Thanks - found it.
ComboFix 09-11-15.01 - Tom 11/15/2009 1:34.3.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.480 [GMT -5:00]
Running from: c:\documents and settings\Tom\Desktop\Combo-Fix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\ntuser.dll
c:\documents and settings\Tom\Local Settings\Application Data\bbabbc
c:\documents and settings\Tom\Local Settings\Application Data\bbabbc\ktqcsysguard.exe
c:\documents and settings\Tom\Local Settings\Application Data\jedynw\kcfusysguard.exe
c:\documents and settings\Tom\ntuser.dll
c:\documents and settings\Tom\nwiz .exe
c:\documents and settings\Tom\rthdcpl .exe
c:\documents and settings\Tom\rundll32 .exe
c:\documents and settings\Tom\Start Menu\Programs\Startup\scandisk.dll
c:\documents and settings\Tom\Start Menu\Programs\Startup\scandisk.lnk
c:\windows\system32\calc.dll
c:\windows\system32\ctfmon .exe
c:\windows\system32\hujufutu.dll
c:\windows\system32\nerocheck .exe
c:\windows\system32\ninobuku.dll.tmp
c:\windows\system32\pusonudu.dll.tmp
c:\windows\system32\zogadeli.dll.tmp
c:\windows\Tasks\xazhgtyu.job
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_6TO4
((((((((((((((((((((((((( Files Created from 2009-10-15 to 2009-11-15 )))))))))))))))))))))))))))))))
.
2009-11-15 06:26 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\exmgci
2009-11-15 06:26 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\chtapt
2009-11-15 05:28 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Application Data\bbabbc
2009-11-15 05:28 . 2009-11-14 23:46 260864 ----a-w- c:\documents and settings\Tom\Application Data\bbabbc\ktqcsysguard .exe
2009-11-15 05:28 . 2009-11-15 06:39 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\jedynw
2009-11-15 05:12 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\jfkkwd
2009-11-15 04:57 . 2009-11-15 04:57 -------- d-----w- C:\Combo-Fix
2009-11-15 04:56 . 2009-11-15 04:56 389120 ----a-w- c:\windows\system32\CF7635.exe
2009-11-15 04:56 . 2009-11-15 04:54 389120 ----a-w- c:\windows\system32\CF7325.exe
2009-11-15 04:21 . 2009-11-15 06:19 293526 ----a-w- c:\windows\system32\nerocheck.exe
2009-11-15 04:20 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\tcmnep
2009-11-15 04:04 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\kyvpip
2009-11-15 03:51 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\lcfvua
2009-11-15 03:50 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\xdlotm
2009-11-14 23:46 . 2009-11-14 23:46 39428 ----a-w- C:\penmrdya.exe
2009-11-14 23:46 . 2009-11-14 23:46 52736 ----a-w- C:\aywdthl.exe
2009-11-07 20:48 . 2009-11-14 19:23 79488 ----a-w- c:\documents and settings\Tom\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-10-21 00:43 . 2009-10-21 00:43 17632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\WSCUpdate.dll
2009-10-21 00:43 . 2009-10-21 00:43 3695616 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-15 06:44 . 2008-03-09 03:35 -------- d-----w- c:\program files\VisualTaskTips
2009-11-15 06:30 . 2009-08-25 19:03 -------- d-----w- c:\program files\iTunes
2009-11-15 06:30 . 2009-08-25 19:01 -------- d-----w- c:\program files\QuickTime
2009-11-15 06:30 . 2008-03-10 04:21 -------- d-----w- c:\program files\IconLock
2009-11-15 00:55 . 2009-07-03 16:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-09 23:34 . 2009-10-09 23:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-10-09 23:34 . 2009-10-09 23:34 -------- d-----w- c:\documents and settings\Tom\Application Data\Office Genuine Advantage
2009-10-01 01:55 . 2008-06-22 04:10 -------- d-----w- c:\program files\Windows Live
2009-10-01 01:48 . 2008-11-15 21:07 27152 ----a-w- c:\documents and settings\Tom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-29 21:29 . 2009-09-29 21:29 -------- d-----w- c:\program files\Google
2009-09-24 23:44 . 2009-09-24 23:44 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-09-24 23:42 . 2009-09-24 23:42 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-09-24 23:41 . 2008-03-10 03:41 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-24 23:41 . 2009-09-24 23:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-24 23:37 . 2009-09-24 23:37 -------- d-----w- c:\windows\Fonts\Fonts
2009-09-24 23:35 . 2009-09-24 23:35 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-09-24 23:35 . 2009-09-24 23:35 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-09-24 23:35 . 2009-09-24 23:35 116472 ------w- c:\windows\system32\pxcpyi64.exe
2009-09-24 23:35 . 2009-09-24 23:35 129784 ------w- c:\windows\system32\pxafs.dll
2009-09-24 23:35 . 2009-09-24 23:35 43528 ------w- c:\windows\system32\drivers\PxHelp20.sys
2009-09-24 23:35 . 2009-09-24 23:35 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-09-11 14:18 . 2004-08-03 23:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 05:07 . 2009-07-16 02:46 4045528 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-10 19:54 . 2009-07-03 16:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 19:53 . 2009-07-03 16:46 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2004-08-03 23:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-03 23:56 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-03 23:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-03 23:56 17408 ------w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2004-08-03 23:56 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 18:57 . 2009-08-25 18:57 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-08-20 19:09 . 2009-08-20 19:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-14 23:47 . 2009-08-14 23:47 1209915 --sha-w- c:\windows\system32\gugatemi.exe
.
