Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93085 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Help removing Winself

Started by Gordon22 , May 11 2008 08:14 PM

  • This topic is locked This topic is locked
16 replies to this topic

#1 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 11 May 2008 - 08:14 PM

I have a Trogan virus in Winself. Can i get some help removing please. I used hijackthis and here is my log.

Deckard's System Scanner v20071014.68
Run by G-Man on 2008-05-11 18:26:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
92: 2008-05-12 01:27:00 UTC - RP717 - Deckard's System Scanner Restore Point
91: 2008-05-12 01:00:34 UTC - RP716 - Software Distribution Service 3.0
90: 2008-05-11 18:37:41 UTC - RP715 - Software Distribution Service 3.0
89: 2008-05-11 18:36:37 UTC - RP714 - Installed Windows Internet Explorer 7.
88: 2008-05-11 18:36:02 UTC - RP713 - Installed Windows IDNMitigationAPIs.


-- First Restore Point --
1: 2008-05-04 05:23:56 UTC - RP626 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as G-Man.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:29:36 PM, on 5/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wmsdkns.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINDOWS\winself.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\G-Man\Local Settings\Temporary Internet Files\Content.IE5\ISTU4NXG\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\G-Man.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.n...lbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: adzgalore - {2bef8398-4250-c3c7-7545-c785a2fb21ea} - C:\WINDOWS\system32\nsi168.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: {943b357a-14a9-96db-c8d4-f9117c41c454} - {454c14c7-119f-4d8c-bd69-9a41a753b349} - C:\WINDOWS\system32\hsooroki.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: StFlex IE Helper - {8334A30C-49E5-489a-B63D-5B927C1EF46E} - C:\Program Files\QdrDrive\QdrDrive15.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {90098266-ED02-4C85-9702-CDB60B40C9B1} - C:\WINDOWS\system32\hgGvVlJy.dll
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SecurityUpdate] "rundll32.exe" C:\WINDOWS\system32\drmpkka.dll,TurnOn2
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DVDtoiPodConverter_upgrade] "C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe" /upgrade
O4 - HKLM\..\Run: [iPodConverterSuite_upgrade] "C:\Program Files\E-Zsoft\iPodConverterSuite\iPodConverterSuite.exe" /upgrade
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [AntispyStorm] C:\Program Files\AntispyStorm\AntispyStorm.exe
O4 - HKLM\..\Run: [18000405] rundll32.exe "C:\WINDOWS\system32\ohwfvotd.dll",b
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [BM1b333799] Rundll32.exe "C:\WINDOWS\system32\tsdgfrsv.dll",s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?1e8ce2536a3445edbd876958dda83ee4
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?1e8ce2536a3445edbd876958dda83ee4
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...90/mcinsctl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab47946.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,23/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: curdler - {bd0fc212-0a36-4232-83cc-2063fb9282e0} - (no file)
O22 - SharedTaskScheduler: fluobromide - {e7aff349-39e1-4a96-a13d-24983440b44a} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINDOWS\winself.exe
O23 - Service: USB2.0 VIDBOX NW01 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe

--
End of file - 15800 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 CDRPDACC (Arrowkey Device Access) - c:\program files\321studios\shared\cdrpdacc.sys <Not Verified; Arrowkey; CD Device Access>
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.10) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.10>
R3 DSproct - c:\program files\dell support\gtaction\triggers\dsproct.sys <Not Verified; GTek Technologies Ltd.; processt>
R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S3 BVRPMPR5 (BVRPMPR5 NDIS Protocol Driver) - d:\instal~e\core\bvrpmpr5.sys (file missing)
S3 DNINDIS5 (DNINDIS5 NDIS Protocol Driver) - c:\windows\system32\dnindis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 StkAMini (USB2.0 VIDBOX NW01) - c:\windows\system32\drivers\stkamini.sys <Not Verified; Syntek America Inc.; Syntek Universal Serial Bus 2.0 Video Mini Driver>
S3 StkScan (USB2.0 VIDBOX NW01 Still Image) - c:\windows\system32\drivers\stkscan.sys <Not Verified; Syntek America Inc.; Syntek Universal Serial Bus 2.0 Still Image Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 MsSecurity1.209.4 (MsSecurity Updated) - c:\windows\winself.exe service
R2 StkASSrv (USB2.0 VIDBOX NW01 Service) - c:\windows\system32\stkasv2k.exe <Not Verified; Syntek America Inc.; Syntek Hardware Snapshot Launch Application Services>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\9106611B23C01
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\9106611B23C01
Service: NIC1394


-- Scheduled Tasks -------------------------------------------------------------

2008-05-11 17:35:01 256 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-05-11 12:07:17 340 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-05-11 12:07:16 332 --a------ C:\WINDOWS\Tasks\McQcTask.job
2008-05-09 18:30:00 350 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (GORDON-G-Man).job
2008-05-09 18:30:00 350 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (1) (US-G-Man).job
2008-05-08 11:14:38 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-04-11 and 2008-05-11 -----------------------------

2008-05-11 18:29:20 0 d-------- C:\Program Files\Trend Micro
2008-05-11 17:20:59 0 d-------- C:\Documents and Settings\G-Man\Application Data\McAfee
2008-05-11 15:38:29 2112 --a------ C:\WINDOWS\system32\ehvlaybe.exe
2008-05-11 15:35:30 91712 --a------ C:\WINDOWS\system32\ohwfvotd.dll
2008-05-11 15:32:27 101952 --a------ C:\WINDOWS\system32\hsooroki.dll
2008-05-11 15:29:28 98368 --a------ C:\WINDOWS\system32\tsdgfrsv.dll
2008-05-11 15:18:12 0 d-------- C:\Program Files\Disney
2008-05-11 12:30:32 0 d-------- C:\Program Files\AntispyStorm
2008-05-11 12:24:39 30208 --a------ C:\WINDOWS\stcloader.exe
2008-05-11 12:24:38 10752 --a------ C:\WINDOWS\voiceip.dll
2008-05-11 12:24:38 10240 --a------ C:\WINDOWS\swin32.dll
2008-05-11 12:24:38 14080 --a------ C:\WINDOWS\cdsm32.dll
2008-05-11 12:24:37 30720 --a------ C:\WINDOWS\bokja.exe
2008-05-11 12:24:36 13568 --a------ C:\WINDOWS\mssvr.exe
2008-05-11 12:24:36 23552 --a------ C:\WINDOWS\mspphe.dll
2008-05-11 12:24:36 9984 --a------ C:\WINDOWS\bjam.dll
2008-05-11 12:24:35 16896 --a------ C:\WINDOWS\2020search2.dll
2008-05-11 12:24:35 12032 --a------ C:\WINDOWS\2020search.dll
2008-05-11 12:24:23 25600 --a------ C:\WINDOWS\saiemod.dll
2008-05-11 12:24:19 8704 --a------ C:\WINDOWS\msapasrc.dll
2008-05-11 12:24:19 13056 --a------ C:\WINDOWS\msa64chk.dll
2008-05-11 12:24:12 9472 --a------ C:\WINDOWS\shdocpl.dll
2008-05-11 12:24:11 17408 --a------ C:\WINDOWS\ntnut.exe
2008-05-11 12:24:10 12032 --a------ C:\WINDOWS\shdocpe.dll
2008-05-11 12:24:07 27648 --a------ C:\WINDOWS\winsb.dll
2008-05-11 12:24:06 10496 --a------ C:\WINDOWS\browserad.dll
2008-05-11 12:24:06 11008 --a------ C:\WINDOWS\aviwrap32.dll
2008-05-11 12:24:06 13056 --a------ C:\WINDOWS\avisynthex32.dll
2008-05-11 12:24:06 12032 --a------ C:\WINDOWS\avifile32.dll
2008-05-11 12:24:06 26112 --a------ C:\WINDOWS\autodisc32.dll
2008-05-11 12:24:05 9216 --a------ C:\WINDOWS\audiosrv32.dll
2008-05-11 12:24:04 12288 --a------ C:\WINDOWS\ati2dvag32.dll
2008-05-11 12:24:04 20736 --a------ C:\WINDOWS\ati2dvaa32.dll
2008-05-11 12:24:03 25856 --a------ C:\WINDOWS\athprxy32.dll
2008-05-11 12:24:02 26624 --a------ C:\WINDOWS\asycfilt32.dll
2008-05-11 12:24:01 26624 --a------ C:\WINDOWS\asferror32.dll
2008-05-11 12:24:00 28416 --a------ C:\WINDOWS\changeurl_30.dll
2008-05-11 12:24:00 30208 --a------ C:\WINDOWS\apphelp32.dll
2008-05-11 12:15:23 4 --a------ C:\WINDOWS\system32\winfrun32.bin
2008-05-11 12:14:53 91561 --a------ C:\WINDOWS\system32\wmsdkns.exe <Not Verified; Microsoft; XML Media>
2008-05-11 12:14:53 91561 --a------ C:\WINDOWS\lfn.exe <Not Verified; Microsoft; XML Media>
2008-05-11 12:09:35 143360 --a------ C:\WINDOWS\system32\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 Multi-Threading UnZIP DLL>
2008-05-11 12:06:32 0 d-------- C:\Program Files\McAfee
2008-05-11 12:06:04 0 d-------- C:\Program Files\Common Files\McAfee
2008-05-11 11:37:19 0 d--h----- C:\WINDOWS\msdownld.tmp
2008-05-11 09:35:07 0 d-------- C:\Program Files\Common Files\Scanner
2008-05-11 09:35:07 0 d-------- C:\Program Files\ComcastToolbar
2008-05-11 09:35:07 0 d-------- C:\Documents and Settings\G-Man\Application Data\ComcastToolbar
2008-05-10 15:36:32 102464 --a------ C:\WINDOWS\system32\rfxrgprc.dll
2008-05-10 15:33:32 2112 --a------ C:\WINDOWS\system32\qtlumnra.exe
2008-05-10 15:30:32 100416 --a------ C:\WINDOWS\system32\cjchecoq.dll
2008-05-10 15:26:45 102464 --a------ C:\WINDOWS\system32\hodwrxqu.dll
2008-05-10 15:26:44 2112 --a------ C:\WINDOWS\system32\vgqsrmpg.exe
2008-05-10 15:23:45 100416 --a------ C:\WINDOWS\system32\ncelflwy.dll
2008-05-10 15:21:00 100416 --a------ C:\WINDOWS\system32\snkfykmf.dll
2008-05-10 00:20:05 0 d-------- C:\Documents and Settings\G-Man\Application Data\.clamwin
2008-05-10 00:19:57 0 d-------- C:\Program Files\ClamWin
2008-05-10 00:19:57 0 d-------- C:\Documents and Settings\All Users\.clamwin
2008-05-10 00:11:49 0 d-------- C:\Program Files\WinMerge
2008-05-10 00:06:50 0 dr-h----- C:\Documents and Settings\G-Man\Recent
2008-05-10 00:05:16 0 d-------- C:\Program Files\CCleaner
2008-05-09 23:55:13 0 d-------- C:\System LifeGuard Recycled
2008-05-09 23:55:13 0 d-------- C:\System LifeGuard Backups
2008-05-09 23:55:04 58904 --a------ C:\WINDOWS\system32\sldrvmrg.dll
2008-05-09 23:54:29 0 d-------- C:\Program Files\System LifeGuard 2
2008-05-09 23:47:23 0 d-------- C:\Program Files\PConPoint
2008-05-09 23:19:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-09 22:35:05 53248 --a------ C:\WINDOWS\system32\ArmAccess.dll
2008-05-09 22:35:04 494352 --a------ C:\WINDOWS\system32\SHDOC401.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows ® 2000 Operating System>
2008-05-09 22:35:03 0 d-------- C:\Program Files\PC Doc Pro
2008-05-09 22:11:57 0 d-------- C:\Program Files\Microsoft Silverlight
2008-05-09 11:09:41 102976 --a------ C:\WINDOWS\system32\cufauqik.dll
2008-05-09 11:06:40 2112 --a------ C:\WINDOWS\system32\rlpfufns.exe
2008-05-08 16:16:28 48180 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-05-08 11:15:09 0 d-------- C:\Program Files\Safari
2008-05-08 11:14:43 0 d-------- C:\Program Files\Bonjour
2008-05-08 11:14:35 0 d-------- C:\Program Files\Apple Software Update
2008-05-08 11:06:41 2112 --a------ C:\WINDOWS\system32\expeoaji.exe
2008-05-08 11:00:41 106048 --a------ C:\WINDOWS\system32\gndtrolb.dll
2008-05-08 11:00:12 105024 --a------ C:\WINDOWS\system32\puqojrij.dll
2008-05-06 20:10:17 108608 --a------ C:\WINDOWS\system32\wkhriloh.dll
2008-05-06 20:07:17 2112 --a------ C:\WINDOWS\system32\htfhgica.exe
2008-05-06 20:04:17 104512 --a------ C:\WINDOWS\system32\bhxoptfm.dll
2008-05-05 21:47:38 0 d-------- C:\Program Files\Alwil Software
2008-05-05 20:11:42 107584 --a------ C:\WINDOWS\system32\lkwtoiea.dll
2008-05-05 20:05:42 104000 --a------ C:\WINDOWS\system32\oicbgfad.dll
2008-05-05 19:08:43 107584 --a------ C:\WINDOWS\system32\chebtnrf.dll
2008-05-05 19:05:43 104000 --a------ C:\WINDOWS\system32\feqlcwvc.dll
2008-05-04 22:32:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-04 21:31:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-04 19:07:03 108096 --a------ C:\WINDOWS\system32\ytahwixg.dll
2008-05-04 19:03:35 104512 --a------ C:\WINDOWS\system32\iqiqisai.dll
2008-05-03 23:17:33 1695 --a------ C:\WINDOWS\system32\clbinit.dll
2008-05-03 22:23:45 1040181 --ahs---- C:\WINDOWS\system32\yJlVvGgh.ini2
2008-05-03 22:23:41 281600 --a------ C:\WINDOWS\system32\hgGvVlJy.dll
2008-05-03 22:18:35 0 d-------- C:\Program Files\QdrModule
2008-05-03 22:18:35 0 d-------- C:\Program Files\QdrDrive
2008-05-03 22:18:34 0 d-------- C:\Program Files\ISM
2008-05-03 22:18:12 20992 --a------ C:\WINDOWS\winself.exe
2008-05-03 09:49:46 8780 --a------ C:\WINDOWS\system32\000080.exe
2008-04-28 08:35:26 431616 --a------ C:\WINDOWS\system32\nsi168.dll
2008-04-12 02:25:02 0 d-------- C:\ac4457c002c70707e059f64f02


-- Find3M Report ---------------------------------------------------------------

2008-05-11 18:16:51 384 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000005-00000000-00000004-00001102-00000004-20061102}.dat
2008-05-11 18:16:51 384 --a------ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000004-00001102-00000004-20061102}.dat
2008-05-11 14:06:48 0 d-------- C:\Program Files\Common Files
2008-05-11 12:13:17 0 d-------- C:\Program Files\McAfee.com
2008-05-11 12:12:37 0 d-------- C:\Program Files\Google
2008-05-09 16:22:11 0 d-------- C:\Program Files\Common Files\AVSMedia
2008-05-09 15:59:00 0 d-------- C:\Program Files\Diablo II
2008-05-06 20:05:51 0 d-------- C:\Program Files\DVDXCopy Platinum
2008-05-06 19:07:48 0 d-------- C:\Program Files\Real
2008-05-06 19:03:56 0 d-------- C:\Program Files\Lavasoft
2008-05-05 14:30:42 0 d-------- C:\Documents and Settings\G-Man\Application Data\Adobe
2008-05-04 21:05:33 0 d-------- C:\Program Files\PopsMedia Site Adviser
2008-04-14 17:44:25 0 d-------- C:\Documents and Settings\G-Man\Application Data\FrostWire
2008-04-08 18:49:38 0 d-------- C:\Program Files\FrostWire
2008-04-07 23:41:21 0 d-------- C:\Documents and Settings\G-Man\Application Data\Apple Computer
2008-04-07 23:39:42 0 d-------- C:\Program Files\iTunes
2008-04-07 23:39:17 0 d-------- C:\Program Files\iPod
2008-04-07 23:37:23 0 d-------- C:\Program Files\QuickTime
2008-03-24 22:38:13 0 d-------- C:\Documents and Settings\G-Man\Application Data\AdobeUM
2008-03-19 19:07:05 0 d-------- C:\Documents and Settings\G-Man\Application Data\Real
2008-03-18 20:27:01 0 d-------- C:\Documents and Settings\G-Man\Application Data\MSNInstaller
2008-03-18 20:21:08 0 d-------- C:\Documents and Settings\G-Man\Application Data\Google
2008-03-18 20:18:14 0 d-------- C:\Program Files\Incomplete
2008-03-13 19:42:22 0 d-------- C:\Program Files\MySpace
2008-03-13 19:36:42 0 d-------- C:\Program Files\Windows Live
2008-03-13 19:36:17 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2bef8398-4250-c3c7-7545-c785a2fb21ea}]
04/28/2008 08:35 AM 431616 --a------ C:\WINDOWS\system32\nsi168.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{454c14c7-119f-4d8c-bd69-9a41a753b349}]
05/11/2008 03:32 PM 101952 --a------ C:\WINDOWS\system32\hsooroki.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8334A30C-49E5-489a-B63D-5B927C1EF46E}]
04/03/2008 01:05 PM 147456 --a------ C:\Program Files\QdrDrive\QdrDrive15.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{90098266-ED02-4C85-9702-CDB60B40C9B1}]
05/03/2008 10:23 PM 281600 --a------ C:\WINDOWS\system32\hgGvVlJy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [04/25/2005 06:50 AM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [04/14/2005 07:05 PM]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [09/17/2003 08:43 AM]
"CTDVDDET"="C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [06/17/2003 11:00 PM]
"CTHelper"="CTHELPER.EXE" [03/11/2004 01:50 PM C:\WINDOWS\system32\CTHELPER.EXE]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/10/2000 11:00 PM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [02/23/2005 02:19 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [07/27/2004 02:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 02:50 PM]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" []
"SecurityUpdate"="rundll32.exe" [08/04/2004 03:00 AM C:\WINDOWS\system32\rundll32.exe]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [12/05/2004 11:05 PM]
"winupdates"="" []
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [01/14/2005 11:00 AM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [02/13/2008 10:15 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [01/26/2005 11:02 PM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/07/2005 12:46 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [12/11/2007 10:40 PM]
"DVDtoiPodConverter_upgrade"="C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe" [11/29/2007 02:30 AM]
"iPodConverterSuite_upgrade"="C:\Program Files\E-Zsoft\iPodConverterSuite\iPodConverterSuite.exe" [11/29/2007 01:22 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"ClamWin"="C:\Program Files\ClamWin\bin\ClamTray.exe" [04/19/2008 04:35 PM]
"AntispyStorm"="C:\Program Files\AntispyStorm\AntispyStorm.exe" [05/11/2008 12:30 PM]
"18000405"="C:\WINDOWS\system32\ohwfvotd.dll" [05/11/2008 03:35 PM]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [01/16/2007 01:59 PM]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [01/08/2007 11:22 AM]
"BM1b333799"="C:\WINDOWS\system32\tsdgfrsv.dll" [05/11/2008 03:29 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [04/04/2007 11:28 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 09:24 AM]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [08/28/2006 10:57 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:00 AM]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [02/01/2008 01:32 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

C:\Documents and Settings\G-Man\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [11/17/1996 1:00:00 AM]
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [11/17/1996 1:00:00 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [7/28/2005 9:18:32 PM]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [12/31/2006 1:25:10 PM]
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [11/11/2004 9:59:36 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"DisableTaskMgr"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"user32.dll"=
"rare"=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\hgGvVlJy

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\clbdriver.sys]
@="driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]
@="Service"




-- End of Deckard's System Scanner: finished at 2008-05-11 18:30:42 ------------

    Advertisements

Register to Remove

#2 peku006

peku006

    Authentic Member

  • Authentic Member
  • PipPip
  • 40 posts

Posted 12 May 2008 - 01:41 PM

Welcome to the What the tech Forums. My name is peku006. I would be glad to take a look at your log and help you with solving any malware problems. HijackThis logs can take a while to research. Please be patient and I'd be grateful if you would note the following:

1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic. Please stay at one forum for help.
3. Please continue reading posts until I give the All Clear. It is important to note this, as a clean looking HijackThis is not always a sign your system is clean.

Note: As I am still on training, everything that I post to you, must be checked by an Admin or Moderator. Thus, there may be a tiny bit of a delay between posts, but it shouldn't be too long.
MRU Master

Posted Image
Posted Image

#3 peku006

peku006

    Authentic Member

  • Authentic Member
  • PipPip
  • 40 posts

Posted 13 May 2008 - 05:24 AM

Hello Gordon22

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible.
Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.

1 - Download and Install SDFix
Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

2 - Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

3 - Run SDFix
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).

4 - Scan With ComboFix

Please visit this webpage for download links, and instructions for running ComboFix -

http://www.bleepingc...to-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should see a blue screen prompt that says -

The Recovery Console was successfully installed.

Please continue as follows -

  • Close/Disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix.
  • Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

5 - Status Check
Please reply with

1. the SDFix Report.txt
2. the ComboFix log
3. a fresh HijackThis log
Thanks peku006
MRU Master

Posted Image
Posted Image

#4 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 13 May 2008 - 06:54 PM

SDFix: Version 1.182
Run by Administrator on Tue 05/13/2008 at 04:16 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Name :
MsSecurity1.209.4

Path :
C:\WINDOWS\winself.exe service

MsSecurity1.209.4 - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default Desktop Wallpaper

Rebooting


Checking Files :

Trojan Files Found:

C:\WINDOWS\SYSTEM32\TASKKILL.EXE - Deleted
C:\137.TMP - Deleted
C:\138.TMP - Deleted
C:\139.TMP - Deleted
C:\Program Files\AntispyStorm\AntispyStorm.exe.MANIFEST - Deleted
C:\Program Files\AntispyStorm\stat.bin - Deleted
C:\Program Files\AntispyStorm\uninstall.exe - Deleted
C:\Program Files\AntispyStorm\uninstall.log - Deleted
C:\Program Files\ISM\ism.exe - Deleted
C:\Program Files\ISM\Uninstall.exe - Deleted
C:\Program Files\QdrDrive\QdrDrive15.dll - Deleted
C:\Program Files\QdrDrive\qdrloader.exe - Deleted
C:\WINDOWS\system32\000080.exe - Deleted
C:\WINDOWS\123messenger.per - Deleted
C:\WINDOWS\2020search.dll - Deleted
C:\WINDOWS\2020search2.dll - Deleted
C:\WINDOWS\apphelp32.dll - Deleted
C:\WINDOWS\asferror32.dll - Deleted
C:\WINDOWS\asycfilt32.dll - Deleted
C:\WINDOWS\athprxy32.dll - Deleted
C:\WINDOWS\ati2dvaa32.dll - Deleted
C:\WINDOWS\ati2dvag32.dll - Deleted
C:\WINDOWS\audiosrv32.dll - Deleted
C:\WINDOWS\autodisc32.dll - Deleted
C:\WINDOWS\avifile32.dll - Deleted
C:\WINDOWS\avisynthex32.dll - Deleted
C:\WINDOWS\aviwrap32.dll - Deleted
C:\WINDOWS\bjam.dll - Deleted
C:\WINDOWS\bokja.exe - Deleted
C:\WINDOWS\browserad.dll - Deleted
C:\WINDOWS\cdsm32.dll - Deleted
C:\WINDOWS\changeurl_30.dll - Deleted
C:\WINDOWS\default.htm - Deleted
C:\WINDOWS\didduid.ini - Deleted
C:\WINDOWS\licencia.txt - Deleted
C:\WINDOWS\megavid.cdt - Deleted
C:\WINDOWS\msa64chk.dll - Deleted
C:\WINDOWS\msapasrc.dll - Deleted
C:\WINDOWS\mspphe.dll - Deleted
C:\WINDOWS\mssvr.exe - Deleted
C:\WINDOWS\muotr.so - Deleted
C:\WINDOWS\ntnut.exe - Deleted
C:\WINDOWS\saiemod.dll - Deleted
C:\WINDOWS\shdocpe.dll - Deleted
C:\WINDOWS\shdocpl.dll - Deleted
C:\WINDOWS\stcloader.exe - Deleted
C:\WINDOWS\swin32.dll - Deleted
C:\WINDOWS\system32\cmd.com - Deleted
C:\WINDOWS\system32\netstat.com - Deleted
C:\WINDOWS\system32\ping.com - Deleted
C:\WINDOWS\system32\regedit.com - Deleted
C:\WINDOWS\system32\taskkill.com - Deleted
C:\WINDOWS\system32\tasklist.com - Deleted
C:\WINDOWS\system32\tracert.com - Deleted
C:\WINDOWS\system32\winfrun32.bin - Deleted
C:\WINDOWS\telefonos.txt - Deleted
C:\WINDOWS\textos.txt - Deleted
C:\WINDOWS\voiceip.dll - Deleted
C:\WINDOWS\winsb.dll - Deleted


Could Not Remove C:\WINDOWS\system32\wmsdkns.exe

Folder C:\Program Files\AntispyStorm - Removed
Folder C:\Program Files\ISM - Removed
Folder C:\Program Files\QdrDrive - Removed
Folder C:\Program Files\QdrModule - Removed


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-13 16:27:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

C:\WINDOWS\ntnut.exe 14080 bytes
C:\WINDOWS\licencia.txt 19968 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 2


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"="C:\\Sierra\\Empire Earth\\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Disabled:LimeWire swarmed installer"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Disabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Disabled:AOL"
"C:\\Unreal Tournament\\System\\UnrealTournament.exe"="C:\\Unreal Tournament\\System\\UnrealTournament.exe:*:Disabled:UnrealTournament"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Diablo II\\Diablo II.exe"="C:\\Program Files\\Diablo II\\Diablo II.exe:*:Enabled:Diablo II"
"C:\\Documents and Settings\\G-Man\\Local Settings\\Temporary Internet Files\\Content.IE5\\O1I7WXAF\\mem86control[1].exe"="C:\\Documents and Settings\\G-Man\\Local Settings\\Temporary Internet Files\\Content.IE5\\O1I7WXAF\\mem86control[1].exe:*:Enabled:mem86control[1]"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Warez3"
"C:\\Documents and Settings\\G-Man\\Desktop\\Ultratech_s_Modified_RedVex\\RedVex 3\\RedVex 3.exe"="C:\\Documents and Settings\\G-Man\\Desktop\\Ultratech_s_Modified_RedVex\\RedVex 3\\RedVex 3.exe:*:Enabled:RedVex 3"
"C:\\Documents and Settings\\G-Man\\My Documents\\Ultratech_s_Modified_RedVex\\RedVex 3\\RedVex 3.exe"="C:\\Documents and Settings\\G-Man\\My Documents\\Ultratech_s_Modified_RedVex\\RedVex 3\\RedVex 3.exe:*:Enabled:RedVex 3"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Nexon\\MapleStory\\Patcher.exe"="C:\\Nexon\\MapleStory\\Patcher.exe:*:Enabled:Patcher MFC ?? ????"
"C:\\Nexon\\MapleStory\\MapleStory.exe"="C:\\Nexon\\MapleStory\\MapleStory.exe:*:Enabled:MapleStory"
"C:\\Program Files\\FrostWire\\FrostWire.exe"="C:\\Program Files\\FrostWire\\FrostWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :

C:\WINDOWS\123messenger.per Found
C:\WINDOWS\2020search.dll Found
C:\WINDOWS\2020search2.dll Found
C:\WINDOWS\apphelp32.dll Found
C:\WINDOWS\asferror32.dll Found
C:\WINDOWS\asycfilt32.dll Found
C:\WINDOWS\athprxy32.dll Found
C:\WINDOWS\ati2dvaa32.dll Found
C:\WINDOWS\ati2dvag32.dll Found
C:\WINDOWS\audiosrv32.dll Found
C:\WINDOWS\autodisc32.dll Found
C:\WINDOWS\avifile32.dll Found
C:\WINDOWS\avisynthex32.dll Found
C:\WINDOWS\aviwrap32.dll Found
C:\WINDOWS\bjam.dll Found
C:\WINDOWS\bokja.exe Found
C:\WINDOWS\browserad.dll Found
C:\WINDOWS\cdsm32.dll Found
C:\WINDOWS\changeurl_30.dll Found
C:\WINDOWS\default.htm Found
C:\WINDOWS\didduid.ini Found
C:\WINDOWS\licencia.txt Found
C:\WINDOWS\msa64chk.dll Found
C:\WINDOWS\msapasrc.dll Found
C:\WINDOWS\mspphe.dll Found
C:\WINDOWS\mssvr.exe Found
C:\WINDOWS\ntnut.exe Found
C:\WINDOWS\saiemod.dll Found
C:\WINDOWS\shdocpe.dll Found
C:\WINDOWS\shdocpl.dll Found
C:\WINDOWS\stcloader.exe Found
C:\WINDOWS\swin32.dll Found
C:\WINDOWS\system32\wmsdkns.exe Found
C:\WINDOWS\telefonos.txt Found
C:\WINDOWS\textos.txt Found
C:\WINDOWS\voiceip.dll Found
C:\WINDOWS\winsb.dll Found

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Thu 18 Oct 2007 56 ..SHR --- "C:\WINDOWS\system32\4DA19DB265.sys"
Thu 18 Oct 2007 3,036 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Wed 11 Jan 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 17 Apr 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Fri 12 Nov 2004 37,376 ...H. --- "C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe"
Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\fd0264849c01086f3c6b505dc02dbd44\BIT10.tmp"
Thu 8 Mar 2007 616,448 A.SH. --- "C:\Deckard\System Scanner\backup\WINDOWS\temp\8jpbuqyb.TMP"
Sat 3 Mar 2007 616,448 A.SH. --- "C:\Deckard\System Scanner\backup\WINDOWS\temp\dvwx1i5g.TMP"
Fri 2 Mar 2007 616,448 A.SH. --- "C:\Deckard\System Scanner\backup\WINDOWS\temp\hkneksx6.TMP"
Tue 13 Mar 2007 616,448 A.SH. --- "C:\Deckard\System Scanner\backup\WINDOWS\temp\hxsqyscr.TMP"
Thu 8 Feb 2007 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch10\lock.tmp"
Thu 8 Feb 2007 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch5\lock.tmp"
Thu 8 Feb 2007 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch6\lock.tmp"
Thu 8 Feb 2007 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch7\lock.tmp"
Thu 8 Feb 2007 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch8\lock.tmp"
Thu 8 Feb 2007 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch9\lock.tmp"

Finished!

#5 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 13 May 2008 - 06:55 PM

ComboFix 08-05-12.1 - G-Man 2008-05-13 17:33:29.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.473 [GMT -7:00]
Running from: C:\Documents and Settings\G-Man\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\G-Man\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\G-Man\Start Menu\Programs\Internet Speed Monitor
C:\Documents and Settings\G-Man\Start Menu\Programs\Internet Speed Monitor\Check Now.lnk
C:\Documents and Settings\G-Man\Start Menu\Programs\Internet Speed Monitor\Uninstall.lnk
C:\Program Files\outlook
C:\Program Files\PopsMedia Site Adviser
C:\Program Files\winupdates
C:\WINDOWS\123messenger.per
C:\WINDOWS\2020search.dll
C:\WINDOWS\2020search2.dll
C:\WINDOWS\apphelp32.dll
C:\WINDOWS\asferror32.dll
C:\WINDOWS\asycfilt32.dll
C:\WINDOWS\athprxy32.dll
C:\WINDOWS\ati2dvaa32.dll
C:\WINDOWS\ati2dvag32.dll
C:\WINDOWS\audiosrv32.dll
C:\WINDOWS\autodisc32.dll
C:\WINDOWS\avifile32.dll
C:\WINDOWS\avisynthex32.dll
C:\WINDOWS\aviwrap32.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\bokja.exe
C:\WINDOWS\browserad.dll
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\changeurl_30.dll
C:\WINDOWS\cookies.ini
C:\WINDOWS\default.htm
C:\WINDOWS\didduid.ini
C:\WINDOWS\lfn.exe
C:\WINDOWS\licencia.txt
C:\WINDOWS\mainms.vpi
C:\WINDOWS\msa64chk.dll
C:\WINDOWS\msapasrc.dll
C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\ntnut.exe
C:\WINDOWS\pskt.ini
C:\WINDOWS\saiemod.dll
C:\WINDOWS\shdocpe.dll
C:\WINDOWS\shdocpl.dll
C:\WINDOWS\stcloader.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\anovlixc.ini
C:\WINDOWS\system32\auxitvtg.ini
C:\WINDOWS\system32\bhxoptfm.dll
C:\WINDOWS\system32\bmaeblek.dll
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cdwoejnv.ini
C:\WINDOWS\system32\chebtnrf.dll
C:\WINDOWS\system32\cjchecoq.dll
C:\WINDOWS\system32\clbinit.dll
C:\WINDOWS\system32\csewjbhu.ini
C:\WINDOWS\system32\cufauqik.dll
C:\WINDOWS\system32\cxilvona.dll
C:\WINDOWS\system32\dtovfwho.ini
C:\WINDOWS\system32\dydsqhrw.dll
C:\WINDOWS\system32\eiyeluyp.dll
C:\WINDOWS\system32\ekweeifl.ini
C:\WINDOWS\system32\feqlcwvc.dll
C:\WINDOWS\system32\gndtrolb.dll
C:\WINDOWS\system32\hgGvVlJy.dll
C:\WINDOWS\system32\hodwrxqu.dll
C:\WINDOWS\system32\hsooroki.dll
C:\WINDOWS\system32\icrefnkk.dll
C:\WINDOWS\system32\iqiqisai.dll
C:\WINDOWS\system32\jetdkjoh.ini
C:\WINDOWS\system32\kfpesgmk.dll
C:\WINDOWS\system32\kihoquff.ini
C:\WINDOWS\system32\lfieewke.dll
C:\WINDOWS\system32\lkwtoiea.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\ncelflwy.dll
C:\WINDOWS\system32\nsi168.dll
C:\WINDOWS\system32\oicbgfad.dll
C:\WINDOWS\system32\puqojrij.dll
C:\WINDOWS\system32\rfxrgprc.dll
C:\WINDOWS\system32\siemyvgk.ini
C:\WINDOWS\system32\snkfykmf.dll
C:\WINDOWS\system32\tsdgfrsv.dll
C:\WINDOWS\system32\vniskhbp.dll
C:\WINDOWS\system32\wctevopa.ini
C:\WINDOWS\system32\wkhriloh.dll
C:\WINDOWS\system32\wmsdkns.exe
C:\WINDOWS\system32\wudlbgxe.ini
C:\WINDOWS\system32\wuvajxyk.dll
C:\WINDOWS\system32\yJlVvGgh.ini
C:\WINDOWS\system32\yJlVvGgh.ini2
C:\WINDOWS\system32\ytahwixg.dll
C:\WINDOWS\telefonos.txt
C:\WINDOWS\textos.txt
C:\WINDOWS\voiceip.dll
C:\WINDOWS\winsb.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_6TO4
-------\Legacy_CLBDRIVER
-------\Service_6to4


((((((((((((((((((((((((( Files Created from 2008-04-14 to 2008-05-14 )))))))))))))))))))))))))))))))
.

2008-05-13 17:26 . 2008-05-13 17:26 2,112 --a------ C:\WINDOWS\system32\qqsuvriv.exe
2008-05-13 16:26 . 2008-05-13 16:27 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2008-05-13 16:10 . 2008-05-13 16:10 <DIR> d-------- C:\WINDOWS\ERUNT
2008-05-13 16:06 . 2008-05-13 16:06 <DIR> d--hs---- C:\found.001
2008-05-13 14:58 . 2008-05-13 14:58 <DIR> d--hs---- C:\found.000
2008-05-13 14:41 . 2008-05-13 16:32 <DIR> d-------- C:\SDFix
2008-05-13 14:34 . 2008-05-13 14:34 <DIR> d-------- C:\Documents and Settings\G-Man\Application Data\Uniblue
2008-05-12 16:55 . 2008-05-12 16:55 2,112 --a------ C:\WINDOWS\system32\sbtvxays.exe
2008-05-11 22:14 . 2008-05-11 22:14 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\McAfee
2008-05-11 18:29 . 2008-05-11 18:29 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-11 18:26 . 2008-05-11 18:26 <DIR> d-------- C:\Deckard
2008-05-11 17:20 . 2008-05-11 17:20 <DIR> d-------- C:\Documents and Settings\G-Man\Application Data\McAfee
2008-05-11 15:38 . 2008-05-11 15:38 2,112 --a------ C:\WINDOWS\system32\ehvlaybe.exe
2008-05-11 15:18 . 2008-05-11 15:18 <DIR> d-------- C:\Program Files\Disney
2008-05-11 12:17 . 2008-05-13 17:37 6,612 --a------ C:\WINDOWS\system32\Config.MPF
2008-05-11 12:09 . 2006-03-03 11:07 143,360 --a------ C:\WINDOWS\system32\dunzip32.dll
2008-05-11 12:07 . 2008-02-06 09:51 171,400 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys
2008-05-11 12:07 . 2007-03-02 14:16 109,608 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys
2008-05-11 12:07 . 2007-06-25 14:54 71,496 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys
2008-05-11 12:07 . 2007-06-25 10:57 37,480 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys
2008-05-11 12:07 . 2007-06-25 10:57 34,184 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys
2008-05-11 12:07 . 2007-06-25 10:57 32,008 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys
2008-05-11 12:06 . 2008-05-11 12:13 <DIR> d-------- C:\Program Files\McAfee
2008-05-11 12:06 . 2008-05-11 12:09 <DIR> d-------- C:\Program Files\Common Files\McAfee
2008-05-11 11:37 . 2008-05-11 11:39 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
2008-05-11 09:35 . 2008-05-11 11:22 <DIR> d-------- C:\Program Files\Common Files\Scanner
2008-05-11 09:35 . 2008-05-11 09:35 <DIR> d-------- C:\Program Files\ComcastToolbar
2008-05-11 09:35 . 2008-05-13 17:27 <DIR> d-------- C:\Documents and Settings\G-Man\Application Data\ComcastToolbar
2008-05-10 18:09 . 2008-05-13 17:38 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-10 18:09 . 2008-05-10 18:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-10 18:01 . 2008-05-11 11:37 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-05-10 15:33 . 2008-05-10 15:33 2,112 --a------ C:\WINDOWS\system32\qtlumnra.exe
2008-05-10 15:26 . 2008-05-10 15:26 2,112 --a------ C:\WINDOWS\system32\vgqsrmpg.exe
2008-05-09 23:55 . 2008-05-09 23:56 <DIR> d-------- C:\System LifeGuard Recycled
2008-05-09 23:55 . 2008-05-09 23:55 <DIR> d-------- C:\System LifeGuard Backups
2008-05-09 23:55 . 2008-05-09 23:55 58,904 --a------ C:\WINDOWS\system32\sldrvmrg.dll
2008-05-09 23:54 . 2008-05-12 14:51 <DIR> d-------- C:\Program Files\System LifeGuard 2
2008-05-09 23:47 . 2008-05-12 14:51 <DIR> d-------- C:\Program Files\PConPoint
2008-05-09 23:19 . 2008-05-10 18:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-09 22:35 . 2008-05-12 14:51 <DIR> d-------- C:\Program Files\PC Doc Pro
2008-05-09 22:11 . 2008-05-09 22:12 <DIR> d-------- C:\Temp\ext18866
2008-05-09 22:11 . 2008-05-09 22:11 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-05-09 11:06 . 2008-05-09 11:06 2,112 --a------ C:\WINDOWS\system32\rlpfufns.exe
2008-05-08 16:16 . 2008-05-08 16:16 48,180 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-05-08 11:15 . 2008-05-08 11:15 <DIR> d-------- C:\Program Files\Safari
2008-05-08 11:14 . 2008-05-08 11:14 <DIR> d-------- C:\Program Files\Bonjour
2008-05-08 11:14 . 2008-05-08 11:14 <DIR> d-------- C:\Program Files\Apple Software Update
2008-05-08 11:06 . 2008-05-08 11:06 2,112 --a------ C:\WINDOWS\system32\expeoaji.exe
2008-05-06 20:07 . 2008-05-06 20:07 2,112 --a------ C:\WINDOWS\system32\htfhgica.exe
2008-05-05 21:47 . 2008-05-05 21:47 <DIR> d-------- C:\Program Files\Alwil Software
2008-05-04 22:32 . 2008-05-06 19:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-04 21:31 . 2008-05-04 21:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-04 19:03 . 2008-05-13 16:58 109,709 --a------ C:\WINDOWS\BM1b333799.xml
2008-05-03 22:18 . 2004-08-04 03:00 4,224 --a------ C:\WINDOWS\system32\beep.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-12 21:50 --------- d-----w C:\Program Files\Google
2008-05-12 00:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-05-11 19:13 --------- d-----w C:\Program Files\McAfee.com
2008-05-11 19:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com
2008-05-11 18:46 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-09 23:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-05-09 23:22 --------- d-----w C:\Program Files\Common Files\AVSMedia
2008-05-09 22:59 --------- d-----w C:\Program Files\Diablo II
2008-05-07 03:05 --------- d-----w C:\Program Files\DVDXCopy Platinum
2008-05-07 02:07 --------- d-----w C:\Program Files\Real
2008-05-07 02:03 --------- d-----w C:\Program Files\Lavasoft
2008-04-15 00:44 --------- d-----w C:\Documents and Settings\G-Man\Application Data\FrostWire
2008-04-09 01:49 --------- d-----w C:\Program Files\FrostWire
2008-04-08 06:41 --------- d-----w C:\Documents and Settings\G-Man\Application Data\Apple Computer
2008-04-08 06:39 --------- d-----w C:\Program Files\iTunes
2008-04-08 06:39 --------- d-----w C:\Program Files\iPod
2008-04-08 06:37 --------- d-----w C:\Program Files\QuickTime
2008-03-25 05:38 --------- d-----w C:\Documents and Settings\G-Man\Application Data\AdobeUM
2008-03-19 03:27 --------- d-----w C:\Documents and Settings\G-Man\Application Data\MSNInstaller
2008-03-19 03:18 --------- d-----w C:\Program Files\Incomplete
2008-03-14 02:42 --------- d-----w C:\Program Files\MySpace
2008-03-14 02:36 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-14 02:36 --------- d-----w C:\Program Files\Windows Live
2008-03-14 02:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-16 06:48 45,119 ----a-w C:\Documents and Settings\Incomplete\downloads.dat
2007-02-15 02:16 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2007-10-19 05:44 56 --sh--r C:\WINDOWS\system32\4DA19DB265.sys
2007-10-19 05:44 3,036 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 11:28 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 09:24 1694208]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 22:57 395776]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:00 15360]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-02-01 13:32 8699904]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-04-25 06:50 139264]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-14 19:05 344064]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 08:43 57344]
"CTDVDDET"="C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-17 23:00 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 13:50 28672 C:\WINDOWS\system32\CTHELPER.EXE]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-10 23:00 90112]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 14:19 53248]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 14:50 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 14:50 81920]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-05 23:05 127035]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-01-14 11:00 339968]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-13 22:15 29744]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-26 23:02 86016]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 00:46 57344]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-11 22:40 185896]
"DVDtoiPodConverter_upgrade"="C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe" [2007-11-29 02:30 819712]
"iPodConverterSuite_upgrade"="C:\Program Files\E-Zsoft\iPodConverterSuite\iPodConverterSuite.exe" [2007-11-29 01:22 819712]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-16 13:59 4838952]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 11:22 20480]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-02-01 13:32 8699904]

C:\Documents and Settings\G-Man\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1996-11-17 01:00:00 111376]
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1996-11-17 01:00:00 51984]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-07-28 21:18:32 24576]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2006-12-31 13:25:10 118784]
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 09:59:36 806912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"C:\\Unreal Tournament\\System\\UnrealTournament.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Diablo II\\Diablo II.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\FrostWire\\FrostWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:DHCP Discovery Service

R2 StkASSrv;USB2.0 VIDBOX NW01 Service;C:\WINDOWS\System32\StkASv2K.exe [2006-05-24 00:49]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\DNINDIS5.SYS [2003-07-24 13:10]
S3 GoogleDesktopManager-093007-112848;Google Desktop Manager 5.5.709.30344;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-13 22:15]
S3 StkAMini;USB2.0 VIDBOX NW01;C:\WINDOWS\system32\Drivers\StkAMini.sys [2006-07-26 12:24]
S3 StkScan;USB2.0 VIDBOX NW01 Still Image;C:\WINDOWS\system32\Drivers\StkScan.sys [2006-06-27 19:27]

.
Contents of the 'Scheduled Tasks' folder
"2008-05-08 18:14:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-14 00:35:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-05-10 01:30:00 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (1) (US-G-Man).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
"2008-05-10 01:30:00 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (GORDON-G-Man).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
"2008-05-11 19:07:17 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
"2008-05-11 19:07:16 C:\WINDOWS\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-13 17:39:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\COMMON~1\McAfee\RedirSvc\RedirSvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-05-13 17:47:26 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-14 00:47:19

Pre-Run: 36,471,717,888 bytes free
Post-Run: 36,391,747,584 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

334 --- E O F --- 2008-05-12 01:01:04

#6 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 13 May 2008 - 06:55 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:52:26 PM, on 5/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DVDtoiPodConverter_upgrade] "C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe" /upgrade
O4 - HKLM\..\Run: [iPodConverterSuite_upgrade] "C:\Program Files\E-Zsoft\iPodConverterSuite\iPodConverterSuite.exe" /upgrade
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?1e8ce2536a3445edbd876958dda83ee4
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?1e8ce2536a3445edbd876958dda83ee4
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...90/mcinsctl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab47946.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,23/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: curdler - {bd0fc212-0a36-4232-83cc-2063fb9282e0} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: USB2.0 VIDBOX NW01 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe

--
End of file - 13382 bytes

#7 peku006

peku006

    Authentic Member

  • Authentic Member
  • PipPip
  • 40 posts

Posted 14 May 2008 - 11:46 PM

Hello Gordon22

P2P PROGRAMS

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

FrostWire
Azureus
BitDownload
LimeWire

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Also available here.

