Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.vundo/virtumonde


  • This topic is locked This topic is locked
4 replies to this topic

#1 joshbus

joshbus

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:30 PM

Posted 25 March 2008 - 07:32 PM

Hello,
I cannot get rid of trojan.vundo. Norton 360 recognizes it and says it fixes it, but it doesn't go away. I ran ad-aware and spybot, and spybot found numerous instances of virtumonde. The program removed that, but vundo is still there. Help please

Thank you
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:09:45 PM, on 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myownstartpage.net/?cm=040455&a...&ar=msnhome
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [90521564] rundll32.exe "C:\WINDOWS\system32\njryloyv.dll",b
O4 - HKLM\..\Run: [BM936126f8] Rundll32.exe "C:\WINDOWS\system32\netrthop.dll",s
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Search - ?p=ZKfox000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/instal...llMgr_v01_5.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://simcity.ea.com/update/EARTPX.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) - http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{450678DC-BCFC-4290-95D5-18F68B0FAF52}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{990E7213-BD60-4EDF-81B3-687A6DA2EBAB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{450678DC-BCFC-4290-95D5-18F68B0FAF52}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{450678DC-BCFC-4290-95D5-18F68B0FAF52}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 8751 bytes

BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:30 PM

Posted 26 March 2008 - 06:31 AM

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. :thumbsup:

Please download ComboFix and save it to your desktop.

Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.

Double click combofix.exe and follow the prompts.
When it's done running it will produce a log for you. Please post that log in your next reply.

Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 joshbus

joshbus
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:30 PM

Posted 27 March 2008 - 11:27 PM

Hi,
Here is the combofix log. I take it your an OSU fan??? I'm from the great buckeye state also. Anyway here's the log. Thank you for your help

Josh

ComboFix 08-03-26.3 - Josh 2008-03-28 0:08:52.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.608 [GMT -4:00]
Running from: C:\Documents and Settings\Josh\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Helper
C:\WINDOWS\BM936126f8.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\bvjywrve.ini
C:\WINDOWS\system32\caqoyiat.ini
C:\WINDOWS\system32\daaltpng.dll
C:\WINDOWS\system32\ebxwvdlw.dll
C:\WINDOWS\system32\evpblbuf.dll
C:\WINDOWS\system32\exbxkuvd.dll
C:\WINDOWS\system32\fccywxx.dll
C:\WINDOWS\system32\fgjlm.ini
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fublbpve.ini
C:\WINDOWS\system32\fublbpve.tmp
C:\WINDOWS\system32\ggjlm.ini
C:\WINDOWS\system32\ggjlm.ini2
C:\WINDOWS\system32\hhkmp.ini
C:\WINDOWS\system32\hhkmp.ini2
C:\WINDOWS\system32\jjkmp.ini
C:\WINDOWS\system32\jjkmp.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\netrthop.dll
C:\WINDOWS\system32\pmcsjpan.dll
C:\WINDOWS\system32\pmkjj.dll
C:\WINDOWS\system32\pufwlhjq.ini
C:\WINDOWS\system32\pwrgdufw.ini
C:\WINDOWS\system32\qjhlwfup.dll
C:\WINDOWS\system32\qttss.ini
C:\WINDOWS\system32\qttss.ini2
C:\WINDOWS\system32\UpMedia
C:\WINDOWS\system32\utstv.ini
C:\WINDOWS\system32\utstv.ini2
C:\WINDOWS\system32\vcvjaqqr.ini
C:\WINDOWS\system32\vjdgjpsv.dll
C:\WINDOWS\system32\wtikfeun.ini

.
((((((((((((((((((((((((( Files Created from 2008-02-28 to 2008-03-28 )))))))))))))))))))))))))))))))
.

2008-03-26 19:24 . 2008-03-27 19:24 1,583,229 ---hs---- C:\WINDOWS\system32\lmfgsyhy.ini
2008-03-25 20:03 . 2008-03-25 20:03 127 --a------ C:\WINDOWS\system32\MRT.INI
2008-03-25 17:02 . 2008-03-25 18:29 364 --a------ C:\WINDOWS\wininit.ini
2008-03-25 15:32 . 2008-03-25 17:07 1,580,285 --ahs---- C:\WINDOWS\system32\vyolyrjn.ini
2008-03-24 19:29 . 2008-03-25 13:50 2,692,236 --ahs---- C:\WINDOWS\system32\iuttrygy.ini
2008-03-24 18:05 . 2008-03-24 18:06 2,693,778 --ahs---- C:\WINDOWS\system32\tvyooqoe.ini
2008-03-23 16:07 . 2008-03-24 18:02 2,633,551 --ahs---- C:\WINDOWS\system32\xmlyhkjx.ini
2008-03-23 00:25 . 2008-03-23 15:53 2,333,605 --ahs---- C:\WINDOWS\system32\lwnlqxkd.ini
2008-03-22 00:10 . 2008-03-23 00:18 2,420,158 --ahs---- C:\WINDOWS\system32\cbxtnsoj.ini
2008-03-21 23:54 . 2008-03-21 23:58 1,544,179 --ahs---- C:\WINDOWS\system32\xcbrqbkr.ini
2008-03-20 23:12 . 2008-03-20 23:12 <DIR> d-------- C:\Program Files\ACW
2008-03-20 21:45 . 2008-03-21 23:53 1,544,059 --ahs---- C:\WINDOWS\system32\uxepnthl.ini
2008-03-20 20:58 . 2008-03-20 20:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-03-20 20:47 . 2008-03-20 20:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-03-20 19:36 . 2008-03-20 21:08 1,540,394 --ahs---- C:\WINDOWS\system32\kwxwhjcv.ini
2008-03-20 18:35 . 2008-03-20 18:35 708,608 --a------ C:\WINDOWS\system32\CDDBUIRoxio.dll
2008-03-20 18:35 . 2008-03-20 18:35 569,344 --a------ C:\WINDOWS\system32\CDDBControlRoxio.dll
2008-03-20 18:35 . 2008-03-20 18:35 49,152 --a------ C:\WINDOWS\system32\INETWH32.dll
2008-03-20 17:45 . 2008-03-20 17:45 <DIR> d-------- C:\Program Files\AWS
2008-03-20 17:45 . 2008-03-20 17:45 <DIR> d-------- C:\Documents and Settings\Josh\Application Data\WeatherBug
2008-03-20 17:05 . 2008-03-20 17:05 <DIR> d-------- C:\Program Files\Opera
2008-03-20 16:22 . 2008-03-20 19:17 1,540,154 --ahs---- C:\WINDOWS\system32\yarkcese.ini
2008-03-20 15:05 . 2008-03-20 15:05 <DIR> d-------- C:\PollManager
2008-03-20 14:57 . 2008-03-20 15:20 1,539,854 --ahs---- C:\WINDOWS\system32\rowmhvui.ini
2008-03-19 00:26 . 2008-03-19 00:27 1,526,377 --ahs---- C:\WINDOWS\system32\gograryy.ini
2008-03-19 00:26 . 2008-03-19 00:26 1,526,317 --ahs---- C:\WINDOWS\system32\ixrkpfne.tmp
2008-03-18 20:04 . 2008-03-18 20:04 <DIR> d-------- C:\My Games
2008-03-18 20:03 . 2008-03-18 20:03 <DIR> d-------- C:\My Download Files
2008-03-18 20:00 . 2008-03-18 20:00 774,144 --a------ C:\Program Files\RngInterstitial.dll
2008-03-18 00:20 . 2008-03-18 19:12 1,526,317 --ahs---- C:\WINDOWS\system32\ixrkpfne.ini
2008-03-16 18:27 . 2008-03-16 18:30 186 --a------ C:\WINDOWS\gfscore.ini
2008-03-16 18:22 . 2008-03-16 18:22 <DIR> d-------- C:\Documents and Settings\Josh\Application Data\PlayFirst
2008-03-16 18:22 . 2008-03-16 18:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-03-16 17:21 . 2008-03-18 00:19 1,379,183 --ahs---- C:\WINDOWS\system32\lbcswpyp.ini
2008-03-16 14:36 . 2008-03-16 14:36 1,366,683 --ahs---- C:\WINDOWS\system32\xakmvfrh.ini
2008-03-07 03:50 . 2008-03-16 11:51 3,078,603 --ahs---- C:\WINDOWS\system32\platffpc.ini
2008-03-05 17:54 . 2008-03-07 03:44 2,621,612 --ahs---- C:\WINDOWS\system32\mcthjmhg.ini
2008-03-03 20:33 . 2008-03-05 17:52 2,494,568 --ahs---- C:\WINDOWS\system32\jgqqnpdf.ini
2008-02-29 17:43 . 2008-03-03 20:29 2,495,948 --ahs---- C:\WINDOWS\system32\itcaxvfa.ini
2008-02-29 17:39 . 2008-02-29 17:40 2,344,440 --ahs---- C:\WINDOWS\system32\fwqwdroj.ini
2008-02-28 13:27 . 2008-02-29 17:38 2,364,949 --ahs---- C:\WINDOWS\system32\rtuvjlpy.ini
2008-02-28 01:59 . 2008-02-28 13:21 2,483,719 --ahs---- C:\WINDOWS\system32\xdreeimx.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-28 03:32 3,208 ----a-w C:\Documents and Settings\Incomplete\downloads.dat
2008-03-28 02:08 --------- d-----w C:\Documents and Settings\Josh\Application Data\LimeWire
2008-03-25 19:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-25 19:48 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-25 01:24 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-24 23:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-23 04:12 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-21 00:50 --------- d-----w C:\Program Files\Common Files\Ahead
2008-03-20 23:34 --------- d-----w C:\Documents and Settings\Josh\Application Data\Ahead
2008-03-20 23:02 241,280 ----a-w C:\WINDOWS\system32\drivers\cdudf_xp.sys
2008-03-20 23:02 206,464 ----a-w C:\WINDOWS\system32\drivers\udfreadr_xp.sys
2008-03-20 23:02 1,044,480 ----a-w C:\WINDOWS\system32\Roboex32.dll
2008-03-20 23:02 --------- d-----w C:\Program Files\Common Files\Adaptec Shared
2008-03-20 23:02 --------- d-----w C:\Program Files\Adaptec
2008-03-20 22:35 57,344 ----a-w C:\WINDOWS\uneng.exe
2008-03-20 22:35 49,152 ----a-w C:\WINDOWS\system32\cdrtc.dll
2008-03-20 22:35 45,056 ----a-w C:\WINDOWS\system32\cdral.dll
2008-03-20 22:35 30,662 ----a-w C:\WINDOWS\system32\drivers\Mmc_2k.sys
2008-03-20 22:35 25,930 ----a-w C:\WINDOWS\system32\drivers\Dvd_2k.sys
2008-03-20 22:35 144,250 ----a-w C:\WINDOWS\system32\drivers\pwd_2K.sys
2008-03-20 19:02 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-19 00:00 --------- d-----w C:\Program Files\Common Files\Real
2008-03-18 23:59 --------- d-----w C:\Program Files\Real
2008-03-16 18:34 --------- d-----w C:\Program Files\Java
2008-03-07 01:32 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-03-07 01:32 23,904 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-03-07 01:32 10,537 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-02-21 21:17 --------- d-----w C:\Program Files\LimeWire
2008-02-21 21:15 --------- d-----w C:\Program Files\Cosmi
2008-02-21 21:13 --------- d--h--w C:\Program Files\Zero G Registry
2008-02-21 21:13 --------- d-----w C:\Program Files\Britannica 2004
2008-02-12 02:57 --------- d-----w C:\Program Files\ReflexiveArcade
2008-02-05 00:22 --------- d-----w C:\Documents and Settings\Katie\Application Data\Printer Info Cache
2008-02-05 00:22 --------- d-----w C:\Documents and Settings\Katie\Application Data\Image Zone Express
2008-02-04 02:15 --------- d-----w C:\Documents and Settings\Katie\Application Data\Symantec
2008-01-05 02:10 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
.

