ComboFix 08-04-22.5 - Debi 2008-04-23 20:10:04.3 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.122 [GMT -4:00]
Running from: C:\Documents and Settings\Debi\Desktop\ComboFix.exe
 * Resident AV is active


[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((((   Files Created from 2008-03-24 to 2008-04-24  )))))))))))))))))))))))))))))))
.

2008-04-23 19:52 . 2008-04-23 19:53	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-22 15:21 . 2008-04-22 15:27	<DIR>	d--------	C:\Program Files\Panda Security
2008-04-22 11:09 . 2008-04-22 11:09	<DIR>	d--------	C:\Program Files\Malwarebytes' Anti-Malware
2008-04-22 11:09 . 2008-04-22 11:09	<DIR>	d--------	C:\Documents and Settings\Debi\Application Data\Malwarebytes
2008-04-22 11:09 . 2008-04-22 11:09	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-22 11:08 . 2008-04-22 11:08	<DIR>	d--------	C:\Program Files\Common Files\Download Manager
2008-04-22 10:06 . 2008-04-22 10:06	<DIR>	d--------	C:\Program Files\Trend Micro
2008-04-14 21:10 . 2008-04-14 21:10	23,392	--a------	C:\WINNT\system32\nscompat.tlb
2008-04-14 21:10 . 2008-04-14 21:10	16,832	--a------	C:\WINNT\system32\amcompat.tlb
2008-03-29 08:53 . 2008-03-29 08:53	45	--a------	C:\WINNT\system32\RPVersion.ini
2008-03-29 08:48 . 2008-03-29 08:51	<DIR>	d--------	C:\Program Files\RegistryPatrol3.0
2008-03-29 05:36 . 2008-03-29 05:36	<DIR>	d--------	C:\Program Files\FreeFixer
2008-03-29 01:29 . 2008-03-29 05:49	<DIR>	d--------	C:\Documents and Settings\Debi\Application Data\Aim
2008-03-26 09:31 . 2008-03-26 09:40	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\SecTaskMan

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-23 23:52	---------	d-----w	C:\Program Files\Lavasoft
2008-04-23 23:50	---------	d-----w	C:\Program Files\Common Files\Wise Installation Wizard
2008-04-23 23:45	---------	d-----w	C:\Documents and Settings\Debi\Application Data\Lavasoft
2008-04-23 23:44	---------	d-----w	C:\Documents and Settings\Debi\Application Data\ComcastToolbar
2008-04-23 14:13	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-23 02:10	---------	d-----w	C:\Documents and Settings\All Users\Application Data\RetroExp
2008-04-22 19:14	---------	d-----w	C:\Program Files\SUPERAntiSpyware
2008-04-22 16:18	---------	d-----w	C:\Documents and Settings\Debi\Application Data\SUPERAntiSpyware.com
2008-04-22 11:58	---------	d-----w	C:\Program Files\McAfee
2008-04-11 02:12	---------	d-----w	C:\Program Files\Picasa2
2008-04-07 18:27	---------	d-----w	C:\Documents and Settings\Debi\Application Data\Intuit
2008-03-29 15:03	---------	d-----w	C:\Program Files\Common Files\Adobe
2008-03-29 09:52	---------	d-----w	C:\Program Files\PestPatrol
2008-03-29 09:50	---------	d-----w	C:\Program Files\Aquatica 3D
2008-03-29 09:50	---------	d-----w	C:\Program Files\AIM
2008-03-29 09:46	---------	d-----w	C:\Program Files\Common Files\Symantec Shared
2008-03-29 05:41	---------	d-----w	C:\Program Files\Viewpoint
2008-03-29 05:37	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-22 15:23	---------	d-----w	C:\Program Files\Google
2008-03-22 15:21	---------	d---a-w	C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-22 15:21	---------	d-----w	C:\Program Files\Spyware Doctor
2008-03-22 14:41	---------	d-----w	C:\Program Files\ItsDeductible2005
2008-03-22 14:37	---------	d-----w	C:\Program Files\ItsDeductibleEX
2008-03-22 14:23	---------	d-----w	C:\Program Files\TrojanHunter 4.2
2008-03-22 14:23	---------	d-----w	C:\Program Files\ExplorerXP
2008-03-22 14:18	63,691	----a-w	C:\MGlogs.zip
2008-03-22 12:52	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-22 12:17	---------	d-----w	C:\Program Files\Spybot - Search & Destroy
2008-03-22 10:21	---------	d-----w	C:\Program Files\TuneUp Utilities 2006
2008-03-22 00:08	---------	d-----w	C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-21 22:42	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-03-21 22:42	---------	d-----w	C:\Program Files\SEC
2008-03-19 09:47	1,845,248	----a-w	C:\WINNT\system32\win32k.sys
2008-03-01 13:06	826,368	----a-w	C:\WINNT\system32\wininet.dll
2008-02-20 06:51	282,624	----a-w	C:\WINNT\system32\gdi32.dll
2008-02-20 05:32	45,568	----a-w	C:\WINNT\system32\dnsrslvr.dll
2008-01-28 12:03	89,480	-c--a-w	C:\Documents and Settings\Debi\Application Data\GDIPFONTCACHEV1.DAT
2006-11-23 05:13	92,064	-c----w	C:\Documents and Settings\Debi\mqdmmdm.sys
2006-11-23 05:13	9,232	-c----w	C:\Documents and Settings\Debi\mqdmmdfl.sys
2006-11-23 05:13	79,328	-c----w	C:\Documents and Settings\Debi\mqdmserd.sys
2006-11-23 05:13	66,656	------w	C:\Documents and Settings\Debi\mqdmbus.sys
2006-11-23 05:13	6,208	-c----w	C:\Documents and Settings\Debi\mqdmcmnt.sys
2006-11-23 05:13	5,936	-c----w	C:\Documents and Settings\Debi\mqdmwhnt.sys
2006-11-23 05:13	4,048	------w	C:\Documents and Settings\Debi\mqdmcr.sys
2006-11-23 05:13	25,600	------w	C:\Documents and Settings\Debi\usbsermptxp.sys
2006-11-23 05:13	22,768	-c----w	C:\Documents and Settings\Debi\usbsermpt.sys
2006-08-11 17:22	3,118	---h--w	C:\Documents and Settings\Debi\hpothb07.dat
2005-03-03 12:43	483,401	-c----w	C:\Documents and Settings\Debi\gotomypc.exe
2004-06-08 23:19	33	-c----w	C:\Documents and Settings\Debi\Application Data\tvmcwrd.dll
.