My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

If you wish to keep them, please do not use them until your computer is cleaned.

1 - Run CFScript

Open Notepad and copy/paste the text in the box into the window:

KILLALL::

File::
C:\WINDOWS\system32\qqsuvriv.exe
C:\found.001
C:\found.000
C:\WINDOWS\system32\sbtvxays.exe
C:\WINDOWS\system32\ehvlaybe.exe
C:\WINDOWS\imsins.BAK
C:\WINDOWS\system32\qtlumnra.exe
C:\WINDOWS\system32\vgqsrmpg.exe
C:\WINDOWS\system32\rlpfufns.exe
C:\WINDOWS\system32\expeoaji.exe
C:\WINDOWS\system32\htfhgica.exe
C:\WINDOWS\BM1b333799.xml
C:\WINDOWS\system32\wmsdkns.exe
Folder::
C:\WINDOWS\msdownld.tmp
C:\Temp
C:\Documents and Settings\All Users\Application Data\Viewpoint

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

2 - Clean temp files

Download and Run ATF Cleaner
Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.

Under Main choose: Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
if you use Firefox: Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
if you use Opera: Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program
[/list]
3 - Malwarebytes' Anti-Malware

  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

4 - Status Check
Please reply with

1. the Malwarebytes' Anti-Malware Log
2. the ComboFix log
3. a fresh HijackThis log

Thanks peku006
MRU Master

Posted Image
Posted Image

#8 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 16 May 2008 - 08:25 AM

Malwarebytes' Anti-Malware 1.12 Database version: 755 Scan type: Full Scan (C:\|) Objects scanned: 128592 Time elapsed: 1 hour(s), 25 minute(s), 30 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 17 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\QooBox\Quarantine\C\WINDOWS\system32\bmaeblek.dll.vir (Trojan.AVKiller) -> No action taken. C:\QooBox\Quarantine\C\WINDOWS\system32\dydsqhrw.dll.vir (Trojan.AVKiller) -> No action taken. C:\QooBox\Quarantine\C\WINDOWS\system32\hgGvVlJy.dll.vir (Trojan.Vundo) -> No action taken. C:\QooBox\Quarantine\C\WINDOWS\system32\kfpesgmk.dll.vir (Trojan.AVKiller) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP706\A0107992.dll (Trojan.Vundo) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115036.exe (Adware.SearchAid) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115037.exe (Adware.Agent) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115039.exe (Adware.SearchAid) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115040.exe (Trojan.Downloader) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115150.exe (Trojan.Downloader) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115153.exe (Adware.SearchAid) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115157.exe (Adware.SearchAid) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115164.exe (Adware.Agent) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115264.dll (Trojan.AVKiller) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115265.dll (Trojan.AVKiller) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115266.dll (Trojan.AVKiller) -> No action taken. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115307.dll (Trojan.Vundo) -> No action taken.

#9 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 16 May 2008 - 08:28 AM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:51:14 AM, on 5/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\vsnpstd3.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\fxssvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\WINDOWS\explorer.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.n...lbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.comcas...ter.comcast.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DVDtoiPodConverter_upgrade] "C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe" /upgrade
O4 - HKLM\..\Run: [iPodConverterSuite_upgrade] "C:\Program Files\E-Zsoft\iPodConverterSuite\iPodConverterSuite.exe" /upgrade
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?1e8ce2536a3445edbd876958dda83ee4
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?1e8ce2536a3445edbd876958dda83ee4
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...90/mcinsctl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab47946.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,23/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: curdler - {bd0fc212-0a36-4232-83cc-2063fb9282e0} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: USB2.0 VIDBOX NW01 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe

--
End of file - 13673 bytes

#10 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 16 May 2008 - 04:38 PM

1st half of the ComboFix Log

ComboFix 08-05-12.1 - G-Man 2008-05-15 19:13:30.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.651 [GMT -7:00]
Running from: C:\Documents and Settings\G-Man\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\G-Man\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\found.000
C:\found.001
C:\WINDOWS\BM1b333799.xml
C:\WINDOWS\imsins.BAK
C:\WINDOWS\system32\ehvlaybe.exe
C:\WINDOWS\system32\expeoaji.exe
C:\WINDOWS\system32\htfhgica.exe
C:\WINDOWS\system32\qqsuvriv.exe
C:\WINDOWS\system32\qtlumnra.exe
C:\WINDOWS\system32\rlpfufns.exe
C:\WINDOWS\system32\sbtvxays.exe
C:\WINDOWS\system32\vgqsrmpg.exe
C:\WINDOWS\system32\wmsdkns.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Temp
C:\Temp\ext18866\install.exe
C:\Temp\ext18866\install.res.dll
C:\WINDOWS\BM1b333799.xml
C:\WINDOWS\imsins.BAK
C:\WINDOWS\msdownld.tmp
C:\WINDOWS\system32\ehvlaybe.exe
C:\WINDOWS\system32\expeoaji.exe
C:\WINDOWS\system32\htfhgica.exe
C:\WINDOWS\system32\qqsuvriv.exe
C:\WINDOWS\system32\qtlumnra.exe
C:\WINDOWS\system32\rlpfufns.exe
C:\WINDOWS\system32\sbtvxays.exe
C:\WINDOWS\system32\vgqsrmpg.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_6TO4
-------\Legacy_CLBDRIVER


((((((((((((((((((((((((( Files Created from 2008-04-16 to 2008-05-16 )))))))))))))))))))))))))))))))
.

