The combofix Log:ComboFix 08-06-10.5 - Computer 2008-06-12 17:17:57.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.1.1033.18.356 [GMT 3:00]
Running from: C:\Documents and Settings\Computer\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Computer\Desktop\CFScript.txt
* Created a new restore point
* Resident AV is active
FILE ::
C:\Documents and Settings\All Users\Application Data\ezsid.dat
C:\WINDOWS\BM2d8bcf22.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\bbwstkxo.dll
C:\WINDOWS\system32\esplqypi.dll
C:\WINDOWS\system32\fccccCVN.dll
C:\WINDOWS\system32\rqRJbAst.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\ezsid.dat
C:\WINDOWS\BM2d8bcf22.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\bbwstkxo.dll
.
((((((((((((((((((((((((( Files Created from 2008-05-12 to 2008-06-12 )))))))))))))))))))))))))))))))
.
2008-06-12 16:40 . 2008-06-12 16:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-12 16:28 . 2008-06-12 16:28 <DIR> d-------- C:\Program Files\Yahoo!
2008-06-12 15:31 . 2008-06-12 15:31 <DIR> d-------- C:\Program Files\Perfect Uninstaller
2008-06-12 15:31 . 2008-06-12 15:31 42 --a------ C:\WINDOWS\system32\AK083E209605E394C.lie
2008-06-12 13:55 . 2002-08-29 09:10 229,479 --a------ C:\WINDOWS\system32\jpicpl32.cpl
2008-06-11 21:03 . 2008-06-11 21:03 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-06-11 20:59 . 2008-06-11 20:59 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-06-11 20:58 . 2007-02-28 12:55 2,182,144 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-06-11 20:58 . 2007-02-28 12:53 2,137,600 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-06-11 20:58 . 2007-02-28 12:15 2,017,280 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-06-11 20:57 . 2008-06-12 14:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-11 20:50 . 2008-04-14 14:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 20:50 . 2008-04-14 14:01 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 20:27 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-06-11 20:27 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-11 20:26 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-06-11 11:31 . 2008-06-12 16:56 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-11 11:27 . 2008-06-12 13:48 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-11 11:27 . 2008-06-11 11:27 <DIR> d-------- C:\Program Files\AVG
2008-06-11 11:27 . 2008-06-11 11:35 <DIR> d-------- C:\Documents and Settings\Computer\Application Data\AVGTOOLBAR
2008-06-11 11:27 . 2008-06-11 11:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-11 11:27 . 2008-06-11 11:27 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-11 11:27 . 2008-06-11 11:27 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-11 11:27 . 2008-06-11 11:27 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-06-10 21:02 . 2008-06-10 21:02 <DIR> d-------- C:\Program Files\Freecorder Toolbar
2008-06-10 21:02 . 2007-03-04 14:55 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll
2008-06-10 21:01 . 2008-06-10 20:59 737,280 --a------ C:\WINDOWS\iun6002.exe
2008-06-10 21:01 . 2007-03-04 14:55 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll
2008-06-10 20:59 . 2008-06-11 16:51 <DIR> d-------- C:\Program Files\Replay Converter
2008-06-10 17:44 . 2003-11-04 15:11 159,744 --a------ C:\WINDOWS\system32\lfpng13n.dll
2008-06-10 16:46 . 2008-06-10 16:46 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-10 16:31 . 2008-06-10 16:31 <DIR> d-------- C:\VundoFix Backups
2008-06-09 22:26 . 2008-06-09 22:26 <DIR> d-------- C:\Program Files\ImTOO
2008-06-09 22:17 . 2008-06-09 22:19 1,791,918,580 --a------ C:\output.avi
2008-06-09 17:11 . 2008-06-09 17:34 <DIR> d-------- C:\Documents and Settings\Computer\Application Data\LimeWire
2008-06-09 17:08 . 2008-06-09 17:08 <DIR> d-------- C:\Program Files\Sun
2008-06-09 17:03 . 2008-06-09 17:12 <DIR> d-------- C:\Program Files\LimeWire
2008-06-09 17:02 . 2008-06-09 17:03 <DIR> d-------- C:\Program Files\Registry Easy
2008-06-09 16:08 . 2008-06-09 16:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-09 16:02 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-06-09 13:10 . 2008-06-09 13:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-09 12:41 . 2008-06-09 12:41 <DIR> d-------- C:\Documents and Settings\Computer\Application Data\Uniblue
2008-06-08 21:32 . 2008-06-08 21:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\winsyscfg
2008-06-08 14:55 . 2008-06-08 14:55 <DIR> d-------- C:\WINDOWS\Freecorder Toolbar
2008-06-08 14:55 . 2008-06-10 21:03 <DIR> d-------- C:\Program Files\Freecorder
2008-06-08 14:55 . 2008-06-08 14:55 <DIR> d-------- C:\Program Files\Conduit
2008-06-08 14:55 . 2008-06-10 21:02 2,725,048 --a------ C:\Program Files\FLV PlayerFCSetup.exe
2008-06-08 14:54 . 2008-06-08 14:54 <DIR> d-------- C:\WINDOWS\Replay Media Catcher
2008-06-08 14:54 . 2008-06-11 16:53 <DIR> d-------- C:\Program Files\Replay Media Catcher