(((((((((((((((((((((((((((((   snapshot@2008-03-22_ 9.51.48.76   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-19 09:40:27	1,845,888	----a-w	C:\WINNT\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:22:36	14,048	----a-w	C:\WINNT\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:22:41	213,216	----a-w	C:\WINNT\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:22:34	22,752	----a-w	C:\WINNT\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:22:59	716,000	----a-w	C:\WINNT\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:23:51	371,424	----a-w	C:\WINNT\$hf_mig$\KB941693\update\updspapi.dll
+ 2008-02-20 05:19:35	147,968	----a-w	C:\WINNT\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:49:36	45,568	----a-w	C:\WINNT\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:22:36	14,048	----a-w	C:\WINNT\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:22:41	213,216	----a-w	C:\WINNT\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:22:34	22,752	----a-w	C:\WINNT\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:22:59	716,000	----a-w	C:\WINNT\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:23:51	371,424	----a-w	C:\WINNT\$hf_mig$\KB945553\update\updspapi.dll
+ 2008-03-01 13:03:00	124,928	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 13:03:00	347,136	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 13:03:00	214,528	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 13:03:00	132,608	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 13:03:00	63,488	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56	70,656	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 13:03:00	153,088	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 13:03:00	230,400	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25	161,792	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38	2,455,488	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 13:03:00	383,488	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 13:03:00	388,608	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 13:03:01	6,067,712	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 13:03:01	44,544	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 13:03:01	267,776	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56	13,824	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22	625,664	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 13:03:01	27,648	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 13:03:01	459,264	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 13:03:01	52,224	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 13:03:01	3,593,216	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 13:03:01	478,208	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 13:03:01	193,024	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 13:03:01	671,232	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 13:03:01	102,912	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 13:03:01	44,544	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 13:03:02	105,984	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 13:03:02	1,162,752	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 13:03:02	233,472	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 13:03:02	827,392	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33	14,048	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:22:39	213,216	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:22:31	22,752	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56	716,000	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:23:51	371,424	----a-w	C:\WINNT\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-20 06:52:43	282,624	----a-w	C:\WINNT\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:22:36	14,048	----a-w	C:\WINNT\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:22:41	213,216	----a-w	C:\WINNT\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:22:34	22,752	----a-w	C:\WINNT\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:22:59	716,000	----a-w	C:\WINNT\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:23:51	371,424	----a-w	C:\WINNT\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:22:33	14,048	----a-w	C:\WINNT\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:22:39	213,216	----a-w	C:\WINNT\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:22:31	22,752	----a-w	C:\WINNT\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:22:56	716,000	----a-w	C:\WINNT\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:23:47	371,424	----a-w	C:\WINNT\$hf_mig$\KB948881\update\updspapi.dll