2008-05-14 22:13 . 2008-05-14 22:13 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-05-14 22:13 . 2008-05-14 22:13 <DIR> d-------- C:\WINDOWS\system32\en
2008-05-14 22:13 . 2008-05-14 22:13 <DIR> d-------- C:\WINDOWS\system32\bits
2008-05-14 22:13 . 2008-05-14 22:13 <DIR> d-------- C:\WINDOWS\l2schemas
2008-05-14 22:10 . 2008-05-14 22:10 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-14 22:04 . 2008-05-14 22:04 <DIR> d-------- C:\WINDOWS\EHome
2008-05-14 21:59 . 2008-04-13 17:12 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2008-05-14 21:58 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-05-13 16:10 . 2008-05-13 16:10 <DIR> d-------- C:\WINDOWS\ERUNT
2008-05-13 16:06 . 2008-05-13 16:06 <DIR> d--hs---- C:\found.001
2008-05-13 14:58 . 2008-05-13 14:58 <DIR> d--hs---- C:\found.000
2008-05-13 14:41 . 2008-05-13 16:32 <DIR> d-------- C:\SDFix
2008-05-13 14:34 . 2008-05-13 14:34 <DIR> d-------- C:\Documents and Settings\G-Man\Application Data\Uniblue
2008-05-11 22:14 . 2008-05-11 22:14 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\McAfee
2008-05-11 18:29 . 2008-05-11 18:29 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-11 18:26 . 2008-05-11 18:26 <DIR> d-------- C:\Deckard
2008-05-11 17:20 . 2008-05-11 17:20 <DIR> d-------- C:\Documents and Settings\G-Man\Application Data\McAfee
2008-05-11 15:18 . 2008-05-11 15:18 <DIR> d-------- C:\Program Files\Disney
2008-05-11 12:17 . 2008-05-15 00:57 7,082 --a------ C:\WINDOWS\system32\Config.MPF
2008-05-11 12:09 . 2006-03-03 11:07 143,360 --a------ C:\WINDOWS\system32\dunzip32.dll
2008-05-11 12:07 . 2008-02-06 09:51 171,400 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys
2008-05-11 12:07 . 2007-03-02 14:16 109,608 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys
2008-05-11 12:07 . 2007-06-25 14:54 71,496 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys
2008-05-11 12:07 . 2007-06-25 10:57 37,480 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys
2008-05-11 12:07 . 2007-06-25 10:57 34,184 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys
2008-05-11 12:07 . 2007-06-25 10:57 32,008 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys
2008-05-11 12:06 . 2008-05-11 12:13 <DIR> d-------- C:\Program Files\McAfee
2008-05-11 12:06 . 2008-05-11 12:09 <DIR> d-------- C:\Program Files\Common Files\McAfee
2008-05-11 09:35 . 2008-05-11 11:22 <DIR> d-------- C:\Program Files\Common Files\Scanner
2008-05-11 09:35 . 2008-05-11 09:35 <DIR> d-------- C:\Program Files\ComcastToolbar
2008-05-11 09:35 . 2008-05-15 19:00 <DIR> d-------- C:\Documents and Settings\G-Man\Application Data\ComcastToolbar
2008-05-10 18:09 . 2008-05-15 19:22 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-10 18:09 . 2008-05-10 18:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-09 23:55 . 2008-05-09 23:56 <DIR> d-------- C:\System LifeGuard Recycled
2008-05-09 23:55 . 2008-05-09 23:55 <DIR> d-------- C:\System LifeGuard Backups
2008-05-09 23:55 . 2008-05-09 23:55 58,904 --a------ C:\WINDOWS\system32\sldrvmrg.dll
2008-05-09 23:54 . 2008-05-12 14:51 <DIR> d-------- C:\Program Files\System LifeGuard 2
2008-05-09 23:47 . 2008-05-12 14:51 <DIR> d-------- C:\Program Files\PConPoint
2008-05-09 23:19 . 2008-05-10 18:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-09 22:35 . 2008-05-12 14:51 <DIR> d-------- C:\Program Files\PC Doc Pro
2008-05-09 22:11 . 2008-05-09 22:11 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-05-08 16:16 . 2008-05-08 16:16 48,180 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-05-08 11:15 . 2008-05-08 11:15 <DIR> d-------- C:\Program Files\Safari
2008-05-08 11:14 . 2008-05-08 11:14 <DIR> d-------- C:\Program Files\Bonjour
2008-05-08 11:14 . 2008-05-08 11:14 <DIR> d-------- C:\Program Files\Apple Software Update
2008-05-05 21:47 . 2008-05-05 21:47 <DIR> d-------- C:\Program Files\Alwil Software
2008-05-04 22:32 . 2008-05-06 19:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-04 21:31 . 2008-05-04 21:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-03 22:18 . 2004-08-04 03:00 4,224 --a------ C:\WINDOWS\system32\beep.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-15 02:35 --------- d-----w C:\Program Files\Diablo II
2008-05-12 21:50 --------- d-----w C:\Program Files\Google
2008-05-12 00:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-05-11 19:13 --------- d-----w C:\Program Files\McAfee.com
2008-05-11 19:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com
2008-05-11 18:46 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-09 23:22 --------- d-----w C:\Program Files\Common Files\AVSMedia
2008-05-07 03:05 --------- d-----w C:\Program Files\DVDXCopy Platinum
2008-05-07 02:07 --------- d-----w C:\Program Files\Real
2008-05-07 02:03 --------- d-----w C:\Program Files\Lavasoft
2008-04-15 00:44 --------- d-----w C:\Documents and Settings\G-Man\Application Data\FrostWire
2008-04-14 00:13 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 00:13 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 00:13 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 00:13 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 00:11 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:18 52,480 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-13 18:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-13 18:45 60,160 ----a-w C:\WINDOWS\system32\drivers\drmk.sys
2008-04-13 18:44 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys
2008-04-13 18:44 799,744 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-13 18:44 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys
2008-04-13 18:44 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-13 18:43 14,208 ------w C:\WINDOWS\system32\drivers\wacompen.sys
2008-04-13 18:43 12,672 ------w C:\WINDOWS\system32\drivers\mutohpen.sys
2008-04-13 18:41 8,576 ----a-w C:\WINDOWS\system32\drivers\i2omgmt.sys
2008-04-13 18:41 52,352 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-13 18:41 18,560 ----a-w C:\WINDOWS\system32\drivers\i2omp.sys
2008-04-13 18:39 7,552 ----a-w C:\WINDOWS\system32\drivers\mskssrv.sys
2008-04-13 18:39 5,504 ----a-w C:\WINDOWS\system32\drivers\mstee.sys
2008-04-13 18:39 5,376 ----a-w C:\WINDOWS\system32\drivers\mspclock.sys
2008-04-13 18:39 42,368 ----a-w C:\WINDOWS\system32\drivers\mountmgr.sys
2008-04-13 18:39 4,992 ----a-w C:\WINDOWS\system32\drivers\mspqm.sys
2008-04-13 18:39 4,352 ----a-w C:\WINDOWS\system32\drivers\swenum.sys
2008-04-13 18:39 384,768 ----a-w C:\WINDOWS\system32\drivers\update.sys
2008-04-13 18:39 24,576 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-13 18:39 23,040 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-13 18:39 14,592 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-13 18:38 71,168 ----a-w C:\WINDOWS\system32\drivers\dxg.sys
2008-04-13 18:33 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-13 18:32 66,048 ----a-w C:\WINDOWS\system32\drivers\udfs.sys
2008-04-13 18:32 30,848 ----a-w C:\WINDOWS\system32\drivers\npfs.sys
2008-04-13 18:32 196,224 ----a-w C:\WINDOWS\system32\drivers\rdpdr.sys
2008-04-13 18:32 19,072 ----a-w C:\WINDOWS\system32\drivers\msfs.sys
2008-04-13 18:32 180,608 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2008-04-13 18:32 129,792 ----a-w C:\WINDOWS\system32\drivers\fltmgr.sys
2008-04-13 18:31 92,288 ----a-w C:\WINDOWS\system32\drivers\ksecdd.sys
2008-04-13 18:31 42,752 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-13 18:31 37,760 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2007-10-19 05:44 56 --sh--r C:\WINDOWS\system32\4DA19DB265.sys
2007-10-19 05:44 3,036 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-05-13_17.46.59.29 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-04-14 00:11:48 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll
- 2004-08-04 10:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
+ 2008-04-14 00:11:48 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
- 2004-08-04 10:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
+ 2008-04-14 00:11:48 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
- 2004-08-04 10:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
+ 2008-04-14 00:11:48 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
- 2004-08-04 10:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
+ 2008-04-14 00:11:48 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
- 2008-05-14 00:38:13 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-16 02:19:22 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2007-06-13 10:23:07 1,033,216 ----a-w C:\WINDOWS\explorer.exe
+ 2008-04-14 00:12:19 1,033,728 ----a-w C:\WINDOWS\explorer.exe
- 2004-08-04 10:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2008-04-14 00:12:06 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2004-08-04 10:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2008-04-14 00:12:07 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2004-08-04 10:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2008-04-14 00:12:07 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-04-14 00:12:21 10,752 ----a-w C:\WINDOWS\hh.exe
- 2004-08-04 10:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2008-04-14 00:11:58 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2004-08-04 10:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
+ 2008-04-14 00:12:06 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
- 2004-08-04 10:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
- 2004-08-04 10:00:00 250,880 ----a-w C:\WINDOWS\ime\SPTIP.dll
+ 2008-04-14 00:12:06 250,368 ----a-w C:\WINDOWS\ime\sptip.dll
+ 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll
- 2004-08-04 10:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
+ 2008-04-14 00:11:48 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
- 2004-08-04 10:00:00 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
+ 2008-04-14 00:11:48 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
- 2006-10-12 14:02:52 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2008-04-14 00:11:48 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2007-03-09 13:46:24 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2008-04-14 00:11:48 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-04 10:00:00 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
+ 2008-04-14 00:11:48 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
- 2004-08-04 10:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
+ 2008-04-14 00:11:48 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
- 2004-08-04 10:00:00 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
+ 2008-04-14 00:11:48 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
- 2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2008-04-14 00:12:12 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-04 10:00:00 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
+ 2008-04-14 00:11:49 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
- 2004-08-04 10:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
- 2004-08-04 10:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
- 2004-08-04 10:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
- 2004-08-04 10:00:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
+ 2008-04-14 00:12:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
- 2006-06-03 11:40:49 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2008-04-14 00:11:51 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
- 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
+ 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2004-08-04 10:00:00 69,120 ----a-w C:\WINDOWS\NOTEPAD.EXE
+ 2008-04-14 00:12:29 69,120 ----a-w C:\WINDOWS\notepad.exe
- 2004-08-04 10:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 00:12:21 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-04 10:00:00 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 00:12:21 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 00:12:21 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-04 10:00:00 158,208 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 00:12:27 169,984 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-04 10:00:00 376,320 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 00:11:59 376,832 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-04 10:00:00 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 00:12:02 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-04 10:00:00 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 00:12:02 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
- 2005-07-29 04:12:05 78,963 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
+ 2008-05-15 05:16:51 78,963 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
- 2005-07-29 04:12:05 4,374 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-05-15 05:16:51 4,744 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-04 10:00:00 150,528 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 00:12:38 150,528 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-04 10:00:00 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
+ 2008-04-14 00:12:06 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
- 2004-08-04 10:00:00 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
+ 2008-04-14 00:12:06 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
- 2004-08-04 10:00:00 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
+ 2008-04-14 00:12:06 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
- 2004-08-04 10:00:00 146,432 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-14 00:12:32 146,432 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys
+ 2008-04-14 00:11:48 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll
+ 2004-08-04 05:32:22 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-04 05:32:32 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 00:11:48 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 00:12:11 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 00:11:48 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 00:11:48 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 00:11:48 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 00:11:48 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll
+ 2008-04-13 18:36:35 187,776 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 00:11:48 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 00:11:48 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 00:12:12 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 00:11:48 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 00:11:48 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 00:11:48 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\admin.dll
+ 2008-04-14 00:12:12 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe
+ 2004-08-04 05:32:24 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 00:11:48 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 00:11:48 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 00:11:48 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 00:11:48 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 00:11:48 263,680 ------w C:\WINDOWS\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 00:11:48 4,255 ------w C:\WINDOWS\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w C:\WINDOWS\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w C:\WINDOWS\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w C:\WINDOWS\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w C:\WINDOWS\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w C:\WINDOWS\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w C:\WINDOWS\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 00:11:48 617,472 ------w C:\WINDOWS\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 00:11:48 99,840 ------w C:\WINDOWS\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w C:\WINDOWS\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w C:\WINDOWS\ServicePackFiles\i386\afd.sys
+ 2008-04-14 00:11:48 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 00:11:48 214,016 ------w C:\WINDOWS\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 00:11:48 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 00:11:48 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 00:11:48 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 00:11:48 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 00:11:48 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 00:12:12 256,512 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w C:\WINDOWS\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 00:11:49 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 00:12:12 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 00:12:12 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38 42,752 ------w C:\WINDOWS\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 00:11:49 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\amdagp.sys
+ 2008-04-13 18:31:32 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\amdk6.sys
+ 2008-04-13 18:31:33 37,760 ------w C:\WINDOWS\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 00:11:49 70,656 ------w C:\WINDOWS\ServicePackFiles\i386\amstream.dll
+ 2004-08-04 05:31:20 36,224 ------w C:\WINDOWS\ServicePackFiles\i386\an983.sys
+ 2008-04-14 00:11:49 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 00:11:49 331,264 ------w C:\WINDOWS\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 00:11:49 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 00:12:12 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30 96,512 ------w C:\WINDOWS\ServicePackFiles\i386\atapi.sys
+ 2004-08-04 05:29:30 56,623 ------w C:\WINDOWS\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-04 05:29:30 11,615 ------w C:\WINDOWS\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-04 05:29:30 12,047 ------w C:\WINDOWS\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-04 05:29:32 30,671 ------w C:\WINDOWS\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-04 05:29:32 63,663 ------w C:\WINDOWS\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-04 05:29:32 26,367 ------w C:\WINDOWS\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-04 05:29:32 21,343 ------w C:\WINDOWS\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-04 05:29:32 36,463 ------w C:\WINDOWS\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-04 05:29:32 29,455 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-04 05:29:32 34,735 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 00:11:49 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 00:11:49 377,984 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 00:11:49 201,728 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-04 05:29:28 327,040 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-04 05:29:28 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 00:11:49 870,784 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 00:11:49 1,057,760 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 00:11:50 1,888,992 ------w C:\WINDOWS\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-04 05:29:28 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-04 05:29:30 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-04 05:29:30 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-04 05:29:30 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-04 05:29:32 104,960 ------w C:\WINDOWS\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-04 05:29:32 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-04 05:29:32 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-04 05:29:32 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-04 05:29:32 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-04 05:29:32 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 00:11:50 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 00:11:50 516,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 00:11:50 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\atl.dll
+ 2008-04-14 00:12:12 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 00:09:01 285,696 ------w C:\WINDOWS\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 00:11:50 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 00:12:12 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 00:11:50 21,183 ------w C:\WINDOWS\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w C:\WINDOWS\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w C:\WINDOWS\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w C:\WINDOWS\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w C:\WINDOWS\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 00:11:50 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 00:12:12 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 00:11:50 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\author.dll
+ 2008-04-14 00:12:12 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\author.exe
+ 2008-04-14 00:11:50 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\authz.dll
+ 2008-04-14 00:12:12 588,800 ------w C:\WINDOWS\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 00:12:12 602,624 ------w C:\WINDOWS\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 00:12:13 580,608 ------w C:\WINDOWS\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 00:12:13 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07 13,696 ------w C:\WINDOWS\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 00:11:50 84,992 ------w C:\WINDOWS\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 00:11:50 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 00:11:50 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 00:11:50 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 00:11:50 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 00:11:50 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 00:11:50 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 00:12:13 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\blastcln.exe
+ 2008-04-13 18:53:23 71,552 ------w C:\WINDOWS\ServicePackFiles\i386\bridge.sys
+ 2008-04-13 17:03:24 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 00:11:50 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\browser.dll
+ 2008-04-14 00:11:50 1,025,024 ------w C:\WINDOWS\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 00:11:50 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 00:11:50 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w C:\WINDOWS\ServicePackFiles\i386\bthpan.sys
+ 2008-04-13 18:46:32 273,024 ------w C:\WINDOWS\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w C:\WINDOWS\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 00:11:50 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 00:11:50 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 00:11:50 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 00:11:50 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 00:11:50 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 00:12:13 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 00:11:50 385,024 ------w C:\WINDOWS\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 00:11:50 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 00:11:50 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 00:11:50 150,016 ------w C:\WINDOWS\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 00:11:50 226,304 ------w C:\WINDOWS\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 00:11:50 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 00:11:50 625,664 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21 63,744 ------w C:\WINDOWS\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 00:11:50 151,040 ------w C:\WINDOWS\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 00:11:50 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 00:11:50 2,091,520 ------w C:\WINDOWS\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 00:11:50 194,560 ------w C:\WINDOWS\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 00:11:50 457,728 ------w C:\WINDOWS\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 00:11:50 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 00:09:05 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 00:12:14 188,480 ------w C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 00:11:50 15,423 ------w C:\WINDOWS\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\changer.sys
+ 2008-04-14 00:11:50 148,480 ------w C:\WINDOWS\ServicePackFiles\i386\cic.dll
+ 2008-04-14 00:11:50 1,358,848 ------w C:\WINDOWS\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 00:11:50 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 00:12:14 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22 49,536 ------w C:\WINDOWS\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 00:11:50 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 00:11:50 498,688 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 00:12:14 64,000 ------w C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 00:11:50 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 00:12:14 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 00:12:14 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 00:12:14 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 00:11:50 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37 13,952 ------w C:\WINDOWS\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 00:11:50 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 00:12:14 389,120 ------w C:\WINDOWS\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 00:11:50 344,064 ------w C:\WINDOWS\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 00:12:14 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 00:12:15 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 00:11:50 185,344 ------w C:\WINDOWS\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 00:11:50 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 00:12:15 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 00:11:50 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 00:11:50 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 00:11:50 79,360 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 00:11:51 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 00:11:51 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 00:11:51 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 00:11:51 617,472 ------w C:\WINDOWS\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 00:11:51 276,992 ------w C:\WINDOWS\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 00:11:51 252,928 ------w C:\WINDOWS\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 00:11:51 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 00:11:51 97,792 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 00:12:15 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 00:12:15 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 00:11:51 792,064 ------w C:\WINDOWS\ServicePackFiles\i386\comres.dll
+ 2008-04-14 00:11:51 274,944 ------w C:\WINDOWS\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 00:11:51 167,424 ------w C:\WINDOWS\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 00:11:51 1,267,200 ------w C:\WINDOWS\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 00:11:51 539,648 ------w C:\WINDOWS\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 00:12:15 1,032,192 ------w C:\WINDOWS\ServicePackFiles\i386\conf.exe
+ 2008-04-14 00:11:51 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 00:11:51 357,888 ------w C:\WINDOWS\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 00:12:15 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\conime.exe
+ 2008-04-14 00:11:51 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 00:11:51 163,840 ------w C:\WINDOWS\ServicePackFiles\i386\credui.dll
+ 2008-04-13 18:31:32 36,736 ------w C:\WINDOWS\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 00:11:51 599,040 ------w C:\WINDOWS\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 00:11:51 74,752 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 00:11:51 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 00:11:51 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 00:11:51 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 00:11:51 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 00:11:51 512,512 ------w C:\WINDOWS\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 00:11:51 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 00:12:15 139,264 ------w C:\WINDOWS\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 00:11:51 326,656 ------w C:\WINDOWS\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 00:11:51 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 00:12:15 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 00:12:16 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 00:11:51 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 00:11:51 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\custsat.dll
+ 2004-08-04 05:32:26 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 00:11:51 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 00:11:51 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 00:11:51 1,689,088 ------w C:\WINDOWS\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 00:11:51 824,320 ------w C:\WINDOWS\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 00:11:51 1,054,208 ------w C:\WINDOWS\ServicePackFiles\i386\danim.dll
+ 2008-03-25 04:50:25 554,008 ------w C:\WINDOWS\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 00:11:51 54,272 ------w C:\WINDOWS\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 00:11:51 165,376 ------w C:\WINDOWS\ServicePackFiles\i386\datime.dll
+ 2008-04-14 00:11:51 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\davclnt.dll
+ 2008-04-14 00:11:51 640,000 ------w C:\WINDOWS\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 00:11:51 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\dbmsrpcn.dll
+ 2008-04-14 00:11:51 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 00:11:51 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dbnmpntw.dll
+ 2008-04-14 00:25:26 1,804 ------w C:\WINDOWS\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:11:51 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\dcap32.dll
+ 2008-04-14 00:11:51 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 00:12:16 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 00:12:16 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 00:11:51 279,552 ------w C:\WINDOWS\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 00:11:51 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\ddrawex.dll
+ 2008-04-14 00:12:16 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 00:11:51 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\devenum.dll
+ 2008-04-14 00:11:51 282,624 ------w C:\WINDOWS\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 00:12:16 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 00:12:16 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 00:11:51 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgsnap.dll
+ 2008-04-14 00:11:51 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 00:11:51 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dfsshlex.dll
+ 2008-04-14 00:11:51 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 00:11:51 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 00:11:52 379,904 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpqec.dll
+ 2008-04-14 00:12:17 539,136 ------w C:\WINDOWS\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 00:12:17 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\diantz.exe
+ 2004-08-04 10:00:00 884,712 ------w C:\WINDOWS\ServicePackFiles\i386\digcore.exe
+ 2008-04-14 00:11:52 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dimsroam.dll
+ 2008-04-14 00:11:52 158,720 ------w C:\WINDOWS\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 00:11:52 181,760 ------w C:\WINDOWS\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 00:11:52 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\directdb.dll
+ 2008-04-13 18:40:47 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\disk.sys
+ 2008-04-14 00:11:52 1,504,256 ------w C:\WINDOWS\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-13 18:40:44 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\diskdump.sys
+ 2008-04-14 00:12:17 163,840 ------w C:\WINDOWS\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 00:11:52 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\dispex.dll
+ 2008-04-14 00:12:17 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\dllhost.exe
+ 2008-04-13 18:40:51 8,320 ------w C:\WINDOWS\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 00:12:17 224,768 ------w C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 00:11:52 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dmband.dll
+ 2008-04-13 18:44:48 799,744 ------w C:\WINDOWS\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 00:11:52 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\dmcompos.dll
+ 2008-04-14 00:11:52 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 00:11:52 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 00:11:52 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dmime.dll
+ 2008-04-13 18:44:46 153,344 ------w C:\WINDOWS\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 00:11:52 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\dmloader.dll
+ 2008-04-14 00:12:17 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 00:11:52 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\dmscript.dll
+ 2008-04-14 00:11:52 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\dmserver.dll
+ 2008-04-14 00:11:52 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 00:11:52 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 00:11:52 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.dll
+ 2008-04-13 18:45:01 52,864 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.sys
+ 2008-04-14 00:11:52 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\dmutil.dll
+ 2008-04-14 00:11:52 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 00:11:52 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\dnsrslvr.dll
+ 2008-04-14 00:11:52 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\docprop2.dll
+ 2004-08-04 10:00:00 53,840 ------w C:\WINDOWS\ServicePackFiles\i386\dosx.exe
+ 2008-04-14 00:11:52 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\dot3cfg.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dot3clnt.dll
+ 2008-04-14 00:11:52 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-14 00:11:52 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w C:\WINDOWS\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-13 18:39:46 206,976 ------w C:\WINDOWS\ServicePackFiles\i386\dot4.sys
+ 2008-04-13 21:00:49 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-14 00:12:17 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 00:11:52 229,888 ------w C:\WINDOWS\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 00:11:52 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 00:09:19 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 00:11:52 375,296 ------w C:\WINDOWS\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 00:11:52 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhpast.dll
+ 2008-04-14 00:11:52 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhupnp.dll
+ 2008-04-14 00:09:20 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 00:12:17 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 00:11:52 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\dpvacm.dll
+ 2008-04-14 00:11:52 212,480 ------w C:\WINDOWS\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 00:12:18 83,456 ------w C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 00:11:52 116,736 ------w C:\WINDOWS\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 00:11:52 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\dpwsockx.dll
+ 2008-04-13 18:45:14 60,160 ------w C:\WINDOWS\ServicePackFiles\i386\drmk.sys
+ 2008-04-13 18:45:13 2,944 ------w C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 00:11:52 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\drprov.dll
+ 2004-08-04 10:00:00 4,656 ------w C:\WINDOWS\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-14 00:11:52 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ds32gt.dll
+ 2008-04-14 00:11:52 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dsdmo.dll
+ 2008-04-14 00:11:52 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\dsdmoprp.dll
+ 2008-04-14 00:11:52 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\dskquota.dll
+ 2008-04-14 00:11:52 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\dskquoui.dll
+ 2008-04-14 00:11:52 367,616 ------w C:\WINDOWS\ServicePackFiles\i386\dsound.dll
+ 2008-04-14 00:11:52 1,293,824 ------w C:\WINDOWS\ServicePackFiles\i386\dsound3d.dll
+ 2008-04-14 00:11:52 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\dsprop.dll
+ 2008-04-13 17:09:30 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\dsprpres.dll
+ 2008-04-14 00:11:52 239,104 ------w C:\WINDOWS\ServicePackFiles\i386\dsquery.dll
+ 2008-04-14 00:11:52 51,200 ------w C:\WINDOWS\ServicePackFiles\i386\dssec.dll
+ 2008-04-13 17:37:57 138,752 ------w C:\WINDOWS\ServicePackFiles\i386\dssenh.dll
+ 2008-04-14 00:11:52 113,152 ------w C:\WINDOWS\ServicePackFiles\i386\dsuiext.dll
+ 2008-04-14 00:11:52 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dswave.dll
+ 2008-04-14 00:12:18 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\dumprep.exe
+ 2008-04-14 00:11:52 304,128 ------w C:\WINDOWS\ServicePackFiles\i386\duser.dll
+ 2008-04-14 00:12:18 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe
+ 2008-04-14 00:12:18 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\dwwin.exe
+ 2008-04-14 00:11:52 619,008 ------w C:\WINDOWS\ServicePackFiles\i386\dx7vb.dll
+ 2008-04-14 00:11:52 1,227,264 ------w C:\WINDOWS\ServicePackFiles\i386\dx8vb.dll
+ 2008-04-14 00:12:18 1,298,432 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe
+ 2008-04-14 00:11:52 2,113,536 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiagn.dll
+ 2008-04-13 18:38:29 71,168 ------w C:\WINDOWS\ServicePackFiles\i386\dxg.sys
+ 2008-04-14 00:11:52 357,888 ------w C:\WINDOWS\ServicePackFiles\i386\dxtmsft.dll
+ 2008-04-14 00:11:52 205,312 ------w C:\WINDOWS\ServicePackFiles\i386\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w C:\WINDOWS\ServicePackFiles\i386\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\eapsvc.dll
+ 2008-04-14 00:11:52 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\ediskeer.dll
+ 2008-04-14 00:11:53 183,296 ------w C:\WINDOWS\ServicePackFiles\i386\els.dll
+ 2008-04-14 00:11:53 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\encapi.dll
+ 2008-04-14 00:11:53 186,880 ------w C:\WINDOWS\ServicePackFiles\i386\encdec.dll
+ 2008-04-13 16:26:02 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\ep9res.dll
+ 2004-07-17 18:39:36 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\epcl5res.dll
+ 2008-04-14 00:11:53 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\ersvc.dll
+ 2008-04-14 00:11:53 246,272 ------w C:\WINDOWS\ServicePackFiles\i386\es.dll
+ 2008-04-14 00:11:53 1,082,368 ------w C:\WINDOWS\ServicePackFiles\i386\esent.dll
+ 2008-04-14 00:11:53 247,808 ------w C:\WINDOWS\ServicePackFiles\i386\esscli.dll
+ 2004-08-04 05:32:28 137,088 ------w C:\WINDOWS\ServicePackFiles\i386\essm2e.sys
+ 2008-04-14 00:12:19 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe
+ 2008-04-14 00:11:53 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
+ 2008-04-14 00:11:53 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\evntagnt.dll
+ 2008-04-14 00:12:19 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe
+ 2008-04-14 00:11:53 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\evntrprv.dll
+ 2008-04-14 00:12:19 92,160 ------w C:\WINDOWS\ServicePackFiles\i386\evntwin.exe
+ 2008-04-14 00:12:19 1,033,728 ------w C:\WINDOWS\ServicePackFiles\i386\explorer.exe
+ 2008-04-14 00:11:53 380,445 ------w C:\WINDOWS\ServicePackFiles\i386\expsrv.dll
+ 2008-04-14 00:11:53 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\extmgr.dll
+ 2008-04-14 00:12:19 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\extrac32.exe
+ 2008-04-14 00:11:53 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\exts.dll
+ 2008-04-14 00:09:30 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\f3ahvoas.dll
+ 2008-04-13 19:14:29 143,744 ------w C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
+ 2008-04-14 00:11:53 472,064 ------w C:\WINDOWS\ServicePackFiles\i386\fastprox.dll
+ 2008-04-14 00:11:53 80,384 ------w C:\WINDOWS\ServicePackFiles\i386\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe
+ 2008-04-13 18:40:25 27,392 ------w C:\WINDOWS\ServicePackFiles\i386\fdc.sys
+ 2008-04-14 00:11:53 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\feclient.dll
+ 2008-04-14 00:11:53 337,920 ------w C:\WINDOWS\ServicePackFiles\i386\filemgmt.dll
+ 2008-04-14 00:12:20 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\findstr.exe
+ 2008-04-13 18:33:28 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\fips.sys
+ 2008-04-14 00:11:53 87,552 ------w C:\WINDOWS\ServicePackFiles\i386\fldrclnr.dll
+ 2008-04-13 18:40:25 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\flpydisk.sys
+ 2008-04-14 00:11:53 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\fltlib.dll
+ 2008-04-14 00:12:20 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\fltmc.exe
+ 2008-04-13 18:32:59 129,792 ------w C:\WINDOWS\ServicePackFiles\i386\fltmgr.sys
+ 2008-04-14 00:11:53 382,976 ------w C:\WINDOWS\ServicePackFiles\i386\fontext.dll
+ 2008-04-14 00:11:53 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\fontsub.dll
+ 2008-04-14 00:12:20 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\fontview.exe
+ 2008-04-14 00:12:20 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\forcedos.exe
+ 2004-08-04 05:31:24 34,173 ------w C:\WINDOWS\ServicePackFiles\i386\forehe.sys
+ 2008-04-14 00:12:42 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\format.com
+ 2008-04-14 00:11:53 32,828 ------w C:\WINDOWS\ServicePackFiles\i386\fp40ext.dll
+ 2008-04-14 00:11:53 184,435 ------w C:\WINDOWS\ServicePackFiles\i386\fp4amsft.dll
+ 2008-04-14 00:11:53 82,035 ------w C:\WINDOWS\ServicePackFiles\i386\fp4anscp.dll
+ 2008-04-14 00:11:53 147,513 ------w C:\WINDOWS\ServicePackFiles\i386\fp4apws.dll
+ 2008-04-14 00:11:53 49,210 ------w C:\WINDOWS\ServicePackFiles\i386\fp4areg.dll
+ 2008-04-14 00:11:53 102,509 ------w C:\WINDOWS\ServicePackFiles\i386\fp4atxt.dll
+ 2008-04-14 00:11:53 618,605 ------w C:\WINDOWS\ServicePackFiles\i386\fp4autl.dll
+ 2008-04-14 00:11:53 41,020 ------w C:\WINDOWS\ServicePackFiles\i386\fp4avnb.dll
+ 2008-04-14 00:11:53 32,826 ------w C:\WINDOWS\ServicePackFiles\i386\fp4avss.dll
+ 2008-04-14 00:11:53 49,212 ------w C:\WINDOWS\ServicePackFiles\i386\fp4awebs.dll
+ 2008-04-14 00:11:53 876,653 ------w C:\WINDOWS\ServicePackFiles\i386\fp4awel.dll
+ 2008-04-14 00:12:20 15,120 ------w C:\WINDOWS\ServicePackFiles\i386\fp98sadm.exe
+ 2008-04-14 00:12:20 109,840 ------w C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe
+ 2008-04-14 00:12:20 24,632 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe
+ 2008-04-14 00:11:53 20,541 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmdll.dll
+ 2008-04-14 00:12:20 188,494 ------w C:\WINDOWS\ServicePackFiles\i386\fpcount.exe
+ 2008-04-14 00:11:53 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\fpencode.dll
+ 2008-04-14 00:11:53 20,541 ------w C:\WINDOWS\ServicePackFiles\i386\fpexedll.dll
+ 2008-04-14 00:11:53 598,071 ------w C:\WINDOWS\ServicePackFiles\i386\fpmmc.dll
+ 2007-04-02 16:36:04 208,896 ------w C:\WINDOWS\ServicePackFiles\i386\fpmmcsat.dll
+ 2008-04-14 00:12:20 20,538 ------w C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe
+ 2008-04-14 00:12:20 28,728 ------w C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe
+ 2008-04-14 00:09:33 9,344 ------w C:\WINDOWS\ServicePackFiles\i386\framebuf.dll
+ 2008-04-14 00:11:53 185,344 ------w C:\WINDOWS\ServicePackFiles\i386\framedyn.dll
+ 2008-04-14 00:12:20 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\fsquirt.exe
+ 2008-04-14 00:12:20 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\ftp.exe
+ 2008-04-14 00:11:53 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\fwcfg.dll
+ 2008-04-14 00:11:53 451,584 ------w C:\WINDOWS\ServicePackFiles\i386\fxsapi.dll
+ 2008-04-14 00:12:21 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe
+ 2008-04-14 00:11:54 72,192 ------w C:\WINDOWS\ServicePackFiles\i386\fxscom.dll
+ 2008-04-14 00:11:54 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\fxscomex.dll
+ 2008-04-14 00:12:21 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\fxscover.exe
+ 2008-04-14 00:11:54 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\fxsdrv.dll
+ 2008-04-14 00:11:54 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\fxsevent.dll
+ 2008-04-14 00:11:54 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\fxsmon.dll
+ 2008-04-14 00:11:54 132,608 ------w C:\WINDOWS\ServicePackFiles\i386\fxsocm.dll
+ 2008-04-14 00:11:54 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\fxsperf.dll
+ 2008-04-14 00:09:33 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\fxsres.dll
+ 2008-04-14 00:11:54 562,176 ------w C:\WINDOWS\ServicePackFiles\i386\fxsst.dll
+ 2008-04-14 00:12:21 267,776 ------w C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe
+ 2008-04-14 00:11:54 246,272 ------w C:\WINDOWS\ServicePackFiles\i386\fxst30.dll
+ 2008-04-14 00:11:54 397,312 ------w C:\WINDOWS\ServicePackFiles\i386\fxstiff.dll
+ 2008-04-14 00:11:54 154,112 ------w C:\WINDOWS\ServicePackFiles\i386\fxsui.dll
+ 2008-04-14 00:11:54 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\fxswzrd.dll
+ 2008-04-14 00:11:54 400,384 ------w C:\WINDOWS\ServicePackFiles\i386\fxsxp32.dll
+ 2008-04-13 18:36:40 46,464 ------w C:\WINDOWS\ServicePackFiles\i386\gagp30kx.sys
+ 2008-04-13 18:45:29 10,624 ------w C:\WINDOWS\ServicePackFiles\i386\gameenum.sys
+ 2008-04-13 18:45:32 59,136 ------w C:\WINDOWS\ServicePackFiles\i386\gckernel.sys
+ 2008-04-14 00:11:54 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\gdi32.dll
+ 2008-04-14 00:11:54 122,880 ------w C:\WINDOWS\ServicePackFiles\i386\glu32.dll
+ 2004-08-04 10:00:00 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\gpkcsp.dll
+ 2006-12-31 01:26:44 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\gpkrsrc.dll
+ 2008-04-14 00:12:21 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\grpconv.exe
+ 2008-04-13 18:40:21 28,288 ------w C:\WINDOWS\ServicePackFiles\i386\grserial.sys
+ 2008-04-14 00:11:54 133,120 ------w C:\WINDOWS\ServicePackFiles\i386\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w C:\WINDOWS\ServicePackFiles\i386\guitrna.dll
+ 2008-04-14 00:11:54 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\h323cc.dll
+ 2008-04-14 00:11:54 614,912 ------w C:\WINDOWS\ServicePackFiles\i386\h323msp.dll
+ 2008-04-13 18:31:32 105,344 ------w C:\WINDOWS\ServicePackFiles\i386\hal.dll
+ 2008-04-13 18:31:28 131,840 ------w C:\WINDOWS\ServicePackFiles\i386\halaacpi.dll
+ 2008-04-13 18:31:27 81,152 ------w C:\WINDOWS\ServicePackFiles\i386\halacpi.dll
+ 2008-04-13 18:31:28 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\halapic.dll
+ 2008-04-13 18:31:28 134,400 ------w C:\WINDOWS\ServicePackFiles\i386\halmacpi.dll
+ 2008-04-13 18:31:32 152,576 ------w C:\WINDOWS\ServicePackFiles\i386\halmps.dll
+ 2008-04-13 18:31:31 77,696 ------w C:\WINDOWS\ServicePackFiles\i386\halsp.dll
+ 2008-04-14 00:11:54 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\hccoin.dll
+ 2008-04-13 16:36:05 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\hdaudbus.sys
+ 2008-04-14 00:12:21 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\help.exe
+ 2008-04-14 00:12:21 769,024 ------w C:\WINDOWS\ServicePackFiles\i386\helpctr.exe
+ 2008-04-14 00:12:21 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe
+ 2008-04-14 00:12:21 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\hh.exe
+ 2008-04-14 00:11:54 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\hhsetup.dll
+ 2008-04-14 00:11:54 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\hid.dll
+ 2008-04-13 18:36:38 20,352 ------w C:\WINDOWS\ServicePackFiles\i386\hidbatt.sys
+ 2008-04-13 18:46:30 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\hidbth.sys
+ 2008-04-13 18:45:26 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\hidclass.sys
+ 2008-04-13 18:45:26 19,200 ------w C:\WINDOWS\ServicePackFiles\i386\hidir.sys
+ 2008-04-13 18:45:22 24,960 ------w C:\WINDOWS\ServicePackFiles\i386\hidparse.sys
+ 2008-04-14 00:11:54 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\hidserv.dll
+ 2008-04-13 18:45:27 10,368 ------w C:\WINDOWS\ServicePackFiles\i386\hidusb.sys
+ 2008-04-14 00:11:54 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\hlink.dll
+ 2008-04-14 00:11:54 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\hmmapi.dll
+ 2008-04-14 00:11:54 344,064 ------w C:\WINDOWS\ServicePackFiles\i386\hnetcfg.dll
+ 2008-04-14 00:11:54 330,752 ------w C:\WINDOWS\ServicePackFiles\i386\hnetwiz.dll
+ 2008-04-14 00:11:54 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\hostmib.dll
+ 2008-04-14 00:11:54 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\hotplug.dll
+ 2008-04-14 00:11:54 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\hpcjrr.dll
+ 2008-04-14 00:11:54 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\hpcjrrps.dll
+ 2008-04-14 00:11:54 87,552 ------w C:\WINDOWS\ServicePackFiles\i386\hpfud50.dll
+ 2008-04-14 00:12:21 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\hscupd.exe
+ 2004-08-04 05:41:48 220,032 ------w C:\WINDOWS\ServicePackFiles\i386\hsfbs2s2.sys
+ 2008-04-14 00:11:54 32,285 ------w C:\WINDOWS\ServicePackFiles\i386\hsfcisp2.dll
+ 2004-08-04 05:41:50 685,056 ------w C:\WINDOWS\ServicePackFiles\i386\hsfcxts2.sys
+ 2004-08-04 05:41:56 1,041,536 ------w C:\WINDOWS\ServicePackFiles\i386\hsfdpsp2.sys
+ 2008-04-13 18:53:53 264,832 ------w C:\WINDOWS\ServicePackFiles\i386\http.sys
+ 2008-04-14 00:11:54 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\httpapi.dll
+ 2008-04-14 00:11:54 41,984 ------w C:\WINDOWS\ServicePackFiles\i386\htui.dll
+ 2008-04-14 00:11:54 347,136 ------w C:\WINDOWS\ServicePackFiles\i386\hypertrm.dll
+ 2008-04-13 18:41:22 8,576 ------w C:\WINDOWS\ServicePackFiles\i386\i2omgmt.sys
+ 2008-04-13 18:41:22 18,560 ------w C:\WINDOWS\ServicePackFiles\i386\i2omp.sys
+ 2008-04-13 19:18:00 52,480 ------w C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
+ 2008-04-14 00:11:54 702,845 ------w C:\WINDOWS\ServicePackFiles\i386\i81xdnt5.dll
+ 2004-08-04 05:29:38 161,020 ------w C:\WINDOWS\ServicePackFiles\i386\i81xnt5.sys
+ 2008-04-14 00:11:54 119,808 ------w C:\WINDOWS\ServicePackFiles\i386\iasrad.dll
+ 2008-04-14 00:11:54 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\icaapi.dll
+ 2008-04-14 00:11:54 80,384 ------w C:\WINDOWS\ServicePackFiles\i386\iccvid.dll
+ 2008-04-14 00:11:54 254,976 ------w C:\WINDOWS\ServicePackFiles\i386\icm32.dll
+ 2008-04-14 00:09:40 3,584 ------w C:\WINDOWS\ServicePackFiles\i386\icmp.dll
+ 2008-04-13 16:44:29 2,560 ------w C:\WINDOWS\ServicePackFiles\i386\iconlib.dll
+ 2008-04-14 00:11:54 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn.dll
+ 2008-04-14 00:12:22 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn1.exe
+ 2008-04-14 00:12:22 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe
+ 2008-04-14 00:11:54 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\icwdial.dll
+ 2008-04-14 00:11:54 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\icwdl.dll
+ 2008-04-14 00:11:54 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\icwhelp.dll
+ 2008-04-14 00:11:54 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\icwphbk.dll
+ 2008-04-14 00:12:22 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\icwrmind.exe
+ 2008-04-14 00:11:54 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\icwutil.dll
+ 2008-04-14 00:11:54 120,832 ------w C:\WINDOWS\ServicePackFiles\i386\idq.dll
+ 2008-04-14 00:12:22 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe
+ 2008-04-14 00:11:54 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\ieakeng.dll
+ 2008-04-14 00:11:54 216,576 ------w C:\WINDOWS\ServicePackFiles\i386\ieaksie.dll
+ 2008-04-14 00:11:54 323,584 ------w C:\WINDOWS\ServicePackFiles\i386\iedkcs32.dll
+ 2008-04-14 00:12:22 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\iedw.exe
+ 2008-04-14 00:11:54 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\ieencode.dll
+ 2008-04-14 00:11:54 251,904 ------w C:\WINDOWS\ServicePackFiles\i386\iepeers.dll
+ 2008-04-14 00:11:54 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\iernonce.dll
+ 2008-04-14 00:11:54 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\iesetup.dll
+ 2008-04-14 00:12:22 93,184 ------w C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
+ 2008-04-14 00:12:22 114,688 ------w C:\WINDOWS\ServicePackFiles\i386\iexpress.exe
+ 2008-04-14 00:11:54 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\ifmon.dll
+ 2008-04-14 00:11:54 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\igmpagnt.dll
+ 2008-04-14 00:11:54 505,344 ------w C:\WINDOWS\ServicePackFiles\i386\iis.dll
+ 2008-04-14 00:11:54 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\ils.dll
+ 2008-04-14 00:11:54 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\imagehlp.dll
+ 2008-04-14 00:12:22 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\imapi.exe
+ 2008-04-13 18:40:58 42,112 ------w C:\WINDOWS\ServicePackFiles\i386\imapi.sys
+ 2008-04-14 00:11:54 36,921 ------w C:\WINDOWS\ServicePackFiles\i386\imeshare.dll
+ 2008-04-14 00:11:54 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\imgutil.dll
+ 2008-04-14 00:11:54 110,080 ------w C:\WINDOWS\ServicePackFiles\i386\imm32.dll
+ 2008-04-14 00:11:54 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\imsinsnt.dll
+ 2008-04-14 00:11:54 274,432 ------w C:\WINDOWS\ServicePackFiles\i386\inetcfg.dll
+ 2008-04-14 00:11:54 691,712 ------w C:\WINDOWS\ServicePackFiles\i386\inetcomm.dll
+ 2008-04-14 00:11:55 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\inetmib1.dll
+ 2008-04-14 00:11:55 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\inetpp.dll
+ 2008-04-14 00:11:55 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\inetppui.dll
+ 2008-04-13 16:22:12 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\inetres.dll
+ 2008-04-14 00:12:22 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe
+ 2008-04-14 00:11:55 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\initpki.dll
+ 2008-04-14 00:11:55 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\input.dll
+ 2008-04-14 00:11:55 96,256 ------w C:\WINDOWS\ServicePackFiles\i386\inseng.dll
+ 2008-04-13 18:40:29 5,504 ------w C:\WINDOWS\ServicePackFiles\i386\intelide.sys
+ 2008-04-13 18:31:32 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\intelppm.sys
+ 2008-04-13 18:53:34 36,608 ------w C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys
+ 2008-04-14 00:12:22 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe
+ 2008-04-14 00:09:30 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\ipevldpc.dll
+ 2008-04-14 00:09:23 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ipevlpid.dll
+ 2008-04-14 00:11:55 94,720 ------w C:\WINDOWS\ServicePackFiles\i386\iphlpapi.dll
+ 2008-04-13 18:57:07 20,864 ------w C:\WINDOWS\ServicePackFiles\i386\ipinip.sys
+ 2008-04-14 00:11:55 161,280 ------w C:\WINDOWS\ServicePackFiles\i386\ipmontr.dll
+ 2008-04-13 18:57:15 152,832 ------w C:\WINDOWS\ServicePackFiles\i386\ipnat.sys
+ 2008-04-14 00:11:55 331,264 ------w C:\WINDOWS\ServicePackFiles\i386\ipnathlp.dll
+ 2008-04-14 00:11:55 330,752 ------w C:\WINDOWS\ServicePackFiles\i386\ippromon.dll
+ 2008-04-14 00:11:55 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\iprip.dll
+ 2008-04-14 00:11:55 177,152 ------w C:\WINDOWS\ServicePackFiles\i386\iprtrmgr.dll
+ 2008-04-13 19:19:42 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\ipsec.sys
+ 2008-04-14 00:11:55 349,696 ------w C:\WINDOWS\ServicePackFiles\i386\ipsecsnp.dll
+ 2008-04-14 00:11:55 183,808 ------w C:\WINDOWS\ServicePackFiles\i386\ipsecsvc.dll
+ 2008-04-14 00:10:45 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\ipseldpc.dll
+ 2008-04-14 00:09:24 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ipselpid.dll
+ 2008-04-14 00:11:55 384,000 ------w C:\WINDOWS\ServicePackFiles\i386\ipsmsnap.dll
+ 2008-04-14 00:12:23 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\ipv6.exe
+ 2008-04-14 00:11:55 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\ipv6mon.dll
+ 2008-04-14 00:12:23 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe
+ 2008-04-14 00:11:55 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\ipxwan.dll
+ 2008-04-14 00:11:55 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\ir41_qc.dll
+ 2008-04-14 00:11:55 338,432 ------w C:\WINDOWS\ServicePackFiles\i386\ir41_qcx.dll
+ 2008-04-14 00:11:55 755,200 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_32.dll
+ 2008-04-14 00:11:55 200,192 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_qc.dll
+ 2008-04-14 00:11:55 183,808 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_qcx.dll
+ 2008-04-13 18:54:36 88,192 ------w C:\WINDOWS\ServicePackFiles\i386\irda.sys