2008-06-08 14:54 . 2008-06-10 21:00 7,710,016 --a------ C:\Program Files\FLV PlayerRCATSetup.exe
2008-06-08 14:52 . 2008-06-08 14:52 <DIR> d-------- C:\WINDOWS\Applian FLV Player
2008-06-08 14:52 . 2008-06-08 14:52 <DIR> d-------- C:\Program Files\FLV Player
2008-06-08 14:52 . 2008-06-10 20:59 <DIR> d-------- C:\Documents and Settings\Computer\Application Data\GetRightToGo
2008-06-08 14:52 . 2008-06-10 20:59 411,248 --a------ C:\Program Files\FLV PlayerRCSetup.exe
2008-06-06 22:51 . 2008-06-06 23:08 <DIR> d-------- C:\VideoToDVD
2008-06-06 21:26 . 2008-06-06 21:28 <DIR> d-------- C:\OutputFolder
2008-06-03 20:35 . 2008-06-03 20:35 <DIR> d-------- C:\Program Files\MSBuild
2008-06-03 20:28 . 2008-06-03 20:28 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-06-03 20:28 . 2008-06-03 20:28 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-06-03 19:51 . 2006-06-29 13:07 14,048 --a------ C:\WINDOWS\system32\spmsg2.dll
2008-06-03 19:50 . 2008-06-03 19:57 <DIR> d-------- C:\Documents and Settings\Computer\Application Data\Ulead Systems
2008-06-03 19:49 . 2008-06-03 19:49 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2008-06-03 19:48 . 2008-06-03 19:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-06-03 19:48 . 2007-03-06 11:58 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-06-03 19:48 . 2007-03-06 11:58 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-06-03 19:48 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-06-03 19:48 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-06-03 19:48 . 2007-03-06 11:58 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-06-03 19:48 . 2007-03-06 11:58 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-06-03 19:46 . 2008-06-03 19:46 <DIR> d-------- C:\Program Files\Windows Media Components
2008-06-03 19:45 . 2008-06-03 19:45 <DIR> d-------- C:\Program Files\Ulead Systems
2008-06-03 19:45 . 2008-06-03 19:46 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2008-06-03 19:45 . 2008-06-03 19:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-06-02 17:35 . 2008-06-02 17:35 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-05-30 21:03 . 2007-10-13 20:34 86,016 --a------ C:\WINDOWS\system32\pmservice.exe
2008-05-26 14:53 . 2008-06-08 13:26 <DIR> d-------- C:\Mp3 Output
2008-05-26 14:53 . 2006-11-01 14:52 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-05-26 14:53 . 2007-02-25 15:36 383,238 --a------ C:\WINDOWS\system32\libmp3lame-0.dll
2008-05-17 13:37 . 2008-06-08 12:31 <DIR> d-------- C:\Documents and Settings\Computer\Application Data\IDM
2008-05-17 13:37 . 2008-06-10 17:32 <DIR> d-------- C:\Documents and Settings\Computer\Application Data\DMCache
2008-05-17 11:11 . 2008-06-10 17:38 <DIR> d-------- C:\Program Files\Enigma Software Group
2008-05-16 22:22 . 2008-05-16 22:22 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-05-16 20:57 . 2008-05-16 21:00 510,189,896 --a------ C:\Adobe Photoshop CS3 ME.exe
2008-05-15 17:48 . 2008-05-16 17:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-05-15 16:10 . 2008-05-15 16:10 <DIR> d-------- C:\Program Files\uTorrent
2008-05-15 16:10 . 2008-06-08 22:06 <DIR> d-------- C:\Documents and Settings\Computer\Application Data\uTorrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-12 11:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-12 10:56 --------- d-----w C:\Program Files\Java
2008-06-12 10:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-09 13:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-09 10:32 --------- d-----w C:\Program Files\MSN Messenger
2008-06-09 10:21 --------- d-----w C:\Program Files\Adverts
2008-06-06 18:13 --------- d-----w C:\Documents and Settings\Computer\Application Data\Skype
2008-06-06 17:43 --------- d-----w C:\Documents and Settings\Computer\Application Data\skypePM
2008-06-03 16:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 14:35 --------- d-----w C:\Program Files\Common Files\Real
2008-06-02 14:34 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-06-02 14:34 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-05-17 08:14 --------- d-----w C:\Documents and Settings\Computer\Application Data\this size
2008-05-16 20:46 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-15 13:29 --------- d-----w C:\Program Files\ESET
2008-05-10 14:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-05-08 12:14 203,008 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 04:55 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 22:08 --------- d-----w C:\Program Files\Bonjour
2008-05-06 22:03 --------- d-----w C:\Program Files\Apple Software Update
2008-05-06 22:00 --------- d-----w C:\Program Files\Common Files\Apple
2008-05-06 22:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-04-21 06:56 666,624 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-26 08:09 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 07:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-19 09:40 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-02-07 09:17 193,951 ----a-w C:\Program Files\A-Patch140rc1b9_WLM.zip