------- Sigcheck -------
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\MsPMSNSv.dll
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-03 23:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-07-03_19.03.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2009-07-11 23:41 . 2009-07-11 23:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2009-11-15 06:42 . 2009-11-15 06:42 16384 c:\windows\Temp\Perflib_Perfdata_6d4.dat
+ 2008-03-10 00:51 . 2009-08-06 23:24 44768 c:\windows\system32\wups2.dll
+ 2008-03-09 03:13 . 2009-08-06 23:24 35552 c:\windows\system32\wups.dll
+ 2008-03-09 03:13 . 2009-08-06 23:24 53472 c:\windows\system32\wuauclt.exe
+ 2004-08-03 23:56 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2009-09-24 23:35 . 2009-09-24 23:35 39672 c:\windows\system32\vxblock.dll
+ 2007-11-13 11:31 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2004-08-03 23:56 . 2009-06-12 12:31 80896 c:\windows\system32\tlntsess.exe
+ 2004-08-03 23:56 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
- 2008-03-09 22:40 . 2007-08-11 00:46 26488 c:\windows\system32\spupdsvc.exe
+ 2008-03-09 22:40 . 2007-07-27 14:41 26488 c:\windows\system32\spupdsvc.exe
+ 2008-03-10 04:09 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
- 2008-03-10 00:53 . 2007-11-30 12:39 17272 c:\windows\system32\spmsg.dll
+ 2008-03-10 00:53 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2009-10-02 17:49 . 2009-08-06 23:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-02 17:49 . 2009-08-06 23:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2009-07-26 20:44 . 2009-07-26 20:44 48448 c:\windows\system32\sirenacm.dll
+ 2004-08-03 23:56 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2001-08-23 15:00 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
+ 2009-09-24 23:35 . 2009-09-24 23:35 64760 c:\windows\system32\pxinsa64.exe
+ 2009-09-24 23:35 . 2009-09-24 23:35 72440 c:\windows\system32\pxhpinst.exe
+ 2009-09-24 23:35 . 2009-09-24 23:35 64760 c:\windows\system32\pxcpya64.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-03 23:56 . 2009-08-29 07:36 44544 c:\windows\system32\pngfilt.dll
- 2004-08-03 23:56 . 2008-10-16 20:38 44544 c:\windows\system32\pngfilt.dll
+ 2001-08-23 15:00 . 2009-11-01 20:12 71408 c:\windows\system32\perfc009.dat
- 2007-10-24 05:47 . 2007-10-24 05:47 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\system32\mui\0409\mscorees.dll
- 2008-03-09 03:11 . 2008-04-14 00:12 91648 c:\windows\system32\mtxoci.dll
+ 2008-03-09 03:11 . 2008-06-12 14:23 91648 c:\windows\system32\mtxoci.dll
+ 2004-08-03 23:56 . 2008-06-12 14:23 66560 c:\windows\system32\mtxclu.dll
- 2004-08-03 23:56 . 2008-04-14 00:12 66560 c:\windows\system32\mtxclu.dll
- 2007-08-13 22:54 . 2008-10-16 20:38 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 22:54 . 2009-08-29 07:36 52224 c:\windows\system32\msfeedsbs.dll
- 2008-03-09 03:11 . 2008-04-14 00:11 58880 c:\windows\system32\msdtclog.dll
+ 2008-03-09 03:11 . 2008-06-12 14:23 58880 c:\windows\system32\msdtclog.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\system32\mscories.dll
- 2008-10-20 00:30 . 2008-03-15 03:31 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
- 2008-10-20 00:30 . 2008-03-15 15:38 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2008-10-20 00:30 . 2008-03-15 03:31 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
+ 2009-07-16 11:00 . 2009-07-16 11:00 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2008-10-20 00:30 . 2008-03-15 03:29 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-03-16 16:10 . 2009-09-11 20:18 88589 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-03-16 08:59 . 2009-03-16 08:59 53248 c:\windows\system32\Macromed\Common\SwSupport.dll