+ 2008-04-13 18:54:28 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\irenum.sys
+ 2008-04-14 00:12:23 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\irftp.exe
+ 2008-04-14 00:11:55 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\irmon.dll
+ 2008-04-13 18:36:41 37,248 ------w C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
+ 2008-04-14 00:10:32 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\isdpc.dll
+ 2008-04-14 00:10:55 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\isendpc.dll
+ 2008-04-14 00:10:55 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\isenpid.dll
+ 2008-04-14 00:11:55 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\isign32.dll
+ 2008-04-14 00:10:32 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ispid.dll
+ 2008-04-14 00:11:55 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\isrdbg32.dll
+ 2008-04-14 00:11:55 155,136 ------w C:\WINDOWS\ServicePackFiles\i386\itircl.dll
+ 2008-04-14 00:11:55 138,240 ------w C:\WINDOWS\ServicePackFiles\i386\itss.dll
+ 2008-04-14 00:11:55 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\iuengine.dll
+ 2008-04-14 00:11:55 54,272 ------w C:\WINDOWS\ServicePackFiles\i386\ixsso.dll
+ 2008-04-14 00:11:55 47,616 ------w C:\WINDOWS\ServicePackFiles\i386\iyuv_32.dll
+ 2008-04-14 00:11:55 163,840 ------w C:\WINDOWS\ServicePackFiles\i386\jgdw400.dll
+ 2008-04-14 00:11:55 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\jgpl400.dll
+ 2008-04-14 00:11:56 512,000 ------w C:\WINDOWS\ServicePackFiles\i386\jscript.dll
+ 2008-04-14 00:11:56 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd101.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdbhc.dll
+ 2008-04-13 18:39:47 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdfi1.dll
+ 2008-04-13 18:39:48 14,592 ------w C:\WINDOWS\ServicePackFiles\i386\kbdhid.sys
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdibm02.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinben.dll
+ 2008-04-14 00:09:55 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdiultn.dll
+ 2008-04-14 00:09:55 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdlk41j.dll
+ 2008-04-14 00:09:55 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmaori.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmlt48.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdnepr.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdpash.dll
+ 2008-04-14 00:09:55 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdukx.dll
+ 2008-04-13 18:31:35 7,424 ------w C:\WINDOWS\ServicePackFiles\i386\kd1394.dll
+ 2008-04-14 00:11:56 184,832 ------w C:\WINDOWS\ServicePackFiles\i386\kdcsvc.dll
+ 2008-04-14 00:11:56 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\kdsui.dll
+ 2008-04-14 00:11:56 253,952 ------w C:\WINDOWS\ServicePackFiles\i386\kdsusd.dll
+ 2008-04-14 00:11:56 299,520 ------w C:\WINDOWS\ServicePackFiles\i386\kerberos.dll
+ 2008-04-14 00:11:56 989,696 ------w C:\WINDOWS\ServicePackFiles\i386\kernel32.dll
+ 2004-08-04 10:00:00 42,537 ------w C:\WINDOWS\ServicePackFiles\i386\keyboard.sys
+ 2008-04-14 00:11:56 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\keymgr.dll
+ 2008-04-13 18:45:09 172,416 ------w C:\WINDOWS\ServicePackFiles\i386\kmixer.sys
+ 2008-04-14 00:11:56 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\kmsvc.dll
+ 2008-04-14 00:09:56 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\knperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\knperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\knprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\knpropid.dll
+ 2008-04-14 00:11:56 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\koc.dll
+ 2008-04-14 00:09:56 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\kperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\kperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\kprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\kpropid.dll
+ 2004-08-04 10:00:00 92,224 ------w C:\WINDOWS\ServicePackFiles\i386\krnl386.exe
+ 2008-04-14 00:11:56 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\krnlprov.dll
+ 2008-04-13 19:16:36 141,056 ------w C:\WINDOWS\ServicePackFiles\i386\ks.sys
+ 2008-04-13 18:31:43 92,288 ------w C:\WINDOWS\ServicePackFiles\i386\ksecdd.sys
+ 2008-04-14 00:11:56 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\l2store.dll
+ 2008-04-14 00:09:05 97,792 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtmbx.dll
+ 2008-04-14 00:09:05 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtskdic.dll
+ 2008-04-14 00:09:05 173,568 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtskf.dll
+ 2008-04-14 00:09:06 198,656 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cintime.dll
+ 2004-08-04 05:31:56 480,256 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe
+ 2004-08-04 05:31:40 57,399 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cplexe.exe
+ 2008-04-14 00:09:39 13,463,552 ------w C:\WINDOWS\ServicePackFiles\i386\lang\hwxjpn.dll
+ 2008-04-14 00:09:43 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imekrcic.dll
+ 2008-04-14 00:09:43 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imekrmbx.dll
+ 2008-04-14 00:09:44 811,064 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjp81k.dll
+ 2008-04-14 00:09:45 368,696 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpcic.dll
+ 2008-04-14 00:09:45 716,856 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpcus.dll
+ 2008-04-14 00:09:45 81,976 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.dll
+ 2004-08-04 05:31:54 307,257 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe
+ 2004-08-04 05:31:56 155,705 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe
+ 2004-08-04 05:31:58 196,665 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpinst.exe
+ 2004-08-04 05:32:00 208,952 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe
+ 2004-08-04 05:32:12 233,527 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe
+ 2004-08-04 05:32:16 262,200 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjputy.exe
+ 2008-04-14 00:09:46 274,489 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjputyc.dll
+ 2008-04-14 00:09:46 102,456 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imlang.dll
+ 2004-08-04 05:31:50 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe
+ 2008-04-14 00:09:47 315,455 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imskf.dll
+ 2008-04-14 00:10:33 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\lang\padrs404.dll
+ 2008-04-14 00:10:33 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\lang\padrs804.dll
+ 2008-04-14 00:10:34 175,104 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlcsa.dll
+ 2008-04-14 00:10:34 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlcsd.dll
+ 2008-04-13 16:43:36 70,144 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe
+ 2008-04-14 00:10:34 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pmigrate.dll
+ 2004-08-04 05:32:16 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe
+ 2004-08-04 05:32:16 455,168 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe
+ 2008-04-14 00:10:59 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tmigrate.dll
+ 2008-04-14 00:11:01 76,288 ------w C:\WINDOWS\ServicePackFiles\i386\lang\uniime.dll
+ 2008-04-14 00:11:04 426,041 ------w C:\WINDOWS\ServicePackFiles\i386\lang\voicepad.dll
+ 2008-04-14 00:11:04 86,073 ------w C:\WINDOWS\ServicePackFiles\i386\lang\voicesub.dll
+ 2008-04-13 18:40:26 34,688 ------w C:\WINDOWS\ServicePackFiles\i386\lbrtfdc.sys
+ 2008-04-14 00:12:23 677,888 ------w C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe
+ 2008-04-14 00:11:56 2,061,824 ------w C:\WINDOWS\ServicePackFiles\i386\lhmstscx.dll
+ 2008-04-14 12:41:58 423,936 ------w C:\WINDOWS\ServicePackFiles\i386\licdll.dll
+ 2008-04-14 00:11:56 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\licmgr10.dll
+ 2008-04-14 00:11:56 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\licwmi.dll
+ 2008-04-14 00:11:56 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\linkinfo.dll
+ 2008-04-14 00:11:56 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\lmhsvc.dll
+ 2008-04-14 00:11:56 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\lmmib2.dll
+ 2008-04-14 00:11:56 399,872 ------w C:\WINDOWS\ServicePackFiles\i386\lmrt.dll
+ 2008-04-14 00:11:56 97,280 ------w C:\WINDOWS\ServicePackFiles\i386\loadperf.dll
+ 2008-04-14 00:11:56 221,696 ------w C:\WINDOWS\ServicePackFiles\i386\localsec.dll
+ 2008-04-14 00:11:56 343,040 ------w C:\WINDOWS\ServicePackFiles\i386\localspl.dll
+ 2008-04-14 00:11:56 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\localui.dll
+ 2008-04-14 00:12:24 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\locator.exe
+ 2008-04-14 00:11:56 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\log.dll
+ 2008-04-14 00:12:24 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\logman.exe
+ 2008-04-14 00:12:43 220,672 ------w C:\WINDOWS\ServicePackFiles\i386\logon.scr
+ 2008-04-14 00:12:24 514,560 ------w C:\WINDOWS\ServicePackFiles\i386\logonui.exe
+ 2008-04-14 00:11:56 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\lpdsvc.dll
+ 2008-04-14 00:11:56 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\lpk.dll
+ 2008-04-14 00:11:56 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\lprhelp.dll
+ 2008-04-14 00:11:56 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\lprmon.dll
+ 2008-04-14 00:11:56 728,064 ------w C:\WINDOWS\ServicePackFiles\i386\lsasrv.dll
+ 2008-04-14 00:12:24 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\lsass.exe
+ 2004-08-04 05:41:36 606,684 ------w C:\WINDOWS\ServicePackFiles\i386\ltmdmnt.sys
+ 2004-08-04 05:41:38 420,992 ------w C:\WINDOWS\ServicePackFiles\i386\ltmdmntt.sys
+ 2008-04-13 18:40:52 7,040 ------w C:\WINDOWS\ServicePackFiles\i386\ltotape.sys
+ 2004-08-04 05:39:32 20,864 ------w C:\WINDOWS\ServicePackFiles\i386\lwadihid.sys
+ 2008-04-14 00:12:24 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\magnify.exe
+ 2008-04-14 00:12:25 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\makecab.exe
+ 2008-04-14 00:11:56 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\mcastmib.dll
+ 2008-04-14 00:11:56 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\mciavi32.dll
+ 2008-04-14 00:11:56 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\mciqtz32.dll
+ 2008-04-14 00:11:56 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\mciseq.dll
+ 2008-04-14 00:11:56 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\mciwave.dll
+ 2008-04-14 00:11:56 118,272 ------w C:\WINDOWS\ServicePackFiles\i386\mdminst.dll
+ 2008-04-14 00:11:56 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\mdmxsdk.dll
+ 2004-08-04 05:41:56 11,868 ------w C:\WINDOWS\ServicePackFiles\i386\mdmxsdk.sys
+ 2008-04-13 18:41:21 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\memstpci.sys
+ 2008-04-13 18:36:41 63,744 ------w C:\WINDOWS\ServicePackFiles\i386\mf.sys
+ 2008-04-14 00:11:56 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\mf3216.dll
+ 2008-04-14 00:11:56 927,504 ------w C:\WINDOWS\ServicePackFiles\i386\mfc40u.dll
+ 2008-04-14 00:11:56 1,028,096 ------w C:\WINDOWS\ServicePackFiles\i386\mfc42.dll
+ 2006-10-14 08:13:25 981,760 ------w C:\WINDOWS\ServicePackFiles\i386\mfc42u.dll
+ 2008-04-14 00:11:56 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\mfcsubs.dll
+ 2008-04-14 00:11:56 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\mgmtapi.dll
+ 2008-04-14 00:11:57 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\midimap.dll
+ 2008-04-14 00:11:57 274,432 ------w C:\WINDOWS\ServicePackFiles\i386\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w C:\WINDOWS\ServicePackFiles\i386\migisma.dll
+ 2008-04-14 00:11:57 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\miglibnt.dll
+ 2008-04-14 00:12:25 103,936 ------w C:\WINDOWS\ServicePackFiles\i386\migload.exe
+ 2008-04-14 00:12:25 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\migregdb.exe
+ 2008-04-14 00:12:25 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w C:\WINDOWS\ServicePackFiles\i386\migwiza.exe
+ 2008-04-14 00:11:57 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\mimefilt.dll
+ 2008-04-14 00:11:57 586,240 ------w C:\WINDOWS\ServicePackFiles\i386\mlang.dll
+ 2008-04-14 00:12:25 1,414,656 ------w C:\WINDOWS\ServicePackFiles\i386\mmc.exe
+ 2008-04-14 00:11:57 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\mmc30.dll
+ 2008-04-14 00:11:57 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\mmc30r.dll
+ 2008-04-14 00:11:57 163,328 ------w C:\WINDOWS\ServicePackFiles\i386\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w C:\WINDOWS\ServicePackFiles\i386\mmcex.dll
+ 2008-04-14 00:11:57 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\mmcexr.dll
+ 2008-04-14 00:11:57 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\mmcfxc.dll
+ 2008-04-14 00:11:57 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\mmcfxcr.dll
+ 2008-04-14 00:11:57 1,872,896 ------w C:\WINDOWS\ServicePackFiles\i386\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe
+ 2008-04-14 00:11:57 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\mmcshext.dll
+ 2008-04-14 00:11:57 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\mmfutil.dll
+ 2004-08-04 10:00:00 68,768 ------w C:\WINDOWS\ServicePackFiles\i386\mmsystem.dll
+ 2008-04-14 00:11:57 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\mnmdd.dll
+ 2008-04-14 00:12:25 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\mnmsrvc.exe
+ 2008-04-14 00:11:57 207,360 ------w C:\WINDOWS\ServicePackFiles\i386\mobsync.dll
+ 2008-04-14 00:12:26 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mobsync.exe
+ 2008-04-13 19:00:19 30,080 ------w C:\WINDOWS\ServicePackFiles\i386\modem.sys
+ 2008-04-14 00:11:57 153,600 ------w C:\WINDOWS\ServicePackFiles\i386\modemui.dll
+ 2008-04-14 00:12:26 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\mofcomp.exe
+ 2008-04-14 00:11:57 123,904 ------w C:\WINDOWS\ServicePackFiles\i386\mofd.dll
+ 2008-04-14 00:12:42 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\more.com
+ 2008-04-13 16:45:30 216,064 ------w C:\WINDOWS\ServicePackFiles\i386\moricons.dll
+ 2008-04-13 18:39:47 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\mouclass.sys
+ 2008-04-13 18:39:46 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys
+ 2008-04-14 00:12:27 3,558,912 ------w C:\WINDOWS\ServicePackFiles\i386\moviemk.exe
+ 2008-04-13 18:46:22 15,232 ------w C:\WINDOWS\ServicePackFiles\i386\mpe.sys
+ 2008-04-14 00:12:27 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\mplay32.exe
+ 2008-04-14 00:11:57 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\mpr.dll
+ 2008-04-14 00:11:57 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\mprapi.dll
+ 2008-04-14 00:11:57 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\mprdim.dll
+ 2008-04-13 18:32:44 180,608 ------w C:\WINDOWS\ServicePackFiles\i386\mrxdav.sys
+ 2008-04-13 19:17:01 456,576 ------w C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys
+ 2008-04-14 00:11:58 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\msacm32.dll
+ 2008-04-14 00:11:58 331,776 ------w C:\WINDOWS\ServicePackFiles\i386\msadce.dll
+ 2008-04-13 17:25:57 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\msadcer.dll
+ 2008-04-14 00:11:58 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\msadcf.dll
+ 2008-04-13 17:25:57 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msadcfr.dll
+ 2008-04-14 00:11:58 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\msadco.dll
+ 2008-04-13 17:25:57 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msadcor.dll
+ 2008-04-14 00:11:58 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\msadcs.dll
+ 2008-04-14 00:11:58 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\msadds.dll
+ 2008-04-13 17:25:58 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msaddsr.dll
+ 2008-04-13 17:26:17 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msader15.dll
+ 2008-04-14 00:11:58 536,576 ------w C:\WINDOWS\ServicePackFiles\i386\msado15.dll
+ 2008-04-14 00:11:58 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\msadomd.dll
+ 2008-04-14 00:11:58 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msador15.dll
+ 2008-04-14 00:11:58 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\msadox.dll
+ 2008-04-14 00:11:58 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msadrh15.dll
+ 2008-04-14 00:10:06 3,584 ------w C:\WINDOWS\ServicePackFiles\i386\msafd.dll
+ 2008-04-14 00:11:58 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\msapsspc.dll
+ 2008-04-14 00:11:58 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msasn1.dll
+ 2008-04-14 00:11:58 220,160 ------w C:\WINDOWS\ServicePackFiles\i386\mscandui.dll
+ 2008-04-14 00:11:58 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\mscms.dll
+ 2008-04-14 00:11:58 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\msconf.dll
+ 2008-04-14 00:12:27 169,984 ------w C:\WINDOWS\ServicePackFiles\i386\msconfig.exe
+ 2004-08-04 10:00:00 116,288 ------w C:\WINDOWS\ServicePackFiles\i386\msconv97.dll
+ 2008-04-13 17:26:07 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\mscpx32r.dll
+ 2008-04-14 00:11:58 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\mscpxl32.dll
+ 2008-04-14 00:11:58 297,984 ------w C:\WINDOWS\ServicePackFiles\i386\msctf.dll
+ 2008-04-14 00:11:58 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\msctfp.dll
+ 2008-04-14 00:11:58 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdadc.dll
+ 2008-04-14 00:11:58 118,784 ------w C:\WINDOWS\ServicePackFiles\i386\msdadiag.dll
+ 2008-04-14 00:11:58 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaenum.dll
+ 2008-04-14 00:11:58 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaer.dll
+ 2008-04-14 00:11:58 532,480 ------w C:\WINDOWS\ServicePackFiles\i386\msdaipp.dll
+ 2008-04-14 00:11:58 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\msdaora.dll
+ 2008-04-13 17:24:14 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaorar.dll
+ 2008-04-14 00:11:58 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\msdaosp.dll
+ 2008-04-13 17:25:58 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaprsr.dll
+ 2008-04-14 00:11:58 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\msdaprst.dll
+ 2008-04-14 00:11:59 204,800 ------w C:\WINDOWS\ServicePackFiles\i386\msdaps.dll
+ 2008-04-14 00:11:59 118,784 ------w C:\WINDOWS\ServicePackFiles\i386\msdarem.dll
+ 2008-04-13 17:25:58 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaremr.dll
+ 2008-04-14 00:11:59 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\msdart.dll
+ 2008-04-14 00:11:59 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdasc.dll
+ 2008-04-14 00:11:59 315,392 ------w C:\WINDOWS\ServicePackFiles\i386\msdasql.dll
+ 2008-04-13 17:26:07 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdasqlr.dll
+ 2008-04-14 00:11:59 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\msdatl3.dll
+ 2008-04-14 00:11:59 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\msdatt.dll
+ 2008-04-14 00:11:59 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaurl.dll
+ 2008-04-14 00:11:59 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\msdfmap.dll
+ 2008-04-14 00:11:59 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\msdmo.dll
+ 2008-04-14 00:12:27 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\msdtc.exe
+ 2008-04-14 00:11:59 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\msdtclog.dll
+ 2008-04-14 00:11:59 427,008 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcprx.dll
+ 2008-04-14 00:11:59 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcstp.dll
+ 2008-04-14 00:11:59 956,928 ------w C:\WINDOWS\ServicePackFiles\i386\msdtctm.dll
+ 2008-04-14 00:11:59 161,792 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcuiu.dll
+ 2008-04-13 18:46:09 51,200 ------w C:\WINDOWS\ServicePackFiles\i386\msdv.sys
+ 2008-03-25 04:50:28 518,944 ------w C:\WINDOWS\ServicePackFiles\i386\msexch40.dll
+ 2008-03-25 04:50:30 326,432 ------w C:\WINDOWS\ServicePackFiles\i386\msexcl40.dll
+ 2008-04-13 18:32:39 19,072 ------w C:\WINDOWS\ServicePackFiles\i386\msfs.sys
+ 2008-04-14 00:11:59 539,136 ------w C:\WINDOWS\ServicePackFiles\i386\msftedit.dll
+ 2008-04-14 00:11:59 997,376 ------w C:\WINDOWS\ServicePackFiles\i386\msgina.dll
+ 2008-04-13 18:56:32 35,072 ------w C:\WINDOWS\ServicePackFiles\i386\msgpc.sys
+ 2008-04-14 00:11:59 3,166,208 ------w C:\WINDOWS\ServicePackFiles\i386\msgr3en.dll
+ 2008-04-14 00:11:59 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\msgrocm.dll
+ 2008-04-14 00:11:59 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\msgslang.dll
+ 2008-04-14 00:11:59 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\msgsvc.dll
+ 2008-04-14 00:12:45 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\msh261.drv
+ 2008-04-14 00:12:45 294,912 ------w C:\WINDOWS\ServicePackFiles\i386\msh263.drv
+ 2008-04-14 00:12:27 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\mshta.exe
+ 2008-04-14 00:11:59 3,066,880 ------w C:\WINDOWS\ServicePackFiles\i386\mshtml.dll
+ 2008-04-14 00:11:59 449,024 ------w C:\WINDOWS\ServicePackFiles\i386\mshtmled.dll
+ 2008-04-13 16:26:26 56,832 ------w C:\WINDOWS\ServicePackFiles\i386\mshtmler.dll
+ 2008-04-14 00:11:59 2,843,136 ------w C:\WINDOWS\ServicePackFiles\i386\msi.dll
+ 2008-04-14 00:11:59 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\msident.dll
+ 2008-04-14 00:11:59 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\msidle.dll
+ 2008-04-14 00:11:59 248,832 ------w C:\WINDOWS\ServicePackFiles\i386\msieftp.dll
+ 2008-04-14 00:12:28 78,848 ------w C:\WINDOWS\ServicePackFiles\i386\msiexec.exe
+ 2008-04-14 00:11:59 271,360 ------w C:\WINDOWS\ServicePackFiles\i386\msihnd.dll
+ 2008-04-14 00:11:59 4,608 ------w C:\WINDOWS\ServicePackFiles\i386\msimg32.dll
+ 2008-04-14 00:12:28 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\msimn.exe
+ 2008-04-13 15:39:43 884,736 ------w C:\WINDOWS\ServicePackFiles\i386\msimsg.dll
+ 2008-04-14 00:11:59 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\msimtf.dll
+ 2008-04-14 00:11:59 376,832 ------w C:\WINDOWS\ServicePackFiles\i386\msinfo.dll
+ 2008-04-13 18:54:28 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\msircomm.sys
+ 2008-04-14 00:12:28 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\msiregmv.exe
+ 2008-04-14 00:11:59 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\msisip.dll
+ 2008-03-25 04:50:34 1,516,568 ------w C:\WINDOWS\ServicePackFiles\i386\msjet40.dll
+ 2008-03-25 04:50:40 355,112 ------w C:\WINDOWS\ServicePackFiles\i386\msjetol1.dll
+ 2008-04-14 00:12:00 151,583 ------w C:\WINDOWS\ServicePackFiles\i386\msjint40.dll
+ 2008-04-14 00:12:00 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\msjro.dll
+ 2008-03-25 04:50:42 60,192 ------w C:\WINDOWS\ServicePackFiles\i386\msjter40.dll
+ 2008-03-25 04:50:42 248,608 ------w C:\WINDOWS\ServicePackFiles\i386\msjtes40.dll
+ 2008-04-13 18:39:52 7,552 ------w C:\WINDOWS\ServicePackFiles\i386\mskssrv.sys
+ 2008-04-14 00:12:00 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\mslbui.dll
+ 2008-03-25 04:50:44 219,936 ------w C:\WINDOWS\ServicePackFiles\i386\msltus40.dll
+ 2008-04-14 00:12:00 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\mslwvtts.dll
+ 2008-04-14 00:12:28 1,695,232 ------w C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe
+ 2004-08-04 10:00:00 11,053,008 ------w C:\WINDOWS\ServicePackFiles\i386\msncli.exe
+ 2008-04-14 00:12:00 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\msnsspc.dll
+ 2004-08-04 10:00:00 1,327,320 ------w C:\WINDOWS\ServicePackFiles\i386\msnsusii.exe
+ 2008-04-14 00:12:00 122,368 ------w C:\WINDOWS\ServicePackFiles\i386\msobcomm.dll
+ 2008-04-14 00:12:00 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msobdl.dll
+ 2008-04-14 00:12:00 565,248 ------w C:\WINDOWS\ServicePackFiles\i386\msobmain.dll
+ 2008-04-14 00:12:00 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\msobshel.dll
+ 2008-04-14 00:12:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\msobweb.dll
+ 2008-04-14 00:12:00 1,314,816 ------w C:\WINDOWS\ServicePackFiles\i386\msoe.dll
+ 2008-04-14 00:12:00 252,928 ------w C:\WINDOWS\ServicePackFiles\i386\msoeacct.dll
+ 2008-04-13 16:23:54 2,479,616 ------w C:\WINDOWS\ServicePackFiles\i386\msoeres.dll
+ 2008-04-14 00:12:00 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\msoert2.dll
+ 2008-04-14 00:12:28 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\msoobe.exe
+ 2008-04-13 17:24:14 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\msorc32r.dll
+ 2008-04-14 00:12:00 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\msorcl32.dll
+ 2008-04-14 00:12:28 343,040 ------w C:\WINDOWS\ServicePackFiles\i386\mspaint.exe
+ 2008-04-14 00:12:00 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\mspatcha.dll
+ 2008-03-25 04:50:45 355,104 ------w C:\WINDOWS\ServicePackFiles\i386\mspbde40.dll
+ 2008-04-13 18:39:50 5,376 ------w C:\WINDOWS\ServicePackFiles\i386\mspclock.sys
+ 2008-04-13 18:39:51 4,992 ------w C:\WINDOWS\ServicePackFiles\i386\mspqm.sys
+ 2008-04-13 16:23:31 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\msprivs.dll
+ 2008-04-14 00:12:00 146,432 ------w C:\WINDOWS\ServicePackFiles\i386\msrating.dll
+ 2008-03-25 04:50:47 432,928 ------w C:\WINDOWS\ServicePackFiles\i386\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 ------w C:\WINDOWS\ServicePackFiles\i386\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 ------w C:\WINDOWS\ServicePackFiles\i386\msrepl40.dll
+ 2008-04-14 00:12:00 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\msrle32.dll
+ 2008-04-14 00:12:00 134,656 ------w C:\WINDOWS\ServicePackFiles\i386\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w C:\WINDOWS\ServicePackFiles\i386\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\msshamsg.dll
+ 2008-04-13 18:36:46 15,488 ------w C:\WINDOWS\ServicePackFiles\i386\mssmbios.sys
+ 2008-04-14 00:12:00 274,432 ------w C:\WINDOWS\ServicePackFiles\i386\mst120.dll
+ 2008-04-14 00:12:00 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\mst123.dll
+ 2008-04-13 18:46:08 49,024 ------w C:\WINDOWS\ServicePackFiles\i386\mstape.sys
+ 2008-04-14 00:12:00 274,944 ------w C:\WINDOWS\ServicePackFiles\i386\mstask.dll
+ 2008-04-13 18:39:50 5,504 ------w C:\WINDOWS\ServicePackFiles\i386\mstee.sys
+ 2008-03-25 04:50:55 264,992 ------w C:\WINDOWS\ServicePackFiles\i386\mstext40.dll
+ 2008-04-14 00:12:00 532,480 ------w C:\WINDOWS\ServicePackFiles\i386\mstime.dll
+ 2008-04-14 00:12:29 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\mstinit.exe
+ 2008-04-14 00:12:00 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\mstlsapi.dll
+ 2008-04-14 00:12:00 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\msutb.dll
+ 2008-04-14 00:12:00 132,608 ------w C:\WINDOWS\ServicePackFiles\i386\msv1_0.dll
+ 2008-04-14 00:12:00 1,384,479 ------w C:\WINDOWS\ServicePackFiles\i386\msvbvm60.dll
+ 2008-04-14 00:12:01 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msvcirt.dll
+ 2008-04-14 00:12:01 413,696 ------w C:\WINDOWS\ServicePackFiles\i386\msvcp60.dll
+ 2008-04-14 00:12:01 343,040 ------w C:\WINDOWS\ServicePackFiles\i386\msvcrt.dll
+ 2008-04-13 18:30:46 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\msvcrt40.dll
+ 2008-04-14 00:12:01 121,344 ------w C:\WINDOWS\ServicePackFiles\i386\msvfw32.dll
+ 2008-04-14 00:12:01 1,428,992 ------w C:\WINDOWS\ServicePackFiles\i386\msvidctl.dll
+ 2008-04-14 00:12:01 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\msw3prt.dll
+ 2008-03-25 04:50:57 838,432 ------w C:\WINDOWS\ServicePackFiles\i386\mswdat10.dll
+ 2008-04-14 00:12:01 203,776 ------w C:\WINDOWS\ServicePackFiles\i386\mswebdvd.dll
+ 2008-04-14 00:12:01 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
+ 2008-03-25 04:50:58 621,344 ------w C:\WINDOWS\ServicePackFiles\i386\mswstr10.dll
+ 2008-04-14 00:12:01 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msxactps.dll
+ 2008-03-25 04:50:58 355,104 ------w C:\WINDOWS\ServicePackFiles\i386\msxbde40.dll
+ 2008-04-14 00:12:01 506,368 ------w C:\WINDOWS\ServicePackFiles\i386\msxml.dll
+ 2008-04-14 00:12:01 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\msxml2.dll
+ 2008-04-14 00:12:01 1,104,896 ------w C:\WINDOWS\ServicePackFiles\i386\msxml3.dll
+ 2008-04-14 00:12:01 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\msyuv.dll
+ 2004-08-04 05:41:40 126,686 ------w C:\WINDOWS\ServicePackFiles\i386\mtlmnt5.sys
+ 2004-08-04 05:41:38 1,309,184 ------w C:\WINDOWS\ServicePackFiles\i386\mtlstrm.sys
+ 2008-04-14 00:12:29 119,808 ------w C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe
+ 2008-04-14 00:12:01 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\mtxclu.dll
+ 2008-04-14 00:12:01 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\mtxdm.dll
+ 2008-04-14 00:12:01 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\mtxex.dll
+ 2008-04-14 00:12:01 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\mtxlegih.dll
+ 2008-04-14 00:12:01 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w C:\WINDOWS\ServicePackFiles\i386\mtxparhd.dll
+ 2004-08-04 05:29:38 452,736 ------w C:\WINDOWS\ServicePackFiles\i386\mtxparhm.sys
+ 2008-04-14 00:12:29 90,624 ------w C:\WINDOWS\ServicePackFiles\i386\muisetup.exe
+ 2008-04-13 19:17:05 105,344 ------w C:\WINDOWS\ServicePackFiles\i386\mup.sys
+ 2008-04-13 18:43:55 12,672 ------w C:\WINDOWS\ServicePackFiles\i386\mutohpen.sys
+ 2008-04-14 00:12:01 90,624 ------w C:\WINDOWS\ServicePackFiles\i386\mydocs.dll
+ 2008-04-13 18:46:25 85,248 ------w C:\WINDOWS\ServicePackFiles\i386\nabtsfec.sys
+ 2008-04-14 00:12:01 221,184 ------w C:\WINDOWS\ServicePackFiles\i386\nac.dll
+ 2008-04-14 00:12:01 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w C:\WINDOWS\ServicePackFiles\i386\napstat.exe
+ 2008-04-14 00:12:29 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\narrator.exe
+ 2008-04-14 00:12:01 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\ncobjapi.dll
+ 2008-04-14 00:12:01 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\ncprov.dll
+ 2008-04-14 00:12:01 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\ncpsres.dll
+ 2008-04-14 00:12:01 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\nddeapi.dll
+ 2008-04-14 00:12:29 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\nddeapir.exe
+ 2008-04-14 00:12:01 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\nddenb32.dll
+ 2008-04-13 19:20:37 182,656 ------w C:\WINDOWS\ServicePackFiles\i386\ndis.sys
+ 2008-04-13 18:46:22 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\ndisip.sys
+ 2008-04-14 00:12:01 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\ndisnpp.dll
+ 2008-04-13 18:57:27 10,112 ------w C:\WINDOWS\ServicePackFiles\i386\ndistapi.sys
+ 2008-04-13 18:55:58 14,592 ------w C:\WINDOWS\ServicePackFiles\i386\ndisuio.sys
+ 2008-04-13 19:20:42 91,520 ------w C:\WINDOWS\ServicePackFiles\i386\ndiswan.sys
+ 2008-04-13 18:57:29 40,576 ------w C:\WINDOWS\ServicePackFiles\i386\ndproxy.sys
+ 2008-04-14 00:12:29 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\net.exe
+ 2008-04-14 00:12:29 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\net1.exe
+ 2008-04-14 00:12:01 337,408 ------w C:\WINDOWS\ServicePackFiles\i386\netapi32.dll
+ 2008-04-13 18:56:02 34,688 ------w C:\WINDOWS\ServicePackFiles\i386\netbios.sys
+ 2008-04-13 19:21:00 162,816 ------w C:\WINDOWS\ServicePackFiles\i386\netbt.sys
+ 2008-04-14 00:12:01 622,592 ------w C:\WINDOWS\ServicePackFiles\i386\netcfgx.dll
+ 2008-04-14 00:12:29 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\netdde.exe
+ 2008-04-14 00:12:01 139,264 ------w C:\WINDOWS\ServicePackFiles\i386\netid.dll
+ 2008-04-14 00:12:01 407,040 ------w C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
+ 2008-04-14 00:12:01 198,144 ------w C:\WINDOWS\ServicePackFiles\i386\netman.dll
+ 2008-04-14 00:12:01 77,312 ------w C:\WINDOWS\ServicePackFiles\i386\netoc.dll
+ 2008-04-14 00:12:01 875,008 ------w C:\WINDOWS\ServicePackFiles\i386\netplwiz.dll
+ 2008-04-14 00:12:01 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\netrap.dll
+ 2008-04-14 00:16:51 329,728 ------w C:\WINDOWS\ServicePackFiles\i386\netsetup.exe
+ 2008-04-14 00:12:29 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\netsh.exe
+ 2008-04-14 00:12:02 1,703,936 ------w C:\WINDOWS\ServicePackFiles\i386\netshell.dll
+ 2008-04-14 00:12:29 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\netstat.exe
+ 2008-04-14 00:12:02 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\netui0.dll
+ 2008-04-14 00:12:02 245,760 ------w C:\WINDOWS\ServicePackFiles\i386\netui1.dll
+ 2004-08-04 05:31:42 132,695 ------w C:\WINDOWS\ServicePackFiles\i386\netwlan5.sys
+ 2008-04-14 00:12:02 247,808 ------w C:\WINDOWS\ServicePackFiles\i386\newdev.dll
+ 2008-04-13 18:51:25 61,824 ------w C:\WINDOWS\ServicePackFiles\i386\nic1394.sys
+ 2008-04-14 00:12:02 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\nlhtml.dll
+ 2008-04-14 00:12:02 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\nmas.dll
+ 2008-04-14 00:12:02 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nmasnt.dll
+ 2008-04-14 00:12:02 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\nmchat.dll
+ 2008-04-14 00:12:02 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\nmcom.dll
+ 2008-04-14 00:12:02 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\nmft.dll
+ 2008-04-14 00:12:02 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nmmkcert.dll
+ 2008-04-13 18:53:09 40,320 ------w C:\WINDOWS\ServicePackFiles\i386\nmnt.sys
+ 2008-04-14 00:12:02 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\nmoldwb.dll
+ 2008-04-14 00:12:02 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\nmwb.dll
+ 2008-04-14 00:12:29 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\notepad.exe
+ 2008-04-13 18:32:39 30,848 ------w C:\WINDOWS\ServicePackFiles\i386\npfs.sys
+ 2008-04-14 00:12:29 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\nppagent.exe
+ 2008-04-14 00:12:02 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\npptools.dll
+ 2008-04-13 18:54:36 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nscirda.sys
+ 2008-04-14 00:12:29 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\nslookup.exe
+ 2004-08-04 10:00:00 47,564 ------w C:\WINDOWS\ServicePackFiles\i386\ntdetect.com
+ 2008-04-14 00:11:24 706,048 ------w C:\WINDOWS\ServicePackFiles\i386\ntdll.dll
+ 2008-04-14 00:12:02 67,072 ------w C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll
+ 2008-04-14 00:12:02 212,992 ------w C:\WINDOWS\ServicePackFiles\i386\ntevt.dll
+ 2008-04-13 19:15:53 574,976 ------w C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
+ 2004-08-04 10:00:00 33,840 ------w C:\WINDOWS\ServicePackFiles\i386\ntio.sys
+ 2004-08-04 10:00:00 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\ntio404.sys
+ 2004-08-04 10:00:00 35,648 ------w C:\WINDOWS\ServicePackFiles\i386\ntio411.sys
+ 2004-08-04 10:00:00 35,424 ------w C:\WINDOWS\ServicePackFiles\i386\ntio412.sys
+ 2004-08-04 10:00:00 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\ntio804.sys
+ 2008-04-13 19:24:37 2,145,280 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrnlmp.exe
+ 2008-04-13 18:31:21 2,065,792 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrpamp.exe
+ 2008-04-14 00:12:02 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\ntlanman.dll
+ 2008-04-14 00:12:02 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\ntlsapi.dll
+ 2008-04-14 00:12:02 118,784 ------w C:\WINDOWS\ServicePackFiles\i386\ntmarta.dll
+ 2008-04-14 00:12:02 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsapi.dll
+ 2008-04-14 00:12:02 179,200 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsdba.dll
+ 2008-04-14 00:12:02 488,448 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsmgr.dll
+ 2008-04-14 00:12:02 435,200 ------w C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll
+ 2004-08-04 05:41:40 180,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntmtlfax.sys
+ 2008-04-14 00:12:02 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\ntoc.dll
+ 2008-04-13 19:27:53 2,188,928 ------w C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
+ 2008-04-14 00:12:02 91,136 ------w C:\WINDOWS\ServicePackFiles\i386\ntprint.dll
+ 2008-04-14 00:12:02 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntshrui.dll
+ 2008-04-14 00:12:30 420,864 ------w C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe
+ 2008-04-14 00:12:02 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntvdmd.dll
+ 2008-04-14 00:12:02 4,274,816 ------w C:\WINDOWS\ServicePackFiles\i386\nv4_disp.dll
+ 2004-08-04 03:29:56 1,897,408 ------w C:\WINDOWS\ServicePackFiles\i386\nv4_mini.sys
+ 2008-04-13 18:56:06 88,320 ------w C:\WINDOWS\ServicePackFiles\i386\nwlnkipx.sys
+ 2008-04-14 00:12:02 142,336 ------w C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
+ 2008-04-14 00:12:02 270,336 ------w C:\WINDOWS\ServicePackFiles\i386\oakley.dll
+ 2008-04-14 00:10:30 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\obelog.dll
+ 2008-04-14 00:10:30 966,656 ------w C:\WINDOWS\ServicePackFiles\i386\obemetal.dll
+ 2007-04-02 18:44:11 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\obemtllc.dll
+ 2008-04-14 00:10:30 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\obepopc.dll
+ 2008-04-14 00:12:02 286,208 ------w C:\WINDOWS\ServicePackFiles\i386\objsel.dll
+ 2008-04-13 18:40:52 405,504 ------w C:\WINDOWS\ServicePackFiles\i386\obrb041b.dll
+ 2008-04-13 18:40:56 408,576 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0424.dll
+ 2008-04-14 00:12:02 96,256 ------w C:\WINDOWS\ServicePackFiles\i386\occache.dll
+ 2008-04-14 00:12:02 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ocgen.dll
+ 2008-04-14 00:12:02 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\ocmanage.dll
+ 2008-04-14 00:12:02 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\ocmsn.dll
+ 2004-08-04 10:00:00 26,224 ------w C:\WINDOWS\ServicePackFiles\i386\odbc16gt.dll
+ 2008-04-14 00:12:02 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\odbc32.dll
+ 2008-04-14 00:12:02 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\odbc32gt.dll
+ 2008-04-14 00:12:30 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe
+ 2008-04-14 00:12:02 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\odbcbcp.dll
+ 2008-04-14 00:12:02 135,168 ------w C:\WINDOWS\ServicePackFiles\i386\odbcconf.dll
+ 2008-04-14 00:12:30 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe
+ 2008-04-14 00:12:02 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\odbccp32.dll
+ 2008-04-14 00:12:02 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\odbccu32.dll
+ 2008-04-13 17:26:05 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\odbcint.dll
+ 2008-04-14 00:10:31 53,279 ------w C:\WINDOWS\ServicePackFiles\i386\odbcji32.dll
+ 2008-04-14 00:12:02 278,559 ------w C:\WINDOWS\ServicePackFiles\i386\odbcjt32.dll
+ 2008-04-13 17:26:05 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\odbcp32r.dll
+ 2008-04-14 00:12:02 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\odbctrac.dll
+ 2008-04-14 00:12:02 20,511 ------w C:\WINDOWS\ServicePackFiles\i386\oddbse32.dll
+ 2008-04-14 00:12:02 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odpdx32.dll
+ 2008-04-14 00:12:02 20,511 ------w C:\WINDOWS\ServicePackFiles\i386\odtext32.dll
+ 2008-04-14 00:12:02 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\oeimport.dll
+ 2008-04-14 00:12:30 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\oemig50.exe
+ 2008-04-14 00:12:02 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\oemiglib.dll
+ 2008-04-14 00:12:02 192,000 ------w C:\WINDOWS\ServicePackFiles\i386\offfilt.dll
+ 2008-04-13 18:46:18 61,696 ------w C:\WINDOWS\ServicePackFiles\i386\ohci1394.sys
+ 2008-04-14 00:12:02 1,287,168 ------w C:\WINDOWS\ServicePackFiles\i386\ole32.dll
+ 2008-04-14 00:12:02 551,936 ------w C:\WINDOWS\ServicePackFiles\i386\oleaut32.dll
+ 2008-04-14 00:12:02 74,752 ------w C:\WINDOWS\ServicePackFiles\i386\olecli32.dll
+ 2008-04-14 00:12:02 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\olecnv32.dll
+ 2008-04-14 00:12:02 487,424 ------w C:\WINDOWS\ServicePackFiles\i386\oledb32.dll
+ 2008-04-14 00:12:02 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\oledb32r.dll
+ 2008-04-14 00:12:02 122,880 ------w C:\WINDOWS\ServicePackFiles\i386\oledlg.dll
+ 2008-04-14 00:12:02 107,008 ------w C:\WINDOWS\ServicePackFiles\i386\oleprn.dll
+ 2008-04-14 00:12:02 84,992 ------w C:\WINDOWS\ServicePackFiles\i386\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\onex.dll
+ 2008-04-14 00:12:31 51,200 ------w C:\WINDOWS\ServicePackFiles\i386\oobebaln.exe
+ 2008-04-14 00:12:02 713,728 ------w C:\WINDOWS\ServicePackFiles\i386\opengl32.dll
+ 2008-04-13 18:32:32 166,912 ------w C:\WINDOWS\ServicePackFiles\i386\oschoice.exe
+ 2008-04-14 00:12:31 215,552 ------w C:\WINDOWS\ServicePackFiles\i386\osk.exe
+ 2008-04-13 18:31:43 230,400 ------w C:\WINDOWS\ServicePackFiles\i386\osloader.exe
+ 2008-04-14 00:12:02 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\osuninst.dll
+ 2008-04-14 00:12:02 153,600 ------w C:\WINDOWS\ServicePackFiles\i386\p2p.dll
+ 2008-04-14 00:12:02 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\p2pgasvc.dll
+ 2008-04-14 00:12:02 313,856 ------w C:\WINDOWS\ServicePackFiles\i386\p2pgraph.dll
+ 2008-04-14 00:12:02 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\p2pnetsh.dll
+ 2008-04-14 00:12:02 554,496 ------w C:\WINDOWS\ServicePackFiles\i386\p2psvc.dll
+ 2008-04-13 18:31:31 42,752 ------w C:\WINDOWS\ServicePackFiles\i386\p3.sys
+ 2008-04-14 00:12:31 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\packager.exe
+ 2008-04-13 18:40:10 80,128 ------w C:\WINDOWS\ServicePackFiles\i386\parport.sys
+ 2008-04-13 18:40:49 19,712 ------w C:\WINDOWS\ServicePackFiles\i386\partmgr.sys
+ 2008-04-14 00:12:02 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\pautoenr.dll
+ 2004-08-04 05:31:24 29,502 ------w C:\WINDOWS\ServicePackFiles\i386\pca200e.sys
+ 2008-04-14 00:12:02 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\pchshell.dll
+ 2008-04-14 00:12:02 38,400 ------w C:\WINDOWS\ServicePackFiles\i386\pchsvc.dll
+ 2008-04-13 18:36:44 68,224 ------w C:\WINDOWS\ServicePackFiles\i386\pci.sys
+ 2008-04-13 18:40:29 24,960 ------w C:\WINDOWS\ServicePackFiles\i386\pciidex.sys
+ 2007-05-15 08:08:11 288,768 ------w C:\WINDOWS\ServicePackFiles\i386\pcl4res.dll
+ 2007-05-15 08:08:13 1,058,816 ------w C:\WINDOWS\ServicePackFiles\i386\pcl5eres.dll
+ 2007-05-15 08:08:14 1,057,280 ------w C:\WINDOWS\ServicePackFiles\i386\pcl5ures.dll
+ 2007-05-15 08:08:14 207,872 ------w C:\WINDOWS\ServicePackFiles\i386\pclxl.dll
+ 2008-04-13 18:36:43 120,192 ------w C:\WINDOWS\ServicePackFiles\i386\pcmcia.sys
+ 2004-08-04 05:06:18 169,984 ------w C:\WINDOWS\ServicePackFiles\i386\pcx500.sys
+ 2008-04-14 00:12:02 284,160 ------w C:\WINDOWS\ServicePackFiles\i386\pdh.dll
+ 2008-04-14 00:12:02 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\perfctrs.dll
+ 2008-04-14 00:12:02 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\perfdisk.dll
+ 2008-04-14 00:12:31 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\perfmon.exe
+ 2008-04-14 00:12:02 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\perfnet.dll
+ 2008-04-14 00:12:02 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\perfos.dll
+ 2008-04-14 00:12:02 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\perfproc.dll
+ 2008-04-13 18:44:29 27,904 ------w C:\WINDOWS\ServicePackFiles\i386\perm2.sys
+ 2008-04-14 00:10:34 211,584 ------w C:\WINDOWS\ServicePackFiles\i386\perm2dll.dll
+ 2008-04-13 18:44:30 28,032 ------w C:\WINDOWS\ServicePackFiles\i386\perm3.sys
+ 2008-04-14 00:10:34 259,328 ------w C:\WINDOWS\ServicePackFiles\i386\perm3dd.dll
+ 2008-04-14 00:12:02 176,128 ------w C:\WINDOWS\ServicePackFiles\i386\photowiz.dll
+ 2008-04-14 00:12:02 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\pid.dll
+ 2008-04-13 18:35:22 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\pidgen.dll
+ 2008-04-14 00:12:31 281,088 ------w C:\WINDOWS\ServicePackFiles\i386\pinball.exe
+ 2008-04-14 00:12:31 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\ping.exe
+ 2008-04-14 00:12:02 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\pjlmon.dll
+ 2008-04-14 00:12:02 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\plotter.dll
+ 2008-04-14 00:12:02 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\plotui.dll
+ 2008-04-14 00:12:02 412,160 ------w C:\WINDOWS\ServicePackFiles\i386\pmh.dll
+ 2008-04-14 00:12:02 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\pngfilt.dll
+ 2008-04-14 00:12:02 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
+ 2008-04-14 00:12:02 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\polstore.dll
+ 2008-04-13 19:19:41 146,048 ------w C:\WINDOWS\ServicePackFiles\i386\portcls.sys
+ 2008-04-14 00:12:31 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\powercfg.exe
+ 2008-04-13 18:40:56 8,832 ------w C:\WINDOWS\ServicePackFiles\i386\powerfil.sys
+ 2008-04-14 00:12:03 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\powrprof.dll
+ 2008-04-13 18:41:00 17,664 ------w C:\WINDOWS\ServicePackFiles\i386\ppa3.sys
+ 2008-04-14 00:12:03 560,640 ------w C:\WINDOWS\ServicePackFiles\i386\printui.dll
+ 2008-04-13 18:31:30 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\processr.sys
+ 2008-04-14 00:12:03 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\profmap.dll
+ 2008-04-14 00:12:31 109,568 ------w C:\WINDOWS\ServicePackFiles\i386\progman.exe
+ 2008-04-14 00:12:32 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\proquota.exe
+ 2008-04-14 00:12:03 237,056 ------w C:\WINDOWS\ServicePackFiles\i386\provthrd.dll
+ 2008-04-14 00:12:32 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe
+ 2008-04-14 00:12:03 728,576 ------w C:\WINDOWS\ServicePackFiles\i386\ps5ui.dll
+ 2008-04-14 00:12:03 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\psapi.dll
+ 2008-04-14 00:12:03 96,768 ------w C:\WINDOWS\ServicePackFiles\i386\psbase.dll
+ 2008-04-13 18:56:38 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\psched.sys
+ 2008-04-14 00:12:03 543,232 ------w C:\WINDOWS\ServicePackFiles\i386\pscript5.dll
+ 2008-04-14 00:12:03 363,520 ------w C:\WINDOWS\ServicePackFiles\i386\psisdecd.dll
+ 2008-04-14 00:12:03 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\pstorec.dll
+ 2008-04-14 00:12:03 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\pstorsvc.dll
+ 2008-04-14 00:12:03 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\ptpusd.dll
+ 2008-04-14 00:12:03 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w C:\WINDOWS\ServicePackFiles\i386\qagentrt.dll
+ 2008-04-14 00:12:03 237,568 ------w C:\WINDOWS\ServicePackFiles\i386\qasf.dll
+ 2008-04-14 00:12:03 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\qcliprov.dll
+ 2008-04-14 00:12:03 279,040 ------w C:\WINDOWS\ServicePackFiles\i386\qdv.dll
+ 2008-04-14 00:12:03 386,048 ------w C:\WINDOWS\ServicePackFiles\i386\qdvd.dll
+ 2008-04-14 00:12:03 562,176 ------w C:\WINDOWS\ServicePackFiles\i386\qedit.dll
+ 2008-04-13 17:21:32 733,696 ------w C:\WINDOWS\ServicePackFiles\i386\qedwipes.dll
+ 2008-04-13 18:40:52 6,016 ------w C:\WINDOWS\ServicePackFiles\i386\qic157.sys
+ 2008-04-14 00:12:03 409,088 ------w C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
+ 2008-04-14 00:12:03 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\qmgrprxy.dll
+ 2008-04-14 00:12:32 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\qprocess.exe
+ 2008-04-14 00:12:03 1,288,192 ------w C:\WINDOWS\ServicePackFiles\i386\quartz.dll
+ 2008-04-14 00:12:03 1,435,648 ------w C:\WINDOWS\ServicePackFiles\i386\query.dll
+ 2008-04-14 00:12:03 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\qutil.dll
+ 2008-04-14 00:12:03 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\racpldlg.dll
+ 2008-04-13 18:41:23 20,736 ------w C:\WINDOWS\ServicePackFiles\i386\ramdisk.sys
+ 2008-04-14 00:12:03 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\rasadhlp.dll
+ 2008-04-14 00:12:03 237,056 ------w C:\WINDOWS\ServicePackFiles\i386\rasapi32.dll
+ 2008-04-14 00:12:03 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\rasauto.dll
+ 2008-04-14 00:12:03 79,872 ------w C:\WINDOWS\ServicePackFiles\i386\raschap.dll
+ 2008-04-14 00:12:03 658,432 ------w C:\WINDOWS\ServicePackFiles\i386\rasdlg.dll
+ 2008-04-13 19:19:43 51,328 ------w C:\WINDOWS\ServicePackFiles\i386\rasl2tp.sys
+ 2008-04-14 00:12:03 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\rasman.dll
+ 2008-04-14 00:12:03 186,368 ------w C:\WINDOWS\ServicePackFiles\i386\rasmans.dll
+ 2008-04-14 00:12:32 56,832 ------w C:\WINDOWS\ServicePackFiles\i386\rasphone.exe
+ 2008-04-14 00:12:03 210,944 ------w C:\WINDOWS\ServicePackFiles\i386\rasppp.dll
+ 2008-04-13 18:57:32 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\raspppoe.sys
+ 2008-04-13 19:19:48 48,384 ------w C:\WINDOWS\ServicePackFiles\i386\raspptp.sys
+ 2008-04-14 00:12:03 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\rasqec.dll
+ 2008-04-14 00:12:03 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\rassapi.dll
+ 2008-04-14 00:12:03 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\rastapi.dll
+ 2008-04-14 00:12:03 150,016 ------w C:\WINDOWS\ServicePackFiles\i386\rastls.dll
+ 2008-04-14 00:12:03 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\rcbdyctl.dll
+ 2008-04-14 00:12:32 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe
+ 2008-04-14 00:12:32 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\rcp.exe
+ 2008-04-13 19:28:39 175,744 ------w C:\WINDOWS\ServicePackFiles\i386\rdbss.sys
+ 2008-04-14 00:12:03 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\rdchost.dll
+ 2008-04-14 00:12:32 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe
+ 2008-04-14 00:13:22 92,424 ------w C:\WINDOWS\ServicePackFiles\i386\rdpdd.dll
+ 2008-04-13 18:32:51 196,224 ------w C:\WINDOWS\ServicePackFiles\i386\rdpdr.sys
+ 2008-04-14 00:12:04 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\rdpsnd.dll
+ 2008-04-14 00:13:22 139,656 ------w C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys
+ 2008-04-14 00:13:22 87,176 ------w C:\WINDOWS\ServicePackFiles\i386\rdpwsx.dll
+ 2008-04-14 00:12:32 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\rdsaddin.exe
+ 2008-04-14 00:12:32 67,072 ------w C:\WINDOWS\ServicePackFiles\i386\rdshost.exe
+ 2004-08-04 05:41:40 13,776 ------w C:\WINDOWS\ServicePackFiles\i386\recagent.sys
+ 2008-04-13 18:40:27 57,600 ------w C:\WINDOWS\ServicePackFiles\i386\redbook.sys
+ 2004-08-04 10:00:00 3,338 ------w C:\WINDOWS\ServicePackFiles\i386\redir.exe
+ 2008-04-14 00:12:32 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\reg.exe
+ 2008-04-14 00:12:04 49,664 ------w C:\WINDOWS\ServicePackFiles\i386\regapi.dll
+ 2008-04-14 00:12:32 146,432 ------w C:\WINDOWS\ServicePackFiles\i386\regedit.exe
+ 2008-04-14 00:12:04 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\regsvc.dll
+ 2008-04-14 00:12:32 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\regsvr32.exe
+ 2008-04-14 00:12:04 397,824 ------w C:\WINDOWS\ServicePackFiles\i386\regwizc.dll
+ 2008-04-14 00:12:04 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\remotepg.dll
+ 2008-04-14 00:12:04 178,176 ------w C:\WINDOWS\ServicePackFiles\i386\repdrvfs.dll
+ 2008-04-14 00:12:04 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\resutils.dll
+ 2008-04-14 00:12:33 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\rexec.exe
+ 2008-04-13 18:46:32 59,136 ------w C:\WINDOWS\ServicePackFiles\i386\rfcomm.sys
+ 2008-04-14 00:12:04 290,304 ------w C:\WINDOWS\ServicePackFiles\i386\rhttpaa.dll
+ 2008-04-14 00:12:04 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\riafres.dll
+ 2008-04-14 00:12:04 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\riafui1.dll
+ 2008-04-14 00:12:04 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\riafui2.dll
+ 2008-04-14 00:12:04 433,664 ------w C:\WINDOWS\ServicePackFiles\i386\riched20.dll
+ 2008-04-13 18:55:08 202,624 ------w C:\WINDOWS\ServicePackFiles\i386\rmcast.sys
+ 2008-04-13 18:56:49 30,592 ------w C:\WINDOWS\ServicePackFiles\i386\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ------w C:\WINDOWS\ServicePackFiles\i386\rndismpx.sys
+ 2008-04-13 18:40:14 79,104 ------w C:\WINDOWS\ServicePackFiles\i386\rocket.sys
+ 2008-04-14 00:12:04 584,704 ------w C:\WINDOWS\ServicePackFiles\i386\rpcrt4.dll
+ 2008-04-14 00:12:04 399,360 ------w C:\WINDOWS\ServicePackFiles\i386\rpcss.dll
+ 2008-04-14 00:12:04 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\rrcm.dll
+ 2008-04-13 17:37:57 208,384 ------w C:\WINDOWS\ServicePackFiles\i386\rsaenh.dll
+ 2008-04-14 00:12:33 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\rsh.exe
+ 2008-04-14 00:12:04 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\rshx32.dll
+ 2008-04-14 00:12:04 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\rsmps.dll
+ 2008-04-14 00:12:33 380,416 ------w C:\WINDOWS\ServicePackFiles\i386\rstrui.exe
+ 2008-04-14 00:12:04 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\rsvpsp.dll
+ 2008-04-14 00:12:33 77,312 ------w C:\WINDOWS\ServicePackFiles\i386\rtcshare.exe
+ 2008-04-14 00:12:04 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\rtipxmib.dll
+ 2004-08-04 05:31:34 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\rtl8139.sys
+ 2008-04-14 00:12:04 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\rtutils.dll
+ 2008-04-14 00:12:33 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\rundll32.exe
+ 2008-04-14 00:12:33 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\runonce.exe
+ 2008-04-14 00:12:04 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\rw001ext.dll
+ 2008-04-14 00:12:04 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\rw330ext.dll
+ 2008-04-14 00:12:04 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\rw430ext.dll
+ 2008-04-14 00:12:04 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\rw450ext.dll
+ 2008-04-14 00:12:04 397,056 ------w C:\WINDOWS\ServicePackFiles\i386\s3gnb.dll
+ 2004-08-04 05:29:52 166,912 ------w C:\WINDOWS\ServicePackFiles\i386\s3gnbm.sys
+ 2008-04-14 00:12:04 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\safrcdlg.dll
+ 2008-04-14 00:12:04 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\safrdm.dll
+ 2008-04-14 00:12:04 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\safrslv.dll
+ 2008-04-14 00:12:04 64,000 ------w C:\WINDOWS\ServicePackFiles\i386\samlib.dll
+ 2008-04-14 00:12:04 415,744 ------w C:\WINDOWS\ServicePackFiles\i386\samsrv.dll
+ 2008-04-14 00:12:04 741,376 ------w C:\WINDOWS\ServicePackFiles\i386\sapi.dll
+ 2008-04-14 00:12:33 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\savedump.exe
+ 2008-04-14 00:12:04 270,848 ------w C:\WINDOWS\ServicePackFiles\i386\sbe.dll
+ 2008-04-14 00:12:04 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\sbeio.dll
+ 2008-04-13 18:40:48 43,904 ------w C:\WINDOWS\ServicePackFiles\i386\sbp2port.sys
+ 2008-04-14 00:12:04 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\scarddlg.dll
+ 2008-04-14 00:12:33 95,744 ------w C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe
+ 2004-08-04 10:00:00 169,984 ------w C:\WINDOWS\ServicePackFiles\i386\sccbase.dll
+ 2008-04-14 00:12:05 171,008 ------w C:\WINDOWS\ServicePackFiles\i386\sccsccp.dll
+ 2008-04-14 00:12:05 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\scecli.dll
+ 2008-04-14 00:12:05 314,880 ------w C:\WINDOWS\ServicePackFiles\i386\scesrv.dll
+ 2008-04-14 00:12:05 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\schannel.dll
+ 2008-04-14 00:12:05 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\schedsvc.dll
+ 2008-04-14 00:12:05 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\sclgntfy.dll
+ 2008-04-14 00:12:34 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\scrcons.exe
+ 2008-04-14 00:12:05 215,552 ------w C:\WINDOWS\ServicePackFiles\i386\script.dll
+ 2008-04-14 00:12:05 199,680 ------w C:\WINDOWS\ServicePackFiles\i386\scripta.dll
+ 2008-04-14 00:12:43 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr
+ 2008-04-14 00:12:05 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\scrobj.dll
+ 2008-04-14 00:12:05 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\scrrun.dll
+ 2008-04-13 18:40:30 96,384 ------w C:\WINDOWS\ServicePackFiles\i386\scsiport.sys
+ 2008-04-13 18:45:33 11,520 ------w C:\WINDOWS\ServicePackFiles\i386\scsiscan.sys
+ 2008-04-14 00:12:34 77,312 ------w C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe
+ 2008-04-13 18:36:44 79,232 ------w C:\WINDOWS\ServicePackFiles\i386\sdbus.sys
+ 2008-04-14 00:12:05 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\sdhcinst.dll
+ 2007-11-13 10:25:53 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\secdrv.sys
+ 2008-04-14 00:12:05 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\seclogon.dll
+ 2006-12-31 14:57:08 4,569 ------w C:\WINDOWS\ServicePackFiles\i386\secupd.dat
+ 2008-04-14 00:12:05 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\secur32.dll
+ 2008-04-14 00:12:05 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\security.dll
+ 2008-04-14 00:12:05 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\sendcmsg.dll
+ 2008-04-14 00:12:05 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\sendmail.dll
+ 2008-04-14 00:12:05 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\sens.dll
