Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anti-virus Pop Up


  • This topic is locked This topic is locked
15 replies to this topic

#1 i8dacat

i8dacat

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 03 June 2008 - 10:16 PM

Once the computer starts up, a pop up message states I have a virus on the computer. If i open up internet explorer the home page is a anti-virus advertisement. I've tried spy bot but cannot remove what is causing this. Also, whenever I tried running DDS i got an error, the only way i could run it was through safety mode. Thanks

Deckard's System Scanner v20071014.68
Run by David Garcia on 2008-06-03 20:01:42
Computer is in Safe Mode with Networking.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------



-- Last 5 Restore Point(s) --
20: 2008-06-04 02:30:01 UTC - RP130 - Deckard's System Scanner Restore Point
19: 2008-06-02 23:54:28 UTC - RP129 - Software Distribution Service 3.0
18: 2008-05-30 22:38:54 UTC - RP128 - System Checkpoint
17: 2008-05-27 01:53:15 UTC - RP127 - System Checkpoint
16: 2008-05-16 18:07:16 UTC - RP126 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-03-05 00:34:12 UTC - RP111 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as David Garcia.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:05:53 PM, on 6/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\David Garcia\Desktop\dss.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\David Garcia.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\5U870CAPm.exe
O4 - HKLM\..\RunServices: [IEUpdate] C:\WINDOWS\system32\5U870CAPm.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Windows Installer] C:\Documents and Settings\David Garcia\Application Data\Microsoft\dtsc\24044.exe
O4 - HKCU\..\Run: [IEUpdate] C:\WINDOWS\system32\5U870CAPm.exe
O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\5U870CAPm.exe
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 12877 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S3 UIUSys (Conexant Setup API) - c:\windows\system32\drivers\uiusys.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-05-03 and 2008-06-03 -----------------------------

2008-06-03 20:04:57 0 d-------- C:\Program Files\Trend Micro
2008-06-02 18:19:35 0 d-------- C:\Documents and Settings\Default User\Application Data\Apple Computer
2008-06-02 17:27:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-02 17:23:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-02 17:21:42 0 d--hs---- C:\WINDOWS\CSC
2008-06-02 17:06:48 0 d-------- C:\Documents and Settings\David Garcia\Application Data\Lavasoft
2008-06-02 17:06:29 0 d-------- C:\Program Files\Lavasoft
2008-06-02 16:52:26 0 d-------- C:\Documents and Settings\David Garcia\Application Data\uTorrent
2008-05-31 23:17:55 0 d--hs---- C:\Documents and Settings\LocalService\Temporary Internet Files
2008-05-31 23:17:55 0 d--hs---- C:\Documents and Settings\LocalService\History
2008-05-31 23:17:54 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-05-31 23:13:13 96768 -r-hs---- C:\WINDOWS\system32\5U870CAPm.exe
2008-05-31 23:13:05 32279 --a------ C:\WINDOWS\system32\clbdll.dll
2008-05-31 23:12:50 41984 --a------ C:\WINDOWS\mrofinu72.exe
2008-05-31 23:12:42 0 d-------- C:\Program Files\uTorrent
2008-05-30 12:20:00 229515 --a------ C:\WINDOWS\system32\000070.exe
2008-05-17 12:56:16 69632 --a------ C:\WINDOWS\system32\000080.exe


-- Find3M Report ---------------------------------------------------------------

2008-06-03 19:59:26 0 d-------- C:\Program Files\Symantec AntiVirus
2008-05-31 23:12:36 0 d-------- C:\Program Files\Common Files
2008-05-17 12:56:16 69632 --a------ C:\WINDOWS\system32\userinit.exe
2008-05-01 17:50:52 664 --a------ C:\WINDOWS\system32\d3d9caps.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 09:56 PM]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [05/03/2006 10:58 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [11/10/2005 09:03 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [03/22/2006 01:17 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [03/22/2006 01:13 PM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [03/22/2006 01:17 PM]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [06/02/2006 08:02 AM C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [06/16/2006 10:22 PM]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [07/19/2006 03:14 PM]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [05/08/2007 04:24 PM]
"@"="" []
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [08/11/2005 04:30 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [08/11/2005 04:30 PM]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [06/19/2006 11:33 AM]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [06/19/2006 10:50 AM]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [10/11/2005 10:23 AM]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [02/09/2006 09:52 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/25/2006 07:58 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [10/30/2006 10:36 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [10/04/2005 12:42 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [11/15/2005 01:28 PM]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [10/22/2006 11:24 PM]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [03/20/2007 04:40 PM]
"IEUpdate"="C:\WINDOWS\system32\5U870CAPm.exe" [05/31/2008 11:13 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [02/28/2007 11:06 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [04/09/2008 04:19 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [03/15/2006 09:00 PM]
"Microsoft Windows Installer"="C:\Documents and Settings\David Garcia\Application Data\Microsoft\dtsc\24044.exe" [05/31/2008 11:12 PM]
"IEUpdate"="C:\WINDOWS\system32\5U870CAPm.exe" [05/31/2008 11:13 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices]
"IEUpdate"=C:\WINDOWS\system32\5U870CAPm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"IEUpdate"=C:\WINDOWS\system32\5U870CAPm.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [6/13/2007 6:52:13 PM]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [10/23/2006 12:01:50 AM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [12/15/2005 12:40:44 PM]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [9/24/2005 9:39:30 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"IEUpdate"= C:\WINDOWS\system32\5U870CAPm.exe


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bd214b2-1a15-11dc-b84d-0018de1c8cff}]
AutoRun\command- F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{65412d33-ca47-11dc-978b-0018de1c8cff}]
AutoRun\command- F:\LaunchU3.exe -a

*Newly Created Service* - AEC
*Newly Created Service* - DMUSIC
*Newly Created Service* - KMIXER
*Newly Created Service* - MDMXSDK
*Newly Created Service* - NIC1394
*Newly Created Service* - SPLITTER
*Newly Created Service* - SWMIDI
*Newly Created Service* - SYSAUDIO
*Newly Created Service* - USBSTOR
*Newly Created Service* - WDMAUD



-- End of Deckard's System Scanner: finished at 2008-06-03 20:06:17 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Genuine Intel® CPU T2250 @ 1.73GHz
CPU 1: Genuine Intel® CPU T2250 @ 1.73GHz
Percentage of Memory in Use: 23%
Physical Memory (total/avail): 1013.98 MiB / 776.89 MiB
Pagefile Memory (total/avail): 2441.34 MiB / 2344.3 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1911.35 MiB

C: is Fixed (NTFS) - 99.09 GiB total, 54.56 GiB free.
D: is Fixed (FAT32) - 11.67 GiB total, 1.37 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - FUJITSU MHV2120BH PL - 111.79 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 99.09 GiB - C:
\PARTITION1 - Unknown - 11.69 GiB - D:
\PARTITION2 - Unknown - 1027.6 MiB



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

FW: Norton Internet Worm Protection v2006 (Symantec) Disabled
AV: Symantec AntiVirus Corporate Edition v10.0.2.2000 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"="C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\David Garcia\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DAVID
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\David Garcia
LOGONSERVER=\\DAVID
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PCTYPE=PAVILION
PLATFORM=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
SAFEBOOT_OPTION=NETWORK
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\DAVIDG~1\LOCALS~1\Temp
USERDOMAIN=DAVID
USERNAME=David Garcia
USERPROFILE=C:\Documents and Settings\David Garcia
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

David Garcia (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Bistro Stars\Uninstall.exe"
--> "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 2 Remix\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
--> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
--> "C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
--> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Diner Dash 2\Uninstall.exe"
--> "C:\Program Files\HP Games\Dora's Carnival Adventure\Uninstall.exe"
--> "C:\Program Files\HP Games\Family Feud\Uninstall.exe"
--> "C:\Program Files\HP Games\FATE\Uninstall.exe"
--> "C:\Program Files\HP Games\Garden Dreams\Uninstall.exe"
--> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"
--> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\LEGO Builder Bots\Uninstall.exe"
--> "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
--> "C:\Program Files\HP Games\Penguins!\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
--> "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
--> "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Snowy Space Trip\Uninstall.exe"
--> "C:\Program Files\HP Games\SpongeBob SquarePants Krabby Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
--> "C:\Program Files\HP Games\Tinos Fruit Stand\Uninstall.exe"
--> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
--> "C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
--> "C:\Program Files\WildTangent\Apps\My HP Game Console\Uninstall.exe"
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939F8208-C8CE-4AFF-B7BA-ACEB2E74A6CB}\Setup.exe"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Add or Remove Adobe Creative Suite 3 Design Premium --> C:\Program Files\Common Files\Adobe\Installers\c14ac4070fd9614ffe63f4bb533db2c\Setup.exe
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3 --> MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Creative Suite 3 Design Premium --> MsiExec.exe /I{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3 --> MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3 --> MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3 --> MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 9 Plugin --> MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Video Encoder --> MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3 --> MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 --> MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe InDesign CS3 Icon Handler --> MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files --> MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 7.0.5 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
Adobe Setup --> MsiExec.exe /I{09E2111C-16B1-4DDF-BF0D-F994C9A12350}
Adobe SING CS3 --> MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server --> MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WAS CS3 --> MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Age of Empires III --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
AHV content for Acrobat and Flash --> MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
American Conquest --> C:\Program Files\American Conquest\uninstall.exe
Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\HXFSETUP.EXE -U -IAt8VEN5a.inf
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
ESPNMotion --> C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
GemMaster Mystic --> "C:\Program Files\GemMaster\uninstallgemmaster.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Help and Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Imaging Device Functions 6.1 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Pavilion Webcam Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC397D90-720E-426D-B381-0A10C6FD5A49}\setup.exe" -l0x9 -removeonly
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart Premier Software 6.0 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 6.1.A --> "C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat
HP Quick Launch Buttons 6.10 A2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x9 -removeonly uninst
HP QuickPlay 2.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
HP Rhapsody --> C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Solution Center and Imaging Support Tools 6.1 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0035 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE247E71-C143-40BB-ADF2-A465DF062BAB}\Setup.exe" -l0x9 -removeonly
HP Wireless Assistant 2.00 G2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
Intel® Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel® PRO Network Connections Drivers --> Prounstl.exe
iPod for Windows 2006-03-23 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1033
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Macromedia Shockwave Player --> MsiExec.exe /X{838A1BC9-95CA-4880-9BE3-2A7D23600A2B}
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
muvee autoProducer 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB09F05F-85C6-4205-B28D-5BF071D276C3}\setup.exe" -l0x9
My HP Games --> "C:\Program Files\HP Games\Uninstall.exe"
Netscape Browser (remove only) --> "C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Office 2003 Trial Assistant --> MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe"
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
Rhapsody Player Engine --> MsiExec.exe /I{8A62A068-3FD6-495A-9F66-26FE94F32EC9}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m\HXFSETUP.EXE -U -IAt8VEN5m.inf
Sonic Audio Module --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SonicAC3Encoder --> MsiExec.exe /I{52FBAE98-D389-4281-8C14-21B4046CCB4E}
SonicMPEGEncoder --> MsiExec.exe /I{B16AF568-A644-483C-A6DA-5028CD019C8C}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Symantec AntiVirus --> MsiExec.exe /I{46B63F23-2B4A-4525-A827-688026BE5E40}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TourSetup --> MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708}
Update Rollup 2 for Windows XP Media Center Edition 2005 -->
Vongo --> MsiExec.exe /I{DB7E00C9-6DEF-489A-8112-D8F81614F45A}
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067 --> "C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB915381 --> "C:\WINDOWS\$NtUninstallKB915381$\spuninst\spuninst.exe"
Wireless Home Network Setup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09D8492A-C8E2-421E-927D-46800FB327A3}\setup.exe" -l0x9 -removeonly
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type15091 / Error
Event Submitted/Written: 06/03/2008 07:58:24 PM
Event ID/Source: 1 / swg
Event Description:
There was an error in s. File s, ID x

Event Record #/Type15090 / Error
Event Submitted/Written: 06/03/2008 07:58:18 PM
Event ID/Source: 1 / swg
Event Description:
There was an error in s. File s, ID x

Event Record #/Type15074 / Error
Event Submitted/Written: 06/03/2008 07:55:28 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application dss.exe, version 3.2.8.1, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x0000ec8d.
Processing media-specific event for [dss.exe!ws!]

Event Record #/Type15073 / Error
Event Submitted/Written: 06/03/2008 07:42:39 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application spybotsd.exe, version 1.5.2.20, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b.
Processing media-specific event for [spybotsd.exe!ws!]

Event Record #/Type15072 / Error
Event Submitted/Written: 06/03/2008 07:42:14 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application dss.exe, version 3.2.8.1, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x0000ec8d.
Processing media-specific event for [dss.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type30791 / Error
Event Submitted/Written: 06/03/2008 08:04:27 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Event Record #/Type30790 / Error
Event Submitted/Written: 06/03/2008 08:04:27 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Event Record #/Type30786 / Error
Event Submitted/Written: 06/03/2008 08:01:48 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
eeCtrl
Fips
intelppm
SAVRT
SAVRTPEL
SYMTDI

Event Record #/Type30785 / Error
Event Submitted/Written: 06/03/2008 08:01:48 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error:
%%1068

Event Record #/Type30784 / Error
Event Submitted/Written: 06/03/2008 08:01:48 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Message Queuing service depends on the Distributed Transaction Coordinator service which failed to start because of the following error:
%%1068



-- End of Deckard's System Scanner: finished at 2008-06-03 20:06:17 ------------

BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 07 June 2008 - 04:14 AM

Hello, my name is fenzodahl512 and welcome to Bleeping Computer.. Please do the following..


Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**
  • If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to "Always ask me where to Save the files".
  • During the download, rename Combofix to Combo-Fix as follows:

    Posted Image

    Posted Image

  • It is important you rename Combofix during the download, but not after.
  • Please do not rename Combofix to other names, but only to the one indicated.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combo-Fix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" along with a new HijackThis log for further review.
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 08 June 2008 - 02:01 PM

thanks fenzodahl512 for the reply. Here is the combofix log and a new hijackthis log

ComboFix 08-06-07.3 - David Garcia 2008-06-08 11:42:37.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.487 [GMT -7:00]
Running from: C:\Documents and Settings\David Garcia\Desktop\Combo-Fix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-05-08 to 2008-06-08 )))))))))))))))))))))))))))))))
.

2008-06-03 20:04 . 2008-06-03 20:04 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-03 19:29 . 2008-06-03 19:29 <DIR> d-------- C:\Deckard
2008-06-02 17:23 . 2008-06-02 17:23 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-02 17:23 . 2008-06-02 17:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-02 17:06 . 2008-06-02 17:06 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-02 17:06 . 2008-06-02 17:06 <DIR> d-------- C:\Documents and Settings\David Garcia\Application Data\Lavasoft
2008-06-02 16:52 . 2008-06-08 10:56 <DIR> d-------- C:\Documents and Settings\David Garcia\Application Data\uTorrent
2008-05-31 23:17 . 2008-05-31 23:17 <DIR> d--hs---- C:\Documents and Settings\LocalService\Temporary Internet Files
2008-05-31 23:17 . 2008-05-31 23:17 <DIR> d--hs---- C:\Documents and Settings\LocalService\History
2008-05-31 23:13 . 2008-05-31 23:13 96,768 -r-hs---- C:\WINDOWS\system32\5U870CAPm.exe
2008-05-31 23:13 . 2006-03-15 21:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-05-31 23:12 . 2008-06-03 19:15 <DIR> d-------- C:\Program Files\uTorrent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-08 18:42 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-05-17 19:56 69,632 ----a-w C:\WINDOWS\system32\userinit.exe
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-27 08:12 151,583 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2007-11-27 03:56 168 ----a-w C:\Documents and Settings\David Garcia\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((( snapshot@2008-06-08_11.13.36.46 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-08 18:01:11 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-08 18:33:10 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 23:06 2321600]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 16:19 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-15 21:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:56 64512]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 22:58 458752]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 21:03 36975]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-22 13:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 13:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-22 13:17 118784]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 08:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-16 22:22 794713]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-07-19 15:14 102400]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 16:30 249856]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 11:33 163840]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 10:50 40960]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 10:23 1187840]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [2006-02-09 09:52 643072]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-10-04 12:42 48752]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2005-11-15 13:28 85744]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24 620152]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40 1884160]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2007-06-13 18:52:13 295606]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 12:40:44 282624]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 09:39:30 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\mqsvc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

R3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;C:\WINDOWS\system32\Drivers\5U870CAP.sys [2006-06-06 13:39]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bd214b2-1a15-11dc-b84d-0018de1c8cff}]
\Shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{65412d33-ca47-11dc-978b-0018de1c8cff}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-08 11:45:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????Y??????`?@?????L?@

scanning hidden files ...


**************************************************************************
.
Completion time: 2008-06-08 11:50:16
ComboFix-quarantined-files.txt 2008-06-08 18:49:14
ComboFix2.txt 2008-06-08 18:14:40

Pre-Run: 57,477,836,800 bytes free
Post-Run: 57,463,201,792 bytes free

138 --- E O F --- 2008-06-02 23:55:02

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:23 AM, on 6/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 13732 bytes

#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 08 June 2008 - 04:12 PM

Hello, thanks for the reply.. Please do the following..

Please show hidden files and folders. Please visit HERE if you don't know how.

Jotti File Submission:
  • Please go to Jotti's malware scan
  • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:
    • C:\WINDOWS\system32\5U870CAPm.exe
  • Click on the submit button
  • Please post the results in your next reply.
If Jotti server is too busy, please submit the file to VirusTotal instead.



NEXT


Please re-open HijackThis and click on Do a system scan only. Check the boxes next to all the entries listed below.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht

Now close all windows other than HijackThis, then click Fix checked. Close HijackThis.



NEXT


Using Windows Explorer, please delete the following file (if present): (To get into Windows Explorer, right click the START button and select "explore.")

C:\WINDOWS\system32\spywarewarning.mht



NEXT


Please download Malwarebytes' Anti-Malware from HERE or HERE

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.




NEXT


Please download GMER and unzip it to your Desktop.
  • Open the program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results (if any) into this thread.
Please post the following logs in your next reply.. Please post each log in separate post..

1. Jotti result
2. MalwareBytes' Anti-Malware
3. GMER
4. A fresh Deckard System Scanner log (after GMER step)


Regards
fenzodahl512

Edited by fenzodahl512, 08 June 2008 - 04:15 PM.

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#5 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 09 June 2008 - 08:43 PM

thanks, here is the virus total file


Antivirus Version Last Update Result
AhnLab-V3 2008.5.30.1 2008.06.04 -
AntiVir 7.8.0.26 2008.06.04 TR/Crypt.XPACK.Gen
Authentium 5.1.0.4 2008.06.04 -
Avast 4.8.1195.0 2008.06.04 -
AVG 7.5.0.516 2008.06.04 Pakes.AAY
BitDefender 7.2 2008.06.04 -
CAT-QuickHeal 9.50 2008.06.03 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.06.04 -
DrWeb 4.44.0.09170 2008.06.04 -
eSafe 7.0.15.0 2008.06.03 Suspicious File
eTrust-Vet 31.4.5845 2008.06.03 -
Ewido 4.0 2008.06.03 -
F-Prot 4.4.4.56 2008.06.04 -
F-Secure 6.70.13260.0 2008.06.04 Trojan.Win32.Pakes.dau
Fortinet 3.14.0.0 2008.06.04 -
GData 2.0.7306.1023 2008.06.04 Trojan.Win32.Pakes.dau
Ikarus T3.1.1.26.0 2008.06.04 Trojan.Crypt.XPACK
Kaspersky 7.0.0.125 2008.06.04 Trojan.Win32.Pakes.dau
McAfee 5309 2008.06.03 -
Microsoft 1.3604 2008.06.04 Trojan:Win32/Tibs.gen!H
NOD32v2 3156 2008.06.03 probably a variant of Win32/Statik
Norman 5.80.02 2008.06.03 -
Panda 9.0.0.4 2008.06.04 Adware/SpywareScanner2008
Prevx1 V2 2008.06.04 Cloaked Malware
Rising 20.47.20.00 2008.06.04 -
Sophos 4.29.0 2008.06.04 Mal/Generic-A
Sunbelt 3.0.1144.1 2008.06.04 -
Symantec 10 2008.06.04 -
TheHacker 6.2.92.333 2008.06.03 -
VBA32 3.12.6.7 2008.06.03 -
VirusBuster 4.3.26:9 2008.06.03 -
Webwasher-Gateway 6.6.2 2008.06.04 Trojan.Crypt.XPACK.Gen
Additional information
File size: 96768 bytes
MD5...: 2350aff565533d5d712e5fe03751ff0e
SHA1..: 093892ed608775a3ebb02cf31edb25e1321f3e6e
SHA256: 882bc9401d410e968c94af254e5ca389b93a6bbbefdedc8e705c86c9c6a85fb8
SHA512: b6150bfd583a087290e4d3ff9959b28aa7f78ee483ea1bd6ec5bbb010ce5a7c4
8ff21ec5cb0016aaf55f906caa15f1f53821f24a7b5de9ff1c7152da9c63b1ad
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401124
timedatestamp.....: 0x483f0003 (Thu May 29 19:12:03 2008)
machinetype.......: 0x14c (I386)

( 2 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x17000 0x16400 7.99 9a68fd898805200a190080765da277fc
.rsrc 0x18000 0xb000 0x1200 4.85 00c2477ad822a56175624e271647c818

( 1 imports )
> KERNEL32.DLL: VirtualAlloc, ExitProcess, FindFirstFileA, GetCurrentDirectoryA, ReadFile, CloseHandle

( 0 exports )

Prevx info: http://info.prevx.com/aboutprogramtext.asp...11C0700EBFFA025

#6 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 09 June 2008 - 08:44 PM

here is
malwareBytes log

Malwarebytes' Anti-Malware 1.15
Database version: 844

6:18:19 PM 6/9/2008
mbam-log-6-9-2008 (18-18-19).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 212076
Time elapsed: 1 hour(s), 5 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{f9fa603d-697c-4900-a950-e54f08324a24} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\nmwegbsf.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (C:\WINDOWS\system32\spywarewarning.mht) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Deckard\System Scanner\20080603193341\backup\DOCUME~1\DAVIDG~1\LOCALS~1\Temp\syswcc32.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP128\A0021390.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP128\A0021391.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP128\A0021392.exe (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP128\A0021397.dll (Adware.WebHancer) -> Quarantined and deleted successfully.

#7 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 09 June 2008 - 09:03 PM

DSS log

Deckard's System Scanner v20071014.68
Run by David Garcia on 2008-06-09 19:01:46
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as David Garcia.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:01:48 PM, on 6/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Documents and Settings\David Garcia\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\DAVIDG~1.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 13764 bytes

-- Files created between 2008-05-09 and 2008-06-09 -----------------------------

2008-06-09 14:59:53 0 d-------- C:\Documents and Settings\David Garcia\Application Data\Malwarebytes
2008-06-09 14:59:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-09 14:59:51 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-08 11:42:27 0 d-------- C:\Combo-Fix
2008-06-08 11:06:09 68096 --a------ C:\WINDOWS\zip.exe
2008-06-08 11:06:09 49152 --a------ C:\WINDOWS\VFind.exe
2008-06-08 11:06:09 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-08 11:06:09 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-08 11:06:09 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-08 11:06:09 98816 --a------ C:\WINDOWS\sed.exe
2008-06-08 11:06:09 80412 --a------ C:\WINDOWS\grep.exe
2008-06-08 11:06:09 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-03 20:04:57 0 d-------- C:\Program Files\Trend Micro
2008-06-02 18:19:35 0 d-------- C:\Documents and Settings\Default User\Application Data\Apple Computer
2008-06-02 17:27:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-02 17:23:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-02 17:21:42 0 d--hs---- C:\WINDOWS\CSC
2008-06-02 17:06:48 0 d-------- C:\Documents and Settings\David Garcia\Application Data\Lavasoft
2008-06-02 17:06:29 0 d-------- C:\Program Files\Lavasoft
2008-06-02 16:52:26 0 d-------- C:\Documents and Settings\David Garcia\Application Data\uTorrent
2008-05-31 23:17:55 0 d--hs---- C:\Documents and Settings\LocalService\Temporary Internet Files
2008-05-31 23:17:55 0 d--hs---- C:\Documents and Settings\LocalService\History
2008-05-31 23:17:54 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-05-31 23:13:13 96768 -r-hs---- C:\WINDOWS\system32\5U870CAPm.exe
2008-05-31 23:12:42 0 d-------- C:\Program Files\uTorrent


-- Find3M Report ---------------------------------------------------------------

2008-06-09 18:22:17 0 d-------- C:\Program Files\Symantec AntiVirus
2008-05-31 23:12:36 0 d-------- C:\Program Files\Common Files
2008-05-17 12:56:16 69632 --a------ C:\WINDOWS\system32\userinit.exe
2008-05-01 17:50:52 664 --a------ C:\WINDOWS\system32\d3d9caps.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 09:56 PM]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [05/03/2006 10:58 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [11/10/2005 09:03 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [03/22/2006 01:17 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [03/22/2006 01:13 PM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [03/22/2006 01:17 PM]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [06/02/2006 08:02 AM C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [06/16/2006 10:22 PM]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [07/19/2006 03:14 PM]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [05/08/2007 04:24 PM]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [08/11/2005 04:30 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [08/11/2005 04:30 PM]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [06/19/2006 11:33 AM]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [06/19/2006 10:50 AM]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [10/11/2005 10:23 AM]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [02/09/2006 09:52 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/25/2006 07:58 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [10/30/2006 10:36 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [10/04/2005 12:42 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [11/15/2005 01:28 PM]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [10/22/2006 11:24 PM]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [03/20/2007 04:40 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [02/28/2007 11:06 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [04/09/2008 04:19 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [03/15/2006 09:00 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [6/13/2007 6:52:13 PM]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [10/23/2006 12:01:50 AM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [12/15/2005 12:40:44 PM]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [9/24/2005 9:39:30 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bd214b2-1a15-11dc-b84d-0018de1c8cff}]
AutoRun\command- F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{65412d33-ca47-11dc-978b-0018de1c8cff}]
AutoRun\command- F:\LaunchU3.exe -a

*Newly Created Service* - GMER



-- End of Deckard's System Scanner: finished at 2008-06-09 19:02:11 ------------

#8 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 11 June 2008 - 04:04 AM

Hello, thanks for the reply.. Please do the following...

1. Please open Notepad
  • Click Start, then Run
  • Type notepad.exe in the Run Box.
2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
C:\WINDOWS\system32\5U870CAPm.exe

3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


5. After reboot, (in case it asks to reboot), please post Combofix log into your next reply




NEXT


Please do an online scan with Kaspersky WebScanner

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.


Please post the following logs in your next reply.. Please post each log in separate post..

1. ComboFix
2. Kaspersky Webscanner
3. A fresh HijackThis log (after Kaspersky step)


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#9 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 11 June 2008 - 03:53 PM

thanks again, here is the first half of combofix log.
ComboFix 08-06-07.3 - David Garcia 2008-06-11 10:05:26.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.455 [GMT -7:00]
Running from: C:\Documents and Settings\David Garcia\Desktop\Combo-Fix.exe
Command switches used :: C:\Documents and Settings\David Garcia\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-05-11 to 2008-06-11 )))))))))))))))))))))))))))))))
.

2008-06-11 10:01 . 2008-06-11 10:01 <DIR> d-------- C:\WINDOWS\LastGood
2008-06-09 21:05 . 2008-06-09 21:05 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-06-09 21:05 . 2008-06-09 21:05 <DIR> d-------- C:\WINDOWS\system32\en
2008-06-09 21:05 . 2008-06-09 21:05 <DIR> d-------- C:\WINDOWS\system32\bits
2008-06-09 21:05 . 2008-06-09 21:05 <DIR> d-------- C:\WINDOWS\l2schemas
2008-06-09 21:02 . 2008-06-09 21:02 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-06-09 20:50 . 2008-04-13 17:12 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2008-06-09 20:49 . 2008-04-13 17:11 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2008-06-09 20:48 . 2008-04-13 17:11 136,192 --------- C:\WINDOWS\system32\aaclient.dll
2008-06-09 20:48 . 2008-04-13 17:11 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2008-06-09 20:48 . 2008-04-13 17:11 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2008-06-09 20:48 . 2008-04-13 17:11 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2008-06-09 20:48 . 2008-04-13 17:11 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2008-06-09 20:48 . 2008-04-13 17:11 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2008-06-09 20:48 . 2008-04-13 17:11 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2008-06-09 20:48 . 2008-04-13 17:11 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2008-06-09 19:51 . 2008-06-09 19:52 <DIR> d-------- C:\Program Files\iTunes
2008-06-09 19:48 . 2008-06-09 19:48 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-06-09 19:48 . 2008-06-09 19:48 <DIR> d-------- C:\Program Files\Apple Software Update
2008-06-09 19:48 . 2008-06-09 19:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-09 18:32 . 2008-06-09 18:32 250 --a------ C:\WINDOWS\gmer.ini
2008-06-09 14:59 . 2008-06-09 14:59 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-09 14:59 . 2008-06-09 14:59 <DIR> d-------- C:\Documents and Settings\David Garcia\Application Data\Malwarebytes
2008-06-09 14:59 . 2008-06-09 14:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-09 14:59 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-09 14:59 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-03 20:04 . 2008-06-03 20:04 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-03 19:29 . 2008-06-03 19:29 <DIR> d-------- C:\Deckard
2008-06-02 17:23 . 2008-06-02 17:23 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-02 17:23 . 2008-06-02 17:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-02 17:06 . 2008-06-02 17:06 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-02 17:06 . 2008-06-02 17:06 <DIR> d-------- C:\Documents and Settings\David Garcia\Application Data\Lavasoft
2008-06-02 16:52 . 2008-06-08 10:56 <DIR> d-------- C:\Documents and Settings\David Garcia\Application Data\uTorrent
2008-05-31 23:17 . 2008-05-31 23:17 <DIR> d--hs---- C:\Documents and Settings\LocalService\Temporary Internet Files
2008-05-31 23:17 . 2008-05-31 23:17 <DIR> d--hs---- C:\Documents and Settings\LocalService\History
2008-05-31 23:13 . 2008-05-31 23:13 96,768 -r-hs---- C:\WINDOWS\system32\5U870CAPm.exe
2008-05-31 23:13 . 2006-03-15 21:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-05-31 23:12 . 2008-06-03 19:15 <DIR> d-------- C:\Program Files\uTorrent
2008-05-27 10:50 . 2008-05-27 10:50 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-05-27 10:50 . 2008-05-27 10:50 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-11 16:59 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-06-10 02:51 --------- d-----w C:\Program Files\iPod
2008-06-10 02:51 --------- d-----w C:\Program Files\Bonjour
2008-06-10 02:50 --------- d-----w C:\Program Files\QuickTime
2008-04-14 12:42 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 12:42 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 12:41 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-14 00:25 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 00:16 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 00:13 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 00:13 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 00:13 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 00:13 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 00:13 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 00:13 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 00:13 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 00:11 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 00:10 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 00:10 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 00:10 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-13 19:30 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:24 2,145,280 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:18 52,480 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-13 18:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-13 18:47 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-13 18:45 60,160 ----a-w C:\WINDOWS\system32\drivers\drmk.sys
2008-04-13 18:44 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys
2008-04-13 18:44 799,744 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-13 18:44 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:44 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-13 18:43 14,208 ------w C:\WINDOWS\system32\drivers\wacompen.sys
2008-04-13 18:43 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe
2008-04-13 18:43 12,672 ------w C:\WINDOWS\system32\drivers\mutohpen.sys
2008-04-13 18:41 8,576 ----a-w C:\WINDOWS\system32\drivers\i2omgmt.sys
2008-04-13 18:41 52,352 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-13 18:41 18,560 ----a-w C:\WINDOWS\system32\drivers\i2omp.sys
2008-04-13 18:39 92,544 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
2008-04-13 18:39 7,552 ----a-w C:\WINDOWS\system32\drivers\mskssrv.sys
2008-04-13 18:39 5,504 ----a-w C:\WINDOWS\system32\drivers\mstee.sys
2008-04-13 18:39 5,376 ----a-w C:\WINDOWS\system32\drivers\mspclock.sys
2008-04-13 18:39 42,368 ----a-w C:\WINDOWS\system32\drivers\mountmgr.sys
2008-04-13 18:39 4,992 ----a-w C:\WINDOWS\system32\drivers\mspqm.sys
2008-04-13 18:39 4,352 ----a-w C:\WINDOWS\system32\drivers\swenum.sys
2008-04-13 18:39 384,768 ----a-w C:\WINDOWS\system32\drivers\update.sys
2008-04-13 18:39 24,576 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-13 18:39 23,040 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-13 18:39 14,592 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
.