((((((((((((((((((((((((((((( snapshot@2007-10-10_ 1.43.14.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-09 13:16:16 582,656 ----a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\rpcrt4.dll
+ 2007-06-19 07:24:36 350,720 ----a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\xpsp3res.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB933729\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB933729\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
+ 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\updspapi.dll
+ 2007-08-20 10:02:09 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll
+ 2007-08-20 10:02:11 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll
+ 2007-08-20 10:02:09 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll
+ 2007-08-20 10:02:09 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll
+ 2007-08-17 10:12:34 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
+ 2007-08-20 10:02:09 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll
+ 2007-08-20 10:02:09 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll
+ 2007-08-17 07:29:55 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat
+ 2007-08-20 10:02:09 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll
+ 2007-08-20 10:02:09 387,584 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll
+ 2007-08-20 10:02:10 6,066,176 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
+ 2007-08-20 10:02:10 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll
+ 2007-08-20 10:02:10 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
+ 2007-08-17 10:12:35 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
+ 2007-08-17 10:12:49 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
+ 2007-08-20 10:02:10 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll
+ 2007-08-20 10:02:10 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll
+ 2007-08-20 10:02:10 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll
+ 2007-08-20 10:02:11 3,592,192 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
+ 2007-08-20 10:02:11 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll
+ 2007-08-20 10:02:11 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll
+ 2007-08-20 10:02:11 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll
+ 2007-08-20 10:02:11 102,400 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\occache.dll
+ 2007-08-20 10:02:11 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\url.dll
+ 2007-08-20 10:02:11 1,161,728 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll
+ 2007-08-20 10:02:11 232,960 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll
+ 2007-08-20 10:02:11 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\updspapi.dll
+ 2007-08-21 06:25:02 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
+ 2007-10-29 22:35:13 1,287,680 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
+ 2007-10-10 23:47:27 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:47:27 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:47:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:47:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:47:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:47:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:47:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:47:27 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:47:27 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:47:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:47:27 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:47:28 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:47:28 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:47:28 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:48:49 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:47:28 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:47:28 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:47:28 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:47:28 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:47:28 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:47:29 1,162,240 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:47:29 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:47:29 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-04 18:29:10 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-11-07 09:50:47 727,040 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-07 02:01:07 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:57:52 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 02:01:07 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 02:01:07 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 02:01:07 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 02:01:08 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 02:01:08 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 02:01:08 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 02:01:08 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 02:01:10 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 02:01:10 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 02:01:11 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 02:01:11 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 02:01:11 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 02:01:11 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 02:01:12 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 02:01:12 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 02:01:13 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 02:01:13 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 02:01:13 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:57:26 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 02:01:13 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 02:01:13 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 02:01:13 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 02:01:13 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2006-02-28 12:00:00 581,120 -c----w C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB933729$\spuninst\updspapi.dll
+ 2007-05-16 15:12:02 683,520 -c----w C:\WINDOWS\$NtUninstallKB941202$\inetcomm.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB941202$\spuninst\updspapi.dll
+ 2005-08-30 03:54:26 1,287,168 -c----w C:\WINDOWS\$NtUninstallKB941568$\quartz.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB941568$\spuninst\updspapi.dll
+ 2007-10-27 21:39:36 213,216 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe
+ 2007-10-27 21:39:46 371,424 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\updspapi.dll
+ 2006-10-19 01:47:18 222,208 -c----w C:\WINDOWS\$NtUninstallKB941569$\wmasf.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\updspapi.dll
+ 2006-04-20 11:51:50 359,808 -c----w C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\updspapi.dll
+ 2007-07-18 12:42:22 60,416 -c----w C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe
+ 2007-05-17 11:28:05 549,376 -c----w C:\WINDOWS\$NtUninstallKB943055$\oleaut32.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\updspapi.dll
+ 2006-12-19 21:52:18 8,453,632 -c----w C:\WINDOWS\$NtUninstallKB943460$\shell32.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB943460$\spuninst\updspapi.dll
+ 2007-06-14 10:08:46 350,720 -c----w C:\WINDOWS\$NtUninstallKB943460$\xpsp3res.dll
+ 2006-08-17 12:28:27 721,920 -c----w C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\updspapi.dll
+ 2007-06-26 20:35:38 12,400 -c----w C:\WINDOWS\$NtUninstallKB944653$\secdrv.sys
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB944653$\spuninst\updspapi.dll
+ 2006-02-28 12:00:00 181,248 -c----w C:\WINDOWS\$NtUninstallKB946026$\mrxdav.sys
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\updspapi.dll
- 2007-04-16 16:37:17 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2007-12-06 00:14:51 8,192 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-04-16 16:37:15 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2007-12-06 00:14:53 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-04-16 16:37:11 716,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2007-12-06 00:15:09 720,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-04-16 16:37:11 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2007-12-06 00:14:54 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-04-16 16:37:17 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2007-12-06 00:15:06 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
- 2007-04-16 16:37:18 299,008 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2007-12-06 00:15:01 303,104 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-04-16 16:37:16 1,290,240 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2007-12-06 00:15:07 1,294,336 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
- 2007-04-16 16:37:16 1,699,840 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2007-12-06 00:14:51 1,703,936 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-04-16 16:37:16 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2007-12-06 00:15:09 90,112 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-04-16 16:37:16 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2007-12-06 00:15:00 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-04-16 16:37:16 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2007-12-06 00:14:56 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-04-16 16:37:16 64,000 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2007-12-06 00:14:56 66,560 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
- 2007-04-16 16:37:16 368,640 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2007-12-06 00:15:05 372,736 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-04-16 16:37:16 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2007-12-06 00:15:10 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-04-16 16:37:16 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2007-12-06 00:15:02 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-04-16 16:37:16 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-12-06 00:14:56 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-04-16 16:37:16 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2007-12-06 00:14:58 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-04-16 16:37:16 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2007-12-06 00:15:07 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-04-16 16:37:17 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2007-12-06 00:14:50 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-04-16 16:37:16 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2007-12-06 00:14:55 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-04-16 16:37:17 569,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2007-12-06 00:14:52 573,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-04-16 16:37:16 1,245,184 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2007-12-06 23:02:02 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-04-16 16:37:17 2,039,808 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2007-12-06 00:14:57 2,052,096 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-04-16 16:37:17 1,335,296 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.Xml.dll
+ 2007-12-06 00:15:04 1,339,392 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