- 2009-01-21 12:42 . 2009-06-01 06:08 15688 c:\windows\system32\lsdelete.exe
+ 2009-01-21 12:42 . 2009-10-21 00:43 15688 c:\windows\system32\lsdelete.exe
- 2004-08-03 23:56 . 2008-10-16 20:38 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-03 23:56 . 2009-08-29 07:36 27648 c:\windows\system32\jsproxy.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\system32\infocardapi.dll
- 2007-08-13 22:39 . 2008-10-16 13:11 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-13 22:39 . 2009-08-28 10:28 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-03 23:56 . 2009-08-29 07:36 44544 c:\windows\system32\iernonce.dll
- 2004-08-03 23:56 . 2008-10-16 20:38 44544 c:\windows\system32\iernonce.dll
- 2004-08-03 23:56 . 2008-10-16 13:11 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-03 23:56 . 2009-08-28 10:28 70656 c:\windows\system32\ie4uinit.exe
+ 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\system32\icardres.dll
- 2007-08-13 22:36 . 2008-10-16 20:38 63488 c:\windows\system32\icardie.dll
+ 2007-08-13 22:36 . 2009-08-29 07:36 63488 c:\windows\system32\icardie.dll
+ 2001-08-23 15:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2009-08-25 18:59 . 2009-07-09 16:16 39424 c:\windows\system32\DRVSTORE\usbaapl_872A2434B7205D4BD84BBE53811BDCE15F347D5B\usbaapl.sys
+ 2009-08-25 18:59 . 2009-07-09 16:16 17408 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\netaapl.sys
+ 2009-08-25 19:03 . 2009-03-19 20:32 23400 c:\windows\system32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspiWDM.sys
+ 2009-10-01 01:55 . 2009-08-06 02:48 54752 c:\windows\system32\DRVSTORE\fssfltr_F64381C38F211E3160A660B196A6A585F80604F9\fssfltr_tdi.sys
+ 2009-07-03 19:59 . 2009-05-11 14:12 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2004-08-03 21:59 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2009-01-31 01:24 . 2009-03-19 20:32 23400 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2009-03-07 06:35 . 2009-08-06 02:48 54752 c:\windows\system32\drivers\fssfltr_tdi.sys
+ 2009-07-03 19:59 . 2009-03-30 14:33 96104 c:\windows\system32\drivers\avipbb.sys
+ 2009-07-03 19:59 . 2009-02-13 16:29 22360 c:\windows\system32\drivers\avgntmgr.sys
+ 2009-07-03 19:59 . 2009-08-06 03:10 55656 c:\windows\system32\drivers\avgntflt.sys
+ 2009-07-03 19:59 . 2009-02-13 16:17 45416 c:\windows\system32\drivers\avgntdd.sys
+ 2008-03-09 03:13 . 2009-08-06 23:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2008-03-09 03:13 . 2009-08-06 23:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-06-12 12:31 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2001-08-23 15:00 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
+ 2004-08-03 23:56 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2004-08-03 23:56 . 2008-10-16 20:38 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2008-03-10 03:15 . 2009-08-29 07:36 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-03-10 03:15 . 2008-10-16 20:38 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2004-08-03 23:56 . 2009-08-29 07:36 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-03 23:56 . 2008-10-16 20:38 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-03-10 03:15 . 2009-08-28 10:28 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2008-03-10 03:15 . 2008-10-16 13:11 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-03 23:56 . 2008-10-16 20:38 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-03 23:56 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-04-29 04:55 . 2009-08-29 07:36 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-03 23:56 . 2009-08-28 10:28 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-03 23:56 . 2008-10-16 13:11 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-03-10 03:15 . 2009-08-29 07:36 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-03-10 03:15 . 2008-10-16 20:38 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2006-10-14 20:43 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll
+ 2004-08-03 23:56 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ctfmon.exe
+ 2009-06-29 16:12 . 2009-08-29 07:36 17408 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-03 23:56 . 2009-08-06 23:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2009-07-03 19:05 . 2008-10-16 19:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-07-03 19:05 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-07-03 19:05 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-07-03 19:05 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-07-03 19:05 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-07-03 19:05 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-07-03 19:05 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-07-03 19:05 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-07-03 19:05 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-07-03 19:05 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 96760 c:\windows\system32\dfshim.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\system32\dfshim.dll
+ 2009-11-15 02:00 . 2009-11-15 02:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-03-09 03:19 . 2009-11-15 02:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-03-09 03:19 . 2009-07-03 18:40 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-03-09 03:19 . 2009-07-03 18:40 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-03-09 03:19 . 2009-11-15 02:00 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2004-08-03 23:56 . 2009-08-06 23:24 96480 c:\windows\system32\cdm.dll
+ 2004-08-03 23:56 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
- 2004-08-03 23:56 . 2008-04-14 00:11 84992 c:\windows\system32\avifil32.dll
- 2004-08-03 23:56 . 2008-04-14 00:11 58880 c:\windows\system32\atl.dll
+ 2004-08-03 23:56 . 2009-07-17 19:01 58880 c:\windows\system32\atl.dll
+ 2009-09-29 21:29 . 2009-09-29 21:29 87618 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2009-07-31 13:26 . 2009-07-31 13:26 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
- 2008-10-20 00:30 . 2008-08-06 20:21 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2009-07-31 12:54 . 2009-07-31 12:54 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
ComboFix 09-11-15.01 - Tom 11/15/2009 1:34.3.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.480 [GMT -5:00]
Running from: c:\documents and settings\Tom\Desktop\Combo-Fix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\ntuser.dll
c:\documents and settings\Tom\Local Settings\Application Data\bbabbc
c:\documents and settings\Tom\Local Settings\Application Data\bbabbc\ktqcsysguard.exe
c:\documents and settings\Tom\Local Settings\Application Data\jedynw\kcfusysguard.exe
c:\documents and settings\Tom\ntuser.dll
c:\documents and settings\Tom\nwiz .exe
c:\documents and settings\Tom\rthdcpl .exe
c:\documents and settings\Tom\rundll32 .exe
c:\documents and settings\Tom\Start Menu\Programs\Startup\scandisk.dll
c:\documents and settings\Tom\Start Menu\Programs\Startup\scandisk.lnk
c:\windows\system32\calc.dll
c:\windows\system32\ctfmon .exe
c:\windows\system32\hujufutu.dll
c:\windows\system32\nerocheck .exe
c:\windows\system32\ninobuku.dll.tmp
c:\windows\system32\pusonudu.dll.tmp
c:\windows\system32\zogadeli.dll.tmp
c:\windows\Tasks\xazhgtyu.job
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_6TO4
((((((((((((((((((((((((( Files Created from 2009-10-15 to 2009-11-15 )))))))))))))))))))))))))))))))
.