+ 2003-07-16 16:20:48	1,740	-c--a-w	C:\WINNT\$NtServicePackUninstall$\dcache.bin
+ 2003-07-16 16:40:05	2,816	-c--a-w	C:\WINNT\$NtServicePackUninstall$\drmkaud.sys
+ 2008-04-24 00:03:38	2,048	--s-a-w	C:\WINNT\bootstat.dat
+ 2004-12-30 03:54:41	2,828	-c--a-w	C:\WINNT\checkip.dat
+ 2004-12-22 05:07:38	1,932	-c--a-w	C:\WINNT\dhstatus.dat
+ 2008-03-25 22:13:04	124,208	----a-w	C:\WINNT\Downloaded Program Files\as2stubie.dll
+ 2007-07-18 17:49:56	12,592	----a-w	C:\WINNT\Downloaded Program Files\libcomm.dll
- 2000-08-31 12:00:00	163,328	----a-w	C:\WINNT\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28	163,328	----a-w	C:\WINNT\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 12:00:00	73,728	----a-w	C:\WINNT\fdsv.exe
+ 2000-08-31 12:00:00	80,412	----a-w	C:\WINNT\grep.exe
+ 2007-12-07 02:21:45	124,928	-c----w	C:\WINNT\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 23:01:06	347,136	-c----w	C:\WINNT\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:21:45	214,528	-c----w	C:\WINNT\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:21:45	133,120	-c----w	C:\WINNT\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:21:45	63,488	-c----w	C:\WINNT\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 11:00:57	70,656	-c----w	C:\WINNT\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:21:45	153,088	-c----w	C:\WINNT\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:21:45	230,400	-c----w	C:\WINNT\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51	161,792	-c----w	C:\WINNT\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-12-07 02:21:45	383,488	-c----w	C:\WINNT\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:21:45	384,512	-c----w	C:\WINNT\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:21:46	6,066,176	-c----w	C:\WINNT\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:21:46	44,544	-c----w	C:\WINNT\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:21:46	267,776	-c----w	C:\WINNT\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-06 11:00:58	13,824	-c----w	C:\WINNT\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:01:25	625,664	-c----w	C:\WINNT\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:21:47	27,648	-c----w	C:\WINNT\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:21:47	459,264	-c----w	C:\WINNT\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:21:47	52,224	-c----w	C:\WINNT\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-08 05:21:48	3,592,192	-c----w	C:\WINNT\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:21:47	478,208	-c----w	C:\WINNT\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:21:48	193,024	-c----w	C:\WINNT\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:21:48	671,232	-c----w	C:\WINNT\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:21:48	102,912	-c----w	C:\WINNT\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:53:32	44,544	-c----w	C:\WINNT\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:22:39	213,216	-c----w	C:\WINNT\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51	371,424	-c----w	C:\WINNT\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:21:48	105,984	-c----w	C:\WINNT\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:21:48	1,159,680	-c----w	C:\WINNT\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:21:48	233,472	-c----w	C:\WINNT\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:21:48	824,832	-c----w	C:\WINNT\ie7updates\KB947864-IE7\wininet.dll
- 2007-06-27 02:10:26	317,440	----a-w	C:\WINNT\inf\unregmp2.exe
+ 2005-01-28 17:44:28	192,512	----a-w	C:\WINNT\inf\unregmp2.exe
+ 2007-05-06 20:44:57	2,238	-c--a-r	C:\WINNT\Installer\{1C6FAB09-687C-4E62-84AD-21AFDBBC987F}\ARPPRODUCTICON.exe
+ 2008-03-15 07:19:01	2,560	----a-r	C:\WINNT\Installer\{91110409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-03-15 07:08:40	2,560	----a-r	C:\WINNT\Installer\{91190409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-03-29 15:05:21	295,606	----a-r	C:\WINNT\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2004-01-27 02:33:22	2,862	-c--a-r	C:\WINNT\Installer\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}\Readme_icon.exe