- 2007-04-16 16:37:16 1,216,512 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2007-12-06 23:02:03 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2007-12-06 23:02:31 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_351cd848\CustomMarshalers.dll
+ 2007-12-06 23:03:30 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a46c19d3\mscorlib.dll
+ 2007-12-06 23:03:11 1,470,464 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_702c0a01\System.Design.dll
+ 2007-12-06 23:02:35 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_663c1646\System.Drawing.Design.dll
+ 2007-12-06 23:03:22 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ad43547b\System.Drawing.dll
+ 2007-12-06 23:02:47 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a76f5a10\System.Windows.Forms.dll
+ 2007-12-06 23:03:03 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_76b311e0\System.Xml.dll
+ 2007-12-06 23:02:26 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_9f697097\System.dll
+ 2007-12-06 06:16:25 2,088,960 ------w C:\WINDOWS\assembly\temp\GMQUY37BFJ\System.Xml.dll
+ 2007-12-06 06:17:10 3,379,200 ------w C:\WINDOWS\assembly\temp\NSW049DHLP\mscorlib.dll
+ 2007-12-06 00:15:41 1,953,792 ------w C:\WINDOWS\assembly\temp\NTY26AEINR\System.dll
+ 2007-12-06 00:15:11 1,224,704 ------w C:\WINDOWS\assembly\temp\QW048DHLPT\System.dll
+ 2007-12-06 06:16:59 835,584 ------w C:\WINDOWS\assembly\temp\TZ37BFKOSW\System.Drawing.dll
+ 2007-12-06 00:16:17 3,014,656 ------w C:\WINDOWS\assembly\temp\Y48CHLPTX1\System.Windows.Forms.dll
+ 2000-02-08 12:35:56 133,200 ----a-w C:\WINDOWS\cncs.dll
+ 2002-10-26 08:49:53 172,032 ----a-w C:\WINDOWS\cncs32.dll
+ 2007-11-15 16:51:33 203,592 ----a-w C:\WINDOWS\distro_SelectRebatesSetup_um1001.exe
+ 2000-08-31 12:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2007-03-13 14:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2000-08-31 12:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-01-20 01:17:22 130,349 ----a-w C:\WINDOWS\hpoins13.dat
+ 2007-06-27 14:34:51 124,928 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll
+ 2006-10-17 15:57:50 214,528 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll
+ 2007-06-27 14:34:51 132,608 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll
+ 2006-10-17 15:58:20 61,952 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll
+ 2007-06-27 08:27:04 63,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe
+ 2007-06-27 14:34:51 153,088 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll
+ 2007-06-27 14:34:51 230,400 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll
+ 2007-06-27 07:00:33 161,792 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll
+ 2007-06-27 14:34:51 383,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll
+ 2007-06-27 14:34:51 384,512 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll
+ 2007-06-27 14:34:55 6,058,496 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
+ 2007-06-27 14:34:55 44,544 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll
+ 2007-06-27 14:34:55 267,776 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
+ 2007-06-27 08:27:05 13,824 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe
+ 2007-06-27 08:27:30 625,152 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
+ 2007-06-27 14:34:56 27,648 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll
+ 2007-06-27 14:34:56 459,264 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll
+ 2007-06-27 14:34:56 52,224 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll
+ 2007-07-19 06:59:59 3,583,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll
+ 2007-06-27 14:34:57 477,696 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll
+ 2007-06-27 14:34:58 193,024 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll
+ 2007-06-27 14:34:58 671,232 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll
+ 2007-06-27 14:34:58 102,400 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll
+ 2007-06-27 14:34:58 105,984 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\url.dll
+ 2007-06-27 14:34:58 1,152,000 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll
+ 2007-06-27 14:34:59 232,960 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll
+ 2007-06-27 14:34:59 823,808 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
+ 2007-08-20 10:04:34 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 10:04:34 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 10:04:34 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:20:54 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 10:04:34 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 10:04:35 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 10:04:35 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 10:04:38 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 10:04:39 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 10:04:41 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 10:04:41 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 10:04:41 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 10:04:42 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 10:04:42 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 10:04:42 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 10:04:42 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 10:04:42 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 10:04:43 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2007-10-10 23:55:51 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2006-10-17 15:58:06 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-10-10 23:55:51 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-10-10 23:55:51 132,608 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-10-10 23:55:51 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-10-10 10:59:40 70,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-10-10 23:55:51 153,088 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-10-10 23:55:51 230,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-10-10 23:55:52 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-10-10 23:55:52 384,512 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-10-10 23:55:54 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-10-10 23:55:55 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-10-10 23:55:55 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-10-10 10:59:52 625,152 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-10-10 23:55:56 27,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-10-10 23:55:56 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-10-10 23:55:56 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-10-30 23:42:28 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-10 23:55:58 478,208 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-10-10 23:55:58 193,024 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-10-10 23:55:59 671,232 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-10-10 23:55:59 102,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2006-10-17 15:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:55:59 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-10-10 23:56:00 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-10-10 23:56:00 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-10-10 23:56:00 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-12-01 05:31:11 92,854 ----a-r C:\WINDOWS\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareDesktopShortcut10.exe
+ 2007-12-01 05:31:11 92,854 ----a-r C:\WINDOWS\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareStartMenu10_1.exe
+ 2007-12-01 05:31:11 92,854 ----a-r C:\WINDOWS\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareStartupShortcut10.exe
+ 2008-03-20 21:45:21 22,016 ----a-r C:\WINDOWS\Installer\{70DECFBF-9119-4434-B2D3-A3C283D15E45}\Icon25B052BB1.exe
+ 2008-03-20 21:45:21 12,800 ----a-r C:\WINDOWS\Installer\{70DECFBF-9119-4434-B2D3-A3C283D15E45}\Icon25B052BB2.exe
+ 2008-03-20 21:45:21 11,264 ----a-r C:\WINDOWS\Installer\{70DECFBF-9119-4434-B2D3-A3C283D15E45}\Icon70DECFBF.exe
+ 2008-03-21 00:55:09 25,214 ----a-r C:\WINDOWS\Installer\{7516254D-7F98-49DD-8209-5D2208BD1033}\ARPPRODUCTICON.exe
- 2007-04-16 04:16:57 69,632 ----a-r C:\WINDOWS\Installer\{8851E12C-0EF9-11D4-A788-009027ABA5D0}\_98A24C5339C1_4A5C_8CCC_90C445995B16.exe
+ 2007-11-21 03:17:28 69,632 ----a-r C:\WINDOWS\Installer\{8851E12C-0EF9-11D4-A788-009027ABA5D0}\_98A24C5339C1_4A5C_8CCC_90C445995B16.exe
- 2007-04-16 04:16:57 1,536,089 ----a-r C:\WINDOWS\Installer\{8851E12C-0EF9-11D4-A788-009027ABA5D0}\CDLabel.exe
+ 2007-11-21 03:17:26 1,536,089 ----a-r C:\WINDOWS\Installer\{8851E12C-0EF9-11D4-A788-009027ABA5D0}\CDLabel.exe
+ 2008-03-20 19:03:31 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2007-12-29 00:42:51 25,214 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\ARPPRODUCTICON.exe
+ 2007-12-29 00:42:51 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\NewShortcut1_33E9E60A87F847448812192D138D3F40.exe
+ 2007-12-29 00:42:51 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\NewShortcut1_EB21A812671B4D08B9742A347F0D8F70.exe
+ 2007-12-29 00:42:51 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\NewShortcut11_EB21A812671B4D08B9742A347F0D8F70.exe
+ 2007-12-29 00:42:51 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\NewShortcut2_33E9E60A87F847448812192D138D3F40.exe
+ 2007-12-29 00:42:51 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\NewShortcut4_EB21A812671B4D08B9742A347F0D8F70.exe
+ 2007-12-29 00:42:51 65,536 ----a-r C:\WINDOWS\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\UninstallHPGGShortcu_EB21A812671B4D08B9742A347F0D8F70.exe
+ 2007-12-29 00:32:50 25,214 ----a-r C:\WINDOWS\Installer\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}\ARPPRODUCTICON.exe
+ 2007-12-29 00:32:51 25,214 ----a-r C:\WINDOWS\Installer\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}\hpqSSupply.exe
- 2007-04-16 17:35:24 45,056 ----a-r C:\WINDOWS\Installer\{FCDB1C92-03C6-4C76-8625-371224256091}\PdockShortcut4.exe
+ 2007-12-01 05:39:35 45,056 ----a-r C:\WINDOWS\Installer\{FCDB1C92-03C6-4C76-8625-371224256091}\PdockShortcut4.exe
- 2007-04-16 17:35:24 135,168 ----a-r C:\WINDOWS\Installer\{FCDB1C92-03C6-4C76-8625-371224256091}\PdockShortcut5.exe
+ 2007-12-01 05:39:35 135,168 ----a-r C:\WINDOWS\Installer\{FCDB1C92-03C6-4C76-8625-371224256091}\PdockShortcut5.exe
+ 2007-12-29 00:38:09 65,536 ----a-r C:\WINDOWS\Installer\{FF075778-6E50-47ed-991D-3B07FD4E3250}\NewShortcut1.A6CC6977_F7B4_4C0B_9510_BCD847D4BDB2.exe
- 2007-05-23 05:05:50 30,208 ----a-w C:\WINDOWS\mickey32.dll
+ 2007-11-17 05:14:25 30,208 ----a-w C:\WINDOWS\mickey32.dll
- 2003-02-20 23:19:32 253,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-14 02:30:52 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2003-02-20 23:19:34 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-15 06:49:18 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
- 2003-02-20 23:19:38 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-15 06:49:26 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
- 2003-02-20 23:19:36 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-14 02:30:52 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 23:09:08 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-14 01:57:52 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-21 14:20:44 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-15 16:23:28 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