2008-02-06 15:01 958,352 ----a-w C:\Program Files\A-Patch130rc1b54_WLM.zip
2007-08-18 15:46 16,740,208 ----a-w C:\Program Files\Install_Messenger.exe
.
((((((((((((((((((((((((((((( snapshot@2008-06-11_20.05.33.26 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-11 16:57:09 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-12 11:02:40 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-14 11:01:02 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2007-02-28 09:53:04 2,137,600 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2007-02-27 22:15:58 2,059,392 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2007-02-28 09:15:59 2,017,280 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2007-02-28 09:55:14 2,182,144 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
- 2006-12-18 19:33:48 1,033,216 ----a-w C:\WINDOWS\explorer.exe
+ 2007-06-13 11:26:03 1,033,216 ----a-w C:\WINDOWS\explorer.exe
+ 2003-07-07 10:36:00 2,058,343 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DAT
+ 2003-07-08 08:48:00 115,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DLL
- 2008-02-17 00:10:32 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-06-12 14:00:17 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-02-17 00:10:32 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-06-12 14:00:17 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-02-17 00:10:33 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-06-12 14:00:17 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-02-17 00:10:31 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-06-12 14:00:16 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-02-17 00:10:33 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-06-12 14:00:17 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-02-17 00:10:33 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-06-12 14:00:18 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-02-17 00:10:33 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-06-12 14:00:18 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-02-17 00:10:33 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-06-12 14:00:18 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-02-17 00:10:32 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-06-12 14:00:16 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-02-17 00:10:31 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-06-12 14:00:16 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-02-17 00:10:34 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-06-12 14:00:19 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-02-17 00:10:31 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-06-12 14:00:15 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-02-17 00:10:31 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-06-12 14:00:15 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-06-11 17:59:31 32,768 ----a-r C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
- 2006-12-18 19:33:35 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2007-03-09 13:58:57 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2006-12-18 19:33:38 1,022,976 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-04-21 06:56:54 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
- 2006-12-18 19:33:38 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-04-21 06:56:54 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2006-12-18 19:33:44 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-04-21 06:56:55 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
- 2006-12-18 19:33:35 57,344 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
+ 2007-03-09 13:58:57 57,344 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
- 2006-12-18 19:33:38 1,022,976 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-04-21 06:56:54 1,024,000 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2006-12-18 19:33:38 151,040 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2008-04-21 06:56:54 151,040 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2006-12-18 19:33:44 1,054,208 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2008-04-21 06:56:55 1,054,208 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2004-08-03 23:56:44 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2006-12-18 19:33:45 86,528 -c--a-w C:\WINDOWS\system32\dllcache\directdb.dll
+ 2007-05-16 15:32:55 86,528 -c--a-w C:\WINDOWS\system32\dllcache\directdb.dll
- 2006-12-18 19:33:45 147,456 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:19:35 147,968 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-03 23:56:44 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 18:49:36 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