+ 2008-04-14 00:12:05 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\sensapi.dll
+ 2008-04-13 18:40:12 15,744 ------w C:\WINDOWS\ServicePackFiles\i386\serenum.sys
+ 2008-04-13 19:15:45 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\serial.sys
+ 2008-04-14 00:12:05 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\servdeps.dll
+ 2008-04-14 00:12:34 108,544 ------w C:\WINDOWS\ServicePackFiles\i386\services.exe
+ 2008-04-14 00:12:34 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe
+ 2008-04-14 00:12:34 31,232 ------w C:\WINDOWS\ServicePackFiles\i386\sethc.exe
+ 2008-04-14 00:12:34 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\setup.exe
+ 2008-04-14 00:12:34 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\setup50.exe
+ 2008-04-14 12:42:06 985,088 ------w C:\WINDOWS\ServicePackFiles\i386\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\setupn.exe
+ 2008-04-14 00:12:05 101,376 ------w C:\WINDOWS\ServicePackFiles\i386\setupqry.dll
+ 2008-04-14 00:12:05 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\sfc.dll
+ 2008-04-14 00:12:05 140,288 ------w C:\WINDOWS\ServicePackFiles\i386\sfc_os.dll
+ 2008-04-14 00:12:05 1,614,848 ------w C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll
+ 2008-04-13 18:40:47 11,904 ------w C:\WINDOWS\ServicePackFiles\i386\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\sffp_mmc.sys
+ 2008-04-13 18:40:47 11,008 ------w C:\WINDOWS\ServicePackFiles\i386\sffp_sd.sys
+ 2008-04-13 18:40:48 11,392 ------w C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys
+ 2008-04-13 17:03:19 549,376 ------w C:\WINDOWS\ServicePackFiles\i386\shdoclc.dll
+ 2008-04-14 00:12:05 1,499,136 ------w C:\WINDOWS\ServicePackFiles\i386\shdocvw.dll
+ 2008-04-14 00:12:05 8,461,312 ------w C:\WINDOWS\ServicePackFiles\i386\shell32.dll
+ 2008-04-14 00:12:05 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\shfolder.dll
+ 2008-04-14 00:12:05 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\shgina.dll
+ 2008-04-14 00:12:05 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\shimeng.dll
+ 2008-04-14 00:12:05 438,272 ------w C:\WINDOWS\ServicePackFiles\i386\shimgvw.dll
+ 2008-04-14 00:12:05 474,112 ------w C:\WINDOWS\ServicePackFiles\i386\shlwapi.dll
+ 2008-04-14 00:12:35 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe
+ 2008-04-14 00:12:35 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe
+ 2008-04-14 00:12:05 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\shscrap.dll
+ 2008-04-14 00:12:05 135,168 ------w C:\WINDOWS\ServicePackFiles\i386\shsvcs.dll
+ 2008-04-14 00:12:05 20,536 ------w C:\WINDOWS\ServicePackFiles\i386\shtml.dll
+ 2008-04-14 00:12:35 16,437 ------w C:\WINDOWS\ServicePackFiles\i386\shtml.exe
+ 2008-04-14 00:12:35 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\shutdown.exe
+ 2008-04-14 00:12:05 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\sigtab.dll
+ 2008-04-14 00:12:35 70,144 ------w C:\WINDOWS\ServicePackFiles\i386\sigverif.exe
+ 2008-04-14 00:12:05 3,901 ------w C:\WINDOWS\ServicePackFiles\i386\siint5.dll
+ 2008-04-13 18:36:39 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\sisagp.sys
+ 2004-08-04 05:31:36 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\sisnic.sys
+ 2008-04-14 00:12:35 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\skeys.exe
+ 2004-08-04 05:31:42 63,547 ------w C:\WINDOWS\ServicePackFiles\i386\sla30nd5.sys
+ 2008-04-14 00:12:06 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\slayerxp.dll
+ 2004-08-04 10:00:00 306,176 ------w C:\WINDOWS\ServicePackFiles\i386\slbcsp.dll
+ 2008-04-14 00:12:06 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w C:\WINDOWS\ServicePackFiles\i386\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w C:\WINDOWS\ServicePackFiles\i386\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w C:\WINDOWS\ServicePackFiles\i386\slgen.dll
+ 2008-04-13 18:46:23 11,136 ------w C:\WINDOWS\ServicePackFiles\i386\slip.sys
+ 2004-08-04 05:41:42 129,535 ------w C:\WINDOWS\ServicePackFiles\i386\slnt7554.sys
+ 2004-08-04 05:41:44 404,990 ------w C:\WINDOWS\ServicePackFiles\i386\slntamr.sys
+ 2004-08-04 05:41:46 95,424 ------w C:\WINDOWS\ServicePackFiles\i386\slnthal.sys
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\ServicePackFiles\i386\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w C:\WINDOWS\ServicePackFiles\i386\slserv.exe
+ 2004-08-04 05:41:46 13,240 ------w C:\WINDOWS\ServicePackFiles\i386\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w C:\WINDOWS\ServicePackFiles\i386\smbali.sys
+ 2008-04-13 18:36:33 16,000 ------w C:\WINDOWS\ServicePackFiles\i386\smbbatt.sys
+ 2008-04-13 18:36:33 6,912 ------w C:\WINDOWS\ServicePackFiles\i386\smbclass.sys
+ 2008-04-14 00:12:35 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\smbinst.exe
+ 2008-04-14 00:12:35 236,544 ------w C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe
+ 2008-04-14 00:12:06 362,496 ------w C:\WINDOWS\ServicePackFiles\i386\smlogcfg.dll
+ 2008-04-14 00:12:35 89,600 ------w C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe
+ 2008-04-14 00:12:36 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\smss.exe
+ 2008-04-14 00:12:06 456,192 ------w C:\WINDOWS\ServicePackFiles\i386\smtpsvc.dll
+ 2008-04-14 00:12:36 131,584 ------w C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe
+ 2008-04-14 00:12:06 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\sniffpol.dll
+ 2008-04-14 00:12:36 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\snmp.exe
+ 2008-04-14 00:12:06 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\snmpapi.dll
+ 2008-04-14 00:12:06 259,072 ------w C:\WINDOWS\ServicePackFiles\i386\snmpcl.dll
+ 2008-04-14 00:12:06 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\snmpincl.dll
+ 2008-04-14 00:12:06 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\snmpmib.dll
+ 2008-04-14 00:12:06 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\snmpsmir.dll
+ 2008-04-14 00:12:06 182,272 ------w C:\WINDOWS\ServicePackFiles\i386\snmpsnap.dll
+ 2008-04-14 00:12:06 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\snmpthrd.dll
+ 2008-04-14 00:12:36 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe
+ 2008-04-14 00:12:06 130,048 ------w C:\WINDOWS\ServicePackFiles\i386\softkbd.dll
+ 2008-04-13 18:40:52 7,552 ------w C:\WINDOWS\ServicePackFiles\i386\sonyait.sys
+ 2008-04-13 18:46:07 25,344 ------w C:\WINDOWS\ServicePackFiles\i386\sonydcam.sys
+ 2008-04-14 00:12:36 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\sort.exe
+ 2008-04-14 00:12:36 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe
+ 2008-04-13 16:43:18 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\spgrmr.dll
+ 2008-04-14 00:12:36 538,624 ------w C:\WINDOWS\ServicePackFiles\i386\spider.exe
+ 2008-04-13 18:45:07 6,272 ------w C:\WINDOWS\ServicePackFiles\i386\splitter.sys
+ 2008-04-14 12:42:38 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe
+ 2008-04-14 00:12:06 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\spoolss.dll
+ 2008-04-14 00:12:36 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
+ 2008-04-13 18:35:28 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\spra041b.dll
+ 2008-04-13 18:35:28 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\spra0424.dll
+ 2008-04-13 18:38:37 757,248 ------w C:\WINDOWS\ServicePackFiles\i386\sprb041b.dll
+ 2008-04-13 18:38:36 732,160 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0424.dll
+ 2008-04-13 18:40:04 577,536 ------w C:\WINDOWS\ServicePackFiles\i386\sprc041b.dll
+ 2008-04-13 18:40:05 576,512 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0424.dll
+ 2008-04-14 00:12:06 250,368 ------w C:\WINDOWS\ServicePackFiles\i386\sptip.dll
+ 2008-04-14 00:12:36 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe
+ 2008-04-14 00:12:06 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\sqldb20.dll
+ 2008-04-14 00:12:06 528,384 ------w C:\WINDOWS\ServicePackFiles\i386\sqloledb.dll
+ 2008-04-14 00:12:06 462,848 ------w C:\WINDOWS\ServicePackFiles\i386\sqlqp20.dll
+ 2008-04-14 00:12:06 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\sqlse20.dll
+ 2008-04-14 00:12:06 442,368 ------w C:\WINDOWS\ServicePackFiles\i386\sqlsrv32.dll
+ 2008-04-14 00:12:06 180,800 ------w C:\WINDOWS\ServicePackFiles\i386\sqlunirl.dll
+ 2008-04-14 00:12:06 217,088 ------w C:\WINDOWS\ServicePackFiles\i386\sqlxmlx.dll
+ 2008-04-13 18:36:52 73,472 ------w C:\WINDOWS\ServicePackFiles\i386\sr.sys
+ 2008-04-14 00:12:06 58,434 ------w C:\WINDOWS\ServicePackFiles\i386\srchctls.dll
+ 2008-04-14 00:12:07 726,078 ------w C:\WINDOWS\ServicePackFiles\i386\srchui.dll
+ 2008-04-14 00:12:07 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\srclient.dll
+ 2008-04-14 00:12:07 239,104 ------w C:\WINDOWS\ServicePackFiles\i386\srrstr.dll
+ 2008-04-14 00:12:07 171,008 ------w C:\WINDOWS\ServicePackFiles\i386\srsvc.dll
+ 2008-04-13 19:15:11 334,848 ------w C:\WINDOWS\ServicePackFiles\i386\srv.sys
+ 2008-04-14 00:12:07 96,768 ------w C:\WINDOWS\ServicePackFiles\i386\srvsvc.dll
+ 2008-04-14 00:12:43 704,512 ------w C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr
+ 2008-04-14 00:12:43 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr
+ 2008-04-14 00:12:07 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\ssdpapi.dll
+ 2008-04-14 00:12:07 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\ssdpsrv.dll
+ 2008-04-14 00:12:43 393,216 ------w C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr
+ 2008-04-14 00:12:44 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr
+ 2008-04-14 00:12:44 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr
+ 2008-04-14 00:12:44 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr
+ 2008-04-14 00:12:44 610,304 ------w C:\WINDOWS\ServicePackFiles\i386\sspipes.scr
+ 2008-04-14 00:12:44 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\ssstars.scr
+ 2008-04-14 00:12:44 679,936 ------w C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr
+ 2008-04-14 00:12:07 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\sstub.dll
+ 2008-04-14 00:12:07 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\startoc.dll
+ 2008-04-14 00:12:07 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\stclient.dll
+ 2008-04-14 00:12:07 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\stdprov.dll
+ 2008-04-14 00:12:07 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\sti.dll
+ 2008-04-14 00:12:07 136,704 ------w C:\WINDOWS\ServicePackFiles\i386\sti_ci.dll
+ 2008-04-14 00:12:36 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\stimon.exe
+ 2008-04-14 00:12:07 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\stobject.dll
+ 2008-04-14 00:12:07 74,752 ------w C:\WINDOWS\ServicePackFiles\i386\storprop.dll
+ 2008-04-13 18:45:15 49,408 ------w C:\WINDOWS\ServicePackFiles\i386\stream.sys
+ 2008-04-13 18:46:21 15,232 ------w C:\WINDOWS\ServicePackFiles\i386\streamip.sys
+ 2008-04-14 00:12:07 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\strmfilt.dll
+ 2008-04-14 00:12:36 16,449 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe
+ 2008-04-14 00:12:36 65,601 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe
+ 2008-04-14 00:12:36 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\svchost.exe
+ 2008-04-13 18:39:53 4,352 ------w C:\WINDOWS\ServicePackFiles\i386\swenum.sys
+ 2008-04-13 18:45:09 56,576 ------w C:\WINDOWS\ServicePackFiles\i386\swmidi.sys
+ 2008-04-14 00:12:07 713,216 ------w C:\WINDOWS\ServicePackFiles\i386\sxs.dll
+ 2008-04-14 00:12:07 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\synceng.dll
+ 2008-04-14 00:12:07 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\syncui.dll
+ 2008-04-13 19:15:55 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\sysaudio.sys
+ 2008-04-14 00:12:07 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w C:\WINDOWS\ServicePackFiles\i386\sysmoda.dll
+ 2008-04-14 00:12:37 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe
+ 2008-04-14 00:12:07 990,208 ------w C:\WINDOWS\ServicePackFiles\i386\syssetup.dll
+ 2008-04-14 00:12:07 117,760 ------w C:\WINDOWS\ServicePackFiles\i386\t2embed.dll
+ 2008-04-13 18:40:50 14,976 ------w C:\WINDOWS\ServicePackFiles\i386\tape.sys
+ 2008-04-14 00:12:07 858,624 ------w C:\WINDOWS\ServicePackFiles\i386\tapi3.dll
+ 2008-04-14 00:12:07 181,760 ------w C:\WINDOWS\ServicePackFiles\i386\tapi32.dll
+ 2008-04-14 00:12:07 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\tapisrv.dll
+ 2008-04-14 00:12:37 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe
+ 2008-04-13 19:20:16 361,344 ------w C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
+ 2008-04-13 19:00:02 225,664 ------w C:\WINDOWS\ServicePackFiles\i386\tcpip6.sys
+ 2008-04-14 00:12:07 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmib.dll
+ 2008-04-14 00:12:07 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmonui.dll
+ 2008-04-14 00:12:37 32,827 ------w C:\WINDOWS\ServicePackFiles\i386\tcptest.exe
+ 2007-04-02 16:36:07 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\tcptsat.dll
+ 2008-04-13 19:00:05 19,072 ------w C:\WINDOWS\ServicePackFiles\i386\tdi.sys
+ 2008-04-14 00:13:20 12,040 ------w C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys
+ 2008-04-14 00:13:21 21,896 ------w C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys
+ 2008-04-14 00:12:37 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\telnet.exe
+ 2008-04-14 00:13:20 40,840 ------w C:\WINDOWS\ServicePackFiles\i386\termdd.sys
+ 2008-04-14 00:12:07 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\termmgr.dll
+ 2008-04-14 00:12:07 295,424 ------w C:\WINDOWS\ServicePackFiles\i386\termsrv.dll
+ 2008-04-13 18:40:50 149,376 ------w C:\WINDOWS\ServicePackFiles\i386\tffsport.sys
+ 2008-04-14 00:12:07 385,536 ------w C:\WINDOWS\ServicePackFiles\i386\themeui.dll
+ 2008-04-14 00:12:38 347,136 ------w C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe
+ 2008-04-14 00:12:38 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe
+ 2008-04-14 00:12:38 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\tracert.exe
+ 2008-04-14 00:12:42 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\tree.com
+ 2008-04-14 00:12:07 153,088 ------w C:\WINDOWS\ServicePackFiles\i386\triedit.dll
+ 2008-04-14 00:12:07 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\trkwks.dll
+ 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\ServicePackFiles\i386\tscdsbl.bat
+ 2008-04-14 00:12:07 93,696 ------w C:\WINDOWS\ServicePackFiles\i386\tscfgwmi.dll
+ 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\ServicePackFiles\i386\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\ServicePackFiles\i386\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\tscupdc.dll
+ 2008-04-14 00:13:21 12,168 ------w C:\WINDOWS\ServicePackFiles\i386\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\tsgqec.dll
+ 2008-04-14 00:12:07 279,040 ------w C:\WINDOWS\ServicePackFiles\i386\tshoot.dll
+ 2008-04-14 00:12:07 130,048 ------w C:\WINDOWS\ServicePackFiles\i386\tsoc.dll
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\tspkg.dll
+ 2008-04-14 00:12:07 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\tty.dll
+ 2007-04-02 15:31:00 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\ttyres.dll
+ 2008-04-14 00:12:07 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ttyui.dll
+ 2008-04-13 18:56:01 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\tunmp.sys
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\twain_32.dll
+ 2008-04-14 00:12:07 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\twext.dll
+ 2008-04-14 00:12:07 101,376 ------w C:\WINDOWS\ServicePackFiles\i386\txflog.dll
+ 2008-04-14 00:12:38 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\tzchange.exe
+ 2008-04-13 18:36:40 44,672 ------w C:\WINDOWS\ServicePackFiles\i386\uagp35.sys
+ 2008-04-13 18:32:36 66,048 ------w C:\WINDOWS\ServicePackFiles\i386\udfs.sys
+ 2008-04-14 00:12:07 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\udhisapi.dll
+ 2008-04-14 00:12:07 275,456 ------w C:\WINDOWS\ServicePackFiles\i386\ulib.dll
+ 2008-04-14 00:12:07 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\umandlg.dll
+ 2008-04-14 00:12:07 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\umpnpmgr.dll
+ 2008-04-14 00:12:07 373,248 ------w C:\WINDOWS\ServicePackFiles\i386\unidrv.dll
+ 2008-04-14 00:12:07 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\unidrvui.dll
+ 2008-04-14 00:12:07 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\unimdmat.dll
+ 2008-04-14 00:12:07 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\uniplat.dll
+ 2007-05-15 08:08:53 761,344 ------w C:\WINDOWS\ServicePackFiles\i386\unires.dll
+ 2008-04-14 00:12:07 316,416 ------w C:\WINDOWS\ServicePackFiles\i386\untfs.dll
+ 2008-04-13 18:39:46 384,768 ------w C:\WINDOWS\ServicePackFiles\i386\update.sys
+ 2008-04-14 00:12:38 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\uploadm.exe
+ 2008-04-14 00:12:08 133,632 ------w C:\WINDOWS\ServicePackFiles\i386\upnp.dll
+ 2008-04-14 00:12:38 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe
+ 2008-04-14 00:12:08 185,856 ------w C:\WINDOWS\ServicePackFiles\i386\upnphost.dll
+ 2008-04-14 00:12:08 239,616 ------w C:\WINDOWS\ServicePackFiles\i386\upnpui.dll
+ 2008-04-14 00:12:38 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\ups.exe
+ 2008-04-14 00:12:08 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\url.dll
+ 2008-04-14 00:12:08 619,520 ------w C:\WINDOWS\ServicePackFiles\i386\urlmon.dll
+ 2004-08-04 05:31:26 32,384 ------w C:\WINDOWS\ServicePackFiles\i386\usb101et.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023x.sys
+ 2008-04-13 18:45:12 60,032 ------w C:\WINDOWS\ServicePackFiles\i386\usbaudio.sys
+ 2008-04-13 18:45:40 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd.sys
+ 2008-04-13 18:45:41 25,728 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd2.sys
+ 2008-04-13 18:45:39 32,128 ------w C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys
+ 2008-04-13 18:45:35 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\usbehci.sys
+ 2008-04-13 18:45:37 59,520 ------w C:\WINDOWS\ServicePackFiles\i386\usbhub.sys
+ 2008-04-13 18:45:43 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbintel.sys
+ 2008-04-14 00:12:08 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\usbmon.dll
+ 2008-04-13 18:45:35 17,152 ------w C:\WINDOWS\ServicePackFiles\i386\usbohci.sys
+ 2008-04-13 18:45:36 143,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbport.sys
+ 2008-04-13 18:47:37 25,856 ------w C:\WINDOWS\ServicePackFiles\i386\usbprint.sys
+ 2008-04-13 18:45:34 15,104 ------w C:\WINDOWS\ServicePackFiles\i386\usbscan.sys
+ 2008-04-13 18:45:36 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\usbser.sys
+ 2008-04-13 18:45:38 26,368 ------w C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
+ 2008-04-13 18:45:35 20,608 ------w C:\WINDOWS\ServicePackFiles\i386\usbuhci.sys
+ 2008-04-14 00:12:08 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\usbui.dll
+ 2008-04-13 18:46:20 121,984 ------w C:\WINDOWS\ServicePackFiles\i386\usbvideo.sys
+ 2008-04-14 00:12:08 578,560 ------w C:\WINDOWS\ServicePackFiles\i386\user32.dll
+ 2008-04-14 00:12:08 727,040 ------w C:\WINDOWS\ServicePackFiles\i386\userenv.dll
+ 2008-04-14 00:12:38 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\userinit.exe
+ 2008-04-14 00:12:08 406,016 ------w C:\WINDOWS\ServicePackFiles\i386\usp10.dll
+ 2008-04-14 00:12:38 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 00:12:08 218,624 ------w C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll
+ 2008-04-14 00:12:08 30,749 ------w C:\WINDOWS\ServicePackFiles\i386\vbajet32.dll
+ 2008-04-14 00:12:08 434,176 ------w C:\WINDOWS\ServicePackFiles\i386\vbscript.dll
+ 2008-04-14 00:12:08 11,325 ------w C:\WINDOWS\ServicePackFiles\i386\vchnt5.dll
+ 2008-04-14 00:12:08 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\vdmdbg.dll
+ 2008-04-14 00:12:08 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:38 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\verclsid.exe
+ 2008-04-14 00:12:08 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\verifier.dll
+ 2008-04-14 00:12:08 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\version.dll
+ 2008-04-14 00:12:08 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\vfwwdm32.dll
+ 2008-04-13 18:44:40 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\vga.sys
+ 2008-04-14 00:12:08 851,968 ------w C:\WINDOWS\ServicePackFiles\i386\vgx.dll
+ 2008-04-13 18:36:40 42,240 ------w C:\WINDOWS\ServicePackFiles\i386\viaagp.sys
+ 2008-04-13 18:40:31 5,376 ------w C:\WINDOWS\ServicePackFiles\i386\viaide.sys
+ 2008-04-13 18:44:40 81,664 ------w C:\WINDOWS\ServicePackFiles\i386\videoprt.sys
+ 2008-04-14 00:12:08 131,584 ------w C:\WINDOWS\ServicePackFiles\i386\viewprov.dll
+ 2008-04-13 18:41:01 52,352 ------w C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
+ 2008-04-14 00:12:08 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\vssapi.dll
+ 2008-04-14 00:12:38 289,792 ------w C:\WINDOWS\ServicePackFiles\i386\vssvc.exe
+ 2008-04-14 00:12:08 175,104 ------w C:\WINDOWS\ServicePackFiles\i386\w32time.dll
+ 2008-04-14 00:12:08 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\w3ssl.dll
+ 2008-04-14 00:12:08 483,840 ------w C:\WINDOWS\ServicePackFiles\i386\w95upgnt.dll
+ 2008-04-14 00:12:38 46,080 ------w C:\WINDOWS\ServicePackFiles\i386\wab.exe
+ 2008-04-14 00:12:08 510,976 ------w C:\WINDOWS\ServicePackFiles\i386\wab32.dll
+ 2008-04-13 16:21:48 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\wab32res.dll
+ 2008-04-14 00:12:08 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\wabfind.dll
+ 2008-04-14 00:12:08 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\wabimp.dll
+ 2008-04-14 00:12:39 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\wabmig.exe
+ 2008-04-13 18:43:55 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\wacompen.sys
+ 2004-08-04 05:29:38 12,415 ------w C:\WINDOWS\ServicePackFiles\i386\wadv01nt.sys
+ 2004-08-04 05:29:38 12,127 ------w C:\WINDOWS\ServicePackFiles\i386\wadv02nt.sys
+ 2004-08-04 05:29:38 11,775 ------w C:\WINDOWS\ServicePackFiles\i386\wadv05nt.sys
+ 2004-08-04 05:29:40 11,807 ------w C:\WINDOWS\ServicePackFiles\i386\wadv07nt.sys
+ 2004-08-04 05:29:40 11,295 ------w C:\WINDOWS\ServicePackFiles\i386\wadv08nt.sys
+ 2004-08-04 05:29:42 11,871 ------w C:\WINDOWS\ServicePackFiles\i386\wadv09nt.sys
+ 2004-08-04 05:29:42 11,935 ------w C:\WINDOWS\ServicePackFiles\i386\wadv11nt.sys
+ 2008-04-13 18:57:21 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\wanarp.sys
+ 2008-04-13 18:44:59 17,664 ------w C:\WINDOWS\ServicePackFiles\i386\watchdog.sys
+ 2004-08-04 05:29:42 29,311 ------w C:\WINDOWS\ServicePackFiles\i386\watv01nt.sys
+ 2004-08-04 05:29:44 19,551 ------w C:\WINDOWS\ServicePackFiles\i386\watv02nt.sys
+ 2004-08-04 05:29:44 33,599 ------w C:\WINDOWS\ServicePackFiles\i386\watv04nt.sys
+ 2004-08-04 05:29:46 22,271 ------w C:\WINDOWS\ServicePackFiles\i386\watv06nt.sys
+ 2004-08-04 05:29:46 25,471 ------w C:\WINDOWS\ServicePackFiles\i386\watv10nt.sys
+ 2008-04-14 00:12:08 215,552 ------w C:\WINDOWS\ServicePackFiles\i386\wavemsp.dll
+ 2008-04-14 00:12:08 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcntl.dll
+ 2008-04-14 00:12:08 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcomn.dll
+ 2008-04-14 00:12:08 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcons.dll
+ 2008-04-14 00:12:08 531,456 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcore.dll
+ 2008-04-14 00:12:08 178,176 ------w C:\WINDOWS\ServicePackFiles\i386\wbemdisp.dll
+ 2008-04-14 00:12:08 273,920 ------w C:\WINDOWS\ServicePackFiles\i386\wbemess.dll
+ 2008-04-14 00:12:08 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\wbemperf.dll
+ 2008-04-14 00:12:08 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\wbemprox.dll
+ 2008-04-14 00:12:08 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\wbemsvc.dll
+ 2008-04-14 00:12:39 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe
+ 2008-04-14 00:12:08 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\wbemupgd.dll
+ 2008-04-13 18:45:38 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\wceusbsh.sys
+ 2004-08-04 05:29:46 23,615 ------w C:\WINDOWS\ServicePackFiles\i386\wch7xxnt.sys
+ 2008-04-14 00:12:08 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\wdigest.dll
+ 2008-04-14 00:12:45 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.drv
+ 2008-04-13 19:17:18 83,072 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.sys
+ 2008-04-14 00:12:08 276,480 ------w C:\WINDOWS\ServicePackFiles\i386\webcheck.dll
+ 2008-04-14 00:12:08 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\webclnt.dll
+ 2008-04-14 00:12:08 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\webvw.dll
+ 2008-04-14 00:12:39 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 00:12:39 433,664 ------w C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe
+ 2008-04-14 00:12:08 463,360 ------w C:\WINDOWS\ServicePackFiles\i386\wiadefui.dll
+ 2008-04-14 00:12:08 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\wiadss.dll
+ 2008-04-14 00:12:08 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\wiascr.dll
+ 2008-04-14 00:12:08 333,824 ------w C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll
+ 2008-04-14 00:12:08 589,312 ------w C:\WINDOWS\ServicePackFiles\i386\wiashext.dll
+ 2008-04-14 00:12:08 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 712,704 ------w C:\WINDOWS\ServicePackFiles\i386\wic.dll
+ 2008-04-14 00:12:08 346,112 ------w C:\WINDOWS\ServicePackFiles\i386\wicext.dll
+ 2008-04-13 19:30:10 1,845,632 ------w C:\WINDOWS\ServicePackFiles\i386\win32k.sys
+ 2008-04-14 00:12:08 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\win32spl.dll
+ 2008-04-13 16:48:53 1,647,616 ------w C:\WINDOWS\ServicePackFiles\i386\winbrand.dll
+ 2008-04-14 00:12:39 283,648 ------w C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe
+ 2008-04-14 00:12:08 354,304 ------w C:\WINDOWS\ServicePackFiles\i386\winhttp.dll
+ 2008-04-14 00:12:08 666,112 ------w C:\WINDOWS\ServicePackFiles\i386\wininet.dll
+ 2008-04-14 00:12:09 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\winipsec.dll
+ 2008-04-14 00:12:39 507,904 ------w C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
+ 2008-04-14 00:12:09 176,128 ------w C:\WINDOWS\ServicePackFiles\i386\winmm.dll
+ 2004-08-04 10:00:00 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\winnls.dll
+ 2008-04-14 00:11:11 756,224 ------w C:\WINDOWS\ServicePackFiles\i386\winntbbu.dll
+ 2008-04-14 00:12:09 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
+ 2008-04-14 00:12:09 99,328 ------w C:\WINDOWS\ServicePackFiles\i386\winscard.dll
+ 2008-04-14 00:12:09 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\winshfhc.dll
+ 2008-04-14 00:12:45 146,432 ------w C:\WINDOWS\ServicePackFiles\i386\winspool.drv
+ 2008-04-14 00:12:09 293,376 ------w C:\WINDOWS\ServicePackFiles\i386\winsrv.dll
+ 2008-04-14 00:12:09 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\winsta.dll
+ 2008-04-14 00:12:09 176,640 ------w C:\WINDOWS\ServicePackFiles\i386\wintrust.dll
+ 2008-04-14 00:12:40 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\winver.exe
+ 2008-04-14 00:12:09 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\wlanapi.dll
+ 2008-04-14 00:12:09 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\wldap32.dll
+ 2004-08-04 05:31:28 154,624 ------w C:\WINDOWS\ServicePackFiles\i386\wlluc48.sys
+ 2008-04-14 00:12:09 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\wlnotify.dll
+ 2008-04-14 00:11:15 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmi.dll
+ 2008-04-13 18:36:38 8,832 ------w C:\WINDOWS\ServicePackFiles\i386\wmiacpi.sys
+ 2008-04-14 00:12:40 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe
+ 2008-04-13 17:10:20 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapres.dll
+ 2008-04-14 00:12:09 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\wmiaprpl.dll
+ 2008-04-14 00:12:40 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe
+ 2008-04-14 00:12:09 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\wmicookr.dll
+ 2008-04-14 00:12:09 140,800 ------w C:\WINDOWS\ServicePackFiles\i386\wmidcprv.dll
+ 2008-04-14 00:12:09 156,672 ------w C:\WINDOWS\ServicePackFiles\i386\wmipcima.dll
+ 2008-04-14 00:12:09 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmipdskq.dll
+ 2008-04-14 00:12:09 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\wmipiprt.dll
+ 2008-04-14 00:12:09 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmipjobj.dll
+ 2008-04-14 00:12:09 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprov.dll
+ 2008-04-14 00:12:09 437,248 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvsd.dll
+ 2008-04-14 00:12:40 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe
+ 2008-04-14 00:12:09 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\wmipsess.dll
+ 2008-04-14 00:12:09 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmisvc.dll
+ 2008-04-14 00:12:09 95,232 ------w C:\WINDOWS\ServicePackFiles\i386\wmiutils.dll
+ 2008-04-14 00:12:09 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ae.dll
+ 2008-04-14 00:12:09 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2eres.dll
+ 2008-04-14 00:12:09 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ext.dll
+ 2008-04-14 00:12:09 402,432 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2filt.dll
+ 2008-04-14 00:12:09 502,272 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxa.dll
+ 2008-04-14 00:12:09 325,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxb.dll
+ 2008-04-14 00:12:09 4,256,768 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res.dll
+ 2008-04-14 00:12:09 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 276,992 ------w C:\WINDOWS\ServicePackFiles\i386\wmphoto.dll
+ 2008-04-14 00:12:40 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wordpad.exe
+ 2008-04-14 00:12:10 264,192 ------w C:\WINDOWS\ServicePackFiles\i386\wow32.dll
+ 2008-04-14 00:12:40 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 00:12:41 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe
+ 2008-04-14 00:12:10 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
+ 2008-04-14 00:12:10 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ws2help.dll
+ 2008-04-14 00:12:41 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe
+ 2008-04-14 00:12:41 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\wscript.exe
+ 2008-04-14 00:12:10 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\wscsvc.dll
+ 2008-04-14 00:12:10 108,032 ------w C:\WINDOWS\ServicePackFiles\i386\wshbth.dll
+ 2008-04-14 00:12:10 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\wshcon.dll
+ 2008-04-14 00:12:10 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\wshext.dll
+ 2008-04-14 00:12:10 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\wship6.dll
+ 2008-04-14 00:12:10 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\wshirda.dll
+ 2008-04-14 00:12:10 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\wshrm.dll
+ 2008-04-14 00:12:10 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\wshtcpip.dll
+ 2004-08-04 05:29:48 12,063 ------w C:\WINDOWS\ServicePackFiles\i386\wsiintxx.sys
+ 2008-04-14 00:12:10 41,984 ------w C:\WINDOWS\ServicePackFiles\i386\wsnmp32.dll
+ 2008-04-14 00:12:10 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\wsock32.dll
+ 2008-04-13 18:46:24 19,200 ------w C:\WINDOWS\ServicePackFiles\i386\wstcodec.sys
+ 2008-04-14 00:12:10 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\wstdecod.dll
+ 2008-04-14 00:12:10 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\wtsapi32.dll
+ 2008-04-14 00:12:10 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\wuapi.dll
+ 2008-04-14 00:12:41 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe
+ 2008-04-14 00:12:41 165,888 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe
+ 2008-04-14 00:12:11 1,135,616 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng.dll
+ 2008-04-14 00:12:11 183,296 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng1.dll
+ 2008-04-14 00:12:11 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wuauserv.dll
+ 2008-04-14 00:12:11 112,640 ------w C:\WINDOWS\ServicePackFiles\i386\wucltui.dll
+ 2008-04-14 00:12:11 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wups.dll
+ 2008-04-14 00:12:11 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\wuweb.dll
+ 2004-08-04 05:29:50 19,455 ------w C:\WINDOWS\ServicePackFiles\i386\wvchntxx.sys
+ 2008-04-14 00:12:11 383,488 ------w C:\WINDOWS\ServicePackFiles\i386\wzcdlg.dll
+ 2008-04-14 00:12:11 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsapi.dll
+ 2008-04-14 00:12:11 483,840 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsvc.dll
+ 2008-04-14 00:12:11 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\xactsrv.dll
+ 2008-04-14 00:12:41 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\xcopy.exe
+ 2004-08-04 10:00:00 174,200 ------w C:\WINDOWS\ServicePackFiles\i386\xenroll.dll
+ 2008-04-14 00:12:11 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\xmllite.dll
+ 2008-04-14 00:12:11 129,024 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll
+ 2008-04-14 00:12:11 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprovi.dll
+ 2008-04-14 00:12:11 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe
+ 2008-04-13 17:39:29 438,784 ------w C:\WINDOWS\ServicePackFiles\i386\xpob2res.dll
+ 2008-04-13 17:39:22 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp1res.dll
+ 2008-04-13 17:39:24 2,897,920 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:26 689,152 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp3res.dll
+ 2008-04-14 00:12:11 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\xrxscnui.dll
+ 2008-04-14 00:12:11 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\xrxwiadr.dll
+ 2008-04-14 00:12:11 338,432 ------w C:\WINDOWS\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:11:51 33,792 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\custsat.dll
+ 2008-04-14 00:11:59 82,944 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msgslang.dll
+ 2008-04-14 00:12:28 1,695,232 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\slrundll.exe
- 2004-08-04 10:00:00 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
+ 2008-04-14 00:11:59 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
- 2004-08-04 10:00:00 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
+ 2008-04-14 00:12:06 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
- 2004-08-04 10:00:00 725,566 ----a-w C:\WINDOWS\srchasst\srchui.dll
+ 2008-04-14 00:12:07 726,078 ----a-w C:\WINDOWS\srchasst\srchui.dll
- 2004-08-04 10:00:00 146,432 ----a-w C:\WINDOWS\system\WINSPOOL.DRV
+ 2008-04-14 00:12:45 146,432 ----a-w C:\WINDOWS\system\winspool.drv
- 2006-08-16 11:58:05 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2008-04-14 00:11:48 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w C:\WINDOWS\system32\aaclient.dll
- 2004-08-04 10:00:00 183,808 ----a-w C:\WINDOWS\system32\accwiz.exe
+ 2008-04-14 00:12:11 184,320 ----a-w C:\WINDOWS\system32\accwiz.exe
- 2004-08-04 10:00:00 114,688 ----a-w C:\WINDOWS\system32\aclui.dll
+ 2008-04-14 00:11:48 115,712 ----a-w C:\WINDOWS\system32\aclui.dll
- 2004-08-04 10:00:00 194,048 ----a-w C:\WINDOWS\system32\activeds.dll
+ 2008-04-14 00:11:48 193,536 ----a-w C:\WINDOWS\system32\activeds.dll
- 2004-08-04 10:00:00 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
+ 2008-04-14 00:12:12 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
- 2004-08-04 10:00:00 101,888 ----a-w C:\WINDOWS\system32\actxprxy.dll
+ 2008-04-14 00:11:48 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
- 2004-08-04 10:00:00 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
+ 2008-04-14 00:11:48 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
- 2004-08-04 10:00:00 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
+ 2008-04-14 00:11:48 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
- 2004-08-04 10:00:00 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
+ 2008-04-14 00:11:48 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
- 2004-08-04 10:00:00 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
+ 2008-04-14 00:11:48 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
- 2004-08-04 10:00:00 616,960 ----a-w C:\WINDOWS\system32\advapi32.dll
+ 2008-04-14 00:11:48 617,472 ----a-w C:\WINDOWS\system32\advapi32.dll
- 2004-08-04 10:00:00 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
+ 2008-04-14 00:12:12 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
- 2004-08-04 10:00:00 44,544 ----a-w C:\WINDOWS\system32\alg.exe
+ 2008-04-14 00:12:12 44,544 ----a-w C:\WINDOWS\system32\alg.exe
- 2004-08-04 10:00:00 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
+ 2008-04-14 00:11:49 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
- 2004-08-04 10:00:00 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
+ 2008-04-14 00:11:49 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
- 2004-08-04 10:00:00 126,976 ----a-w C:\WINDOWS\system32\apphelp.dll
+ 2008-04-14 00:11:49 125,952 ----a-w C:\WINDOWS\system32\apphelp.dll
- 2004-08-04 10:00:00 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
+ 2008-04-14 00:11:49 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
- 2004-08-04 10:00:00 25,088 ----a-w C:\WINDOWS\system32\at.exe
+ 2008-04-14 00:12:12 25,088 ----a-w C:\WINDOWS\system32\at.exe
+ 2008-04-14 00:11:49 377,984 ------w C:\WINDOWS\system32\ati2dvaa.dll
+ 2008-04-14 00:11:49 870,784 ------w C:\WINDOWS\system32\ati3d1ag.dll
+ 2008-04-14 00:11:50 32,768 ------w C:\WINDOWS\system32\ativtmxx.dll
- 2004-08-04 10:00:00 58,880 ----a-w C:\WINDOWS\system32\atl.dll
+ 2008-04-14 00:11:50 58,880 ----a-w C:\WINDOWS\system32\atl.dll
- 2004-08-04 10:00:00 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
+ 2008-04-14 00:12:12 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
- 2004-08-04 10:00:00 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
+ 2008-04-14 00:09:01 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
- 2004-08-04 10:00:00 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
+ 2008-04-14 00:11:50 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
- 2004-08-04 10:00:00 11,264 ----a-w C:\WINDOWS\system32\attrib.exe
+ 2008-04-14 00:12:12 12,288 ----a-w C:\WINDOWS\system32\attrib.exe
- 2004-08-04 10:00:00 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
+ 2008-04-14 00:11:50 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe
+ 2008-04-14 00:12:12 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe
- 2005-03-02 18:09:29 56,832 ----a-w C:\WINDOWS\system32\authz.dll
+ 2008-04-14 00:11:50 62,464 ----a-w C:\WINDOWS\system32\authz.dll
- 2004-08-04 10:00:00 588,800 ----a-w C:\WINDOWS\system32\autochk.exe
+ 2008-04-14 00:12:12 588,800 ----a-w C:\WINDOWS\system32\autochk.exe
- 2004-08-04 10:00:00 602,624 ----a-w C:\WINDOWS\system32\autoconv.exe
+ 2008-04-14 00:12:12 602,624 ----a-w C:\WINDOWS\system32\autoconv.exe
- 2004-08-04 10:00:00 580,608 ----a-w C:\WINDOWS\system32\autofmt.exe
+ 2008-04-14 00:12:13 580,608 ----a-w C:\WINDOWS\system32\autofmt.exe
- 2004-08-04 10:00:00 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
+ 2008-04-14 00:12:13 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
- 2004-08-04 10:00:00 84,992 ----a-w C:\WINDOWS\system32\avifil32.dll
+ 2008-04-14 00:11:50 84,992 ----a-w C:\WINDOWS\system32\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w C:\WINDOWS\system32\azroles.dll
- 2004-08-04 10:00:00 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
+ 2008-04-14 00:11:50 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
- 2004-08-04 10:00:00 28,672 ----a-w C:\WINDOWS\system32\batmeter.dll
+ 2008-04-14 00:11:50 29,184 ----a-w C:\WINDOWS\system32\batmeter.dll
- 2004-08-04 10:00:00 8,704 ----a-w C:\WINDOWS\system32\batt.dll
+ 2008-04-14 00:11:50 8,704 ----a-w C:\WINDOWS\system32\batt.dll
- 2004-08-04 10:00:00 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
+ 2008-04-14 00:11:50 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
+ 2008-04-14 00:12:03 409,088 ------w C:\WINDOWS\system32\bits\qmgr.dll
- 2004-08-04 10:00:00 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll
+ 2008-04-14 00:11:50 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll
- 2004-08-04 10:00:00 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w C:\WINDOWS\system32\bitsprx4.dll
- 2004-08-04 10:00:00 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe
+ 2008-04-14 00:12:13 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe
- 2004-08-04 10:00:00 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
+ 2008-04-13 17:03:24 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
- 2004-08-04 10:00:00 77,312 ----a-w C:\WINDOWS\system32\browser.dll
+ 2008-04-14 00:11:50 77,824 ----a-w C:\WINDOWS\system32\browser.dll
- 2008-02-16 09:32:03 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-04-14 00:11:50 1,025,024 ----a-w C:\WINDOWS\system32\browseui.dll
- 2004-08-04 10:00:00 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
+ 2008-04-14 00:11:50 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\system32\bthci.dll
+ 2008-04-14 00:11:50 20,992 ----a-w C:\WINDOWS\system32\bthci.dll
- 2004-08-04 10:00:00 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll
+ 2008-04-14 00:11:50 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll
- 2004-08-04 10:00:00 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll
+ 2008-04-14 00:11:50 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll
- 2004-08-04 10:00:00 59,904 ----a-w C:\WINDOWS\system32\cabinet.dll
+ 2008-04-14 00:11:50 60,416 ----a-w C:\WINDOWS\system32\cabinet.dll
- 2004-08-04 10:00:00 84,480 ----a-w C:\WINDOWS\system32\cabview.dll
+ 2008-04-14 00:11:50 84,480 ----a-w C:\WINDOWS\system32\cabview.dll
- 2004-08-04 10:00:00 18,432 ----a-w C:\WINDOWS\system32\cacls.exe
+ 2008-04-14 00:12:13 19,968 ----a-w C:\WINDOWS\system32\cacls.exe
- 2004-08-04 10:00:00 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
+ 2008-04-14 00:11:50 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
- 2004-08-04 10:00:00 142,848 ----a-w C:\WINDOWS\system32\capesnpn.dll
+ 2008-04-14 00:11:50 150,016 ----a-w C:\WINDOWS\system32\capesnpn.dll
- 2005-07-26 04:39:42 225,792 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2008-04-14 00:11:50 226,304 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2004-08-04 10:00:00 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
+ 2008-04-14 00:11:50 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
- 2005-07-26 04:39:43 625,152 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2008-04-14 00:11:50 625,664 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2008-02-16 09:32:03 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-04-14 00:11:50 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2005-09-10 01:53:41 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
+ 2008-04-14 00:11:50 2,091,520 ----a-w C:\WINDOWS\system32\cdosys.dll
- 2004-08-04 10:00:00 194,560 ----a-w C:\WINDOWS\system32\certcli.dll
+ 2008-04-14 00:11:50 194,560 ----a-w C:\WINDOWS\system32\certcli.dll
- 2004-08-04 10:00:00 457,728 ----a-w C:\WINDOWS\system32\certmgr.dll
+ 2008-04-14 00:11:50 457,728 ----a-w C:\WINDOWS\system32\certmgr.dll
- 2004-08-04 10:00:00 38,912 ----a-w C:\WINDOWS\system32\cfgbkend.dll
+ 2008-04-14 00:11:50 38,912 ----a-w C:\WINDOWS\system32\cfgbkend.dll
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
+ 2008-04-14 00:09:05 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
- 2004-08-04 10:00:00 109,568 ----a-w C:\WINDOWS\system32\cic.dll
+ 2008-04-14 00:11:50 148,480 ----a-w C:\WINDOWS\system32\cic.dll
- 2006-06-22 05:06:29 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2008-04-14 00:11:50 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2004-08-04 10:00:00 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
+ 2008-04-14 00:12:14 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
- 2005-07-26 04:39:43 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2008-04-14 00:11:50 110,592 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2005-07-26 04:39:43 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2008-04-14 00:11:50 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2004-08-04 10:00:00 64,000 ----a-w C:\WINDOWS\system32\cleanmgr.exe
+ 2008-04-14 00:12:14 64,000 ----a-w C:\WINDOWS\system32\cleanmgr.exe
- 2004-08-04 10:00:00 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
+ 2008-04-14 00:11:50 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
+ 2008-04-14 00:12:14 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
- 2004-08-04 10:00:00 102,912 ----a-w C:\WINDOWS\system32\clipbrd.exe
+ 2008-04-14 00:12:14 102,912 ----a-w C:\WINDOWS\system32\clipbrd.exe
- 2004-08-04 10:00:00 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
+ 2008-04-14 00:12:14 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
- 2004-08-04 10:00:00 57,856 ----a-w C:\WINDOWS\system32\clusapi.dll
+ 2008-04-14 00:11:50 58,368 ----a-w C:\WINDOWS\system32\clusapi.dll
- 2004-08-04 10:00:00 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
+ 2008-04-14 00:11:50 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
- 2004-08-04 10:00:00 388,608 ----a-w C:\WINDOWS\system32\cmd.exe
+ 2008-04-14 00:12:14 389,120 ----a-w C:\WINDOWS\system32\cmd.exe
- 2004-08-04 10:00:00 343,040 ----a-w C:\WINDOWS\system32\cmdial32.dll
+ 2008-04-14 00:11:50 344,064 ----a-w C:\WINDOWS\system32\cmdial32.dll
- 2004-08-04 10:00:00 47,104 ----a-w C:\WINDOWS\system32\cmdl32.exe
+ 2008-04-14 00:12:14 25,600 ----a-w C:\WINDOWS\system32\cmdl32.exe
- 2004-08-04 10:00:00 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe
+ 2008-04-14 00:12:15 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe
- 2004-08-04 10:00:00 185,344 ----a-w C:\WINDOWS\system32\cmprops.dll
+ 2008-04-14 00:11:50 185,344 ----a-w C:\WINDOWS\system32\cmprops.dll
- 2004-08-04 10:00:00 13,824 ----a-w C:\WINDOWS\system32\cmsetACL.dll
+ 2008-04-14 00:11:50 13,312 ----a-w C:\WINDOWS\system32\cmsetacl.dll
- 2004-08-04 10:00:00 63,488 ----a-w C:\WINDOWS\system32\cmstp.exe
+ 2008-04-14 00:12:15 63,488 ----a-w C:\WINDOWS\system32\cmstp.exe
- 2004-08-04 10:00:00 39,936 ----a-w C:\WINDOWS\system32\cmutil.dll
+ 2008-04-14 00:11:50 39,424 ----a-w C:\WINDOWS\system32\cmutil.dll
- 2004-08-04 10:00:00 47,104 ----a-w C:\WINDOWS\system32\cnbjmon.dll
+ 2008-04-14 00:11:50 47,104 ----a-w C:\WINDOWS\system32\cnbjmon.dll
- 2005-07-26 04:39:43 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2008-04-14 00:11:51 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
- 2005-07-26 04:39:44 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2008-04-14 00:11:51 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2004-08-04 10:00:00 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
+ 2008-04-14 00:12:15 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
- 2004-08-04 10:00:00 5,120 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
+ 2008-04-14 00:12:15 6,144 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
- 2004-08-04 10:00:00 25,600 ----a-w C:\WINDOWS\system32\comaddin.dll
+ 2008-04-14 00:11:51 28,160 ----a-w C:\WINDOWS\system32\comaddin.dll
- 2006-08-25 15:45:58 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2008-04-14 00:11:51 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2004-08-04 10:00:00 276,992 ----a-w C:\WINDOWS\system32\comdlg32.dll
+ 2008-04-14 00:11:51 276,992 ----a-w C:\WINDOWS\system32\comdlg32.dll
- 2004-08-04 10:00:00 252,928 ----a-w C:\WINDOWS\system32\compatUI.dll
+ 2008-04-14 00:11:51 252,928 ----a-w C:\WINDOWS\system32\compatui.dll
- 2004-08-04 10:00:00 229,376 ----a-w C:\WINDOWS\system32\compstui.dll
+ 2008-04-14 00:11:51 229,376 ----a-w C:\WINDOWS\system32\compstui.dll
- 2005-07-26 04:39:44 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2008-04-14 00:11:51 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2004-08-04 10:00:00 792,064 ----a-w C:\WINDOWS\system32\comres.dll
+ 2008-04-14 00:11:51 792,064 ----a-w C:\WINDOWS\system32\comres.dll
- 2004-08-04 10:00:00 147,456 ----a-w C:\WINDOWS\system32\comsnap.dll
+ 2008-04-14 00:11:51 167,424 ----a-w C:\WINDOWS\system32\comsnap.dll
- 2005-07-26 04:39:44 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2008-04-14 00:11:51 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2005-07-26 04:39:45 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
+ 2008-04-14 00:11:51 539,648 ----a-w C:\WINDOWS\system32\comuid.dll
- 2008-05-06 05:25:52 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-05-15 07:54:41 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-05-06 05:25:52 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-05-15 07:54:41 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-05-15 07:54:22 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008051520080516\index.dat
- 2008-05-06 05:25:52 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-05-15 07:54:41 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2004-08-04 10:00:00 345,600 ----a-w C:\WINDOWS\system32\confmsp.dll
+ 2008-04-14 00:11:51 357,888 ----a-w C:\WINDOWS\system32\confmsp.dll
- 2004-08-04 10:00:00 27,648 ----a-w C:\WINDOWS\system32\conime.exe
+ 2008-04-14 00:12:15 27,648 ----a-w C:\WINDOWS\system32\conime.exe
- 2004-08-04 10:00:00 35,328 ------w C:\WINDOWS\system32\corpol.dll
+ 2008-04-14 00:11:51 35,328 ------w C:\WINDOWS\system32\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w C:\WINDOWS\system32\credssp.dll
- 2004-08-04 10:00:00 163,840 ----a-w C:\WINDOWS\system32\credui.dll
+ 2008-04-14 00:11:51 163,840 ----a-w C:\WINDOWS\system32\credui.dll
- 2004-08-04 10:00:00 597,504 ----a-w C:\WINDOWS\system32\crypt32.dll
+ 2008-04-14 00:11:51 599,040 ----a-w C:\WINDOWS\system32\crypt32.dll
- 2004-08-04 10:00:00 74,752 ----a-w C:\WINDOWS\system32\cryptdlg.dll
+ 2008-04-14 00:11:51 74,752 ----a-w C:\WINDOWS\system32\cryptdlg.dll
- 2004-08-04 10:00:00 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
+ 2008-04-14 00:11:51 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
- 2004-08-04 10:00:00 53,760 ----a-w C:\WINDOWS\system32\cryptext.dll
+ 2008-04-14 00:11:51 53,760 ----a-w C:\WINDOWS\system32\cryptext.dll
- 2004-08-04 10:00:00 63,488 ----a-w C:\WINDOWS\system32\cryptnet.dll
+ 2008-04-14 00:11:51 64,512 ----a-w C:\WINDOWS\system32\cryptnet.dll
- 2004-08-04 10:00:00 60,416 ----a-w C:\WINDOWS\system32\cryptsvc.dll
+ 2008-04-14 00:11:51 62,464 ----a-w C:\WINDOWS\system32\cryptsvc.dll
- 2004-08-04 10:00:00 512,512 ----a-w C:\WINDOWS\system32\cryptui.dll
+ 2008-04-14 00:11:51 512,512 ----a-w C:\WINDOWS\system32\cryptui.dll
- 2004-08-04 10:00:00 101,888 ----a-w C:\WINDOWS\system32\cscdll.dll
+ 2008-04-14 00:11:51 101,888 ----a-w C:\WINDOWS\system32\cscdll.dll
- 2004-08-04 10:00:00 98,304 ----a-w C:\WINDOWS\system32\cscript.exe
+ 2008-04-14 00:12:15 139,264 ----a-w C:\WINDOWS\system32\cscript.exe
- 2004-08-04 10:00:00 326,656 ----a-w C:\WINDOWS\system32\cscui.dll
+ 2008-04-14 00:11:51 326,656 ----a-w C:\WINDOWS\system32\cscui.dll
- 2004-08-04 10:00:00 32,768 ----a-w C:\WINDOWS\system32\csrsrv.dll
+ 2008-04-14 00:11:51 32,256 ----a-w C:\WINDOWS\system32\csrsrv.dll
- 2004-08-04 10:00:00 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
+ 2008-04-14 00:12:15 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
- 2004-08-04 10:00:00 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
+ 2008-04-14 00:12:16 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
- 2004-08-04 10:00:00 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
+ 2008-04-14 00:11:51 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
- 2004-08-04 10:00:00 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
+ 2008-04-14 00:11:51 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
- 2004-08-04 10:00:00 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
+ 2008-04-14 00:11:51 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
- 2004-08-04 10:00:00 825,344 ----a-w C:\WINDOWS\system32\d3dim700.dll
+ 2008-04-14 00:11:51 824,320 ----a-w C:\WINDOWS\system32\d3dim700.dll
- 2008-02-16 09:32:03 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-04-14 00:11:51 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-04 10:00:00 54,272 ----a-w C:\WINDOWS\system32\dataclen.dll
+ 2008-04-14 00:11:51 54,272 ----a-w C:\WINDOWS\system32\dataclen.dll
- 2004-08-04 10:00:00 152,064 ----a-w C:\WINDOWS\system32\datime.dll
+ 2008-04-14 00:11:51 165,376 ----a-w C:\WINDOWS\system32\datime.dll
- 2004-08-04 10:00:00 24,576 ----a-w C:\WINDOWS\system32\davclnt.dll
+ 2008-04-14 00:11:51 25,088 ----a-w C:\WINDOWS\system32\davclnt.dll
- 2004-08-04 10:00:00 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
+ 2008-04-14 00:11:51 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
- 2004-08-04 10:00:00 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
+ 2008-04-14 00:11:51 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
- 2004-08-04 10:00:00 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
+ 2008-04-14 00:11:51 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
- 2004-08-04 10:00:00 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
+ 2008-04-14 00:11:51 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
- 2004-08-04 10:00:00 1,788 ----a-w C:\WINDOWS\system32\Dcache.bin
+ 2008-04-14 00:25:26 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
- 2004-08-04 10:00:00 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
+ 2008-04-14 00:11:51 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
- 2004-08-04 10:00:00 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
+ 2008-04-14 00:12:16 6,144 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
- 2004-08-04 10:00:00 30,208 ----a-w C:\WINDOWS\system32\ddeshare.exe
+ 2008-04-14 00:12:16 30,208 ----a-w C:\WINDOWS\system32\ddeshare.exe
- 2004-08-04 10:00:00 266,240 ----a-w C:\WINDOWS\system32\ddraw.dll
+ 2008-04-14 00:11:51 279,552 ----a-w C:\WINDOWS\system32\ddraw.dll
- 2004-08-04 10:00:00 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
+ 2008-04-14 00:11:51 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
- 2004-08-04 10:00:00 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
+ 2008-04-14 00:12:16 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
- 2004-08-04 10:00:00 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
+ 2008-04-14 00:11:51 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
- 2004-08-04 10:00:00 282,624 ----a-w C:\WINDOWS\system32\devmgr.dll
+ 2008-04-14 00:11:51 282,624 ----a-w C:\WINDOWS\system32\devmgr.dll
- 2004-08-04 10:00:00 82,432 ----a-w C:\WINDOWS\system32\dfrgfat.exe
+ 2008-04-14 00:12:16 82,944 ----a-w C:\WINDOWS\system32\dfrgfat.exe
- 2004-08-04 10:00:00 104,960 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
+ 2008-04-14 00:12:16 105,472 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
- 2004-08-04 10:00:00 38,912 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
+ 2008-04-14 00:11:51 39,424 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
- 2004-08-04 10:00:00 123,904 ----a-w C:\WINDOWS\system32\dfrgui.dll
+ 2008-04-14 00:11:51 124,416 ----a-w C:\WINDOWS\system32\dfrgui.dll
- 2004-08-04 10:00:00 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
+ 2008-04-14 00:11:51 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
- 2004-08-04 10:00:00 111,104 ----a-w C:\WINDOWS\system32\dgnet.dll
+ 2008-04-14 00:11:51 111,104 ----a-w C:\WINDOWS\system32\dgnet.dll
- 2006-05-19 12:59:41 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2008-04-14 00:11:51 126,976 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2004-08-04 10:00:00 370,176 ----a-w C:\WINDOWS\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 379,904 ----a-w C:\WINDOWS\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w C:\WINDOWS\system32\dhcpqec.dll
- 2004-08-04 10:00:00 85,504 ----a-w C:\WINDOWS\system32\diantz.exe
+ 2008-04-14 00:12:17 87,040 ----a-w C:\WINDOWS\system32\diantz.exe
- 2004-08-04 10:00:00 68,608 ----a-w C:\WINDOWS\system32\digest.dll
+ 2008-04-14 00:11:52 68,608 ----a-w C:\WINDOWS\system32\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w C:\WINDOWS\system32\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\system32\dimsroam.dll
- 2004-08-04 10:00:00 159,232 ----a-w C:\WINDOWS\system32\dinput.dll
+ 2008-04-14 00:11:52 158,720 ----a-w C:\WINDOWS\system32\dinput.dll
- 2004-08-04 10:00:00 181,760 ----a-w C:\WINDOWS\system32\dinput8.dll
+ 2008-04-14 00:11:52 181,760 ----a-w C:\WINDOWS\system32\dinput8.dll
- 2004-08-04 10:00:00 1,501,696 ----a-w C:\WINDOWS\system32\diskcopy.dll
+ 2008-04-14 00:11:52 1,504,256 ----a-w C:\WINDOWS\system32\diskcopy.dll
- 2004-08-04 10:00:00 163,840 ----a-w C:\WINDOWS\system32\diskpart.exe
+ 2008-04-14 00:12:17 163,840 ----a-w C:\WINDOWS\system32\diskpart.exe
- 2004-08-04 10:00:00 45,083 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2008-04-14 00:11:52 32,768 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2008-03-25 04:50:25 554,008 ------w C:\WINDOWS\system32\dllcache\dao360.dll
- 2006-08-22 12:05:26 498,742 ------w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ------w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2008-03-25 04:50:28 518,944 ------w C:\WINDOWS\system32\dllcache\msexch40.dll