- 2003-02-21 14:21:00 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2004-07-15 16:23:44 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
- 2003-02-20 23:06:20 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2004-07-15 05:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-10-08 19:30:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
- 2003-02-21 11:24:38 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2004-07-15 19:31:00 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
- 2003-02-21 11:24:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2004-07-15 19:31:04 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
- 2003-02-20 23:09:40 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-15 05:35:30 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
- 2003-02-21 11:26:36 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-15 19:28:58 720,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
- 2003-02-21 11:26:38 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 19:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
- 2003-02-21 11:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2004-07-15 19:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
- 2003-02-21 11:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2004-07-15 19:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-20 23:09:12 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 05:32:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
- 2003-02-20 23:09:12 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 05:32:46 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
- 2003-02-20 23:09:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-14 01:57:58 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2003-02-20 23:06:32 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-14 01:56:30 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2003-02-20 23:09:16 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-14 01:58:00 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2003-02-21 11:26:34 2,088,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-14 01:50:46 2,142,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 23:09:18 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2004-07-15 05:33:22 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
- 2003-02-20 23:09:18 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2004-07-15 05:33:24 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
- 2003-02-20 23:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-14 01:58:02 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2003-02-20 23:07:34 2,494,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-14 01:57:00 2,523,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2003-02-20 23:08:32 2,482,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-14 01:57:28 2,514,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-01-15 21:11:26 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
- 2003-02-20 23:09:30 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2004-07-15 05:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
- 2003-02-21 11:26:46 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 19:28:48 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 06:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_aspnet_isapi.dll
+ 2004-07-15 05:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_CORPerfMonExt.dll
+ 2004-07-15 05:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_fusion.dll
+ 2004-07-15 05:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_mscorjit.dll
+ 2004-07-15 19:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_mscorlib.dll
+ 2003-02-20 23:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_mscorsn.dll
+ 2004-07-15 05:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_mscorsvr.dll
+ 2004-07-15 05:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_mscorwks.dll
+ 2003-02-21 08:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_msvcr71.dll
+ 2004-07-15 05:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3060\_PerfCounter.dll
- 2003-02-20 23:09:34 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2004-07-15 05:35:04 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
- 2003-02-21 11:26:38 1,290,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2004-07-15 19:32:00 1,294,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
- 2003-02-21 11:25:42 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2004-07-15 19:31:14 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
- 2003-02-21 11:26:42 1,699,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2004-07-15 19:29:02 1,703,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
- 2003-02-21 11:26:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2004-07-15 19:28:54 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
- 2003-02-21 11:26:46 1,216,512 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-14 02:35:38 1,232,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2003-02-21 11:26:50 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 19:28:58 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
- 2003-02-21 11:26:50 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 19:28:56 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
- 2003-02-20 23:09:36 64,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2004-07-15 05:35:12 66,560 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
- 2003-02-21 11:26:52 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2004-07-15 19:31:58 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
- 2003-02-21 11:26:54 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 19:31:12 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
- 2003-02-21 11:26:56 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 19:28:58 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
- 2003-02-21 11:26:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2004-07-15 19:31:54 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
- 2003-02-21 11:26:58 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-15 19:28:52 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2003-02-21 11:27:00 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 19:28:54 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
- 2003-02-21 11:27:02 1,245,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-14 02:35:46 1,265,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2003-02-21 11:27:06 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 19:28:58 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
- 2003-02-21 11:24:18 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-15 19:28:52 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
- 2003-02-21 11:27:06 569,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2004-07-15 19:31:16 573,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
- 2003-02-21 11:27:08 2,039,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2004-07-15 19:32:02 2,052,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
- 2003-02-21 11:27:10 1,335,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-07-15 19:29:00 1,339,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-06-22 18:51:38 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2003-02-21 14:20:38 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 16:23:20 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
- 2003-02-21 09:04:18 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 13:15:14 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
- 2003-02-21 00:10:40 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2004-07-15 07:11:56 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
- 2007-06-17 04:11:58 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 12:00:00 28,160 ----a-w C:\WINDOWS\NirCmd.exe
+ 2008-02-29 22:30:28 142,782 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cache\Personal_32_1033.dat
+ 2008-02-29 22:30:28 142,782 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cache\Personal_32_1033.dat.bak
+ 2006-02-28 12:00:00 73,376 ----a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2006-02-28 12:00:00 25,264 ----a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2006-02-28 12:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2006-02-28 12:00:00 3,360 ----a-w C:\WINDOWS\system\SYSTEM.DRV
+ 2006-02-28 12:00:00 4,048 ----a-w C:\WINDOWS\system\TIMER.DRV
+ 2006-02-28 12:00:00 13,600 ----a-w C:\WINDOWS\system\WFWNET.DRV
+ 1994-09-21 01:00:00 92,208 ----a-w C:\WINDOWS\system\Wing.dll
+ 1994-09-21 01:00:00 12,800 ----a-w C:\WINDOWS\system\Wing32.dll
+ 2006-02-28 12:00:00 146,432 ----a-w C:\WINDOWS\system\WINSPOOL.DRV
- 2007-06-27 14:34:51 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-12-07 02:21:45 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-01-31 20:11:41 466,944 ----a-w C:\WINDOWS\system32\capicom.dll
+ 2007-09-12 23:27:24 511,328 ----a-w C:\WINDOWS\system32\capicom.dll
+ 2006-02-28 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
+ 2005-12-05 22:09:18 2,323,664 ----a-w C:\WINDOWS\system32\d3dx9_28.dll
+ 2006-03-31 16:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
+ 2001-08-18 03:36:12 25,600 ----a-w C:\WINDOWS\system32\dc210_32.dll
+ 2001-08-18 03:36:12 80,896 ----a-w C:\WINDOWS\system32\dc210usd.dll
+ 2006-12-06 06:02:27 309,760 ----a-r C:\WINDOWS\system32\difxapi.dll
- 2007-06-27 14:34:51 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-12-07 02:21:45 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2001-08-18 03:36:12 25,600 -c--a-w C:\WINDOWS\system32\dllcache\dc210_32.dll
+ 2001-08-18 03:36:12 80,896 -c--a-w C:\WINDOWS\system32\dllcache\dc210usd.dll
- 2006-10-17 15:58:06 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-12-19 23:01:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2006-10-17 15:57:50 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-12-07 02:21:45 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-06-27 14:34:51 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-12-07 02:21:45 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-12-07 02:21:45 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-06-27 08:27:04 63,488 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-12-06 11:00:57 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-06-27 14:34:51 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-12-07 02:21:45 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-06-27 14:34:51 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-12-07 02:21:45 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-06-27 07:00:33 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-12-06 04:59:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-06-27 14:34:51 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2007-12-07 02:21:45 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-06-27 14:34:51 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-12-07 02:21:45 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-06-27 14:34:55 6,058,496 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-12-07 02:21:46 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-06-27 14:34:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-12-07 02:21:46 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-06-27 14:34:55 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2007-12-07 02:21:46 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-06-27 08:27:05 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-06-27 08:27:30 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-12-06 11:01:25 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-05-16 15:12:02 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2007-08-21 06:15:44 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2007-06-27 14:34:56 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-12-07 02:21:47 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2006-08-17 12:28:27 721,920 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:26:56 721,920 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2006-02-28 12:00:00 73,376 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2006-02-28 12:00:00 25,264 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2006-02-28 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