- 2006-12-18 19:33:46 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-21 06:56:55 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2006-12-18 19:33:46 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-21 06:56:55 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2006-12-18 19:33:48 1,033,216 -c--a-w C:\WINDOWS\system32\dllcache\explorer.exe
+ 2007-06-13 11:26:03 1,033,216 -c--a-w C:\WINDOWS\system32\dllcache\explorer.exe
- 2006-12-18 19:33:48 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-21 06:56:55 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2006-12-18 19:33:51 280,064 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:52:43 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2006-12-18 19:33:54 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-04-17 10:46:59 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2006-12-18 19:33:55 251,904 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-04-21 06:56:56 251,904 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2006-12-18 19:33:56 679,424 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2007-08-21 06:25:02 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2006-12-18 19:33:56 96,256 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-04-21 06:56:56 96,256 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-12-18 19:33:58 465,864 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-12-18 14:40:58 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2006-12-18 19:33:58 15,872 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-21 06:56:56 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2006-12-18 19:33:59 985,600 -c--a-w C:\WINDOWS\system32\dllcache\kernel32.dll
+ 2007-04-16 16:07:27 986,112 -c--a-w C:\WINDOWS\system32\dllcache\kernel32.dll
- 2006-12-18 19:34:00 726,528 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:50:47 727,040 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2004-08-03 23:56:52 72,704 -c--a-w C:\WINDOWS\system32\dllcache\magnify.exe
+ 2006-10-04 08:48:36 72,704 -c--a-w C:\WINDOWS\system32\dllcache\magnify.exe
- 2004-08-03 23:56:44 39,936 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
+ 2007-03-08 15:48:36 40,960 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
- 2001-08-23 12:00:00 924,432 -c--a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
+ 2006-11-01 19:17:45 927,504 -c--a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
- 2004-08-03 23:56:44 1,024,000 -c--a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
+ 2006-12-14 13:45:53 981,760 -c--a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
- 2004-08-03 21:58:22 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-03 23:56:44 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:46:59 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-03 23:56:44 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:46:59 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-03 23:56:44 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:46:59 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-03 23:56:44 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:46:59 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-03 23:56:44 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:46:59 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-03 23:56:44 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:46:59 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-03 23:56:44 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:46:59 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-03 23:56:44 471,552 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:46:59 471,552 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-08-03 22:00:58 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
- 2004-08-03 23:56:44 536,576 -c--a-w C:\WINDOWS\system32\dllcache\msado15.dll
+ 2006-12-26 13:07:23 536,576 -c--a-w C:\WINDOWS\system32\dllcache\msado15.dll
- 2004-08-03 23:56:44 180,224 -c--a-w C:\WINDOWS\system32\dllcache\msadomd.dll
+ 2006-12-26 13:07:23 180,224 -c--a-w C:\WINDOWS\system32\dllcache\msadomd.dll
- 2004-08-03 23:56:44 200,704 -c--a-w C:\WINDOWS\system32\dllcache\msadox.dll
+ 2006-12-26 13:07:23 200,704 -c--a-w C:\WINDOWS\system32\dllcache\msadox.dll
- 2004-08-03 23:56:44 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-03 23:56:44 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2004-08-03 23:56:44 537,088 -c--a-w C:\WINDOWS\system32\dllcache\msftedit.dll
+ 2006-11-27 14:54:06 539,136 -c--a-w C:\WINDOWS\system32\dllcache\msftedit.dll
- 2006-12-18 19:34:22 3,061,248 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-21 06:56:57 3,066,880 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2006-12-18 19:34:22 448,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-21 06:56:57 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2006-12-18 19:34:24 2,890,240 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2007-04-18 16:12:23 2,854,400 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