2009-11-15 06:26 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\exmgci
2009-11-15 06:26 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\chtapt
2009-11-15 05:28 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Application Data\bbabbc
2009-11-15 05:28 . 2009-11-14 23:46 260864 ----a-w- c:\documents and settings\Tom\Application Data\bbabbc\ktqcsysguard .exe
2009-11-15 05:28 . 2009-11-15 06:39 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\jedynw
2009-11-15 05:12 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\jfkkwd
2009-11-15 04:57 . 2009-11-15 04:57 -------- d-----w- C:\Combo-Fix
2009-11-15 04:56 . 2009-11-15 04:56 389120 ----a-w- c:\windows\system32\CF7635.exe
2009-11-15 04:56 . 2009-11-15 04:54 389120 ----a-w- c:\windows\system32\CF7325.exe
2009-11-15 04:21 . 2009-11-15 06:19 293526 ----a-w- c:\windows\system32\nerocheck.exe
2009-11-15 04:20 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\tcmnep
2009-11-15 04:04 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\kyvpip
2009-11-15 03:51 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\lcfvua
2009-11-15 03:50 . 2009-11-15 06:30 -------- d-----w- c:\documents and settings\Tom\Local Settings\Application Data\xdlotm
2009-11-14 23:46 . 2009-11-14 23:46 39428 ----a-w- C:\penmrdya.exe
2009-11-14 23:46 . 2009-11-14 23:46 52736 ----a-w- C:\aywdthl.exe
2009-11-07 20:48 . 2009-11-14 19:23 79488 ----a-w- c:\documents and settings\Tom\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-10-21 00:43 . 2009-10-21 00:43 17632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\WSCUpdate.dll
2009-10-21 00:43 . 2009-10-21 00:43 3695616 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-15 06:44 . 2008-03-09 03:35 -------- d-----w- c:\program files\VisualTaskTips
2009-11-15 06:30 . 2009-08-25 19:03 -------- d-----w- c:\program files\iTunes
2009-11-15 06:30 . 2009-08-25 19:01 -------- d-----w- c:\program files\QuickTime
2009-11-15 06:30 . 2008-03-10 04:21 -------- d-----w- c:\program files\IconLock
2009-11-15 00:55 . 2009-07-03 16:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-09 23:34 . 2009-10-09 23:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-10-09 23:34 . 2009-10-09 23:34 -------- d-----w- c:\documents and settings\Tom\Application Data\Office Genuine Advantage
2009-10-01 01:55 . 2008-06-22 04:10 -------- d-----w- c:\program files\Windows Live
2009-10-01 01:48 . 2008-11-15 21:07 27152 ----a-w- c:\documents and settings\Tom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-29 21:29 . 2009-09-29 21:29 -------- d-----w- c:\program files\Google
2009-09-24 23:44 . 2009-09-24 23:44 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-09-24 23:42 . 2009-09-24 23:42 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-09-24 23:41 . 2008-03-10 03:41 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-24 23:41 . 2009-09-24 23:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-24 23:37 . 2009-09-24 23:37 -------- d-----w- c:\windows\Fonts\Fonts
2009-09-24 23:35 . 2009-09-24 23:35 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-09-24 23:35 . 2009-09-24 23:35 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-09-24 23:35 . 2009-09-24 23:35 116472 ------w- c:\windows\system32\pxcpyi64.exe
2009-09-24 23:35 . 2009-09-24 23:35 129784 ------w- c:\windows\system32\pxafs.dll
2009-09-24 23:35 . 2009-09-24 23:35 43528 ------w- c:\windows\system32\drivers\PxHelp20.sys
2009-09-24 23:35 . 2009-09-24 23:35 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-09-11 14:18 . 2004-08-03 23:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 05:07 . 2009-07-16 02:46 4045528 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-10 19:54 . 2009-07-03 16:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 19:53 . 2009-07-03 16:46 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2004-08-03 23:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-03 23:56 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-03 23:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-03 23:56 17408 ------w- c:\windows\system32\corpol.dll
2009-08-26 08:00 . 2004-08-03 23:56 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 18:57 . 2009-08-25 18:57 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-08-20 19:09 . 2009-08-20 19:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-14 23:47 . 2009-08-14 23:47 1209915 --sha-w- c:\windows\system32\gugatemi.exe
.