+ 2004-01-27 02:33:22	2,862	-c--a-r	C:\WINNT\Installer\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}\Uninstall_icon.exe
+ 2008-04-22 16:18:56	29,696	----a-r	C:\WINNT\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
- 2008-03-22 00:05:44	18,944	----a-r	C:\WINNT\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2008-04-22 16:18:56	18,944	----a-r	C:\WINNT\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
- 2008-03-22 00:05:49	65,024	----a-r	C:\WINNT\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
+ 2008-04-22 16:18:56	65,024	----a-r	C:\WINNT\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
+ 2008-04-23 23:52:48	1,038,336	----a-r	C:\WINNT\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe
+ 2008-04-23 23:52:48	178,688	----a-r	C:\WINNT\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe
+ 2008-04-23 23:52:48	171,008	----a-r	C:\WINNT\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe
+ 2008-04-23 23:52:48	8,704	----a-r	C:\WINNT\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe
+ 2004-12-30 04:50:27	2,295	-c--a-w	C:\WINNT\ipconfig.dat
+ 2005-12-16 03:22:15	2,678	-c--a-w	C:\WINNT\java\Packages\Data\[u]0[/u]ZVLJDB7.DAT
+ 2005-12-16 03:22:14	2,678	-c--a-w	C:\WINNT\java\Packages\Data\29BR9RPB.DAT
+ 2005-12-16 03:22:20	2,678	-c--a-w	C:\WINNT\java\Packages\Data\717NVJ7V.DAT
+ 2005-12-16 03:09:58	2,232	-c--a-w	C:\WINNT\java\Packages\Data\NF9VTZDN.DAT
+ 2005-12-16 03:22:15	2,678	-c--a-w	C:\WINNT\java\Packages\Data\PJBPJPJZ.DAT
+ 2005-12-16 03:22:14	2,678	-c--a-w	C:\WINNT\java\Packages\Data\WWAQZ7ZP.DAT
+ 2000-08-31 12:00:00	98,816	----a-w	C:\WINNT\sed.exe
+ 2004-08-04 07:07:22	1,788	-c--a-w	C:\WINNT\ServicePackFiles\i386\dcache.bin
+ 2004-08-04 05:07:58	2,944	----a-w	C:\WINNT\ServicePackFiles\i386\drmkaud.sys
+ 2008-01-24 00:16:15	1,660	----a-w	C:\WINNT\SoftwareDistribution\EventCache\{05980081-5428-4D5E-9FEA-AF0051F119DA}.bin
+ 2000-05-20 21:23:48	86,016	----a-w	C:\WINNT\StartupMonitor.exe
+ 2000-08-31 12:00:00	161,792	----a-w	C:\WINNT\swreg.exe
+ 2000-08-31 12:00:00	136,704	----a-w	C:\WINNT\swsc.exe
+ 2000-08-31 12:00:00	212,480	----a-w	C:\WINNT\swxcacls.exe
+ 2001-08-18 18:00:00	2,000	-c--a-w	C:\WINNT\system\KEYBOARD.DRV
+ 2001-08-18 18:00:00	2,032	-c--a-w	C:\WINNT\system\MOUSE.DRV
+ 2001-08-18 18:00:00	1,744	-c--a-w	C:\WINNT\system\SOUND.DRV
+ 2001-08-18 18:00:00	2,176	-c--a-w	C:\WINNT\system\VGA.DRV
+ 2003-05-07 21:09:56	147,456	----a-w	C:\WINNT\system32\AbsoluteHttp.dll
- 2007-12-07 02:21:45	124,928	----a-w	C:\WINNT\system32\advpack.dll
+ 2008-03-01 13:06:20	124,928	----a-w	C:\WINNT\system32\advpack.dll
- 2006-10-19 02:47:08	7,168	----a-w	C:\WINNT\system32\asferror.dll
+ 2005-01-28 17:44:28	8,192	----a-w	C:\WINNT\system32\asferror.dll
+ 1999-08-02 20:11:48	57,344	----a-w	C:\WINNT\system32\CGZipLibrary.dll
+ 2004-08-04 07:07:22	1,788	----a-w	C:\WINNT\system32\dcache.bin
- 2007-12-07 02:21:45	124,928	-c----w	C:\WINNT\system32\dllcache\advpack.dll
+ 2008-03-01 13:06:20	124,928	-c----w	C:\WINNT\system32\dllcache\advpack.dll
- 2006-10-19 02:47:08	7,168	-c--a-w	C:\WINNT\system32\dllcache\asferror.dll
+ 2005-01-28 17:44:28	8,192	----a-w	C:\WINNT\system32\dllcache\asferror.dll
- 2006-06-26 17:37:10	148,480	-c--a-w	C:\WINNT\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:32:43	148,992	-c--a-w	C:\WINNT\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:32:43	45,568	-c----w	C:\WINNT\system32\dllcache\dnsrslvr.dll
- 2007-12-19 23:01:06	347,136	-c--a-w	C:\WINNT\system32\dllcache\dxtmsft.dll
+ 2008-03-01 13:06:21	347,136	-c--a-w	C:\WINNT\system32\dllcache\dxtmsft.dll
- 2007-12-07 02:21:45	214,528	-c----w	C:\WINNT\system32\dllcache\dxtrans.dll
+ 2008-03-01 13:06:21	214,528	-c----w	C:\WINNT\system32\dllcache\dxtrans.dll
- 2007-12-07 02:21:45	133,120	-c----w	C:\WINNT\system32\dllcache\extmgr.dll
+ 2008-03-01 13:06:21	133,120	-c----w	C:\WINNT\system32\dllcache\extmgr.dll
- 2007-06-19 13:31:19	282,112	-c--a-w	C:\WINNT\system32\dllcache\gdi32.dll
+ 2008-02-20 06:51:05	282,624	-c--a-w	C:\WINNT\system32\dllcache\gdi32.dll
- 2007-12-07 02:21:45	63,488	-c----w	C:\WINNT\system32\dllcache\icardie.dll
+ 2008-03-01 13:06:21	63,488	-c----w	C:\WINNT\system32\dllcache\icardie.dll
- 2007-12-06 11:00:57	70,656	-c----w	C:\WINNT\system32\dllcache\ie4uinit.exe
+ 2008-02-29 08:55:23	70,656	-c----w	C:\WINNT\system32\dllcache\ie4uinit.exe