- 2006-02-28 12:00:00 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
- 2007-06-27 14:34:56 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-12-07 02:21:47 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-06-27 14:34:56 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2007-12-07 02:21:47 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-07-19 06:59:59 3,583,488 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-12-08 05:21:48 3,592,192 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-06-27 14:34:57 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-12-07 02:21:47 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-06-27 14:34:58 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-12-07 02:21:48 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-06-27 14:34:58 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-12-07 02:21:48 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-06-27 14:34:58 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-12-07 02:21:48 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-05-17 11:28:05 549,376 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:38:13 550,912 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2006-10-17 15:58:08 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-01-11 05:53:32 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2005-08-30 03:54:26 1,287,168 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-02-28 12:00:00 581,120 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
+ 2007-07-09 13:09:42 584,192 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
+ 2001-08-17 18:53:32 6,784 -c--a-w C:\WINDOWS\system32\dllcache\serscan.sys
- 2006-12-19 21:52:18 8,453,632 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2006-02-28 12:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
- 2006-04-20 11:51:50 359,808 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2006-02-28 12:00:00 4,048 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
- 2007-06-27 14:34:58 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-12-07 02:21:48 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2007-06-27 14:34:58 1,152,000 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-12-07 02:21:48 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2004-08-04 02:58:46 15,104 -c--a-w C:\WINDOWS\system32\dllcache\usbscan.sys
+ 2004-08-04 03:58:46 15,104 -c--a-w C:\WINDOWS\system32\dllcache\usbscan.sys
- 2007-06-27 14:34:59 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-12-07 02:21:48 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2006-02-28 12:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
- 2007-06-27 14:34:59 823,808 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-12-07 02:21:48 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2006-02-28 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\winspool.drv
- 2006-10-19 01:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\WMASF.dll
+ 2007-10-27 22:40:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2007-02-02 08:00:00 9,336 ----a-w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2007-02-02 08:00:00 9,464 ----a-w C:\WINDOWS\system32\drivers\cdralw2k.sys
+ 2006-09-19 19:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
- 2005-07-07 09:09:24 51,120 ----a-w C:\WINDOWS\system32\drivers\HPZid412.sys
+ 2006-12-06 06:02:28 49,920 ----a-r C:\WINDOWS\system32\drivers\HPZid412.sys
- 2005-07-07 09:09:24 16,496 ----a-w C:\WINDOWS\system32\drivers\HPZipr12.sys
+ 2006-12-06 06:02:28 16,496 ----a-r C:\WINDOWS\system32\drivers\HPZipr12.sys
- 2005-07-07 09:09:24 21,744 ----a-w C:\WINDOWS\system32\drivers\HPZius12.sys
+ 2006-12-06 06:02:29 21,568 ----a-r C:\WINDOWS\system32\drivers\HPZius12.sys
+ 2007-10-04 15:28:58 11,304 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys
+ 2007-10-04 15:29:00 132,904 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys
- 2006-02-28 12:00:00 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
- 2006-10-18 07:00:00 36,624 ----a-w C:\WINDOWS\system32\drivers\pxhelp20.sys
+ 2007-03-29 08:00:00 43,528 ----a-w C:\WINDOWS\system32\drivers\pxhelp20.sys
- 2007-06-26 20:35:38 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2007-11-13 10:25:53 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2001-08-17 18:53:32 6,784 ----a-w C:\WINDOWS\system32\drivers\serscan.sys
- 2007-09-18 18:43:36 278,576 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
+ 2007-12-01 04:57:12 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
- 2007-09-18 18:43:36 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
+ 2007-12-01 04:57:12 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
- 2007-09-18 18:43:36 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
+ 2007-12-01 04:57:12 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
- 2007-01-09 21:32:13 12,984 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
+ 2007-01-10 00:46:26 12,984 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
- 2007-10-04 04:03:47 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
+ 2008-01-05 02:10:20 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
- 2007-01-09 21:32:13 145,976 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
+ 2007-01-10 00:46:26 145,976 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
- 2007-01-09 21:32:13 40,120 ----a-w C:\WINDOWS\system32\drivers\symids.sys
+ 2007-01-10 00:46:26 40,120 ----a-w C:\WINDOWS\system32\drivers\symids.sys
- 2007-01-09 21:32:13 35,256 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
+ 2007-01-10 00:46:26 35,256 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
- 2007-01-09 21:32:13 38,200 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
+ 2007-01-10 00:46:28 38,200 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
- 2007-01-09 21:32:13 27,576 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
+ 2007-01-10 00:46:26 27,576 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
- 2007-01-09 21:32:13 191,544 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
+ 2007-01-10 00:46:26 191,544 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
- 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2004-08-04 02:58:46 15,104 ----a-w C:\WINDOWS\system32\drivers\usbscan.sys
+ 2004-08-04 03:58:46 15,104 ----a-w C:\WINDOWS\system32\drivers\usbscan.sys
+ 2007-03-29 13:56:10 68,344 ----a-w C:\WINDOWS\system32\drvins64.exe
+ 2006-12-15 16:36:47 258,048 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpopia_86BE61B0FD7CFC16E2DF27D2F62DB4B0DE3B7840\hpzids01.dll
+ 2006-12-06 06:02:27 309,760 -c--a-r C:\WINDOWS\system32\DRVSTORE\hposcu11_663F848A1CC601EEF11FD4ABCA2A63D4554C11BB\drivers\dot4\Win2000\difxapi.dll
+ 2006-12-06 06:02:27 364,544 -c--a-r C:\WINDOWS\system32\DRVSTORE\hposcu11_663F848A1CC601EEF11FD4ABCA2A63D4554C11BB\drivers\dot4\Win2000\hppldcoi.dll
+ 2006-12-06 05:50:43 892,928 -c--a-r C:\WINDOWS\system32\DRVSTORE\hposcu11_663F848A1CC601EEF11FD4ABCA2A63D4554C11BB\drivers\scanner\x32\hpotiop4.dll
+ 2006-12-06 05:50:43 229,376 -c--a-r C:\WINDOWS\system32\DRVSTORE\hposcu11_663F848A1CC601EEF11FD4ABCA2A63D4554C11BB\drivers\scanner\x32\hpotpusd.dll
+ 2006-12-06 05:50:44 294,912 -c--a-r C:\WINDOWS\system32\DRVSTORE\hposcu11_663F848A1CC601EEF11FD4ABCA2A63D4554C11BB\drivers\scanner\x32\hpovst11.dll
+ 2006-12-06 05:50:45 675,840 -c--a-r C:\WINDOWS\system32\DRVSTORE\hposcu11_663F848A1CC601EEF11FD4ABCA2A63D4554C11BB\drivers\scanner\x32\hpowiax4.dll
+ 2006-12-06 06:02:28 49,920 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzid413_923BAEF41AADB2736D03CC727525A30052B246DE\drivers\dot4\Win2000\HPZid412.sys
+ 2006-12-06 06:02:27 309,760 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzipa13_E593794BBA4A17487A65D4207C3D80641B1B690B\drivers\dot4\Win2000\difxapi.dll
+ 2006-12-06 06:02:27 364,544 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzipa13_E593794BBA4A17487A65D4207C3D80641B1B690B\drivers\dot4\Win2000\hppldcoi.dll
+ 2006-12-06 06:02:28 49,920 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzipa13_E593794BBA4A17487A65D4207C3D80641B1B690B\drivers\dot4\Win2000\HPZid412.sys
+ 2006-12-06 06:02:28 16,496 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzipa13_E593794BBA4A17487A65D4207C3D80641B1B690B\drivers\dot4\Win2000\HPzipr12.sys
+ 2006-12-06 06:02:29 21,568 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzipa13_E593794BBA4A17487A65D4207C3D80641B1B690B\drivers\dot4\Win2000\HPZius12.sys
+ 2006-12-06 06:02:32 282,624 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzipa13_E593794BBA4A17487A65D4207C3D80641B1B690B\HPZc3212.dll
+ 2006-12-06 06:02:28 16,496 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzipr13_72BFE86CBE130741DF16A4DECAE115C528A928BD\drivers\dot4\Win2000\HPZipr12.sys
+ 2006-12-06 06:02:27 309,760 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzius13_2B61E7AE989F51D0114C39AA4952A51FFAE3884B\drivers\dot4\Win2000\difxapi.dll
+ 2006-12-06 06:02:27 364,544 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzius13_2B61E7AE989F51D0114C39AA4952A51FFAE3884B\drivers\dot4\Win2000\hppldcoi.dll
+ 2006-12-06 06:02:28 49,920 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzius13_2B61E7AE989F51D0114C39AA4952A51FFAE3884B\drivers\dot4\Win2000\hpzid412.sys
+ 2006-12-06 06:02:28 16,496 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzius13_2B61E7AE989F51D0114C39AA4952A51FFAE3884B\drivers\dot4\Win2000\hpzipr12.sys
+ 2006-12-06 06:02:29 21,568 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzius13_2B61E7AE989F51D0114C39AA4952A51FFAE3884B\drivers\dot4\Win2000\HPZius12.sys
+ 2006-12-06 06:02:26 16,800 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzius13_2B61E7AE989F51D0114C39AA4952A51FFAE3884B\drivers\dot4\WinxP\Hppaufd0.sys
+ 2006-12-06 06:02:32 282,624 -c--a-r C:\WINDOWS\system32\DRVSTORE\hpzius13_2B61E7AE989F51D0114C39AA4952A51FFAE3884B\HPZc3212.dll
+ 2007-06-06 14:18:02 45,056 -c--a-w C:\WINDOWS\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDDynCC.DLL
+ 2007-06-06 14:37:36 258,048 -c--a-w C:\WINDOWS\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDGDI.dll
+ 2007-06-06 14:36:46 28,672 -c--a-w C:\WINDOWS\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDGPD.dll
+ 2007-06-06 14:25:20 40,960 -c--a-w C:\WINDOWS\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDLM.dll
