 c:\windows\system32\mtxclu.dll
- 2007-08-13 23:54 . 2008-12-20 23:15 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 23:54 . 2009-02-20 18:09 52224 c:\windows\system32\msfeedsbs.dll
- 2004-08-26 18:00 . 2004-08-04 19:00 58880 c:\windows\system32\msdtclog.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 58880 c:\windows\system32\msdtclog.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 27648 c:\windows\system32\jsproxy.dll
+ 2007-08-13 23:39 . 2009-02-20 10:20 13824 c:\windows\system32\ieudinit.exe
- 2004-08-26 16:11 . 2008-12-20 23:15 44544 c:\windows\system32\iernonce.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 44544 c:\windows\system32\iernonce.dll
- 2007-08-13 22:45 . 2007-08-13 22:45 78336 c:\windows\system32\ieencode.dll
+ 2007-08-13 22:45 . 2009-02-20 18:09 78336 c:\windows\system32\ieencode.dll
- 2004-08-26 16:11 . 2008-12-19 09:10 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-26 16:11 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe
+ 2007-08-13 23:36 . 2009-02-20 18:09 63488 c:\windows\system32\icardie.dll
- 2007-08-13 23:36 . 2008-12-20 23:15 63488 c:\windows\system32\icardie.dll
+ 2004-08-26 16:12 . 2009-02-03 20:08 55808 c:\windows\system32\dllcache\secur32.dll
- 2004-08-26 16:12 . 2004-08-04 19:00 55808 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-26 16:12 . 2009-02-06 09:54 35328 c:\windows\system32\dllcache\sc.exe
- 2004-08-26 16:12 . 2008-12-20 23:15 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2004-08-26 16:12 . 2008-06-12 14:16 66560 c:\windows\system32\dllcache\mtxclu.dll
- 2004-08-26 16:12 . 2006-03-01 19:42 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2007-10-10 23:55 . 2009-02-20 18:09 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-10-10 23:55 . 2008-12-20 23:15 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 58880 c:\windows\system32\dllcache\msdtclog.dll
- 2004-08-26 18:00 . 2004-08-04 19:00 58880 c:\windows\system32\dllcache\msdtclog.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2007-10-10 10:59 . 2008-12-19 09:10 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-10-10 10:59 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2004-08-26 16:11 . 2009-02-20 18:09 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2007-08-13 22:45 . 2009-02-20 18:09 78336 c:\windows\system32\dllcache\ieencode.dll
- 2007-08-13 22:45 . 2007-08-13 22:45 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-26 16:11 . 2008-12-19 09:10 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-26 16:11 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-10-10 23:55 . 2009-02-20 18:09 63488 c:\windows\system32\dllcache\icardie.dll
- 2007-10-10 23:55 . 2008-12-20 23:15 63488 c:\windows\system32\dllcache\icardie.dll
- 2004-08-26 18:00 . 2005-07-26 04:39 60416 c:\windows\system32\dllcache\colbact.dll
+ 2004-08-26 18:00 . 2005-07-26 04:20 60416 c:\windows\system32\dllcache\colbact.dll
- 2004-08-26 18:00 . 2005-07-26 04:39 60416 c:\windows\system32\colbact.dll
+ 2004-08-26 18:00 . 2005-07-26 04:20 60416 c:\windows\system32\colbact.dll
+ 2009-05-27 00:29 . 2009-05-27 00:29 29184 c:\windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}\IconCD95F6617.exe
+ 2009-05-26 23:15 . 2008-12-20 23:15 44544 c:\windows\ie7updates\KB963027-IE7\pngfilt.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 52224 c:\windows\ie7updates\KB963027-IE7\msfeedsbs.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 27648 c:\windows\ie7updates\KB963027-IE7\jsproxy.dll
+ 2009-05-26 23:15 . 2007-08-13 22:39 13312 c:\windows\ie7updates\KB963027-IE7\ieudinit.exe
+ 2009-05-26 23:15 . 2008-12-20 23:15 44544 c:\windows\ie7updates\KB963027-IE7\iernonce.dll
+ 2009-05-26 23:15 . 2007-08-13 22:45 78336 c:\windows\ie7updates\KB963027-IE7\ieencode.dll
+ 2009-05-26 23:15 . 2008-12-19 09:10 70656 c:\windows\ie7updates\KB963027-IE7\ie4uinit.exe
+ 2009-05-26 23:15 . 2008-12-20 23:15 63488 c:\windows\ie7updates\KB963027-IE7\icardie.dll
- 2004-08-26 16:12 . 2004-08-04 19:00 351232 c:\windows\system32\winhttp.dll
+ 2004-08-26 16:12 . 2008-12-16 12:47 351232 c:\windows\system32\winhttp.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 233472 c:\windows\system32\webcheck.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 233472 c:\windows\system32\webcheck.dll
+ 2004-08-26 18:00 . 2009-02-06 09:41 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2004-08-26 18:00 . 2009-02-10 22:31 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2004-08-26 18:00 . 2009-02-09 10:01 473088 c:\windows\system32\wbem\fastprox.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 105984 c:\windows\system32\url.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 105984 c:\windows\system32\url.dll