- 2007-12-07 02:21:45	153,088	-c----w	C:\WINNT\system32\dllcache\ieakeng.dll
+ 2008-03-01 13:06:21	153,088	-c----w	C:\WINNT\system32\dllcache\ieakeng.dll
- 2007-12-07 02:21:45	230,400	-c----w	C:\WINNT\system32\dllcache\ieaksie.dll
+ 2008-03-01 13:06:21	230,400	-c----w	C:\WINNT\system32\dllcache\ieaksie.dll
- 2007-12-06 04:59:51	161,792	-c----w	C:\WINNT\system32\dllcache\ieakui.dll
+ 2008-02-15 05:44:25	161,792	-c----w	C:\WINNT\system32\dllcache\ieakui.dll
- 2007-12-07 02:21:45	383,488	-c----w	C:\WINNT\system32\dllcache\ieapfltr.dll
+ 2008-03-01 13:06:22	383,488	-c----w	C:\WINNT\system32\dllcache\ieapfltr.dll
- 2007-12-07 02:21:45	384,512	-c----w	C:\WINNT\system32\dllcache\iedkcs32.dll
+ 2008-03-01 13:06:22	384,512	-c----w	C:\WINNT\system32\dllcache\iedkcs32.dll
- 2007-12-07 02:21:46	6,066,176	-c----w	C:\WINNT\system32\dllcache\ieframe.dll
+ 2008-03-01 13:06:24	6,066,176	-c----w	C:\WINNT\system32\dllcache\ieframe.dll
- 2007-12-07 02:21:46	44,544	-c----w	C:\WINNT\system32\dllcache\iernonce.dll
+ 2008-03-01 13:06:24	44,544	-c----w	C:\WINNT\system32\dllcache\iernonce.dll
- 2007-12-07 02:21:46	267,776	-c----w	C:\WINNT\system32\dllcache\iertutil.dll
+ 2008-03-01 13:06:25	267,776	-c----w	C:\WINNT\system32\dllcache\iertutil.dll
- 2007-12-06 11:00:58	13,824	-c----w	C:\WINNT\system32\dllcache\ieudinit.exe
+ 2008-02-22 10:00:51	13,824	-c----w	C:\WINNT\system32\dllcache\ieudinit.exe
- 2007-12-06 11:01:25	625,664	-c----w	C:\WINNT\system32\dllcache\iexplore.exe
+ 2008-02-29 08:55:46	625,664	-c----w	C:\WINNT\system32\dllcache\iexplore.exe
- 2007-12-07 02:21:47	27,648	-c----w	C:\WINNT\system32\dllcache\jsproxy.dll
+ 2008-03-01 13:06:25	27,648	-c----w	C:\WINNT\system32\dllcache\jsproxy.dll
+ 2001-08-18 18:00:00	2,000	-c--a-w	C:\WINNT\system32\dllcache\keyboard.drv
+ 2003-07-16 16:26:53	2,560	-c--a-w	C:\WINNT\system32\dllcache\lz32.dll
+ 2001-08-18 18:00:00	2,032	-c--a-w	C:\WINNT\system32\dllcache\mouse.drv
- 2006-10-19 02:47:14	243,712	-c--a-w	C:\WINNT\system32\dllcache\mpvis.dll
+ 2005-01-28 17:44:28	352,256	----a-w	C:\WINNT\system32\dllcache\mpvis.dll
- 2007-12-07 02:21:47	459,264	-c----w	C:\WINNT\system32\dllcache\msfeeds.dll
+ 2008-03-01 13:06:26	459,264	-c----w	C:\WINNT\system32\dllcache\msfeeds.dll
- 2007-12-07 02:21:47	52,224	-c----w	C:\WINNT\system32\dllcache\msfeedsbs.dll
+ 2008-03-01 13:06:26	52,224	-c----w	C:\WINNT\system32\dllcache\msfeedsbs.dll
- 2007-12-08 05:21:48	3,592,192	-c----w	C:\WINNT\system32\dllcache\mshtml.dll
+ 2008-03-01 22:36:30	3,591,680	-c----w	C:\WINNT\system32\dllcache\mshtml.dll
- 2007-12-07 02:21:47	478,208	-c----w	C:\WINNT\system32\dllcache\mshtmled.dll
+ 2008-03-01 13:06:28	478,208	-c----w	C:\WINNT\system32\dllcache\mshtmled.dll
- 2007-12-07 02:21:48	193,024	-c----w	C:\WINNT\system32\dllcache\msrating.dll
+ 2008-03-01 13:06:28	193,024	-c----w	C:\WINNT\system32\dllcache\msrating.dll
- 2007-12-07 02:21:48	671,232	-c----w	C:\WINNT\system32\dllcache\mstime.dll
+ 2008-03-01 13:06:29	671,232	-c----w	C:\WINNT\system32\dllcache\mstime.dll
+ 2003-07-16 16:33:55	2,944	-c--a-w	C:\WINNT\system32\dllcache\null.sys
- 2007-12-07 02:21:48	102,912	-c----w	C:\WINNT\system32\dllcache\occache.dll
+ 2008-03-01 13:06:29	102,912	-c----w	C:\WINNT\system32\dllcache\occache.dll
- 2008-01-11 05:53:32	44,544	-c--a-w	C:\WINNT\system32\dllcache\pngfilt.dll
+ 2008-03-01 13:06:29	44,544	-c--a-w	C:\WINNT\system32\dllcache\pngfilt.dll
- 2006-11-01 23:31:38	1,669,120	-c--a-w	C:\WINNT\system32\dllcache\setup_wm.exe
+ 2005-01-28 17:44:28	819,200	----a-w	C:\WINNT\system32\dllcache\setup_wm.exe
+ 2001-08-18 18:00:00	1,744	-c--a-w	C:\WINNT\system32\dllcache\sound.drv
- 2007-06-27 02:10:26	317,440	-c--a-w	C:\WINNT\system32\dllcache\unregmp2.exe
+ 2005-01-28 17:44:28	192,512	----a-w	C:\WINNT\system32\dllcache\unregmp2.exe
- 2007-12-07 02:21:48	105,984	-c----w	C:\WINNT\system32\dllcache\url.dll
+ 2008-03-01 13:06:29	105,984	-c----w	C:\WINNT\system32\dllcache\url.dll
- 2007-12-07 02:21:48	1,159,680	-c----w	C:\WINNT\system32\dllcache\urlmon.dll
+ 2008-03-01 13:06:30	1,159,680	-c----w	C:\WINNT\system32\dllcache\urlmon.dll
+ 2001-08-18 18:00:00	2,176	-c--a-w	C:\WINNT\system32\dllcache\vga.drv
- 2007-12-07 02:21:48	233,472	-c----w	C:\WINNT\system32\dllcache\webcheck.dll
+ 2008-03-01 13:06:30	233,472	-c----w	C:\WINNT\system32\dllcache\webcheck.dll
- 2007-03-08 13:47:48	1,843,584	-c--a-w	C:\WINNT\system32\dllcache\win32k.sys