+ 2007-06-06 14:18:12 196,608 -c--a-w C:\WINDOWS\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDRES.dll
+ 2007-06-06 14:37:24 278,528 -c--a-w C:\WINDOWS\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDUI.dll
+ 2007-06-06 14:46:10 229,376 -c--a-w C:\WINDOWS\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDVS.dll
+ 2007-06-06 14:57:12 2,363,392 -c--a-w C:\WINDOWS\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\xerces-c_2_7.dll
- 2006-10-17 15:58:06 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-12-19 23:01:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2006-10-17 15:57:50 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-12-07 02:21:45 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-06-27 14:34:51 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-12-07 02:21:45 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2000-08-31 12:00:00 73,728 ----a-w C:\WINDOWS\system32\fdsv.exe
+ 2006-10-04 00:47:52 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll
+ 2000-08-31 12:00:00 80,412 ----a-w C:\WINDOWS\system32\grep.exe
+ 2006-12-06 05:50:43 892,928 ----a-r C:\WINDOWS\system32\hpotiop4.dll
+ 2006-12-06 05:50:44 294,912 ----a-r C:\WINDOWS\system32\hpovst11.dll
+ 2006-12-06 05:50:45 675,840 ----a-r C:\WINDOWS\system32\hpowiax4.dll
+ 2006-12-06 06:02:27 364,544 ----a-r C:\WINDOWS\system32\hppldcoi.dll
+ 2006-12-29 14:57:50 117,760 ----a-w C:\WINDOWS\system32\hpz3l4v2.dll
- 2004-09-29 16:12:48 278,584 ----a-w C:\WINDOWS\system32\HPZidr12.dll
+ 2006-11-08 21:35:38 49,152 ----a-w C:\WINDOWS\system32\HPZidr12.dll
+ 2006-12-15 16:36:47 258,048 ----a-r C:\WINDOWS\system32\hpzids01.dll
+ 2006-11-08 21:35:36 43,520 ----a-w C:\WINDOWS\system32\HPZinw12.dll
+ 2006-11-08 21:35:38 53,248 ----a-w C:\WINDOWS\system32\HPZipm12.dll
- 2004-09-29 16:15:16 204,800 ----a-w C:\WINDOWS\system32\HPZipr12.dll
+ 2006-11-08 21:35:40 33,280 ----a-w C:\WINDOWS\system32\HPZipr12.dll
- 2004-09-29 16:09:26 94,208 ----a-w C:\WINDOWS\system32\HPZipt12.dll
+ 2006-11-08 21:35:40 29,696 ----a-w C:\WINDOWS\system32\hpzipt12.dll
- 2004-09-29 16:09:32 57,344 ----a-w C:\WINDOWS\system32\HPZisn12.dll
+ 2006-11-08 21:35:40 20,480 ----a-w C:\WINDOWS\system32\hpzisn12.dll
- 2006-10-17 15:58:20 61,952 ------w C:\WINDOWS\system32\icardie.dll
+ 2007-12-07 02:21:45 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-06-27 08:27:04 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-12-06 11:00:57 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-06-27 14:34:51 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-12-07 02:21:45 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-06-27 14:34:51 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-12-07 02:21:45 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-06-27 07:00:33 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-12-06 04:59:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-06-27 14:34:51 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2007-12-07 02:21:45 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-06-27 14:34:51 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-12-07 02:21:45 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-06-27 14:34:55 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2007-12-07 02:21:46 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-06-27 14:34:55 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-12-07 02:21:46 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-06-27 14:34:55 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2007-12-07 02:21:46 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-06-27 08:27:05 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2007-08-21 06:15:44 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2007-07-12 05:22:00 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-22 05:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-07-12 05:22:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-22 05:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-07-12 06:22:38 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-02-22 06:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-06-27 14:34:56 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-12-07 02:21:47 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-06-13 10:23:07 82,944 ----a-w C:\WINDOWS\system32\kdnus.exe
- 2006-11-27 20:36:28 331,776 ----a-w C:\WINDOWS\system32\KPDPM.dll
+ 2007-06-06 14:38:14 344,064 ----a-w C:\WINDOWS\system32\KPDPM.dll
- 2006-11-27 20:37:28 233,472 ----a-w C:\WINDOWS\system32\KPDPMUI.dll
+ 2007-06-06 14:38:40 237,568 ----a-w C:\WINDOWS\system32\KPDPMUI.dll
+ 2007-06-06 14:18:12 196,608 ----a-w C:\WINDOWS\system32\KPDRES.DLL
+ 2006-02-28 12:00:00 221,600 ----a-w C:\WINDOWS\system32\lanman.drv
- 2006-08-17 12:28:27 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:26:56 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2007-05-02 16:32:04 182,512 ----a-w C:\WINDOWS\system32\Macromed\Director\swdir.dll
+ 2008-01-07 15:26:46 181,672 ----a-w C:\WINDOWS\system32\Macromed\Director\swdir.dll
- 2007-04-30 21:11:28 585,728 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
+ 2008-01-03 22:19:34 581,632 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
- 2007-04-30 20:08:40 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
+ 2008-01-03 22:01:46 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
- 2007-04-30 20:30:38 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-01-03 22:20:14 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2007-04-30 20:47:02 1,089,024 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
+ 2008-01-08 15:57:12 1,112,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
- 2007-04-30 19:47:42 52,288 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
+ 2008-01-03 21:46:46 52,288 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
- 2007-04-30 20:05:32 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
+ 2008-01-03 21:59:14 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
- 2007-04-30 21:11:22 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
+ 2008-01-03 22:18:56 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
- 2007-04-30 21:11:24 483,328 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2008-01-03 22:19:06 475,136 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
- 2007-04-30 21:11:30 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2008-01-03 22:11:48 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2008-01-07 15:26:28 390,568 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwHelper_1030024.exe
- 2007-04-30 20:33:00 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
+ 2008-01-03 22:22:06 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
- 2007-04-30 20:29:00 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
+ 2008-01-03 22:18:50 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
- 2007-04-30 20:33:00 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-01-03 22:22:08 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-01-03 21:46:44 50,808 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SYMCCHECKER.DLL
+ 2006-02-28 12:00:00 73,376 ----a-w C:\WINDOWS\system32\mciavi.drv
+ 2006-02-28 12:00:00 25,264 ----a-w C:\WINDOWS\system32\mciseq.drv
+ 2006-02-28 12:00:00 28,160 ----a-w C:\WINDOWS\system32\mciwave.drv
- 2003-03-19 02:20:00 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll
+ 2007-03-22 01:39:00 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.DLL
- 2007-09-06 02:50:42 17,474,680 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-03-05 16:30:54 19,148,408 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2006-02-28 12:00:00 20,480 ----a-w C:\WINDOWS\system32\msacm32.drv
- 2003-02-20 23:06:24 155,648 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2006-12-22 17:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2003-02-20 22:43:38 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll
+ 2004-07-15 04:34:06 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll
- 2007-06-27 14:34:56 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-12-07 02:21:47 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-06-27 14:34:56 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-12-07 02:21:47 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2006-02-28 12:00:00 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2006-02-28 12:00:00 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2007-07-19 06:59:59 3,583,488 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-12-08 05:21:48 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-06-27 14:34:57 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-12-07 02:21:47 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-06-27 14:34:58 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-12-07 02:21:48 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2007-06-27 14:34:58 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-12-07 02:21:48 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2003-03-19 01:14:52 499,712 ------w C:\WINDOWS\system32\msvcp71.dll
+ 2007-03-22 01:33:00 503,808 ----a-w C:\WINDOWS\system32\MSVCP71.DLL
- 2003-02-21 09:42:22 348,160 ------w C:\WINDOWS\system32\Msvcr71.dll
+ 2007-03-22 01:33:00 348,160 ----a-w C:\WINDOWS\system32\MSVCR71.DLL
+ 2006-12-22 18:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll
- 2005-02-16 19:18:04 90,184 ----a-w C:\WINDOWS\system32\NeroCo.dll
+ 2007-08-29 18:14:46 95,600 ----a-w C:\WINDOWS\system32\NeroCo.dll
- 2007-06-27 14:34:58 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-12-07 02:21:48 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2007-05-17 11:28:05 549,376 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2007-04-18 23:44:36 52,764 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-03-16 15:52:41 52,764 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-04-18 23:44:36 380,350 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-03-16 15:52:41 380,350 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-03-19 00:00:00 278,528 ----a-w C:\WINDOWS\system32\pncrt.dll
- 2006-10-17 15:58:08 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-01-11 05:53:32 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2006-04-20 17:27:00 64,512 ----a-w C:\WINDOWS\system32\ptpitcp.dll
+ 2007-02-08 06:40:10 64,512 ----a-w C:\WINDOWS\system32\ptpitcp.dll
- 2006-11-21 16:52:58 527,096 ----a-w C:\WINDOWS\system32\Px.dll
+ 2007-04-04 22:08:46 551,672 ----a-w C:\WINDOWS\system32\Px.dll
- 2006-11-21 16:53:00 129,784 ----a-w C:\WINDOWS\system32\PxAFS.DLL
+ 2007-04-04 22:08:48 129,784 ----a-w C:\WINDOWS\system32\PxAFS.DLL
+ 2007-03-29 13:56:16 66,296 ----a-w C:\WINDOWS\system32\pxcpya64.exe
+ 2007-03-29 13:56:14 120,056 ----a-w C:\WINDOWS\system32\pxcpyi64.exe
- 2006-11-01 05:02:00 502,520 ----a-w C:\WINDOWS\system32\pxdrv.dll
+ 2007-03-23 06:02:00 518,904 ----a-w C:\WINDOWS\system32\pxdrv.dll
+ 2007-03-29 13:56:12 64,760 ----a-w C:\WINDOWS\system32\pxinsa64.exe
+ 2007-03-29 13:56:14 118,520 ----a-w C:\WINDOWS\system32\pxinsi64.exe
- 2006-11-21 16:53:02 183,032 ----a-w C:\WINDOWS\system32\PxMas.dll
+ 2007-04-04 22:08:50 187,128 ----a-w C:\WINDOWS\system32\PxMas.dll
- 2006-11-21 16:53:02 1,329,912 ----a-w C:\WINDOWS\system32\PxSFS.DLL
+ 2007-04-04 22:08:52 1,628,920 ----a-w C:\WINDOWS\system32\PxSFS.DLL