+ 2004-08-26 16:12 . 2009-02-06 10:22 110592 c:\windows\system32\services.exe
+ 2004-08-26 16:12 . 2009-02-09 10:01 401408 c:\windows\system32\rpcss.dll
- 2004-08-26 16:12 . 2009-03-08 16:40 400794 c:\windows\system32\perfh009.dat
+ 2004-08-26 16:12 . 2009-05-26 23:29 400794 c:\windows\system32\perfh009.dat
+ 2004-08-26 16:12 . 2009-02-20 18:09 102912 c:\windows\system32\occache.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 102912 c:\windows\system32\occache.dll
+ 2004-08-26 16:12 . 2009-02-09 10:01 715264 c:\windows\system32\ntdll.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 671232 c:\windows\system32\mstime.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 671232 c:\windows\system32\mstime.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 193024 c:\windows\system32\msrating.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 193024 c:\windows\system32\msrating.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 477696 c:\windows\system32\mshtmled.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 477696 c:\windows\system32\mshtmled.dll
+ 2007-08-13 23:54 . 2009-02-20 18:09 459264 c:\windows\system32\msfeeds.dll
- 2007-08-13 23:54 . 2008-12-20 23:15 459264 c:\windows\system32\msfeeds.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 161792 c:\windows\system32\msdtcuiu.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 956928 c:\windows\system32\msdtctm.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 428032 c:\windows\system32\msdtcprx.dll
+ 2004-08-26 16:11 . 2009-02-09 10:01 728576 c:\windows\system32\lsasrv.dll
+ 2004-08-26 16:11 . 2009-03-21 14:18 986112 c:\windows\system32\kernel32.dll
+ 2007-08-13 23:34 . 2009-02-20 18:09 268288 c:\windows\system32\iertutil.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 385024 c:\windows\system32\iedkcs32.dll
- 2007-07-11 17:27 . 2008-12-20 23:15 383488 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 17:27 . 2009-02-20 18:09 383488 c:\windows\system32\ieapfltr.dll
- 2004-08-26 16:11 . 2008-12-19 05:23 161792 c:\windows\system32\ieakui.dll
+ 2004-08-26 16:11 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 230400 c:\windows\system32\ieaksie.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 153088 c:\windows\system32\ieakeng.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 133120 c:\windows\system32\extmgr.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 133120 c:\windows\system32\extmgr.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 214528 c:\windows\system32\dxtrans.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-26 18:00 . 2008-04-21 10:02 215552 c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-26 18:00 . 2009-02-06 09:41 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2004-08-26 18:00 . 2009-02-10 22:31 453120 c:\windows\system32\dllcache\wmiprvsd.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 826368 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-26 16:12 . 2009-03-03 00:18 826368 c:\windows\system32\dllcache\wininet.dll
- 2004-08-26 16:12 . 2004-08-04 19:00 351232 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-26 16:12 . 2008-12-16 12:47 351232 c:\windows\system32\dllcache\winhttp.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-26 16:12 . 2009-02-06 10:22 110592 c:\windows\system32\dllcache\services.exe
+ 2004-08-26 16:12 . 2009-02-09 10:01 401408 c:\windows\system32\dllcache\rpcss.dll
+ 2004-08-26 16:12 . 2009-03-06 14:00 284160 c:\windows\system32\dllcache\pdh.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 102912 c:\windows\system32\dllcache\occache.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-26 16:12 . 2009-02-09 10:01 715264 c:\windows\system32\dllcache\ntdll.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2007-10-10 23:55 . 2008-12-20 23:15 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-10-10 23:55 . 2009-02-20 18:09 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2004-08-26 18:00 . 2008-06-12 14:16 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2004-08-26 16:11 . 2009-02-09 10:01 728576 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-26 16:11 . 2009-03-21 14:18 986112 c:\windows\system32\dllcache\kernel32.dll
+ 2004-08-26 18:01 . 2009-02-28 04:54 636072 c:\windows\system32\dllcache\iexplore.exe
+ 2007-10-10 23:55 . 2009-02-20 18:09 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-10-10 23:55 . 2008-12-20 23:15 383488 c:\windows\system32\dllcache\ieapfltr.dll