+ 2008-03-19 09:47:00	1,845,248	-c--a-w	C:\WINNT\system32\dllcache\win32k.sys
- 2007-12-07 02:21:48	824,832	-c----w	C:\WINNT\system32\dllcache\wininet.dll
+ 2008-03-01 13:06:31	826,368	-c----w	C:\WINNT\system32\dllcache\wininet.dll
+ 2003-07-16 16:45:27	2,864	-c--a-w	C:\WINNT\system32\dllcache\winsock.dll
+ 2003-07-16 16:45:28	2,112	-c--a-w	C:\WINNT\system32\dllcache\winspool.exe
- 2006-10-19 02:47:20	227,328	-c--a-w	C:\WINNT\system32\dllcache\wmerror.dll
+ 2005-01-28 17:44:28	189,440	----a-w	C:\WINNT\system32\dllcache\wmerror.dll
- 2007-06-12 03:51:12	10,834,944	-c--a-w	C:\WINNT\system32\dllcache\wmp.dll
+ 2007-04-30 12:20:24	5,537,792	-c--a-w	C:\WINNT\system32\dllcache\wmp.dll
- 2006-10-19 02:47:20	242,688	-c--a-w	C:\WINNT\system32\dllcache\wmpasf.dll
+ 2005-01-28 17:44:28	135,168	----a-w	C:\WINNT\system32\dllcache\wmpasf.dll
- 2006-10-19 02:47:20	96,256	-c--a-w	C:\WINNT\system32\dllcache\wmpband.dll
+ 2005-01-28 17:44:28	77,824	----a-w	C:\WINNT\system32\dllcache\wmpband.dll
- 2006-10-19 02:47:20	314,880	-c--a-w	C:\WINNT\system32\dllcache\wmpdxm.dll
+ 2005-01-28 17:44:28	282,624	----a-w	C:\WINNT\system32\dllcache\wmpdxm.dll
- 2006-10-19 02:46:20	64,000	-c--a-w	C:\WINNT\system32\dllcache\wmplayer.exe
+ 2005-01-28 17:44:28	73,728	----a-w	C:\WINNT\system32\dllcache\wmplayer.exe
- 2006-10-19 02:47:20	8,231,936	-c--a-w	C:\WINNT\system32\dllcache\wmploc.dll
+ 2005-01-28 17:44:28	3,371,008	----a-w	C:\WINNT\system32\dllcache\wmploc.dll
- 2006-10-19 02:47:20	99,840	-c--a-w	C:\WINNT\system32\dllcache\wmpshell.dll
+ 2005-01-28 17:44:28	86,016	----a-w	C:\WINNT\system32\dllcache\wmpshell.dll
+ 2003-07-16 16:46:34	2,736	-c--a-w	C:\WINNT\system32\dllcache\wowdeb.exe
- 2006-06-26 17:37:10	148,480	----a-w	C:\WINNT\system32\dnsapi.dll
+ 2008-02-20 05:32:43	148,992	----a-w	C:\WINNT\system32\dnsapi.dll
+ 2007-07-11 17:37:26	6,272	----a-w	C:\WINNT\system32\drivers\AWRTPD.sys
+ 2007-08-07 16:58:08	8,320	----a-w	C:\WINNT\system32\drivers\AWRTRD.sys
+ 2006-10-05 02:42:42	2,432	----a-w	C:\WINNT\system32\drivers\cdr4_xp.sys
+ 2006-10-05 02:42:42	2,560	----a-w	C:\WINNT\system32\drivers\cdralw2k.sys
+ 2004-08-04 05:07:58	2,944	----a-w	C:\WINNT\system32\drivers\drmkaud.sys
+ 2001-08-17 20:00:04	2,944	----a-w	C:\WINNT\system32\drivers\msmpu401.sys
+ 2007-08-07 16:56:58	9,344	----a-w	C:\WINNT\system32\drivers\NSDriver.sys
+ 2003-07-16 16:33:55	2,944	----a-w	C:\WINNT\system32\drivers\null.sys
- 2006-09-27 21:53:22	36,560	----a-w	C:\WINNT\system32\drivers\pxhelp20.sys
+ 2008-02-23 02:38:33	43,872	----a-w	C:\WINNT\system32\drivers\pxhelp20.sys
- 2007-12-19 23:01:06	347,136	----a-w	C:\WINNT\system32\dxtmsft.dll
+ 2008-03-01 13:06:21	347,136	----a-w	C:\WINNT\system32\dxtmsft.dll
- 2007-12-07 02:21:45	214,528	------w	C:\WINNT\system32\dxtrans.dll
+ 2008-03-01 13:06:21	214,528	----a-w	C:\WINNT\system32\dxtrans.dll
- 2007-12-07 02:21:45	133,120	------w	C:\WINNT\system32\extmgr.dll
+ 2008-03-01 13:06:21	133,120	------w	C:\WINNT\system32\extmgr.dll
- 2008-01-26 21:32:54	313,176	----a-w	C:\WINNT\system32\FNTCACHE.DAT
+ 2008-04-11 10:33:34	313,176	----a-w	C:\WINNT\system32\FNTCACHE.DAT
- 2007-12-07 02:21:45	63,488	----a-w	C:\WINNT\system32\icardie.dll
+ 2008-03-01 13:06:21	63,488	----a-w	C:\WINNT\system32\icardie.dll
- 2007-12-06 11:00:57	70,656	------w	C:\WINNT\system32\ie4uinit.exe
+ 2008-02-29 08:55:23	70,656	------w	C:\WINNT\system32\ie4uinit.exe
- 2007-12-07 02:21:45	153,088	------w	C:\WINNT\system32\ieakeng.dll
+ 2008-03-01 13:06:21	153,088	------w	C:\WINNT\system32\ieakeng.dll
- 2007-12-07 02:21:45	230,400	------w	C:\WINNT\system32\ieaksie.dll
+ 2008-03-01 13:06:21	230,400	------w	C:\WINNT\system32\ieaksie.dll
- 2007-12-06 04:59:51	161,792	------w	C:\WINNT\system32\ieakui.dll
+ 2008-02-15 05:44:25	161,792	------w	C:\WINNT\system32\ieakui.dll
- 2007-12-07 02:21:45	383,488	----a-w	C:\WINNT\system32\ieapfltr.dll
+ 2008-03-01 13:06:22	383,488	----a-w	C:\WINNT\system32\ieapfltr.dll
- 2007-12-07 02:21:45	384,512	------w	C:\WINNT\system32\iedkcs32.dll
+ 2008-03-01 13:06:22	384,512	------w	C:\WINNT\system32\iedkcs32.dll
- 2007-12-07 02:21:46	6,066,176	----a-w	C:\WINNT\system32\ieframe.dll
+ 2008-03-01 13:06:24	6,066,176	----a-w	C:\WINNT\system32\ieframe.dll
- 2007-12-07 02:21:46	44,544	------w	C:\WINNT\system32\iernonce.dll
+ 2008-03-01 13:06:24	44,544	------w	C:\WINNT\system32\iernonce.dll