    Advertisements

Register to Remove

#11 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 16 May 2008 - 04:41 PM

Second Half of The ComboFix Log

+ 2008-03-25 04:50:30 326,432 ------w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:34 1,516,568 ------w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:40 355,112 ------w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:42 60,192 ------w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 248,608 ------w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:44 219,936 ------w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:45 355,104 ------w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:47 432,928 ------w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 ------w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 ------w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:55 264,992 ------w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:57 838,432 ------w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:58 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 355,104 ------w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-04-14 00:12:01 1,306,624 ------w C:\WINDOWS\system32\dllcache\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll
- 2006-08-21 17:52:08 246,814 ------w C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ------w C:\WINDOWS\system32\dllcache\strmdll.dll
- 2004-08-04 10:00:00 5,120 ----a-w C:\WINDOWS\system32\dllhost.exe
+ 2008-04-14 00:12:17 5,120 ----a-w C:\WINDOWS\system32\dllhost.exe
- 2004-08-04 10:00:00 224,768 ----a-w C:\WINDOWS\system32\dmadmin.exe
+ 2008-04-14 00:12:17 224,768 ----a-w C:\WINDOWS\system32\dmadmin.exe
- 2004-08-04 10:00:00 28,672 ----a-w C:\WINDOWS\system32\dmband.dll
+ 2008-04-14 00:11:52 28,672 ----a-w C:\WINDOWS\system32\dmband.dll
- 2004-08-04 10:00:00 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll
+ 2008-04-14 00:11:52 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll
- 2004-08-04 10:00:00 273,920 ----a-w C:\WINDOWS\system32\dmdlgs.dll
+ 2008-04-14 00:11:52 285,184 ----a-w C:\WINDOWS\system32\dmdlgs.dll
- 2004-08-04 10:00:00 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll
+ 2008-04-14 00:11:52 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll
- 2004-08-04 10:00:00 181,248 ----a-w C:\WINDOWS\system32\dmime.dll
+ 2008-04-14 00:11:52 181,248 ----a-w C:\WINDOWS\system32\dmime.dll
- 2004-08-04 10:00:00 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll
+ 2008-04-14 00:11:52 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll
- 2004-08-04 10:00:00 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe
+ 2008-04-14 00:12:17 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe
- 2004-08-04 10:00:00 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll
+ 2008-04-14 00:11:52 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll
- 2004-08-04 10:00:00 23,552 ----a-w C:\WINDOWS\system32\dmserver.dll
+ 2008-04-14 00:11:52 23,552 ----a-w C:\WINDOWS\system32\dmserver.dll
- 2004-08-04 10:00:00 105,984 ----a-w C:\WINDOWS\system32\dmstyle.dll
+ 2008-04-14 00:11:52 105,984 ----a-w C:\WINDOWS\system32\dmstyle.dll
- 2004-08-04 10:00:00 103,424 ----a-w C:\WINDOWS\system32\dmsynth.dll
+ 2008-04-14 00:11:52 103,424 ----a-w C:\WINDOWS\system32\dmsynth.dll
- 2004-08-04 10:00:00 104,448 ----a-w C:\WINDOWS\system32\dmusic.dll
+ 2008-04-14 00:11:52 104,448 ----a-w C:\WINDOWS\system32\dmusic.dll
- 2004-08-04 10:00:00 52,224 ----a-w C:\WINDOWS\system32\dmutil.dll
+ 2008-04-14 00:11:52 52,224 ----a-w C:\WINDOWS\system32\dmutil.dll
- 2008-02-20 05:32:43 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-04-14 00:11:52 147,968 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2008-02-20 05:32:43 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-04-14 00:11:52 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2004-08-04 10:00:00 48,128 ----a-w C:\WINDOWS\system32\docprop2.dll
+ 2008-04-14 00:11:52 48,128 ----a-w C:\WINDOWS\system32\docprop2.dll
+ 2008-04-14 00:11:52 26,112 ------w C:\WINDOWS\system32\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w C:\WINDOWS\system32\dot3cfg.dll
+ 2008-04-14 00:11:52 9,216 ------w C:\WINDOWS\system32\dot3dlg.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\system32\dot3gpclnt.dll
+ 2008-04-14 00:11:52 56,320 ------w C:\WINDOWS\system32\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w C:\WINDOWS\system32\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w C:\WINDOWS\system32\dot3ui.dll
- 2004-08-04 10:00:00 97,280 ----a-w C:\WINDOWS\system32\dpcdll.dll
+ 2008-04-13 21:00:49 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
- 2004-08-04 10:00:00 30,208 ----a-w C:\WINDOWS\system32\dplaysvr.exe
+ 2008-04-14 00:12:17 29,696 ----a-w C:\WINDOWS\system32\dplaysvr.exe
- 2004-08-04 10:00:00 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll
+ 2008-04-14 00:11:52 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll
- 2004-08-04 10:00:00 23,552 ----a-w C:\WINDOWS\system32\dpmodemx.dll
+ 2008-04-14 00:11:52 23,552 ----a-w C:\WINDOWS\system32\dpmodemx.dll
- 2004-08-04 10:00:00 3,584 ----a-w C:\WINDOWS\system32\dpnaddr.dll
+ 2008-04-14 00:09:19 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
- 2004-08-04 10:00:00 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll
+ 2008-04-14 00:11:52 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll
- 2004-08-04 10:00:00 35,328 ----a-w C:\WINDOWS\system32\dpnhpast.dll
+ 2008-04-14 00:11:52 35,328 ----a-w C:\WINDOWS\system32\dpnhpast.dll
- 2004-08-04 10:00:00 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll
+ 2008-04-14 00:11:52 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll
- 2004-08-04 10:00:00 3,584 ----a-w C:\WINDOWS\system32\dpnlobby.dll
+ 2008-04-14 00:09:20 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
- 2004-08-04 10:00:00 18,432 ----a-w C:\WINDOWS\system32\dpnsvr.exe
+ 2008-04-14 00:12:17 17,920 ----a-w C:\WINDOWS\system32\dpnsvr.exe
- 2004-08-04 10:00:00 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll
+ 2008-04-14 00:11:52 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll
- 2004-08-04 10:00:00 212,480 ----a-w C:\WINDOWS\system32\dpvoice.dll
+ 2008-04-14 00:11:52 212,480 ----a-w C:\WINDOWS\system32\dpvoice.dll
- 2004-08-04 10:00:00 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe
+ 2008-04-14 00:12:18 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe
- 2004-08-04 10:00:00 116,736 ----a-w C:\WINDOWS\system32\dpvvox.dll
+ 2008-04-14 00:11:52 116,736 ----a-w C:\WINDOWS\system32\dpvvox.dll
- 2004-08-04 10:00:00 57,344 ----a-w C:\WINDOWS\system32\dpwsockx.dll
+ 2008-04-14 00:11:52 57,344 ----a-w C:\WINDOWS\system32\dpwsockx.dll
- 2004-08-04 04:10:08 53,248 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys
+ 2008-04-13 18:46:18 53,376 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys
- 2004-08-04 10:00:00 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
+ 2008-04-13 18:36:35 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
+ 2008-04-14 00:11:48 4,255 ------w C:\WINDOWS\system32\drivers\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w C:\WINDOWS\system32\drivers\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w C:\WINDOWS\system32\drivers\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w C:\WINDOWS\system32\drivers\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w C:\WINDOWS\system32\drivers\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w C:\WINDOWS\system32\drivers\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w C:\WINDOWS\system32\drivers\adv11nt5.dll
- 2006-02-15 00:22:26 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys
+ 2008-04-13 16:39:23 142,592 ----a-w C:\WINDOWS\system32\drivers\aec.sys
- 2004-08-04 04:07:42 42,368 ----a-w C:\WINDOWS\system32\drivers\AGP440.SYS
+ 2008-04-13 18:36:38 42,368 ----a-w C:\WINDOWS\system32\drivers\agp440.sys
- 2004-08-04 04:07:44 44,928 ----a-w C:\WINDOWS\system32\drivers\AGPCPQ.SYS
+ 2008-04-13 18:36:39 44,928 ----a-w C:\WINDOWS\system32\drivers\agpcpq.sys
- 2004-08-04 04:07:42 42,752 ----a-w C:\WINDOWS\system32\drivers\ALIM1541.SYS
+ 2008-04-13 18:36:38 42,752 ----a-w C:\WINDOWS\system32\drivers\alim1541.sys
- 2004-08-04 04:07:44 43,008 ----a-w C:\WINDOWS\system32\drivers\AMDAGP.SYS
+ 2008-04-13 18:36:39 43,008 ----a-w C:\WINDOWS\system32\drivers\amdagp.sys
- 2004-08-04 10:00:00 36,992 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
+ 2008-04-13 18:31:32 37,376 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
- 2004-08-04 03:59:44 95,360 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
+ 2008-04-13 18:40:30 96,512 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
+ 2004-08-04 05:29:30 56,623 ------w C:\WINDOWS\system32\drivers\ati1btxx.sys
+ 2004-08-04 05:29:30 11,615 ------w C:\WINDOWS\system32\drivers\ati1mdxx.sys
+ 2004-08-04 05:29:30 12,047 ------w C:\WINDOWS\system32\drivers\ati1pdxx.sys
+ 2004-08-04 05:29:32 30,671 ------w C:\WINDOWS\system32\drivers\ati1raxx.sys
+ 2004-08-04 05:29:32 63,663 ------w C:\WINDOWS\system32\drivers\ati1rvxx.sys
+ 2004-08-04 05:29:32 26,367 ------w C:\WINDOWS\system32\drivers\ati1snxx.sys
+ 2004-08-04 05:29:32 21,343 ------w C:\WINDOWS\system32\drivers\ati1ttxx.sys
+ 2004-08-04 05:29:32 36,463 ------w C:\WINDOWS\system32\drivers\ati1tuxx.sys
+ 2004-08-04 05:29:32 29,455 ------w C:\WINDOWS\system32\drivers\ati1xbxx.sys
+ 2004-08-04 05:29:32 34,735 ------w C:\WINDOWS\system32\drivers\ati1xsxx.sys
+ 2004-08-04 05:29:28 327,040 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
+ 2004-08-04 05:29:28 57,856 ------w C:\WINDOWS\system32\drivers\atinbtxx.sys
+ 2004-08-04 05:29:30 13,824 ------w C:\WINDOWS\system32\drivers\atinmdxx.sys
+ 2004-08-04 05:29:30 14,336 ------w C:\WINDOWS\system32\drivers\atinpdxx.sys
+ 2004-08-04 05:29:30 52,224 ------w C:\WINDOWS\system32\drivers\atinraxx.sys
+ 2004-08-04 05:29:32 104,960 ------w C:\WINDOWS\system32\drivers\atinrvxx.sys
+ 2004-08-04 05:29:32 28,672 ------w C:\WINDOWS\system32\drivers\atinsnxx.sys
+ 2004-08-04 05:29:32 13,824 ------w C:\WINDOWS\system32\drivers\atinttxx.sys
+ 2004-08-04 05:29:32 73,216 ------w C:\WINDOWS\system32\drivers\atintuxx.sys
+ 2004-08-04 05:29:32 31,744 ------w C:\WINDOWS\system32\drivers\atinxbxx.sys
+ 2004-08-04 05:29:32 63,488 ------w C:\WINDOWS\system32\drivers\atinxsxx.sys
+ 2008-04-14 00:11:50 21,183 ------w C:\WINDOWS\system32\drivers\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w C:\WINDOWS\system32\drivers\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w C:\WINDOWS\system32\drivers\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w C:\WINDOWS\system32\drivers\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w C:\WINDOWS\system32\drivers\atv10nt5.dll
+ 2008-04-13 18:46:33 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys
+ 2008-04-13 18:46:32 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys
+ 2008-04-13 18:46:29 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys
- 2004-08-04 06:10:18 17,024 ----a-w C:\WINDOWS\system32\drivers\CCDECODE.sys
+ 2008-04-13 18:46:23 17,024 ----a-w C:\WINDOWS\system32\drivers\ccdecode.sys
- 2004-08-04 10:00:00 49,536 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys
+ 2008-04-13 18:40:46 62,976 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys
+ 2008-04-14 00:11:50 15,423 ------w C:\WINDOWS\system32\drivers\ch7xxnt5.dll
- 2004-08-04 10:00:00 36,480 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
+ 2008-04-13 18:31:32 36,736 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
- 2004-08-04 10:00:00 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys
+ 2008-04-13 18:40:47 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys
- 2004-08-04 10:00:00 14,208 ----a-w C:\WINDOWS\system32\drivers\diskdump.sys
+ 2008-04-13 18:40:44 14,208 ----a-w C:\WINDOWS\system32\drivers\diskdump.sys
- 2004-08-04 04:07:40 52,864 ----a-w C:\WINDOWS\system32\drivers\DMusic.sys
+ 2008-04-13 18:45:01 52,864 ----a-w C:\WINDOWS\system32\drivers\dmusic.sys
- 2004-08-04 04:07:58 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
+ 2008-04-13 18:45:13 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
- 2004-08-04 10:00:00 27,392 ----a-w C:\WINDOWS\system32\drivers\fdc.sys
+ 2008-04-13 18:40:25 27,392 ----a-w C:\WINDOWS\system32\drivers\fdc.sys
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys
+ 2008-04-13 18:40:25 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys
+ 2008-04-13 18:36:40 46,464 ------w C:\WINDOWS\system32\drivers\gagp30kx.sys
- 2004-08-04 04:08:22 10,624 ----a-w C:\WINDOWS\system32\drivers\gameenum.sys
+ 2008-04-13 18:45:29 10,624 ----a-w C:\WINDOWS\system32\drivers\gameenum.sys
- 2004-08-12 22:45:54 137,728 ----a-w C:\WINDOWS\system32\drivers\Hdaudbus.sys
+ 2008-04-13 16:36:05 144,384 ----a-w C:\WINDOWS\system32\drivers\hdaudbus.sys
+ 2008-04-13 18:46:30 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys
- 2004-08-04 07:08:20 36,224 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 36,864 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 19,200 ------w C:\WINDOWS\system32\drivers\hidir.sys
- 2004-08-04 10:00:00 24,960 ----a-w C:\WINDOWS\system32\drivers\hidparse.sys
+ 2008-04-13 18:45:22 24,960 ----a-w C:\WINDOWS\system32\drivers\hidparse.sys
- 2001-08-17 20:02:20 9,600 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys
+ 2008-04-13 18:45:27 10,368 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys
+ 2004-08-04 05:41:48 220,032 ------w C:\WINDOWS\system32\drivers\hsfbs2s2.sys
+ 2004-08-04 05:41:50 685,056 ------w C:\WINDOWS\system32\drivers\hsfcxts2.sys
- 2004-08-04 10:00:00 41,856 ----a-w C:\WINDOWS\system32\drivers\imapi.sys
+ 2008-04-13 18:40:58 42,112 ----a-w C:\WINDOWS\system32\drivers\imapi.sys
- 2004-08-04 03:59:42 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
+ 2008-04-13 18:40:29 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
- 2004-08-04 10:00:00 36,096 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
+ 2008-04-13 18:31:32 36,352 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
- 2001-08-17 18:58:02 35,840 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
+ 2008-04-13 18:36:41 37,248 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
- 2006-06-14 08:47:45 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
+ 2008-04-13 18:45:09 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
- 2004-08-04 10:00:00 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys
+ 2008-04-13 18:36:41 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys
- 2004-08-04 04:07:48 15,488 ----a-w C:\WINDOWS\system32\drivers\mssmbios.sys
+ 2008-04-13 18:36:46 15,488 ----a-w C:\WINDOWS\system32\drivers\mssmbios.sys
+ 2004-08-04 05:41:40 126,686 ------w C:\WINDOWS\system32\drivers\mtlmnt5.sys
+ 2004-08-04 05:41:38 1,309,184 ------w C:\WINDOWS\system32\drivers\mtlstrm.sys
+ 2004-08-04 05:29:38 452,736 ------w C:\WINDOWS\system32\drivers\mtxparhm.sys
- 2004-08-04 06:10:30 85,376 ----a-w C:\WINDOWS\system32\drivers\NABTSFEC.sys
+ 2008-04-13 18:46:25 85,248 ----a-w C:\WINDOWS\system32\drivers\nabtsfec.sys
- 2004-08-04 06:10:14 10,880 ----a-w C:\WINDOWS\system32\drivers\NdisIP.sys
+ 2008-04-13 18:46:22 10,880 ----a-w C:\WINDOWS\system32\drivers\ndisip.sys
+ 2004-08-04 05:41:40 180,360 ------w C:\WINDOWS\system32\drivers\ntmtlfax.sys
- 2004-08-04 04:10:10 61,056 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys
+ 2008-04-13 18:46:18 61,696 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys
- 2004-08-04 10:00:00 80,128 ----a-w C:\WINDOWS\system32\drivers\parport.sys
+ 2008-04-13 18:40:10 80,128 ----a-w C:\WINDOWS\system32\drivers\parport.sys
- 2004-08-04 10:00:00 18,688 ----a-w C:\WINDOWS\system32\drivers\partmgr.sys
+ 2008-04-13 18:40:49 19,712 ----a-w C:\WINDOWS\system32\drivers\partmgr.sys
- 2004-08-04 04:07:48 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys
+ 2008-04-13 18:36:44 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys
- 2004-08-04 03:59:42 25,088 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys
+ 2008-04-13 18:40:29 24,960 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys
- 2004-08-04 10:00:00 119,936 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
+ 2008-04-13 18:36:43 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
- 2004-08-04 10:00:00 35,328 ----a-w C:\WINDOWS\system32\drivers\processr.sys
+ 2008-04-13 18:31:30 35,840 ----a-w C:\WINDOWS\system32\drivers\processr.sys
+ 2004-08-04 05:41:40 13,776 ------w C:\WINDOWS\system32\drivers\recagent.sys
- 2004-08-04 03:59:38 57,472 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
+ 2008-04-13 18:40:27 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
+ 2008-04-13 18:46:32 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys
+ 2004-08-04 05:29:52 166,912 ------w C:\WINDOWS\system32\drivers\s3gnbm.sys
- 2004-08-04 10:00:00 96,256 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys
+ 2008-04-13 18:40:30 96,384 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys
- 2004-08-04 10:00:00 67,584 ----a-w C:\WINDOWS\system32\drivers\sdbus.sys
+ 2008-04-13 18:36:44 79,232 ----a-w C:\WINDOWS\system32\drivers\sdbus.sys
- 2004-08-04 10:00:00 15,488 ----a-w C:\WINDOWS\system32\drivers\serenum.sys
+ 2008-04-13 18:40:12 15,744 ----a-w C:\WINDOWS\system32\drivers\serenum.sys
- 2004-08-04 10:00:00 11,136 ----a-w C:\WINDOWS\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:47 11,904 ----a-w C:\WINDOWS\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w C:\WINDOWS\system32\drivers\sffp_mmc.sys
- 2004-08-04 10:00:00 10,240 ----a-w C:\WINDOWS\system32\drivers\sffp_sd.sys
+ 2008-04-13 18:40:47 11,008 ----a-w C:\WINDOWS\system32\drivers\sffp_sd.sys
- 2004-08-04 10:00:00 11,392 ----a-w C:\WINDOWS\system32\drivers\sfloppy.sys
+ 2008-04-13 18:40:48 11,392 ----a-w C:\WINDOWS\system32\drivers\sfloppy.sys
+ 2008-04-14 00:12:05 3,901 ------w C:\WINDOWS\system32\drivers\siint5.dll
- 2004-08-04 04:07:44 41,088 ----a-w C:\WINDOWS\system32\drivers\SISAGP.SYS
+ 2008-04-13 18:36:39 40,960 ----a-w C:\WINDOWS\system32\drivers\sisagp.sys
- 2004-08-04 06:10:18 11,136 ----a-w C:\WINDOWS\system32\drivers\SLIP.sys
+ 2008-04-13 18:46:23 11,136 ----a-w C:\WINDOWS\system32\drivers\slip.sys
+ 2004-08-04 05:41:42 129,535 ------w C:\WINDOWS\system32\drivers\slnt7554.sys
+ 2004-08-04 05:41:44 404,990 ------w C:\WINDOWS\system32\drivers\slntamr.sys
+ 2004-08-04 05:41:46 95,424 ------w C:\WINDOWS\system32\drivers\slnthal.sys
+ 2004-08-04 05:41:46 13,240 ------w C:\WINDOWS\system32\drivers\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w C:\WINDOWS\system32\drivers\smbali.sys
- 2004-08-04 10:00:00 25,472 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
+ 2008-04-13 18:46:07 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
- 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
+ 2008-04-13 18:45:07 6,272 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
- 2004-08-04 10:00:00 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
+ 2008-04-13 18:36:52 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
- 2004-08-04 04:08:04 48,640 ----a-w C:\WINDOWS\system32\drivers\stream.sys
+ 2008-04-13 18:45:15 49,408 ----a-w C:\WINDOWS\system32\drivers\stream.sys
- 2004-08-04 06:10:14 15,360 ----a-w C:\WINDOWS\system32\drivers\StreamIP.sys
+ 2008-04-13 18:46:21 15,232 ----a-w C:\WINDOWS\system32\drivers\streamip.sys
- 2001-08-17 19:00:52 54,272 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys
+ 2008-04-13 18:45:09 56,576 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys
- 2004-08-04 10:00:00 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys
+ 2008-04-13 18:40:50 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys
+ 2008-04-13 18:36:40 44,672 ------w C:\WINDOWS\system32\drivers\uagp35.sys
- 2004-08-04 07:07:56 59,264 ----a-w C:\WINDOWS\system32\drivers\USBAUDIO.sys
+ 2008-04-13 18:45:12 60,032 ----a-w C:\WINDOWS\system32\drivers\usbaudio.sys
- 2004-08-04 10:00:00 23,808 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys
+ 2008-04-13 18:45:40 25,600 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys
- 2004-08-04 10:00:00 23,936 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys
+ 2008-04-13 18:45:41 25,728 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys
- 2004-08-04 07:08:48 31,616 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
+ 2008-04-13 18:45:39 32,128 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
- 2004-08-04 10:00:00 26,624 ----a-w C:\WINDOWS\system32\drivers\usbehci.sys
+ 2008-04-13 18:45:35 30,208 ----a-w C:\WINDOWS\system32\drivers\usbehci.sys
- 2004-08-04 04:08:44 57,600 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys
+ 2008-04-13 18:45:37 59,520 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys
- 2004-08-04 10:00:00 16,000 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys
+ 2008-04-13 18:45:43 15,872 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys
- 2004-08-04 04:08:44 142,976 ----a-w C:\WINDOWS\system32\drivers\usbport.sys
+ 2008-04-13 18:45:36 143,872 ----a-w C:\WINDOWS\system32\drivers\usbport.sys
- 2004-08-04 04:08:48 26,496 ----a-w C:\WINDOWS\system32\drivers\USBSTOR.SYS
+ 2008-04-13 18:45:38 26,368 ----a-w C:\WINDOWS\system32\drivers\usbstor.sys
- 2004-08-04 04:08:38 20,480 ----a-w C:\WINDOWS\system32\drivers\usbuhci.sys
+ 2008-04-13 18:45:35 20,608 ----a-w C:\WINDOWS\system32\drivers\usbuhci.sys
+ 2008-04-13 18:46:20 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys
+ 2008-04-14 00:12:08 11,325 ------w C:\WINDOWS\system32\drivers\vchnt5.dll
- 2004-08-04 04:07:44 42,240 ----a-w C:\WINDOWS\system32\drivers\VIAAGP.SYS
+ 2008-04-13 18:36:40 42,240 ----a-w C:\WINDOWS\system32\drivers\viaagp.sys
- 2004-08-04 03:59:44 5,376 ----a-w C:\WINDOWS\system32\drivers\viaide.sys
+ 2008-04-13 18:40:31 5,376 ----a-w C:\WINDOWS\system32\drivers\viaide.sys
+ 2004-08-04 05:29:40 11,807 ------w C:\WINDOWS\system32\drivers\wadv07nt.sys
+ 2004-08-04 05:29:40 11,295 ------w C:\WINDOWS\system32\drivers\wadv08nt.sys
+ 2004-08-04 05:29:42 11,871 ------w C:\WINDOWS\system32\drivers\wadv09nt.sys
+ 2004-08-04 05:29:42 11,935 ------w C:\WINDOWS\system32\drivers\wadv11nt.sys
+ 2004-08-04 05:29:46 22,271 ------w C:\WINDOWS\system32\drivers\watv06nt.sys
+ 2004-08-04 05:29:46 25,471 ------w C:\WINDOWS\system32\drivers\watv10nt.sys
- 2004-08-04 06:10:22 19,328 ----a-w C:\WINDOWS\system32\drivers\WSTCODEC.SYS
+ 2008-04-13 18:46:24 19,200 ----a-w C:\WINDOWS\system32\drivers\wstcodec.sys
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\drprov.dll
+ 2008-04-14 00:11:52 14,336 ----a-w C:\WINDOWS\system32\drprov.dll
- 2004-08-04 10:00:00 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll
+ 2008-04-14 00:11:52 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll
- 2004-08-04 10:00:00 181,760 ----a-w C:\WINDOWS\system32\dsdmo.dll
+ 2008-04-14 00:11:52 181,248 ----a-w C:\WINDOWS\system32\dsdmo.dll
- 2004-08-04 10:00:00 71,680 ----a-w C:\WINDOWS\system32\dsdmoprp.dll
+ 2008-04-14 00:11:52 71,680 ----a-w C:\WINDOWS\system32\dsdmoprp.dll
- 2004-08-04 10:00:00 92,672 ----a-w C:\WINDOWS\system32\dskquota.dll
+ 2008-04-14 00:11:52 92,672 ----a-w C:\WINDOWS\system32\dskquota.dll
- 2004-08-04 10:00:00 144,384 ----a-w C:\WINDOWS\system32\dskquoui.dll
+ 2008-04-14 00:11:52 155,648 ----a-w C:\WINDOWS\system32\dskquoui.dll
- 2004-08-04 10:00:00 367,616 ----a-w C:\WINDOWS\system32\dsound.dll
+ 2008-04-14 00:11:52 367,616 ----a-w C:\WINDOWS\system32\dsound.dll
- 2004-08-04 10:00:00 1,294,336 ----a-w C:\WINDOWS\system32\dsound3d.dll
+ 2008-04-14 00:11:52 1,293,824 ----a-w C:\WINDOWS\system32\dsound3d.dll
- 2004-08-04 10:00:00 142,336 ----a-w C:\WINDOWS\system32\dsprop.dll
+ 2008-04-14 00:11:52 142,848 ----a-w C:\WINDOWS\system32\dsprop.dll
- 2004-08-04 10:00:00 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
+ 2008-04-13 17:09:30 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
- 2004-08-04 10:00:00 239,104 ----a-w C:\WINDOWS\system32\dsquery.dll
+ 2008-04-14 00:11:52 239,104 ----a-w C:\WINDOWS\system32\dsquery.dll
- 2004-08-04 10:00:00 51,200 ----a-w C:\WINDOWS\system32\dssec.dll
+ 2008-04-14 00:11:52 51,200 ----a-w C:\WINDOWS\system32\dssec.dll
- 2004-08-04 10:00:00 137,216 ----a-w C:\WINDOWS\system32\dssenh.dll
+ 2008-04-13 17:37:57 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
- 2004-08-04 10:00:00 113,152 ----a-w C:\WINDOWS\system32\dsuiext.dll
+ 2008-04-14 00:11:52 113,152 ----a-w C:\WINDOWS\system32\dsuiext.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\system32\dswave.dll
+ 2008-04-14 00:11:52 19,456 ----a-w C:\WINDOWS\system32\dswave.dll
- 2004-08-04 10:00:00 10,752 ----a-w C:\WINDOWS\system32\dumprep.exe
+ 2008-04-14 00:12:18 10,752 ----a-w C:\WINDOWS\system32\dumprep.exe
- 2004-08-04 10:00:00 304,128 ----a-w C:\WINDOWS\system32\duser.dll
+ 2008-04-14 00:11:52 304,128 ----a-w C:\WINDOWS\system32\duser.dll
- 2004-08-04 10:00:00 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe
+ 2008-04-14 00:12:18 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe
- 2004-08-04 10:00:00 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe
+ 2008-04-14 00:12:18 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe
- 2004-08-04 10:00:00 619,008 ----a-w C:\WINDOWS\system32\dx7vb.dll
+ 2008-04-14 00:11:52 619,008 ----a-w C:\WINDOWS\system32\dx7vb.dll
- 2004-08-04 10:00:00 1,227,264 ----a-w C:\WINDOWS\system32\dx8vb.dll
+ 2008-04-14 00:11:52 1,227,264 ----a-w C:\WINDOWS\system32\dx8vb.dll
- 2004-08-04 10:00:00 1,298,432 ----a-w C:\WINDOWS\system32\dxdiag.exe
+ 2008-04-14 00:12:18 1,298,432 ----a-w C:\WINDOWS\system32\dxdiag.exe
- 2004-08-04 10:00:00 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll
+ 2008-04-14 00:11:52 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll
- 2006-08-22 12:05:26 498,742 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2008-04-14 00:11:52 30,720 ------w C:\WINDOWS\system32\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w C:\WINDOWS\system32\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w C:\WINDOWS\system32\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w C:\WINDOWS\system32\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w C:\WINDOWS\system32\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w C:\WINDOWS\system32\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w C:\WINDOWS\system32\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w C:\WINDOWS\system32\eapsvc.dll
- 2004-08-04 10:00:00 183,296 ----a-w C:\WINDOWS\system32\els.dll
+ 2008-04-14 00:11:53 183,296 ----a-w C:\WINDOWS\system32\els.dll
+ 2008-04-14 00:11:57 28,672 ------w C:\WINDOWS\system32\en\microsoft.managementconsole.resources.dll
+ 2008-04-14 00:11:57 40,960 ------w C:\WINDOWS\system32\en\mmcex.resources.dll
+ 2008-04-14 00:11:57 6,656 ------w C:\WINDOWS\system32\en\mmcfxcommon.resources.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\encapi.dll
+ 2008-04-14 00:11:53 20,480 ----a-w C:\WINDOWS\system32\encapi.dll
- 2004-08-04 10:00:00 186,368 ----a-w C:\WINDOWS\system32\encdec.dll
+ 2008-04-14 00:11:53 186,880 ----a-w C:\WINDOWS\system32\encdec.dll
- 2004-08-04 10:00:00 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll
+ 2008-04-14 00:11:53 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll
- 2005-07-26 04:39:45 243,200 ----a-w C:\WINDOWS\system32\es.dll
+ 2008-04-14 00:11:53 246,272 ----a-w C:\WINDOWS\system32\es.dll
- 2005-10-20 22:20:03 1,082,368 ----a-w C:\WINDOWS\system32\esent.dll
+ 2008-04-14 00:11:53 1,082,368 ----a-w C:\WINDOWS\system32\esent.dll
- 2004-08-04 10:00:00 193,024 ----a-w C:\WINDOWS\system32\eudcedit.exe
+ 2008-04-14 00:12:19 193,024 ----a-w C:\WINDOWS\system32\eudcedit.exe
- 2004-08-04 10:00:00 55,808 ----a-w C:\WINDOWS\system32\eventlog.dll
+ 2008-04-14 00:11:53 56,320 ----a-w C:\WINDOWS\system32\eventlog.dll
- 2004-08-04 10:00:00 380,957 ----a-w C:\WINDOWS\system32\expsrv.dll
+ 2008-04-14 00:11:53 380,445 ----a-w C:\WINDOWS\system32\expsrv.dll
- 2004-08-04 10:00:00 45,568 ----a-w C:\WINDOWS\system32\extrac32.exe
+ 2008-04-14 00:12:19 24,064 ----a-w C:\WINDOWS\system32\extrac32.exe
- 2004-08-04 10:00:00 121,856 ----a-w C:\WINDOWS\system32\exts.dll
+ 2008-04-14 00:11:53 125,952 ----a-w C:\WINDOWS\system32\exts.dll
- 2004-08-04 10:00:00 80,384 ----a-w C:\WINDOWS\system32\faultrep.dll
+ 2008-04-14 00:11:53 80,384 ----a-w C:\WINDOWS\system32\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w C:\WINDOWS\system32\faxpatch.exe
- 2004-08-04 10:00:00 21,504 ----a-w C:\WINDOWS\system32\feclient.dll
+ 2008-04-14 00:11:53 21,504 ----a-w C:\WINDOWS\system32\feclient.dll
- 2004-08-04 10:00:00 337,920 ----a-w C:\WINDOWS\system32\filemgmt.dll
+ 2008-04-14 00:11:53 337,920 ----a-w C:\WINDOWS\system32\filemgmt.dll
- 2004-08-04 10:00:00 27,136 ----a-w C:\WINDOWS\system32\findstr.exe
+ 2008-04-14 00:12:20 27,136 ----a-w C:\WINDOWS\system32\findstr.exe
- 2004-08-04 10:00:00 87,552 ----a-w C:\WINDOWS\system32\fldrclnr.dll
+ 2008-04-14 00:11:53 87,552 ----a-w C:\WINDOWS\system32\fldrclnr.dll
- 2006-08-21 12:21:06 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
+ 2008-04-14 00:11:53 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
- 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
+ 2008-04-14 00:12:20 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
- 2008-04-09 01:09:54 229,592 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-05-15 07:53:38 231,184 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2004-08-04 10:00:00 382,976 ----a-w C:\WINDOWS\system32\fontext.dll
+ 2008-04-14 00:11:53 382,976 ----a-w C:\WINDOWS\system32\fontext.dll
- 2005-10-17 21:14:45 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
+ 2008-04-14 00:11:53 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\system32\fontview.exe
+ 2008-04-14 00:12:20 20,992 ----a-w C:\WINDOWS\system32\fontview.exe
- 2004-08-04 10:00:00 7,168 ----a-w C:\WINDOWS\system32\forcedos.exe
+ 2008-04-14 00:12:20 7,680 ----a-w C:\WINDOWS\system32\forcedos.exe
- 2004-08-04 10:00:00 25,600 ----a-w C:\WINDOWS\system32\format.com
+ 2008-04-14 00:12:42 29,696 ----a-w C:\WINDOWS\system32\format.com
- 2004-08-04 10:00:00 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
+ 2008-04-14 00:09:33 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
- 2004-08-04 10:00:00 193,024 ----a-w C:\WINDOWS\system32\fsquirt.exe
+ 2008-04-14 00:12:20 193,024 ----a-w C:\WINDOWS\system32\fsquirt.exe
- 2004-08-04 10:00:00 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
+ 2008-04-14 00:12:20 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
- 2004-08-04 10:00:00 60,416 ----a-w C:\WINDOWS\system32\fwcfg.dll
+ 2008-04-14 00:11:53 60,416 ----a-w C:\WINDOWS\system32\fwcfg.dll
- 2004-08-04 10:00:00 452,096 ----a-w C:\WINDOWS\system32\fxsapi.dll
+ 2008-04-14 00:11:53 451,584 ----a-w C:\WINDOWS\system32\fxsapi.dll
- 2004-08-04 10:00:00 143,360 ----a-w C:\WINDOWS\system32\fxsclnt.exe
+ 2008-04-14 00:12:21 142,848 ----a-w C:\WINDOWS\system32\fxsclnt.exe
- 2004-08-04 10:00:00 72,192 ----a-w C:\WINDOWS\system32\fxscom.dll
+ 2008-04-14 00:11:54 72,192 ----a-w C:\WINDOWS\system32\fxscom.dll
- 2004-08-04 10:00:00 285,184 ----a-w C:\WINDOWS\system32\fxscomex.dll
+ 2008-04-14 00:11:54 285,184 ----a-w C:\WINDOWS\system32\fxscomex.dll
- 2004-08-04 10:00:00 229,376 ----a-w C:\WINDOWS\system32\fxscover.exe
+ 2008-04-14 00:12:21 229,376 ----a-w C:\WINDOWS\system32\fxscover.exe
- 2004-08-04 10:00:00 27,136 ----a-w C:\WINDOWS\system32\fxsdrv.dll
+ 2008-04-14 00:11:54 26,624 ----a-w C:\WINDOWS\system32\fxsdrv.dll
- 2004-08-04 10:00:00 55,296 ----a-w C:\WINDOWS\system32\fxsevent.dll
+ 2008-04-14 00:11:54 55,296 ----a-w C:\WINDOWS\system32\fxsevent.dll
- 2004-08-04 10:00:00 23,552 ----a-w C:\WINDOWS\system32\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ----a-w C:\WINDOWS\system32\fxsext32.dll
- 2004-08-04 10:00:00 23,552 ----a-w C:\WINDOWS\system32\fxsmon.dll
+ 2008-04-14 00:11:54 23,552 ----a-w C:\WINDOWS\system32\fxsmon.dll
- 2004-08-04 10:00:00 8,704 ----a-w C:\WINDOWS\system32\fxsperf.dll
+ 2008-04-14 00:11:54 8,704 ----a-w C:\WINDOWS\system32\fxsperf.dll
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\fxsres.dll
+ 2008-04-14 00:09:33 6,656 ----a-w C:\WINDOWS\system32\fxsres.dll
- 2004-08-04 10:00:00 562,176 ----a-w C:\WINDOWS\system32\fxsst.dll
+ 2008-04-14 00:11:54 562,176 ----a-w C:\WINDOWS\system32\fxsst.dll
- 2004-08-04 10:00:00 267,776 ----a-w C:\WINDOWS\system32\fxssvc.exe
+ 2008-04-14 00:12:21 267,776 ----a-w C:\WINDOWS\system32\fxssvc.exe
- 2004-08-04 10:00:00 246,272 ----a-w C:\WINDOWS\system32\fxst30.dll
+ 2008-04-14 00:11:54 246,272 ----a-w C:\WINDOWS\system32\fxst30.dll
- 2004-08-04 10:00:00 397,312 ----a-w C:\WINDOWS\system32\fxstiff.dll
+ 2008-04-14 00:11:54 397,312 ----a-w C:\WINDOWS\system32\fxstiff.dll
- 2004-08-04 10:00:00 154,112 ----a-w C:\WINDOWS\system32\fxsui.dll
+ 2008-04-14 00:11:54 154,112 ----a-w C:\WINDOWS\system32\fxsui.dll
- 2004-08-04 10:00:00 192,512 ----a-w C:\WINDOWS\system32\fxswzrd.dll
+ 2008-04-14 00:11:54 192,512 ----a-w C:\WINDOWS\system32\fxswzrd.dll
- 2004-08-04 10:00:00 400,384 ----a-w C:\WINDOWS\system32\fxsxp32.dll
+ 2008-04-14 00:11:54 400,384 ----a-w C:\WINDOWS\system32\fxsxp32.dll
- 2008-02-20 06:51:05 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-04-14 00:11:54 285,184 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2004-08-04 10:00:00 122,880 ----a-w C:\WINDOWS\system32\glu32.dll
+ 2008-04-14 00:11:54 122,880 ----a-w C:\WINDOWS\system32\glu32.dll
- 2004-08-04 10:00:00 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
+ 2006-12-31 01:26:44 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
- 2004-08-04 10:00:00 39,424 ----a-w C:\WINDOWS\system32\grpconv.exe
+ 2008-04-14 00:12:21 39,424 ----a-w C:\WINDOWS\system32\grpconv.exe
- 2004-08-04 10:00:00 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll
+ 2008-04-14 00:11:54 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll
- 2004-08-04 03:59:14 134,400 ----a-w C:\WINDOWS\system32\hal.dll
+ 2008-04-13 18:31:28 134,400 ----a-w C:\WINDOWS\system32\HAL.DLL
- 2004-08-04 10:00:00 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll
+ 2008-04-14 00:11:54 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll
- 2004-08-04 10:00:00 14,848 ----a-w C:\WINDOWS\system32\help.exe
+ 2008-04-14 00:12:21 15,872 ----a-w C:\WINDOWS\system32\help.exe
- 2005-05-27 02:04:27 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
+ 2008-04-14 00:11:54 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\system32\hid.dll
+ 2008-04-14 00:11:54 20,992 ----a-w C:\WINDOWS\system32\hid.dll
- 2006-07-21 08:24:43 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2008-04-14 00:11:54 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2004-08-04 10:00:00 344,064 ----a-w C:\WINDOWS\system32\hnetcfg.dll
+ 2008-04-14 00:11:54 344,064 ----a-w C:\WINDOWS\system32\hnetcfg.dll
- 2004-08-04 10:00:00 330,752 ----a-w C:\WINDOWS\system32\hnetwiz.dll
+ 2008-04-14 00:11:54 330,752 ----a-w C:\WINDOWS\system32\hnetwiz.dll
- 2004-08-04 10:00:00 144,896 ----a-w C:\WINDOWS\system32\hotplug.dll
+ 2008-04-14 00:11:54 144,896 ----a-w C:\WINDOWS\system32\hotplug.dll
+ 2008-04-14 00:11:54 32,285 ------w C:\WINDOWS\system32\hsfcisp2.dll
- 2004-08-04 10:00:00 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll
+ 2008-04-14 00:11:54 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll
- 2004-08-04 10:00:00 41,984 ----a-w C:\WINDOWS\system32\htui.dll
+ 2008-04-14 00:11:54 41,984 ----a-w C:\WINDOWS\system32\htui.dll
- 2004-11-17 17:41:24 347,136 ----a-w C:\WINDOWS\system32\hypertrm.dll
+ 2008-04-14 00:11:54 347,136 ----a-w C:\WINDOWS\system32\hypertrm.dll
- 2004-08-04 10:00:00 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll
+ 2008-04-14 00:11:54 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll
- 2004-08-04 10:00:00 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll
+ 2008-04-14 00:11:54 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll
- 2004-08-04 10:00:00 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll
+ 2008-04-14 00:11:54 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll
- 2005-06-29 01:46:00 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
+ 2008-04-14 00:11:54 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
- 2004-08-04 10:00:00 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
+ 2008-04-14 00:09:40 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
- 2004-08-04 10:00:00 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll
+ 2008-04-14 00:11:54 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll
- 2004-08-04 10:00:00 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll
+ 2008-04-14 00:11:54 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll
- 2004-08-04 10:00:00 120,832 ----a-w C:\WINDOWS\system32\idq.dll
+ 2008-04-14 00:11:54 120,832 ----a-w C:\WINDOWS\system32\idq.dll
- 2006-10-17 19:06:00 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2008-04-14 00:11:54 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
- 2004-08-04 10:00:00 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe
+ 2008-04-14 00:12:22 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe
- 2004-08-04 10:00:00 135,680 ----a-w C:\WINDOWS\system32\ifmon.dll
+ 2008-04-14 00:11:54 135,680 ----a-w C:\WINDOWS\system32\ifmon.dll
- 2004-08-04 10:00:00 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll
+ 2008-04-14 00:11:54 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll
- 2004-08-04 10:00:00 81,920 ----a-w C:\WINDOWS\system32\ils.dll
+ 2008-04-14 00:11:54 81,920 ----a-w C:\WINDOWS\system32\ils.dll
- 2004-08-04 10:00:00 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll
+ 2008-04-14 00:11:54 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll
- 2004-08-04 10:00:00 150,016 ----a-w C:\WINDOWS\system32\imapi.exe
+ 2008-04-14 00:12:22 150,528 ----a-w C:\WINDOWS\system32\imapi.exe
- 2004-08-04 10:00:00 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll
+ 2008-04-14 00:11:54 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll
- 2004-08-04 10:00:00 110,080 ----a-w C:\WINDOWS\system32\imm32.dll
+ 2008-04-14 00:11:54 110,080 ----a-w C:\WINDOWS\system32\imm32.dll
- 2004-08-04 10:00:00 274,432 ----a-w C:\WINDOWS\system32\inetcfg.dll
+ 2008-04-14 00:11:54 274,432 ----a-w C:\WINDOWS\system32\inetcfg.dll
- 2007-08-21 06:15:44 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-14 00:11:54 691,712 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2004-08-04 10:00:00 33,280 ----a-w C:\WINDOWS\system32\inetmib1.dll
+ 2008-04-14 00:11:55 32,768 ----a-w C:\WINDOWS\system32\inetmib1.dll
- 2004-08-04 10:00:00 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll
+ 2008-04-14 00:11:55 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll
- 2004-08-04 10:00:00 15,872 ----a-w C:\WINDOWS\system32\inetppui.dll
+ 2008-04-14 00:11:55 15,872 ----a-w C:\WINDOWS\system32\inetppui.dll
- 2004-08-04 10:00:00 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
+ 2008-04-13 16:22:12 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
- 2004-08-04 10:00:00 147,456 ----a-w C:\WINDOWS\system32\initpki.dll
+ 2008-04-14 00:11:55 147,456 ----a-w C:\WINDOWS\system32\initpki.dll
- 2004-08-04 10:00:00 123,392 ----a-w C:\WINDOWS\system32\input.dll
+ 2008-04-14 00:11:55 123,392 ----a-w C:\WINDOWS\system32\input.dll
- 2004-08-04 10:00:00 55,808 ----a-w C:\WINDOWS\system32\ipconfig.exe
+ 2008-04-14 00:12:22 55,808 ----a-w C:\WINDOWS\system32\ipconfig.exe
- 2006-05-19 12:59:41 94,720 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2008-04-14 00:11:55 94,720 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2004-08-04 10:00:00 154,112 ----a-w C:\WINDOWS\system32\ipmontr.dll
+ 2008-04-14 00:11:55 161,280 ----a-w C:\WINDOWS\system32\ipmontr.dll
- 2004-08-04 10:00:00 331,264 ----a-w C:\WINDOWS\system32\ipnathlp.dll
+ 2008-04-14 00:11:55 331,264 ----a-w C:\WINDOWS\system32\ipnathlp.dll
- 2004-08-04 10:00:00 330,752 ----a-w C:\WINDOWS\system32\ippromon.dll
+ 2008-04-14 00:11:55 330,752 ----a-w C:\WINDOWS\system32\ippromon.dll
- 2004-08-04 10:00:00 169,984 ----a-w C:\WINDOWS\system32\iprtrmgr.dll
+ 2008-04-14 00:11:55 177,152 ----a-w C:\WINDOWS\system32\iprtrmgr.dll
- 2004-08-04 10:00:00 349,696 ----a-w C:\WINDOWS\system32\ipsecsnp.dll
+ 2008-04-14 00:11:55 349,696 ----a-w C:\WINDOWS\system32\ipsecsnp.dll
- 2004-08-04 10:00:00 182,784 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
+ 2008-04-14 00:11:55 183,808 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
- 2004-08-04 10:00:00 384,000 ----a-w C:\WINDOWS\system32\ipsmsnap.dll
+ 2008-04-14 00:11:55 384,000 ----a-w C:\WINDOWS\system32\ipsmsnap.dll
- 2004-08-04 10:00:00 53,248 ----a-w C:\WINDOWS\system32\ipv6.exe
+ 2008-04-14 00:12:23 53,248 ----a-w C:\WINDOWS\system32\ipv6.exe
- 2004-08-04 10:00:00 59,904 ----a-w C:\WINDOWS\system32\ipv6mon.dll
+ 2008-04-14 00:11:55 59,904 ----a-w C:\WINDOWS\system32\ipv6mon.dll
- 2004-08-04 10:00:00 23,552 ----a-w C:\WINDOWS\system32\ipxroute.exe
+ 2008-04-14 00:12:23 23,552 ----a-w C:\WINDOWS\system32\ipxroute.exe
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\system32\ipxwan.dll
+ 2008-04-14 00:11:55 22,016 ----a-w C:\WINDOWS\system32\ipxwan.dll
- 2004-08-04 10:00:00 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll
+ 2008-04-14 00:11:55 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll
- 2004-08-04 10:00:00 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll
+ 2008-04-14 00:11:55 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll
- 2004-08-04 10:00:00 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
+ 2008-04-14 00:11:55 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
- 2004-08-04 10:00:00 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll
+ 2008-04-14 00:11:55 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll
- 2004-08-04 10:00:00 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll
+ 2008-04-14 00:11:55 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll
- 2004-08-04 10:00:00 81,920 ----a-w C:\WINDOWS\system32\isign32.dll
+ 2008-04-14 00:11:55 81,920 ----a-w C:\WINDOWS\system32\isign32.dll
- 2004-08-04 10:00:00 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll
+ 2008-04-14 00:11:55 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll
- 2005-05-27 02:04:27 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
+ 2008-04-14 00:11:55 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
- 2005-05-27 02:04:27 137,216 ----a-w C:\WINDOWS\system32\itss.dll
+ 2008-04-14 00:11:55 138,240 ----a-w C:\WINDOWS\system32\itss.dll
- 2004-08-04 10:00:00 54,272 ----a-w C:\WINDOWS\system32\ixsso.dll
+ 2008-04-14 00:11:55 54,272 ----a-w C:\WINDOWS\system32\ixsso.dll
- 2004-08-04 08:56:44 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
+ 2008-04-14 00:11:55 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
- 2006-06-01 18:47:07 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
+ 2008-04-14 00:11:55 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
- 2006-06-01 18:47:07 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
+ 2008-04-14 00:11:55 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
- 2006-10-17 19:00:00 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2008-04-14 00:11:56 512,000 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdbhc.dll
- 2004-08-04 10:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdfi1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdfi1.dll
- 2004-08-04 10:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdinbe1.dll
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdinben.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdinben.dll
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,656 ----a-w C:\WINDOWS\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdiultn.dll
- 2004-08-04 10:00:00 5,632 ----a-w C:\WINDOWS\system32\kbdmaori.dll
+ 2008-04-14 00:09:55 5,632 ----a-w C:\WINDOWS\system32\kbdmaori.dll
- 2004-08-04 10:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdmlt47.dll
- 2004-08-04 10:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdmlt48.dll
- 2004-08-04 10:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdnepr.dll
- 2004-08-04 10:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdpash.dll
- 2004-08-04 10:00:00 7,680 ----a-w C:\WINDOWS\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ----a-w C:\WINDOWS\system32\kbdsmsfi.dll
- 2004-08-04 10:00:00 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll
- 2004-08-04 10:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdukx.dll
- 2004-08-04 10:00:00 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
- 2005-06-15 17:49:30 295,936 ----a-w C:\WINDOWS\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w C:\WINDOWS\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w C:\WINDOWS\system32\kernel32.dll
- 2004-08-04 10:00:00 150,528 ----a-w C:\WINDOWS\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w C:\WINDOWS\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ------w C:\WINDOWS\system32\kmsvc.dll
- 2004-08-04 05:56:44 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w C:\WINDOWS\system32\l2gpstore.dll
- 2007-04-24 18:32:06 1,485,696 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-21 01:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
- 2004-08-04 10:00:00 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
+ 2008-04-14 12:41:58 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
- 2004-08-04 10:00:00 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll
- 2005-09-01 01:41:53 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
- 2004-08-04 10:00:00 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll
- 2004-08-04 10:00:00 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll
- 2004-08-04 10:00:00 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
- 2004-08-04 10:00:00 221,696 ----a-w C:\WINDOWS\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w C:\WINDOWS\system32\localsec.dll
- 2004-08-04 10:00:00 341,504 ----a-w C:\WINDOWS\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w C:\WINDOWS\system32\localspl.dll
- 2004-08-04 10:00:00 11,776 ----a-w C:\WINDOWS\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w C:\WINDOWS\system32\localui.dll
- 2004-08-04 10:00:00 75,264 ----a-w C:\WINDOWS\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w C:\WINDOWS\system32\locator.exe
- 2004-08-04 10:00:00 59,392 ----a-w C:\WINDOWS\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ----a-w C:\WINDOWS\system32\logman.exe
- 2004-08-04 10:00:00 220,672 ----a-w C:\WINDOWS\system32\logon.scr
+ 2008-04-14 00:12:43 220,672 ----a-w C:\WINDOWS\system32\logon.scr
- 2004-08-04 10:00:00 514,560 ----a-w C:\WINDOWS\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w C:\WINDOWS\system32\logonui.exe
- 2004-08-04 10:00:00 22,016 ----a-w C:\WINDOWS\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w C:\WINDOWS\system32\lpk.dll
- 2004-08-04 10:00:00 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll
- 2007-11-07 09:26:56 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2004-08-04 10:00:00 13,312 ----a-w C:\WINDOWS\system32\lsass.exe
+ 2008-04-14 00:12:24 13,312 ----a-w C:\WINDOWS\system32\lsass.exe
- 2004-08-04 10:00:00 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
+ 2008-04-14 00:12:24 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
- 2004-08-04 10:00:00 85,504 ----a-w C:\WINDOWS\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w C:\WINDOWS\system32\makecab.exe
- 2004-08-04 10:00:00 14,848 ----a-w C:\WINDOWS\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w C:\WINDOWS\system32\mcastmib.dll
- 2004-08-04 10:00:00 84,480 ----a-w C:\WINDOWS\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w C:\WINDOWS\system32\mciavi32.dll
- 2004-08-04 10:00:00 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll
- 2004-08-04 10:00:00 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll
- 2004-08-04 10:00:00 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll
- 2004-08-04 10:00:00 118,272 ----a-w C:\WINDOWS\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w C:\WINDOWS\system32\mdminst.dll
- 2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
- 2004-08-04 10:00:00 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll
- 2004-08-04 10:00:00 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll
- 2004-08-04 10:00:00 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ------w C:\WINDOWS\system32\microsoft.managementconsole.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w C:\WINDOWS\system32\midimap.dll
- 2004-08-04 10:00:00 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w C:\WINDOWS\system32\mimefilt.dll
- 2004-08-04 10:00:00 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
- 2004-08-04 10:00:00 815,104 ----a-w C:\WINDOWS\system32\mmc.exe
+ 2008-04-14 00:12:25 1,414,656 ----a-w C:\WINDOWS\system32\mmc.exe
- 2004-08-04 10:00:00 70,656 ----a-w C:\WINDOWS\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w C:\WINDOWS\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w C:\WINDOWS\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ------w C:\WINDOWS\system32\mmcfxcommon.dll
- 2004-08-04 10:00:00 1,192,960 ----a-w C:\WINDOWS\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w C:\WINDOWS\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w C:\WINDOWS\system32\mmcperf.exe
- 2004-08-04 10:00:00 50,688 ----a-w C:\WINDOWS\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w C:\WINDOWS\system32\mmcshext.dll
- 2004-08-04 10:00:00 17,408 ----a-w C:\WINDOWS\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w C:\WINDOWS\system32\mmfutil.dll
- 2004-08-04 10:00:00 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll
- 2004-08-04 10:00:00 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
- 2004-08-04 10:00:00 207,360 ----a-w C:\WINDOWS\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w C:\WINDOWS\system32\mobsync.dll
- 2004-08-04 10:00:00 143,360 ----a-w C:\WINDOWS\system32\mobsync.exe
+ 2008-04-14 00:12:26 143,360 ----a-w C:\WINDOWS\system32\mobsync.exe
- 2004-08-04 10:00:00 153,600 ----a-w C:\WINDOWS\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w C:\WINDOWS\system32\modemui.dll
- 2004-08-04 10:00:00 15,872 ----a-w C:\WINDOWS\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w C:\WINDOWS\system32\more.com
- 2004-08-04 10:00:00 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
- 2004-08-04 10:00:00 123,392 ----a-w C:\WINDOWS\system32\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w C:\WINDOWS\system32\mplay32.exe
- 2004-08-04 10:00:00 59,904 ----a-w C:\WINDOWS\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w C:\WINDOWS\system32\mpr.dll
- 2004-08-04 10:00:00 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
- 2004-08-04 10:00:00 49,152 ----a-w C:\WINDOWS\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w C:\WINDOWS\system32\mprdim.dll
+ 2008-05-09 21:35:06 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-08-04 10:00:00 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll
- 2004-08-04 10:00:00 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
+ 2008-04-14 00:10:06 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
- 2004-08-04 10:00:00 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll
- 2004-08-04 10:00:00 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll
- 2005-06-29 01:46:00 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
+ 2008-04-14 00:11:58 73,728 ----a-w C:\WINDOWS\system32\mscms.dll
- 2004-08-04 10:00:00 69,632 ----a-w C:\WINDOWS\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w C:\WINDOWS\system32\msconf.dll
- 2004-08-04 10:00:00 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dLL
+ 2008-04-13 17:26:07 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
- 2004-08-04 10:00:00 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dLL
+ 2008-04-14 00:11:58 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dll
- 2004-08-04 10:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
+ 2008-04-14 00:11:58 297,984 ----a-w C:\WINDOWS\system32\msctf.dll
- 2004-08-04 10:00:00 69,120 ----a-w C:\WINDOWS\system32\MSCTFP.dll
+ 2008-04-14 00:11:58 68,608 ----a-w C:\WINDOWS\system32\msctfp.dll
- 2004-08-04 10:00:00 118,784 ----a-w C:\WINDOWS\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ----a-w C:\WINDOWS\system32\msdadiag.dll
- 2004-08-04 10:00:00 151,552 ----a-w C:\WINDOWS\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w C:\WINDOWS\system32\msdart.dll
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll
- 2004-08-04 10:00:00 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
- 2004-08-04 10:00:00 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll
- 2006-03-01 19:42:42 426,496 ----a-w C:\WINDOWS\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w C:\WINDOWS\system32\msdtcprx.dll
- 2006-03-01 19:42:42 956,416 ----a-w C:\WINDOWS\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w C:\WINDOWS\system32\msdtctm.dll
- 2006-03-01 19:42:42 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
- 2004-08-04 10:00:00 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
- 2004-08-04 10:00:00 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-04 10:00:00 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2006-11-27 14:54:06 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2004-08-04 10:00:00 994,304 ----a-w C:\WINDOWS\system32\msgina.dll
+ 2008-04-14 00:11:59 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
- 2004-08-04 10:00:00 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll
- 2004-08-04 10:00:00 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
- 2004-08-04 08:56:58 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-04 10:00:00 51,712 ----a-w C:\WINDOWS\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w C:\WINDOWS\system32\msident.dll
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w C:\WINDOWS\system32\msidle.dll
- 2004-08-04 10:00:00 248,832 ----a-w C:\WINDOWS\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w C:\WINDOWS\system32\msieftp.dll
- 2005-05-04 22:45:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2008-04-14 00:12:28 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2005-05-04 22:45:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2004-08-04 10:00:00 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll
- 2005-05-04 22:45:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2004-08-04 10:00:00 159,232 ----a-w C:\WINDOWS\system32\MSIMTF.dll
+ 2008-04-14 00:11:59 159,232 ----a-w C:\WINDOWS\system32\msimtf.dll
- 2005-05-04 22:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
- 2004-08-04 10:00:00 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-08-04 10:00:00 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-04 10:00:00 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-04 10:00:00 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-04 10:00:00 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-04 10:00:00 25,088 ----a-w C:\WINDOWS\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w C:\WINDOWS\system32\mslbui.dll
- 2004-08-04 10:00:00 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-04 10:00:00 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll
- 2004-08-04 10:00:00 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll
- 2004-08-04 10:00:00 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
- 2004-08-04 10:00:00 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll
- 2004-08-04 10:00:00 343,040 ----a-w C:\WINDOWS\system32\mspaint.exe
+ 2008-04-14 00:12:28 343,040 ----a-w C:\WINDOWS\system32\mspaint.exe
- 2004-08-04 10:00:00 30,208 ----a-w C:\WINDOWS\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w C:\WINDOWS\system32\mspatcha.dll
- 2004-08-04 10:00:00 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2004-08-04 10:00:00 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
- 2004-08-04 10:00:00 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-04 10:00:00 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-04 10:00:00 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-04 10:00:00 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll
- 2004-08-04 10:00:00 134,656 ----a-w C:\WINDOWS\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w C:\WINDOWS\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w C:\WINDOWS\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w C:\WINDOWS\system32\msshavmsg.dll
- 2004-08-04 10:00:00 274,944 ----a-w C:\WINDOWS\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w C:\WINDOWS\system32\mstask.dll