((((((((((((((((((((((((((((( snapshot@2008-06-08_11.13.36.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 00:11:48 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
- 2006-03-16 04:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
+ 2008-04-14 00:11:48 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
- 2006-03-16 04:00:00 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll
+ 2008-04-14 00:11:48 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
- 2006-03-16 04:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
+ 2008-04-14 00:11:48 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
- 2006-03-16 04:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
+ 2008-04-14 00:11:48 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
- 2006-03-16 04:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
+ 2008-04-14 00:11:48 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
- 2006-06-29 18:09:14 8,704 ----a-w C:\WINDOWS\assembly\GAC\Accessibility\1.0.3300.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-06-10 04:12:00 8,704 ----a-w C:\WINDOWS\assembly\GAC\Accessibility\1.0.3300.0__b03f5f7f11d50a3a\Accessibility.dll
- 2006-09-12 06:52:57 117,248 ----a-w C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
+ 2008-06-10 04:22:57 117,248 ----a-w C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
- 2006-06-29 18:09:14 12,288 ----a-w C:\WINDOWS\assembly\GAC\cscompmgd\7.0.3300.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-06-10 04:11:57 12,288 ----a-w C:\WINDOWS\assembly\GAC\cscompmgd\7.0.3300.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2006-06-29 18:09:14 34,816 ----a-w C:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-06-10 04:11:59 34,816 ----a-w C:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2006-09-12 06:52:57 102,400 ----a-w C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
+ 2008-06-10 04:22:37 102,400 ----a-w C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
- 2006-09-12 06:52:57 1,863,680 ----a-w C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
+ 2008-06-10 04:22:57 1,863,680 ----a-w C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
- 2006-09-12 06:52:57 192,512 ----a-w C:\WINDOWS\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll
+ 2008-06-10 04:22:57 192,512 ----a-w C:\WINDOWS\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll
- 2006-09-12 06:52:57 864,256 ----a-w C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
+ 2008-06-10 04:22:44 864,256 ----a-w C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
- 2006-09-12 06:52:57 126,976 ----a-w C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
+ 2008-06-10 04:22:38 126,976 ----a-w C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
- 2006-09-12 06:52:57 110,592 ----a-w C:\WINDOWS\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3856ad364e35\ehExtCOM.dll
+ 2008-06-10 04:22:59 110,592 ----a-w C:\WINDOWS\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3856ad364e35\ehExtCOM.dll
- 2006-09-12 06:52:57 8,192 ----a-w C:\WINDOWS\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll
+ 2008-06-10 04:22:36 8,192 ----a-w C:\WINDOWS\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll
- 2006-09-12 06:52:57 73,728 ----a-w C:\WINDOWS\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll
+ 2008-06-10 04:22:37 73,728 ----a-w C:\WINDOWS\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll
- 2006-09-12 06:52:57 167,936 ----a-w C:\WINDOWS\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll
+ 2008-06-10 04:22:43 167,936 ----a-w C:\WINDOWS\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll
- 2006-09-12 06:52:57 204,800 ----a-w C:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiPlay.dll
+ 2008-06-10 04:22:39 204,800 ----a-w C:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiPlay.dll
- 2006-09-12 06:52:57 389,120 ----a-w C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
+ 2008-06-10 04:22:40 389,120 ----a-w C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
- 2006-09-12 06:52:57 18,944 ----a-w C:\WINDOWS\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll
+ 2008-06-10 04:22:40 18,944 ----a-w C:\WINDOWS\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll
- 2006-09-12 06:52:57 278,528 ----a-w C:\WINDOWS\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll
+ 2008-06-10 04:22:42 278,528 ----a-w C:\WINDOWS\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll
- 2006-09-12 06:52:57 122,880 ----a-w C:\WINDOWS\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll
+ 2008-06-10 04:22:36 122,880 ----a-w C:\WINDOWS\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll
- 2006-09-12 06:52:57 53,248 ----a-w C:\WINDOWS\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll
+ 2008-06-10 04:22:57 53,248 ----a-w C:\WINDOWS\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll
- 2006-09-12 06:52:57 389,120 ----a-w C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
+ 2008-06-10 04:22:37 389,120 ----a-w C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
- 2006-06-29 18:09:14 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.3300.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-06-10 04:12:03 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.3300.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2006-06-29 18:09:14 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.3300.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-06-10 04:12:03 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.3300.0__b03f5f7f11d50a3a\IEHost.dll
- 2006-06-29 18:09:14 4,096 ----a-w C:\WINDOWS\assembly\GAC\IIEHost\1.0.3300.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-06-10 04:12:03 4,096 ----a-w C:\WINDOWS\assembly\GAC\IIEHost\1.0.3300.0__b03f5f7f11d50a3a\IIEHost.dll
- 2006-06-29 18:09:14 27,136 ----a-w C:\WINDOWS\assembly\GAC\ISymWrapper\1.0.3300.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-06-10 04:12:03 27,136 ----a-w C:\WINDOWS\assembly\GAC\ISymWrapper\1.0.3300.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2006-06-29 18:09:14 712,704 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-06-10 04:11:58 712,704 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2006-09-12 06:52:57 45,056 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
+ 2008-06-10 04:22:58 45,056 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
- 2006-06-29 18:09:14 28,672 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-06-10 04:11:57 28,672 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2006-06-29 18:09:14 286,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-06-10 04:11:58 286,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2006-06-29 18:09:14 5,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2008-06-10 04:11:59 5,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
- 2006-06-29 18:09:14 11,264 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-06-10 04:11:55 11,264 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2006-06-29 18:09:14 18,944 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-06-10 04:11:56 18,944 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2006-06-29 18:09:14 6,656 ----a-w C:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.3300.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-06-10 04:11:56 6,656 ----a-w C:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.3300.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2006-06-29 18:09:14 1,564,672 ----a-w C:\WINDOWS\assembly\GAC\mscorcfg\1.0.3300.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2008-06-10 04:12:04 1,564,672 ----a-w C:\WINDOWS\assembly\GAC\mscorcfg\1.0.3300.0__b03f5f7f11d50a3a\mscorcfg.dll
- 2006-06-29 18:09:14 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.3300.0__b03f5f7f11d50a3a\RegCode.dll
+ 2008-06-10 04:11:59 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.3300.0__b03f5f7f11d50a3a\RegCode.dll
- 2006-09-12 06:52:57 77,824 ----a-w C:\WINDOWS\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll
+ 2008-06-10 04:22:58 77,824 ----a-w C:\WINDOWS\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll
- 2006-06-29 18:09:14 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.3300.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-06-10 04:12:00 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.3300.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2006-06-29 18:09:14 1,179,648 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll
+ 2008-06-10 04:12:02 1,179,648 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll
- 2006-06-29 18:09:14 1,695,744 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.3300.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-06-10 04:12:02 1,695,744 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.3300.0__b03f5f7f11d50a3a\System.Design.dll
- 2006-06-29 18:09:14 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.3300.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-06-10 04:12:00 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.3300.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2006-06-29 18:09:14 65,536 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-06-10 04:12:00 65,536 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2006-06-29 18:09:14 462,848 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-06-10 04:12:02 462,848 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2006-06-29 18:09:14 212,992 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-06-10 04:11:59 212,992 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2006-06-29 18:09:14 48,640 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2008-06-10 04:11:59 48,640 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
- 2006-06-29 18:09:14 352,256 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.3300.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-06-10 04:12:04 352,256 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.3300.0__b03f5f7f11d50a3a\System.Management.dll
- 2006-06-29 18:09:14 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.3300.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-06-10 04:12:02 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.3300.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2006-06-29 18:09:14 311,296 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.3300.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-06-10 04:12:04 311,296 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.3300.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2006-06-29 18:09:14 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-06-10 04:12:04 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2006-06-29 18:09:14 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-06-10 04:11:59 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll
- 2006-06-29 18:09:14 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.3300.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-06-10 04:12:00 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.3300.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2006-06-29 18:09:14 61,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.3300.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-06-10 04:12:01 61,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.3300.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2006-06-29 18:09:14 507,904 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.3300.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-06-10 04:12:01 507,904 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.3300.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-07-25 03:43:13 1,200,128 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-06-10 04:12:01 1,200,128 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll
- 2006-06-29 18:09:14 2,002,944 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.3300.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-06-10 04:12:01 2,002,944 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.3300.0__b77a5c561934e089\System.Windows.Forms.dll
- 2006-06-29 18:09:14 1,302,528 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll
+ 2008-06-10 04:12:01 1,302,528 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll
- 2006-06-29 18:09:14 1,179,648 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll
+ 2008-06-10 04:12:02 1,179,648 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll
+ 2008-06-10 04:07:18 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.0.3705\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a_62ade9a2\CustomMarshalers.dll
+ 2008-06-10 04:07:21 3,301,376 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_8930c366\mscorlib.dll
+ 2008-06-10 04:07:38 1,454,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Design\1.0.3300.0__b03f5f7f11d50a3a_fcf25412\System.Design.dll
+ 2008-06-10 04:07:40 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a_04ce895c\System.Drawing.Design.dll
+ 2008-06-10 04:07:40 847,872 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a_1644a53d\System.Drawing.dll
+ 2008-06-10 04:07:46 2,953,216 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Windows.Forms\1.0.3300.0__b77a5c561934e089_43b3df6e\System.Windows.Forms.dll
+ 2008-06-10 04:07:50 2,027,520 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_7ed165e1\System.Xml.dll
+ 2008-06-10 04:07:26 1,855,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_49131df4\System.dll
+ 2008-06-10 04:21:33 258,048 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\BDATunePIA\6.0.3000.0__31bf3856ad364e35_cf7d2329\BDATunePIA.dll
+ 2008-06-10 04:20:41 159,744 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehCIR\6.0.3000.0__31bf3856ad364e35_5f21af11\ehCIR.dll
+ 2008-06-10 04:21:25 2,326,528 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\EhCM\6.0.3000.0__31bf3856ad364e35_864f9fc4\EhCM.dll
+ 2008-06-10 04:21:32 299,008 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehcommon\6.0.3000.0__31bf3856ad364e35_8e6fd54a\ehcommon.dll
+ 2008-06-10 04:21:12 1,302,528 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepg\6.0.3000.0__31bf3856ad364e35_c3d6fced\ehepg.dll
+ 2008-06-10 04:20:46 167,936 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepgdat\6.0.3000.0__31bf3856ad364e35_41f63817\ehepgdat.dll
+ 2008-06-10 04:22:04 167,936 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehExtCOM\6.0.3000.0__31bf3856ad364e35_86457702\ehExtCOM.dll
+ 2008-06-10 04:22:25 155,648 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehExtHost\6.0.3000.0__31bf3856ad364e35_b76b8e7d\ehExtHost.exe
+ 2008-06-10 04:20:21 10,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtCOM\6.0.3000.0__31bf3856ad364e35_9e9d06b5\ehiExtCOM.dll
+ 2008-06-10 04:20:22 102,400 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtens\6.0.3000.0__31bf3856ad364e35_d35d68fe\ehiExtens.dll
+ 2008-06-10 04:20:57 266,240 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiMsgr\6.0.3000.0__31bf3856ad364e35_945d648e\ehiMsgr.dll
+ 2008-06-10 04:20:47 380,928 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiPlay\6.0.3000.0__31bf3856ad364e35_7ee86cc9\ehiPlay.dll
+ 2008-06-10 04:20:51 565,248 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiProxy\6.0.3000.0__31bf3856ad364e35_cbc231d2\ehiProxy.dll
+ 2008-06-10 04:20:52 40,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiUserXp\6.0.3000.0__31bf3856ad364e35_abd39dda\ehiUserXp.dll
+ 2008-06-10 04:20:55 458,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiVidCtl\6.0.3000.0__31bf3856ad364e35_9a4b56b6\ehiVidCtl.dll
+ 2008-06-10 04:20:20 180,224 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiwmp\6.0.3000.0__31bf3856ad364e35_55acac58\ehiwmp.dll
+ 2008-06-10 04:21:36 69,632 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiWUapi\6.0.3000.0__31bf3856ad364e35_083b2a13\ehiWUapi.dll
+ 2008-06-10 04:20:37 684,032 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehRecObj\6.0.3000.0__31bf3856ad364e35_083f1682\ehRecObj.dll
+ 2008-06-10 04:22:42 6,332,416 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehshell\6.0.3000.0__31bf3856ad364e35_2b6abfbd\ehshell.exe
+ 2008-06-10 04:21:39 65,536 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35_c7e6d85b\Microsoft.MediaCenter.dll
+ 2008-06-10 04:22:25 20,480 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0_4b1b90a5\SonicMCEBurnEngine.dll
- 2008-06-08 18:01:11 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-11 16:56:45 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2007-06-13 10:23:07 1,033,216 ----a-w C:\WINDOWS\explorer.exe
+ 2008-04-14 00:12:19 1,033,728 ----a-w C:\WINDOWS\explorer.exe
+ 2008-06-10 01:32:02 884,736 ----a-w C:\WINDOWS\gmer.dll
+ 2008-04-18 04:13:02 811,008 ----a-r C:\WINDOWS\gmer.exe
- 2006-03-16 04:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2008-04-14 00:12:06 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2006-03-16 04:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2008-04-14 00:12:07 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2006-03-16 04:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2008-04-14 00:12:07 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-04-14 00:12:21 10,752 ----a-w C:\WINDOWS\hh.exe
- 2006-03-16 04:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2008-04-14 00:11:58 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2006-03-16 04:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
+ 2008-04-14 00:12:06 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
- 2006-03-16 04:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
- 2006-03-16 04:00:00 250,880 ----a-w C:\WINDOWS\ime\SPTIP.dll
+ 2008-04-14 00:12:06 250,368 ----a-w C:\WINDOWS\ime\sptip.dll
+ 2008-06-10 02:51:10 86,016 ----a-r C:\WINDOWS\Installer\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}\PrntWzrdIco.exe
+ 2008-06-10 02:52:14 102,400 ----a-r C:\WINDOWS\Installer\{9F70BF98-003C-491D-81FC-FF9792206AF0}\iTunesIco.exe
+ 2008-06-10 02:49:00 27,136 ----a-r C:\WINDOWS\Installer\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}\AppleSoftwareUpdateIco.exe
+ 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll
- 2002-06-22 08:31:20 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_filter.dll
+ 2008-04-13 16:09:58 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_filter.dll
- 2007-01-02 23:34:04 200,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll
+ 2008-04-13 16:09:59 200,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll
- 2004-08-04 13:11:06 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_regiis.exe
+ 2008-04-13 16:10:01 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_regiis.exe
- 2002-06-22 08:31:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe
+ 2008-04-13 16:10:01 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe
- 2007-01-02 23:34:04 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe
+ 2008-04-13 16:10:01 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe
- 2004-09-30 02:04:48 61,440 ------w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\gacutil.exe
+ 2008-04-13 16:10:32 61,440 ------w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\gacutil.exe
- 2007-01-02 23:28:28 2,273,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
+ 2007-12-17 11:58:53 2,273,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
- 2007-01-02 23:28:46 2,281,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
+ 2007-12-17 11:59:26 2,281,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
- 2007-01-15 23:11:26 73,728 ------w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\netfxupdate.exe
+ 2007-12-17 11:59:53 82,976 ------w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\netfxupdate.exe
- 2007-01-15 23:11:30 57,344 ------w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\SetRegNI.exe
+ 2007-12-17 11:59:54 66,592 ------w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\setregni.exe
- 2004-07-20 09:54:18 1,179,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.dll
+ 2007-12-17 11:59:56 1,179,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\system.dll
- 2007-01-15 23:11:30 57,344 ------w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ToGac.exe
+ 2007-12-17 12:00:05 66,592 ------w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\togac.exe
- 2006-03-16 04:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
+ 2008-04-14 00:11:48 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
- 2006-03-16 04:00:00 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
+ 2008-04-14 00:11:48 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
- 2006-10-12 13:54:18 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2008-04-14 00:11:48 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2007-03-09 13:58:57 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2008-04-14 00:11:48 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2006-03-16 04:00:00 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
+ 2008-04-14 00:11:48 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
- 2006-03-16 04:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
+ 2008-04-14 00:11:48 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
- 2006-03-16 04:00:00 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
+ 2008-04-14 00:11:48 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
- 2006-10-12 11:54:07 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2008-04-14 00:12:12 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2006-03-16 04:00:00 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
+ 2008-04-14 00:11:49 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
- 2006-03-15 20:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0401.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
- 2006-03-16 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
- 2006-03-16 04:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
- 2006-03-16 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
- 2006-03-15 20:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040d.dll
+ 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040d.dll
- 2006-03-16 04:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
- 2006-03-16 04:00:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
+ 2008-04-14 00:12:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
- 2006-03-16 04:00:00 90,624 ----a-w C:\WINDOWS\mui\muisetup.exe
+ 2008-04-14 00:12:29 90,624 ----a-w C:\WINDOWS\mui\muisetup.exe
- 2006-06-03 11:40:49 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2008-04-14 00:11:51 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
- 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
+ 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2006-03-16 04:00:00 69,120 ----a-w C:\WINDOWS\NOTEPAD.EXE
+ 2008-04-14 00:12:29 69,120 ----a-w C:\WINDOWS\notepad.exe
- 2006-03-16 04:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 00:12:21 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
- 2006-03-16 04:00:00 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 00:12:21 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 00:12:21 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe
- 2006-03-16 04:00:00 158,208 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 00:12:27 169,984 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2006-03-16 04:00:00 376,320 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 00:11:59 376,832 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
- 2006-03-16 04:00:00 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 00:12:02 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
- 2006-03-16 04:00:00 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 00:12:02 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
- 2006-09-12 07:42:03 92,447 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
+ 2008-06-10 04:11:54 92,447 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
- 2006-09-12 07:42:03 20,850 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-06-10 04:11:55 21,588 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
- 2006-03-16 04:00:00 150,528 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 00:12:38 150,528 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe
- 2006-03-16 04:00:00 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
+ 2008-04-14 00:12:06 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
- 2006-03-16 04:00:00 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
+ 2008-04-14 00:12:06 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
- 2006-03-16 04:00:00 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
+ 2008-04-14 00:12:06 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
- 2006-03-16 04:00:00 146,432 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-14 00:12:32 146,432 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys
+ 2008-04-14 00:11:48 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll
+ 2004-08-04 05:32:22 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-04 05:32:32 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 00:11:48 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 00:12:11 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 00:11:48 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 00:11:48 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 00:11:48 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 00:11:48 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll
+ 2008-04-13 18:36:35 187,776 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 00:11:48 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 00:11:48 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 00:12:12 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 00:11:48 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 00:11:48 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 00:11:48 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\admexs.dll
+ 2008-04-14 00:11:48 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\admin.dll
+ 2008-04-14 00:12:12 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe
+ 2004-08-04 05:32:24 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 00:11:48 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 00:11:48 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\admwprox.dll
+ 2008-04-14 00:11:48 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\adsiis51.dll
+ 2008-04-14 00:11:48 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 00:11:48 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 00:11:48 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 00:11:48 263,680 ------w C:\WINDOWS\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 00:11:48 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\adsnw.dll
+ 2004-07-17 18:35:20 85,813 ------w C:\WINDOWS\ServicePackFiles\i386\adsutil.vbs
+ 2008-04-14 00:11:48 4,255 ------w C:\WINDOWS\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w C:\WINDOWS\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w C:\WINDOWS\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w C:\WINDOWS\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w C:\WINDOWS\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w C:\WINDOWS\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w C:\WINDOWS\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 00:11:48 617,472 ------w C:\WINDOWS\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 00:11:48 99,840 ------w C:\WINDOWS\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w C:\WINDOWS\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w C:\WINDOWS\ServicePackFiles\i386\afd.sys
+ 2008-04-14 00:11:48 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 00:11:48 214,016 ------w C:\WINDOWS\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 00:11:48 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 00:11:48 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 00:11:48 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 00:11:48 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 00:11:48 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 00:12:12 256,512 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w C:\WINDOWS\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 00:11:49 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 00:12:12 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 00:12:12 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38 42,752 ------w C:\WINDOWS\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 00:11:49 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\amdagp.sys
+ 2008-04-13 18:31:32 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\amdk6.sys
+ 2008-04-13 18:31:33 37,760 ------w C:\WINDOWS\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 00:11:49 70,656 ------w C:\WINDOWS\ServicePackFiles\i386\amstream.dll
+ 2004-08-04 05:31:20 36,224 ------w C:\WINDOWS\ServicePackFiles\i386\an983.sys
+ 2008-04-14 00:11:49 108,544 ------w C:\WINDOWS\ServicePackFiles\i386\appconf.dll
+ 2008-04-14 00:11:49 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 00:11:49 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\appmgmts.dll
+ 2008-04-14 00:11:49 295,936 ------w C:\WINDOWS\ServicePackFiles\i386\appmgr.dll
+ 2008-04-14 00:11:49 331,264 ------w C:\WINDOWS\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 00:11:49 369,664 ------w C:\WINDOWS\ServicePackFiles\i386\asp51.dll
+ 2008-04-13 16:09:58 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_filter.dll
+ 2008-04-13 16:09:59 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_isapi.dll
+ 2008-04-13 16:10:01 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_regiis.exe
+ 2008-04-13 16:10:01 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_state.exe
+ 2008-04-13 16:10:01 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_wp.exe
+ 2008-04-14 00:12:12 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\asr_fmt.exe
+ 2008-04-14 00:12:12 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\asr_pfu.exe
+ 2008-04-14 00:11:49 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 00:12:12 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30 96,512 ------w C:\WINDOWS\ServicePackFiles\i386\atapi.sys
+ 2004-08-04 05:29:30 56,623 ------w C:\WINDOWS\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-04 05:29:30 11,615 ------w C:\WINDOWS\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-04 05:29:30 12,047 ------w C:\WINDOWS\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-04 05:29:32 30,671 ------w C:\WINDOWS\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-04 05:29:32 63,663 ------w C:\WINDOWS\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-04 05:29:32 26,367 ------w C:\WINDOWS\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-04 05:29:32 21,343 ------w C:\WINDOWS\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-04 05:29:32 36,463 ------w C:\WINDOWS\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-04 05:29:32 29,455 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-04 05:29:32 34,735 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 00:11:49 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 00:11:49 377,984 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 00:11:49 201,728 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-04 05:29:28 327,040 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-04 05:29:28 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 00:11:49 870,784 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 00:11:49 1,057,760 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 00:11:50 1,888,992 ------w C:\WINDOWS\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-04 05:29:28 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-04 05:29:30 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-04 05:29:30 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-04 05:29:30 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-04 05:29:32 104,960 ------w C:\WINDOWS\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-04 05:29:32 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-04 05:29:32 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-04 05:29:32 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-04 05:29:32 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-04 05:29:32 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 00:11:50 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 00:11:50 516,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 00:11:50 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\atl.dll
+ 2008-04-14 00:12:12 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 00:09:01 285,696 ------w C:\WINDOWS\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 00:11:50 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 00:12:12 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 00:11:50 21,183 ------w C:\WINDOWS\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w C:\WINDOWS\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w C:\WINDOWS\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w C:\WINDOWS\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w C:\WINDOWS\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 00:11:50 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 00:12:12 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 00:11:50 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\author.dll
+ 2008-04-14 00:12:12 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\author.exe
+ 2008-04-14 00:11:50 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\authz.dll
+ 2008-04-14 00:12:12 588,800 ------w C:\WINDOWS\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 00:12:12 602,624 ------w C:\WINDOWS\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 00:12:13 580,608 ------w C:\WINDOWS\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 00:12:13 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07 13,696 ------w C:\WINDOWS\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 00:11:50 84,992 ------w C:\WINDOWS\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 00:11:50 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 00:11:50 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 00:11:50 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 00:11:50 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 00:11:50 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 00:11:50 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 00:12:13 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\blastcln.exe
+ 2008-04-14 00:12:13 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\bootcfg.exe
+ 2008-04-13 18:53:23 71,552 ------w C:\WINDOWS\ServicePackFiles\i386\bridge.sys
+ 2008-04-13 17:03:24 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 00:11:50 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\browser.dll
+ 2008-04-14 00:11:50 1,025,024 ------w C:\WINDOWS\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 00:11:50 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 00:11:50 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w C:\WINDOWS\ServicePackFiles\i386\bthpan.sys
+ 2008-04-13 18:46:32 273,024 ------w C:\WINDOWS\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w C:\WINDOWS\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 00:11:50 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 00:11:50 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 00:11:50 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 00:11:50 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 00:11:50 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 00:12:13 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 00:11:50 385,024 ------w C:\WINDOWS\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 00:11:50 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 00:11:50 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 00:11:50 150,016 ------w C:\WINDOWS\ServicePackFiles\i386\capesnpn.dll
+ 2004-07-20 09:54:04 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\caspol.exe
+ 2008-04-14 00:11:50 226,304 ------w C:\WINDOWS\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 00:11:50 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 00:11:50 625,664 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21 63,744 ------w C:\WINDOWS\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 00:11:50 151,040 ------w C:\WINDOWS\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 00:11:50 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 00:11:50 2,091,520 ------w C:\WINDOWS\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 00:11:50 194,560 ------w C:\WINDOWS\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 00:11:50 457,728 ------w C:\WINDOWS\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 00:11:50 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 00:09:05 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 00:12:14 188,480 ------w C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 00:11:50 15,423 ------w C:\WINDOWS\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\changer.sys
+ 2008-04-14 00:11:50 148,480 ------w C:\WINDOWS\ServicePackFiles\i386\cic.dll
+ 2008-04-14 00:11:50 1,358,848 ------w C:\WINDOWS\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 00:11:50 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 00:12:14 56,832 ------w C:\WINDOWS\ServicePackFiles\i386\cipher.exe
+ 2008-04-14 00:12:14 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22 49,536 ------w C:\WINDOWS\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 00:11:50 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 00:11:50 498,688 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 00:12:14 64,000 ------w C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 00:11:50 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 00:12:14 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 00:12:14 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 00:12:14 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 00:11:50 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37 13,952 ------w C:\WINDOWS\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 00:11:50 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 00:12:14 389,120 ------w C:\WINDOWS\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 00:11:50 344,064 ------w C:\WINDOWS\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 00:12:14 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 00:12:15 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 00:11:50 185,344 ------w C:\WINDOWS\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 00:11:50 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 00:12:15 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 00:11:50 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 00:11:50 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 00:11:50 79,360 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-14 00:11:51 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\coadmin.dll
+ 2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 00:11:51 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 00:11:51 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 00:11:51 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 00:11:51 617,472 ------w C:\WINDOWS\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 00:11:51 276,992 ------w C:\WINDOWS\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 00:11:51 252,928 ------w C:\WINDOWS\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 00:11:51 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\compfilt.dll
+ 2008-04-14 00:11:51 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 00:11:51 97,792 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 00:12:15 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 00:12:15 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 00:11:51 792,064 ------w C:\WINDOWS\ServicePackFiles\i386\comres.dll
+ 2008-04-13 18:43:32 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\comsdupd.exe
+ 2008-04-14 00:11:51 274,944 ------w C:\WINDOWS\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 00:11:51 167,424 ------w C:\WINDOWS\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 00:11:51 1,267,200 ------w C:\WINDOWS\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 00:11:51 539,648 ------w C:\WINDOWS\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 00:12:15 1,032,192 ------w C:\WINDOWS\ServicePackFiles\i386\conf.exe
+ 2008-04-14 00:11:51 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 00:11:51 357,888 ------w C:\WINDOWS\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 00:12:15 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\conime.exe
+ 2004-08-04 13:11:12 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\corperfmonext.dll
+ 2008-04-14 00:11:51 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 00:11:51 163,840 ------w C:\WINDOWS\ServicePackFiles\i386\credui.dll
+ 2008-04-13 18:31:32 36,736 ------w C:\WINDOWS\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 00:11:51 599,040 ------w C:\WINDOWS\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 00:11:51 74,752 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 00:11:51 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 00:11:51 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 00:11:51 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 00:11:51 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 00:11:51 512,512 ------w C:\WINDOWS\ServicePackFiles\i386\cryptui.dll
+ 2004-08-04 13:11:18 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\csc.exe
+ 2008-04-14 00:11:51 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\cscdll.dll
+ 2004-07-20 09:54:04 589,824 ------w C:\WINDOWS\ServicePackFiles\i386\cscomp.dll
+ 2008-04-14 00:12:15 139,264 ------w C:\WINDOWS\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 00:11:51 326,656 ------w C:\WINDOWS\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 00:11:51 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 00:12:15 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 00:12:16 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 00:11:51 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 00:11:51 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\custsat.dll
+ 2004-08-04 05:32:26 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 00:11:51 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 00:11:51 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 00:11:51 1,689,088 ------w C:\WINDOWS\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 00:11:51 824,320 ------w C:\WINDOWS\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 00:11:51 1,054,208 ------w C:\WINDOWS\ServicePackFiles\i386\danim.dll
+ 2008-03-25 04:50:25 554,008 ------w C:\WINDOWS\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 00:11:51 54,272 ------w C:\WINDOWS\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 00:11:51 165,376 ------w C:\WINDOWS\ServicePackFiles\i386\datime.dll
+ 2008-04-14 00:12:16 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\davcdata.exe
+ 2008-04-14 00:11:51 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\davclnt.dll
+ 2008-04-14 00:11:51 640,000 ------w C:\WINDOWS\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 00:11:51 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\dbmsrpcn.dll
+ 2008-04-14 00:11:51 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 00:11:51 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dbnmpntw.dll
+ 2008-04-14 00:25:26 1,804 ------w C:\WINDOWS\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:11:51 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\dcap32.dll
+ 2008-04-14 00:11:51 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 00:12:16 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 00:12:16 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 00:11:51 279,552 ------w C:\WINDOWS\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 00:11:51 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\ddrawex.dll
+ 2008-04-14 00:12:16 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 00:11:51 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\devenum.dll
+ 2008-04-14 00:11:51 282,624 ------w C:\WINDOWS\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 00:12:16 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 00:12:16 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 00:11:51 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgsnap.dll
+ 2008-04-14 00:11:51 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 00:11:51 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dfsshlex.dll
+ 2008-04-14 00:11:51 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 00:11:51 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 00:11:52 379,904 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpqec.dll
+ 2008-04-14 00:12:17 539,136 ------w C:\WINDOWS\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 00:12:17 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\diantz.exe
+ 2006-03-16 04:00:00 884,712 ------w C:\WINDOWS\ServicePackFiles\i386\digcore.exe
+ 2008-04-14 00:11:52 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dimsroam.dll
+ 2008-04-14 00:11:52 158,720 ------w C:\WINDOWS\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 00:11:52 181,760 ------w C:\WINDOWS\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 00:11:52 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\directdb.dll
+ 2008-04-13 18:40:47 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\disk.sys
+ 2008-04-14 00:11:52 1,504,256 ------w C:\WINDOWS\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-13 18:40:44 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\diskdump.sys
+ 2008-04-14 00:12:17 163,840 ------w C:\WINDOWS\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 00:11:52 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\dispex.dll
+ 2008-04-14 00:12:17 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\dllhost.exe
+ 2008-04-13 18:40:51 8,320 ------w C:\WINDOWS\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 00:12:17 224,768 ------w C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 00:11:52 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dmband.dll
+ 2008-04-13 18:44:48 799,744 ------w C:\WINDOWS\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 00:11:52 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\dmcompos.dll
+ 2008-04-14 00:11:52 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 00:11:52 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 00:11:52 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dmime.dll
+ 2008-04-13 18:44:46 153,344 ------w C:\WINDOWS\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 00:11:52 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\dmloader.dll
+ 2008-04-14 00:12:17 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 00:11:52 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\dmscript.dll
+ 2008-04-14 00:11:52 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\dmserver.dll
+ 2008-04-14 00:11:52 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 00:11:52 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 00:11:52 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.dll
+ 2008-04-13 18:45:01 52,864 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.sys
+ 2008-04-14 00:11:52 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\dmutil.dll
+ 2008-04-14 00:11:52 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 00:11:52 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\dnsrslvr.dll
+ 2008-04-14 00:11:52 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\docprop2.dll
+ 2006-03-16 04:00:00 53,840 ------w C:\WINDOWS\ServicePackFiles\i386\dosx.exe
+ 2008-04-14 00:11:52 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\dot3cfg.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dot3clnt.dll
+ 2008-04-14 00:11:52 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-14 00:11:52 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w C:\WINDOWS\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-13 18:39:46 206,976 ------w C:\WINDOWS\ServicePackFiles\i386\dot4.sys
+ 2008-04-14 00:11:52 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-14 00:12:17 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 00:11:52 229,888 ------w C:\WINDOWS\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 00:11:52 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 00:09:19 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 00:11:52 375,296 ------w C:\WINDOWS\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 00:11:52 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhpast.dll
+ 2008-04-14 00:11:52 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhupnp.dll
+ 2008-04-14 00:09:20 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 00:12:17 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 00:11:52 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\dpvacm.dll
+ 2008-04-14 00:11:52 212,480 ------w C:\WINDOWS\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 00:12:18 83,456 ------w C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 00:11:52 116,736 ------w C:\WINDOWS\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 00:11:52 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\dpwsockx.dll
+ 2008-04-13 18:45:14 60,160 ------w C:\WINDOWS\ServicePackFiles\i386\drmk.sys
+ 2008-04-13 18:45:13 2,944 ------w C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 00:11:52 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\drprov.dll
+ 2008-04-14 00:12:18 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\drvqry.exe
+ 2006-03-16 04:00:00 4,656 ------w C:\WINDOWS\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-14 00:11:52 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ds32gt.dll
+ 2008-04-14 00:11:52 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dsdmo.dll
+ 2008-04-14 00:11:52 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\dsdmoprp.dll
+ 2008-04-14 00:11:52 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\dskquota.dll
+ 2008-04-14 00:11:52 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\dskquoui.dll
+ 2008-04-14 00:11:52 367,616 ------w C:\WINDOWS\ServicePackFiles\i386\dsound.dll
+ 2008-04-14 00:11:52 1,293,824 ------w C:\WINDOWS\ServicePackFiles\i386\dsound3d.dll
+ 2008-04-14 00:11:52 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\dsprop.dll
+ 2008-04-13 17:09:30 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\dsprpres.dll
+ 2008-04-14 00:11:52 239,104 ------w C:\WINDOWS\ServicePackFiles\i386\dsquery.dll
+ 2008-04-14 00:11:52 51,200 ------w C:\WINDOWS\ServicePackFiles\i386\dssec.dll
+ 2008-04-13 17:37:57 138,752 ------w C:\WINDOWS\ServicePackFiles\i386\dssenh.dll
+ 2008-04-14 00:11:52 113,152 ------w C:\WINDOWS\ServicePackFiles\i386\dsuiext.dll
+ 2008-04-14 00:11:52 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dswave.dll
+ 2008-04-14 00:12:18 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\dumprep.exe
+ 2008-04-14 00:11:52 304,128 ------w C:\WINDOWS\ServicePackFiles\i386\duser.dll
+ 2008-04-14 00:12:18 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe
+ 2008-04-14 00:12:18 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\dwwin.exe
+ 2008-04-14 00:11:52 619,008 ------w C:\WINDOWS\ServicePackFiles\i386\dx7vb.dll
+ 2008-04-14 00:11:52 1,227,264 ------w C:\WINDOWS\ServicePackFiles\i386\dx8vb.dll
+ 2008-04-14 00:12:18 1,298,432 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe
+ 2008-04-14 00:11:52 2,113,536 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiagn.dll
+ 2008-04-13 18:38:29 71,168 ------w C:\WINDOWS\ServicePackFiles\i386\dxg.sys
+ 2008-04-14 00:11:52 357,888 ------w C:\WINDOWS\ServicePackFiles\i386\dxtmsft.dll
+ 2008-04-14 00:11:52 205,312 ------w C:\WINDOWS\ServicePackFiles\i386\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w C:\WINDOWS\ServicePackFiles\i386\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\eapsvc.dll
+ 2008-04-14 00:11:52 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\efsadu.dll
+ 2008-04-14 00:11:53 183,296 ------w C:\WINDOWS\ServicePackFiles\i386\els.dll
+ 2008-04-14 00:11:53 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\encapi.dll
+ 2008-04-14 00:11:53 186,880 ------w C:\WINDOWS\ServicePackFiles\i386\encdec.dll
+ 2008-04-13 16:26:02 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\ep9res.dll
+ 2004-07-17 18:39:36 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\epcl5res.dll
+ 2008-04-14 00:11:53 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\ersvc.dll
+ 2008-04-14 00:11:53 246,272 ------w C:\WINDOWS\ServicePackFiles\i386\es.dll
+ 2008-04-14 00:11:53 1,082,368 ------w C:\WINDOWS\ServicePackFiles\i386\esent.dll
+ 2008-04-14 00:11:53 247,808 ------w C:\WINDOWS\ServicePackFiles\i386\esscli.dll
+ 2004-08-04 05:32:28 137,088 ------w C:\WINDOWS\ServicePackFiles\i386\essm2e.sys
+ 2008-04-14 00:12:19 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe
+ 2008-04-14 00:12:19 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\evcreate.exe
+ 2008-04-14 00:11:53 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
+ 2004-07-20 09:54:06 798,720 ------w C:\WINDOWS\ServicePackFiles\i386\eventlogmessages.dll
+ 2008-04-14 00:11:53 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\evntagnt.dll
+ 2008-04-14 00:12:19 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe
+ 2008-04-14 00:11:53 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\evntrprv.dll
+ 2008-04-14 00:12:19 92,160 ------w C:\WINDOWS\ServicePackFiles\i386\evntwin.exe
+ 2008-04-14 00:11:53 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\evtgprov.dll
+ 2008-04-14 00:12:19 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\evtrig.exe
+ 2008-04-14 00:12:19 1,033,728 ------w C:\WINDOWS\ServicePackFiles\i386\explorer.exe
+ 2008-04-14 00:11:53 380,445 ------w C:\WINDOWS\ServicePackFiles\i386\expsrv.dll
+ 2008-04-14 00:11:53 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\exstrace.dll
+ 2008-04-14 00:11:53 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\extmgr.dll
+ 2008-04-14 00:12:19 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\extrac32.exe
+ 2008-04-14 00:11:53 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\exts.dll
+ 2008-04-14 00:09:30 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\f3ahvoas.dll
+ 2008-04-13 19:14:29 143,744 ------w C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
+ 2008-04-14 00:11:53 472,064 ------w C:\WINDOWS\ServicePackFiles\i386\fastprox.dll
+ 2008-04-14 00:11:53 80,384 ------w C:\WINDOWS\ServicePackFiles\i386\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe
+ 2008-04-13 18:40:25 27,392 ------w C:\WINDOWS\ServicePackFiles\i386\fdc.sys
+ 2008-04-14 00:11:53 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\fde.dll
+ 2008-04-14 00:11:53 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\fdeploy.dll
+ 2008-04-14 00:11:53 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\feclient.dll
+ 2008-04-14 00:11:53 337,920 ------w C:\WINDOWS\ServicePackFiles\i386\filemgmt.dll
+ 2008-04-14 00:12:20 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\findstr.exe
+ 2008-04-13 18:33:28 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\fips.sys
+ 2008-04-14 00:11:53 87,552 ------w C:\WINDOWS\ServicePackFiles\i386\fldrclnr.dll
+ 2008-04-13 18:40:25 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\flpydisk.sys
+ 2008-04-14 00:11:53 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\fltlib.dll
+ 2008-04-14 00:12:20 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\fltmc.exe
+ 2008-04-13 18:32:59 129,792 ------w C:\WINDOWS\ServicePackFiles\i386\fltmgr.sys
+ 2008-04-14 00:11:53 382,976 ------w C:\WINDOWS\ServicePackFiles\i386\fontext.dll
+ 2008-04-14 00:11:53 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\fontsub.dll
+ 2008-04-14 00:12:20 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\fontview.exe
+ 2008-04-14 00:12:20 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\forcedos.exe
+ 2004-08-04 05:31:24 34,173 ------w C:\WINDOWS\ServicePackFiles\i386\forehe.sys
+ 2008-04-14 00:12:42 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\format.com
+ 2008-04-14 00:11:53 32,828 ------w C:\WINDOWS\ServicePackFiles\i386\fp40ext.dll
+ 2008-04-14 00:11:53 184,435 ------w C:\WINDOWS\ServicePackFiles\i386\fp4amsft.dll
+ 2008-04-14 00:11:53 82,035 ------w C:\WINDOWS\ServicePackFiles\i386\fp4anscp.dll
+ 2008-04-14 00:11:53 147,513 ------w C:\WINDOWS\ServicePackFiles\i386\fp4apws.dll
+ 2008-04-14 00:11:53 49,210 ------w C:\WINDOWS\ServicePackFiles\i386\fp4areg.dll
+ 2008-04-14 00:11:53 102,509 ------w C:\WINDOWS\ServicePackFiles\i386\fp4atxt.dll
+ 2008-04-14 00:11:53 618,605 ------w C:\WINDOWS\ServicePackFiles\i386\fp4autl.dll
+ 2008-04-14 00:11:53 41,020 ------w C:\WINDOWS\ServicePackFiles\i386\fp4avnb.dll
+ 2008-04-14 00:11:53 32,826 ------w C:\WINDOWS\ServicePackFiles\i386\fp4avss.dll
+ 2008-04-14 00:11:53 49,212 ------w C:\WINDOWS\ServicePackFiles\i386\fp4awebs.dll
+ 2008-04-14 00:11:53 876,653 ------w C:\WINDOWS\ServicePackFiles\i386\fp4awel.dll
+ 2008-04-14 00:12:20 15,120 ------w C:\WINDOWS\ServicePackFiles\i386\fp98sadm.exe
+ 2008-04-14 00:12:20 109,840 ------w C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe
+ 2008-04-14 00:12:20 24,632 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe
+ 2008-04-14 00:11:53 20,541 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmdll.dll
+ 2008-04-14 00:12:20 188,494 ------w C:\WINDOWS\ServicePackFiles\i386\fpcount.exe
+ 2008-04-14 00:11:53 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\fpencode.dll
+ 2008-04-14 00:11:53 20,541 ------w C:\WINDOWS\ServicePackFiles\i386\fpexedll.dll
+ 2008-04-14 00:11:53 598,071 ------w C:\WINDOWS\ServicePackFiles\i386\fpmmc.dll
+ 2007-04-02 16:36:04 208,896 ------w C:\WINDOWS\ServicePackFiles\i386\fpmmcsat.dll
+ 2008-04-14 00:12:20 20,538 ------w C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe
+ 2008-04-14 00:12:20 28,728 ------w C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe
+ 2008-04-14 00:09:33 9,344 ------w C:\WINDOWS\ServicePackFiles\i386\framebuf.dll
+ 2008-04-14 00:11:53 185,344 ------w C:\WINDOWS\ServicePackFiles\i386\framedyn.dll
+ 2008-04-14 00:12:20 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\fsquirt.exe
+ 2008-04-14 00:12:20 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\ftp.exe
+ 2008-04-14 00:11:53 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\ftpmib.dll
+ 2008-04-14 00:11:53 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\ftpsv251.dll
+ 2004-07-20 09:54:06 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\fusion.dll
+ 2008-04-14 00:11:53 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\fwcfg.dll
+ 2008-04-14 00:11:53 451,584 ------w C:\WINDOWS\ServicePackFiles\i386\fxsapi.dll
+ 2008-04-14 00:12:21 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe
+ 2008-04-14 00:11:54 72,192 ------w C:\WINDOWS\ServicePackFiles\i386\fxscom.dll
+ 2008-04-14 00:11:54 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\fxscomex.dll
+ 2008-04-14 00:12:21 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\fxscover.exe
+ 2008-04-14 00:11:54 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\fxsdrv.dll
+ 2008-04-14 00:11:54 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\fxsevent.dll
+ 2008-04-14 00:11:54 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\fxsmon.dll
+ 2008-04-14 00:11:54 132,608 ------w C:\WINDOWS\ServicePackFiles\i386\fxsocm.dll
+ 2008-04-14 00:11:54 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\fxsperf.dll
+ 2008-04-14 00:09:33 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\fxsres.dll
+ 2008-04-14 00:11:54 562,176 ------w C:\WINDOWS\ServicePackFiles\i386\fxsst.dll
+ 2008-04-14 00:12:21 267,776 ------w C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe
+ 2008-04-14 00:11:54 246,272 ------w C:\WINDOWS\ServicePackFiles\i386\fxst30.dll
+ 2008-04-14 00:11:54 397,312 ------w C:\WINDOWS\ServicePackFiles\i386\fxstiff.dll
+ 2008-04-14 00:11:54 154,112 ------w C:\WINDOWS\ServicePackFiles\i386\fxsui.dll
+ 2008-04-14 00:11:54 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\fxswzrd.dll
+ 2008-04-14 00:11:54 400,384 ------w C:\WINDOWS\ServicePackFiles\i386\fxsxp32.dll
+ 2008-04-13 18:36:40 46,464 ------w C:\WINDOWS\ServicePackFiles\i386\gagp30kx.sys
+ 2008-04-13 18:45:29 10,624 ------w C:\WINDOWS\ServicePackFiles\i386\gameenum.sys
+ 2008-04-13 18:45:32 59,136 ------w C:\WINDOWS\ServicePackFiles\i386\gckernel.sys
+ 2008-04-14 00:11:54 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\gdi32.dll
+ 2008-04-14 00:12:21 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\getmac.exe
+ 2008-04-14 00:11:54 122,880 ------w C:\WINDOWS\ServicePackFiles\i386\glu32.dll
+ 2008-04-14 00:09:35 566,784 ------w C:\WINDOWS\ServicePackFiles\i386\gpedit.dll
+ 2006-03-16 04:00:00 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\gpkcsp.dll
+ 2006-12-31 01:26:44 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\gpkrsrc.dll
+ 2008-04-14 00:12:21 120,832 ------w C:\WINDOWS\ServicePackFiles\i386\gprslt.exe
+ 2008-04-14 00:11:54 199,680 ------w C:\WINDOWS\ServicePackFiles\i386\gptext.dll
+ 2008-04-14 00:12:21 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\grpconv.exe
+ 2008-04-13 18:40:21 28,288 ------w C:\WINDOWS\ServicePackFiles\i386\grserial.sys
+ 2008-04-14 00:11:54 133,120 ------w C:\WINDOWS\ServicePackFiles\i386\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w C:\WINDOWS\ServicePackFiles\i386\guitrna.dll
+ 2008-04-14 00:11:54 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\gzip.dll
+ 2008-04-14 00:11:54 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\h323cc.dll
+ 2008-04-14 00:11:54 614,912 ------w C:\WINDOWS\ServicePackFiles\i386\h323msp.dll
+ 2008-04-13 18:31:32 105,344 ------w C:\WINDOWS\ServicePackFiles\i386\hal.dll
+ 2008-04-13 18:31:28 131,840 ------w C:\WINDOWS\ServicePackFiles\i386\halaacpi.dll
+ 2008-04-13 18:31:27 81,152 ------w C:\WINDOWS\ServicePackFiles\i386\halacpi.dll
+ 2008-04-13 18:31:28 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\halapic.dll
+ 2008-04-13 18:31:28 134,400 ------w C:\WINDOWS\ServicePackFiles\i386\halmacpi.dll
+ 2008-04-13 18:31:32 152,576 ------w C:\WINDOWS\ServicePackFiles\i386\halmps.dll
+ 2008-04-13 18:31:31 77,696 ------w C:\WINDOWS\ServicePackFiles\i386\halsp.dll
+ 2008-04-14 00:11:54 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\hccoin.dll
+ 2008-04-13 16:36:05 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\hdaudbus.sys
+ 2008-04-14 00:12:21 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\help.exe
+ 2008-04-14 00:12:21 769,024 ------w C:\WINDOWS\ServicePackFiles\i386\helpctr.exe
+ 2008-04-14 00:12:21 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe
+ 2008-04-14 00:12:21 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\hh.exe
+ 2008-04-14 00:11:54 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\hhsetup.dll
+ 2008-04-14 00:11:54 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\hid.dll
+ 2008-04-13 18:36:38 20,352 ------w C:\WINDOWS\ServicePackFiles\i386\hidbatt.sys
+ 2008-04-13 18:46:30 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\hidbth.sys
+ 2008-04-13 18:45:26 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\hidclass.sys
+ 2008-04-13 18:45:26 19,200 ------w C:\WINDOWS\ServicePackFiles\i386\hidir.sys
+ 2008-04-13 18:45:22 24,960 ------w C:\WINDOWS\ServicePackFiles\i386\hidparse.sys
+ 2008-04-14 00:11:54 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\hidserv.dll
+ 2008-04-13 18:45:27 10,368 ------w C:\WINDOWS\ServicePackFiles\i386\hidusb.sys
+ 2008-04-14 00:11:54 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\hlink.dll
+ 2008-04-14 00:11:54 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\hmmapi.dll
+ 2008-04-14 00:11:54 344,064 ------w C:\WINDOWS\ServicePackFiles\i386\hnetcfg.dll
+ 2008-04-14 00:11:54 330,752 ------w C:\WINDOWS\ServicePackFiles\i386\hnetwiz.dll
+ 2008-04-14 00:11:54 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\hostmib.dll
+ 2008-04-14 00:11:54 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\hotplug.dll
+ 2008-04-14 00:11:54 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\hpcjrr.dll
+ 2008-04-14 00:11:54 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\hpcjrrps.dll
+ 2008-04-14 00:11:54 87,552 ------w C:\WINDOWS\ServicePackFiles\i386\hpfud50.dll
+ 2008-04-14 00:12:21 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\hscupd.exe
+ 2004-08-04 05:41:48 220,032 ------w C:\WINDOWS\ServicePackFiles\i386\hsfbs2s2.sys
+ 2008-04-14 00:11:54 32,285 ------w C:\WINDOWS\ServicePackFiles\i386\hsfcisp2.dll
+ 2004-08-04 05:41:50 685,056 ------w C:\WINDOWS\ServicePackFiles\i386\hsfcxts2.sys
+ 2004-08-04 05:41:56 1,041,536 ------w C:\WINDOWS\ServicePackFiles\i386\hsfdpsp2.sys
+ 2008-04-13 18:53:53 264,832 ------w C:\WINDOWS\ServicePackFiles\i386\http.sys
+ 2008-04-14 00:11:54 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\httpapi.dll
+ 2008-04-14 00:11:54 268,288 ------w C:\WINDOWS\ServicePackFiles\i386\httpext.dll
+ 2008-04-14 00:11:54 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\httpmb51.dll
+ 2008-04-14 00:11:54 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\httpod51.dll
+ 2008-04-14 00:11:54 41,984 ------w C:\WINDOWS\ServicePackFiles\i386\htui.dll
+ 2008-04-14 00:11:54 347,136 ------w C:\WINDOWS\ServicePackFiles\i386\hypertrm.dll
+ 2008-04-13 18:41:22 8,576 ------w C:\WINDOWS\ServicePackFiles\i386\i2omgmt.sys
+ 2008-04-13 18:41:22 18,560 ------w C:\WINDOWS\ServicePackFiles\i386\i2omp.sys
+ 2008-04-13 19:18:00 52,480 ------w C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
+ 2008-04-14 00:11:54 702,845 ------w C:\WINDOWS\ServicePackFiles\i386\i81xdnt5.dll
+ 2004-08-04 05:29:38 161,020 ------w C:\WINDOWS\ServicePackFiles\i386\i81xnt5.sys
+ 2008-04-14 00:11:54 119,808 ------w C:\WINDOWS\ServicePackFiles\i386\iasrad.dll
+ 2008-04-14 00:11:54 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\icaapi.dll
+ 2008-04-14 00:11:54 80,384 ------w C:\WINDOWS\ServicePackFiles\i386\iccvid.dll
+ 2008-04-14 00:11:54 254,976 ------w C:\WINDOWS\ServicePackFiles\i386\icm32.dll
+ 2008-04-14 00:09:40 3,584 ------w C:\WINDOWS\ServicePackFiles\i386\icmp.dll
+ 2008-04-13 16:44:29 2,560 ------w C:\WINDOWS\ServicePackFiles\i386\iconlib.dll
+ 2008-04-14 00:11:54 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn.dll
+ 2008-04-14 00:12:22 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn1.exe
+ 2008-04-14 00:12:22 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe
+ 2008-04-14 00:11:54 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\icwdial.dll
+ 2008-04-14 00:11:54 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\icwdl.dll
+ 2008-04-14 00:11:54 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\icwhelp.dll
+ 2008-04-14 00:11:54 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\icwphbk.dll
+ 2008-04-14 00:12:22 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\icwrmind.exe
+ 2008-04-14 00:11:54 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\icwutil.dll
+ 2008-04-14 00:11:54 120,832 ------w C:\WINDOWS\ServicePackFiles\i386\idq.dll
+ 2008-04-14 00:12:22 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe
+ 2008-04-14 00:11:54 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\ieakeng.dll
+ 2008-04-14 00:11:54 216,576 ------w C:\WINDOWS\ServicePackFiles\i386\ieaksie.dll
+ 2008-04-14 00:11:54 323,584 ------w C:\WINDOWS\ServicePackFiles\i386\iedkcs32.dll
+ 2008-04-14 00:12:22 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\iedw.exe
+ 2008-04-14 00:11:54 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\ieencode.dll
+ 2007-01-02 23:29:28 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\ieexec.exe
+ 2004-07-20 09:54:06 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\ieexecremote.dll
+ 2004-07-20 09:54:06 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\iehost.dll
+ 2008-04-14 00:11:54 251,904 ------w C:\WINDOWS\ServicePackFiles\i386\iepeers.dll
+ 2008-04-14 00:11:54 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\iernonce.dll
+ 2008-04-14 00:11:54 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\iesetup.dll
+ 2008-04-14 00:12:22 93,184 ------w C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
+ 2008-04-14 00:12:22 114,688 ------w C:\WINDOWS\ServicePackFiles\i386\iexpress.exe
+ 2008-04-14 00:11:54 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\ifmon.dll
+ 2008-04-14 00:11:54 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\igmpagnt.dll
+ 2008-04-14 00:11:54 505,344 ------w C:\WINDOWS\ServicePackFiles\i386\iis.dll
+ 2008-04-14 00:11:54 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\iisadmin.dll
+ 2008-04-14 00:11:54 145,408 ------w C:\WINDOWS\ServicePackFiles\i386\iische51.dll
+ 2008-04-14 00:11:54 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\iisext51.dll
+ 2008-04-14 00:11:54 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\iisfecnv.dll
+ 2008-04-14 00:11:54 79,872 ------w C:\WINDOWS\ServicePackFiles\i386\iislog51.dll
+ 2008-04-14 00:11:54 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\iismap.dll
+ 2008-04-14 00:12:22 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\iisrstas.exe
+ 2008-04-14 00:11:54 133,632 ------w C:\WINDOWS\ServicePackFiles\i386\iisrtl.dll
+ 2004-08-04 13:11:48 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\ilasm.exe
+ 2008-04-14 00:11:54 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\ils.dll
+ 2008-04-14 00:11:54 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\imagehlp.dll
+ 2008-04-14 00:12:22 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\imapi.exe
+ 2008-04-13 18:40:58 42,112 ------w C:\WINDOWS\ServicePackFiles\i386\imapi.sys
+ 2008-04-14 00:11:54 36,921 ------w C:\WINDOWS\ServicePackFiles\i386\imeshare.dll
+ 2008-04-14 00:11:54 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\imgutil.dll
+ 2008-04-14 00:11:54 110,080 ------w C:\WINDOWS\ServicePackFiles\i386\imm32.dll
+ 2008-04-14 00:11:54 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\imsinsnt.dll
+ 2008-04-14 00:11:54 274,432 ------w C:\WINDOWS\ServicePackFiles\i386\inetcfg.dll
+ 2008-04-14 00:11:54 691,712 ------w C:\WINDOWS\ServicePackFiles\i386\inetcomm.dll
+ 2008-04-14 00:12:22 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\inetin51.exe
+ 2008-04-14 00:11:55 829,440 ------w C:\WINDOWS\ServicePackFiles\i386\inetmgr.dll
+ 2008-04-14 00:11:55 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\inetmib1.dll
+ 2008-04-14 00:11:55 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\inetpp.dll
+ 2008-04-14 00:11:55 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\inetppui.dll
+ 2008-04-13 16:22:12 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\inetres.dll
+ 2008-04-14 00:12:22 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe
+ 2008-04-14 00:11:55 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\infoadmn.dll
+ 2008-04-14 00:11:55 257,024 ------w C:\WINDOWS\ServicePackFiles\i386\infocomm.dll
+ 2008-04-14 00:11:55 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\initpki.dll
+ 2008-04-14 00:11:55 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\input.dll
+ 2008-04-14 00:11:55 96,256 ------w C:\WINDOWS\ServicePackFiles\i386\inseng.dll
+ 2004-07-20 09:54:06 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\installutil.exe
+ 2008-04-13 18:40:29 5,504 ------w C:\WINDOWS\ServicePackFiles\i386\intelide.sys
+ 2008-04-13 18:31:32 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\intelppm.sys
+ 2008-04-13 18:53:34 36,608 ------w C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys
+ 2008-04-14 00:12:22 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe
+ 2008-04-14 00:09:30 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\ipevldpc.dll
+ 2008-04-14 00:09:23 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ipevlpid.dll
+ 2008-04-14 00:11:55 94,720 ------w C:\WINDOWS\ServicePackFiles\i386\iphlpapi.dll
+ 2008-04-13 18:57:07 20,864 ------w C:\WINDOWS\ServicePackFiles\i386\ipinip.sys
+ 2008-04-14 00:11:55 161,280 ------w C:\WINDOWS\ServicePackFiles\i386\ipmontr.dll
+ 2008-04-13 18:57:15 152,832 ------w C:\WINDOWS\ServicePackFiles\i386\ipnat.sys
+ 2008-04-14 00:11:55 331,264 ------w C:\WINDOWS\ServicePackFiles\i386\ipnathlp.dll
+ 2008-04-14 00:11:55 330,752 ------w C:\WINDOWS\ServicePackFiles\i386\ippromon.dll
+ 2008-04-14 00:11:55 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\iprip.dll
+ 2008-04-14 00:11:55 177,152 ------w C:\WINDOWS\ServicePackFiles\i386\iprtrmgr.dll
+ 2008-04-13 19:19:42 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\ipsec.sys
+ 2008-04-14 00:11:55 349,696 ------w C:\WINDOWS\ServicePackFiles\i386\ipsecsnp.dll
+ 2008-04-14 00:11:55 183,808 ------w C:\WINDOWS\ServicePackFiles\i386\ipsecsvc.dll
+ 2008-04-14 00:10:45 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\ipseldpc.dll
+ 2008-04-14 00:09:24 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ipselpid.dll
+ 2008-04-14 00:11:55 384,000 ------w C:\WINDOWS\ServicePackFiles\i386\ipsmsnap.dll
+ 2008-04-14 00:12:23 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\ipv6.exe
+ 2008-04-14 00:11:55 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\ipv6mon.dll
+ 2008-04-14 00:12:23 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe
+ 2008-04-14 00:11:55 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\ipxwan.dll
+ 2008-04-14 00:11:55 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\ir41_qc.dll
+ 2008-04-14 00:11:55 338,432 ------w C:\WINDOWS\ServicePackFiles\i386\ir41_qcx.dll
+ 2008-04-14 00:11:55 755,200 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_32.dll
+ 2008-04-14 00:11:55 200,192 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_qc.dll
+ 2008-04-14 00:11:55 183,808 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_qcx.dll
+ 2008-04-13 18:45:34 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\irbus.sys
+ 2008-04-13 18:54:36 88,192 ------w C:\WINDOWS\ServicePackFiles\i386\irda.sys
+ 2008-04-13 18:54:28 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\irenum.sys
+ 2008-04-14 00:12:23 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\irftp.exe
+ 2008-04-14 00:11:55 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\irmon.dll
+ 2008-04-13 18:36:41 37,248 ------w C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
+ 2008-04-14 00:11:55 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\isatq.dll
+ 2008-04-14 00:11:55 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\iscomlog.dll
+ 2008-04-14 00:10:32 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\isdpc.dll
+ 2008-04-14 00:10:55 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\isendpc.dll
+ 2008-04-14 00:10:55 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\isenpid.dll
+ 2008-04-14 00:11:55 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\isign32.dll
+ 2008-04-14 00:10:32 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ispid.dll
+ 2008-04-14 00:11:55 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\isrdbg32.dll
+ 2008-04-14 00:11:55 155,136 ------w C:\WINDOWS\ServicePackFiles\i386\itircl.dll
+ 2008-04-14 00:11:55 138,240 ------w C:\WINDOWS\ServicePackFiles\i386\itss.dll
+ 2008-04-14 00:11:55 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\iuengine.dll
+ 2008-04-14 00:11:55 54,272 ------w C:\WINDOWS\ServicePackFiles\i386\ixsso.dll
+ 2008-04-14 00:11:55 47,616 ------w C:\WINDOWS\ServicePackFiles\i386\iyuv_32.dll
+ 2008-04-14 00:11:55 163,840 ------w C:\WINDOWS\ServicePackFiles\i386\jgdw400.dll
+ 2008-04-14 00:11:55 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\jgpl400.dll
+ 2004-07-20 09:54:06 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\jsc.exe
+ 2008-04-14 00:11:56 512,000 ------w C:\WINDOWS\ServicePackFiles\i386\jscript.dll
+ 2008-04-14 00:11:56 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd101.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdbhc.dll
+ 2008-04-13 18:39:47 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdfi1.dll
+ 2008-04-13 18:39:48 14,592 ------w C:\WINDOWS\ServicePackFiles\i386\kbdhid.sys
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdibm02.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinben.dll
+ 2008-04-14 00:09:55 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdiultn.dll
+ 2008-04-14 00:09:55 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdlk41j.dll
+ 2008-04-14 00:09:55 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmaori.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmlt48.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdnepr.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdpash.dll
+ 2008-04-14 00:09:55 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdukx.dll
+ 2008-04-13 18:31:35 7,424 ------w C:\WINDOWS\ServicePackFiles\i386\kd1394.dll
+ 2008-04-14 00:11:56 184,832 ------w C:\WINDOWS\ServicePackFiles\i386\kdcsvc.dll
+ 2008-04-14 00:11:56 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\kdsui.dll
+ 2008-04-14 00:11:56 253,952 ------w C:\WINDOWS\ServicePackFiles\i386\kdsusd.dll
+ 2008-04-14 00:11:56 299,520 ------w C:\WINDOWS\ServicePackFiles\i386\kerberos.dll
+ 2008-04-14 00:11:56 989,696 ------w C:\WINDOWS\ServicePackFiles\i386\kernel32.dll
+ 2006-03-16 04:00:00 42,537 ------w C:\WINDOWS\ServicePackFiles\i386\keyboard.sys
+ 2008-04-14 00:11:56 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\keymgr.dll
+ 2008-04-13 18:45:09 172,416 ------w C:\WINDOWS\ServicePackFiles\i386\kmixer.sys
+ 2008-04-14 00:11:56 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\kmsvc.dll
+ 2008-04-14 00:09:56 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\knperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\knperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\knprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\knpropid.dll
+ 2008-04-14 00:11:56 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\koc.dll
+ 2008-04-14 00:09:56 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\kperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\kperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\kprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\kpropid.dll
+ 2006-03-16 04:00:00 92,224 ------w C:\WINDOWS\ServicePackFiles\i386\krnl386.exe
+ 2008-04-14 00:11:56 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\krnlprov.dll
+ 2008-04-13 19:16:36 141,056 ------w C:\WINDOWS\ServicePackFiles\i386\ks.sys
+ 2008-04-13 18:31:43 92,288 ------w C:\WINDOWS\ServicePackFiles\i386\ksecdd.sys
+ 2008-04-14 00:11:56 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\l2store.dll
+ 2008-04-14 00:09:05 97,792 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtmbx.dll
+ 2008-04-14 00:09:05 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtskdic.dll
+ 2008-04-14 00:09:05 173,568 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtskf.dll
+ 2008-04-14 00:09:06 198,656 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cintime.dll
+ 2004-08-04 05:31:56 480,256 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe
+ 2004-08-04 05:31:40 57,399 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cplexe.exe
+ 2008-04-14 00:09:39 13,463,552 ------w C:\WINDOWS\ServicePackFiles\i386\lang\hwxjpn.dll
+ 2008-04-14 00:09:43 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imekrcic.dll
+ 2008-04-14 00:09:43 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imekrmbx.dll
+ 2008-04-14 00:09:44 811,064 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjp81k.dll
+ 2008-04-14 00:09:45 368,696 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpcic.dll
+ 2008-04-14 00:09:45 716,856 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpcus.dll
+ 2008-04-14 00:09:45 81,976 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.dll
+ 2004-08-04 05:31:54 307,257 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe
+ 2004-08-04 05:31:56 155,705 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe
+ 2004-08-04 05:31:58 196,665 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpinst.exe
+ 2004-08-04 05:32:00 208,952 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe
+ 2004-08-04 05:32:12 233,527 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe
+ 2004-08-04 05:32:16 262,200 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjputy.exe
+ 2008-04-14 00:09:46 274,489 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjputyc.dll
+ 2008-04-14 00:09:46 102,456 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imlang.dll
+ 2004-08-04 05:31:50 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe
+ 2008-04-14 00:09:47 315,455 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imskf.dll
+ 2008-04-14 00:10:33 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\lang\padrs404.dll
+ 2008-04-14 00:10:33 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\lang\padrs804.dll
+ 2008-04-14 00:10:34 175,104 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlcsa.dll
+ 2008-04-14 00:10:34 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlcsd.dll
+ 2008-04-13 16:43:36 70,144 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe
+ 2008-04-14 00:10:34 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pmigrate.dll
+ 2004-08-04 05:32:16 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe
+ 2004-08-04 05:32:16 455,168 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe
+ 2008-04-14 00:10:59 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tmigrate.dll
+ 2008-04-14 00:11:01 76,288 ------w C:\WINDOWS\ServicePackFiles\i386\lang\uniime.dll
+ 2008-04-14 00:11:04 426,041 ------w C:\WINDOWS\ServicePackFiles\i386\lang\voicepad.dll
+ 2008-04-14 00:11:04 86,073 ------w C:\WINDOWS\ServicePackFiles\i386\lang\voicesub.dll
+ 2008-04-13 18:40:26 34,688 ------w C:\WINDOWS\ServicePackFiles\i386\lbrtfdc.sys
+ 2008-04-14 00:12:23 677,888 ------w C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe
+ 2008-04-14 00:11:56 2,061,824 ------w C:\WINDOWS\ServicePackFiles\i386\lhmstscx.dll
+ 2008-04-14 12:41:58 423,936 ------w C:\WINDOWS\ServicePackFiles\i386\licdll.dll
+ 2008-04-14 00:11:56 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\licmgr10.dll
+ 2008-04-14 00:11:56 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\licwmi.dll
+ 2008-04-14 00:11:56 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\linkinfo.dll
+ 2008-04-14 00:11:56 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\lmhsvc.dll
+ 2008-04-14 00:11:56 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\lmmib2.dll
+ 2008-04-14 00:11:56 399,872 ------w C:\WINDOWS\ServicePackFiles\i386\lmrt.dll
+ 2008-04-14 00:11:56 97,280 ------w C:\WINDOWS\ServicePackFiles\i386\loadperf.dll
+ 2008-04-14 00:11:56 221,696 ------w C:\WINDOWS\ServicePackFiles\i386\localsec.dll
+ 2008-04-14 00:11:56 343,040 ------w C:\WINDOWS\ServicePackFiles\i386\localspl.dll
+ 2008-04-14 00:11:56 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\localui.dll
+ 2008-04-14 00:12:24 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\locator.exe
+ 2008-04-14 00:11:56 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\log.dll
+ 2008-04-14 00:12:24 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\logman.exe
+ 2008-04-14 00:12:43 220,672 ------w C:\WINDOWS\ServicePackFiles\i386\logon.scr
+ 2008-04-14 00:12:24 514,560 ------w C:\WINDOWS\ServicePackFiles\i386\logonui.exe
+ 2008-04-14 00:11:56 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\lonsint.dll
+ 2008-04-14 00:11:56 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\lpdsvc.dll
+ 2008-04-14 00:11:56 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\lpk.dll
+ 2008-04-14 00:11:56 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\lprhelp.dll
+ 2008-04-14 00:11:56 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\lprmon.dll
+ 2008-04-14 00:11:56 728,064 ------w C:\WINDOWS\ServicePackFiles\i386\lsasrv.dll
+ 2008-04-14 00:12:24 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\lsass.exe
+ 2004-08-04 05:41:36 606,684 ------w C:\WINDOWS\ServicePackFiles\i386\ltmdmnt.sys
+ 2004-08-04 05:41:38 420,992 ------w C:\WINDOWS\ServicePackFiles\i386\ltmdmntt.sys
+ 2008-04-13 18:40:52 7,040 ------w C:\WINDOWS\ServicePackFiles\i386\ltotape.sys
+ 2004-08-04 05:39:32 20,864 ------w C:\WINDOWS\ServicePackFiles\i386\lwadihid.sys
+ 2008-04-14 00:12:24 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\magnify.exe
+ 2008-04-14 00:12:25 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\makecab.exe
+ 2008-04-14 00:11:56 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\mcastmib.dll
+ 2008-04-14 00:11:56 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\mciavi32.dll
+ 2008-04-14 00:11:56 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\mciqtz32.dll
+ 2008-04-14 00:11:56 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\mciseq.dll
+ 2008-04-14 00:11:56 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\mciwave.dll
+ 2008-04-14 00:11:56 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\md5filt.dll
+ 2008-04-14 00:11:56 118,272 ------w C:\WINDOWS\ServicePackFiles\i386\mdminst.dll
+ 2008-04-14 00:11:56 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\mdmxsdk.dll
+ 2004-08-04 05:41:56 11,868 ------w C:\WINDOWS\ServicePackFiles\i386\mdmxsdk.sys
+ 2008-04-14 00:11:56 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\medctroc.dll
+ 2008-04-13 18:41:21 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\memstpci.sys
+ 2008-04-14 00:11:56 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\metada51.dll
+ 2008-04-13 18:36:41 63,744 ------w C:\WINDOWS\ServicePackFiles\i386\mf.sys
+ 2008-04-14 00:11:56 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\mf3216.dll
+ 2008-04-14 00:11:56 927,504 ------w C:\WINDOWS\ServicePackFiles\i386\mfc40u.dll
+ 2008-04-14 00:11:56 1,028,096 ------w C:\WINDOWS\ServicePackFiles\i386\mfc42.dll
+ 2006-10-14 08:13:25 981,760 ------w C:\WINDOWS\ServicePackFiles\i386\mfc42u.dll
+ 2008-04-14 00:11:56 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\mfcsubs.dll
+ 2008-04-14 00:11:56 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\mgmtapi.dll
+ 2004-07-20 09:54:06 712,704 ------w C:\WINDOWS\ServicePackFiles\i386\microsoft.jscript.dll
+ 2004-07-20 09:54:06 286,720 ------w C:\WINDOWS\ServicePackFiles\i386\microsoft.visualbasic.dll
+ 2008-04-14 00:11:57 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\midimap.dll
+ 2008-04-14 00:11:57 274,432 ------w C:\WINDOWS\ServicePackFiles\i386\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w C:\WINDOWS\ServicePackFiles\i386\migisma.dll
+ 2008-04-14 00:11:57 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\miglibnt.dll
+ 2008-04-14 00:12:25 103,936 ------w C:\WINDOWS\ServicePackFiles\i386\migload.exe
+ 2008-04-14 00:12:25 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\migregdb.exe
+ 2008-04-14 00:12:25 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w C:\WINDOWS\ServicePackFiles\i386\migwiza.exe
+ 2008-04-14 00:11:57 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\mimefilt.dll
+ 2008-04-14 00:11:57 586,240 ------w C:\WINDOWS\ServicePackFiles\i386\mlang.dll
+ 2008-04-14 00:12:25 1,414,656 ------w C:\WINDOWS\ServicePackFiles\i386\mmc.exe
+ 2008-04-14 00:11:57 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\mmc30.dll
+ 2008-04-14 00:11:57 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\mmc30r.dll
+ 2008-04-14 00:11:57 163,328 ------w C:\WINDOWS\ServicePackFiles\i386\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w C:\WINDOWS\ServicePackFiles\i386\mmcex.dll
+ 2008-04-14 00:11:57 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\mmcexr.dll
+ 2008-04-14 00:11:57 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\mmcfxc.dll
+ 2008-04-14 00:11:57 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\mmcfxcr.dll
+ 2008-04-14 00:11:57 1,872,896 ------w C:\WINDOWS\ServicePackFiles\i386\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe
+ 2008-04-14 00:11:57 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\mmcshext.dll
+ 2008-04-14 00:11:57 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\mmfutil.dll
+ 2006-03-16 04:00:00 68,768 ------w C:\WINDOWS\ServicePackFiles\i386\mmsystem.dll
+ 2008-04-14 00:11:57 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\mnmdd.dll
+ 2008-04-14 00:12:25 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\mnmsrvc.exe
+ 2008-04-14 00:11:57 207,360 ------w C:\WINDOWS\ServicePackFiles\i386\mobsync.dll
+ 2008-04-14 00:12:26 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mobsync.exe
+ 2008-04-13 19:00:19 30,080 ------w C:\WINDOWS\ServicePackFiles\i386\modem.sys
+ 2008-04-14 00:11:57 153,600 ------w C:\WINDOWS\ServicePackFiles\i386\modemui.dll
+ 2008-04-14 00:12:26 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\mofcomp.exe
+ 2008-04-14 00:11:57 123,904 ------w C:\WINDOWS\ServicePackFiles\i386\mofd.dll
+ 2008-04-14 00:12:42 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\more.com
+ 2008-04-13 16:45:30 216,064 ------w C:\WINDOWS\ServicePackFiles\i386\moricons.dll
+ 2008-04-13 18:39:47 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\mouclass.sys
+ 2008-04-13 18:39:46 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys
+ 2008-04-14 00:12:27 3,558,912 ------w C:\WINDOWS\ServicePackFiles\i386\moviemk.exe
+ 2008-04-13 18:46:22 15,232 ------w C:\WINDOWS\ServicePackFiles\i386\mpe.sys
+ 2008-04-14 00:12:27 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\mplay32.exe
+ 2008-04-14 00:11:57 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\mpr.dll
+ 2008-04-14 00:11:57 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\mprapi.dll
+ 2008-04-14 00:11:57 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\mprdim.dll
+ 2008-04-13 18:39:44 92,544 ------w C:\WINDOWS\ServicePackFiles\i386\mqac.sys
+ 2008-04-14 00:11:57 138,240 ------w C:\WINDOWS\ServicePackFiles\i386\mqad.dll
+ 2008-04-14 00:12:27 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\mqbkup.exe
+ 2008-04-14 00:11:57 47,616 ------w C:\WINDOWS\ServicePackFiles\i386\mqdscli.dll
+ 2008-04-14 00:11:57 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\mqise.dll
+ 2008-04-14 00:11:57 89,088 ------w C:\WINDOWS\ServicePackFiles\i386\mqlogmgr.dll
+ 2008-04-14 00:11:57 225,280 ------w C:\WINDOWS\ServicePackFiles\i386\mqoa.dll
+ 2008-04-14 00:11:57 663,040 ------w C:\WINDOWS\ServicePackFiles\i386\mqqm.dll
+ 2008-04-14 00:11:57 177,152 ------w C:\WINDOWS\ServicePackFiles\i386\mqrt.dll
+ 2008-04-14 00:11:57 123,904 ------w C:\WINDOWS\ServicePackFiles\i386\mqrtdep.dll
+ 2008-04-14 00:11:57 95,744 ------w C:\WINDOWS\ServicePackFiles\i386\mqsec.dll
+ 2008-04-14 00:11:58 517,632 ------w C:\WINDOWS\ServicePackFiles\i386\mqsnap.dll
+ 2008-04-14 00:12:27 4,608 ------w C:\WINDOWS\ServicePackFiles\i386\mqsvc.exe
+ 2008-04-14 00:12:27 117,248 ------w C:\WINDOWS\ServicePackFiles\i386\mqtgsvc.exe
+ 2008-04-14 00:11:58 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\mqtrig.dll
+ 2008-04-14 00:11:58 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\mqupgrd.dll
+ 2008-04-14 00:11:58 471,552 ------w C:\WINDOWS\ServicePackFiles\i386\mqutil.dll
+ 2008-04-13 18:32:44 180,608 ------w C:\WINDOWS\ServicePackFiles\i386\mrxdav.sys
+ 2008-04-13 19:17:01 456,576 ------w C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys
+ 2008-04-14 00:11:58 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\msacm32.dll
+ 2008-04-14 00:11:58 331,776 ------w C:\WINDOWS\ServicePackFiles\i386\msadce.dll
+ 2008-04-13 17:25:57 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\msadcer.dll
+ 2008-04-14 00:11:58 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\msadcf.dll
+ 2008-04-13 17:25:57 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msadcfr.dll
+ 2008-04-14 00:11:58 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\msadco.dll
+ 2008-04-13 17:25:57 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msadcor.dll
+ 2008-04-14 00:11:58 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\msadcs.dll
+ 2008-04-14 00:11:58 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\msadds.dll
+ 2008-04-13 17:25:58 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msaddsr.dll
+ 2008-04-13 17:26:17 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msader15.dll
+ 2008-04-14 00:11:58 536,576 ------w C:\WINDOWS\ServicePackFiles\i386\msado15.dll
+ 2008-04-14 00:11:58 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\msadomd.dll
+ 2008-04-14 00:11:58 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msador15.dll
+ 2008-04-14 00:11:58 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\msadox.dll
+ 2008-04-14 00:11:58 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msadrh15.dll
+ 2008-04-14 00:10:06 3,584 ------w C:\WINDOWS\ServicePackFiles\i386\msafd.dll
+ 2008-04-14 00:11:58 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\msapsspc.dll
+ 2008-04-14 00:11:58 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msasn1.dll
+ 2008-04-14 00:11:58 220,160 ------w C:\WINDOWS\ServicePackFiles\i386\mscandui.dll
+ 2008-04-14 00:11:58 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\mscms.dll
+ 2008-04-14 00:11:58 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\msconf.dll
+ 2008-04-14 00:12:27 169,984 ------w C:\WINDOWS\ServicePackFiles\i386\msconfig.exe
+ 2004-07-17 18:42:20 116,288 ------w C:\WINDOWS\ServicePackFiles\i386\msconv97.dll
+ 2004-07-20 09:54:06 1,564,672 ------w C:\WINDOWS\ServicePackFiles\i386\mscorcfg.dll
+ 2004-08-04 13:12:02 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\mscordbc.dll
+ 2004-08-04 13:12:02 221,184 ------w C:\WINDOWS\ServicePackFiles\i386\mscordbi.dll
+ 2007-06-27 12:55:10 131,072 ------w C:\WINDOWS\ServicePackFiles\i386\mscoree.dll
+ 2007-01-02 23:29:12 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\mscorie.dll
+ 2004-07-20 09:54:08 303,104 ------w C:\WINDOWS\ServicePackFiles\i386\mscorjit.dll
+ 2007-01-02 23:29:12 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\mscorld.dll
+ 2007-01-02 23:21:20 1,998,848 ------w C:\WINDOWS\ServicePackFiles\i386\mscorlib.dll
+ 2004-08-04 13:12:08 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\mscorpe.dll
+ 2004-08-04 13:12:08 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.chs.dll
+ 2004-08-04 13:12:08 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.cht.dll
+ 2004-08-04 13:12:08 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.dll
+ 2004-08-04 13:12:10 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.es.dll
+ 2004-08-04 13:12:10 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.fr.dll
+ 2004-08-04 13:12:10 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.ger.dll
+ 2004-08-04 13:12:10 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.it.dll
+ 2004-08-04 13:12:10 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.ja.dll
+ 2004-08-04 13:12:10 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.kor.dll
+ 2004-08-04 13:12:10 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\mscorsec.dll
+ 2004-08-04 13:12:10 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\mscorsn.dll
+ 2007-12-17 11:58:53 2,273,280 ------w C:\WINDOWS\ServicePackFiles\i386\mscorsvr.dll
+ 2004-08-04 13:12:14 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\mscortim.dll
+ 2007-12-17 11:59:26 2,281,472 ------w C:\WINDOWS\ServicePackFiles\i386\mscorwks.dll
+ 2008-04-13 17:26:07 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\mscpx32r.dll
+ 2008-04-14 00:11:58 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\mscpxl32.dll
+ 2008-04-14 00:11:58 297,984 ------w C:\WINDOWS\ServicePackFiles\i386\msctf.dll
+ 2008-04-14 00:11:58 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\msctfp.dll
+ 2008-04-14 00:11:58 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdadc.dll
+ 2008-04-14 00:11:58 118,784 ------w C:\WINDOWS\ServicePackFiles\i386\msdadiag.dll
+ 2008-04-14 00:11:58 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaenum.dll
+ 2008-04-14 00:11:58 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaer.dll
+ 2008-04-14 00:11:58 532,480 ------w C:\WINDOWS\ServicePackFiles\i386\msdaipp.dll
+ 2008-04-14 00:11:58 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\msdaora.dll
+ 2008-04-13 17:24:14 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaorar.dll
+ 2008-04-14 00:11:58 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\msdaosp.dll
+ 2008-04-13 17:25:58 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaprsr.dll
+ 2008-04-14 00:11:58 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\msdaprst.dll
+ 2008-04-14 00:11:59 204,800 ------w C:\WINDOWS\ServicePackFiles\i386\msdaps.dll
+ 2008-04-14 00:11:59 118,784 ------w C:\WINDOWS\ServicePackFiles\i386\msdarem.dll
+ 2008-04-13 17:25:58 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaremr.dll
+ 2008-04-14 00:11:59 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\msdart.dll
+ 2008-04-14 00:11:59 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdasc.dll
+ 2008-04-14 00:11:59 315,392 ------w C:\WINDOWS\ServicePackFiles\i386\msdasql.dll
+ 2008-04-13 17:26:07 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdasqlr.dll
+ 2008-04-14 00:11:59 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\msdatl3.dll
+ 2008-04-14 00:11:59 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\msdatt.dll
+ 2008-04-14 00:11:59 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaurl.dll
+ 2008-04-14 00:11:59 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\msdfmap.dll
+ 2008-04-14 00:11:59 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\msdmo.dll
+ 2008-04-14 00:12:27 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\msdtc.exe
+ 2008-04-14 00:11:59 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\msdtclog.dll
+ 2008-04-14 00:11:59 427,008 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcprx.dll
+ 2008-04-14 00:11:59 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcstp.dll
+ 2008-04-14 00:11:59 956,928 ------w C:\WINDOWS\ServicePackFiles\i386\msdtctm.dll
+ 2008-04-14 00:11:59 161,792 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcuiu.dll
+ 2008-04-13 18:46:09 51,200 ------w C:\WINDOWS\ServicePackFiles\i386\msdv.sys
+ 2008-03-25 04:50:28 518,944 ------w C:\WINDOWS\ServicePackFiles\i386\msexch40.dll
+ 2008-03-25 04:50:30 326,432 ------w C:\WINDOWS\ServicePackFiles\i386\msexcl40.dll
+ 2008-04-13 18:32:39 19,072 ------w C:\WINDOWS\ServicePackFiles\i386\msfs.sys
+ 2008-04-14 00:11:59 539,136 ------w C:\WINDOWS\ServicePackFiles\i386\msftedit.dll
+ 2008-04-14 00:11:59 997,376 ------w C:\WINDOWS\ServicePackFiles\i386\msgina.dll
+ 2008-04-13 18:56:32 35,072 ------w C:\WINDOWS\ServicePackFiles\i386\msgpc.sys
+ 2008-04-14 00:11:59 3,166,208 ------w C:\WINDOWS\ServicePackFiles\i386\msgr3en.dll
+ 2008-04-14 00:11:59 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\msgrocm.dll
+ 2008-04-14 00:11:59 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\msgslang.dll
+ 2008-04-14 00:11:59 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\msgsvc.dll
+ 2008-04-14 00:12:45 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\msh261.drv
+ 2008-04-14 00:12:45 294,912 ------w C:\WINDOWS\ServicePackFiles\i386\msh263.drv
+ 2008-04-14 00:12:27 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\mshta.exe
+ 2008-04-14 00:11:59 3,066,880 ------w C:\WINDOWS\ServicePackFiles\i386\mshtml.dll
+ 2008-04-14 00:11:59 449,024 ------w C:\WINDOWS\ServicePackFiles\i386\mshtmled.dll
+ 2008-04-13 16:26:26 56,832 ------w C:\WINDOWS\ServicePackFiles\i386\mshtmler.dll
+ 2008-04-14 00:11:59 2,843,136 ------w C:\WINDOWS\ServicePackFiles\i386\msi.dll
+ 2008-04-14 00:11:59 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\msident.dll
+ 2008-04-14 00:11:59 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\msidle.dll
+ 2008-04-14 00:11:59 248,832 ------w C:\WINDOWS\ServicePackFiles\i386\msieftp.dll
+ 2008-04-14 00:12:28 78,848 ------w C:\WINDOWS\ServicePackFiles\i386\msiexec.exe
+ 2008-04-14 00:11:59 271,360 ------w C:\WINDOWS\ServicePackFiles\i386\msihnd.dll
+ 2008-04-14 00:11:59 4,608 ------w C:\WINDOWS\ServicePackFiles\i386\msimg32.dll
+ 2008-04-14 00:12:28 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\msimn.exe
+ 2008-04-13 15:39:43 884,736 ------w C:\WINDOWS\ServicePackFiles\i386\msimsg.dll
+ 2008-04-14 00:11:59 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\msimtf.dll
+ 2008-04-14 00:11:59 376,832 ------w C:\WINDOWS\ServicePackFiles\i386\msinfo.dll
+ 2008-04-13 18:54:28 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\msircomm.sys
+ 2008-04-14 00:12:28 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\msiregmv.exe
+ 2008-04-14 00:11:59 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\msisip.dll
+ 2008-03-25 04:50:34 1,516,568 ------w C:\WINDOWS\ServicePackFiles\i386\msjet40.dll
+ 2008-03-25 04:50:40 355,112 ------w C:\WINDOWS\ServicePackFiles\i386\msjetol1.dll
+ 2008-04-14 00:12:00 151,583 ------w C:\WINDOWS\ServicePackFiles\i386\msjint40.dll
+ 2008-04-14 00:12:00 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\msjro.dll
+ 2008-03-25 04:50:42 60,192 ------w C:\WINDOWS\ServicePackFiles\i386\msjter40.dll
+ 2008-03-25 04:50:42 248,608 ------w C:\WINDOWS\ServicePackFiles\i386\msjtes40.dll
+ 2008-04-13 18:39:52 7,552 ------w C:\WINDOWS\ServicePackFiles\i386\mskssrv.sys
+ 2008-04-14 00:12:00 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\mslbui.dll
+ 2008-03-25 04:50:44 219,936 ------w C:\WINDOWS\ServicePackFiles\i386\msltus40.dll
+ 2008-04-14 00:12:00 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\mslwvtts.dll
+ 2008-04-14 00:12:00 170,496 ------w C:\WINDOWS\ServicePackFiles\i386\msmqocm.dll
+ 2008-04-14 00:12:28 1,695,232 ------w C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe
+ 2006-03-16 04:00:00 11,053,008 ------w C:\WINDOWS\ServicePackFiles\i386\msncli.exe
+ 2008-04-14 00:12:00 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\msnsspc.dll
+ 2006-03-16 04:00:00 1,327,320 ------w C:\WINDOWS\ServicePackFiles\i386\msnsusii.exe
+ 2008-04-14 00:12:00 122,368 ------w C:\WINDOWS\ServicePackFiles\i386\msobcomm.dll
+ 2008-04-14 00:12:00 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msobdl.dll
+ 2008-04-14 00:12:00 565,248 ------w C:\WINDOWS\ServicePackFiles\i386\msobmain.dll
+ 2008-04-14 00:12:00 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\msobshel.dll
+ 2008-04-14 00:12:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\msobweb.dll
+ 2008-04-14 00:12:00 1,314,816 ------w C:\WINDOWS\ServicePackFiles\i386\msoe.dll
+ 2008-04-14 00:12:00 252,928 ------w C:\WINDOWS\ServicePackFiles\i386\msoeacct.dll
+ 2008-04-13 16:23:54 2,479,616 ------w C:\WINDOWS\ServicePackFiles\i386\msoeres.dll
+ 2008-04-14 00:12:00 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\msoert2.dll
+ 2008-04-14 00:12:28 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\msoobe.exe
+ 2008-04-13 17:24:14 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\msorc32r.dll
+ 2008-04-14 00:12:00 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\msorcl32.dll
+ 2008-04-14 00:12:28 343,040 ------w C:\WINDOWS\ServicePackFiles\i386\mspaint.exe
+ 2008-04-14 00:12:00 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\mspatcha.dll
+ 2008-03-25 04:50:45 355,104 ------w C:\WINDOWS\ServicePackFiles\i386\mspbde40.dll
+ 2008-04-13 18:39:50 5,376 ------w C:\WINDOWS\ServicePackFiles\i386\mspclock.sys
+ 2008-04-13 18:39:51 4,992 ------w C:\WINDOWS\ServicePackFiles\i386\mspqm.sys
+ 2008-04-13 16:23:31 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\msprivs.dll
+ 2008-04-14 00:12:00 146,432 ------w C:\WINDOWS\ServicePackFiles\i386\msrating.dll
+ 2008-03-25 04:50:47 432,928 ------w C:\WINDOWS\ServicePackFiles\i386\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 ------w C:\WINDOWS\ServicePackFiles\i386\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 ------w C:\WINDOWS\ServicePackFiles\i386\msrepl40.dll
+ 2008-04-14 00:12:00 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\msrle32.dll
+ 2008-04-14 00:12:00 134,656 ------w C:\WINDOWS\ServicePackFiles\i386\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w C:\WINDOWS\ServicePackFiles\i386\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\msshamsg.dll
+ 2008-04-13 18:36:46 15,488 ------w C:\WINDOWS\ServicePackFiles\i386\mssmbios.sys
+ 2008-04-14 00:12:00 274,432 ------w C:\WINDOWS\ServicePackFiles\i386\mst120.dll
+ 2008-04-14 00:12:00 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\mst123.dll
+ 2008-04-13 18:46:08 49,024 ------w C:\WINDOWS\ServicePackFiles\i386\mstape.sys
+ 2008-04-14 00:12:00 274,944 ------w C:\WINDOWS\ServicePackFiles\i386\mstask.dll
+ 2008-04-13 18:39:50 5,504 ------w C:\WINDOWS\ServicePackFiles\i386\mstee.sys
+ 2008-03-25 04:50:55 264,992 ------w C:\WINDOWS\ServicePackFiles\i386\mstext40.dll
+ 2008-04-14 00:12:00 532,480 ------w C:\WINDOWS\ServicePackFiles\i386\mstime.dll
+ 2008-04-14 00:12:29 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\mstinit.exe
+ 2008-04-14 00:12:00 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\mstlsapi.dll
+ 2008-04-14 00:12:00 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\msutb.dll
+ 2008-04-14 00:12:00 132,608 ------w C:\WINDOWS\ServicePackFiles\i386\msv1_0.dll
+ 2008-04-14 00:12:00 1,384,479 ------w C:\WINDOWS\ServicePackFiles\i386\msvbvm60.dll
+ 2008-04-14 00:12:01 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msvcirt.dll
+ 2008-04-14 00:12:01 413,696 ------w C:\WINDOWS\ServicePackFiles\i386\msvcp60.dll
+ 2008-04-14 00:12:01 343,040 ------w C:\WINDOWS\ServicePackFiles\i386\msvcrt.dll
+ 2008-04-13 18:30:46 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\msvcrt40.dll
+ 2008-04-14 00:12:01 121,344 ------w C:\WINDOWS\ServicePackFiles\i386\msvfw32.dll
+ 2008-04-14 00:12:01 1,428,992 ------w C:\WINDOWS\ServicePackFiles\i386\msvidctl.dll
+ 2008-04-14 00:12:01 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\msw3prt.dll
+ 2008-03-25 04:50:57 838,432 ------w C:\WINDOWS\ServicePackFiles\i386\mswdat10.dll
+ 2008-04-14 00:12:01 203,776 ------w C:\WINDOWS\ServicePackFiles\i386\mswebdvd.dll
+ 2008-04-14 00:12:01 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
+ 2008-03-25 04:50:58 621,344 ------w C:\WINDOWS\ServicePackFiles\i386\mswstr10.dll
+ 2008-04-14 00:12:01 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msxactps.dll
+ 2008-03-25 04:50:58 355,104 ------w C:\WINDOWS\ServicePackFiles\i386\msxbde40.dll
+ 2008-04-14 00:12:01 506,368 ------w C:\WINDOWS\ServicePackFiles\i386\msxml.dll
+ 2008-04-14 00:12:01 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\msxml2.dll
+ 2008-04-14 00:12:01 1,104,896 ------w C:\WINDOWS\ServicePackFiles\i386\msxml3.dll
+ 2008-04-14 00:12:01 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\msyuv.dll
+ 2004-08-04 05:41:40 126,686 ------w C:\WINDOWS\ServicePackFiles\i386\mtlmnt5.sys
+ 2004-08-04 05:41:38 1,309,184 ------w C:\WINDOWS\ServicePackFiles\i386\mtlstrm.sys
+ 2008-04-14 00:12:29 119,808 ------w C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe
+ 2008-04-14 00:12:01 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\mtxclu.dll
+ 2008-04-14 00:12:01 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\mtxdm.dll
+ 2008-04-14 00:12:01 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\mtxex.dll
+ 2008-04-14 00:12:01 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\mtxlegih.dll
+ 2008-04-14 00:12:01 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w C:\WINDOWS\ServicePackFiles\i386\mtxparhd.dll
+ 2004-08-04 05:29:38 452,736 ------w C:\WINDOWS\ServicePackFiles\i386\mtxparhm.sys
+ 2008-04-14 00:12:29 90,624 ------w C:\WINDOWS\ServicePackFiles\i386\muisetup.exe
+ 2008-04-13 19:17:05 105,344 ------w C:\WINDOWS\ServicePackFiles\i386\mup.sys
+ 2008-04-13 18:43:55 12,672 ------w C:\WINDOWS\ServicePackFiles\i386\mutohpen.sys
+ 2008-04-14 00:12:01 90,624 ------w C:\WINDOWS\ServicePackFiles\i386\mydocs.dll
+ 2008-04-13 18:46:25 85,248 ------w C:\WINDOWS\ServicePackFiles\i386\nabtsfec.sys
+ 2008-04-14 00:12:01 221,184 ------w C:\WINDOWS\ServicePackFiles\i386\nac.dll
+ 2008-04-14 00:12:01 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w C:\WINDOWS\ServicePackFiles\i386\napstat.exe
+ 2008-04-14 00:12:29 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\narrator.exe
+ 2008-04-14 00:12:01 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\ncobjapi.dll
+ 2008-04-14 00:12:01 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\ncprov.dll
+ 2008-04-14 00:12:01 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\ncpsres.dll
+ 2008-04-14 00:12:01 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\nddeapi.dll
+ 2008-04-14 00:12:29 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\nddeapir.exe
+ 2008-04-14 00:12:01 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\nddenb32.dll
+ 2008-04-13 19:20:37 182,656 ------w C:\WINDOWS\ServicePackFiles\i386\ndis.sys
+ 2008-04-13 18:46:22 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\ndisip.sys
+ 2008-04-14 00:12:01 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\ndisnpp.dll
+ 2008-04-13 18:57:27 10,112 ------w C:\WINDOWS\ServicePackFiles\i386\ndistapi.sys
+ 2008-04-13 18:55:58 14,592 ------w C:\WINDOWS\ServicePackFiles\i386\ndisuio.sys
+ 2008-04-13 19:20:42 91,520 ------w C:\WINDOWS\ServicePackFiles\i386\ndiswan.sys
+ 2008-04-13 18:57:29 40,576 ------w C:\WINDOWS\ServicePackFiles\i386\ndproxy.sys
+ 2008-04-14 00:12:29 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\net.exe
+ 2008-04-14 00:12:29 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\net1.exe
+ 2008-04-14 00:12:01 337,408 ------w C:\WINDOWS\ServicePackFiles\i386\netapi32.dll
+ 2008-04-13 18:56:02 34,688 ------w C:\WINDOWS\ServicePackFiles\i386\netbios.sys
+ 2008-04-13 19:21:00 162,816 ------w C:\WINDOWS\ServicePackFiles\i386\netbt.sys
+ 2008-04-14 00:12:01 622,592 ------w C:\WINDOWS\ServicePackFiles\i386\netcfgx.dll
+ 2008-04-14 00:12:29 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\netdde.exe
+ 2006-03-16 04:00:00 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\netfxocm.dll
+ 2007-12-17 11:59:53 82,976 ------w C:\WINDOWS\ServicePackFiles\i386\netfxupdate.exe
+ 2008-04-14 00:12:01 139,264 ------w C:\WINDOWS\ServicePackFiles\i386\netid.dll
+ 2008-04-14 00:12:01 407,040 ------w C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
+ 2008-04-14 00:12:01 198,144 ------w C:\WINDOWS\ServicePackFiles\i386\netman.dll
+ 2008-04-14 00:12:01 77,312 ------w C:\WINDOWS\ServicePackFiles\i386\netoc.dll
+ 2008-04-14 00:12:01 875,008 ------w C:\WINDOWS\ServicePackFiles\i386\netplwiz.dll
+ 2008-04-14 00:12:01 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\netrap.dll
+ 2008-04-14 00:16:51 329,728 ------w C:\WINDOWS\ServicePackFiles\i386\netsetup.exe
+ 2008-04-14 00:12:29 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\netsh.exe
+ 2008-04-14 00:12:02 1,703,936 ------w C:\WINDOWS\ServicePackFiles\i386\netshell.dll
+ 2008-04-14 00:12:29 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\netstat.exe
+ 2008-04-14 00:12:02 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\netui0.dll
+ 2008-04-14 00:12:02 245,760 ------w C:\WINDOWS\ServicePackFiles\i386\netui1.dll
+ 2004-08-04 05:31:42 132,695 ------w C:\WINDOWS\ServicePackFiles\i386\netwlan5.sys
+ 2008-04-14 00:12:02 247,808 ------w C:\WINDOWS\ServicePackFiles\i386\newdev.dll
+ 2004-08-04 13:12:20 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\ngen.exe
+ 2008-04-13 18:51:25 61,824 ------w C:\WINDOWS\ServicePackFiles\i386\nic1394.sys
+ 2008-04-14 00:12:02 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\nlhtml.dll
+ 2008-04-14 00:12:02 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\nmas.dll
+ 2008-04-14 00:12:02 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nmasnt.dll
+ 2008-04-14 00:12:02 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\nmchat.dll
+ 2008-04-14 00:12:02 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\nmcom.dll
+ 2008-04-14 00:12:02 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\nmft.dll
+ 2008-04-14 00:12:02 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nmmkcert.dll
+ 2008-04-13 18:53:09 40,320 ------w C:\WINDOWS\ServicePackFiles\i386\nmnt.sys
+ 2008-04-14 00:12:02 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\nmoldwb.dll
+ 2008-04-14 00:12:02 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\nmwb.dll
+ 2008-04-14 00:12:29 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\notepad.exe
+ 2008-04-13 18:32:39 30,848 ------w C:\WINDOWS\ServicePackFiles\i386\npfs.sys
+ 2008-04-14 00:12:29 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\nppagent.exe
+ 2008-04-14 00:12:02 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\npptools.dll
+ 2008-04-13 18:54:36 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nscirda.sys
+ 2008-04-14 00:12:02 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\nsepm.dll
+ 2008-04-14 00:12:29 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\nslookup.exe
+ 2008-04-14 00:12:30 1,200,640 ------w C:\WINDOWS\ServicePackFiles\i386\ntbackup.exe
+ 2006-03-16 04:00:00 47,564 ------w C:\WINDOWS\ServicePackFiles\i386\ntdetect.com
+ 2008-04-14 00:11:24 706,048 ------w C:\WINDOWS\ServicePackFiles\i386\ntdll.dll
+ 2008-04-14 00:12:02 67,072 ------w C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll
+ 2008-04-14 00:12:02 212,992 ------w C:\WINDOWS\ServicePackFiles\i386\ntevt.dll
+ 2008-04-13 19:15:53 574,976 ------w C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
+ 2006-03-16 04:00:00 33,840 ------w C:\WINDOWS\ServicePackFiles\i386\ntio.sys
+ 2006-03-16 04:00:00 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\ntio404.sys
+ 2006-03-16 04:00:00 35,648 ------w C:\WINDOWS\ServicePackFiles\i386\ntio411.sys
+ 2006-03-16 04:00:00 35,424 ------w C:\WINDOWS\ServicePackFiles\i386\ntio412.sys
+ 2006-03-16 04:00:00 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\ntio804.sys
+ 2008-04-13 19:24:37 2,145,280 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrnlmp.exe
+ 2008-04-13 18:31:21 2,065,792 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrpamp.exe
+ 2008-04-14 00:12:02 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\ntlanman.dll
+ 2008-04-14 00:12:02 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\ntlsapi.dll
+ 2008-04-14 00:12:02 118,784 ------w C:\WINDOWS\ServicePackFiles\i386\ntmarta.dll
+ 2008-04-14 00:12:02 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsapi.dll
+ 2008-04-14 00:12:02 179,200 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsdba.dll
+ 2008-04-14 00:12:02 488,448 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsmgr.dll
+ 2008-04-14 00:12:02 435,200 ------w C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll
+ 2004-08-04 05:41:40 180,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntmtlfax.sys
+ 2008-04-14 00:12:02 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\ntoc.dll
+ 2008-04-13 19:27:53 2,188,928 ------w C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
+ 2008-04-14 00:12:02 91,136 ------w C:\WINDOWS\ServicePackFiles\i386\ntprint.dll
+ 2008-04-14 00:12:02 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntshrui.dll
+ 2008-04-14 00:12:30 420,864 ------w C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe
+ 2008-04-14 00:12:02 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntvdmd.dll
+ 2008-04-14 00:12:02 4,274,816 ------w C:\WINDOWS\ServicePackFiles\i386\nv4_disp.dll
+ 2004-08-04 05:29:56 1,897,408 ------w C:\WINDOWS\ServicePackFiles\i386\nv4_mini.sys
+ 2008-04-14 00:12:02 64,000 ------w C:\WINDOWS\ServicePackFiles\i386\nwapi32.dll
+ 2008-04-13 18:56:06 88,320 ------w C:\WINDOWS\ServicePackFiles\i386\nwlnkipx.sys
+ 2008-04-14 00:12:02 142,336 ------w C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
+ 2008-04-13 18:34:12 163,584 ------w C:\WINDOWS\ServicePackFiles\i386\nwrdr.sys
+ 2008-04-14 00:12:02 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\nwwks.dll
+ 2008-04-14 00:12:02 270,336 ------w C:\WINDOWS\ServicePackFiles\i386\oakley.dll
+ 2008-04-14 00:10:30 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\obelog.dll
+ 2008-04-14 00:10:30 966,656 ------w C:\WINDOWS\ServicePackFiles\i386\obemetal.dll
+ 2007-04-02 18:44:11 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\obemtllc.dll
+ 2008-04-14 00:10:30 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\obepopc.dll
+ 2008-04-14 00:12:02 286,208 ------w C:\WINDOWS\ServicePackFiles\i386\objsel.dll
+ 2008-04-13 18:40:07 393,728 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0401.dll
+ 2008-04-13 18:40:23 212,480 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0404.dll
+ 2008-04-13 18:40:24 428,032 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0405.dll
+ 2008-04-13 18:40:27 418,816 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0406.dll
+ 2008-04-13 18:40:34 403,456 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0407.dll
+ 2008-04-13 18:40:30 419,328 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0408.dll
+ 2008-04-13 18:40:32 405,504 ------w C:\WINDOWS\ServicePackFiles\i386\obrb040b.dll
+ 2008-04-13 18:40:33 410,624 ------w C:\WINDOWS\ServicePackFiles\i386\obrb040c.dll
+ 2008-04-13 18:40:32 384,000 ------w C:\WINDOWS\ServicePackFiles\i386\obrb040d.dll
+ 2008-04-13 18:40:39 434,176 ------w C:\WINDOWS\ServicePackFiles\i386\obrb040e.dll
+ 2008-04-13 18:40:39 413,696 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0410.dll
+ 2008-04-13 18:40:44 275,456 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0411.dll
+ 2008-04-13 18:40:48 306,688 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0412.dll
+ 2008-04-13 18:40:44 401,920 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0413.dll
+ 2008-04-13 18:40:44 353,792 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0414.dll
+ 2008-04-13 18:40:47 391,680 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0415.dll
+ 2008-04-13 18:40:10 409,600 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0416.dll
+ 2008-04-13 18:40:50 427,008 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0419.dll
+ 2008-04-13 18:40:52 405,504 ------w C:\WINDOWS\ServicePackFiles\i386\obrb041b.dll
+ 2008-04-13 18:40:56 363,008 ------w C:\WINDOWS\ServicePackFiles\i386\obrb041d.dll
+ 2008-04-13 18:41:00 390,144 ------w C:\WINDOWS\ServicePackFiles\i386\obrb041f.dll
+ 2008-04-13 18:40:56 408,576 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0424.dll
+ 2008-04-13 18:40:24 270,336 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0804.dll
+ 2008-04-13 18:40:48 435,200 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0816.dll
+ 2008-04-13 18:40:30 446,464 ------w C:\WINDOWS\ServicePackFiles\i386\obrb0c0a.dll
+ 2008-04-14 00:12:02 96,256 ------w C:\WINDOWS\ServicePackFiles\i386\occache.dll
+ 2008-04-14 00:12:02 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ocgen.dll
+ 2008-04-14 00:12:02 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\ocmanage.dll
+ 2008-04-14 00:12:02 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\ocmsn.dll
+ 2006-03-16 04:00:00 26,224 ------w C:\WINDOWS\ServicePackFiles\i386\odbc16gt.dll
+ 2008-04-14 00:12:02 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\odbc32.dll
+ 2008-04-14 00:12:02 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\odbc32gt.dll
+ 2008-04-14 00:12:30 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe
+ 2008-04-14 00:12:02 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\odbcbcp.dll
+ 2008-04-14 00:12:02 135,168 ------w C:\WINDOWS\ServicePackFiles\i386\odbcconf.dll
+ 2008-04-14 00:12:30 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe
+ 2008-04-14 00:12:02 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\odbccp32.dll
+ 2008-04-14 00:12:02 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\odbccu32.dll
+ 2008-04-13 17:26:05 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\odbcint.dll
+ 2008-04-14 00:10:31 53,279 ------w C:\WINDOWS\ServicePackFiles\i386\odbcji32.dll
+ 2008-04-14 00:12:02 278,559 ------w C:\WINDOWS\ServicePackFiles\i386\odbcjt32.dll
+ 2008-04-13 17:26:05 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\odbcp32r.dll
+ 2008-04-14 00:12:02 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\odbctrac.dll
+ 2008-04-14 00:12:02 20,511 ------w C:\WINDOWS\ServicePackFiles\i386\oddbse32.dll
+ 2008-04-14 00:12:02 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odpdx32.dll
+ 2008-04-14 00:12:02 20,511 ------w C:\WINDOWS\ServicePackFiles\i386\odtext32.dll
+ 2008-04-14 00:12:02 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\oeimport.dll
+ 2008-04-14 00:12:30 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\oemig50.exe
+ 2008-04-14 00:12:02 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\oemiglib.dll
+ 2008-04-14 00:12:02 192,000 ------w C:\WINDOWS\ServicePackFiles\i386\offfilt.dll
+ 2008-04-13 18:46:18 61,696 ------w C:\WINDOWS\ServicePackFiles\i386\ohci1394.sys
+ 2008-04-14 00:12:02 1,287,168 ------w C:\WINDOWS\ServicePackFiles\i386\ole32.dll
+ 2008-04-14 00:12:02 551,936 ------w C:\WINDOWS\ServicePackFiles\i386\oleaut32.dll
+ 2008-04-14 00:12:02 74,752 ------w C:\WINDOWS\ServicePackFiles\i386\olecli32.dll
+ 2008-04-14 00:12:02 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\olecnv32.dll
+ 2008-04-14 00:12:02 487,424 ------w C:\WINDOWS\ServicePackFiles\i386\oledb32.dll
+ 2008-04-14 00:12:02 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\oledb32r.dll
+ 2008-04-14 00:12:02 122,880 ------w C:\WINDOWS\ServicePackFiles\i386\oledlg.dll
+ 2008-04-14 00:12:02 107,008 ------w C:\WINDOWS\ServicePackFiles\i386\oleprn.dll
+ 2008-04-14 00:12:02 84,992 ------w C:\WINDOWS\ServicePackFiles\i386\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\onex.dll
+ 2008-04-14 00:12:31 51,200 ------w C:\WINDOWS\ServicePackFiles\i386\oobebaln.exe
+ 2008-04-14 00:12:02 713,728 ------w C:\WINDOWS\ServicePackFiles\i386\opengl32.dll
+ 2008-04-14 00:12:31 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\opnfiles.exe
+ 2008-04-13 18:32:32 166,912 ------w C:\WINDOWS\ServicePackFiles\i386\oschoice.exe
+ 2008-04-14 00:12:31 215,552 ------w C:\WINDOWS\ServicePackFiles\i386\osk.exe
+ 2008-04-13 18:31:43 230,400 ------w C:\WINDOWS\ServicePackFiles\i386\osloader.exe
+ 2008-04-14 00:12:02 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\osuninst.dll
+ 2008-04-14 00:12:02 153,600 ------w C:\WINDOWS\ServicePackFiles\i386\p2p.dll
+ 2008-04-14 00:12:02 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\p2pgasvc.dll
+ 2008-04-14 00:12:02 313,856 ------w C:\WINDOWS\ServicePackFiles\i386\p2pgraph.dll
+ 2008-04-14 00:12:02 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\p2pnetsh.dll
+ 2008-04-14 00:12:02 554,496 ------w C:\WINDOWS\ServicePackFiles\i386\p2psvc.dll
+ 2008-04-13 18:31:31 42,752 ------w C:\WINDOWS\ServicePackFiles\i386\p3.sys
+ 2008-04-14 00:12:31 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\packager.exe
+ 2008-04-13 18:40:10 80,128 ------w C:\WINDOWS\ServicePackFiles\i386\parport.sys
+ 2008-04-13 18:40:49 19,712 ------w C:\WINDOWS\ServicePackFiles\i386\partmgr.sys
+ 2008-04-14 00:12:02 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\pautoenr.dll
+ 2004-08-04 05:31:24 29,502 ------w C:\WINDOWS\ServicePackFiles\i386\pca200e.sys
+ 2008-04-14 00:12:02 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\pchshell.dll
+ 2008-04-14 00:12:02 38,400 ------w C:\WINDOWS\ServicePackFiles\i386\pchsvc.dll
+ 2008-04-13 18:36:44 68,224 ------w C:\WINDOWS\ServicePackFiles\i386\pci.sys
+ 2008-04-13 18:40:29 24,960 ------w C:\WINDOWS\ServicePackFiles\i386\pciidex.sys
+ 2007-05-15 08:08:11 288,768 ------w C:\WINDOWS\ServicePackFiles\i386\pcl4res.dll
+ 2007-05-15 08:08:13 1,058,816 ------w C:\WINDOWS\ServicePackFiles\i386\pcl5eres.dll
+ 2007-05-15 08:08:14 1,057,280 ------w C:\WINDOWS\ServicePackFiles\i386\pcl5ures.dll
+ 2007-05-15 08:08:14 207,872 ------w C:\WINDOWS\ServicePackFiles\i386\pclxl.dll
+ 2008-04-13 18:36:43 120,192 ------w C:\WINDOWS\ServicePackFiles\i386\pcmcia.sys
+ 2004-08-04 05:06:18 169,984 ------w C:\WINDOWS\ServicePackFiles\i386\pcx500.sys
+ 2008-04-14 00:12:02 284,160 ------w C:\WINDOWS\ServicePackFiles\i386\pdh.dll
+ 2004-08-04 13:12:20 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\perfcounter.dll
+ 2008-04-14 00:12:02 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\perfctrs.dll
+ 2008-04-14 00:12:02 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\perfdisk.dll
+ 2008-04-14 00:12:31 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\perfmon.exe
+ 2008-04-14 00:12:02 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\perfnet.dll
+ 2008-04-14 00:12:02 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\perfos.dll
+ 2008-04-14 00:12:02 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\perfproc.dll
+ 2008-04-13 18:44:29 27,904 ------w C:\WINDOWS\ServicePackFiles\i386\perm2.sys
+ 2008-04-14 00:10:34 211,584 ------w C:\WINDOWS\ServicePackFiles\i386\perm2dll.dll
+ 2008-04-13 18:44:30 28,032 ------w C:\WINDOWS\ServicePackFiles\i386\perm3.sys
+ 2008-04-14 00:10:34 259,328 ------w C:\WINDOWS\ServicePackFiles\i386\perm3dd.dll
+ 2008-04-14 00:12:02 176,128 ------w C:\WINDOWS\ServicePackFiles\i386\photowiz.dll
+ 2008-04-14 00:12:02 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\pid.dll
+ 2008-04-14 00:11:09 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\pidgen.dll
+ 2008-04-14 00:12:31 281,088 ------w C:\WINDOWS\ServicePackFiles\i386\pinball.exe
+ 2008-04-14 00:12:31 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\ping.exe
+ 2008-04-14 00:12:02 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\pjlmon.dll
+ 2008-04-14 00:12:02 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\plotter.dll
+ 2008-04-14 00:12:02 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\plotui.dll
+ 2008-04-14 00:12:02 412,160 ------w C:\WINDOWS\ServicePackFiles\i386\pmh.dll
+ 2008-04-14 00:12:02 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\pngfilt.dll
+ 2008-04-14 00:12:02 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
+ 2008-04-14 00:12:02 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\policman.dll
+ 2008-04-14 00:12:02 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\polstore.dll
+ 2008-04-13 19:19:41 146,048 ------w C:\WINDOWS\ServicePackFiles\i386\portcls.sys
+ 2008-04-14 00:12:31 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\powercfg.exe
+ 2008-04-13 18:40:56 8,832 ------w C:\WINDOWS\ServicePackFiles\i386\powerfil.sys
+ 2008-04-14 00:12:03 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\powrprof.dll
+ 2008-04-13 18:41:00 17,664 ------w C:\WINDOWS\ServicePackFiles\i386\ppa3.sys
+ 2008-04-14 00:12:03 560,640 ------w C:\WINDOWS\ServicePackFiles\i386\printui.dll
+ 2008-04-13 18:31:30 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\processr.sys
+ 2008-04-14 00:12:03 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\profmap.dll
+ 2008-04-14 00:12:31 109,568 ------w C:\WINDOWS\ServicePackFiles\i386\progman.exe
+ 2008-04-14 00:12:32 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\proquota.exe
+ 2008-04-14 00:12:03 237,056 ------w C:\WINDOWS\ServicePackFiles\i386\provthrd.dll
+ 2008-04-14 00:12:32 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe
+ 2008-04-14 00:12:03 728,576 ------w C:\WINDOWS\ServicePackFiles\i386\ps5ui.dll
+ 2008-04-14 00:12:03 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\psapi.dll
+ 2008-04-14 00:12:03 96,768 ------w C:\WINDOWS\ServicePackFiles\i386\psbase.dll
+ 2008-04-13 18:56:38 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\psched.sys
+ 2008-04-14 00:12:03 543,232 ------w C:\WINDOWS\ServicePackFiles\i386\pscript5.dll
+ 2008-04-14 00:12:03 363,520 ------w C:\WINDOWS\ServicePackFiles\i386\psisdecd.dll
+ 2008-04-14 00:12:03 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\pstorec.dll
+ 2008-04-14 00:12:03 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\pstorsvc.dll
+ 2008-04-14 00:12:03 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\ptpusd.dll
+ 2008-04-14 00:12:03 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\pwsdata.dll
+ 2008-04-14 00:12:03 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w C:\WINDOWS\ServicePackFiles\i386\qagentrt.dll
+ 2008-04-14 00:12:03 237,568 ------w C:\WINDOWS\ServicePackFiles\i386\qasf.dll
+ 2008-04-14 00:12:03 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\qcliprov.dll
+ 2008-04-14 00:12:03 279,040 ------w C:\WINDOWS\ServicePackFiles\i386\qdv.dll
+ 2008-04-14 00:12:03 386,048 ------w C:\WINDOWS\ServicePackFiles\i386\qdvd.dll
+ 2008-04-14 00:12:03 562,176 ------w C:\WINDOWS\ServicePackFiles\i386\qedit.dll
+ 2008-04-13 17:21:32 733,696 ------w C:\WINDOWS\ServicePackFiles\i386\qedwipes.dll
+ 2008-04-13 18:40:52 6,016 ------w C:\WINDOWS\ServicePackFiles\i386\qic157.sys
+ 2008-04-14 00:12:03 409,088 ------w C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
+ 2008-04-14 00:12:03 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\qmgrprxy.dll
+ 2008-04-14 00:12:32 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\qprocess.exe
+ 2008-04-14 00:12:03 1,288,192 ------w C:\WINDOWS\ServicePackFiles\i386\quartz.dll
+ 2008-04-14 00:12:03 1,435,648 ------w C:\WINDOWS\ServicePackFiles\i386\query.dll
+ 2008-04-14 00:12:03 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\qutil.dll
+ 2008-04-14 00:12:03 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\racpldlg.dll
+ 2008-04-13 18:41:23 20,736 ------w C:\WINDOWS\ServicePackFiles\i386\ramdisk.sys
+ 2008-04-14 00:12:03 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\rasadhlp.dll
+ 2008-04-14 00:12:03 237,056 ------w C:\WINDOWS\ServicePackFiles\i386\rasapi32.dll
+ 2008-04-14 00:12:03 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\rasauto.dll
+ 2008-04-14 00:12:03 79,872 ------w C:\WINDOWS\ServicePackFiles\i386\raschap.dll
+ 2008-04-14 00:12:03 658,432 ------w C:\WINDOWS\ServicePackFiles\i386\rasdlg.dll
+ 2008-04-13 19:19:43 51,328 ------w C:\WINDOWS\ServicePackFiles\i386\rasl2tp.sys
+ 2008-04-14 00:12:03 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\rasman.dll
+ 2008-04-14 00:12:03 186,368 ------w C:\WINDOWS\ServicePackFiles\i386\rasmans.dll
+ 2008-04-14 00:12:32 56,832 ------w C:\WINDOWS\ServicePackFiles\i386\rasphone.exe
+ 2008-04-14 00:12:03 210,944 ------w C:\WINDOWS\ServicePackFiles\i386\rasppp.dll
+ 2008-04-13 18:57:32 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\raspppoe.sys
+ 2008-04-13 19:19:48 48,384 ------w C:\WINDOWS\ServicePackFiles\i386\raspptp.sys
+ 2008-04-14 00:12:03 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\rasqec.dll
+ 2008-04-14 00:12:03 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\rassapi.dll
+ 2008-04-14 00:12:03 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\rastapi.dll
+ 2008-04-14 00:12:03 150,016 ------w C:\WINDOWS\ServicePackFiles\i386\rastls.dll
+ 2008-04-14 00:12:03 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\rcbdyctl.dll
+ 2008-04-14 00:12:32 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe
+ 2008-04-14 00:12:32 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\rcp.exe
+ 2008-04-13 19:28:39 175,744 ------w C:\WINDOWS\ServicePackFiles\i386\rdbss.sys
+ 2008-04-14 00:12:03 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\rdchost.dll
+ 2008-04-14 00:12:32 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe
+ 2008-04-14 00:13:22 92,424 ------w C:\WINDOWS\ServicePackFiles\i386\rdpdd.dll
+ 2008-04-13 18:32:51 196,224 ------w C:\WINDOWS\ServicePackFiles\i386\rdpdr.sys
+ 2008-04-14 00:12:04 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\rdpsnd.dll
+ 2008-04-14 00:13:22 139,656 ------w C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys
+ 2008-04-14 00:13:22 87,176 ------w C:\WINDOWS\ServicePackFiles\i386\rdpwsx.dll
+ 2008-04-14 00:12:32 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\rdsaddin.exe
+ 2008-04-14 00:12:32 67,072 ------w C:\WINDOWS\ServicePackFiles\i386\rdshost.exe
+ 2004-08-04 05:41:40 13,776 ------w C:\WINDOWS\ServicePackFiles\i386\recagent.sys
+ 2008-04-13 18:40:27 57,600 ------w C:\WINDOWS\ServicePackFiles\i386\redbook.sys
+ 2006-03-16 04:00:00 3,338 ------w C:\WINDOWS\ServicePackFiles\i386\redir.exe
+ 2008-04-14 00:12:32 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\reg.exe
+ 2008-04-14 00:12:04 49,664 ------w C:\WINDOWS\ServicePackFiles\i386\regapi.dll
+ 2004-07-20 09:54:16 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\regasm.exe
+ 2004-07-20 09:54:16 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\regcode.dll
+ 2008-04-14 00:12:32 146,432 ------w C:\WINDOWS\ServicePackFiles\i386\regedit.exe
+ 2008-04-14 00:12:04 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\regsvc.dll
+ 2004-07-20 09:54:16 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\regsvcs.exe
+ 2008-04-14 00:12:32 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\regsvr32.exe
+ 2008-04-14 00:12:04 397,824 ------w C:\WINDOWS\ServicePackFiles\i386\regwizc.dll
+ 2008-04-14 00:12:04 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\remotepg.dll
+ 2008-04-14 00:12:04 178,176 ------w C:\WINDOWS\ServicePackFiles\i386\repdrvfs.dll
+ 2008-04-14 00:12:04 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\resutils.dll
+ 2008-04-14 00:12:33 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\rexec.exe
+ 2008-04-13 18:46:32 59,136 ------w C:\WINDOWS\ServicePackFiles\i386\rfcomm.sys
+ 2008-04-14 00:12:04 290,304 ------w C:\WINDOWS\ServicePackFiles\i386\rhttpaa.dll
+ 2008-04-14 00:12:04 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\riafres.dll
+ 2008-04-14 00:12:04 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\riafui1.dll
+ 2008-04-14 00:12:04 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\riafui2.dll
+ 2008-04-14 00:12:04 433,664 ------w C:\WINDOWS\ServicePackFiles\i386\riched20.dll
+ 2008-04-13 18:55:08 202,624 ------w C:\WINDOWS\ServicePackFiles\i386\rmcast.sys
+ 2008-04-13 18:56:49 30,592 ------w C:\WINDOWS\ServicePackFiles\i386\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ------w C:\WINDOWS\ServicePackFiles\i386\rndismpx.sys
+ 2008-04-13 18:40:14 79,104 ------w C:\WINDOWS\ServicePackFiles\i386\rocket.sys
+ 2008-04-14 00:12:04 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\rpcref.dll
+ 2008-04-14 00:12:04 584,704 ------w C:\WINDOWS\ServicePackFiles\i386\rpcrt4.dll
+ 2008-04-14 00:12:04 399,360 ------w C:\WINDOWS\ServicePackFiles\i386\rpcss.dll
+ 2008-04-14 00:12:04 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\rrcm.dll
+ 2008-04-13 17:37:57 208,384 ------w C:\WINDOWS\ServicePackFiles\i386\rsaenh.dll
+ 2008-04-14 00:12:33 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\rsh.exe
+ 2008-04-14 00:12:04 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\rshx32.dll
+ 2008-04-14 00:12:04 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\rsmps.dll
+ 2008-04-14 00:12:33 107,520 ------w C:\WINDOWS\ServicePackFiles\i386\rsnotify.exe
+ 2008-04-14 00:12:33 380,416 ------w C:\WINDOWS\ServicePackFiles\i386\rstrui.exe
+ 2008-04-14 00:12:04 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\rsvpsp.dll
+ 2008-04-14 00:12:33 77,312 ------w C:\WINDOWS\ServicePackFiles\i386\rtcshare.exe
+ 2008-04-14 00:12:04 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\rtipxmib.dll
+ 2004-08-04 06:31:34 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\rtl8139.sys
+ 2008-04-14 00:12:04 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\rtutils.dll
+ 2008-04-14 00:12:33 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\rundll32.exe
+ 2008-04-14 00:12:33 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\runonce.exe
+ 2008-04-14 00:12:04 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\rw001ext.dll
+ 2008-04-14 00:12:04 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\rw330ext.dll
+ 2008-04-14 00:12:04 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\rw430ext.dll
+ 2008-04-14 00:12:04 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\rw450ext.dll
+ 2008-04-14 00:12:04 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\rwnh.dll
+ 2008-04-14 00:12:04 397,056 ------w C:\WINDOWS\ServicePackFiles\i386\s3gnb.dll
+ 2004-08-04 05:29:52 166,912 ------w C:\WINDOWS\ServicePackFiles\i386\s3gnbm.sys
+ 2008-04-14 00:12:04 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\safrcdlg.dll
+ 2008-04-14 00:12:04 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\safrdm.dll
+ 2008-04-14 00:12:04 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\safrslv.dll
+ 2008-04-14 00:12:04 64,000 ------w C:\WINDOWS\ServicePackFiles\i386\samlib.dll
+ 2008-04-14 00:12:04 415,744 ------w C:\WINDOWS\ServicePackFiles\i386\samsrv.dll
+ 2008-04-14 00:12:04 741,376 ------w C:\WINDOWS\ServicePackFiles\i386\sapi.dll
+ 2008-04-14 00:12:33 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\savedump.exe
+ 2008-04-14 00:12:04 270,848 ------w C:\WINDOWS\ServicePackFiles\i386\sbe.dll
+ 2008-04-14 00:12:04 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\sbeio.dll
+ 2008-04-13 18:40:48 43,904 ------w C:\WINDOWS\ServicePackFiles\i386\sbp2port.sys
+ 2008-04-14 00:12:04 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\scarddlg.dll
+ 2008-04-14 00:12:33 95,744 ------w C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe
+ 2006-03-16 04:00:00 169,984 ------w C:\WINDOWS\ServicePackFiles\i386\sccbase.dll
+ 2008-04-14 00:12:05 171,008 ------w C:\WINDOWS\ServicePackFiles\i386\sccsccp.dll
+ 2008-04-14 00:12:05 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\scecli.dll
+ 2008-04-14 00:12:05 314,880 ------w C:\WINDOWS\ServicePackFiles\i386\scesrv.dll
+ 2008-04-14 00:12:05 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\schannel.dll
+ 2008-04-14 00:12:05 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\schedsvc.dll
+ 2008-04-14 00:12:05 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\sclgntfy.dll
+ 2008-04-14 00:12:34 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\scrcons.exe
+ 2008-04-14 00:12:05 215,552 ------w C:\WINDOWS\ServicePackFiles\i386\script.dll
+ 2008-04-14 00:12:05 199,680 ------w C:\WINDOWS\ServicePackFiles\i386\scripta.dll
+ 2008-04-14 00:12:43 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr
+ 2008-04-14 00:12:05 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\scrobj.dll
+ 2008-04-14 00:12:05 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\scrrun.dll
+ 2008-04-13 18:40:30 96,384 ------w C:\WINDOWS\ServicePackFiles\i386\scsiport.sys
+ 2008-04-13 18:45:33 11,520 ------w C:\WINDOWS\ServicePackFiles\i386\scsiscan.sys
+ 2008-04-14 00:12:34 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\sctasks.exe
+ 2008-04-14 00:12:34 77,312 ------w C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe
+ 2008-04-13 18:36:44 79,232 ------w C:\WINDOWS\ServicePackFiles\i386\sdbus.sys
+ 2008-04-14 00:12:05 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\sdhcinst.dll
+ 2007-11-13 10:25:53 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\secdrv.sys
+ 2008-04-14 00:12:34 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\secedit.exe
+ 2008-04-14 00:12:05 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\seclogon.dll
+ 2006-12-31 14:57:08 4,569 ------w C:\WINDOWS\ServicePackFiles\i386\secupd.dat
+ 2008-04-14 00:12:05 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\secur32.dll
+ 2008-04-14 00:12:05 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\security.dll
+ 2008-04-14 00:12:05 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\sendcmsg.dll
+ 2008-04-14 00:12:05 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\sendmail.dll
+ 2008-04-14 00:12:05 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\sens.dll
+ 2008-04-14 00:12:05 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\sensapi.dll
+ 2008-04-14 00:12:05 221,696 ------w C:\WINDOWS\ServicePackFiles\i386\seo.dll
+ 2008-04-13 18:40:12 15,744 ------w C:\WINDOWS\ServicePackFiles\i386\serenum.sys
+ 2008-04-13 19:15:45 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\serial.sys
+ 2008-04-14 00:12:05 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\servdeps.dll
+ 2008-04-14 00:12:34 108,544 ------w C:\WINDOWS\ServicePackFiles\i386\services.exe
+ 2008-04-14 00:12:34 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe
+ 2008-04-14 00:12:34 31,232 ------w C:\WINDOWS\ServicePackFiles\i386\sethc.exe
+ 2007-12-17 11:59:54 66,592 ------w C:\WINDOWS\ServicePackFiles\i386\setregni.exe
+ 2008-04-14 00:12:34 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\setup.exe
+ 2008-04-14 00:12:34 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\setup50.exe
+ 2008-04-14 12:42:06 985,088 ------w C:\WINDOWS\ServicePackFiles\i386\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\setupn.exe
+ 2008-04-14 00:12:05 101,376 ------w C:\WINDOWS\ServicePackFiles\i386\setupqry.dll
+ 2008-04-14 00:12:05 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\sfc.dll
+ 2008-04-14 00:12:05 140,288 ------w C:\WINDOWS\ServicePackFiles\i386\sfc_os.dll
+ 2008-04-14 00:12:05 1,614,848 ------w C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll
+ 2008-04-13 18:40:47 11,904 ------w C:\WINDOWS\ServicePackFiles\i386\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\sffp_mmc.sys
+ 2008-04-13 18:40:47 11,008 ------w C:\WINDOWS\ServicePackFiles\i386\sffp_sd.sys
+ 2008-04-13 18:40:48 11,392 ------w C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys
+ 2008-04-13 17:03:19 549,376 ------w C:\WINDOWS\ServicePackFiles\i386\shdoclc.dll
+ 2008-04-14 00:12:05 1,499,136 ------w C:\WINDOWS\ServicePackFiles\i386\shdocvw.dll
+ 2008-04-14 00:12:05 8,461,312 ------w C:\WINDOWS\ServicePackFiles\i386\shell32.dll
+ 2008-04-14 00:12:05 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\shfolder.dll
+ 2008-04-14 00:12:05 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\shgina.dll
+ 2008-04-14 00:12:05 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\shimeng.dll
+ 2008-04-14 00:12:05 438,272 ------w C:\WINDOWS\ServicePackFiles\i386\shimgvw.dll
+ 2008-04-14 00:12:05 474,112 ------w C:\WINDOWS\ServicePackFiles\i386\shlwapi.dll
+ 2008-04-14 00:12:35 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe
+ 2008-04-14 00:12:35 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe
+ 2008-04-14 00:12:05 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\shscrap.dll
+ 2008-04-14 00:12:05 135,168 ------w C:\WINDOWS\ServicePackFiles\i386\shsvcs.dll
+ 2008-04-14 00:12:05 20,536 ------w C:\WINDOWS\ServicePackFiles\i386\shtml.dll
+ 2008-04-14 00:12:35 16,437 ------w C:\WINDOWS\ServicePackFiles\i386\shtml.exe
+ 2008-04-14 00:12:35 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\shutdown.exe
+ 2008-04-14 00:12:05 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\sigtab.dll
+ 2008-04-14 00:12:35 70,144 ------w C:\WINDOWS\ServicePackFiles\i386\sigverif.exe
+ 2008-04-14 00:12:05 3,901 ------w C:\WINDOWS\ServicePackFiles\i386\siint5.dll
+ 2008-04-13 18:36:39 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\sisagp.sys
+ 2004-08-04 05:31:36 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\sisnic.sys
+ 2008-04-14 00:12:35 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\skeys.exe
+ 2004-08-04 05:31:42 63,547 ------w C:\WINDOWS\ServicePackFiles\i386\sla30nd5.sys
+ 2008-04-14 00:12:06 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\slayerxp.dll
+ 2006-03-16 04:00:00 306,176 ------w C:\WINDOWS\ServicePackFiles\i386\slbcsp.dll
+ 2008-04-14 00:12:06 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w C:\WINDOWS\ServicePackFiles\i386\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w C:\WINDOWS\ServicePackFiles\i386\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w C:\WINDOWS\ServicePackFiles\i386\slgen.dll
+ 2008-04-13 18:46:23 11,136 ------w C:\WINDOWS\ServicePackFiles\i386\slip.sys
+ 2004-08-04 05:41:42 129,535 ------w C:\WINDOWS\ServicePackFiles\i386\slnt7554.sys
+ 2004-08-04 05:41:44 404,990 ------w C:\WINDOWS\ServicePackFiles\i386\slntamr.sys
+ 2004-08-04 05:41:46 95,424 ------w C:\WINDOWS\ServicePackFiles\i386\slnthal.sys
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\ServicePackFiles\i386\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w C:\WINDOWS\ServicePackFiles\i386\slserv.exe
+ 2004-08-04 05:41:46 13,240 ------w C:\WINDOWS\ServicePackFiles\i386\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w C:\WINDOWS\ServicePackFiles\i386\smbali.sys
+ 2008-04-13 18:36:33 16,000 ------w C:\WINDOWS\ServicePackFiles\i386\smbbatt.sys
+ 2008-04-13 18:36:33 6,912 ------w C:\WINDOWS\ServicePackFiles\i386\smbclass.sys
+ 2008-04-14 00:12:35 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\smbinst.exe
+ 2008-04-14 00:12:35 236,544 ------w C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe
+ 2008-04-14 00:12:06 362,496 ------w C:\WINDOWS\ServicePackFiles\i386\smlogcfg.dll
+ 2008-04-14 00:12:35 89,600 ------w C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe
+ 2008-04-14 00:12:36 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\smss.exe
+ 2008-04-14 00:12:06 189,440 ------w C:\WINDOWS\ServicePackFiles\i386\smtpadm.dll
+ 2008-04-14 00:12:06 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\smtpapi.dll
+ 2008-04-14 00:12:06 2,134,528 ------w C:\WINDOWS\ServicePackFiles\i386\smtpsnap.dll
+ 2008-04-14 00:12:06 456,192 ------w C:\WINDOWS\ServicePackFiles\i386\smtpsvc.dll
+ 2008-04-14 00:12:36 131,584 ------w C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe
+ 2008-04-14 00:12:06 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\sniffpol.dll
+ 2008-04-14 00:12:36 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\snmp.exe
+ 2008-04-14 00:12:06 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\snmpapi.dll
+ 2008-04-14 00:12:06 259,072 ------w C:\WINDOWS\ServicePackFiles\i386\snmpcl.dll
+ 2008-04-14 00:12:06 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\snmpincl.dll
+ 2008-04-14 00:12:06 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\snmpmib.dll
+ 2008-04-14 00:12:06 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\snmpsmir.dll
+ 2008-04-14 00:12:06 182,272 ------w C:\WINDOWS\ServicePackFiles\i386\snmpsnap.dll
+ 2008-04-14 00:12:06 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\snmpthrd.dll
+ 2008-04-14 00:12:36 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe
+ 2008-04-14 00:12:06 130,048 ------w C:\WINDOWS\ServicePackFiles\i386\softkbd.dll
+ 2008-04-13 18:40:52 7,552 ------w C:\WINDOWS\ServicePackFiles\i386\sonyait.sys
+ 2008-04-13 18:46:07 25,344 ------w C:\WINDOWS\ServicePackFiles\i386\sonydcam.sys
+ 2008-04-14 00:12:36 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\sort.exe
+ 2008-04-14 00:12:36 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe
+ 2008-04-13 16:43:18 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\spgrmr.dll
+ 2008-04-14 00:12:36 538,624 ------w C:\WINDOWS\ServicePackFiles\i386\spider.exe
+ 2008-04-13 18:43:31 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\spiisupd.exe
+ 2008-04-13 18:45:07 6,272 ------w C:\WINDOWS\ServicePackFiles\i386\splitter.sys
+ 2008-04-14 12:42:38 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe
+ 2008-04-14 00:12:06 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\spoolss.dll
+ 2008-04-14 00:12:36 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
+ 2008-04-13 18:35:06 186,880 ------w C:\WINDOWS\ServicePackFiles\i386\spra0401.dll
+ 2008-04-13 18:35:08 189,440 ------w C:\WINDOWS\ServicePackFiles\i386\spra0402.dll
+ 2008-04-13 18:35:09 161,280 ------w C:\WINDOWS\ServicePackFiles\i386\spra0404.dll
+ 2008-04-13 18:35:09 188,928 ------w C:\WINDOWS\ServicePackFiles\i386\spra0405.dll
+ 2008-04-13 18:35:09 192,000 ------w C:\WINDOWS\ServicePackFiles\i386\spra0406.dll
+ 2008-04-13 18:35:21 199,680 ------w C:\WINDOWS\ServicePackFiles\i386\spra0407.dll
+ 2008-04-13 18:35:11 197,632 ------w C:\WINDOWS\ServicePackFiles\i386\spra0408.dll
+ 2008-04-13 18:35:11 186,368 ------w C:\WINDOWS\ServicePackFiles\i386\spra040b.dll
+ 2008-04-13 18:35:20 197,632 ------w C:\WINDOWS\ServicePackFiles\i386\spra040c.dll
+ 2008-04-13 18:35:21 181,760 ------w C:\WINDOWS\ServicePackFiles\i386\spra040d.dll
+ 2008-04-13 18:35:23 195,584 ------w C:\WINDOWS\ServicePackFiles\i386\spra040e.dll
+ 2008-04-13 18:35:23 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\spra0410.dll
+ 2008-04-13 18:35:23 171,008 ------w C:\WINDOWS\ServicePackFiles\i386\spra0411.dll
+ 2008-04-13 18:35:23 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\spra0412.dll
+ 2008-04-13 18:35:25 196,096 ------w C:\WINDOWS\ServicePackFiles\i386\spra0413.dll
+ 2008-04-13 18:35:25 189,440 ------w C:\WINDOWS\ServicePackFiles\i386\spra0414.dll
+ 2008-04-13 18:35:26 194,560 ------w C:\WINDOWS\ServicePackFiles\i386\spra0415.dll
+ 2008-04-13 18:35:08 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\spra0416.dll
+ 2008-04-13 18:35:27 190,464 ------w C:\WINDOWS\ServicePackFiles\i386\spra0418.dll
+ 2008-04-13 18:35:27 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\spra0419.dll
+ 2008-04-13 18:35:21 188,928 ------w C:\WINDOWS\ServicePackFiles\i386\spra041a.dll
+ 2008-04-13 18:35:28 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\spra041b.dll
+ 2008-04-13 18:35:28 188,928 ------w C:\WINDOWS\ServicePackFiles\i386\spra041d.dll
+ 2008-04-13 18:35:29 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\spra041e.dll
+ 2008-04-13 18:35:30 188,928 ------w C:\WINDOWS\ServicePackFiles\i386\spra041f.dll
+ 2008-04-13 18:35:28 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\spra0424.dll
+ 2008-04-13 18:35:11 186,880 ------w C:\WINDOWS\ServicePackFiles\i386\spra0425.dll
+ 2008-04-13 18:35:24 188,928 ------w C:\WINDOWS\ServicePackFiles\i386\spra0426.dll
+ 2008-04-13 18:35:24 189,952 ------w C:\WINDOWS\ServicePackFiles\i386\spra0427.dll
+ 2008-04-13 18:35:06 161,280 ------w C:\WINDOWS\ServicePackFiles\i386\spra0804.dll
+ 2008-04-13 18:35:26 194,560 ------w C:\WINDOWS\ServicePackFiles\i386\spra0816.dll
+ 2008-04-13 18:35:11 196,096 ------w C:\WINDOWS\ServicePackFiles\i386\spra0c0a.dll
+ 2008-04-13 18:35:49 2,869,248 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0401.dll
+ 2008-04-13 18:36:10 477,696 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0404.dll
+ 2008-04-13 18:36:10 734,720 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0405.dll
+ 2008-04-13 18:36:10 742,912 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0406.dll
+ 2008-04-13 18:37:03 788,480 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0407.dll
+ 2008-04-13 18:36:35 801,280 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0408.dll
+ 2008-04-13 18:36:39 729,088 ------w C:\WINDOWS\ServicePackFiles\i386\sprb040b.dll
+ 2008-04-13 18:36:55 793,088 ------w C:\WINDOWS\ServicePackFiles\i386\sprb040c.dll
+ 2008-04-13 18:37:07 2,842,112 ------w C:\WINDOWS\ServicePackFiles\i386\sprb040d.dll
+ 2008-04-13 18:37:22 769,536 ------w C:\WINDOWS\ServicePackFiles\i386\sprb040e.dll
+ 2008-04-13 18:37:22 769,536 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0410.dll
+ 2008-04-13 18:37:34 562,688 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0411.dll
+ 2008-04-13 18:37:37 543,744 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0412.dll
+ 2008-04-13 18:38:00 769,024 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0413.dll
+ 2008-04-13 18:38:02 716,288 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0414.dll
+ 2008-04-13 18:38:05 759,808 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0415.dll
+ 2008-04-13 18:35:43 752,128 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0416.dll
+ 2008-04-13 18:38:28 736,768 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0419.dll
+ 2008-04-13 18:38:37 757,248 ------w C:\WINDOWS\ServicePackFiles\i386\sprb041b.dll
+ 2008-04-13 18:38:47 724,480 ------w C:\WINDOWS\ServicePackFiles\i386\sprb041d.dll
+ 2008-04-13 18:38:51 724,480 ------w C:\WINDOWS\ServicePackFiles\i386\sprb041f.dll
+ 2008-04-13 18:38:36 732,160 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0424.dll
+ 2008-04-13 18:35:54 470,016 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0804.dll
+ 2008-04-13 18:38:06 751,616 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0816.dll
+ 2008-04-13 18:36:38 773,632 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0c0a.dll
+ 2008-04-13 18:39:02 656,896 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0401.dll
+ 2008-04-13 18:39:13 327,680 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0404.dll
+ 2008-04-13 18:39:02 601,088 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0405.dll
+ 2008-04-13 18:39:12 605,696 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0406.dll
+ 2008-04-13 18:39:19 663,552 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0407.dll
+ 2008-04-13 18:39:12 679,936 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0408.dll
+ 2008-04-13 18:39:17 604,672 ------w C:\WINDOWS\ServicePackFiles\i386\sprc040b.dll
+ 2008-04-13 18:39:20 663,040 ------w C:\WINDOWS\ServicePackFiles\i386\sprc040c.dll
+ 2008-04-13 18:39:28 620,544 ------w C:\WINDOWS\ServicePackFiles\i386\sprc040d.dll
+ 2008-04-13 18:39:28 645,120 ------w C:\WINDOWS\ServicePackFiles\i386\sprc040e.dll
+ 2008-04-13 18:39:28 658,432 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0410.dll
+ 2008-04-13 18:39:49 412,672 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0411.dll
+ 2008-04-13 18:39:49 392,704 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0412.dll
+ 2008-04-13 18:39:47 645,120 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0413.dll
+ 2008-04-13 18:39:48 591,872 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0414.dll
+ 2008-04-13 18:39:52 641,024 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0415.dll
+ 2008-04-13 18:38:56 620,032 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0416.dll
+ 2008-04-13 18:39:56 627,200 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0419.dll
+ 2008-04-13 18:40:04 577,536 ------w C:\WINDOWS\ServicePackFiles\i386\sprc041b.dll
+ 2008-04-13 18:40:05 590,848 ------w C:\WINDOWS\ServicePackFiles\i386\sprc041d.dll
+ 2008-04-13 18:40:09 592,896 ------w C:\WINDOWS\ServicePackFiles\i386\sprc041f.dll
+ 2008-04-13 18:40:05 576,512 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0424.dll
+ 2008-04-13 18:39:03 322,560 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0804.dll
+ 2008-04-13 18:39:53 639,488 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0816.dll
+ 2008-04-13 18:39:13 648,704 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0c0a.dll
+ 2008-04-14 00:12:06 250,368 ------w C:\WINDOWS\ServicePackFiles\i386\sptip.dll
+ 2008-04-14 00:12:36 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe
+ 2008-04-14 00:12:06 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\sqldb20.dll
+ 2008-04-14 00:12:06 528,384 ------w C:\WINDOWS\ServicePackFiles\i386\sqloledb.dll
+ 2008-04-14 00:12:06 462,848 ------w C:\WINDOWS\ServicePackFiles\i386\sqlqp20.dll
+ 2008-04-14 00:12:06 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\sqlse20.dll
+ 2008-04-14 00:12:06 442,368 ------w C:\WINDOWS\ServicePackFiles\i386\sqlsrv32.dll
+ 2008-04-14 00:12:06 180,800 ------w C:\WINDOWS\ServicePackFiles\i386\sqlunirl.dll
+ 2008-04-14 00:12:06 217,088 ------w C:\WINDOWS\ServicePackFiles\i386\sqlxmlx.dll
+ 2008-04-13 18:36:52 73,472 ------w C:\WINDOWS\ServicePackFiles\i386\sr.sys
+ 2008-04-14 00:12:06 58,434 ------w C:\WINDOWS\ServicePackFiles\i386\srchctls.dll
+ 2008-04-14 00:12:07 726,078 ------w C:\WINDOWS\ServicePackFiles\i386\srchui.dll
+ 2008-04-14 00:12:07 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\srclient.dll
+ 2008-04-14 00:12:07 239,104 ------w C:\WINDOWS\ServicePackFiles\i386\srrstr.dll
+ 2008-04-14 00:12:07 171,008 ------w C:\WINDOWS\ServicePackFiles\i386\srsvc.dll
+ 2008-04-13 19:15:11 334,848 ------w C:\WINDOWS\ServicePackFiles\i386\srv.sys
+ 2008-04-14 00:12:07 96,768 ------w C:\WINDOWS\ServicePackFiles\i386\srvsvc.dll
+ 2008-04-14 00:12:43 704,512 ------w C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr
+ 2008-04-14 00:12:43 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr
+ 2008-04-14 00:12:07 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\ssdpapi.dll
+ 2008-04-14 00:12:07 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\ssdpsrv.dll
+ 2008-04-14 00:12:43 393,216 ------w C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr
+ 2008-04-14 00:12:07 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\ssinc51.dll
+ 2008-04-14 00:12:44 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr
+ 2008-04-14 00:12:44 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr
+ 2008-04-14 00:12:44 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr
+ 2008-04-14 00:12:07 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\sspifilt.dll
+ 2008-04-14 00:12:44 610,304 ------w C:\WINDOWS\ServicePackFiles\i386\sspipes.scr
+ 2008-04-14 00:12:44 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\ssstars.scr
+ 2008-04-14 00:12:44 679,936 ------w C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr
+ 2008-04-14 00:12:07 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\sstub.dll
+ 2008-04-14 00:12:07 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\staxmem.dll
+ 2008-04-14 00:12:07 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\stclient.dll
+ 2008-04-14 00:12:07 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\stdprov.dll
+ 2008-04-14 00:12:07 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\sti.dll
+ 2008-04-14 00:12:07 136,704 ------w C:\WINDOWS\ServicePackFiles\i386\sti_ci.dll
+ 2008-04-14 00:12:36 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\stimon.exe
+ 2008-04-14 00:12:07 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\stobject.dll
+ 2008-04-14 00:12:07 74,752 ------w C:\WINDOWS\ServicePackFiles\i386\storprop.dll
+ 2008-04-13 18:45:15 49,408 ------w C:\WINDOWS\ServicePackFiles\i386\stream.sys
+ 2008-04-13 18:46:21 15,232 ------w C:\WINDOWS\ServicePackFiles\i386\streamip.sys
+ 2008-04-14 00:12:07 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\strmfilt.dll
+ 2008-04-14 00:12:36 16,449 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe
+ 2008-04-14 00:12:36 65,601 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe
+ 2008-04-14 00:12:07 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\svcext51.dll
+ 2008-04-14 00:12:36 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\svchost.exe
+ 2008-04-13 18:39:53 4,352 ------w C:\WINDOWS\ServicePackFiles\i386\swenum.sys
+ 2008-04-13 18:45:09 56,576 ------w C:\WINDOWS\ServicePackFiles\i386\swmidi.sys
+ 2008-04-14 00:12:07 713,216 ------w C:\WINDOWS\ServicePackFiles\i386\sxs.dll
+ 2007-12-17 11:59:56 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\sy52106.dll
+ 2008-04-14 00:12:07 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\synceng.dll
+ 2008-04-14 00:12:07 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\syncui.dll
+ 2008-04-13 19:15:55 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\sysaudio.sys
+ 2008-04-14 00:12:36 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\sysinfo.exe
+ 2008-04-14 00:12:07 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w C:\WINDOWS\ServicePackFiles\i386\sysmoda.dll
+ 2008-04-14 00:12:37 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe
+ 2008-04-14 00:12:07 990,208 ------w C:\WINDOWS\ServicePackFiles\i386\syssetup.dll
+ 2004-07-20 09:54:18 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\system.configuration.install.dll
+ 2004-07-20 09:54:18 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\system.data.dll
+ 2004-07-20 09:54:18 1,695,744 ------w C:\WINDOWS\ServicePackFiles\i386\system.design.dll
+ 2004-07-20 09:54:18 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\system.directoryservices.dll
+ 2004-07-20 09:54:18 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\system.drawing.design.dll
+ 2004-07-20 09:54:18 462,848 ------w C:\WINDOWS\ServicePackFiles\i386\system.drawing.dll
+ 2004-07-20 09:54:18 212,992 ------w C:\WINDOWS\ServicePackFiles\i386\system.enterpriseservices.dll
+ 2004-08-04 13:12:34 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\system.enterpriseservices.thunk.dll
+ 2004-07-20 09:54:18 352,256 ------w C:\WINDOWS\ServicePackFiles\i386\system.management.dll
+ 2004-07-20 09:54:18 241,664 ------w C:\WINDOWS\ServicePackFiles\i386\system.messaging.dll
+ 2004-07-20 09:54:20 311,296 ------w C:\WINDOWS\ServicePackFiles\i386\system.runtime.remoting.dll
+ 2004-07-20 09:54:20 131,072 ------w C:\WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
+ 2004-07-20 09:54:20 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\system.security.dll
+ 2004-07-20 09:54:20 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\system.serviceprocess.dll
+ 2007-01-02 23:40:24 1,200,128 ------w C:\WINDOWS\ServicePackFiles\i386\system.web.dll
+ 2004-07-20 09:54:20 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\system.web.regularexpressions.dll
+ 2004-07-20 09:54:20 507,904 ------w C:\WINDOWS\ServicePackFiles\i386\system.web.services.dll
+ 2004-07-20 09:54:22 2,002,944 ------w C:\WINDOWS\ServicePackFiles\i386\system.windows.forms.dll
+ 2004-07-20 09:54:22 1,302,528 ------w C:\WINDOWS\ServicePackFiles\i386\system.xml.dll
+ 2008-04-14 00:12:07 117,760 ------w C:\WINDOWS\ServicePackFiles\i386\t2embed.dll
+ 2008-04-14 00:12:07 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\tabletoc.dll
+ 2008-04-13 18:40:50 14,976 ------w C:\WINDOWS\ServicePackFiles\i386\tape.sys
+ 2008-04-14 00:12:07 858,624 ------w C:\WINDOWS\ServicePackFiles\i386\tapi3.dll
+ 2008-04-14 00:12:07 181,760 ------w C:\WINDOWS\ServicePackFiles\i386\tapi32.dll
+ 2008-04-14 00:12:07 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\tapisrv.dll
+ 2008-04-14 00:12:37 76,288 ------w C:\WINDOWS\ServicePackFiles\i386\taskkill.exe
+ 2008-04-14 00:12:37 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\tasklist.exe
+ 2008-04-14 00:12:37 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe
+ 2008-04-13 19:20:16 361,344 ------w C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
+ 2008-04-13 19:00:02 225,664 ------w C:\WINDOWS\ServicePackFiles\i386\tcpip6.sys
+ 2008-04-14 00:12:07 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmib.dll
+ 2008-04-14 00:12:07 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmonui.dll
+ 2008-04-14 00:12:37 32,827 ------w C:\WINDOWS\ServicePackFiles\i386\tcptest.exe
+ 2007-04-02 16:36:07 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\tcptsat.dll
+ 2008-04-13 19:00:05 19,072 ------w C:\WINDOWS\ServicePackFiles\i386\tdi.sys
+ 2008-04-14 00:13:20 12,040 ------w C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys
+ 2008-04-14 00:13:21 21,896 ------w C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys
+ 2008-04-14 00:12:37 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\telnet.exe
+ 2008-04-14 00:13:20 40,840 ------w C:\WINDOWS\ServicePackFiles\i386\termdd.sys
+ 2008-04-14 00:12:07 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\termmgr.dll
+ 2008-04-14 00:12:07 295,424 ------w C:\WINDOWS\ServicePackFiles\i386\termsrv.dll
+ 2008-04-13 18:40:50 149,376 ------w C:\WINDOWS\ServicePackFiles\i386\tffsport.sys
+ 2008-04-14 00:12:07 385,536 ------w C:\WINDOWS\ServicePackFiles\i386\themeui.dll
+ 2008-04-14 00:12:37 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\tlntadmn.exe
+ 2008-04-14 00:12:37 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\tlntsess.exe
+ 2008-04-14 00:12:38 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\tlntsvr.exe
+ 2008-04-14 00:12:07 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\tlntsvrp.dll
+ 2007-12-17 12:00:05 66,592 ------w C:\WINDOWS\ServicePackFiles\i386\togac.exe
+ 2008-04-14 00:12:07 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\tools.dll
+ 2008-04-14 00:12:38 347,136 ------w C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe
+ 2008-04-14 00:12:38 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe
+ 2008-04-14 00:12:38 259,584 ------w C:\WINDOWS\ServicePackFiles\i386\tracerpt.exe
+ 2008-04-14 00:12:38 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\tracert.exe
+ 2008-04-14 00:12:42 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\tree.com
+ 2008-04-14 00:12:07 153,088 ------w C:\WINDOWS\ServicePackFiles\i386\triedit.dll
+ 2008-04-14 00:12:07 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\trkwks.dll
+ 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\ServicePackFiles\i386\tscdsbl.bat
+ 2008-04-14 00:12:07 93,696 ------w C:\WINDOWS\ServicePackFiles\i386\tscfgwmi.dll
+ 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\ServicePackFiles\i386\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\ServicePackFiles\i386\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\tscupdc.dll
+ 2008-04-14 00:13:21 12,168 ------w C:\WINDOWS\ServicePackFiles\i386\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\tsgqec.dll
+ 2008-04-14 00:12:07 279,040 ------w C:\WINDOWS\ServicePackFiles\i386\tshoot.dll
+ 2008-04-14 00:12:07 130,048 ------w C:\WINDOWS\ServicePackFiles\i386\tsoc.dll
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\tspkg.dll
+ 2008-04-14 00:12:07 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\tty.dll
+ 2007-04-02 15:31:00 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\ttyres.dll
+ 2008-04-14 00:12:07 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ttyui.dll
+ 2008-04-13 18:56:01 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\tunmp.sys
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\twain_32.dll
+ 2008-04-14 00:12:07 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\twext.dll
+ 2008-04-14 00:12:07 101,376 ------w C:\WINDOWS\ServicePackFiles\i386\txflog.dll
+ 2008-04-14 00:12:38 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\tzchange.exe
+ 2008-04-13 18:36:40 44,672 ------w C:\WINDOWS\ServicePackFiles\i386\uagp35.sys
+ 2008-04-13 18:32:36 66,048 ------w C:\WINDOWS\ServicePackFiles\i386\udfs.sys
+ 2008-04-14 00:12:07 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\udhisapi.dll
+ 2008-04-14 00:12:07 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\uihelper.dll
+ 2008-04-14 00:12:07 275,456 ------w C:\WINDOWS\ServicePackFiles\i386\ulib.dll
+ 2008-04-14 00:12:07 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\umandlg.dll
+ 2008-04-14 00:12:07 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\umpnpmgr.dll
+ 2008-04-14 00:12:07 373,248 ------w C:\WINDOWS\ServicePackFiles\i386\unidrv.dll
+ 2008-04-14 00:12:07 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\unidrvui.dll
+ 2008-04-14 00:12:07 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\unimdmat.dll
+ 2008-04-14 00:12:07 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\uniplat.dll
+ 2007-05-15 08:08:53 761,344 ------w C:\WINDOWS\ServicePackFiles\i386\unires.dll
+ 2008-04-14 00:12:07 316,416 ------w C:\WINDOWS\ServicePackFiles\i386\untfs.dll
+ 2008-04-13 18:39:46 384,768 ------w C:\WINDOWS\ServicePackFiles\i386\update.sys
+ 2008-04-14 00:12:38 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\uploadm.exe
+ 2008-04-14 00:12:08 133,632 ------w C:\WINDOWS\ServicePackFiles\i386\upnp.dll
+ 2008-04-14 00:12:38 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe
+ 2008-04-14 00:12:08 185,856 ------w C:\WINDOWS\ServicePackFiles\i386\upnphost.dll
+ 2008-04-14 00:12:08 239,616 ------w C:\WINDOWS\ServicePackFiles\i386\upnpui.dll
+ 2008-04-14 00:12:38 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\ups.exe
+ 2008-04-14 00:12:08 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\url.dll
+ 2008-04-14 00:12:08 619,520 ------w C:\WINDOWS\ServicePackFiles\i386\urlmon.dll
+ 2004-08-04 05:31:26 32,384 ------w C:\WINDOWS\ServicePackFiles\i386\usb101et.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023x.sys
+ 2008-04-13 18:45:12 60,032 ------w C:\WINDOWS\ServicePackFiles\i386\usbaudio.sys
+ 2008-04-13 18:45:40 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd.sys
+ 2008-04-13 18:45:41 25,728 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd2.sys
+ 2008-04-13 18:45:39 32,128 ------w C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys
+ 2008-04-13 18:45:35 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\usbehci.sys
+ 2008-04-13 18:45:37 59,520 ------w C:\WINDOWS\ServicePackFiles\i386\usbhub.sys
+ 2008-04-13 18:45:43 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbintel.sys
+ 2008-04-14 00:12:08 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\usbmon.dll
+ 2008-04-13 18:45:35 17,152 ------w C:\WINDOWS\ServicePackFiles\i386\usbohci.sys
+ 2008-04-13 18:45:36 143,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbport.sys
+ 2008-04-13 18:47:37 25,856 ------w C:\WINDOWS\ServicePackFiles\i386\usbprint.sys
+ 2008-04-13 18:45:34 15,104 ------w C:\WINDOWS\ServicePackFiles\i386\usbscan.sys