- 2007-12-07 02:21:46	267,776	----a-w	C:\WINNT\system32\iertutil.dll
+ 2008-03-01 13:06:25	267,776	----a-w	C:\WINNT\system32\iertutil.dll
- 2007-12-06 11:00:58	13,824	----a-w	C:\WINNT\system32\ieudinit.exe
+ 2008-02-22 10:00:51	13,824	----a-w	C:\WINNT\system32\ieudinit.exe
- 2007-12-07 02:21:47	27,648	------w	C:\WINNT\system32\jsproxy.dll
+ 2008-03-01 13:06:25	27,648	----a-w	C:\WINNT\system32\jsproxy.dll
+ 2003-07-16 16:26:13	2,000	----a-w	C:\WINNT\system32\keyboard.drv
- 2007-10-11 19:12:48	1,468,968	----a-w	C:\WINNT\system32\LegitCheckControl.dll
+ 2008-03-20 22:06:36	1,480,232	----a-w	C:\WINNT\system32\LegitCheckControl.dll
+ 2005-01-14 03:41:48	11,254	----a-w	C:\WINNT\system32\locate.com
+ 2007-12-14 15:32:52	12,632	----a-w	C:\WINNT\system32\lsdelete.exe
+ 2003-07-16 16:26:53	2,560	----a-w	C:\WINNT\system32\lz32.dll
+ 2003-07-16 16:28:42	2,032	----a-w	C:\WINNT\system32\mouse.drv
- 2008-03-05 16:30:54	19,148,408	----a-w	C:\WINNT\system32\MRT.exe
+ 2008-04-06 05:56:20	19,836,024	----a-w	C:\WINNT\system32\MRT.exe
- 2007-12-07 02:21:47	459,264	----a-w	C:\WINNT\system32\msfeeds.dll
+ 2008-03-01 13:06:26	459,264	----a-w	C:\WINNT\system32\msfeeds.dll
- 2007-12-07 02:21:47	52,224	----a-w	C:\WINNT\system32\msfeedsbs.dll
+ 2008-03-01 13:06:26	52,224	----a-w	C:\WINNT\system32\msfeedsbs.dll
- 2007-12-08 05:21:48	3,592,192	----a-w	C:\WINNT\system32\mshtml.dll
+ 2008-03-01 22:36:30	3,591,680	----a-w	C:\WINNT\system32\mshtml.dll
- 2007-12-07 02:21:47	478,208	------w	C:\WINNT\system32\mshtmled.dll
+ 2008-03-01 13:06:28	478,208	----a-w	C:\WINNT\system32\mshtmled.dll
- 2007-12-07 02:21:48	193,024	------w	C:\WINNT\system32\msrating.dll
+ 2008-03-01 13:06:28	193,024	------w	C:\WINNT\system32\msrating.dll
- 2007-12-07 02:21:48	671,232	------w	C:\WINNT\system32\mstime.dll
+ 2008-03-01 13:06:29	671,232	------w	C:\WINNT\system32\mstime.dll
- 2004-08-04 06:56:44	1,392,671	----a-w	C:\WINNT\system32\msvbvm60.dll
+ 2004-02-24 13:12:40	1,386,496	------w	C:\WINNT\system32\msvbvm60.dll
+ 2003-07-16 16:32:55	2,656	----a-w	C:\WINNT\system32\netware.drv
- 2007-12-07 02:21:48	102,912	------w	C:\WINNT\system32\occache.dll
+ 2008-03-01 13:06:29	102,912	------w	C:\WINNT\system32\occache.dll
- 2008-03-17 15:50:30	63,620	----a-w	C:\WINNT\system32\perfc009.dat
+ 2008-03-22 15:13:52	63,620	----a-w	C:\WINNT\system32\perfc009.dat
- 2008-03-17 15:50:30	404,358	----a-w	C:\WINNT\system32\perfh009.dat
+ 2008-03-22 15:13:52	404,358	----a-w	C:\WINNT\system32\perfh009.dat
- 2008-01-11 05:53:32	44,544	----a-w	C:\WINNT\system32\pngfilt.dll
+ 2008-03-01 13:06:29	44,544	----a-w	C:\WINNT\system32\pngfilt.dll
- 2008-01-25 02:29:24	66,419,180	-c--a-w	C:\WINNT\system32\Restore\rstrlog.dat
+ 2008-03-26 10:51:03	161,048	-c--a-w	C:\WINNT\system32\Restore\rstrlog.dat
+ 2003-07-16 16:39:38	1,744	----a-w	C:\WINNT\system32\sound.drv
- 2007-10-08 19:46:18	14,640	----a-w	C:\WINNT\system32\spmsg.dll
+ 2008-03-20 18:41:20	14,640	------w	C:\WINNT\system32\spmsg.dll
+ 2003-01-26 17:41:24	40,960	----a-w	C:\WINNT\system32\SSubTmr6.dll
- 2007-12-07 02:21:48	105,984	----a-w	C:\WINNT\system32\url.dll
+ 2008-03-01 13:06:29	105,984	----a-w	C:\WINNT\system32\url.dll
- 2007-12-07 02:21:48	1,159,680	----a-w	C:\WINNT\system32\urlmon.dll
+ 2008-03-01 13:06:30	1,159,680	----a-w	C:\WINNT\system32\urlmon.dll
+ 2003-07-16 16:43:37	2,176	----a-w	C:\WINNT\system32\vga.drv
+ 2004-01-27 02:30:32	2,272	----a-w	C:\WINNT\system32\w95inf16.dll
- 2007-12-07 02:21:48	233,472	----a-w	C:\WINNT\system32\webcheck.dll
+ 2008-03-01 13:06:30	233,472	----a-w	C:\WINNT\system32\webcheck.dll
+ 2003-07-16 16:45:27	2,864	----a-w	C:\WINNT\system32\winsock.dll
+ 2003-07-16 16:45:28	2,112	----a-w	C:\WINNT\system32\winspool.exe
- 2006-10-19 02:47:20	227,328	----a-w	C:\WINNT\system32\wmerror.dll
+ 2005-01-28 17:44:28	189,440	----a-w	C:\WINNT\system32\wmerror.dll
- 2007-06-12 03:51:12	10,834,944	----a-w	C:\WINNT\system32\wmp.dll
+ 2007-04-30 12:20:24	5,537,792	----a-w	C:\WINNT\system32\wmp.dll
- 2006-10-19 02:47:20	242,688	----a-w	C:\WINNT\system32\wmpasf.dll
+ 2005-01-28 17:44:28	135,168	----a-w	C:\WINNT\system32\wmpasf.dll
- 2006-10-19 02:47:20	314,880	----a-w	C:\WINNT\system32\wmpdxm.dll
+ 2005-01-28 17:44:28	282,624	----a-w	C:\WINNT\system32\wmpdxm.dll
- 2006-10-19 02:47:20	1,661,440	----a-w	C:\WINNT\system32\wmpencen.dll
+ 2005-01-28 17:44:28	1,594,880	----a-w	C:\WINNT\system32\wmpencen.dll