- 2004-08-04 10:00:00 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2004-08-04 10:00:00 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe
- 2004-08-04 10:00:00 115,712 ----a-w C:\WINDOWS\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w C:\WINDOWS\system32\mstlsapi.dll
- 2004-08-04 10:00:00 407,552 ----a-w C:\WINDOWS\system32\mstsc.exe
+ 2008-04-14 00:12:23 677,888 ----a-w C:\WINDOWS\system32\mstsc.exe
- 2004-08-04 10:00:00 655,360 ----a-w C:\WINDOWS\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w C:\WINDOWS\system32\mstscax.dll
- 2004-08-04 10:00:00 195,072 ----a-w C:\WINDOWS\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w C:\WINDOWS\system32\msutb.dll
- 2004-08-04 10:00:00 129,536 ----a-w C:\WINDOWS\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w C:\WINDOWS\system32\msv1_0.dll
- 2004-02-23 08:00:00 1,386,496 ----a-w C:\WINDOWS\system32\MSVBVM60.DLL
+ 2008-04-14 00:12:00 1,384,479 ----a-w C:\WINDOWS\system32\msvbvm60.dll
- 2004-08-04 10:00:00 54,784 ----a-w C:\WINDOWS\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w C:\WINDOWS\system32\msvcirt.dll
- 2004-08-04 10:00:00 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll
- 2004-08-04 10:00:00 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
- 2004-08-04 10:00:00 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
- 2004-08-04 10:00:00 120,832 ----a-w C:\WINDOWS\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w C:\WINDOWS\system32\msvfw32.dll
- 2004-08-04 10:00:00 1,428,480 ----a-w C:\WINDOWS\system32\msvidctl.dll
+ 2008-04-14 00:12:01 1,428,992 ----a-w C:\WINDOWS\system32\msvidctl.dll
- 2004-08-04 10:00:00 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll
- 2004-08-04 10:00:00 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-04 10:00:00 204,288 ----a-w C:\WINDOWS\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w C:\WINDOWS\system32\mswebdvd.dll
- 2004-08-04 10:00:00 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
+ 2008-04-14 00:12:01 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
- 2004-08-04 10:00:00 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-04 10:00:00 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
- 2004-08-04 10:00:00 506,368 ----a-w C:\WINDOWS\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w C:\WINDOWS\system32\msxml.dll
- 2004-08-04 10:00:00 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w C:\WINDOWS\system32\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
- 2004-08-04 08:56:46 17,408 ----a-w C:\WINDOWS\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w C:\WINDOWS\system32\msyuv.dll
- 2006-03-01 19:42:42 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w C:\WINDOWS\system32\mtxdm.dll
- 2004-08-04 10:00:00 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll
- 2004-08-04 10:00:00 25,088 ----a-w C:\WINDOWS\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w C:\WINDOWS\system32\mtxlegih.dll
- 2006-03-01 19:42:42 91,136 ----a-w C:\WINDOWS\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w C:\WINDOWS\system32\mtxoci.dll
- 2004-08-04 10:00:00 405,504 ----a-w C:\WINDOWS\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ----a-w C:\WINDOWS\system32\mui\041b\xpob2res.dll
- 2004-08-04 10:00:00 193,024 ----a-w C:\WINDOWS\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w C:\WINDOWS\system32\mui\041b\xpsp1res.dll
- 2004-08-04 10:00:00 757,248 ----a-w C:\WINDOWS\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ----a-w C:\WINDOWS\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ------w C:\WINDOWS\system32\mui\041b\xpsp3res.dll
- 2004-08-04 10:00:00 408,576 ----a-w C:\WINDOWS\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ----a-w C:\WINDOWS\system32\mui\0424\xpob2res.dll
- 2004-08-04 10:00:00 192,512 ----a-w C:\WINDOWS\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w C:\WINDOWS\system32\mui\0424\xpsp1res.dll
- 2004-08-04 10:00:00 732,160 ----a-w C:\WINDOWS\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ----a-w C:\WINDOWS\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ------w C:\WINDOWS\system32\mui\0424\xpsp3res.dll
- 2004-08-04 10:00:00 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
+ 2008-04-14 00:12:01 30,208 ------w C:\WINDOWS\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w C:\WINDOWS\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w C:\WINDOWS\system32\napstat.exe
- 2004-08-04 10:00:00 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
+ 2008-04-14 00:12:29 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
- 2004-08-04 10:00:00 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll
- 2004-08-04 10:00:00 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll
- 2004-08-04 10:00:00 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w C:\WINDOWS\system32\nddenb32.dll
- 2004-08-04 10:00:00 42,496 ----a-w C:\WINDOWS\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w C:\WINDOWS\system32\net.exe
- 2004-08-04 10:00:00 124,928 ----a-w C:\WINDOWS\system32\net1.exe
+ 2008-04-14 00:12:29 124,928 ----a-w C:\WINDOWS\system32\net1.exe
- 2006-08-17 12:28:27 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2008-04-14 00:12:01 337,408 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2004-08-04 10:00:00 622,080 ----a-w C:\WINDOWS\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w C:\WINDOWS\system32\netcfgx.dll
- 2004-08-04 10:00:00 111,104 ----a-w C:\WINDOWS\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w C:\WINDOWS\system32\netdde.exe
- 2004-08-04 10:00:00 139,264 ----a-w C:\WINDOWS\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w C:\WINDOWS\system32\netid.dll
- 2004-08-04 10:00:00 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll
- 2005-08-22 18:29:46 197,632 ----a-w C:\WINDOWS\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w C:\WINDOWS\system32\netman.dll
- 2004-08-04 10:00:00 875,008 ----a-w C:\WINDOWS\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w C:\WINDOWS\system32\netplwiz.dll
- 2004-08-04 10:00:00 12,288 ----a-w C:\WINDOWS\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w C:\WINDOWS\system32\netrap.dll
- 2004-08-04 10:00:00 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
+ 2008-04-14 00:16:51 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
- 2004-08-04 10:00:00 86,016 ----a-w C:\WINDOWS\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w C:\WINDOWS\system32\netsh.exe
- 2004-08-04 10:00:00 1,708,032 ----a-w C:\WINDOWS\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w C:\WINDOWS\system32\netshell.dll
- 2004-08-04 10:00:00 36,864 ----a-w C:\WINDOWS\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w C:\WINDOWS\system32\netstat.exe
- 2004-08-04 10:00:00 80,896 ----a-w C:\WINDOWS\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w C:\WINDOWS\system32\netui0.dll
- 2004-08-04 10:00:00 245,760 ----a-w C:\WINDOWS\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w C:\WINDOWS\system32\netui1.dll
- 2004-08-04 10:00:00 248,832 ----a-w C:\WINDOWS\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w C:\WINDOWS\system32\newdev.dll
- 2004-08-04 10:00:00 103,936 ----a-w C:\WINDOWS\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w C:\WINDOWS\system32\nlhtml.dll
- 2004-08-04 10:00:00 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll
- 2004-08-04 10:00:00 69,120 ----a-w C:\WINDOWS\system32\notepad.exe
+ 2008-04-14 00:12:29 69,120 ----a-w C:\WINDOWS\system32\notepad.exe
- 2004-08-04 10:00:00 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll
- 2004-08-04 10:00:00 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe
- 2004-08-04 10:00:00 54,784 ----a-w C:\WINDOWS\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w C:\WINDOWS\system32\npptools.dll
- 2004-08-04 10:00:00 76,800 ----a-w C:\WINDOWS\system32\nslookup.exe
+ 2008-04-14 00:12:29 76,800 ----a-w C:\WINDOWS\system32\nslookup.exe
- 2004-08-04 10:00:00 708,096 ----a-w C:\WINDOWS\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w C:\WINDOWS\system32\ntdll.dll
- 2004-08-04 10:00:00 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll
- 2007-02-28 08:38:57 2,015,744 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2004-08-04 10:00:00 43,520 ----a-w C:\WINDOWS\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w C:\WINDOWS\system32\ntlanman.dll
- 2004-08-04 10:00:00 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll
- 2004-08-04 10:00:00 118,784 ----a-w C:\WINDOWS\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w C:\WINDOWS\system32\ntmarta.dll
- 2004-08-04 10:00:00 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll
- 2004-08-04 10:00:00 179,712 ----a-w C:\WINDOWS\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w C:\WINDOWS\system32\ntmsdba.dll
- 2004-08-04 10:00:00 488,448 ----a-w C:\WINDOWS\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w C:\WINDOWS\system32\ntmsmgr.dll
- 2004-08-04 10:00:00 435,200 ----a-w C:\WINDOWS\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w C:\WINDOWS\system32\ntmssvc.dll
- 2007-02-28 09:08:48 2,136,064 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2008-04-13 19:24:37 2,145,280 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2004-08-04 10:00:00 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
- 2004-08-04 10:00:00 143,872 ----a-w C:\WINDOWS\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w C:\WINDOWS\system32\ntshrui.dll
- 2004-08-04 10:00:00 419,840 ----a-w C:\WINDOWS\system32\ntvdm.exe
+ 2008-04-14 00:12:30 420,864 ----a-w C:\WINDOWS\system32\ntvdm.exe
- 2004-08-04 10:00:00 13,312 ----a-w C:\WINDOWS\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\ntvdmd.dll
- 2004-08-04 05:56:46 4,274,816 ----a-w C:\WINDOWS\system32\nv4_disp.dll
+ 2008-04-14 00:12:02 4,274,816 ----a-w C:\WINDOWS\system32\nv4_disp.dll
- 2006-10-13 12:35:12 142,336 ----a-w C:\WINDOWS\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w C:\WINDOWS\system32\nwprovau.dll
- 2004-08-04 10:00:00 266,752 ----a-w C:\WINDOWS\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w C:\WINDOWS\system32\oakley.dll
- 2004-08-04 10:00:00 285,696 ----a-w C:\WINDOWS\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w C:\WINDOWS\system32\objsel.dll
- 2004-08-04 10:00:00 60,928 ----a-w C:\WINDOWS\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\ocmanage.dll
- 2004-08-04 10:00:00 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll
- 2004-08-04 10:00:00 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll
- 2004-08-04 10:00:00 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe
+ 2008-04-14 00:12:30 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe
- 2004-08-04 10:00:00 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll
- 2004-08-04 10:00:00 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll
- 2004-08-04 10:00:00 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe
- 2004-08-04 10:00:00 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll
- 2004-08-04 10:00:00 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll
- 2004-08-04 10:00:00 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll
- 2004-08-04 10:00:00 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
- 2004-08-04 10:00:00 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
+ 2008-04-14 00:10:31 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
- 2004-08-04 10:00:00 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll
- 2004-08-04 10:00:00 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
- 2004-08-04 10:00:00 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll
- 2004-08-04 10:00:00 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll
- 2004-08-04 10:00:00 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll
- 2004-08-04 10:00:00 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll
- 2004-08-04 10:00:00 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll
- 2004-08-04 10:00:00 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll
- 2004-08-04 10:00:00 120,832 ----a-w C:\WINDOWS\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w C:\WINDOWS\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w C:\WINDOWS\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w C:\WINDOWS\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w C:\WINDOWS\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w C:\WINDOWS\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2004-08-04 10:00:00 107,008 ----a-w C:\WINDOWS\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w C:\WINDOWS\system32\oleprn.dll
- 2004-08-04 10:00:00 83,456 ----a-w C:\WINDOWS\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w C:\WINDOWS\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w C:\WINDOWS\system32\onex.dll
- 2004-08-04 10:00:00 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll
- 2004-08-04 10:00:00 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll
- 2004-08-04 10:00:00 561,664 ----a-w C:\WINDOWS\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w C:\WINDOWS\system32\oobe\msobmain.dll
- 2004-08-04 10:00:00 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll
- 2004-08-04 10:00:00 28,160 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe
- 2004-08-04 10:00:00 51,200 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe
- 2004-08-04 10:00:00 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll
- 2004-08-04 10:00:00 215,552 ----a-w C:\WINDOWS\system32\osk.exe
+ 2008-04-14 00:12:31 215,552 ----a-w C:\WINDOWS\system32\osk.exe
- 2004-08-04 10:00:00 67,584 ----a-w C:\WINDOWS\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\osuninst.dll
- 2004-08-04 10:00:00 116,224 ----a-w C:\WINDOWS\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ----a-w C:\WINDOWS\system32\p2p.dll
- 2004-08-04 10:00:00 86,016 ----a-w C:\WINDOWS\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ----a-w C:\WINDOWS\system32\p2pgasvc.dll
- 2004-08-04 10:00:00 312,320 ----a-w C:\WINDOWS\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ----a-w C:\WINDOWS\system32\p2pgraph.dll
- 2004-08-04 10:00:00 88,064 ----a-w C:\WINDOWS\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ----a-w C:\WINDOWS\system32\p2pnetsh.dll
- 2004-08-04 10:00:00 526,848 ----a-w C:\WINDOWS\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ----a-w C:\WINDOWS\system32\p2psvc.dll
- 2004-08-04 10:00:00 58,368 ----a-w C:\WINDOWS\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w C:\WINDOWS\system32\packager.exe
- 2004-08-04 10:00:00 62,976 ----a-w C:\WINDOWS\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\pautoenr.dll
- 2004-08-04 10:00:00 283,648 ----a-w C:\WINDOWS\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w C:\WINDOWS\system32\pdh.dll
- 2008-05-10 06:09:21 64,200 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-05-15 07:58:37 64,200 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2004-08-04 10:00:00 39,936 ----a-w C:\WINDOWS\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w C:\WINDOWS\system32\perfctrs.dll
- 2004-08-04 10:00:00 26,624 ----a-w C:\WINDOWS\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w C:\WINDOWS\system32\perfdisk.dll
- 2008-05-10 06:09:21 407,670 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-05-15 07:58:37 407,670 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2004-08-04 10:00:00 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w C:\WINDOWS\system32\perfnet.dll
- 2004-08-04 10:00:00 25,088 ----a-w C:\WINDOWS\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w C:\WINDOWS\system32\perfos.dll
- 2004-08-04 10:00:00 34,816 ----a-w C:\WINDOWS\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w C:\WINDOWS\system32\perfproc.dll
+ 2008-04-14 00:12:02 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll
- 2004-08-04 10:00:00 176,128 ----a-w C:\WINDOWS\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w C:\WINDOWS\system32\photowiz.dll
- 2004-08-04 10:00:00 35,328 ----a-w C:\WINDOWS\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w C:\WINDOWS\system32\pid.dll
- 2004-08-04 10:00:00 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
+ 2008-04-13 18:35:22 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
- 2004-08-04 10:00:00 17,920 ----a-w C:\WINDOWS\system32\ping.exe
+ 2008-04-14 00:12:31 17,920 ----a-w C:\WINDOWS\system32\ping.exe
- 2004-08-04 10:00:00 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
- 2004-08-04 10:00:00 48,640 ----a-w C:\WINDOWS\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ----a-w C:\WINDOWS\system32\pnrpnsp.dll
- 2004-08-04 10:00:00 105,472 ----a-w C:\WINDOWS\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w C:\WINDOWS\system32\polstore.dll
- 2004-08-04 10:00:00 49,152 ----a-w C:\WINDOWS\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ----a-w C:\WINDOWS\system32\powercfg.exe
- 2004-08-04 10:00:00 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll
- 2004-08-04 10:00:00 560,640 ----a-w C:\WINDOWS\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w C:\WINDOWS\system32\printui.dll
- 2004-08-04 10:00:00 27,648 ----a-w C:\WINDOWS\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w C:\WINDOWS\system32\profmap.dll
- 2004-08-04 10:00:00 109,568 ----a-w C:\WINDOWS\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w C:\WINDOWS\system32\progman.exe
- 2004-08-04 10:00:00 50,176 ----a-w C:\WINDOWS\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w C:\WINDOWS\system32\proquota.exe
- 2004-08-04 10:00:00 9,216 ----a-w C:\WINDOWS\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ----a-w C:\WINDOWS\system32\proxycfg.exe
- 2004-08-04 10:00:00 23,040 ----a-w C:\WINDOWS\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w C:\WINDOWS\system32\psapi.dll
- 2004-08-04 10:00:00 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
- 2004-08-04 10:00:00 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll
- 2004-08-04 10:00:00 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 150,528 ------w C:\WINDOWS\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w C:\WINDOWS\system32\qagentrt.dll
- 2004-08-04 10:00:00 192,512 ----a-w C:\WINDOWS\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w C:\WINDOWS\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w C:\WINDOWS\system32\qcliprov.dll
- 2004-08-04 10:00:00 279,040 ----a-w C:\WINDOWS\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w C:\WINDOWS\system32\qdv.dll
- 2004-08-04 10:00:00 385,024 ----a-w C:\WINDOWS\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w C:\WINDOWS\system32\qdvd.dll
- 2004-08-04 10:00:00 562,176 ----a-w C:\WINDOWS\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w C:\WINDOWS\system32\qedit.dll
- 2004-08-04 10:00:00 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
- 2004-08-04 10:00:00 382,464 ----a-w C:\WINDOWS\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w C:\WINDOWS\system32\qmgr.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\qprocess.exe
+ 2008-04-14 00:12:32 19,968 ----a-w C:\WINDOWS\system32\qprocess.exe
- 2007-10-29 22:43:03 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-04-14 00:12:03 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
- 2006-06-22 05:06:30 1,435,648 ----a-w C:\WINDOWS\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w C:\WINDOWS\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ------w C:\WINDOWS\system32\qutil.dll
- 2004-08-04 10:00:00 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w C:\WINDOWS\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w C:\WINDOWS\system32\rasadhlp.dll
- 2004-08-04 10:00:00 236,544 ----a-w C:\WINDOWS\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\rasapi32.dll
- 2004-08-04 10:00:00 89,088 ----a-w C:\WINDOWS\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w C:\WINDOWS\system32\rasauto.dll
- 2004-08-04 10:00:00 69,632 ----a-w C:\WINDOWS\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w C:\WINDOWS\system32\raschap.dll
- 2004-08-04 10:00:00 657,920 ----a-w C:\WINDOWS\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w C:\WINDOWS\system32\rasdlg.dll
- 2004-08-04 10:00:00 61,440 ----a-w C:\WINDOWS\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w C:\WINDOWS\system32\rasman.dll
- 2006-05-14 08:44:08 181,248 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2004-08-04 10:00:00 56,832 ----a-w C:\WINDOWS\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w C:\WINDOWS\system32\rasphone.exe
- 2004-08-04 10:00:00 206,336 ----a-w C:\WINDOWS\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w C:\WINDOWS\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ------w C:\WINDOWS\system32\rasqec.dll
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w C:\WINDOWS\system32\rassapi.dll
- 2004-08-04 10:00:00 58,880 ----a-w C:\WINDOWS\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w C:\WINDOWS\system32\rastapi.dll
- 2004-08-04 10:00:00 112,128 ----a-w C:\WINDOWS\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w C:\WINDOWS\system32\rastls.dll
- 2004-08-04 10:00:00 102,400 ----a-w C:\WINDOWS\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w C:\WINDOWS\system32\rcbdyctl.dll
- 2004-08-04 10:00:00 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe
+ 2008-04-14 00:12:32 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe
- 2004-08-04 10:00:00 21,504 ----a-w C:\WINDOWS\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w C:\WINDOWS\system32\rcp.exe
- 2004-08-04 10:00:00 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll
- 2004-08-04 10:00:00 62,464 ----a-w C:\WINDOWS\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w C:\WINDOWS\system32\rdpclip.exe
- 2004-08-04 10:00:00 92,168 ----a-w C:\WINDOWS\system32\rdpdd.dll
+ 2008-04-14 00:13:22 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll
- 2004-08-04 10:00:00 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
+ 2008-04-14 00:13:22 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
- 2004-08-04 10:00:00 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe
- 2004-08-04 10:00:00 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe
- 2004-08-04 10:00:00 50,176 ----a-w C:\WINDOWS\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w C:\WINDOWS\system32\reg.exe
- 2004-08-04 10:00:00 49,664 ----a-w C:\WINDOWS\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w C:\WINDOWS\system32\regapi.dll
- 2004-08-04 10:00:00 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll
- 2004-08-04 10:00:00 11,776 ----a-w C:\WINDOWS\system32\regsvr32.exe
+ 2008-04-14 00:12:32 11,776 ----a-w C:\WINDOWS\system32\regsvr32.exe
- 2004-08-04 10:00:00 397,824 ----a-w C:\WINDOWS\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w C:\WINDOWS\system32\regwizc.dll
+ 2004-08-04 10:00:00 36,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\intelppm.sys
+ 2004-08-04 10:00:00 36,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\intelppm.sys
- 2004-08-04 10:00:00 60,416 ----a-w C:\WINDOWS\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w C:\WINDOWS\system32\remotepg.dll
- 2004-08-04 10:00:00 380,416 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 380,416 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
- 2004-08-04 10:00:00 58,880 ----a-w C:\WINDOWS\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w C:\WINDOWS\system32\resutils.dll
- 2004-08-04 10:00:00 13,824 ----a-w C:\WINDOWS\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w C:\WINDOWS\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ------w C:\WINDOWS\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w C:\WINDOWS\system32\riched20.dll
- 2007-07-09 13:09:42 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w C:\WINDOWS\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w C:\WINDOWS\system32\rpcss.dll
- 2004-08-04 10:00:00 152,576 ----a-w C:\WINDOWS\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
- 2004-08-04 10:00:00 14,848 ----a-w C:\WINDOWS\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w C:\WINDOWS\system32\rsh.exe
- 2004-08-04 10:00:00 39,936 ----a-w C:\WINDOWS\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w C:\WINDOWS\system32\rshx32.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll
- 2004-08-04 10:00:00 90,112 ----a-w C:\WINDOWS\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w C:\WINDOWS\system32\rsvpsp.dll
- 2004-08-04 10:00:00 77,312 ----a-w C:\WINDOWS\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w C:\WINDOWS\system32\rtcshare.exe
- 2004-08-04 10:00:00 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll
- 2004-08-04 10:00:00 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll
- 2004-08-04 10:00:00 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
+ 2008-04-14 00:12:33 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\runonce.exe
+ 2008-04-14 00:12:33 14,336 ----a-w C:\WINDOWS\system32\runonce.exe
+ 2008-04-14 00:12:04 397,056 ------w C:\WINDOWS\system32\s3gnb.dll
- 2004-08-04 10:00:00 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll
- 2004-08-04 10:00:00 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll
- 2004-08-04 10:00:00 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll
- 2004-08-04 10:00:00 64,000 ----a-w C:\WINDOWS\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w C:\WINDOWS\system32\samlib.dll
- 2004-08-04 10:00:00 415,744 ----a-w C:\WINDOWS\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w C:\WINDOWS\system32\samsrv.dll
- 2004-08-04 10:00:00 13,312 ----a-w C:\WINDOWS\system32\savedump.exe
+ 2008-04-14 00:12:33 13,312 ----a-w C:\WINDOWS\system32\savedump.exe
- 2004-08-04 10:00:00 270,848 ----a-w C:\WINDOWS\system32\sbe.dll
+ 2008-04-14 00:12:04 270,848 ----a-w C:\WINDOWS\system32\sbe.dll
- 2004-08-04 10:00:00 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll
- 2004-08-04 10:00:00 69,632 ----a-w C:\WINDOWS\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w C:\WINDOWS\system32\scarddlg.dll
- 2004-08-04 10:00:00 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
- 2004-08-04 10:00:00 171,008 ----a-w C:\WINDOWS\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w C:\WINDOWS\system32\sccsccp.dll
- 2004-08-04 10:00:00 180,224 ----a-w C:\WINDOWS\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w C:\WINDOWS\system32\scecli.dll
- 2004-08-04 10:00:00 313,856 ----a-w C:\WINDOWS\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w C:\WINDOWS\system32\scesrv.dll
- 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2008-04-14 00:12:05 144,384 ----a-w C:\WINDOWS\system32\schannel.dll
- 2004-08-04 10:00:00 190,976 ----a-w C:\WINDOWS\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w C:\WINDOWS\system32\schedsvc.dll
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w C:\WINDOWS\system32\sclgntfy.dll
- 2004-08-04 10:00:00 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr
+ 2008-04-14 00:12:43 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr
- 2004-08-04 10:00:00 159,744 ----a-w C:\WINDOWS\system32\scrobj.dll
+ 2008-04-14 00:12:05 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
- 2004-08-04 10:00:00 151,552 ----a-w C:\WINDOWS\system32\scrrun.dll
+ 2008-04-14 00:12:05 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
- 2004-08-04 10:00:00 77,312 ----a-w C:\WINDOWS\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w C:\WINDOWS\system32\sdbinst.exe
- 2004-08-04 10:00:00 29,184 ----a-w C:\WINDOWS\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ----a-w C:\WINDOWS\system32\sdhcinst.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll
- 2004-08-04 10:00:00 55,808 ----a-w C:\WINDOWS\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w C:\WINDOWS\system32\secur32.dll
- 2004-08-04 10:00:00 5,632 ----a-w C:\WINDOWS\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w C:\WINDOWS\system32\security.dll
- 2004-08-04 10:00:00 29,184 ----a-w C:\WINDOWS\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w C:\WINDOWS\system32\sendcmsg.dll
- 2004-08-04 10:00:00 55,296 ----a-w C:\WINDOWS\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w C:\WINDOWS\system32\sendmail.dll
- 2004-08-04 10:00:00 38,912 ----a-w C:\WINDOWS\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w C:\WINDOWS\system32\sens.dll
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w C:\WINDOWS\system32\sensapi.dll
- 2004-08-04 10:00:00 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll
- 2004-08-04 10:00:00 108,032 ----a-w C:\WINDOWS\system32\services.exe
+ 2008-04-14 00:12:34 108,544 ----a-w C:\WINDOWS\system32\services.exe
- 2004-08-04 10:00:00 140,800 ----a-w C:\WINDOWS\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w C:\WINDOWS\system32\sessmgr.exe
- 2004-08-04 10:00:00 31,232 ----a-w C:\WINDOWS\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w C:\WINDOWS\system32\sethc.exe
- 2004-08-04 10:00:00 23,040 ----a-w C:\WINDOWS\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w C:\WINDOWS\system32\setup.exe
- 2004-08-04 10:00:00 259,584 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll
- 2004-08-04 10:00:00 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll
- 2004-08-04 10:00:00 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll
- 2004-08-04 10:00:00 505,344 ----a-w C:\WINDOWS\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w C:\WINDOWS\system32\Setup\iis.dll
- 2004-08-04 10:00:00 115,712 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w C:\WINDOWS\system32\Setup\koc.dll
- 2004-08-04 10:00:00 82,432 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll
- 2004-08-04 10:00:00 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll
- 2004-08-04 10:00:00 77,312 ----a-w C:\WINDOWS\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w C:\WINDOWS\system32\Setup\netoc.dll
- 2004-08-04 10:00:00 62,976 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll
- 2004-08-04 10:00:00 15,872 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll
- 2004-08-04 10:00:00 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll
- 2004-08-04 10:00:00 101,376 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll
- 2004-08-04 10:00:00 22,016 ----a-w C:\WINDOWS\system32\Setup\startoc.dll
+ 2008-04-14 00:12:07 26,624 ----a-w C:\WINDOWS\system32\Setup\startoc.dll
- 2004-08-04 10:00:00 121,856 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll
- 2004-08-04 10:00:00 983,552 ----a-w C:\WINDOWS\system32\setupapi.dll
+ 2008-04-14 12:42:06 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w C:\WINDOWS\system32\setupn.exe
- 2004-08-04 10:00:00 5,120 ----a-w C:\WINDOWS\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w C:\WINDOWS\system32\sfc.dll
- 2004-08-04 10:00:00 140,288 ----a-w C:\WINDOWS\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w C:\WINDOWS\system32\sfc_os.dll
- 2004-08-04 10:00:00 1,580,544 ----a-w C:\WINDOWS\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w C:\WINDOWS\system32\sfcfiles.dll
- 2004-08-04 10:00:00 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
- 2008-02-16 09:32:08 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2008-04-14 00:12:05 8,461,312 ----a-w C:\WINDOWS\system32\shell32.dll
- 2004-08-04 10:00:00 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll
- 2004-08-04 10:00:00 68,096 ----a-w C:\WINDOWS\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w C:\WINDOWS\system32\shgina.dll
- 2004-08-04 10:00:00 65,536 ----a-w C:\WINDOWS\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w C:\WINDOWS\system32\shimeng.dll
- 2004-08-04 10:00:00 438,272 ----a-w C:\WINDOWS\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w C:\WINDOWS\system32\shimgvw.dll
- 2008-02-16 09:32:08 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-04 10:00:00 151,552 ----a-w C:\WINDOWS\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w C:\WINDOWS\system32\shmedia.dll
- 2004-08-04 10:00:00 42,496 ----a-w C:\WINDOWS\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w C:\WINDOWS\system32\shmgrate.exe
- 2004-08-04 10:00:00 77,824 ----a-w C:\WINDOWS\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w C:\WINDOWS\system32\shrpubw.exe
- 2004-08-04 10:00:00 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
- 2004-08-04 10:00:00 19,456 ----a-w C:\WINDOWS\system32\shutdown.exe
+ 2008-04-14 00:12:35 19,456 ----a-w C:\WINDOWS\system32\shutdown.exe
- 2004-08-04 10:00:00 13,312 ----a-w C:\WINDOWS\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w C:\WINDOWS\system32\sigtab.dll
- 2004-08-04 10:00:00 70,144 ----a-w C:\WINDOWS\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w C:\WINDOWS\system32\sigverif.exe
- 2004-08-04 10:00:00 26,112 ----a-w C:\WINDOWS\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w C:\WINDOWS\system32\skeys.exe
- 2004-08-04 10:00:00 25,088 ----a-w C:\WINDOWS\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w C:\WINDOWS\system32\slayerxp.dll
- 2004-08-04 10:00:00 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w C:\WINDOWS\system32\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w C:\WINDOWS\system32\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w C:\WINDOWS\system32\slgen.dll
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\system32\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w C:\WINDOWS\system32\slserv.exe
- 2004-08-04 10:00:00 8,192 ----a-w C:\WINDOWS\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ----a-w C:\WINDOWS\system32\smbinst.exe
- 2004-08-04 10:00:00 363,008 ----a-w C:\WINDOWS\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w C:\WINDOWS\system32\smlogcfg.dll
- 2004-08-04 10:00:00 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
- 2004-08-04 10:00:00 50,688 ----a-w C:\WINDOWS\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w C:\WINDOWS\system32\smss.exe
- 2004-08-04 10:00:00 131,584 ----a-w C:\WINDOWS\system32\sndrec32.exe
+ 2008-04-14 00:12:36 131,584 ----a-w C:\WINDOWS\system32\sndrec32.exe
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll
- 2004-08-04 10:00:00 182,272 ----a-w C:\WINDOWS\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w C:\WINDOWS\system32\snmpsnap.dll
- 2004-08-04 10:00:00 23,552 ----a-w C:\WINDOWS\system32\sort.exe
+ 2008-04-14 00:12:36 24,576 ----a-w C:\WINDOWS\system32\sort.exe
+ 2008-04-14 00:12:36 7,680 ----a-w C:\WINDOWS\system32\spdwnwxp.exe
- 2004-08-04 10:00:00 538,624 ----a-w C:\WINDOWS\system32\spider.exe
+ 2008-04-14 00:12:36 538,624 ----a-w C:\WINDOWS\system32\spider.exe
- 2006-09-26 00:58:48 14,640 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2007-08-11 03:46:18 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2004-08-04 10:00:00 11,776 ----a-w C:\WINDOWS\system32\spnpinst.exe
+ 2008-04-14 12:42:38 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
- 2004-08-04 10:00:00 452,096 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSAPI.DLL
+ 2008-04-14 00:11:53 451,584 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsapi.dll
- 2004-08-04 10:00:00 27,136 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSDRV.DLL
+ 2008-04-14 00:11:54 26,624 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsdrv.dll
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSRES.DLL
+ 2008-04-14 00:09:33 6,656 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsres.dll
- 2004-08-04 10:00:00 397,312 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSTIFF.DLL
+ 2008-04-14 00:11:54 397,312 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxstiff.dll
- 2004-08-04 10:00:00 154,112 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSUI.DLL
+ 2008-04-14 00:11:54 154,112 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsui.dll
- 2004-08-04 10:00:00 192,512 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSWZRD.DLL
+ 2008-04-14 00:11:54 192,512 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxswzrd.dll
- 2004-08-04 08:56:48 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2008-04-14 00:12:07 373,248 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrv.dll
- 2004-08-04 08:56:48 197,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2008-04-14 00:12:07 744,448 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrvui.dll
- 2004-08-04 08:56:36 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2007-05-15 08:08:53 761,344 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unires.dll
- 2004-08-04 10:00:00 74,752 ----a-w C:\WINDOWS\system32\spoolss.dll
+ 2008-04-14 00:12:06 75,264 ----a-w C:\WINDOWS\system32\spoolss.dll
- 2005-06-10 23:53:32 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
+ 2008-04-14 00:12:36 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
- 2006-09-26 00:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2007-08-11 03:46:18 26,488 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2008-04-14 00:12:36 20,992 ------w C:\WINDOWS\system32\spupdwxp.exe
- 2004-08-04 10:00:00 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll
- 2004-08-04 10:00:00 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll
- 2004-08-04 10:00:00 67,584 ----a-w C:\WINDOWS\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w C:\WINDOWS\system32\srclient.dll
- 2004-08-04 10:00:00 239,104 ----a-w C:\WINDOWS\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w C:\WINDOWS\system32\srrstr.dll
- 2004-08-04 10:00:00 170,496 ----a-w C:\WINDOWS\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w C:\WINDOWS\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
- 2004-08-04 10:00:00 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
- 2004-08-04 10:00:00 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
- 2004-08-04 10:00:00 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
- 2004-08-04 10:00:00 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
- 2004-08-04 10:00:00 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
- 2004-08-04 10:00:00 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
- 2004-08-04 10:00:00 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
- 2004-08-04 10:00:00 54,272 ----a-w C:\WINDOWS\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w C:\WINDOWS\system32\stclient.dll
- 2004-08-04 10:00:00 67,584 ----a-w C:\WINDOWS\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w C:\WINDOWS\system32\sti.dll
- 2004-08-04 10:00:00 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
- 2004-08-04 10:00:00 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
- 2004-08-04 10:00:00 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
- 2004-08-04 05:56:46 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
- 2006-08-21 17:52:08 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2004-08-04 10:00:00 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
- 2004-08-04 10:00:00 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
- 2004-08-04 10:00:00 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
- 2004-08-04 10:00:00 105,984 ----a-w C:\WINDOWS\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w C:\WINDOWS\system32\sysocmgr.exe
- 2004-08-04 10:00:00 984,576 ----a-w C:\WINDOWS\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w C:\WINDOWS\system32\syssetup.dll
- 2005-10-17 21:14:46 118,272 ----a-w C:\WINDOWS\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w C:\WINDOWS\system32\t2embed.dll
- 2004-08-04 10:00:00 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
- 2004-08-04 10:00:00 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w C:\WINDOWS\system32\tapisrv.dll
- 2004-08-04 10:00:00 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
- 2004-08-04 10:00:00 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
- 2004-08-04 10:00:00 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
- 2004-08-04 10:00:00 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
- 2004-08-04 10:00:00 358,400 ----a-w C:\WINDOWS\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w C:\WINDOWS\system32\termmgr.dll
- 2004-08-04 10:00:00 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
- 2004-08-04 10:00:00 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
- 2004-08-04 10:00:00 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
- 2004-08-04 10:00:00 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
- 2004-08-04 10:00:00 11,264 ----a-w C:\WINDOWS\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w C:\WINDOWS\system32\tree.com
- 2004-08-04 10:00:00 90,624 ----a-w C:\WINDOWS\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w C:\WINDOWS\system32\trkwks.dll
- 2004-08-04 10:00:00 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
- 2004-08-04 10:00:00 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w C:\WINDOWS\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\system32\tspkg.dll
- 2004-08-04 10:00:00 44,032 ----a-w C:\WINDOWS\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
- 2007-11-13 11:31:11 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2004-08-04 10:00:00 25,600 ----a-w C:\WINDOWS\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w C:\WINDOWS\system32\udhisapi.dll
- 2004-08-04 10:00:00 275,456 ----a-w C:\WINDOWS\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w C:\WINDOWS\system32\ulib.dll
- 2004-08-04 10:00:00 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
- 2004-08-04 10:00:00 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
- 2004-08-04 10:00:00 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
- 2004-08-04 10:00:00 316,416 ----a-w C:\WINDOWS\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w C:\WINDOWS\system32\untfs.dll
- 2004-08-04 10:00:00 132,608 ----a-w C:\WINDOWS\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w C:\WINDOWS\system32\upnp.dll
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2004-08-04 10:00:00 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
- 2004-08-04 10:00:00 18,432 ----a-w C:\WINDOWS\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w C:\WINDOWS\system32\ups.exe
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
- 2004-08-04 05:56:48 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w C:\WINDOWS\system32\user32.dll
- 2004-08-04 10:00:00 723,456 ----a-w C:\WINDOWS\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w C:\WINDOWS\system32\userenv.dll
- 2004-08-04 10:00:00 24,576 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\system32\usmt\cobramsg.dll
- 2004-08-04 10:00:00 123,904 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w C:\WINDOWS\system32\usmt\guitrna.dll
- 2004-08-04 10:00:00 4,096 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
- 2004-08-04 10:00:00 201,216 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w C:\WINDOWS\system32\usmt\migisma.dll
- 2004-08-04 10:00:00 103,424 ----a-w C:\WINDOWS\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w C:\WINDOWS\system32\usmt\migload.exe
- 2004-08-04 10:00:00 240,128 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w C:\WINDOWS\system32\usmt\migwiza.exe
- 2004-08-04 10:00:00 202,752 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w C:\WINDOWS\system32\usmt\scripta.dll
- 2004-08-04 10:00:00 168,960 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w C:\WINDOWS\system32\usmt\sysmoda.dll
- 2004-08-04 10:00:00 406,528 ----a-w C:\WINDOWS\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w C:\WINDOWS\system32\usp10.dll
- 2004-08-04 10:00:00 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
- 2004-08-04 10:00:00 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
- 2004-08-04 10:00:00 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
- 2006-11-08 04:03:36 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-04 10:00:00 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
- 2004-08-04 10:00:00 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ----a-w C:\WINDOWS\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ----a-w C:\WINDOWS\system32\verclsid.exe
- 2004-08-04 10:00:00 13,312 ----a-w C:\WINDOWS\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w C:\WINDOWS\system32\verifier.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\version.dll
- 2004-08-04 08:56:48 53,760 ----a-w C:\WINDOWS\system32\vfwwdm32.dll
+ 2008-04-14 00:12:08 53,760 ----a-w C:\WINDOWS\system32\vfwwdm32.dll
- 2004-08-04 10:00:00 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
- 2004-08-04 10:00:00 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
- 2004-08-04 10:00:00 174,592 ----a-w C:\WINDOWS\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w C:\WINDOWS\system32\w32time.dll
- 2004-08-04 10:00:00 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll
- 2004-08-04 10:00:00 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
- 2004-08-04 10:00:00 208,896 ----a-w C:\WINDOWS\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w C:\WINDOWS\system32\wavemsp.dll
- 2004-08-04 10:00:00 1,352,192 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
- 2004-08-04 10:00:00 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
- 2004-08-04 10:00:00 22,016 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
- 2004-08-04 10:00:00 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
- 2004-08-04 10:00:00 185,856 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
- 2004-08-04 10:00:00 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
- 2004-08-04 10:00:00 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
- 2004-08-04 10:00:00 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
- 2004-08-04 10:00:00 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
- 2004-08-04 10:00:00 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
- 2004-08-04 10:00:00 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
- 2004-08-04 10:00:00 177,152 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
- 2004-08-04 10:00:00 36,864 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
- 2004-08-04 10:00:00 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
- 2004-08-04 10:00:00 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
- 2004-08-04 10:00:00 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
- 2004-08-04 10:00:00 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
- 2004-08-04 10:00:00 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
- 2004-08-04 10:00:00 530,944 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
- 2004-08-04 10:00:00 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
- 2004-08-04 10:00:00 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
- 2004-08-04 10:00:00 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
- 2004-08-04 10:00:00 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
- 2004-08-04 10:00:00 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
- 2004-08-04 10:00:00 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
- 2004-08-04 10:00:00 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
- 2004-08-04 10:00:00 89,088 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
- 2004-08-04 10:00:00 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
- 2004-08-04 10:00:00 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
- 2004-08-04 10:00:00 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
- 2004-08-04 10:00:00 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
- 2004-08-04 10:00:00 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
- 2004-08-04 10:00:00 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
- 2004-08-04 10:00:00 62,976 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
- 2004-08-04 10:00:00 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
- 2004-08-04 10:00:00 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
- 2004-08-04 10:00:00 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
- 2004-08-04 10:00:00 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
- 2004-08-04 10:00:00 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
- 2004-08-04 10:00:00 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
- 2006-03-24 04:37:50 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
- 2004-08-04 05:56:58 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2006-01-04 03:35:05 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
- 2004-08-04 10:00:00 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
- 2004-08-04 10:00:00 65,536 ----a-w C:\WINDOWS\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w C:\WINDOWS\system32\wextract.exe
- 2004-08-04 10:00:00 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
- 2004-08-04 10:00:00 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
- 2004-08-04 10:00:00 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
- 2004-08-04 10:00:00 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2004-08-04 10:00:00 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
- 2004-08-04 10:00:00 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
- 2008-03-19 09:47:00 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-04-13 19:30:10 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
- 2004-08-04 10:00:00 101,888 ----a-w C:\WINDOWS\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w C:\WINDOWS\system32\win32spl.dll
- 2004-08-04 10:00:00 937,984 ----a-w C:\WINDOWS\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
+ 2008-04-14 00:12:08 712,704 ------w C:\WINDOWS\system32\windowscodecs.dll
+ 2008-04-14 00:12:08 346,112 ------w C:\WINDOWS\system32\windowscodecsext.dll
- 2004-08-04 10:00:00 351,232 ----a-w C:\WINDOWS\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w C:\WINDOWS\system32\winhttp.dll
- 2004-08-04 10:00:00 32,768 ----a-w C:\WINDOWS\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w C:\WINDOWS\system32\winipsec.dll
- 2004-08-04 10:00:00 502,272 ----a-w C:\WINDOWS\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w C:\WINDOWS\system32\winlogon.exe
- 2004-08-04 10:00:00 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
- 2004-08-04 10:00:00 764,928 ----a-w C:\WINDOWS\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w C:\WINDOWS\system32\winntbbu.dll
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
- 2004-08-04 10:00:00 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
- 2004-08-04 10:00:00 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll
- 2004-08-04 10:00:00 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2004-08-04 10:00:00 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
- 2004-08-04 10:00:00 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
- 2004-08-04 10:00:00 5,632 ----a-w C:\WINDOWS\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w C:\WINDOWS\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w C:\WINDOWS\system32\wlanapi.dll
- 2004-08-04 10:00:00 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
- 2004-08-04 10:00:00 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
- 2004-08-04 10:00:00 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
+ 2008-04-14 00:12:09 276,992 ------w C:\WINDOWS\system32\wmphoto.dll
- 2004-08-04 10:00:00 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
- 2004-08-04 10:00:00 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll
- 2004-08-04 10:00:00 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
- 2004-08-04 10:00:00 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
- 2004-08-04 10:00:00 32,256 ----a-w C:\WINDOWS\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w C:\WINDOWS\system32\wpnpinst.exe
- 2004-08-04 10:00:00 82,944 ----a-w C:\WINDOWS\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w C:\WINDOWS\system32\ws2_32.dll
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
- 2004-08-04 10:00:00 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
- 2004-08-04 10:00:00 114,688 ----a-w C:\WINDOWS\system32\wscript.exe
+ 2008-04-14 00:12:41 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
- 2004-08-04 10:00:00 81,408 ----a-w C:\WINDOWS\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w C:\WINDOWS\system32\wscsvc.dll
- 2004-08-04 10:00:00 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll
- 2004-08-04 10:00:00 28,672 ----a-w C:\WINDOWS\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w C:\WINDOWS\system32\wshcon.dll
- 2004-08-04 10:00:00 65,536 ----a-w C:\WINDOWS\system32\wshext.dll
+ 2008-04-14 00:12:10 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
- 2004-08-04 10:00:00 11,776 ----a-w C:\WINDOWS\system32\WshRm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w C:\WINDOWS\system32\wshrm.dll
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w C:\WINDOWS\system32\wshtcpip.dll
- 2004-08-04 10:00:00 42,496 ----a-w C:\WINDOWS\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w C:\WINDOWS\system32\wsnmp32.dll
- 2004-08-04 10:00:00 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
- 2004-08-04 10:00:00 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
- 2004-08-04 10:00:00 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
- 2004-08-04 10:00:00 378,368 ----a-w C:\WINDOWS\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w C:\WINDOWS\system32\wzcdlg.dll
- 2004-08-04 10:00:00 51,712 ----a-w C:\WINDOWS\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w C:\WINDOWS\system32\wzcsapi.dll
- 2004-08-04 10:00:00 359,936 ----a-w C:\WINDOWS\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w C:\WINDOWS\system32\wzcsvc.dll
- 2004-08-04 10:00:00 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
- 2004-08-04 10:00:00 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
- 2006-07-14 15:51:51 121,856 ----a-w C:\WINDOWS\system32\xmllite.dll
+ 2008-04-14 00:12:11 121,856 ----a-w C:\WINDOWS\system32\xmllite.dll
- 2004-08-04 10:00:00 129,536 ----a-w C:\WINDOWS\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w C:\WINDOWS\system32\xmlprov.dll
- 2004-08-04 10:00:00 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll
- 2006-03-01 19:42:42 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
- 2004-08-04 10:00:00 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
- 2004-08-04 10:00:00 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
- 2004-08-04 10:00:00 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
- 2008-02-15 09:06:21 351,744 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
- 2004-08-04 10:00:00 337,920 ----a-w C:\WINDOWS\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w C:\WINDOWS\system32\zipfldr.dll
- 2004-08-04 10:00:00 50,688 ----a-w C:\WINDOWS\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w C:\WINDOWS\twain_32.dll
- 2004-08-04 10:00:00 283,648 ----a-w C:\WINDOWS\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w C:\WINDOWS\winhlp32.exe
- 2007-01-19 20:15:24 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2004-08-04 10:00:00 853,504 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2004-08-04 10:00:00 991,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2004-08-04 10:00:00 132,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc
0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc
0\rtcres.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 11:28 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 17:12 1695232]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 22:57 395776]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 17:12 15360]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-02-01 13:32 8699904]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-04-25 06:50 139264]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-14 19:05 344064]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 08:43 57344]
"CTDVDDET"="C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-17 23:00 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 13:50 28672 C:\WINDOWS\system32\CTHELPER.EXE]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-10 23:00 90112]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 14:19 53248]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 14:50 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 14:50 81920]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-05 23:05 127035]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-01-14 11:00 339968]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-13 22:15 29744]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-26 23:02 86016]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 00:46 57344]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-11 22:40 185896]
"DVDtoiPodConverter_upgrade"="C:\Program Files\E-Zsoft\DVDtoiPodConverter\DVDtoiPodConverter.exe" [2007-11-29 02:30 819712]
"iPodConverterSuite_upgrade"="C:\Program Files\E-Zsoft\iPodConverterSuite\iPodConverterSuite.exe" [2007-11-29 01:22 819712]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-16 13:59 4838952]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 11:22 20480]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-02-01 13:32 8699904]