- 2006-11-21 16:53:04 379,640 ----a-w C:\WINDOWS\system32\PxWave.dll
+ 2007-04-04 22:08:54 379,640 ----a-w C:\WINDOWS\system32\PxWave.dll
- 2006-11-21 16:53:06 158,456 ----a-w C:\WINDOWS\system32\pxwma.dll
+ 2007-04-04 22:08:56 158,456 ----a-w C:\WINDOWS\system32\pxwma.dll
- 2005-08-30 03:54:26 1,287,168 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
- 2006-02-28 12:00:00 581,120 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2007-07-09 13:09:42 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2000-08-31 12:00:00 98,816 ----a-w C:\WINDOWS\system32\sed.exe
- 2006-12-19 21:52:18 8,453,632 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2006-12-22 21:11:06 1,916,928 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpbcfgre.dll
+ 2006-11-29 22:26:42 671,816 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpcdmc32.dll
+ 2006-12-27 02:43:26 314,880 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfie4v2.dll
+ 2006-12-27 02:43:26 7,019,008 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfig4v2.dll
+ 2006-08-22 07:34:12 106,496 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfrs4v2.dll
+ 2006-12-29 14:57:34 1,581,056 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3a4v2.dll
+ 2006-12-29 14:28:40 977,920 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3c4v2.dll
+ 2006-12-29 14:58:00 1,735,168 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3r4v2.dll
+ 2006-12-29 14:57:24 437,248 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzev4v2.dll
+ 2006-12-29 14:57:30 200,192 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpr4v2.dll
+ 2006-12-29 14:44:10 669,696 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzss4v2.dll
+ 2006-12-29 14:28:38 5,513,216 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzst4v2.dll
+ 2006-12-29 22:32:22 3,217,408 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzui4v2.dll
+ 2006-12-29 14:28:46 3,333,632 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzur4v2.dll
+ 2004-08-04 17:26:48 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2004-08-04 17:26:48 197,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2004-08-04 17:26:36 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2006-12-22 21:11:06 1,916,928 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpbcfgre.dll
+ 2006-11-29 22:26:42 671,816 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpcdmc32.dll
+ 2006-12-27 02:43:26 314,880 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpfie4v2.dll
+ 2006-12-27 02:43:26 7,019,008 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpfig4v2.dll
+ 2006-08-22 07:34:12 106,496 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpfrs4v2.dll
+ 2006-12-29 14:57:34 1,581,056 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpz3a4v2.dll
+ 2006-12-29 14:28:40 977,920 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpz3c4v2.dll
+ 2006-12-29 14:58:00 1,735,168 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpz3r4v2.dll
+ 2006-12-29 14:57:24 437,248 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpzev4v2.dll
+ 2006-12-29 14:57:30 200,192 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpzpr4v2.dll
+ 2006-12-29 14:44:10 669,696 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpzss4v2.dll
+ 2006-12-29 14:28:38 5,513,216 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpzst4v2.dll
+ 2006-12-29 22:32:22 3,217,408 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpzui4v2.dll
+ 2006-12-29 14:28:46 3,333,632 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\hpzur4v2.dll
+ 2004-08-04 17:26:48 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\UNIDRV.DLL
+ 2004-08-04 17:26:48 197,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\UNIDRVUI.DLL
+ 2004-08-04 17:26:36 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968\UNIRES.DLL
+ 2006-12-29 14:57:18 273,920 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4v2.dll
- 2007-10-05 14:07:31 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 12:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
- 2007-01-10 01:47:37 624,784 ----a-w C:\WINDOWS\system32\SymNeti.dll
+ 2007-01-10 01:12:22 624,784 ----a-w C:\WINDOWS\system32\SymNeti.dll
+ 2007-07-12 01:49:28 186,256 ----a-r C:\WINDOWS\system32\SymNppWA.dll
- 2007-01-10 01:47:37 242,320 ----a-w C:\WINDOWS\system32\SymRedir.dll
+ 2007-01-10 01:12:18 242,320 ----a-w C:\WINDOWS\system32\SymRedir.dll
+ 2006-02-28 12:00:00 3,360 ----a-w C:\WINDOWS\system32\system.drv
+ 2006-02-28 12:00:00 4,048 ----a-w C:\WINDOWS\system32\timer.drv
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2007-06-27 14:34:58 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-12-07 02:21:48 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-06-27 14:34:58 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-12-07 02:21:48 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 1998-06-18 04:00:00 89,360 ----a-w C:\WINDOWS\system32\VB5DB.dll
+ 1993-06-30 17:02:30 398,416 ----a-w C:\WINDOWS\system32\VBRUN300.DLL
- 2006-10-10 05:00:00 39,672 ----a-w C:\WINDOWS\system32\VXBLOCK.dll
+ 2007-03-26 06:00:00 88,824 ----a-w C:\WINDOWS\system32\vxblock.dll
+ 2006-02-28 12:00:00 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2007-06-27 14:34:59 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-12-07 02:21:48 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2006-02-28 12:00:00 13,600 ----a-w C:\WINDOWS\system32\wfwnet.drv
+ 1994-09-21 01:00:00 6,736 ----a-w C:\WINDOWS\system32\Wingdib.drv
- 2007-06-27 14:34:59 823,808 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-12-07 02:21:48 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2006-02-28 12:00:00 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
- 2006-10-19 01:47:18 222,208 ----a-w C:\WINDOWS\system32\WMASF.dll
+ 2007-10-27 22:40:30 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
- 2007-06-14 10:08:46 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 10:04:03 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2000-08-31 12:00:00 68,096 ----a-w C:\WINDOWS\system32\zip.exe
+ 2007-01-02 22:27:50 12,288 ----a-r C:\WINDOWS\Twunk_16.dll
+ 2007-01-02 22:27:50 12,288 ----a-r C:\WINDOWS\Twunk_32.dll
- 1998-02-07 01:37:32 299,520 ----a-w C:\WINDOWS\uninst.exe
+ 1998-02-07 02:37:32 299,520 ----a-w C:\WINDOWS\uninst.exe
- 2005-09-12 20:13:46 233,472 ----a-w C:\WINDOWS\UNNeroBackItUp.exe
+ 2007-03-21 01:22:04 972,336 ----a-w C:\WINDOWS\UNNeroBackItUp.exe
- 2005-09-12 20:13:46 233,472 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
+ 2007-06-27 23:05:02 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
- 2005-09-12 20:13:46 233,472 ----a-w C:\WINDOWS\UNNeroShowTime.exe
+ 2007-02-28 20:41:02 972,336 ----a-w C:\WINDOWS\UNNeroShowTime.exe
- 2005-09-12 20:13:46 233,472 ----a-w C:\WINDOWS\UNNeroVision.exe
+ 2007-08-03 18:58:48 972,072 ----a-w C:\WINDOWS\UNNeroVision.exe
- 2005-09-12 20:13:46 233,472 ----a-w C:\WINDOWS\UNRecode.exe
+ 2007-08-03 19:04:08 972,072 ----a-w C:\WINDOWS\UNRecode.exe
- 2007-05-23 05:05:51 566,986 ----a-w C:\WINDOWS\Winnie the Pooh.exe
+ 2007-11-17 05:14:25 566,986 ----a-w C:\WINDOWS\Winnie the Pooh.exe
- 2007-05-23 05:05:51 341,240 ----a-w C:\WINDOWS\Winnie the Pooh.scr
+ 2007-11-17 05:14:25 341,240 ----a-w C:\WINDOWS\Winnie the Pooh.scr
- 2007-04-16 17:32:32 1,233,920 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
+ 2007-12-01 05:30:43 1,233,920 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
+ 2006-12-02 03:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2007-01-02 22:27:38 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_6e85597b\ATL80.dll
+ 2006-12-02 03:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-02 03:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-02 03:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2007-01-20 04:52:30 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcm80.dll
+ 2007-01-20 04:52:30 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcp80.dll
+ 2007-01-20 04:52:30 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcr80.dll
+ 2006-12-02 05:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-02 05:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 05:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-02 05:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-12 08:39:18 1,093,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfc80.dll
+ 2006-12-12 08:39:18 1,079,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfc80u.dll
+ 2006-12-12 08:39:20 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfcm80.dll
+ 2006-12-12 08:39:20 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfcm80u.dll
+ 2006-12-02 05:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-02 05:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-02 05:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 05:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-02 05:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-02 05:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-02 05:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 05:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-02 05:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-11 02:51:08 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHS.dll
+ 2006-12-11 02:51:08 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHT.dll
+ 2006-12-11 02:51:08 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80DEU.dll
+ 2006-12-11 02:51:08 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ENU.dll
+ 2006-12-11 02:51:08 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ESP.dll
+ 2006-12-11 02:51:08 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80FRA.dll
+ 2006-12-11 02:51:08 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ITA.dll
+ 2006-12-11 02:51:08 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80JPN.dll
+ 2006-12-11 02:51:08 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80KOR.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{04F23C9C-1A98-46C7-8DF5-EDB0E8DB8981}]
C:\WINDOWS\system32\pmkhh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5F228629-59DC-45F9-AFA4-00D9A3CA4139}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FA6E43E6-F825-4317-BBCC-EC8462D1F3A5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2007-04-15 23:28 16384]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CamTray.exe" [2005-10-27 19:00 299008]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [2007-08-29 10:55 1347584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2003-12-01 11:38 892928]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 05:50 19968 C:\WINDOWS\LOGI_MWX.EXE]
"AdaptecDirectCD"="C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" [2008-03-20 18:35 684032]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 22:52 49152]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"NWEReboot"="" []
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-11-28 20:51 583048]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-07-17 21:54 116072]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [2007-01-02 22:40:10 210520]
HP Image Zone Fast Start.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-09-19 05:33:46 282624]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-04-15 23:28:17 169472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccywxx]
fccywxx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=