- 2004-08-03 23:56:44 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-07-17 10:34:48 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-03 23:56:44 151,583 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-26 08:09:15 151,583 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-08-03 23:56:44 102,400 -c--a-w C:\WINDOWS\system32\dllcache\msjro.dll
+ 2006-12-26 13:07:23 102,400 -c--a-w C:\WINDOWS\system32\dllcache\msjro.dll
- 2004-08-03 23:56:44 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-03 23:56:44 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-03 23:56:44 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 07:20:46 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2006-12-18 19:34:27 1,314,816 -c--a-w C:\WINDOWS\system32\dllcache\msoe.dll
+ 2007-05-16 15:32:56 1,314,816 -c--a-w C:\WINDOWS\system32\dllcache\msoe.dll
- 2004-08-03 23:56:44 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2006-12-18 19:34:27 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-21 06:56:57 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-08-03 23:56:44 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-03 23:56:44 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-03 23:56:44 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-03 23:56:44 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2006-12-18 19:34:28 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-21 06:56:58 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2006-12-18 19:34:30 838,360 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2006-12-18 19:34:31 621,272 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-03 23:56:46 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
- 2006-12-18 19:34:32 1,084,416 -c--a-w C:\WINDOWS\system32\dllcache\msxml3.dll
+ 2007-06-26 06:06:12 1,104,896 -c--a-w C:\WINDOWS\system32\dllcache\msxml3.dll
- 2004-08-03 23:56:56 53,760 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe
+ 2006-10-04 08:48:36 53,760 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe
- 2004-08-03 22:15:10 574,592 -c--a-w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-09 11:10:35 574,464 -c--a-w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-27 22:15:58 2,059,392 -c----w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
- 2004-08-03 23:56:46 553,472 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:38:13 550,912 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2001-08-23 12:00:00 117,760 -c--a-w C:\WINDOWS\system32\dllcache\oledlg.dll
+ 2006-10-16 16:15:00 122,880 -c--a-w C:\WINDOWS\system32\dllcache\oledlg.dll
- 2004-08-03 23:56:56 215,552 -c--a-w C:\WINDOWS\system32\dllcache\osk.exe
+ 2006-10-04 08:48:37 215,552 -c--a-w C:\WINDOWS\system32\dllcache\osk.exe
- 2006-12-18 19:34:44 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-21 06:56:58 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2006-12-18 19:34:45 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 04:55:40 1,288,192 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2004-08-03 23:56:46 431,616 -c--a-w C:\WINDOWS\system32\dllcache\riched20.dll
+ 2006-11-27 14:54:06 433,152 -c--a-w C:\WINDOWS\system32\dllcache\riched20.dll
- 2006-12-18 19:34:48 202,496 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:14:51 203,008 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2006-12-18 19:34:49 582,144 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
+ 2007-07-09 13:16:16 582,656 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
- 2004-08-03 23:56:46 144,896 -c--a-w C:\WINDOWS\system32\dllcache\schannel.dll
+ 2007-04-25 14:21:15 144,896 -c--a-w C:\WINDOWS\system32\dllcache\schannel.dll
- 2006-12-18 19:34:54 1,497,600 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-04-21 06:56:58 1,499,136 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2006-12-18 19:35:01 8,458,240 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
- 2006-12-18 19:35:02 474,112 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-04-21 06:56:58 474,112 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2004-08-03 23:56:46 134,656 -c--a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
+ 2006-12-19 21:52:18 134,656 -c--a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
- 2006-12-18 19:35:07 360,576 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 16:53:32 360,832 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2004-08-03 23:56:48 35,840 -c--a-w C:\WINDOWS\system32\dllcache\umandlg.dll
+ 2006-10-04 13:33:38 35,840 -c--a-w C:\WINDOWS\system32\dllcache\umandlg.dll
- 2006-12-18 19:35:10 209,280 -c--a-w C:\WINDOWS\system32\dllcache\update.sys
+ 2007-04-23 10:14:23 364,160 -c--a-w C:\WINDOWS\system32\dllcache\update.sys
- 2004-08-03 23:56:48 185,344 -c--a-w C:\WINDOWS\system32\dllcache\upnphost.dll
+ 2007-02-05 20:17:02 185,344 -c--a-w C:\WINDOWS\system32\dllcache\upnphost.dll