- 2006-10-19 02:47:20	8,231,936	----a-w	C:\WINNT\system32\wmploc.dll
+ 2005-01-28 17:44:28	3,371,008	----a-w	C:\WINNT\system32\wmploc.dll
- 2006-10-19 02:47:20	99,840	----a-w	C:\WINNT\system32\wmpshell.dll
+ 2005-01-28 17:44:28	86,016	----a-w	C:\WINNT\system32\wmpshell.dll
- 2006-10-19 02:47:20	204,288	----a-w	C:\WINNT\system32\wmpsrcwp.dll
+ 2005-01-28 17:44:28	175,104	----a-w	C:\WINNT\system32\wmpsrcwp.dll
+ 2003-07-16 16:46:34	2,736	----a-w	C:\WINNT\system32\wowdeb.exe
+ 2000-08-31 12:00:00	49,152	----a-w	C:\WINNT\VFind.exe
+ 2000-08-31 12:00:00	68,096	----a-w	C:\WINNT\zip.exe
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINNT\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 11:05 68856]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 11:39 1310720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jet Detection"="C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-10-04 02:00 28672]
"NvCplDaemon"="C:\WINNT\System32\NvCpl.dll" [2005-02-24 07:32 5537792]
"AWMON"="C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe" [ ]
"PinnacleDriverCheck"="C:\WINNT\System32\PSDrvCheck.exe" [2004-03-10 18:26 406016]
"UpdReg"="C:\WINNT\UpdReg.EXE" [2000-05-11 02:00 90112]
"DIGStream"="C:\Program Files\DIGStream\digstream.exe" [ ]
"MyWebSearch Email Plugin"="C:\PROGRA~1\MyWay\bar\1.bin\mwsoemon.exe" [ ]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [ ]
"pphelpa"="" []
"Adstartup"="" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2005-12-08 11:51 25600 C:\WINNT\MIDIDEF.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SetDefaultMidi"="MIDIDEF.EXE" [2005-12-08 11:51 25600 C:\WINNT\MIDIDEF.EXE]
"tscuninstall"="C:\WINNT\system32\tscupgrd.exe" [2004-08-04 01:59 44544]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2002-06-11 10:31:50 323646]
MagicTune3.6.lnk - C:\Program Files\SEC\MagicTune3.6_Client_pivot\MagicTuneTray.exe [2006-03-05 21:06:02 45056]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 03:01:04 83360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-02-27 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.dvsd"= dvc.dll
"VIDC.PIM1"= pclepim1.dll
"VIDC.I420"= vdrcodec.dll
"msacm.ctmp3"= C:\WINNT\System32\ctmp3.acm
"VIDC.MJPG"= Pvmjpg21.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders	msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"Messenger"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdReg"=C:\WINNT\UpdReg.EXE
"GWMDMMSG"=GWMDMMSG.exe
"NvCplDaemon"=RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
"CTHelper"=CTHELPER.EXE
"PinnacleDriverCheck"=C:\WINNT\System32\PSDrvCheck.exe -CheckReg

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\Hpqdirec.exe"=
"C:\\Documents and Settings\\Debi\\Application Data\\Microsoft\\PowerPoint\\PPT10.pcb"=
"C:\\Program Files\\Microsoft Office\\Office10\\MSACCESS.EXE"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

R2 NMSSvc;Intel(R) NMS;C:\WINNT\System32\NMSSvc.exe [2002-05-03 13:36]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINNT\System32\svchost.exe [2004-08-04 02:56]
R3 NMSCFG;NIC Management Service Configuration Driver;C:\WINNT\system32\drivers\NMSCFG.SYS [2002-05-03 13:36]
S3 ati2mpaa;ati2mpaa;C:\WINNT\system32\DRIVERS\ati2mpaa.sys [2001-08-17 14:48]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{537c22ca-e53f-11db-a774-000f66ed5bca}]
\Shell\AutoRun\command - H:\setupSNK.exe

*Newly Created Service* - NMSCFG
.
Contents of the 'Scheduled Tasks' folder
"2008-04-18 21:18:10 C:\WINNT\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2007-01-12 11:39:22 C:\WINNT\Tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1160533022.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I 
"2008-04-15 06:56:31 C:\WINNT\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe%
"2008-03-01 06:00:22 C:\WINNT\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-23 20:16:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 


C:\WINNT\TEMP\mcafee_Bkut4TxVpwIg1Iv 0 bytes
C:\WINNT\TEMP\mcafee_Bkut4TxVpwIg1Iv-journal 20 bytes

scan completed successfully
hidden files: 2

**************************************************************************
.
Completion time: 2008-04-23 20:23:57
ComboFix-quarantined-files.txt  2008-04-24 00:23:31
ComboFix2.txt  2008-03-22 13:52:54

Pre-Run: 47,956,013,056 bytes free
Post-Run: 47,987,982,336 bytes free

539	--- E O F ---	2008-04-19 07:02:33