R2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS\system32\pctspk.exe [2001-08-17 18:36]
R3 3dfxvs;3dfxvs;C:\WINDOWS\system32\DRIVERS\3dfxvsm.sys [2001-08-17 08:48]
R3 Ptserlp;PCTEL Serial Device Driver for PCI;C:\WINDOWS\system32\DRIVERS\ptserlp.sys [2001-08-17 09:28]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2007-11-21 14:00:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-22 04:38:34 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-28 00:17:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Completion time: 2008-03-28 0:22:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-28 04:22:07
ComboFix2.txt 2007-10-10 05:44:14
Pre-Run: 175,476,654,080 bytes free
Post-Run: 175,435,087,872 bytes free
.
2008-03-26 00:04:04 --- E O F ---

#4 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:30 PM

Posted 28 March 2008 - 06:21 AM

Oh yeah! I'm in Columbus and I'm a huge Buckeye fan! :thumbsup:
Let's see about getting you fixed up here.

Copy and paste ALL the following text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: CFScript to your desktop.

File::
C:\WINDOWS\system32\lmfgsyhy.ini
C:\WINDOWS\system32\vyolyrjn.ini
C:\WINDOWS\system32\iuttrygy.ini
C:\WINDOWS\system32\tvyooqoe.ini
C:\WINDOWS\system32\xmlyhkjx.ini
C:\WINDOWS\system32\lwnlqxkd.ini
C:\WINDOWS\system32\cbxtnsoj.ini
C:\WINDOWS\system32\xcbrqbkr.ini
C:\WINDOWS\system32\uxepnthl.ini
C:\WINDOWS\system32\kwxwhjcv.ini
C:\WINDOWS\system32\yarkcese.ini
C:\WINDOWS\system32\rowmhvui.ini
C:\WINDOWS\system32\gograryy.ini
C:\WINDOWS\system32\ixrkpfne.tmp
C:\WINDOWS\system32\ixrkpfne.ini
C:\WINDOWS\system32\lbcswpyp.ini
C:\WINDOWS\system32\xakmvfrh.ini
C:\WINDOWS\system32\platffpc.ini
C:\WINDOWS\system32\mcthjmhg.ini
C:\WINDOWS\system32\jgqqnpdf.ini
C:\WINDOWS\system32\itcaxvfa.ini
C:\WINDOWS\system32\fwqwdroj.ini
C:\WINDOWS\system32\rtuvjlpy.ini
C:\WINDOWS\system32\xdreeimx.ini

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{04F23C9C-1A98-46C7-8DF5-EDB0E8DB8981}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5F228629-59DC-45F9-AFA4-00D9A3CA4139}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FA6E43E6-F825-4317-BBCC-EC8462D1F3A5}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccywxx]
Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.

Now drag then drop the CFScript file onto ComboFix.exe as seen in the image below.

Posted Image

This will start ComboFix again.
After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply along with a new HijackThis log.

Edited by Buckeye_Sam, 28 March 2008 - 06:21 AM.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#5 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:12:30 PM

Posted 20 April 2008 - 09:16 AM

Unfortunately there has been no response. :thumbsup:
This thread will now be closed.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users