- 2006-12-18 19:35:11 615,936 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-21 06:56:58 618,496 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2006-12-18 19:35:11 577,024 -c--a-w C:\WINDOWS\system32\dllcache\user32.dll
+ 2007-03-08 15:48:36 578,048 -c--a-w C:\WINDOWS\system32\dllcache\user32.dll
- 2004-08-03 23:56:58 50,176 -c--a-w C:\WINDOWS\system32\dllcache\utilman.exe
+ 2006-10-04 08:48:37 50,176 -c--a-w C:\WINDOWS\system32\dllcache\utilman.exe
- 2006-12-18 19:35:12 438,272 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-12-18 14:40:58 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2006-12-18 19:35:14 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-06-26 15:16:01 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2006-12-18 19:35:14 510,976 -c--a-w C:\WINDOWS\system32\dllcache\wab32.dll
+ 2007-05-16 15:32:56 510,976 -c--a-w C:\WINDOWS\system32\dllcache\wab32.dll
- 2006-12-18 19:35:14 85,504 -c--a-w C:\WINDOWS\system32\dllcache\wabimp.dll
+ 2007-05-16 15:32:56 85,504 -c--a-w C:\WINDOWS\system32\dllcache\wabimp.dll
- 2004-08-03 23:56:48 333,312 -c--a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
+ 2006-12-19 18:16:47 333,824 -c--a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
- 2006-12-18 19:35:18 1,839,616 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-19 09:40:27 1,845,888 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2006-12-18 19:35:18 664,576 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-21 06:56:59 666,624 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-12-18 19:35:18 291,840 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
+ 2007-03-17 13:45:03 292,864 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
- 2006-10-18 19:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\WMASF.dll
+ 2007-10-27 14:40:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2006-10-18 19:47:20 10,834,432 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
+ 2007-06-11 20:51:12 10,834,944 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
- 2006-12-18 19:33:45 147,456 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:19:35 147,968 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-03 23:56:44 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-02-20 18:49:36 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2004-08-03 21:58:22 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-08-03 22:00:58 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
- 2004-08-03 22:15:10 574,592 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
+ 2007-02-09 11:10:35 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
- 2006-12-18 19:34:51 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2007-11-13 10:25:53 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
- 2006-12-18 19:35:07 360,576 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-12-18 19:35:10 209,280 ----a-w C:\WINDOWS\system32\drivers\update.sys
+ 2007-04-23 10:14:23 364,160 ----a-w C:\WINDOWS\system32\drivers\update.sys
- 2006-12-18 19:33:46 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-21 06:56:55 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2006-12-18 19:33:46 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-21 06:56:55 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2006-12-18 19:33:48 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-21 06:56:55 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-06-04 08:45:57 1,509,536 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-12 11:02:48 1,508,544 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-12-18 19:33:51 280,064 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-02-20 06:52:43 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2006-12-18 19:33:55 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-04-21 06:56:56 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2006-12-18 19:33:56 679,424 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2007-08-21 06:25:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2006-12-18 19:33:56 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-04-21 06:56:56 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
- 2008-03-24 22:28:39 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2002-08-29 06:10:24 24,669 ----a-w C:\WINDOWS\system32\java.exe
- 2008-03-24 22:28:43 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2002-08-29 06:10:24 24,671 ----a-w C:\WINDOWS\system32\javaw.exe
- 2006-12-18 19:33:58 465,864 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-12-18 14:40:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
- 2006-12-18 19:33:58 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-21 06:56:56 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2006-12-18 19:33:59 985,600 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2007-04-16 16:07:27 986,112 ----a-w C:\WINDOWS\system32\kernel32.dll
- 2006-12-18 19:34:00 726,528 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:50:47 727,040 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2004-08-03 23:56:52 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