C:\Documents and Settings\G-Man\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1996-11-17 01:00:00 111376]
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1996-11-17 01:00:00 51984]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-07-28 21:18:32 24576]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2006-12-31 13:25:10 118784]
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 09:59:36 806912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"C:\\Unreal Tournament\\System\\UnrealTournament.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Diablo II\\Diablo II.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\FrostWire\\FrostWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:DHCP Discovery Service

R2 StkASSrv;USB2.0 VIDBOX NW01 Service;C:\WINDOWS\System32\StkASv2K.exe [2006-05-24 00:49]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\DNINDIS5.SYS [2003-07-24 13:10]
S3 GoogleDesktopManager-093007-112848;Google Desktop Manager 5.5.709.30344;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-13 22:15]
S3 StkAMini;USB2.0 VIDBOX NW01;C:\WINDOWS\system32\Drivers\StkAMini.sys [2006-07-26 12:24]
S3 StkScan;USB2.0 VIDBOX NW01 Still Image;C:\WINDOWS\system32\Drivers\StkScan.sys [2006-06-27 19:27]

.
Contents of the 'Scheduled Tasks' folder
"2008-05-08 18:14:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-16 01:35:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-05-10 01:30:00 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (1) (US-G-Man).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
"2008-05-10 01:30:00 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (GORDON-G-Man).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
"2008-05-15 10:48:48 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
"2008-05-11 19:07:16 C:\WINDOWS\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-15 19:20:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\Documents and Settings\G-Man\Local Settings\Application Data\ApplicationHistory\LogOnHook.exe.3dc76509.ini.inuse 0 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\COMMON~1\McAfee\RedirSvc\RedirSvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\fxssvc.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-05-15 19:30:15 - machine was rebooted [G-Man]
ComboFix-quarantined-files.txt 2008-05-16 02:30:07
ComboFix2.txt 2008-05-14 00:47:31

Pre-Run: 34,562,830,336 bytes free
Post-Run: 34,680,561,664 bytes free

4439 --- E O F --- 2008-05-14 01:03:17

#12 peku006

peku006

    Authentic Member

  • Authentic Member
  • PipPip
  • 40 posts

Posted 17 May 2008 - 12:48 AM

Hi Gordon22
There is a No action taken on all the items of the MBAM log states, which means the above action was not taken.
Please re-run the scan

Double click Malwarebytes' Anti-Malware
On the Scanner tab:
  • Make sure the "Perform full scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Thanks peku006
MRU Master

Posted Image
Posted Image

#13 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 18 May 2008 - 12:59 PM

Malwarebytes' Anti-Malware 1.12 Database version: 755 Scan type: Full Scan (C:\|) Objects scanned: 128592 Time elapsed: 1 hour(s), 25 minute(s), 30 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 17 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\QooBox\Quarantine\C\WINDOWS\system32\bmaeblek.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\system32\dydsqhrw.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\system32\hgGvVlJy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\system32\kfpesgmk.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP706\A0107992.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115036.exe (Adware.SearchAid) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115037.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115039.exe (Adware.SearchAid) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115040.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115150.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115153.exe (Adware.SearchAid) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115157.exe (Adware.SearchAid) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115164.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115264.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115265.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115266.dll (Trojan.AVKiller) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115307.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

#14 peku006

peku006

    Authentic Member

  • Authentic Member
  • PipPip
  • 40 posts

Posted 19 May 2008 - 03:32 AM

Hi Gordon22

1 - Remove bad HijackThis entries
  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
      O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file)
      O3 - Toolbar: (no name) - {DF4E7A0C-E233-4906-B4C1-A404356541FF} - (no file)
      O22 - SharedTaskScheduler: curdler - {bd0fc212-0a36-4232-83cc-2063fb9282e0} - (no file)
  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.


2 - Kaspersky Online Scan

Please go to Kaspersky website and perform an online antivirus scan. Please use Internet Explorer as it uses ActiveX.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an ActiveX from Kaspersky. Click Yes.
  • When the downloads have finished, click on Next button.
  • Click on Scan Settings button.
  • Select extended under Scan using the following antivirus database:
  • Check (tick) these boxes under Scan options:
    • Scan Archives
    • Scan Mail Bases
  • Click OK
  • Click on My Computer under Please select a target to scan:
  • Once the scan is complete it will display if your system has been infected. Click on Save as text button and save it to your desktop.
  • Copy and paste this log in your next reply.

3 - Status Check
Please reply with

1. the Kaspersky Online Scan report
2. a fresh HijackThis log

Thanks peku006
MRU Master

Posted Image
Posted Image

#15 Gordon22

Gordon22

    Authentic Member

  • Authentic Member
  • PipPip
  • 54 posts

Posted 20 May 2008 - 03:52 PM

<html> <head> <title>KASPERSKY ONLINE SCANNER REPORT</title> <meta http-equiv='Content-Type' content='text/html; charset=utf-8'> </head> <style> .pagetitle { font-size:20px; color:#FFFFFF; font-family: Arial, Geneva, sans-serif; } .text { font-size:11px; font-family: Arial, Geneva, sans-serif; } TD { font-size:11px; font-family: Arial, Geneva, sans-serif; } </style> <body> <table width='100%' height='110' border='0'> <tr height='30' align='center' bgcolor='#005447'> <td colspan='2' height='30' class='pagetitle'> <b>KASPERSKY ONLINE SCANNER REPORT</b> </td> </tr> <tr height='70'> <td colspan='2' height='70'> Tuesday, May 20, 2008 2:52:03 PM<br> Operating System: Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)<br> Kaspersky Online Scanner version: 5.0.98.0<br> Kaspersky Anti-Virus database last update: 20/05/2008<br> Kaspersky Anti-Virus database records: 787279<br> </td> </tr> <tr height='10'> <td colspan='2' height='10'> </td> </tr> </table> <table width='100%' height='145' border='0'> <tr height='20' bgcolor='#EFEBDE'> <td colspan='2' height='20'><b>Scan Settings</b></td> </tr> <tr height='15'> <td height='15' width='250'>Scan using the following antivirus database</td> <td>extended</td> </tr> <tr height='15'> <td height='15'>Scan Archives</td> <td>true</td> </tr> <tr height='15'> <td height='15'>Scan Mail Bases</td> <td>true</td> </tr> <tr height='10'> <td colspan='2' height='10'> </td> </tr> <tr height='20' bgcolor='#EFEBDE'> <td height='20'><b>Scan Target</b></td> <td>My Computer</td> </tr> <tr height='20'> <td colspan='2' height='20'> C:\<br> D:\<br> E:\<br> F:\<br> G:\<br> H:\<br> I:\ </td> </tr> <tr height='10'> <td colspan='2' height='10'> </td> </tr> <tr height='20' bgcolor='#EFEBDE'> <td colspan='2' height='20'><b>Scan Statistics</b></td> </tr> <tr height='15'> <td height='15'>Total number of scanned objects</td> <td>87911</td> </tr> <tr height='15'> <td height='15'>Number of viruses found</td> <td>22</td> </tr> <tr height='15'> <td height='15'>Number of infected objects</td> <td>57</td> </tr> <tr height='15'> <td height='15'>Number of suspicious objects</td> <td>0</td> </tr> <tr height='15'> <td height='15'>Duration of the scan process</td> <td>01:34:34</td> </tr> </table> <br> <table width='100%' border='0'> <tr height='20' bgcolor='#EFEBDE'> <td height='20'><b>Infected Object Name</b></td> <td width='200'><b>Virus Name</b></td> <td width='100'><b>Last Action</b></td> </tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{D75631AF-18E5-43C8-8AD1-4F189085E457}.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFRA.tmp </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\glog.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Application Data\McAfee\MBK\ARBUSFILE.GDB </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Cookies\index.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\Application Data\ApplicationHistory\McAfeeDataBackup.exe.e548c4c.ini.inuse </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\History\History.IE5\index.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\History\History.IE5\MSHist012008051720080518\index.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\temp\fb_484.lck </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\temp\~DF2392.tmp </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\temp\~DF326D.tmp </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\temp\~DF32A8.tmp </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\temp\~DFC71.tmp </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\Local Settings\Temporary Internet Files\Content.IE5\index.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\NTUSER.DAT </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\G-Man\ntuser.dat.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\LocalService\Cookies\index.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\LocalService\NTUSER.DAT </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\LocalService\ntuser.dat.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\NetworkService\NTUSER.DAT </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\Documents and Settings\NetworkService\ntuser.dat.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\default.htm.vir </td> <td>Infected: not-virus:Hoax.HTML.Secureinvites.b </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\lfn.exe.vir </td> <td>Infected: not-virus:Hoax.Win32.Renos.cda </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\bhxoptfm.dll.vir </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\cjchecoq.dll.vir </td> <td>Infected: Trojan.Win32.Monder.dl </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\gndtrolb.dll.vir </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\icrefnkk.dll.vir </td> <td>Infected: Trojan.Win32.Monder.do </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\iqiqisai.dll.vir </td> <td>Infected: Trojan.Win32.Monder.cz </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\lfieewke.dll.vir </td> <td>Infected: Trojan.Win32.Monder.dj </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\ncelflwy.dll.vir </td> <td>Infected: Trojan.Win32.Monder.dl </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\snkfykmf.dll.vir </td> <td>Infected: Trojan.Win32.Monder.dl </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\tsdgfrsv.dll.vir </td> <td>Infected: Trojan.Win32.Monder.dk </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\vniskhbp.dll.vir </td> <td>Infected: Trojan.Win32.Monder.di </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\wkhriloh.dll.vir </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\wmsdkns.exe.vir </td> <td>Infected: not-virus:Hoax.Win32.Renos.cda </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\C\WINDOWS\system32\ytahwixg.dll.vir </td> <td>Infected: Trojan.Win32.Monder.da </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\catchme2008-05-13_173628.82.zip/hgGvVlJy.dll </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\QooBox\Quarantine\catchme2008-05-13_173628.82.zip </td> <td>ZIP: infected - 1 </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\SDFix\backups\backups.zip/backups/000080.exe </td> <td>Infected: Trojan-Downloader.Win32.Small.ved </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\SDFix\backups\backups.zip/backups/default.htm </td> <td>Infected: not-virus:Hoax.HTML.Secureinvites.b </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\SDFix\backups\backups.zip/backups/wmsdkns.exe </td> <td>Infected: not-virus:Hoax.Win32.Renos.cda </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\SDFix\backups\backups.zip </td> <td>ZIP: infected - 3 </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\MountPointManagerRemoteDatabase </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP702\A0103603.dll </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP702\A0103604.dll </td> <td>Infected: Trojan.Win32.Monder.db </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP705\A0107915.dll </td> <td>Infected: Trojan.Win32.Monder.db </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP706\A0107993.dll </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP707\A0108265.dll </td> <td>Infected: not-a-virus:AdWare.Win32.TrafficSol.ah </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP707\A0108710.exe </td> <td>Infected: not-a-virus:AdWare.Win32.AdBand.y </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP708\A0109704.dll </td> <td>Infected: Trojan.Win32.Monder.df </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP708\A0109705.dll </td> <td>Infected: Trojan.Win32.Monder.de </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP709\A0110026.exe/data0013/stream/data0003 </td> <td>Infected: not-a-virus:AdWare.Win32.TrafficSol.ah </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP709\A0110026.exe/data0013/stream </td> <td>Infected: not-a-virus:AdWare.Win32.TrafficSol.ah </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP709\A0110026.exe/data0013 </td> <td>Infected: not-a-virus:AdWare.Win32.TrafficSol.ah </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP709\A0110026.exe/data0014/stream/data0005 </td> <td>Infected: not-a-virus:Downloader.Win32.AdLoad.b </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP709\A0110026.exe/data0014/stream </td> <td>Infected: not-a-virus:Downloader.Win32.AdLoad.b </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP709\A0110026.exe/data0014 </td> <td>Infected: not-a-virus:Downloader.Win32.AdLoad.b </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP709\A0110026.exe </td> <td>NSIS: infected - 6 </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP710\A0110119.dll </td> <td>Infected: Trojan.Win32.Monder.dm </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP716\A0111794.dll </td> <td>Infected: Trojan.Win32.Monder.dm </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP717\A0111827.exe </td> <td>Infected: Trojan.Win32.DNSChanger.cze </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP717\A0111854.exe </td> <td>Infected: not-a-virus:FraudTool.Win32.SpyAway.o </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP717\A0111855.dll </td> <td>Infected: not-a-virus:FraudTool.Win32.SpyAway.n </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115035.exe </td> <td>Infected: not-a-virus:FraudTool.Win32.SpyAway.k </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP719\A0115145.exe </td> <td>Infected: not-virus:Hoax.Win32.Renos.cda </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115260.exe </td> <td>Infected: not-virus:Hoax.Win32.Renos.cda </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115261.exe </td> <td>Infected: not-virus:Hoax.Win32.Renos.cda </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115267.dll </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115269.dll </td> <td>Infected: Trojan.Win32.Monder.dl </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115274.dll </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115277.dll </td> <td>Infected: Trojan.Win32.Monder.do </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115278.dll </td> <td>Infected: Trojan.Win32.Monder.cz </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115279.dll </td> <td>Infected: Trojan.Win32.Monder.dj </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115281.dll </td> <td>Infected: Trojan.Win32.Monder.dl </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115285.dll </td> <td>Infected: Trojan.Win32.Monder.dl </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115286.dll </td> <td>Infected: Trojan.Win32.Monder.dk </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115287.dll </td> <td>Infected: Trojan.Win32.Monder.di </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115288.dll </td> <td>Infected: Trojan.Win32.Monder.gen </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP720\A0115290.dll </td> <td>Infected: Trojan.Win32.Monder.da </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP738\change.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Debug\PASSWD.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\SchedLgU.Txt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\SoftwareDistribution\EventCache\{626B09E6-B2C5-4238-829C-201222571C87}.bin </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\SoftwareDistribution\ReportingEvents.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Sti_Trace.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\CatRoot2\edb.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\CatRoot2\tmp.edb </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\AppEvent.Evt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\DEFAULT </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\default.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\Internet.evt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\SAM </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\SAM.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\SecEvent.Evt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\SECURITY </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\SECURITY.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\SOFTWARE </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\software.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\SysEvent.Evt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\SYSTEM </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\config\system.LOG </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\h323log.txt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Temp\mcafee_EvcAlHaTX7tB9zQ </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Temp\mcafee_XbN7erqcNrkGNfB </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Temp\mcmsc_Bkm9spCfRFufcA1 </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Temp\mcmsc_CymBBGqLNWi4cmC </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Temp\mcmsc_N7E3peDu7qCCE1i </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Temp\mcmsc_QvVCjFJfp8h4D4R </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\Temp\T30DebugLogFile.txt </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\wiadebug.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\wiaservc.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\WindowsUpdate.log </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td height='20'>C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.CDF </td> <td>Object is locked </td> <td>skipped </td> </tr> <tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr> <tr height='20'> <td colspan='3' height='20'><b>Scan process completed.</b></td> </tr> </table> </body> </html>

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·