+ 2007-10-10 23:55 . 2009-02-20 18:09 383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2004-08-26 16:11 . 2008-12-19 05:23 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-26 16:11 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-26 18:00 . 2009-02-09 10:01 473088 c:\windows\system32\dllcache\fastprox.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 133120 c:\windows\system32\dllcache\extmgr.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-26 16:11 . 2009-02-09 10:01 617984 c:\windows\system32\dllcache\advapi32.dll
- 2004-08-26 16:11 . 2008-12-20 23:15 124928 c:\windows\system32\advpack.dll
+ 2004-08-26 16:11 . 2009-02-20 18:09 124928 c:\windows\system32\advpack.dll
+ 2004-08-26 16:11 . 2009-02-09 10:01 617984 c:\windows\system32\advapi32.dll
+ 2009-05-27 00:29 . 2009-05-27 00:29 632320 c:\windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}\IconCD95F66110.exe
+ 2009-05-26 23:15 . 2008-12-20 23:15 826368 c:\windows\ie7updates\KB963027-IE7\wininet.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 233472 c:\windows\ie7updates\KB963027-IE7\webcheck.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 105984 c:\windows\ie7updates\KB963027-IE7\url.dll
+ 2009-05-26 23:15 . 2008-07-09 07:38 382840 c:\windows\ie7updates\KB963027-IE7\spuninst\updspapi.dll
+ 2009-05-26 23:15 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB963027-IE7\spuninst\spuninst.exe
+ 2009-05-26 23:15 . 2008-12-20 23:15 102912 c:\windows\ie7updates\KB963027-IE7\occache.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 671232 c:\windows\ie7updates\KB963027-IE7\mstime.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 193024 c:\windows\ie7updates\KB963027-IE7\msrating.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 477696 c:\windows\ie7updates\KB963027-IE7\mshtmled.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 459264 c:\windows\ie7updates\KB963027-IE7\msfeeds.dll
+ 2009-05-26 23:15 . 2008-12-19 05:25 634024 c:\windows\ie7updates\KB963027-IE7\iexplore.exe
+ 2009-05-26 23:15 . 2008-12-20 23:15 267776 c:\windows\ie7updates\KB963027-IE7\iertutil.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 384512 c:\windows\ie7updates\KB963027-IE7\iedkcs32.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 383488 c:\windows\ie7updates\KB963027-IE7\ieapfltr.dll
+ 2009-05-26 23:15 . 2008-12-19 05:23 161792 c:\windows\ie7updates\KB963027-IE7\ieakui.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 230400 c:\windows\ie7updates\KB963027-IE7\ieaksie.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 153088 c:\windows\ie7updates\KB963027-IE7\ieakeng.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 133120 c:\windows\ie7updates\KB963027-IE7\extmgr.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 214528 c:\windows\ie7updates\KB963027-IE7\dxtrans.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 347136 c:\windows\ie7updates\KB963027-IE7\dxtmsft.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 124928 c:\windows\ie7updates\KB963027-IE7\advpack.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 1160192 c:\windows\system32\urlmon.dll
- 2004-08-26 16:12 . 2008-12-20 23:15 1160192 c:\windows\system32\urlmon.dll
- 2004-08-26 16:12 . 2008-05-07 05:18 1287680 c:\windows\system32\quartz.dll
+ 2004-08-26 16:12 . 2008-12-20 22:43 1287680 c:\windows\system32\quartz.dll
+ 2004-08-26 16:12 . 2009-02-06 10:32 2186112 c:\windows\system32\ntoskrnl.exe
+ 2004-08-04 05:59 . 2009-02-06 09:49 2062976 c:\windows\system32\ntkrnlpa.exe
- 2004-08-04 05:59 . 2008-08-14 09:18 2062976 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-26 16:12 . 2009-02-20 18:09 3595264 c:\windows\system32\mshtml.dll
+ 2007-08-13 23:54 . 2009-02-20 18:09 6066176 c:\windows\system32\ieframe.dll
- 2007-02-12 21:10 . 2007-07-01 03:31 2455488 c:\windows\system32\ieapfltr.dat
+ 2007-02-12 21:10 . 2008-07-09 14:25 2455488 c:\windows\system32\ieapfltr.dat
- 2004-08-26 16:12 . 2008-12-20 23:15 1160192 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-26 16:12 . 2009-02-20 18:09 1160192 c:\windows\system32\dllcache\urlmon.dll
- 2004-08-26 16:12 . 2008-05-07 05:18 1287680 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-26 16:12 . 2008-12-20 22:43 1287680 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-26 16:12 . 2009-02-06 10:32 2186112 c:\windows\system32\dllcache\ntoskrnl.exe
- 2006-12-19 16:12 . 2008-08-14 09:18 2020864 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2006-12-19 16:12 . 2009-02-06 09:49 2020864 c:\windows\system32\dllcache\ntkrpamp.exe