------- Sigcheck -------
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\MsPMSNSv.dll
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-03 23:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-07-03_19.03.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2009-07-11 23:41 . 2009-07-11 23:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2009-11-15 06:42 . 2009-11-15 06:42 16384 c:\windows\Temp\Perflib_Perfdata_6d4.dat
+ 2008-03-10 00:51 . 2009-08-06 23:24 44768 c:\windows\system32\wups2.dll
+ 2008-03-09 03:13 . 2009-08-06 23:24 35552 c:\windows\system32\wups.dll
+ 2008-03-09 03:13 . 2009-08-06 23:24 53472 c:\windows\system32\wuauclt.exe
+ 2004-08-03 23:56 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2009-09-24 23:35 . 2009-09-24 23:35 39672 c:\windows\system32\vxblock.dll
+ 2007-11-13 11:31 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2004-08-03 23:56 . 2009-06-12 12:31 80896 c:\windows\system32\tlntsess.exe
+ 2004-08-03 23:56 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
- 2008-03-09 22:40 . 2007-08-11 00:46 26488 c:\windows\system32\spupdsvc.exe
+ 2008-03-09 22:40 . 2007-07-27 14:41 26488 c:\windows\system32\spupdsvc.exe
+ 2008-03-10 04:09 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
- 2008-03-10 00:53 . 2007-11-30 12:39 17272 c:\windows\system32\spmsg.dll
+ 2008-03-10 00:53 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2009-10-02 17:49 . 2009-08-06 23:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-02 17:49 . 2009-08-06 23:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2009-07-26 20:44 . 2009-07-26 20:44 48448 c:\windows\system32\sirenacm.dll
+ 2004-08-03 23:56 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2001-08-23 15:00 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
+ 2009-09-24 23:35 . 2009-09-24 23:35 64760 c:\windows\system32\pxinsa64.exe
+ 2009-09-24 23:35 . 2009-09-24 23:35 72440 c:\windows\system32\pxhpinst.exe
+ 2009-09-24 23:35 . 2009-09-24 23:35 64760 c:\windows\system32\pxcpya64.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-03 23:56 . 2009-08-29 07:36 44544 c:\windows\system32\pngfilt.dll
- 2004-08-03 23:56 . 2008-10-16 20:38 44544 c:\windows\system32\pngfilt.dll
+ 2001-08-23 15:00 . 2009-11-01 20:12 71408 c:\windows\system32\perfc009.dat
- 2007-10-24 05:47 . 2007-10-24 05:47 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\system32\mui\0409\mscorees.dll
- 2008-03-09 03:11 . 2008-04-14 00:12 91648 c:\windows\system32\mtxoci.dll
+ 2008-03-09 03:11 . 2008-06-12 14:23 91648 c:\windows\system32\mtxoci.dll
+ 2004-08-03 23:56 . 2008-06-12 14:23 66560 c:\windows\system32\mtxclu.dll
- 2004-08-03 23:56 . 2008-04-14 00:12 66560 c:\windows\system32\mtxclu.dll
- 2007-08-13 22:54 . 2008-10-16 20:38 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 22:54 . 2009-08-29 07:36 52224 c:\windows\system32\msfeedsbs.dll
- 2008-03-09 03:11 . 2008-04-14 00:11 58880 c:\windows\system32\msdtclog.dll
+ 2008-03-09 03:11 . 2008-06-12 14:23 58880 c:\windows\system32\msdtclog.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\system32\mscories.dll
- 2008-10-20 00:30 . 2008-03-15 03:31 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
- 2008-10-20 00:30 . 2008-03-15 15:38 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2008-10-20 00:30 . 2008-03-15 03:31 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
+ 2009-07-16 11:00 . 2009-07-16 11:00 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2008-10-20 00:30 . 2008-03-15 03:29 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-03-16 16:10 . 2009-09-11 20:18 88589 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-03-16 08:59 . 2009-03-16 08:59 53248 c:\windows\system32\Macromed\Common\SwSupport.dll
- 2009-01-21 12:42 . 2009-06-01 06:08 15688 c:\windows\system32\lsdelete.exe
+ 2009-01-21 12:42 . 2009-10-21 00:43 15688 c:\windows\system32\lsdelete.exe
- 2004-08-03 23:56 . 2008-10-16 20:38 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-03 23:56 . 2009-08-29 07:36 27648 c:\windows\system32\jsproxy.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\system32\infocardapi.dll
- 2007-08-13 22:39 . 2008-10-16 13:11 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-13 22:39 . 2009-08-28 10:28 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-03 23:56 . 2009-08-29 07:36 44544 c:\windows\system32\iernonce.dll
- 2004-08-03 23:56 . 2008-10-16 20:38 44544 c:\windows\system32\iernonce.dll
- 2004-08-03 23:56 . 2008-10-16 13:11 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-03 23:56 . 2009-08-28 10:28 70656 c:\windows\system32\ie4uinit.exe
+ 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\system32\icardres.dll
- 2007-08-13 22:36 . 2008-10-16 20:38 63488 c:\windows\system32\icardie.dll
+ 2007-08-13 22:36 . 2009-08-29 07:36 63488 c:\windows\system32\icardie.dll
+ 2001-08-23 15:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2009-08-25 18:59 . 2009-07-09 16:16 39424 c:\windows\system32\DRVSTORE\usbaapl_872A2434B7205D4BD84BBE53811BDCE15F347D5B\usbaapl.sys