+ 2006-10-04 08:48:36 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
- 2004-08-03 23:56:44 39,936 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2007-03-08 15:48:36 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2001-08-23 12:00:00 924,432 ----a-w C:\WINDOWS\system32\mfc40u.dll
+ 2006-11-01 19:17:45 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
- 2004-08-03 23:56:44 1,024,000 ----a-w C:\WINDOWS\system32\mfc42u.dll
+ 2006-12-14 13:45:53 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll
- 2004-08-03 23:56:44 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:46:59 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-03 23:56:44 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:46:59 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-03 23:56:44 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:46:59 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-03 23:56:44 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:46:59 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-03 23:56:44 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:46:59 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-03 23:56:44 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:46:59 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-03 23:56:44 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:46:59 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-03 23:56:44 471,552 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:46:59 471,552 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2004-08-03 23:56:44 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-03 23:56:44 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2004-08-03 23:56:44 537,088 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2006-11-27 14:54:06 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2006-12-18 19:34:22 3,061,248 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-21 06:56:57 3,066,880 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2006-12-18 19:34:22 448,512 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-21 06:56:57 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2006-12-18 19:34:24 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
+ 2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-03 23:56:44 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-07-17 10:34:48 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-03 23:56:44 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-03 23:56:44 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-03 23:56:44 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2006-12-18 19:34:27 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-21 06:56:57 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-08-03 23:56:44 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-03 23:56:44 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-03 23:56:44 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2006-10-18 19:47:16 414,208 ----a-w C:\WINDOWS\system32\msscp.dll
+ 2006-12-04 13:21:50 414,720 ----a-w C:\WINDOWS\system32\msscp.dll
- 2004-08-03 23:56:44 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2006-12-18 19:34:28 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-21 06:56:58 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2006-12-18 19:34:30 838,360 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2006-12-18 19:34:31 621,272 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-03 23:56:46 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
- 2006-12-18 19:34:32 1,084,416 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2007-06-26 06:06:12 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
- 2006-12-18 19:34:33 1,245,696 ----a-w C:\WINDOWS\system32\msxml4.dll
+ 2007-05-08 12:03:04 1,275,392 ----a-w C:\WINDOWS\system32\msxml4.dll
- 2006-12-18 19:34:34 1,321,744 ----a-w C:\WINDOWS\system32\msxml6.dll
+ 2007-05-15 12:43:10 1,320,800 ----a-w C:\WINDOWS\system32\msxml6.dll
- 2004-08-03 23:56:56 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
+ 2006-10-04 08:48:36 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
- 2006-12-18 19:41:45 2,059,136 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2007-02-27 22:15:58 2,059,392 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2006-12-18 19:34:41 2,181,888 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2007-02-28 09:55:14 2,182,144 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2004-08-03 23:56:46 553,472 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2001-08-23 12:00:00 117,760 ----a-w C:\WINDOWS\system32\oledlg.dll
+ 2006-10-16 16:15:00 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2004-08-03 23:56:56 215,552 ----a-w C:\WINDOWS\system32\osk.exe
+ 2006-10-04 08:48:37 215,552 ----a-w C:\WINDOWS\system32\osk.exe