- 2004-08-04 05:59 . 2008-08-14 09:18 2062976 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2004-08-04 05:59 . 2009-02-06 09:49 2062976 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2006-12-19 16:49 . 2009-02-06 10:29 2142720 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2006-12-19 16:49 . 2008-08-14 09:55 2142720 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-26 16:12 . 2009-02-20 18:09 3595264 c:\windows\system32\dllcache\mshtml.dll
+ 2007-10-10 23:55 . 2009-02-20 18:09 6066176 c:\windows\system32\dllcache\ieframe.dll
+ 2007-07-01 03:31 . 2008-07-09 14:25 2455488 c:\windows\system32\dllcache\ieapfltr.dat
- 2007-07-01 03:31 . 2007-07-01 03:31 2455488 c:\windows\system32\dllcache\ieapfltr.dat
+ 2009-05-26 23:15 . 2008-12-20 23:15 1160192 c:\windows\ie7updates\KB963027-IE7\urlmon.dll
+ 2009-05-26 23:15 . 2009-01-17 02:35 3594752 c:\windows\ie7updates\KB963027-IE7\mshtml.dll
+ 2009-05-26 23:15 . 2008-12-20 23:15 6066688 c:\windows\ie7updates\KB963027-IE7\ieframe.dll
+ 2009-05-26 23:15 . 2007-07-01 03:31 2455488 c:\windows\ie7updates\KB963027-IE7\ieapfltr.dat
+ 2006-02-01 09:39 . 2009-02-06 10:32 2186112 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2006-02-01 09:39 . 2009-02-06 09:49 2020864 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2006-02-01 09:39 . 2008-08-14 09:18 2020864 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2006-02-01 09:39 . 2009-02-06 09:49 2062976 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2006-02-01 09:39 . 2008-08-14 09:18 2062976 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2006-02-01 09:39 . 2009-02-06 10:29 2142720 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2006-02-01 09:39 . 2008-08-14 09:55 2142720 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-05-03 23:23 . 2009-05-07 07:16 24699336 c:\windows\system32\MRT.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2008-02-16 492808]
"Aim6"="c:\program files\AIM6\aim6.exe" [2009-05-19 49968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-07-29 1398024]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-09-18 7204864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-22 148888]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-04-20 337216]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-09-18 1519616]
c:\documents and settings\Owner\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"usnjsvc"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"<NO NAME>"= c:\\ocqkmoc.exe
"c:\\WINDOWS\\system32\\kdfmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [10/10/2008 6:45 AM 13088]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [9/27/2008 3:02 PM 52624]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2/16/2008 5:00 AM 36368]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2/16/2008 5:00 AM 333328]
S1 da13ac3e;da13ac3e;c:\windows\system32\drivers\da13ac3e.sys [3/28/2009 3:37 PM 0]
--- Other Services/Drivers In Memory ---
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - NVSvc
*Deregistered* - PolicyAgent
*Deregistered* - PrismXL
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SfCtlCom
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TMBMServer
*Deregistered* - TmPfw
*Deregistered* - tmproxy
*Deregistered* - TrkWks
*Deregistered* - UMWdf
*Deregistered* - W32Time
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WUSB54GSSVC
*Deregistered* - WZCSVC
.
Contents of the 'Scheduled Tasks' folder
2009-04-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2009-05-28 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-13 21:38]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.yahoo.com/uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
hxxps://secure.gopetslive.com/dev/GoPetsWeb.cabFF - ProfilePath - c:\docume~1\Owner\APPLIC~1\Mozilla\Firefox\Profiles\n7hnubt8.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.aol.com/aolcom/search?inv ... ie7&query=FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://finance.yahoo.com/FF - prefs.js: keyword.URL -
hxxp://search.aol.com/aolcom/search?inv ... Fab&query=FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NP_NCS6.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NP_NCSPB6.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NP_NCSTB6.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-05-28 00:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2900)
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll
.
Completion time: 2009-05-28 0:42
ComboFix-quarantined-files.txt 2009-05-28 04:42
ComboFix2.txt 2009-05-26 22:35
Pre-Run: 66,279,989,248 bytes free
Post-Run: 66,777,686,016 bytes free
600 --- E O F --- 2009-05-28 04:12