+ 2009-08-25 18:59 . 2009-07-09 16:16 17408 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\netaapl.sys
+ 2009-08-25 19:03 . 2009-03-19 20:32 23400 c:\windows\system32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspiWDM.sys
+ 2009-10-01 01:55 . 2009-08-06 02:48 54752 c:\windows\system32\DRVSTORE\fssfltr_F64381C38F211E3160A660B196A6A585F80604F9\fssfltr_tdi.sys
+ 2009-07-03 19:59 . 2009-05-11 14:12 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2004-08-03 21:59 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2009-01-31 01:24 . 2009-03-19 20:32 23400 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2009-03-07 06:35 . 2009-08-06 02:48 54752 c:\windows\system32\drivers\fssfltr_tdi.sys
+ 2009-07-03 19:59 . 2009-03-30 14:33 96104 c:\windows\system32\drivers\avipbb.sys
+ 2009-07-03 19:59 . 2009-02-13 16:29 22360 c:\windows\system32\drivers\avgntmgr.sys
+ 2009-07-03 19:59 . 2009-08-06 03:10 55656 c:\windows\system32\drivers\avgntflt.sys
+ 2009-07-03 19:59 . 2009-02-13 16:17 45416 c:\windows\system32\drivers\avgntdd.sys
+ 2008-03-09 03:13 . 2009-08-06 23:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2008-03-09 03:13 . 2009-08-06 23:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-06-12 12:31 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2001-08-23 15:00 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
+ 2004-08-03 23:56 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2004-08-03 23:56 . 2008-10-16 20:38 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2008-03-10 03:15 . 2009-08-29 07:36 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-03-10 03:15 . 2008-10-16 20:38 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2004-08-03 23:56 . 2009-08-29 07:36 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-03 23:56 . 2008-10-16 20:38 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-03-10 03:15 . 2009-08-28 10:28 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2008-03-10 03:15 . 2008-10-16 13:11 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-03 23:56 . 2008-10-16 20:38 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-03 23:56 . 2009-08-29 07:36 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-04-29 04:55 . 2009-08-29 07:36 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-03 23:56 . 2009-08-28 10:28 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-03 23:56 . 2008-10-16 13:11 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-03-10 03:15 . 2009-08-29 07:36 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-03-10 03:15 . 2008-10-16 20:38 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2006-10-14 20:43 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll
+ 2004-08-03 23:56 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ctfmon.exe
+ 2009-06-29 16:12 . 2009-08-29 07:36 17408 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-03 23:56 . 2009-08-06 23:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2009-07-03 19:05 . 2008-10-16 19:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-07-03 19:05 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-07-03 19:05 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-07-03 19:05 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-07-03 19:05 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-07-03 19:05 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-07-03 19:05 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-07-03 19:05 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-07-03 19:05 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-07-03 19:05 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
- 2007-10-24 05:47 . 2007-10-24 05:47 96760 c:\windows\system32\dfshim.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\system32\dfshim.dll
+ 2009-11-15 02:00 . 2009-11-15 02:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-03-09 03:19 . 2009-11-15 02:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-03-09 03:19 . 2009-07-03 18:40 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-03-09 03:19 . 2009-07-03 18:40 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-03-09 03:19 . 2009-11-15 02:00 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2004-08-03 23:56 . 2009-08-06 23:24 96480 c:\windows\system32\cdm.dll
+ 2004-08-03 23:56 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
- 2004-08-03 23:56 . 2008-04-14 00:11 84992 c:\windows\system32\avifil32.dll
- 2004-08-03 23:56 . 2008-04-14 00:11 58880 c:\windows\system32\atl.dll
+ 2004-08-03 23:56 . 2009-07-17 19:01 58880 c:\windows\system32\atl.dll
+ 2009-09-29 21:29 . 2009-09-29 21:29 87618 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2009-07-31 13:26 . 2009-07-31 13:26 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
- 2008-10-20 00:30 . 2008-08-06 20:21 94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2009-07-31 12:54 . 2009-07-31 12:54 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll