Jeremiah
2008-09-06, 17:27
My only options in the bottom right, even immediately after posting, are quote and multi-quote.
Is the 20-minute time retrictment from start to the appearance of the logfile. It took 22-23 minutes to appear. I found one process called "Vfind" on taskmanager but did not end it because it's not "find" or "findstr". And no "sed" or "sweg".
No errors upon reboot. Memory nor program. Here are the logs:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:16 AM, on 9/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 5712 bytes
ComboFix 08-09-05.02 - Me 2008-09-06 10:55:24.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.550 [GMT -4:00]
Running from: C:\Documents and Settings\Me\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Me\Desktop\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\temp\tn3
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\usbhubb.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_USBHUBB
-------\Service_usbhubb
((((((((((((((((((((((((( Files Created from 2008-08-06 to 2008-09-06 )))))))))))))))))))))))))))))))
.
2008-09-04 19:01 . 2008-05-01 10:30 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-01 05:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-01 04:39 --------- d-----w C:\Program Files\Trend Micro
2008-09-01 03:04 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-26 17:13 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Lavasoft
2008-07-26 02:12 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-18 19:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-07-10 21:25 --------- d-----w C:\Documents and Settings\Me\Application Data\Webroot
2008-07-10 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Geek Squad
2008-07-10 21:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-01-31 20:24 5,562 -c--a-w C:\Program Files\install.log
2006-10-27 05:44 17,177,896 -c--a-w C:\Program Files\Install_Messenger.exe
2006-08-26 14:48 159,443,847 -c--a-w C:\Program Files\Mathematica-Student_5.2.0_Win.EXE
2006-09-30 11:11 88 -csh--r C:\WINDOWS\system32\8E2E9FB9AD.sys
2006-09-30 11:11 2,828 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( snapshot@2008-09-04_18.51.45.42 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-08-15 09:56:43 1,100,392 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2008-09-04 23:48:07 1,103,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
- 2006-08-15 09:56:44 141,928 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2008-09-04 23:45:54 144,784 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
- 2006-08-15 09:56:44 408,176 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
+ 2008-09-04 23:49:07 411,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
- 2006-08-15 09:56:44 35,448 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2008-09-04 23:48:58 38,304 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
- 2006-08-15 09:56:44 461,416 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
+ 2008-09-04 23:47:47 464,272 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
- 2006-08-15 09:56:44 20,080 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2008-09-04 23:47:29 22,928 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
- 2006-08-15 09:56:44 662,120 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-09-04 23:49:31 664,968 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2006-08-15 09:56:44 371,296 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-09-04 23:45:49 374,152 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
- 2006-08-15 09:56:44 64,088 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-09-04 23:45:20 66,936 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2006-08-15 09:56:44 223,800 -c--a-w C:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-09-04 23:44:47 226,656 ----a-w C:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2003-07-14 23:18:44 93,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
+ 2003-07-14 18:40:16 51,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.5614\PUBTRAP.DLL
+ 2007-04-19 18:10:18 45,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\AUTHZAX.DLL
+ 2007-03-22 23:29:56 99,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\AW.DLL
+ 2007-04-19 18:07:38 66,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\BLNMGR.DLL
+ 2007-04-19 18:07:34 52,064 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\BLNMGRPS.DLL
+ 2007-03-22 23:06:08 355,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\CDLMSO.DLL
+ 2007-04-19 17:55:16 53,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\DFUICOM.EXE
+ 2007-03-22 23:23:32 19,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\DSITF.DLL
+ 2007-05-10 17:44:02 121,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\DSSM.EXE
+ 2007-03-22 23:29:28 43,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\DWDCW20.DLL
+ 2007-03-22 23:29:28 39,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\DWTRIG20.EXE
+ 2001-06-05 13:13:22 289,926 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\ENGDIC.DAT
+ 2001-06-05 13:13:22 34,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\ENGIDX.DAT
+ 2007-06-06 14:53:34 1,195,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\FM20.DLL
+ 2007-05-21 16:43:22 76,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\FORM.DLL
+ 2007-04-19 17:47:40 186,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\FPERSON.DLL
+ 2007-04-19 17:47:40 171,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\FPLACE.DLL
+ 2007-05-31 17:50:10 1,168,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\FPSRVUTL.DLL
+ 2007-04-19 18:16:14 807,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\FPWEC.DLL
+ 2007-04-19 17:57:32 2,152,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\GRAPH.EXE
+ 2007-04-19 18:10:30 116,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\IEAWSDC.DLL
+ 2001-06-05 13:13:24 18,844 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\JFONT.DAT
+ 2001-06-05 13:13:26 65,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\LOOKUP.DAT
+ 2007-04-09 17:24:04 758,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MDIGRAPH.DLL
+ 2007-04-09 17:23:58 231,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MDIINK.DLL
+ 2007-04-09 17:23:54 28,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MDIMON.DLL
+ 2007-04-09 17:23:54 28,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MDIPPR.DLL
+ 2007-04-09 17:23:58 46,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MDIUI.DLL
+ 2007-04-09 17:24:04 453,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MDIVWCTL.DLL
+ 2007-04-19 18:00:48 476,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MODHELP.DLL
+ 2007-04-19 18:10:38 131,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSB1CORE.DLL
+ 2007-04-19 18:10:06 52,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSB1XTOR.DLL
+ 2007-04-19 18:01:52 238,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL
+ 2007-05-10 18:35:40 120,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSCONV97.DLL
+ 2005-05-04 05:06:28 465,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
+ 2005-05-04 05:06:32 1,411,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
+ 2007-04-19 18:00:36 43,864 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSE7.EXE
+ 2007-04-30 19:11:38 89,440 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSENCODE.DLL
+ 2005-05-04 05:06:26 199,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
+ 2007-03-22 23:29:16 20,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSMH.DLL
+ 2007-04-19 18:10:34 127,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOAUTH.DLL
+ 2007-03-22 23:04:52 109,912 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOCF.DLL
+ 2007-03-22 23:04:52 130,912 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOCFU.DLL
+ 2007-03-22 23:29:22 31,072 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSODCW.DLL
+ 2007-04-19 17:56:58 29,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOEURO.DLL
+ 2007-04-19 18:07:38 61,280 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOHTMED.EXE
+ 2007-05-02 17:45:26 2,123,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOLAP80.DLL
+ 2007-03-22 23:16:44 57,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOMSE.DLL
+ 2005-09-20 16:33:08 1,293,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSONSEXT.DLL
+ 2007-04-19 17:49:28 383,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSORUN.DLL
+ 2007-04-19 18:07:24 36,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOSTYLE.DLL
+ 2007-03-22 23:29:24 39,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOSV.DLL
+ 2007-03-22 23:13:38 45,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOXEV.DLL
+ 2007-03-22 23:13:38 58,720 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOXMLED.EXE
+ 2007-04-19 17:57:40 46,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSOXMLMF.DLL
+ 2007-04-09 17:24:06 1,025,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSPCORE.DLL
+ 2007-04-09 17:24:04 793,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSPFILT.DLL
+ 2007-04-09 17:23:52 25,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSPGIMME.DLL
+ 2007-04-09 17:23:58 130,952 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSPSCAN.EXE
+ 2007-04-09 17:24:00 367,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSPVIEW.EXE
+ 2007-04-19 18:03:54 648,544 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSQRY32.EXE
+ 2007-03-22 23:29:32 44,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSSH.DLL
+ 2007-04-19 18:00:30 637,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSTORDB.EXE
+ 2007-04-19 18:00:22 130,912 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSTORE.EXE
+ 2007-04-19 18:00:30 489,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSTORES.DLL
+ 2007-04-19 18:09:02 157,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\MSWEBCAP.DLL
+ 2007-04-19 18:10:26 80,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\NAME.DLL
+ 2007-03-22 23:23:30 17,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\NPOFFICE.DLL
+ 2001-10-23 05:13:42 53,260 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OCRHC.DAT
+ 2007-03-05 13:47:10 6,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OCRPS.DLL
+ 2001-06-05 13:13:26 40,972 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OCRVC.DAT
+ 2007-03-22 23:06:22 287,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OIS.EXE
+ 2007-04-19 17:50:52 837,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OISAPP.DLL
+ 2007-03-22 23:06:08 46,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OISCTRL.DLL
+ 2007-03-22 23:06:22 245,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OISGRAPH.DLL
+ 2007-03-22 23:30:30 99,672 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OSA.EXE
+ 2007-05-10 17:45:34 8,069,464 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\OWC11.DLL
+ 2007-05-31 17:35:22 6,420,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
+ 2007-05-21 16:43:22 72,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\PSOM.DLL
+ 2007-06-06 16:07:40 100,192 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\REFEDIT.DLL
+ 2007-04-19 18:10:18 63,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\REFIEBAR.DLL
+ 2007-05-21 16:43:04 20,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\REVERSE.DLL
+ 2007-04-19 18:10:44 355,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\SELFCERT.EXE
+ 2007-04-19 18:10:20 65,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\SEQCHK10.DLL
+ 2007-04-19 18:04:10 390,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\SETLANG.EXE
+ 2007-03-22 23:29:16 14,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\SMARTTAGINSTALL.EXE
+ 2007-05-10 17:42:52 2,839,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\STSLIST.DLL
+ 2007-05-21 16:43:10 30,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\THOCRAPI.DLL
+ 2007-05-21 16:43:28 125,280 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\TWCUTCHR.DLL
+ 2007-05-21 16:43:28 89,440 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\TWCUTLIN.DLL
+ 2007-05-21 16:43:16 58,720 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\TWLAY32.DLL
+ 2007-05-21 16:43:10 28,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\TWORIENT.DLL
+ 2007-05-21 16:43:14 51,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\TWRECE.DLL
+ 2007-05-21 16:43:06 20,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\TWRECS.DLL
+ 2007-05-21 16:43:22 77,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\TWSTRUCT.DLL
+ 2007-04-19 18:10:22 71,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\UNBIND.EXE
+ 2007-05-21 16:43:34 1,209,696 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\XIMAGE3B.DLL
+ 2007-05-21 16:43:32 504,672 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\XPAGE3C.DLL
+ 2007-03-05 13:20:22 61,110 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040111900063D11C8EF10054038389C\11.0.8173\XSCAN32.DAT
+ 2003-07-15 03:57:34 38,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-15 03:53:06 94,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-15 03:53:22 46,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\BLNMGRPS.DLL
+ 2003-07-15 03:56:54 14,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-15 03:57:14 98,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2006-08-15 09:56:43 1,100,392 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\EXCELPIA.DLL
+ 2003-07-15 03:41:44 13,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
+ 2002-10-07 14:49:36 192,573 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\FORM.DLL
+ 2006-08-15 09:56:44 371,296 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\FORMSPIA.DLL
+ 2003-07-15 03:40:12 179,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
+ 2003-07-15 03:40:12 165,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\FPLACE.DLL
+ 2006-08-15 09:56:44 141,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\GRAPHPIA.DLL
+ 2003-06-18 22:31:10 252,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
+ 2003-07-15 03:57:14 124,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSB1CORE.DLL
+ 2003-07-15 04:12:22 47,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSB1XTOR.DLL
+ 2003-07-15 03:56:14 40,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSE7.EXE
+ 2003-07-15 03:51:44 87,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-15 03:52:52 17,464 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-07-15 03:57:16 120,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-15 03:52:52 27,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-15 03:52:56 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2003-07-15 03:56:16 54,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOMSE.DLL
+ 2003-07-11 07:15:48 1,292,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
+ 2003-07-15 08:18:52 376,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
+ 2003-07-15 03:52:54 28,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-15 03:52:52 35,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-15 03:53:00 55,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOSVABW.DLL
+ 2003-07-15 03:53:20 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
+ 2003-07-15 03:46:16 42,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-15 03:45:12 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-15 03:45:12 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-06-18 22:31:54 788,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSPFILT.DLL
+ 2003-06-18 22:31:50 16,384 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
+ 2003-06-19 21:05:52 128,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSPSCAN.EXE
+ 2003-06-19 21:05:50 364,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
+ 2003-07-15 04:02:42 637,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSQRY32.EXE
+ 2003-07-15 03:52:58 41,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2006-08-15 09:56:44 20,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSTAGPIA.DLL
+ 2003-07-15 04:00:54 145,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
+ 2003-07-15 03:57:10 56,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-15 03:56:52 13,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2003-06-18 22:31:58 6,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OCRPS.DLL
+ 2006-08-15 09:56:44 223,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
+ 2003-07-15 08:14:26 242,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
+ 2006-08-15 09:56:44 35,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OLCTLPIA.DLL
+ 2003-07-15 04:05:24 1,054,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
+ 2003-07-15 03:44:34 102,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL
+ 2006-08-15 09:56:44 408,176 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OUTLPIA.DLL
+ 2003-07-15 03:43:16 49,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL
+ 2006-08-15 09:56:44 461,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\OWC11PIA.DLL
+ 2002-10-07 15:11:00 167,997 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\PSOM.DLL
+ 2003-05-09 02:54:00 77,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-15 03:57:08 40,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2002-10-07 14:49:42 81,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\REVERSE.DLL
+ 2003-07-21 16:46:38 390,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL
+ 2003-07-15 03:57:18 349,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\SELFCERT.EXE
+ 2003-07-15 03:44:16 66,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL
+ 2003-07-15 03:57:08 58,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-15 03:53:14 11,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
+ 2002-10-07 14:53:04 106,561 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\THOCRAPI.DLL
+ 2002-10-07 14:50:44 241,729 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\TWCUTCHR.DLL
+ 2002-10-07 14:51:04 180,289 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\TWCUTLIN.DLL
+ 2002-10-07 14:51:14 147,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\TWLAY32.DLL
+ 2002-10-07 14:51:20 102,467 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\TWORIENT.DLL
+ 2002-10-07 14:50:04 118,847 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\TWRECE.DLL
+ 2002-10-07 14:49:56 81,983 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\TWRECS.DLL
+ 2002-10-07 14:51:44 221,252 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\TWSTRUCT.DLL
+ 2003-07-15 03:57:40 59,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\UNBIND.EXE
+ 2006-08-15 09:56:44 64,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
+ 2006-08-15 09:56:44 662,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\WORDPIA.DLL
+ 2002-10-07 15:03:34 1,794,113 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\XIMAGE3B.DLL
+ 2003-04-30 16:52:32 1,581,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\XPAGE3C.DLL
+ 2003-01-17 19:03:34 59,466 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.5614\XSCAN32.DAT
+ 2007-03-22 15:07:56 91,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\ADDRPARS.DLL
+ 2001-06-05 13:13:22 289,926 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\ENGDIC.DAT
+ 2001-06-05 13:13:22 34,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\ENGIDX.DAT
+ 2007-04-19 09:53:52 127,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\IMPMAIL.DLL
+ 2001-06-05 13:13:24 18,844 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\JFONT.DAT
+ 2001-06-05 13:13:26 65,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\LOOKUP.DAT
+ 2005-05-04 05:06:28 465,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
+ 2005-05-04 05:06:32 1,411,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
+ 2005-05-04 05:06:26 199,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
+ 2001-10-23 05:13:42 53,260 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\OCRHC.DAT
+ 2001-06-05 13:13:26 40,972 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\OCRVC.DAT
+ 2007-04-19 09:53:44 106,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\OUTLMIME.DLL
+ 2007-03-22 15:07:10 41,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\RECALL.DLL
+ 2007-03-22 15:07:54 78,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\RM.DLL
+ 2007-03-22 15:22:02 103,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040311900063D11C8EF10054038389C\11.0.8173\TRANSMGR.DLL
- 2008-06-12 23:15:56 593,920 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-09-05 21:39:40 593,920 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-06-12 23:15:56 12,288 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-05 21:39:41 12,288 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-06-12 23:15:53 135,168 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-05 21:39:40 135,168 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-06-12 23:15:57 11,264 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-09-05 21:39:41 11,264 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-06-12 23:15:57 27,136 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-05 21:39:41 27,136 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-06-12 23:15:57 4,096 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-05 21:39:41 4,096 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-06-12 23:15:59 794,624 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-09-05 21:39:41 794,624 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-06-12 23:15:55 249,856 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-09-05 21:39:40 249,856 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-06-12 23:15:54 61,440 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-09-05 21:39:40 61,440 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-06-12 23:15:59 23,040 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-09-05 21:39:41 23,040 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-06-12 23:15:53 286,720 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-09-05 21:39:40 286,720 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-06-12 23:15:51 409,600 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-09-05 21:39:40 409,600 ----a-r C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-06-12 23:14:33 12,288 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-05 21:38:19 12,288 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-06-12 23:14:33 135,168 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-05 21:38:19 135,168 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-06-12 23:14:33 11,264 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-09-05 21:38:19 11,264 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-06-12 23:14:34 27,136 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-05 21:38:19 27,136 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-06-12 23:14:34 4,096 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-05 21:38:20 4,096 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-06-12 23:14:35 794,624 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-09-05 21:38:20 794,624 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-06-12 23:14:35 23,040 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-09-05 21:38:20 23,040 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-06-12 23:14:33 286,720 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-09-05 21:38:19 286,720 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-06-12 23:14:32 409,600 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-09-05 21:38:18 409,600 ----a-r C:\WINDOWS\Installer\{91130409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-09-14 08:31:26 1,022,976 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-06-23 16:11:40 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
- 2006-09-14 08:31:26 151,040 -c--a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-06-23 16:11:40 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2006-09-14 08:31:26 1,054,208 -c--a-w C:\WINDOWS\system32\danim.dll
+ 2008-06-23 16:11:42 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-04 10:00:00 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
- 2006-09-14 08:31:26 1,022,976 -c----w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-06-23 16:11:40 1,024,000 ------w C:\WINDOWS\system32\dllcache\browseui.dll
- 2006-09-14 08:31:26 151,040 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2008-06-23 16:11:40 151,040 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2006-09-14 08:31:26 1,054,208 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2008-06-23 16:11:42 1,054,208 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2008-02-20 05:32:43 148,992 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2006-09-14 08:31:26 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:11:43 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2006-09-14 08:31:26 205,312 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:11:43 205,312 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-07-07 20:32:22 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
- 2006-09-14 08:31:26 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 16:11:43 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2006-09-13 09:10:27 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-06-23 09:53:58 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2006-09-14 08:31:27 251,904 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-06-23 16:11:52 251,904 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-08-21 06:15:44 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2006-09-14 08:31:27 96,256 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-06-23 16:11:52 96,256 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-05-18 05:24:25 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-12-18 14:40:58 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2006-09-14 08:31:27 15,872 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:11:52 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2005-06-29 01:46:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2008-06-24 16:23:05 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
- 2006-09-14 06:31:30 3,058,688 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-23 16:11:58 3,067,392 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2006-09-14 08:31:28 448,512 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:12:00 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2006-09-14 08:31:28 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:12:02 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2006-09-14 08:31:29 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 16:12:02 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-20 17:41:10 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2006-09-14 08:31:29 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:12:02 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2006-09-04 06:12:56 1,497,088 -c----w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-06-23 16:12:05 1,499,136 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2006-09-14 08:31:29 474,112 -c----w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-06-23 16:12:05 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2006-09-14 08:31:30 615,936 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 16:12:06 618,496 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2004-08-04 10:00:00 417,792 ----a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-12-18 14:40:58 417,792 ----a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2006-09-14 08:31:30 664,576 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 16:12:08 667,136 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:32:43 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-04 10:00:00 138,496 -c--a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2006-09-14 08:31:26 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 16:11:43 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2006-09-14 08:31:26 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 16:11:43 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2005-07-26 04:39:45 243,200 ----a-w C:\WINDOWS\system32\es.dll
+ 2008-07-07 20:32:22 253,952 ----a-w C:\WINDOWS\system32\es.dll
- 2006-09-14 08:31:26 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:11:43 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2005-03-17 19:39:58 1,146,320 -c--a-w C:\WINDOWS\system32\FM20.DLL
+ 2007-06-06 14:53:34 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2003-07-15 03:57:04 32,584 -c--a-w C:\WINDOWS\system32\FM20ENU.DLL
+ 2007-03-22 23:17:04 35,440 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
- 2008-04-10 03:05:59 234,368 -c--a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-09-05 20:13:20 234,368 -c--a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-09-14 08:31:27 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-06-23 16:11:52 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2007-08-21 06:15:44 683,520 -c--a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2006-09-14 08:31:27 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-06-23 16:11:52 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
- 2006-05-18 05:24:25 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-12-18 14:40:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
- 2006-09-14 08:31:27 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:11:52 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2004-03-22 20:17:06 24,816 ----a-w C:\WINDOWS\system32\mdimon.dll
+ 2007-04-09 17:23:54 28,040 ----a-w C:\WINDOWS\system32\mdimon.dll
- 2005-06-29 01:46:00 74,240 -c--a-w C:\WINDOWS\system32\mscms.dll
+ 2008-06-24 16:23:05 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
- 2006-09-14 06:31:30 3,058,688 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-23 16:11:58 3,067,392 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2006-09-14 08:31:28 448,512 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 16:12:00 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2006-09-14 08:31:28 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 16:12:02 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2006-09-14 08:31:29 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:12:02 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-04 10:00:00 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
+ 2008-06-20 17:41:10 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
- 2006-09-14 08:31:29 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 16:12:02 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2006-09-04 06:12:56 1,497,088 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-06-23 16:12:05 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2006-09-14 08:31:29 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-06-23 16:12:05 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2004-03-22 20:17:04 765,680 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2007-04-09 17:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2004-03-22 20:17:10 42,224 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2007-04-09 17:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
- 2004-03-22 20:17:04 765,680 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
+ 2007-04-09 17:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
- 2004-03-22 20:17:10 42,224 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
+ 2007-04-09 17:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
- 2004-03-22 20:17:08 25,840 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2007-04-09 17:23:54 28,552 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
- 2007-11-13 11:31:11 60,416 -c--a-w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2006-09-14 08:31:30 615,936 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 16:12:06 618,496 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-04 10:00:00 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-12-18 14:40:58 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2006-09-14 08:31:30 664,576 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-23 16:12:08 667,136 ----a-w C:\WINDOWS\system32\wininet.dll
- 2007-10-29 10:04:03 350,720 -c--a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-07-03 09:14:02 351,744 ----a-w C:\WINDOWS\system32\xpsp3res.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-12-14 176128]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 06:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-09-07 17:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=C:\WINDOWS\pss\HP Image Zone Fast Start.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Me^Start Menu^Programs^Startup^Deewoo.lnk]
path=C:\Documents and Settings\Me\Start Menu\Programs\Startup\Deewoo.lnk
backup=C:\WINDOWS\pss\Deewoo.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Me^Start Menu^Programs^Startup^DW_Start.lnk]
path=C:\Documents and Settings\Me\Start Menu\Programs\Startup\DW_Start.lnk
backup=C:\WINDOWS\pss\DW_Start.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 14:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 06:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
--a--c--- 2006-04-06 15:58 1032192 C:\Program Files\Dell\QuickSet\quickset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a--c--- 2007-03-15 11:09 460784 C:\Program Files\DellSupport\DSAgnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
--a--c--- 2007-11-15 02:23 202544 C:\Program Files\Dell Support Center\bin\sprtcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
--a--c--- 2007-11-15 02:24 16384 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
-----c--- 2005-02-23 17:19 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a--c--- 2004-09-13 16:49 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
--a--c--- 2004-12-14 12:07 176128 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a--c--- 2005-10-14 21:46 77824 C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--a--c--- 2005-10-14 21:50 114688 C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
--a--c--- 2005-10-14 21:49 94208 C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
--a--c--- 2004-10-30 15:59 385024 C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a--c--- 2005-06-10 11:44 249856 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a--c--- 2005-06-10 11:44 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
-----c--- 2003-09-10 03:24 20480 C:\Program Files\NetWaiting\netwaiting.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE_OEM]
--a--c--- 2006-04-11 11:39 176201 C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
--a------ 2005-08-30 17:30 823362 C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a--c--- 2006-08-15 06:02 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a--c--- 2008-04-03 13:21 1481968 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a--c--- 2006-03-08 19:48 761947 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-05-28 09:56 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Trend Micro\\Internet Security 12\\pccmain.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S4 SPT2Sp50;SPT2Sp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\SPT2Sp50.sys [ ]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{38f8f060-5ab2-11dd-967e-0015c5676bfb}]
\Shell\AutoRun\command - PCConnect.exe
.
Contents of the 'Scheduled Tasks' folder
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-06 11:12:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\pccguide.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2008-09-06 11:19:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-06 15:19:17
ComboFix2.txt 2008-09-04 22:57:32
Pre-Run: 41,261,207,552 bytes free
Post-Run: 41,247,633,408 bytes free
565 --- E O F --- 2008-09-05 21:41:05
thanks