- 2008-06-09 12:24:12 67,220 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-06-12 13:46:26 67,220 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-06-09 12:24:12 430,496 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-06-12 13:46:26 430,496 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2006-12-18 19:34:44 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-21 06:56:58 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-03 23:56:46 431,616 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2006-11-27 14:54:06 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
- 2006-12-18 19:34:49 582,144 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2007-07-09 13:16:16 582,656 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2004-08-03 23:56:46 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
- 2006-12-18 19:34:54 1,497,600 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-04-21 06:56:58 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2006-12-18 19:35:01 8,458,240 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\shell32.dll
- 2006-12-18 19:35:02 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-04-21 06:56:58 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-03 23:56:46 134,656 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2006-12-19 21:52:18 134,656 ----a-w C:\WINDOWS\system32\shsvcs.dll
- 2006-09-25 15:58:48 14,640 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\system32\spmsg.dll
+ 2008-03-27 09:24:20 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2004-08-03 23:56:48 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
+ 2006-10-04 13:33:38 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
- 2004-08-03 23:56:48 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2006-12-18 19:35:11 615,936 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-21 06:56:58 618,496 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2006-12-18 19:35:11 577,024 ----a-w C:\WINDOWS\system32\user32.dll
+ 2007-03-08 15:48:36 578,048 ----a-w C:\WINDOWS\system32\user32.dll
- 2004-08-03 23:56:58 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
+ 2006-10-04 08:48:37 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
- 2006-12-18 19:35:12 438,272 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-12-18 14:40:58 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-03 23:56:48 333,312 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2006-12-19 18:16:47 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2006-12-18 19:35:18 291,840 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2007-03-17 13:45:03 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2006-10-18 19:47:18 222,208 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2007-10-27 14:40:30 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
- 2006-10-18 19:47:20 10,834,432 ----a-w C:\WINDOWS\system32\wmp.dll
+ 2007-06-11 20:51:12 10,834,944 ----a-w C:\WINDOWS\system32\wmp.dll
- 2006-12-18 19:35:24 248,320 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-17 10:37:04 351,744 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-05-08 12:06:44 1,275,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
+ 2007-01-19 20:15:24 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2007-01-19 20:15:24 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2007-01-19 20:15:24 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2007-01-19 20:15:24 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2008-04-16 11:06 1524760 --a------ C:\Program Files\Freecorder\tbFree.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "C:\Program Files\Freecorder\tbFree.dll" [2008-04-16 11:06 1524760]
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= C:\Program Files\Freecorder\tbFree.dll [2008-04-16 11:06 1524760]
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2008-02-07 12:43 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-06-02 17:34 185896]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-11 11:27 1177368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\X-Lite\\X-Lite.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"18531:TCP"= 18531:TCP:BitComet 18531 TCP
"18531:UDP"= 18531:UDP:BitComet 18531 UDP
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-11 11:27]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-11 11:27]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-11 11:27]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-11 11:27]
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-06-12 14:00:00 C:\WINDOWS\Tasks\8DE36F1390690E83.job"
- c:\docume~1\computer\applic~1\thissi~1\ReadmeBibEnc.exe
"2008-06-11 15:50:12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-12 17:21:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2008-06-12 17:24:38
ComboFix-quarantined-files.txt 2008-06-12 14:23:34
ComboFix2.txt 2008-06-11 17:07:01
Pre-Run: 15,865,798,656 bytes free
Post-Run: 15,890,284,544 bytes free
633 --- E O F --- 2008-06-12 11:00:17