#10 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 11 June 2008 - 03:57 PM

here is 2nd part of combofix log
\+ 2008-04-13 18:45:36 143,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbport.sys
+ 2008-04-13 18:47:37 25,856 ------w C:\WINDOWS\ServicePackFiles\i386\usbprint.sys
+ 2008-04-13 18:45:34 15,104 ------w C:\WINDOWS\ServicePackFiles\i386\usbscan.sys
+ 2008-04-13 18:45:36 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\usbser.sys
+ 2008-04-13 18:45:38 26,368 ------w C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
+ 2008-04-13 18:45:35 20,608 ------w C:\WINDOWS\ServicePackFiles\i386\usbuhci.sys
+ 2008-04-14 00:12:08 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\usbui.dll
+ 2008-04-13 18:46:20 121,984 ------w C:\WINDOWS\ServicePackFiles\i386\usbvideo.sys
+ 2008-04-14 00:12:08 578,560 ------w C:\WINDOWS\ServicePackFiles\i386\user32.dll
+ 2008-04-14 00:12:08 727,040 ------w C:\WINDOWS\ServicePackFiles\i386\userenv.dll
+ 2008-04-14 00:12:38 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\userinit.exe
+ 2008-04-14 00:12:08 406,016 ------w C:\WINDOWS\ServicePackFiles\i386\usp10.dll
+ 2008-04-14 00:12:38 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 00:12:08 218,624 ------w C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll
+ 2008-04-14 00:12:08 30,749 ------w C:\WINDOWS\ServicePackFiles\i386\vbajet32.dll
+ 2004-07-20 09:54:22 716,800 ------w C:\WINDOWS\ServicePackFiles\i386\vbc.exe
+ 2004-08-04 13:12:48 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.chs.dll
+ 2004-08-04 13:12:48 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.cht.dll
+ 2004-08-04 13:12:48 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.dll
+ 2004-08-04 13:12:48 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.es.dll
+ 2004-08-04 13:12:48 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.fr.dll
+ 2004-08-04 13:12:48 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.ger.dll
+ 2004-08-04 13:12:50 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.it.dll
+ 2004-08-04 13:12:50 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.ja.dll
+ 2004-08-04 13:12:50 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.kor.dll
+ 2008-04-14 00:12:08 434,176 ------w C:\WINDOWS\ServicePackFiles\i386\vbscript.dll
+ 2008-04-14 00:12:08 11,325 ------w C:\WINDOWS\ServicePackFiles\i386\vchnt5.dll
+ 2008-04-14 00:12:08 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\vdmdbg.dll
+ 2008-04-14 00:12:08 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:38 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\verclsid.exe
+ 2008-04-14 00:12:08 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\verifier.dll
+ 2008-04-14 00:12:08 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\version.dll
+ 2008-04-14 00:12:08 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\vfwwdm32.dll
+ 2008-04-13 18:44:40 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\vga.sys
+ 2008-04-14 00:12:08 851,968 ------w C:\WINDOWS\ServicePackFiles\i386\vgx.dll
+ 2008-04-13 18:36:40 42,240 ------w C:\WINDOWS\ServicePackFiles\i386\viaagp.sys
+ 2008-04-13 18:40:31 5,376 ------w C:\WINDOWS\ServicePackFiles\i386\viaide.sys
+ 2008-04-13 18:44:40 81,664 ------w C:\WINDOWS\ServicePackFiles\i386\videoprt.sys
+ 2008-04-14 00:12:08 131,584 ------w C:\WINDOWS\ServicePackFiles\i386\viewprov.dll
+ 2008-04-13 18:41:01 52,352 ------w C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
+ 2004-08-04 13:12:50 999,424 ------w C:\WINDOWS\ServicePackFiles\i386\vsavb7rt.dll
+ 2008-04-14 00:12:08 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\vssapi.dll
+ 2008-04-14 00:12:38 289,792 ------w C:\WINDOWS\ServicePackFiles\i386\vssvc.exe
+ 2008-04-14 00:12:08 175,104 ------w C:\WINDOWS\ServicePackFiles\i386\w32time.dll
+ 2008-04-14 00:12:08 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\w3ssl.dll
+ 2008-04-14 00:12:08 364,032 ------w C:\WINDOWS\ServicePackFiles\i386\w3svc.dll
+ 2008-04-14 00:12:08 483,840 ------w C:\WINDOWS\ServicePackFiles\i386\w95upgnt.dll
+ 2008-04-14 00:12:38 46,080 ------w C:\WINDOWS\ServicePackFiles\i386\wab.exe
+ 2008-04-14 00:12:08 510,976 ------w C:\WINDOWS\ServicePackFiles\i386\wab32.dll
+ 2008-04-13 16:21:48 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\wab32res.dll
+ 2008-04-14 00:12:08 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\wabfind.dll
+ 2008-04-14 00:12:08 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\wabimp.dll
+ 2008-04-14 00:12:39 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\wabmig.exe
+ 2008-04-13 18:43:55 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\wacompen.sys
+ 2004-08-04 05:29:38 12,415 ------w C:\WINDOWS\ServicePackFiles\i386\wadv01nt.sys
+ 2004-08-04 05:29:38 12,127 ------w C:\WINDOWS\ServicePackFiles\i386\wadv02nt.sys
+ 2004-08-04 05:29:38 11,775 ------w C:\WINDOWS\ServicePackFiles\i386\wadv05nt.sys
+ 2004-08-04 05:29:40 11,807 ------w C:\WINDOWS\ServicePackFiles\i386\wadv07nt.sys
+ 2004-08-04 05:29:40 11,295 ------w C:\WINDOWS\ServicePackFiles\i386\wadv08nt.sys
+ 2004-08-04 05:29:42 11,871 ------w C:\WINDOWS\ServicePackFiles\i386\wadv09nt.sys
+ 2004-08-04 05:29:42 11,935 ------w C:\WINDOWS\ServicePackFiles\i386\wadv11nt.sys
+ 2008-04-14 00:12:08 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\wam51.dll
+ 2008-04-14 00:12:08 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\wamreg51.dll
+ 2008-04-13 18:57:21 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\wanarp.sys
+ 2008-04-13 18:44:59 17,664 ------w C:\WINDOWS\ServicePackFiles\i386\watchdog.sys
+ 2004-08-04 05:29:42 29,311 ------w C:\WINDOWS\ServicePackFiles\i386\watv01nt.sys
+ 2004-08-04 05:29:44 19,551 ------w C:\WINDOWS\ServicePackFiles\i386\watv02nt.sys
+ 2004-08-04 05:29:44 33,599 ------w C:\WINDOWS\ServicePackFiles\i386\watv04nt.sys
+ 2004-08-04 05:29:46 22,271 ------w C:\WINDOWS\ServicePackFiles\i386\watv06nt.sys
+ 2004-08-04 05:29:46 25,471 ------w C:\WINDOWS\ServicePackFiles\i386\watv10nt.sys
+ 2008-04-14 00:12:08 215,552 ------w C:\WINDOWS\ServicePackFiles\i386\wavemsp.dll
+ 2008-04-14 00:12:08 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcntl.dll
+ 2008-04-14 00:12:08 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcomn.dll
+ 2008-04-14 00:12:08 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcons.dll
+ 2008-04-14 00:12:08 531,456 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcore.dll
+ 2008-04-14 00:12:08 178,176 ------w C:\WINDOWS\ServicePackFiles\i386\wbemdisp.dll
+ 2008-04-14 00:12:08 273,920 ------w C:\WINDOWS\ServicePackFiles\i386\wbemess.dll
+ 2008-04-14 00:12:08 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\wbemperf.dll
+ 2008-04-14 00:12:08 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\wbemprox.dll
+ 2008-04-14 00:12:08 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\wbemsvc.dll
+ 2008-04-14 00:12:39 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe
+ 2008-04-14 00:12:08 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\wbemupgd.dll
+ 2008-04-13 18:45:38 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\wceusbsh.sys
+ 2004-08-04 05:29:46 23,615 ------w C:\WINDOWS\ServicePackFiles\i386\wch7xxnt.sys
+ 2008-04-14 00:12:08 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\wdigest.dll
+ 2008-04-14 00:12:45 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.drv
+ 2008-04-13 19:17:18 83,072 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.sys
+ 2008-04-14 00:12:08 276,480 ------w C:\WINDOWS\ServicePackFiles\i386\webcheck.dll
+ 2008-04-14 00:12:08 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\webclnt.dll
+ 2008-04-14 00:12:08 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\webvw.dll
+ 2008-04-14 00:12:39 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 00:12:39 433,664 ------w C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe
+ 2008-04-14 00:12:08 463,360 ------w C:\WINDOWS\ServicePackFiles\i386\wiadefui.dll
+ 2008-04-14 00:12:08 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\wiadss.dll
+ 2008-04-14 00:12:08 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\wiascr.dll
+ 2008-04-14 00:12:08 333,824 ------w C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll
+ 2008-04-14 00:12:08 589,312 ------w C:\WINDOWS\ServicePackFiles\i386\wiashext.dll
+ 2008-04-14 00:12:08 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 712,704 ------w C:\WINDOWS\ServicePackFiles\i386\wic.dll
+ 2008-04-14 00:12:08 346,112 ------w C:\WINDOWS\ServicePackFiles\i386\wicext.dll
+ 2008-04-13 19:30:10 1,845,632 ------w C:\WINDOWS\ServicePackFiles\i386\win32k.sys
+ 2008-04-14 00:12:08 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\win32spl.dll
+ 2008-04-13 16:48:53 1,647,616 ------w C:\WINDOWS\ServicePackFiles\i386\winbrand.dll
+ 2008-04-14 00:12:39 283,648 ------w C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe
+ 2008-04-14 00:12:08 354,304 ------w C:\WINDOWS\ServicePackFiles\i386\winhttp.dll
+ 2008-04-14 00:12:08 666,112 ------w C:\WINDOWS\ServicePackFiles\i386\wininet.dll
+ 2008-04-14 00:12:09 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\winipsec.dll
+ 2008-04-14 00:12:39 507,904 ------w C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
+ 2008-04-14 00:12:09 176,128 ------w C:\WINDOWS\ServicePackFiles\i386\winmm.dll
+ 2006-03-16 04:00:00 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\winnls.dll
+ 2008-04-14 00:11:11 756,224 ------w C:\WINDOWS\ServicePackFiles\i386\winntbbu.dll
+ 2008-04-14 00:12:09 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
+ 2008-04-14 00:12:09 99,328 ------w C:\WINDOWS\ServicePackFiles\i386\winscard.dll
+ 2008-04-14 00:12:09 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\winshfhc.dll
+ 2008-04-14 00:12:45 146,432 ------w C:\WINDOWS\ServicePackFiles\i386\winspool.drv
+ 2008-04-14 00:12:09 293,376 ------w C:\WINDOWS\ServicePackFiles\i386\winsrv.dll
+ 2008-04-14 00:12:09 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\winsta.dll
+ 2008-04-14 00:12:09 176,640 ------w C:\WINDOWS\ServicePackFiles\i386\wintrust.dll
+ 2008-04-14 00:12:40 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\winver.exe
+ 2008-04-14 00:12:09 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\wlanapi.dll
+ 2008-04-14 00:12:09 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\wldap32.dll
+ 2004-08-04 05:31:28 154,624 ------w C:\WINDOWS\ServicePackFiles\i386\wlluc48.sys
+ 2008-04-14 00:12:09 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\wlnotify.dll
+ 2008-04-14 00:11:15 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmi.dll
+ 2008-04-13 18:36:38 8,832 ------w C:\WINDOWS\ServicePackFiles\i386\wmiacpi.sys
+ 2008-04-14 00:12:40 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe
+ 2008-04-13 17:10:20 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapres.dll
+ 2008-04-14 00:12:09 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\wmiaprpl.dll
+ 2008-04-14 00:12:40 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe
+ 2008-04-14 00:12:40 358,912 ------w C:\WINDOWS\ServicePackFiles\i386\wmic.exe
+ 2008-04-14 00:12:09 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\wmicookr.dll
+ 2008-04-14 00:12:09 140,800 ------w C:\WINDOWS\ServicePackFiles\i386\wmidcprv.dll
+ 2008-04-14 00:12:09 156,672 ------w C:\WINDOWS\ServicePackFiles\i386\wmipcima.dll
+ 2008-04-14 00:12:09 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmipdskq.dll
+ 2008-04-14 00:12:09 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\wmipiprt.dll
+ 2008-04-14 00:12:09 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmipjobj.dll
+ 2008-04-14 00:12:09 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprov.dll
+ 2008-04-14 00:12:09 437,248 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvsd.dll
+ 2008-04-14 00:12:40 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe
+ 2008-04-14 00:12:09 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\wmipsess.dll
+ 2008-04-14 00:12:09 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmisvc.dll
+ 2008-04-14 00:12:09 95,232 ------w C:\WINDOWS\ServicePackFiles\i386\wmiutils.dll
+ 2008-04-14 00:12:09 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ae.dll
+ 2008-04-14 00:12:09 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2eres.dll
+ 2008-04-14 00:12:09 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ext.dll
+ 2008-04-14 00:12:09 402,432 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2filt.dll
+ 2008-04-14 00:12:09 502,272 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxa.dll
+ 2008-04-14 00:12:09 325,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxb.dll
+ 2008-04-14 00:12:09 4,256,768 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res.dll
+ 2008-04-14 00:12:09 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 276,992 ------w C:\WINDOWS\ServicePackFiles\i386\wmphoto.dll
+ 2008-04-14 00:12:40 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wordpad.exe
+ 2008-04-14 00:12:10 264,192 ------w C:\WINDOWS\ServicePackFiles\i386\wow32.dll
+ 2008-04-14 00:12:40 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 00:12:41 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe
+ 2008-04-14 00:12:10 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
+ 2008-04-14 00:12:10 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ws2help.dll
+ 2008-04-14 00:12:41 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe
+ 2008-04-14 00:12:41 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\wscript.exe
+ 2008-04-14 00:12:10 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\wscsvc.dll
+ 2008-04-14 00:12:10 604,160 ------w C:\WINDOWS\ServicePackFiles\i386\wsecedit.dll
+ 2008-04-14 00:12:10 108,032 ------w C:\WINDOWS\ServicePackFiles\i386\wshbth.dll
+ 2008-04-14 00:12:10 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\wshcon.dll
+ 2008-04-14 00:12:10 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\wshext.dll
+ 2008-04-14 00:12:10 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\wship6.dll
+ 2008-04-14 00:12:10 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\wshirda.dll
+ 2008-04-14 00:12:10 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\wshrm.dll
+ 2008-04-14 00:12:10 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\wshtcpip.dll
+ 2004-08-04 05:29:48 12,063 ------w C:\WINDOWS\ServicePackFiles\i386\wsiintxx.sys
+ 2008-04-14 00:12:10 41,984 ------w C:\WINDOWS\ServicePackFiles\i386\wsnmp32.dll
+ 2008-04-14 00:12:10 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\wsock32.dll
+ 2008-04-13 18:46:24 19,200 ------w C:\WINDOWS\ServicePackFiles\i386\wstcodec.sys
+ 2008-04-14 00:12:10 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\wstdecod.dll
+ 2008-04-14 00:12:10 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\wtsapi32.dll
+ 2008-04-14 00:12:10 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\wuapi.dll
+ 2008-04-14 00:12:41 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe
+ 2008-04-14 00:12:41 165,888 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe
+ 2008-04-14 00:12:11 1,135,616 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng.dll
+ 2008-04-14 00:12:11 183,296 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng1.dll
+ 2008-04-14 00:12:11 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wuauserv.dll
+ 2008-04-14 00:12:11 112,640 ------w C:\WINDOWS\ServicePackFiles\i386\wucltui.dll
+ 2008-04-14 00:12:11 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wups.dll
+ 2008-04-14 00:12:11 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\wuweb.dll
+ 2004-08-04 05:29:50 19,455 ------w C:\WINDOWS\ServicePackFiles\i386\wvchntxx.sys
+ 2008-04-14 00:12:11 383,488 ------w C:\WINDOWS\ServicePackFiles\i386\wzcdlg.dll
+ 2008-04-14 00:12:11 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsapi.dll
+ 2008-04-14 00:12:11 483,840 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsvc.dll
+ 2008-04-14 00:12:11 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\xactsrv.dll
+ 2008-04-14 00:12:41 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\xcopy.exe
+ 2006-03-16 04:00:00 174,200 ------w C:\WINDOWS\ServicePackFiles\i386\xenroll.dll
+ 2008-04-14 00:12:11 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\xmllite.dll
+ 2008-04-14 00:12:11 129,024 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll
+ 2008-04-14 00:12:11 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprovi.dll
+ 2008-04-14 00:12:11 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe
+ 2008-04-13 17:39:29 438,784 ------w C:\WINDOWS\ServicePackFiles\i386\xpob2res.dll
+ 2008-04-13 17:39:22 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp1res.dll
+ 2008-04-13 17:39:24 2,897,920 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:26 689,152 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp3res.dll
+ 2008-04-14 00:12:11 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\xrxscnui.dll
+ 2008-04-14 00:12:11 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\xrxwiadr.dll
+ 2008-04-14 00:12:11 338,432 ------w C:\WINDOWS\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:11:51 33,792 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\custsat.dll
+ 2008-04-14 00:11:59 82,944 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msgslang.dll
+ 2008-04-14 00:12:28 1,695,232 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\slrundll.exe
- 2006-03-16 04:00:00 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
+ 2008-04-14 00:11:59 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
- 2006-03-16 04:00:00 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
+ 2008-04-14 00:12:06 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
- 2006-03-16 04:00:00 725,566 ----a-w C:\WINDOWS\srchasst\srchui.dll
+ 2008-04-14 00:12:07 726,078 ----a-w C:\WINDOWS\srchasst\srchui.dll
- 2006-03-16 04:00:00 146,432 ----a-w C:\WINDOWS\system\WINSPOOL.DRV
+ 2008-04-14 00:12:45 146,432 ----a-w C:\WINDOWS\system\winspool.drv
- 2006-08-16 11:58:05 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2008-04-14 00:11:48 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2006-03-16 04:00:00 183,808 ----a-w C:\WINDOWS\system32\accwiz.exe
+ 2008-04-14 00:12:11 184,320 ----a-w C:\WINDOWS\system32\accwiz.exe
- 2006-03-16 04:00:00 114,688 ----a-w C:\WINDOWS\system32\aclui.dll
+ 2008-04-14 00:11:48 115,712 ----a-w C:\WINDOWS\system32\aclui.dll
- 2006-03-16 04:00:00 194,048 ----a-w C:\WINDOWS\system32\activeds.dll
+ 2008-04-14 00:11:48 193,536 ----a-w C:\WINDOWS\system32\activeds.dll
- 2006-03-16 04:00:00 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
+ 2008-04-14 00:12:12 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
- 2006-03-16 04:00:00 101,888 ----a-w C:\WINDOWS\system32\actxprxy.dll
+ 2008-04-14 00:11:48 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
- 2006-03-16 04:00:00 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
+ 2008-04-14 00:11:48 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
- 2006-03-16 04:00:00 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
+ 2008-04-14 00:11:48 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
- 2006-03-16 04:00:00 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
+ 2008-04-14 00:11:48 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
- 2006-03-16 04:00:00 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
+ 2008-04-14 00:11:48 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
- 2006-03-16 04:00:00 109,568 ----a-w C:\WINDOWS\system32\adsnw.dll
+ 2008-04-14 00:11:48 123,392 ----a-w C:\WINDOWS\system32\adsnw.dll
- 2006-03-16 04:00:00 616,960 ----a-w C:\WINDOWS\system32\advapi32.dll
+ 2008-04-14 00:11:48 617,472 ----a-w C:\WINDOWS\system32\advapi32.dll
- 2006-03-16 04:00:00 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
+ 2008-04-14 00:12:12 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
- 2006-03-16 04:00:00 44,544 ----a-w C:\WINDOWS\system32\alg.exe
+ 2008-04-14 00:12:12 44,544 ----a-w C:\WINDOWS\system32\alg.exe
- 2006-03-16 04:00:00 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
+ 2008-04-14 00:11:49 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
- 2006-03-16 04:00:00 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
+ 2008-04-14 00:11:49 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
- 2006-03-16 04:00:00 126,976 ----a-w C:\WINDOWS\system32\apphelp.dll
+ 2008-04-14 00:11:49 125,952 ----a-w C:\WINDOWS\system32\apphelp.dll
- 2006-03-16 04:00:00 167,936 ----a-w C:\WINDOWS\system32\appmgmts.dll
+ 2008-04-14 00:11:49 167,936 ----a-w C:\WINDOWS\system32\appmgmts.dll
- 2006-03-16 04:00:00 295,936 ----a-w C:\WINDOWS\system32\appmgr.dll
+ 2008-04-14 00:11:49 295,936 ----a-w C:\WINDOWS\system32\appmgr.dll
- 2006-03-16 04:00:00 30,208 ----a-w C:\WINDOWS\system32\asr_fmt.exe
+ 2008-04-14 00:12:12 30,208 ----a-w C:\WINDOWS\system32\asr_fmt.exe
- 2006-03-16 04:00:00 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe
+ 2008-04-14 00:12:12 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe
- 2006-03-16 04:00:00 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
+ 2008-04-14 00:11:49 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
- 2006-03-16 04:00:00 25,088 ----a-w C:\WINDOWS\system32\at.exe
+ 2008-04-14 00:12:12 25,088 ----a-w C:\WINDOWS\system32\at.exe
+ 2008-04-14 00:11:49 229,376 ------w C:\WINDOWS\system32\ati2cqag.dll
+ 2008-04-14 00:11:49 377,984 ------w C:\WINDOWS\system32\ati2dvaa.dll
+ 2008-04-14 00:11:49 201,728 ------w C:\WINDOWS\system32\ati2dvag.dll
+ 2008-04-14 00:11:49 870,784 ------w C:\WINDOWS\system32\ati3d1ag.dll
+ 2008-04-14 00:11:50 32,768 ------w C:\WINDOWS\system32\ativtmxx.dll
+ 2008-04-14 00:11:50 516,768 ------w C:\WINDOWS\system32\ativvaxx.dll
- 2006-03-16 04:00:00 58,880 ----a-w C:\WINDOWS\system32\atl.dll
+ 2008-04-14 00:11:50 58,880 ----a-w C:\WINDOWS\system32\atl.dll
- 2006-03-16 04:00:00 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
+ 2008-04-14 00:12:12 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
- 2006-03-16 04:00:00 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
+ 2008-04-14 00:09:01 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
- 2006-03-16 04:00:00 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
+ 2008-04-14 00:11:50 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
- 2006-03-16 04:00:00 11,264 ----a-w C:\WINDOWS\system32\attrib.exe
+ 2008-04-14 00:12:12 12,288 ----a-w C:\WINDOWS\system32\attrib.exe
- 2006-03-16 04:00:00 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
+ 2008-04-14 00:11:50 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
- 2006-03-16 04:00:00 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe
+ 2008-04-14 00:12:12 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe
- 2005-03-02 18:09:29 56,832 ----a-w C:\WINDOWS\system32\authz.dll
+ 2008-04-14 00:11:50 62,464 ----a-w C:\WINDOWS\system32\authz.dll
- 2006-03-16 04:00:00 588,800 ----a-w C:\WINDOWS\system32\autochk.exe
+ 2008-04-14 00:12:12 588,800 ----a-w C:\WINDOWS\system32\autochk.exe
- 2006-03-16 04:00:00 602,624 ----a-w C:\WINDOWS\system32\autoconv.exe
+ 2008-04-14 00:12:12 602,624 ----a-w C:\WINDOWS\system32\autoconv.exe
- 2006-03-16 04:00:00 580,608 ----a-w C:\WINDOWS\system32\autofmt.exe
+ 2008-04-14 00:12:13 580,608 ----a-w C:\WINDOWS\system32\autofmt.exe
- 2006-03-16 04:00:00 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
+ 2008-04-14 00:12:13 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
- 2006-03-16 04:00:00 84,992 ----a-w C:\WINDOWS\system32\avifil32.dll
+ 2008-04-14 00:11:50 84,992 ----a-w C:\WINDOWS\system32\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w C:\WINDOWS\system32\azroles.dll
- 2006-03-16 04:00:00 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
+ 2008-04-14 00:11:50 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
- 2006-03-16 04:00:00 28,672 ----a-w C:\WINDOWS\system32\batmeter.dll
+ 2008-04-14 00:11:50 29,184 ----a-w C:\WINDOWS\system32\batmeter.dll
- 2006-03-16 04:00:00 8,704 ----a-w C:\WINDOWS\system32\batt.dll
+ 2008-04-14 00:11:50 8,704 ----a-w C:\WINDOWS\system32\batt.dll
- 2006-03-16 04:00:00 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
+ 2008-04-14 00:11:50 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
+ 2008-04-14 00:12:03 409,088 ------w C:\WINDOWS\system32\bits\qmgr.dll
- 2006-03-16 04:00:00 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll
+ 2008-04-14 00:11:50 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll
- 2006-03-16 04:00:00 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w C:\WINDOWS\system32\bitsprx4.dll
- 2006-03-16 04:00:00 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe
+ 2008-04-14 00:12:13 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe
- 2006-03-16 04:00:00 136,704 ----a-w C:\WINDOWS\system32\bootcfg.exe
+ 2008-04-14 00:12:13 142,848 ----a-w C:\WINDOWS\system32\bootcfg.exe
- 2006-03-16 04:00:00 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
+ 2008-04-13 17:03:24 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
- 2006-03-16 04:00:00 77,312 ----a-w C:\WINDOWS\system32\browser.dll
+ 2008-04-14 00:11:50 77,824 ----a-w C:\WINDOWS\system32\browser.dll
- 2006-10-23 15:34:19 1,022,976 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-04-14 00:11:50 1,025,024 ----a-w C:\WINDOWS\system32\browseui.dll
- 2006-03-16 04:00:00 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
+ 2008-04-14 00:11:50 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\system32\bthci.dll
+ 2008-04-14 00:11:50 20,992 ----a-w C:\WINDOWS\system32\bthci.dll
- 2006-03-16 04:00:00 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll
+ 2008-04-14 00:11:50 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll
- 2006-03-16 04:00:00 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll
+ 2008-04-14 00:11:50 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll
- 2006-03-16 04:00:00 59,904 ----a-w C:\WINDOWS\system32\cabinet.dll
+ 2008-04-14 00:11:50 60,416 ----a-w C:\WINDOWS\system32\cabinet.dll
- 2006-03-16 04:00:00 84,480 ----a-w C:\WINDOWS\system32\cabview.dll
+ 2008-04-14 00:11:50 84,480 ----a-w C:\WINDOWS\system32\cabview.dll
- 2006-03-16 04:00:00 18,432 ----a-w C:\WINDOWS\system32\cacls.exe
+ 2008-04-14 00:12:13 19,968 ----a-w C:\WINDOWS\system32\cacls.exe
- 2006-03-16 04:00:00 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
+ 2008-04-14 00:11:50 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
- 2006-03-16 04:00:00 142,848 ----a-w C:\WINDOWS\system32\capesnpn.dll
+ 2008-04-14 00:11:50 150,016 ----a-w C:\WINDOWS\system32\capesnpn.dll
- 2005-07-26 04:39:42 225,792 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2008-04-14 00:11:50 226,304 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2006-03-16 04:00:00 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
+ 2008-04-14 00:11:50 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
- 2005-07-26 04:39:43 625,152 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2008-04-14 00:11:50 625,664 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2006-10-23 15:34:19 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-04-14 00:11:50 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2005-09-10 01:53:41 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
+ 2008-04-14 00:11:50 2,091,520 ----a-w C:\WINDOWS\system32\cdosys.dll
- 2006-03-16 04:00:00 194,560 ----a-w C:\WINDOWS\system32\certcli.dll
+ 2008-04-14 00:11:50 194,560 ----a-w C:\WINDOWS\system32\certcli.dll
- 2006-03-16 04:00:00 457,728 ----a-w C:\WINDOWS\system32\certmgr.dll
+ 2008-04-14 00:11:50 457,728 ----a-w C:\WINDOWS\system32\certmgr.dll
- 2006-03-16 04:00:00 38,912 ----a-w C:\WINDOWS\system32\cfgbkend.dll
+ 2008-04-14 00:11:50 38,912 ----a-w C:\WINDOWS\system32\cfgbkend.dll
- 2006-03-16 04:00:00 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
+ 2008-04-14 00:09:05 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
- 2006-03-16 04:00:00 109,568 ----a-w C:\WINDOWS\system32\cic.dll
+ 2008-04-14 00:11:50 148,480 ----a-w C:\WINDOWS\system32\cic.dll
- 2006-06-22 05:06:29 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2008-04-14 00:11:50 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2006-03-16 04:00:00 56,320 ----a-w C:\WINDOWS\system32\cipher.exe
+ 2008-04-14 00:12:14 56,832 ----a-w C:\WINDOWS\system32\cipher.exe
- 2006-03-16 04:00:00 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
+ 2008-04-14 00:12:14 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
- 2005-07-26 04:39:43 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2008-04-14 00:11:50 110,592 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2005-07-26 04:39:43 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2008-04-14 00:11:50 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2006-03-16 04:00:00 64,000 ----a-w C:\WINDOWS\system32\cleanmgr.exe
+ 2008-04-14 00:12:14 64,000 ----a-w C:\WINDOWS\system32\cleanmgr.exe
- 2006-03-16 04:00:00 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
+ 2008-04-14 00:11:50 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
+ 2008-04-14 00:12:14 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
- 2006-03-16 04:00:00 102,912 ----a-w C:\WINDOWS\system32\clipbrd.exe
+ 2008-04-14 00:12:14 102,912 ----a-w C:\WINDOWS\system32\clipbrd.exe
- 2006-03-16 04:00:00 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
+ 2008-04-14 00:12:14 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
- 2006-03-16 04:00:00 57,856 ----a-w C:\WINDOWS\system32\clusapi.dll
+ 2008-04-14 00:11:50 58,368 ----a-w C:\WINDOWS\system32\clusapi.dll
- 2006-03-16 04:00:00 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
+ 2008-04-14 00:11:50 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
- 2006-03-16 04:00:00 388,608 ----a-w C:\WINDOWS\system32\cmd.exe
+ 2008-04-14 00:12:14 389,120 ----a-w C:\WINDOWS\system32\cmd.exe
- 2006-03-16 04:00:00 343,040 ----a-w C:\WINDOWS\system32\cmdial32.dll
+ 2008-04-14 00:11:50 344,064 ----a-w C:\WINDOWS\system32\cmdial32.dll
- 2006-03-16 04:00:00 47,104 ----a-w C:\WINDOWS\system32\cmdl32.exe
+ 2008-04-14 00:12:14 25,600 ----a-w C:\WINDOWS\system32\cmdl32.exe
- 2006-03-16 04:00:00 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe
+ 2008-04-14 00:12:15 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe
- 2006-03-16 04:00:00 185,344 ----a-w C:\WINDOWS\system32\cmprops.dll
+ 2008-04-14 00:11:50 185,344 ----a-w C:\WINDOWS\system32\cmprops.dll
- 2006-03-16 04:00:00 13,824 ----a-w C:\WINDOWS\system32\cmsetACL.dll
+ 2008-04-14 00:11:50 13,312 ----a-w C:\WINDOWS\system32\cmsetacl.dll
- 2006-03-16 04:00:00 63,488 ----a-w C:\WINDOWS\system32\cmstp.exe
+ 2008-04-14 00:12:15 63,488 ----a-w C:\WINDOWS\system32\cmstp.exe
- 2006-03-16 04:00:00 39,936 ----a-w C:\WINDOWS\system32\cmutil.dll
+ 2008-04-14 00:11:50 39,424 ----a-w C:\WINDOWS\system32\cmutil.dll
- 2006-03-16 04:00:00 47,104 ----a-w C:\WINDOWS\system32\cnbjmon.dll
+ 2008-04-14 00:11:50 47,104 ----a-w C:\WINDOWS\system32\cnbjmon.dll
- 2005-07-26 04:39:43 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2008-04-14 00:11:51 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
- 2005-07-26 04:39:44 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2008-04-14 00:11:51 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2006-03-16 04:00:00 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
+ 2008-04-14 00:12:15 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
- 2006-03-16 04:00:00 5,120 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
+ 2008-04-14 00:12:15 6,144 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
- 2006-03-16 04:00:00 25,600 ----a-w C:\WINDOWS\system32\comaddin.dll
+ 2008-04-14 00:11:51 28,160 ----a-w C:\WINDOWS\system32\comaddin.dll
- 2006-08-25 15:45:58 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2008-04-14 00:11:51 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2006-03-16 04:00:00 276,992 ----a-w C:\WINDOWS\system32\comdlg32.dll
+ 2008-04-14 00:11:51 276,992 ----a-w C:\WINDOWS\system32\comdlg32.dll
- 2006-03-16 04:00:00 252,928 ----a-w C:\WINDOWS\system32\compatUI.dll
+ 2008-04-14 00:11:51 252,928 ----a-w C:\WINDOWS\system32\compatui.dll
- 2006-03-16 04:00:00 229,376 ----a-w C:\WINDOWS\system32\compstui.dll
+ 2008-04-14 00:11:51 229,376 ----a-w C:\WINDOWS\system32\compstui.dll
- 2005-07-26 04:39:44 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2008-04-14 00:11:51 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2006-03-16 04:00:00 792,064 ----a-w C:\WINDOWS\system32\comres.dll
+ 2008-04-14 00:11:51 792,064 ----a-w C:\WINDOWS\system32\comres.dll
- 2006-03-16 04:00:00 147,456 ----a-w C:\WINDOWS\system32\comsnap.dll
+ 2008-04-14 00:11:51 167,424 ----a-w C:\WINDOWS\system32\comsnap.dll
- 2005-07-26 04:39:44 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2008-04-14 00:11:51 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2005-07-26 04:39:45 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
+ 2008-04-14 00:11:51 539,648 ----a-w C:\WINDOWS\system32\comuid.dll
- 2007-01-15 18:06:06 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-06-10 04:19:39 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-01-15 18:06:06 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-06-10 04:19:39 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-06-10 04:19:30 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008060920080610\index.dat
- 2007-01-15 18:06:06 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-10 04:19:39 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-03-16 04:00:00 345,600 ----a-w C:\WINDOWS\system32\confmsp.dll
+ 2008-04-14 00:11:51 357,888 ----a-w C:\WINDOWS\system32\confmsp.dll
- 2006-03-16 04:00:00 27,648 ----a-w C:\WINDOWS\system32\conime.exe
+ 2008-04-14 00:12:15 27,648 ----a-w C:\WINDOWS\system32\conime.exe
- 2007-01-09 03:01:14 17,408 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2008-04-14 00:11:51 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w C:\WINDOWS\system32\credssp.dll
- 2006-03-16 04:00:00 163,840 ----a-w C:\WINDOWS\system32\credui.dll
+ 2008-04-14 00:11:51 163,840 ----a-w C:\WINDOWS\system32\credui.dll
- 2006-03-16 04:00:00 597,504 ----a-w C:\WINDOWS\system32\crypt32.dll
+ 2008-04-14 00:11:51 599,040 ----a-w C:\WINDOWS\system32\crypt32.dll
- 2006-03-16 04:00:00 74,752 ----a-w C:\WINDOWS\system32\cryptdlg.dll
+ 2008-04-14 00:11:51 74,752 ----a-w C:\WINDOWS\system32\cryptdlg.dll
- 2006-03-16 04:00:00 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
+ 2008-04-14 00:11:51 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
- 2006-03-16 04:00:00 53,760 ----a-w C:\WINDOWS\system32\cryptext.dll
+ 2008-04-14 00:11:51 53,760 ----a-w C:\WINDOWS\system32\cryptext.dll
- 2006-03-16 04:00:00 63,488 ----a-w C:\WINDOWS\system32\cryptnet.dll
+ 2008-04-14 00:11:51 64,512 ----a-w C:\WINDOWS\system32\cryptnet.dll
- 2006-03-16 04:00:00 60,416 ----a-w C:\WINDOWS\system32\cryptsvc.dll
+ 2008-04-14 00:11:51 62,464 ----a-w C:\WINDOWS\system32\cryptsvc.dll
- 2006-03-16 04:00:00 512,512 ----a-w C:\WINDOWS\system32\cryptui.dll
+ 2008-04-14 00:11:51 512,512 ----a-w C:\WINDOWS\system32\cryptui.dll
- 2006-03-16 04:00:00 101,888 ----a-w C:\WINDOWS\system32\cscdll.dll
+ 2008-04-14 00:11:51 101,888 ----a-w C:\WINDOWS\system32\cscdll.dll
- 2006-03-16 04:00:00 98,304 ----a-w C:\WINDOWS\system32\cscript.exe
+ 2008-04-14 00:12:15 139,264 ----a-w C:\WINDOWS\system32\cscript.exe
- 2006-03-16 04:00:00 326,656 ----a-w C:\WINDOWS\system32\cscui.dll
+ 2008-04-14 00:11:51 326,656 ----a-w C:\WINDOWS\system32\cscui.dll
- 2006-03-16 04:00:00 32,768 ----a-w C:\WINDOWS\system32\csrsrv.dll
+ 2008-04-14 00:11:51 32,256 ----a-w C:\WINDOWS\system32\csrsrv.dll
- 2006-03-16 04:00:00 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
+ 2008-04-14 00:12:15 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
- 2006-03-16 04:00:00 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
+ 2008-04-14 00:12:16 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
- 2006-03-16 04:00:00 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
+ 2008-04-14 00:11:51 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
- 2006-03-16 04:00:00 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
+ 2008-04-14 00:11:51 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
- 2006-03-16 04:00:00 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
+ 2008-04-14 00:11:51 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
- 2006-03-16 04:00:00 825,344 ----a-w C:\WINDOWS\system32\d3dim700.dll
+ 2008-04-14 00:11:51 824,320 ----a-w C:\WINDOWS\system32\d3dim700.dll
- 2006-10-23 15:34:20 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-04-14 00:11:51 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
- 2006-03-16 04:00:00 54,272 ----a-w C:\WINDOWS\system32\dataclen.dll
+ 2008-04-14 00:11:51 54,272 ----a-w C:\WINDOWS\system32\dataclen.dll
- 2006-03-16 04:00:00 152,064 ----a-w C:\WINDOWS\system32\datime.dll
+ 2008-04-14 00:11:51 165,376 ----a-w C:\WINDOWS\system32\datime.dll
- 2006-03-16 04:00:00 24,576 ----a-w C:\WINDOWS\system32\davclnt.dll
+ 2008-04-14 00:11:51 25,088 ----a-w C:\WINDOWS\system32\davclnt.dll
- 2006-03-16 04:00:00 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
+ 2008-04-14 00:11:51 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
- 2006-03-16 04:00:00 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
+ 2008-04-14 00:11:51 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
- 2006-03-16 04:00:00 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
+ 2008-04-14 00:11:51 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
- 2006-03-16 04:00:00 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
+ 2008-04-14 00:11:51 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
- 2006-03-16 04:00:00 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
+ 2008-04-14 00:11:51 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
- 2006-03-16 04:00:00 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
+ 2008-04-14 00:12:16 6,144 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
- 2006-03-16 04:00:00 30,208 ----a-w C:\WINDOWS\system32\ddeshare.exe
+ 2008-04-14 00:12:16 30,208 ----a-w C:\WINDOWS\system32\ddeshare.exe
- 2006-03-16 04:00:00 266,240 ----a-w C:\WINDOWS\system32\ddraw.dll
+ 2008-04-14 00:11:51 279,552 ----a-w C:\WINDOWS\system32\ddraw.dll
- 2006-03-16 04:00:00 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
+ 2008-04-14 00:11:51 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
- 2006-03-16 04:00:00 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
+ 2008-04-14 00:12:16 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
- 2006-03-16 04:00:00 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
+ 2008-04-14 00:11:51 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
- 2006-03-16 04:00:00 282,624 ----a-w C:\WINDOWS\system32\devmgr.dll
+ 2008-04-14 00:11:51 282,624 ----a-w C:\WINDOWS\system32\devmgr.dll
- 2006-03-16 04:00:00 82,432 ----a-w C:\WINDOWS\system32\dfrgfat.exe
+ 2008-04-14 00:12:16 82,944 ----a-w C:\WINDOWS\system32\dfrgfat.exe
- 2006-03-16 04:00:00 104,960 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
+ 2008-04-14 00:12:16 105,472 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
- 2006-03-16 04:00:00 38,912 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
+ 2008-04-14 00:11:51 39,424 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
- 2006-03-16 04:00:00 123,904 ----a-w C:\WINDOWS\system32\dfrgui.dll
+ 2008-04-14 00:11:51 124,416 ----a-w C:\WINDOWS\system32\dfrgui.dll
- 2006-03-16 04:00:00 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
+ 2008-04-14 00:11:51 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
- 2006-03-16 04:00:00 111,104 ----a-w C:\WINDOWS\system32\dgnet.dll
+ 2008-04-14 00:11:51 111,104 ----a-w C:\WINDOWS\system32\dgnet.dll
- 2006-05-19 12:59:41 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2008-04-14 00:11:51 126,976 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2006-03-16 04:00:00 370,176 ----a-w C:\WINDOWS\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 379,904 ----a-w C:\WINDOWS\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w C:\WINDOWS\system32\dhcpqec.dll
- 2006-03-16 04:00:00 85,504 ----a-w C:\WINDOWS\system32\diantz.exe
+ 2008-04-14 00:12:17 87,040 ----a-w C:\WINDOWS\system32\diantz.exe
- 2006-03-16 04:00:00 68,608 ----a-w C:\WINDOWS\system32\digest.dll
+ 2008-04-14 00:11:52 68,608 ----a-w C:\WINDOWS\system32\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w C:\WINDOWS\system32\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\system32\dimsroam.dll
- 2006-03-16 04:00:00 159,232 ----a-w C:\WINDOWS\system32\dinput.dll
+ 2008-04-14 00:11:52 158,720 ----a-w C:\WINDOWS\system32\dinput.dll
- 2006-03-16 04:00:00 181,760 ----a-w C:\WINDOWS\system32\dinput8.dll
+ 2008-04-14 00:11:52 181,760 ----a-w C:\WINDOWS\system32\dinput8.dll
- 2006-03-16 04:00:00 1,501,696 ----a-w C:\WINDOWS\system32\diskcopy.dll
+ 2008-04-14 00:11:52 1,504,256 ----a-w C:\WINDOWS\system32\diskcopy.dll
- 2006-03-16 04:00:00 163,840 ----a-w C:\WINDOWS\system32\diskpart.exe
+ 2008-04-14 00:12:17 163,840 ----a-w C:\WINDOWS\system32\diskpart.exe
- 2006-03-16 04:00:00 45,083 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2008-04-14 00:11:52 32,768 ----a-w C:\WINDOWS\system32\dispex.dll
- 2006-08-22 12:05:26 498,742 ------w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ------w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2008-04-14 00:12:01 1,306,624 ------w C:\WINDOWS\system32\dllcache\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w C:\WINDOWS\system32\dllcache\msxml6r.dll
- 2006-08-21 17:52:08 246,814 ------w C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ------w C:\WINDOWS\system32\dllcache\strmdll.dll
- 2006-03-16 04:00:00 5,120 ----a-w C:\WINDOWS\system32\dllhost.exe
+ 2008-04-14 00:12:17 5,120 ----a-w C:\WINDOWS\system32\dllhost.exe
- 2006-03-16 04:00:00 224,768 ----a-w C:\WINDOWS\system32\dmadmin.exe
+ 2008-04-14 00:12:17 224,768 ----a-w C:\WINDOWS\system32\dmadmin.exe
- 2006-03-16 04:00:00 28,672 ----a-w C:\WINDOWS\system32\dmband.dll
+ 2008-04-14 00:11:52 28,672 ----a-w C:\WINDOWS\system32\dmband.dll
- 2006-03-16 04:00:00 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll
+ 2008-04-14 00:11:52 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll
- 2006-03-16 04:00:00 273,920 ----a-w C:\WINDOWS\system32\dmdlgs.dll
+ 2008-04-14 00:11:52 285,184 ----a-w C:\WINDOWS\system32\dmdlgs.dll
- 2006-03-16 04:00:00 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll
+ 2008-04-14 00:11:52 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll
- 2006-03-16 04:00:00 181,248 ----a-w C:\WINDOWS\system32\dmime.dll
+ 2008-04-14 00:11:52 181,248 ----a-w C:\WINDOWS\system32\dmime.dll
- 2006-03-16 04:00:00 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll
+ 2008-04-14 00:11:52 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll
- 2006-03-16 04:00:00 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe
+ 2008-04-14 00:12:17 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe
- 2006-03-16 04:00:00 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll
+ 2008-04-14 00:11:52 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll
- 2006-03-16 04:00:00 23,552 ----a-w C:\WINDOWS\system32\dmserver.dll
+ 2008-04-14 00:11:52 23,552 ----a-w C:\WINDOWS\system32\dmserver.dll
- 2006-03-16 04:00:00 105,984 ----a-w C:\WINDOWS\system32\dmstyle.dll
+ 2008-04-14 00:11:52 105,984 ----a-w C:\WINDOWS\system32\dmstyle.dll
- 2006-03-16 04:00:00 103,424 ----a-w C:\WINDOWS\system32\dmsynth.dll
+ 2008-04-14 00:11:52 103,424 ----a-w C:\WINDOWS\system32\dmsynth.dll
- 2006-03-16 04:00:00 104,448 ----a-w C:\WINDOWS\system32\dmusic.dll
+ 2008-04-14 00:11:52 104,448 ----a-w C:\WINDOWS\system32\dmusic.dll
- 2006-03-16 04:00:00 52,224 ----a-w C:\WINDOWS\system32\dmutil.dll
+ 2008-04-14 00:11:52 52,224 ----a-w C:\WINDOWS\system32\dmutil.dll
- 2006-02-28 19:41:34 61,440 ----a-w C:\WINDOWS\system32\dns-sd.exe
+ 2007-07-24 22:17:08 81,920 ----a-w C:\WINDOWS\system32\dns-sd.exe
- 2008-02-20 05:32:43 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-04-14 00:11:52 147,968 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2008-02-20 05:32:43 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-04-14 00:11:52 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2006-02-28 19:41:22 53,248 ----a-w C:\WINDOWS\system32\dnssd.dll
+ 2007-07-24 22:17:08 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll
- 2006-03-16 04:00:00 48,128 ----a-w C:\WINDOWS\system32\docprop2.dll
+ 2008-04-14 00:11:52 48,128 ----a-w C:\WINDOWS\system32\docprop2.dll
+ 2008-04-14 00:11:52 26,112 ------w C:\WINDOWS\system32\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w C:\WINDOWS\system32\dot3cfg.dll
+ 2008-04-14 00:11:52 9,216 ------w C:\WINDOWS\system32\dot3dlg.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\system32\dot3gpclnt.dll
+ 2008-04-14 00:11:52 56,320 ------w C:\WINDOWS\system32\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w C:\WINDOWS\system32\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w C:\WINDOWS\system32\dot3ui.dll
- 2006-03-16 04:00:00 96,768 ----a-w C:\WINDOWS\system32\dpcdll.dll
+ 2008-04-14 00:11:52 102,912 ----a-w C:\WINDOWS\system32\dpcdll.dll
- 2006-03-16 04:00:00 30,208 ----a-w C:\WINDOWS\system32\dplaysvr.exe
+ 2008-04-14 00:12:17 29,696 ----a-w C:\WINDOWS\system32\dplaysvr.exe
- 2006-03-16 04:00:00 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll
+ 2008-04-14 00:11:52 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll
- 2006-03-16 04:00:00 23,552 ----a-w C:\WINDOWS\system32\dpmodemx.dll
+ 2008-04-14 00:11:52 23,552 ----a-w C:\WINDOWS\system32\dpmodemx.dll
- 2006-03-16 04:00:00 3,584 ----a-w C:\WINDOWS\system32\dpnaddr.dll
+ 2008-04-14 00:09:19 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
- 2006-03-16 04:00:00 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll
+ 2008-04-14 00:11:52 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll
- 2006-03-16 04:00:00 35,328 ----a-w C:\WINDOWS\system32\dpnhpast.dll
+ 2008-04-14 00:11:52 35,328 ----a-w C:\WINDOWS\system32\dpnhpast.dll
- 2006-03-16 04:00:00 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll
+ 2008-04-14 00:11:52 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll
- 2006-03-16 04:00:00 3,584 ----a-w C:\WINDOWS\system32\dpnlobby.dll
+ 2008-04-14 00:09:20 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
- 2006-03-16 04:00:00 18,432 ----a-w C:\WINDOWS\system32\dpnsvr.exe
+ 2008-04-14 00:12:17 17,920 ----a-w C:\WINDOWS\system32\dpnsvr.exe
- 2006-03-16 04:00:00 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll
+ 2008-04-14 00:11:52 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll
- 2006-03-16 04:00:00 212,480 ----a-w C:\WINDOWS\system32\dpvoice.dll
+ 2008-04-14 00:11:52 212,480 ----a-w C:\WINDOWS\system32\dpvoice.dll
- 2006-03-16 04:00:00 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe
+ 2008-04-14 00:12:18 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe
- 2006-03-16 04:00:00 116,736 ----a-w C:\WINDOWS\system32\dpvvox.dll
+ 2008-04-14 00:11:52 116,736 ----a-w C:\WINDOWS\system32\dpvvox.dll
- 2006-03-16 04:00:00 57,344 ----a-w C:\WINDOWS\system32\dpwsockx.dll
+ 2008-04-14 00:11:52 57,344 ----a-w C:\WINDOWS\system32\dpwsockx.dll
- 2006-03-16 04:00:00 58,368 ----a-w C:\WINDOWS\system32\driverquery.exe
+ 2008-04-14 00:12:18 62,976 ----a-w C:\WINDOWS\system32\driverquery.exe
- 2006-03-16 04:00:00 53,248 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys
+ 2008-04-13 18:46:18 53,376 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys
- 2006-03-16 04:00:00 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
+ 2008-04-13 18:36:35 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
- 2006-02-15 00:22:26 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys
+ 2008-04-13 16:39:23 142,592 ----a-w C:\WINDOWS\system32\drivers\aec.sys
- 2004-08-04 14:07:42 42,368 ----a-w C:\WINDOWS\system32\drivers\AGP440.SYS
+ 2008-04-13 18:36:38 42,368 ----a-w C:\WINDOWS\system32\drivers\agp440.sys
- 2004-08-04 14:07:44 44,928 ----a-w C:\WINDOWS\system32\drivers\AGPCPQ.SYS
+ 2008-04-13 18:36:39 44,928 ----a-w C:\WINDOWS\system32\drivers\agpcpq.sys
- 2004-08-04 14:07:42 42,752 ----a-w C:\WINDOWS\system32\drivers\ALIM1541.SYS
+ 2008-04-13 18:36:38 42,752 ----a-w C:\WINDOWS\system32\drivers\alim1541.sys
- 2004-08-04 14:07:44 43,008 ----a-w C:\WINDOWS\system32\drivers\AMDAGP.SYS
+ 2008-04-13 18:36:39 43,008 ----a-w C:\WINDOWS\system32\drivers\amdagp.sys
- 2006-03-16 04:00:00 36,992 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
+ 2008-04-13 18:31:32 37,376 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
- 2006-03-16 04:00:00 37,376 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
+ 2008-04-13 18:31:33 37,760 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
- 2004-08-04 13:59:44 95,360 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
+ 2008-04-13 18:40:30 96,512 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
+ 2004-08-04 05:29:30 56,623 ------w C:\WINDOWS\system32\drivers\ati1btxx.sys
+ 2004-08-04 05:29:30 11,615 ------w C:\WINDOWS\system32\drivers\ati1mdxx.sys
+ 2004-08-04 05:29:30 12,047 ------w C:\WINDOWS\system32\drivers\ati1pdxx.sys
+ 2004-08-04 05:29:32 30,671 ------w C:\WINDOWS\system32\drivers\ati1raxx.sys
+ 2004-08-04 05:29:32 63,663 ------w C:\WINDOWS\system32\drivers\ati1rvxx.sys
+ 2004-08-04 05:29:32 26,367 ------w C:\WINDOWS\system32\drivers\ati1snxx.sys
+ 2004-08-04 05:29:32 21,343 ------w C:\WINDOWS\system32\drivers\ati1ttxx.sys
+ 2004-08-04 05:29:32 36,463 ------w C:\WINDOWS\system32\drivers\ati1tuxx.sys
+ 2004-08-04 05:29:32 29,455 ------w C:\WINDOWS\system32\drivers\ati1xbxx.sys
+ 2004-08-04 05:29:32 34,735 ------w C:\WINDOWS\system32\drivers\ati1xsxx.sys
+ 2004-08-04 05:29:28 327,040 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
+ 2004-08-04 05:29:28 701,440 ------w C:\WINDOWS\system32\drivers\ati2mtag.sys
+ 2004-08-04 05:29:28 57,856 ------w C:\WINDOWS\system32\drivers\atinbtxx.sys
+ 2004-08-04 05:29:30 13,824 ------w C:\WINDOWS\system32\drivers\atinmdxx.sys
+ 2004-08-04 05:29:30 14,336 ------w C:\WINDOWS\system32\drivers\atinpdxx.sys
+ 2004-08-04 05:29:30 52,224 ------w C:\WINDOWS\system32\drivers\atinraxx.sys
+ 2004-08-04 05:29:32 104,960 ------w C:\WINDOWS\system32\drivers\atinrvxx.sys
+ 2004-08-04 05:29:32 28,672 ------w C:\WINDOWS\system32\drivers\atinsnxx.sys
+ 2004-08-04 05:29:32 13,824 ------w C:\WINDOWS\system32\drivers\atinttxx.sys
+ 2004-08-04 05:29:32 73,216 ------w C:\WINDOWS\system32\drivers\atintuxx.sys
+ 2004-08-04 05:29:32 31,744 ------w C:\WINDOWS\system32\drivers\atinxbxx.sys
+ 2004-08-04 05:29:32 63,488 ------w C:\WINDOWS\system32\drivers\atinxsxx.sys
+ 2008-04-14 00:11:50 21,183 ------w C:\WINDOWS\system32\drivers\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w C:\WINDOWS\system32\drivers\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w C:\WINDOWS\system32\drivers\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w C:\WINDOWS\system32\drivers\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w C:\WINDOWS\system32\drivers\atv10nt5.dll
- 2001-08-17 21:57:54 14,080 ----a-w C:\WINDOWS\system32\drivers\battc.sys
+ 2008-04-13 18:36:32 14,208 ----a-w C:\WINDOWS\system32\drivers\battc.sys
+ 2008-04-13 18:46:33 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys
+ 2008-04-13 18:46:32 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys
+ 2008-04-13 18:46:29 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys
- 2004-08-04 06:10:18 17,024 ----a-w C:\WINDOWS\system32\drivers\CCDECODE.sys
+ 2008-04-13 18:46:23 17,024 ----a-w C:\WINDOWS\system32\drivers\ccdecode.sys
- 2006-03-16 04:00:00 49,536 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys
+ 2008-04-13 18:40:46 62,976 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys
+ 2008-04-14 00:11:50 15,423 ------w C:\WINDOWS\system32\drivers\ch7xxnt5.dll
- 2004-08-04 07:07:40 14,080 ----a-w C:\WINDOWS\system32\drivers\CmBatt.sys
+ 2008-04-13 18:36:37 13,952 ----a-w C:\WINDOWS\system32\drivers\cmbatt.sys
- 2001-08-17 21:58:00 9,344 ----a-w C:\WINDOWS\system32\drivers\compbatt.sys
+ 2008-04-13 18:36:37 10,240 ----a-w C:\WINDOWS\system32\drivers\compbatt.sys
- 2006-03-16 04:00:00 36,480 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
+ 2008-04-13 18:31:32 36,736 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
- 2006-03-16 04:00:00 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys
+ 2008-04-13 18:40:47 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys
- 2006-03-16 04:00:00 14,208 ----a-w C:\WINDOWS\system32\drivers\diskdump.sys
+ 2008-04-13 18:40:44 14,208 ----a-w C:\WINDOWS\system32\drivers\diskdump.sys
- 2004-08-04 06:07:40 52,864 ----a-w C:\WINDOWS\system32\drivers\DMusic.sys
+ 2008-04-13 18:45:01 52,864 ----a-w C:\WINDOWS\system32\drivers\dmusic.sys
- 2004-08-04 06:07:58 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
+ 2008-04-13 18:45:13 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
- 2006-03-16 04:00:00 71,040 ----a-w C:\WINDOWS\system32\drivers\dxg.sys
+ 2008-04-13 18:38:29 71,168 ----a-w C:\WINDOWS\system32\drivers\dxg.sys
- 2006-03-16 04:00:00 27,392 ----a-w C:\WINDOWS\system32\drivers\fdc.sys
+ 2008-04-13 18:40:25 27,392 ----a-w C:\WINDOWS\system32\drivers\fdc.sys
- 2006-03-16 04:00:00 34,944 ----a-w C:\WINDOWS\system32\drivers\fips.sys
+ 2008-04-13 18:33:28 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys
+ 2008-04-13 18:40:25 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys
- 2006-08-21 09:14:58 128,896 ----a-w C:\WINDOWS\system32\drivers\fltmgr.sys
+ 2008-04-13 18:32:59 129,792 ----a-w C:\WINDOWS\system32\drivers\fltmgr.sys
+ 2008-04-13 18:36:40 46,464 ------w C:\WINDOWS\system32\drivers\gagp30kx.sys
- 2006-09-19 23:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
+ 2008-01-29 19:01:28 16,168 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
+ 2008-06-10 01:32:02 85,969 ----a-w C:\WINDOWS\system32\drivers\gmer.sys
- 2005-01-08 00:07:18 138,752 ----a-w C:\WINDOWS\system32\drivers\Hdaudbus.sys
+ 2008-04-13 16:36:05 144,384 ----a-w C:\WINDOWS\system32\drivers\hdaudbus.sys
+ 2008-04-13 18:46:30 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys
- 2006-03-16 04:00:00 36,224 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 36,864 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys
- 2005-06-29 07:43:36 19,200 ----a-w C:\WINDOWS\system32\drivers\hidir.sys
+ 2008-04-13 18:45:26 19,200 ----a-w C:\WINDOWS\system32\drivers\hidir.sys
- 2006-03-16 04:00:00 24,960 ----a-w C:\WINDOWS\system32\drivers\hidparse.sys
+ 2008-04-13 18:45:22 24,960 ----a-w C:\WINDOWS\system32\drivers\hidparse.sys
- 2001-08-17 21:02:20 9,600 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys
+ 2008-04-13 18:45:27 10,368 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys
+ 2004-08-04 05:41:48 220,032 ------w C:\WINDOWS\system32\drivers\hsfbs2s2.sys
+ 2004-08-04 05:41:50 685,056 ------w C:\WINDOWS\system32\drivers\hsfcxts2.sys
+ 2004-08-04 05:41:56 1,041,536 ------w C:\WINDOWS\system32\drivers\hsfdpsp2.sys
- 2006-03-16 04:00:00 41,856 ----a-w C:\WINDOWS\system32\drivers\imapi.sys
+ 2008-04-13 18:40:58 42,112 ----a-w C:\WINDOWS\system32\drivers\imapi.sys
- 2004-08-04 13:59:42 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
+ 2008-04-13 18:40:29 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
- 2006-03-16 04:00:00 36,096 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
+ 2008-04-13 18:31:32 36,352 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
- 2005-06-29 07:43:40 46,592 ----a-w C:\WINDOWS\system32\drivers\irbus.sys
+ 2008-04-13 18:45:34 46,592 ----a-w C:\WINDOWS\system32\drivers\irbus.sys
- 2001-08-18 04:58:02 35,840 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
+ 2008-04-13 18:36:41 37,248 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
- 2006-06-14 08:47:45 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
+ 2008-04-13 18:45:09 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
- 2006-03-16 04:00:00 92,032 ----a-w C:\WINDOWS\system32\drivers\ksecdd.sys
+ 2008-04-13 18:31:43 92,288 ----a-w C:\WINDOWS\system32\drivers\ksecdd.sys
- 2006-03-16 04:00:00 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys
+ 2008-04-13 18:36:41 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys
- 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2008-04-13 18:32:44 180,608 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
- 2006-03-16 04:00:00 19,072 ----a-w C:\WINDOWS\system32\drivers\msfs.sys
+ 2008-04-13 18:32:39 19,072 ----a-w C:\WINDOWS\system32\drivers\msfs.sys
- 2004-08-04 14:07:48 15,488 ----a-w C:\WINDOWS\system32\drivers\mssmbios.sys
+ 2008-04-13 18:36:46 15,488 ----a-w C:\WINDOWS\system32\drivers\mssmbios.sys
+ 2004-08-04 05:41:40 126,686 ------w C:\WINDOWS\system32\drivers\mtlmnt5.sys
+ 2004-08-04 05:41:38 1,309,184 ------w C:\WINDOWS\system32\drivers\mtlstrm.sys
+ 2004-08-04 05:29:38 452,736 ------w C:\WINDOWS\system32\drivers\mtxparhm.sys
- 2004-08-04 06:10:30 85,376 ----a-w C:\WINDOWS\system32\drivers\NABTSFEC.sys
+ 2008-04-13 18:46:25 85,248 ----a-w C:\WINDOWS\system32\drivers\nabtsfec.sys
- 2004-08-04 06:10:14 10,880 ----a-w C:\WINDOWS\system32\drivers\NdisIP.sys
+ 2008-04-13 18:46:22 10,880 ----a-w C:\WINDOWS\system32\drivers\ndisip.sys
- 2006-03-16 04:00:00 30,848 ----a-w C:\WINDOWS\system32\drivers\npfs.sys
+ 2008-04-13 18:32:39 30,848 ----a-w C:\WINDOWS\system32\drivers\npfs.sys
+ 2004-08-04 05:41:40 180,360 ------w C:\WINDOWS\system32\drivers\ntmtlfax.sys
+ 2004-08-04 05:29:56 1,897,408 ------w C:\WINDOWS\system32\drivers\nv4_mini.sys
- 2006-10-13 10:23:15 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
+ 2008-04-13 18:34:12 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
- 2006-03-16 04:00:00 61,056 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys
+ 2008-04-13 18:46:18 61,696 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys
- 2006-03-16 04:00:00 42,496 ----a-w C:\WINDOWS\system32\drivers\p3.sys
+ 2008-04-13 18:31:31 42,752 ----a-w C:\WINDOWS\system32\drivers\p3.sys
- 2006-03-16 04:00:00 80,128 ----a-w C:\WINDOWS\system32\drivers\parport.sys
+ 2008-04-13 18:40:10 80,128 ----a-w C:\WINDOWS\system32\drivers\parport.sys
- 2006-03-16 04:00:00 18,688 ----a-w C:\WINDOWS\system32\drivers\partmgr.sys
+ 2008-04-13 18:40:49 19,712 ----a-w C:\WINDOWS\system32\drivers\partmgr.sys
- 2004-08-04 14:07:48 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys
+ 2008-04-13 18:36:44 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys
- 2004-08-04 13:59:42 25,088 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys
+ 2008-04-13 18:40:29 24,960 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys
- 2006-03-16 04:00:00 119,936 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
+ 2008-04-13 18:36:43 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
- 2006-03-16 04:00:00 35,328 ----a-w C:\WINDOWS\system32\drivers\processr.sys
+ 2008-04-13 18:31:30 35,840 ----a-w C:\WINDOWS\system32\drivers\processr.sys
- 2004-08-04 14:01:16 196,864 ----a-w C:\WINDOWS\system32\drivers\rdpdr.sys
+ 2008-04-13 18:32:51 196,224 ----a-w C:\WINDOWS\system32\drivers\rdpdr.sys
+ 2004-08-04 05:41:40 13,776 ------w C:\WINDOWS\system32\drivers\recagent.sys
- 2004-08-04 06:59:38 57,472 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
+ 2008-04-13 18:40:27 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
+ 2008-04-13 18:46:32 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys
+ 2004-08-04 05:29:52 166,912 ------w C:\WINDOWS\system32\drivers\s3gnbm.sys
- 2006-03-16 04:00:00 96,256 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys
+ 2008-04-13 18:40:30 96,384 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys
- 2006-03-16 04:00:00 67,584 ----a-w C:\WINDOWS\system32\drivers\sdbus.sys
+ 2008-04-13 18:36:44 79,232 ----a-w C:\WINDOWS\system32\drivers\sdbus.sys
- 2006-03-16 04:00:00 15,488 ----a-w C:\WINDOWS\system32\drivers\serenum.sys
+ 2008-04-13 18:40:12 15,744 ----a-w C:\WINDOWS\system32\drivers\serenum.sys
- 2006-03-16 04:00:00 11,136 ----a-w C:\WINDOWS\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:47 11,904 ----a-w C:\WINDOWS\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w C:\WINDOWS\system32\drivers\sffp_mmc.sys
- 2006-03-16 04:00:00 10,240 ----a-w C:\WINDOWS\system32\drivers\sffp_sd.sys
+ 2008-04-13 18:40:47 11,008 ----a-w C:\WINDOWS\system32\drivers\sffp_sd.sys
- 2006-03-16 04:00:00 11,392 ----a-w C:\WINDOWS\system32\drivers\sfloppy.sys
+ 2008-04-13 18:40:48 11,392 ----a-w C:\WINDOWS\system32\drivers\sfloppy.sys
+ 2008-04-14 00:12:05 3,901 ------w C:\WINDOWS\system32\drivers\siint5.dll
- 2004-08-04 14:07:44 41,088 ----a-w C:\WINDOWS\system32\drivers\SISAGP.SYS
+ 2008-04-13 18:36:39 40,960 ----a-w C:\WINDOWS\system32\drivers\sisagp.sys
- 2004-08-04 06:10:18 11,136 ----a-w C:\WINDOWS\system32\drivers\SLIP.sys
+ 2008-04-13 18:46:23 11,136 ----a-w C:\WINDOWS\system32\drivers\slip.sys
+ 2004-08-04 05:41:42 129,535 ------w C:\WINDOWS\system32\drivers\slnt7554.sys
+ 2004-08-04 05:41:44 404,990 ------w C:\WINDOWS\system32\drivers\slntamr.sys
+ 2004-08-04 05:41:46 95,424 ------w C:\WINDOWS\system32\drivers\slnthal.sys
+ 2004-08-04 05:41:46 13,240 ------w C:\WINDOWS\system32\drivers\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w C:\WINDOWS\system32\drivers\smbali.sys
- 2006-03-16 04:00:00 25,472 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
+ 2008-04-13 18:46:07 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
- 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
+ 2008-04-13 18:45:07 6,272 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
- 2006-03-16 04:00:00 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
+ 2008-04-13 18:36:52 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
- 2004-08-04 06:08:04 48,640 ----a-w C:\WINDOWS\system32\drivers\stream.sys
+ 2008-04-13 18:45:15 49,408 ----a-w C:\WINDOWS\system32\drivers\stream.sys
- 2004-08-04 06:10:14 15,360 ----a-w C:\WINDOWS\system32\drivers\StreamIP.sys
+ 2008-04-13 18:46:21 15,232 ----a-w C:\WINDOWS\system32\drivers\streamip.sys
- 2001-08-17 21:00:52 54,272 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys
+ 2008-04-13 18:45:09 56,576 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys
- 2006-03-16 04:00:00 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys
+ 2008-04-13 18:40:50 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys
+ 2008-04-13 18:36:40 44,672 ------w C:\WINDOWS\system32\drivers\uagp35.sys
- 2006-03-16 04:00:00 66,176 ----a-w C:\WINDOWS\system32\drivers\udfs.sys
+ 2008-04-13 18:32:36 66,048 ----a-w C:\WINDOWS\system32\drivers\udfs.sys
- 2006-03-16 04:00:00 23,808 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys
+ 2008-04-13 18:45:40 25,600 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys
- 2006-03-16 04:00:00 23,936 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys
+ 2008-04-13 18:45:41 25,728 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys
- 2004-08-04 07:08:48 31,616 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
+ 2008-04-13 18:45:39 32,128 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
- 2006-03-16 04:00:00 26,624 ----a-w C:\WINDOWS\system32\drivers\usbehci.sys
+ 2008-04-13 18:45:35 30,208 ----a-w C:\WINDOWS\system32\drivers\usbehci.sys
- 2006-03-16 04:00:00 57,600 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys
+ 2008-04-13 18:45:37 59,520 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys
- 2006-03-16 04:00:00 16,000 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys
+ 2008-04-13 18:45:43 15,872 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys
- 2006-03-16 04:00:00 142,976 ----a-w C:\WINDOWS\system32\drivers\usbport.sys
+ 2008-04-13 18:45:36 143,872 ----a-w C:\WINDOWS\system32\drivers\usbport.sys
- 2004-08-04 06:58:46 15,104 ----a-w C:\WINDOWS\system32\drivers\usbscan.sys
+ 2008-04-13 18:45:34 15,104 ----a-w C:\WINDOWS\system32\drivers\usbscan.sys
- 2004-08-04 07:08:48 26,496 ----a-w C:\WINDOWS\system32\drivers\USBSTOR.SYS
+ 2008-04-13 18:45:38 26,368 ----a-w C:\WINDOWS\system32\drivers\usbstor.sys
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\drivers\usbuhci.sys
+ 2008-04-13 18:45:35 20,608 ----a-w C:\WINDOWS\system32\drivers\usbuhci.sys
+ 2008-04-13 18:46:20 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys
+ 2008-04-14 00:12:08 11,325 ------w C:\WINDOWS\system32\drivers\vchnt5.dll
- 2004-08-04 14:07:44 42,240 ----a-w C:\WINDOWS\system32\drivers\VIAAGP.SYS
+ 2008-04-13 18:36:40 42,240 ----a-w C:\WINDOWS\system32\drivers\viaagp.sys
- 2004-08-04 13:59:44 5,376 ----a-w C:\WINDOWS\system32\drivers\viaide.sys
+ 2008-04-13 18:40:31 5,376 ----a-w C:\WINDOWS\system32\drivers\viaide.sys
+ 2004-08-04 05:29:40 11,807 ------w C:\WINDOWS\system32\drivers\wadv07nt.sys
+ 2004-08-04 05:29:40 11,295 ------w C:\WINDOWS\system32\drivers\wadv08nt.sys
+ 2004-08-04 05:29:42 11,871 ------w C:\WINDOWS\system32\drivers\wadv09nt.sys
+ 2004-08-04 05:29:42 11,935 ------w C:\WINDOWS\system32\drivers\wadv11nt.sys
+ 2004-08-04 05:29:46 22,271 ------w C:\WINDOWS\system32\drivers\watv06nt.sys
+ 2004-08-04 05:29:46 25,471 ------w C:\WINDOWS\system32\drivers\watv10nt.sys
- 2004-08-04 07:07:42 8,832 ----a-w C:\WINDOWS\system32\drivers\wmiacpi.sys
+ 2008-04-13 18:36:38 8,832 ----a-w C:\WINDOWS\system32\drivers\wmiacpi.sys
- 2004-08-04 06:10:22 19,328 ----a-w C:\WINDOWS\system32\drivers\WSTCODEC.SYS
+ 2008-04-13 18:46:24 19,200 ----a-w C:\WINDOWS\system32\drivers\wstcodec.sys
- 2006-03-16 04:00:00 14,336 ----a-w C:\WINDOWS\system32\drprov.dll
+ 2008-04-14 00:11:52 14,336 ----a-w C:\WINDOWS\system32\drprov.dll
+ 2008-02-18 18:16:24 30,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys
- 2006-03-16 04:00:00 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll
+ 2008-04-14 00:11:52 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll
- 2006-03-16 04:00:00 181,760 ----a-w C:\WINDOWS\system32\dsdmo.dll
+ 2008-04-14 00:11:52 181,248 ----a-w C:\WINDOWS\system32\dsdmo.dll
- 2006-03-16 04:00:00 71,680 ----a-w C:\WINDOWS\system32\dsdmoprp.dll
+ 2008-04-14 00:11:52 71,680 ----a-w C:\WINDOWS\system32\dsdmoprp.dll
- 2006-03-16 04:00:00 92,672 ----a-w C:\WINDOWS\system32\dskquota.dll
+ 2008-04-14 00:11:52 92,672 ----a-w C:\WINDOWS\system32\dskquota.dll
- 2006-03-16 04:00:00 144,384 ----a-w C:\WINDOWS\system32\dskquoui.dll
+ 2008-04-14 00:11:52 155,648 ----a-w C:\WINDOWS\system32\dskquoui.dll
- 2006-03-16 04:00:00 367,616 ----a-w C:\WINDOWS\system32\dsound.dll
+ 2008-04-14 00:11:52 367,616 ----a-w C:\WINDOWS\system32\dsound.dll
- 2006-03-16 04:00:00 1,294,336 ----a-w C:\WINDOWS\system32\dsound3d.dll
+ 2008-04-14 00:11:52 1,293,824 ----a-w C:\WINDOWS\system32\dsound3d.dll
- 2006-03-16 04:00:00 142,336 ----a-w C:\WINDOWS\system32\dsprop.dll
+ 2008-04-14 00:11:52 142,848 ----a-w C:\WINDOWS\system32\dsprop.dll
- 2006-03-16 04:00:00 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
+ 2008-04-13 17:09:30 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
- 2006-03-16 04:00:00 239,104 ----a-w C:\WINDOWS\system32\dsquery.dll
+ 2008-04-14 00:11:52 239,104 ----a-w C:\WINDOWS\system32\dsquery.dll
- 2006-03-16 04:00:00 51,200 ----a-w C:\WINDOWS\system32\dssec.dll
+ 2008-04-14 00:11:52 51,200 ----a-w C:\WINDOWS\system32\dssec.dll
- 2006-03-16 04:00:00 137,216 ----a-w C:\WINDOWS\system32\dssenh.dll
+ 2008-04-13 17:37:57 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
- 2006-03-16 04:00:00 113,152 ----a-w C:\WINDOWS\system32\dsuiext.dll
+ 2008-04-14 00:11:52 113,152 ----a-w C:\WINDOWS\system32\dsuiext.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\system32\dswave.dll
+ 2008-04-14 00:11:52 19,456 ----a-w C:\WINDOWS\system32\dswave.dll
- 2006-03-16 04:00:00 10,752 ----a-w C:\WINDOWS\system32\dumprep.exe
+ 2008-04-14 00:12:18 10,752 ----a-w C:\WINDOWS\system32\dumprep.exe
- 2006-03-16 04:00:00 304,128 ----a-w C:\WINDOWS\system32\duser.dll
+ 2008-04-14 00:11:52 304,128 ----a-w C:\WINDOWS\system32\duser.dll
- 2006-03-16 04:00:00 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe
+ 2008-04-14 00:12:18 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe
- 2006-03-16 04:00:00 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe
+ 2008-04-14 00:12:18 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe
- 2006-03-16 04:00:00 619,008 ----a-w C:\WINDOWS\system32\dx7vb.dll
+ 2008-04-14 00:11:52 619,008 ----a-w C:\WINDOWS\system32\dx7vb.dll
- 2006-03-16 04:00:00 1,227,264 ----a-w C:\WINDOWS\system32\dx8vb.dll
+ 2008-04-14 00:11:52 1,227,264 ----a-w C:\WINDOWS\system32\dx8vb.dll
- 2006-03-16 04:00:00 1,298,432 ----a-w C:\WINDOWS\system32\dxdiag.exe
+ 2008-04-14 00:12:18 1,298,432 ----a-w C:\WINDOWS\system32\dxdiag.exe
- 2006-03-16 04:00:00 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll
+ 2008-04-14 00:11:52 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll
- 2006-08-22 12:05:26 498,742 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2008-04-14 00:11:52 30,720 ------w C:\WINDOWS\system32\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w C:\WINDOWS\system32\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w C:\WINDOWS\system32\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w C:\WINDOWS\system32\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w C:\WINDOWS\system32\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w C:\WINDOWS\system32\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w C:\WINDOWS\system32\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w C:\WINDOWS\system32\eapsvc.dll
- 2006-03-16 04:00:00 26,624 ----a-w C:\WINDOWS\system32\efsadu.dll
+ 2008-04-14 00:11:52 26,624 ----a-w C:\WINDOWS\system32\efsadu.dll
- 2006-03-16 04:00:00 183,296 ----a-w C:\WINDOWS\system32\els.dll
+ 2008-04-14 00:11:53 183,296 ----a-w C:\WINDOWS\system32\els.dll
+ 2008-04-14 00:11:57 28,672 ------w C:\WINDOWS\system32\en\microsoft.managementconsole.resources.dll
+ 2008-04-14 00:11:57 40,960 ------w C:\WINDOWS\system32\en\mmcex.resources.dll
+ 2008-04-14 00:11:57 6,656 ------w C:\WINDOWS\system32\en\mmcfxcommon.resources.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\encapi.dll
+ 2008-04-14 00:11:53 20,480 ----a-w C:\WINDOWS\system32\encapi.dll
- 2006-03-16 04:00:00 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll
+ 2008-04-14 00:11:53 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll
- 2005-07-26 04:39:45 243,200 ----a-w C:\WINDOWS\system32\es.dll
+ 2008-04-14 00:11:53 246,272 ----a-w C:\WINDOWS\system32\es.dll
- 2005-10-20 22:20:03 1,082,368 ----a-w C:\WINDOWS\system32\esent.dll
+ 2008-04-14 00:11:53 1,082,368 ----a-w C:\WINDOWS\system32\esent.dll
- 2006-03-16 04:00:00 193,024 ----a-w C:\WINDOWS\system32\eudcedit.exe
+ 2008-04-14 00:12:19 193,024 ----a-w C:\WINDOWS\system32\eudcedit.exe
- 2006-03-16 04:00:00 50,176 ----a-w C:\WINDOWS\system32\eventcreate.exe
+ 2008-04-14 00:12:19 50,688 ----a-w C:\WINDOWS\system32\eventcreate.exe
- 2006-03-16 04:00:00 55,808 ----a-w C:\WINDOWS\system32\eventlog.dll
+ 2008-04-14 00:11:53 56,320 ----a-w C:\WINDOWS\system32\eventlog.dll
- 2006-03-16 04:00:00 77,824 ----a-w C:\WINDOWS\system32\eventtriggers.exe
+ 2008-04-14 00:12:19 82,944 ----a-w C:\WINDOWS\system32\eventtriggers.exe
- 2006-03-16 04:00:00 380,957 ----a-w C:\WINDOWS\system32\expsrv.dll
+ 2008-04-14 00:11:53 380,445 ----a-w C:\WINDOWS\system32\expsrv.dll
- 2006-03-16 04:00:00 45,568 ----a-w C:\WINDOWS\system32\extrac32.exe
+ 2008-04-14 00:12:19 24,064 ----a-w C:\WINDOWS\system32\extrac32.exe
- 2006-03-16 04:00:00 121,856 ----a-w C:\WINDOWS\system32\exts.dll
+ 2008-04-14 00:11:53 125,952 ----a-w C:\WINDOWS\system32\exts.dll
- 2006-03-16 04:00:00 80,384 ----a-w C:\WINDOWS\system32\faultrep.dll
+ 2008-04-14 00:11:53 80,384 ----a-w C:\WINDOWS\system32\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w C:\WINDOWS\system32\faxpatch.exe
- 2006-03-16 04:00:00 117,760 ----a-w C:\WINDOWS\system32\fde.dll
+ 2008-04-14 00:11:53 124,928 ----a-w C:\WINDOWS\system32\fde.dll
- 2006-03-16 04:00:00 73,728 ----a-w C:\WINDOWS\system32\fdeploy.dll
+ 2008-04-14 00:11:53 73,728 ----a-w C:\WINDOWS\system32\fdeploy.dll
- 2006-03-16 04:00:00 21,504 ----a-w C:\WINDOWS\system32\feclient.dll
+ 2008-04-14 00:11:53 21,504 ----a-w C:\WINDOWS\system32\feclient.dll
- 2006-03-16 04:00:00 337,920 ----a-w C:\WINDOWS\system32\filemgmt.dll
+ 2008-04-14 00:11:53 337,920 ----a-w C:\WINDOWS\system32\filemgmt.dll
- 2006-03-16 04:00:00 27,136 ----a-w C:\WINDOWS\system32\findstr.exe
+ 2008-04-14 00:12:20 27,136 ----a-w C:\WINDOWS\system32\findstr.exe
- 2006-03-16 04:00:00 87,552 ----a-w C:\WINDOWS\system32\fldrclnr.dll
+ 2008-04-14 00:11:53 87,552 ----a-w C:\WINDOWS\system32\fldrclnr.dll
- 2006-08-21 12:21:06 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
+ 2008-04-14 00:11:53 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
- 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
+ 2008-04-14 00:12:20 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
- 2008-04-21 14:44:11 1,542,704 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-11 16:56:56 1,543,200 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-03-16 04:00:00 382,976 ----a-w C:\WINDOWS\system32\fontext.dll
+ 2008-04-14 00:11:53 382,976 ----a-w C:\WINDOWS\system32\fontext.dll
- 2005-10-18 05:14:46 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
+ 2008-04-14 00:11:53 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\system32\fontview.exe
+ 2008-04-14 00:12:20 20,992 ----a-w C:\WINDOWS\system32\fontview.exe
- 2006-03-16 04:00:00 7,168 ----a-w C:\WINDOWS\system32\forcedos.exe
+ 2008-04-14 00:12:20 7,680 ----a-w C:\WINDOWS\system32\forcedos.exe
- 2006-03-16 04:00:00 25,600 ----a-w C:\WINDOWS\system32\format.com
+ 2008-04-14 00:12:42 29,696 ----a-w C:\WINDOWS\system32\format.com
- 2006-03-16 04:00:00 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
+ 2008-04-14 00:09:33 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
- 2006-03-16 04:00:00 193,024 ----a-w C:\WINDOWS\system32\fsquirt.exe
+ 2008-04-14 00:12:20 193,024 ----a-w C:\WINDOWS\system32\fsquirt.exe
- 2006-03-16 04:00:00 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
+ 2008-04-14 00:12:20 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
- 2006-03-16 04:00:00 60,416 ----a-w C:\WINDOWS\system32\fwcfg.dll
+ 2008-04-14 00:11:53 60,416 ----a-w C:\WINDOWS\system32\fwcfg.dll
- 2008-02-20 06:51:05 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-04-14 00:11:54 285,184 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2006-09-19 23:43:58 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll
+ 2008-01-29 19:02:30 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
- 2006-03-16 04:00:00 55,296 ----a-w C:\WINDOWS\system32\getmac.exe
+ 2008-04-14 00:12:21 59,904 ----a-w C:\WINDOWS\system32\getmac.exe
- 2006-03-16 04:00:00 122,880 ----a-w C:\WINDOWS\system32\glu32.dll
+ 2008-04-14 00:11:54 122,880 ----a-w C:\WINDOWS\system32\glu32.dll
- 2006-03-16 04:00:00 566,784 ----a-w C:\WINDOWS\system32\gpedit.dll
+ 2008-04-14 00:09:35 566,784 ----a-w C:\WINDOWS\system32\gpedit.dll
- 2006-03-16 04:00:00 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
+ 2006-12-31 01:26:44 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
- 2006-03-16 04:00:00 119,808 ----a-w C:\WINDOWS\system32\gpresult.exe
+ 2008-04-14 00:12:21 120,832 ----a-w C:\WINDOWS\system32\gpresult.exe
- 2006-03-16 04:00:00 198,656 ----a-w C:\WINDOWS\system32\gptext.dll
+ 2008-04-14 00:11:54 199,680 ----a-w C:\WINDOWS\system32\gptext.dll
- 2006-03-16 04:00:00 39,424 ----a-w C:\WINDOWS\system32\grpconv.exe
+ 2008-04-14 00:12:21 39,424 ----a-w C:\WINDOWS\system32\grpconv.exe
- 2006-03-16 04:00:00 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll
+ 2008-04-14 00:11:54 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll
- 2005-09-28 23:35:25 134,272 ----a-w C:\WINDOWS\system32\HAL.DLL
+ 2008-04-13 18:31:28 134,400 ----a-w C:\WINDOWS\system32\HAL.DLL
- 2006-03-16 04:00:00 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll
+ 2008-04-14 00:11:54 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll
- 2006-03-16 04:00:00 14,848 ----a-w C:\WINDOWS\system32\help.exe
+ 2008-04-14 00:12:21 15,872 ----a-w C:\WINDOWS\system32\help.exe
- 2005-05-27 02:04:27 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
+ 2008-04-14 00:11:54 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\system32\hid.dll
+ 2008-04-14 00:11:54 20,992 ----a-w C:\WINDOWS\system32\hid.dll
- 2006-07-21 08:24:43 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2008-04-14 00:11:54 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2006-03-16 04:00:00 344,064 ----a-w C:\WINDOWS\system32\hnetcfg.dll
+ 2008-04-14 00:11:54 344,064 ----a-w C:\WINDOWS\system32\hnetcfg.dll
- 2006-03-16 04:00:00 330,752 ----a-w C:\WINDOWS\system32\hnetwiz.dll
+ 2008-04-14 00:11:54 330,752 ----a-w C:\WINDOWS\system32\hnetwiz.dll
- 2006-03-16 04:00:00 144,896 ----a-w C:\WINDOWS\system32\hotplug.dll
+ 2008-04-14 00:11:54 144,896 ----a-w C:\WINDOWS\system32\hotplug.dll
+ 2008-04-14 00:11:54 32,285 ------w C:\WINDOWS\system32\hsfcisp2.dll
- 2006-03-16 04:00:00 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll
+ 2008-04-14 00:11:54 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll
- 2006-03-16 04:00:00 41,984 ----a-w C:\WINDOWS\system32\htui.dll
+ 2008-04-14 00:11:54 41,984 ----a-w C:\WINDOWS\system32\htui.dll
- 2004-11-17 17:41:24 347,136 ----a-w C:\WINDOWS\system32\hypertrm.dll
+ 2008-04-14 00:11:54 347,136 ----a-w C:\WINDOWS\system32\hypertrm.dll
- 2006-03-16 04:00:00 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll
+ 2008-04-14 00:11:54 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll
- 2006-03-16 04:00:00 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll
+ 2008-04-14 00:11:54 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll
- 2006-03-16 04:00:00 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll
+ 2008-04-14 00:11:54 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll
- 2005-06-29 09:46:00 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
+ 2008-04-14 00:11:54 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
- 2006-03-16 04:00:00 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
+ 2008-04-14 00:09:40 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
- 2006-03-16 04:00:00 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll
+ 2008-04-14 00:11:54 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll
- 2006-03-16 04:00:00 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll
+ 2008-04-14 00:11:54 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll
- 2006-03-16 04:00:00 120,832 ----a-w C:\WINDOWS\system32\idq.dll
+ 2008-04-14 00:11:54 120,832 ----a-w C:\WINDOWS\system32\idq.dll
- 2006-10-17 20:06:00 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2008-04-14 00:11:54 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
- 2006-03-16 04:00:00 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe
+ 2008-04-14 00:12:22 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe
- 2006-03-16 04:00:00 135,680 ----a-w C:\WINDOWS\system32\ifmon.dll
+ 2008-04-14 00:11:54 135,680 ----a-w C:\WINDOWS\system32\ifmon.dll
- 2006-03-16 04:00:00 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll
+ 2008-04-14 00:11:54 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll
- 2006-03-16 04:00:00 81,920 ----a-w C:\WINDOWS\system32\ils.dll
+ 2008-04-14 00:11:54 81,920 ----a-w C:\WINDOWS\system32\ils.dll
- 2006-03-16 04:00:00 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll
+ 2008-04-14 00:11:54 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll
- 2006-03-16 04:00:00 150,016 ----a-w C:\WINDOWS\system32\imapi.exe
+ 2008-04-14 00:12:22 150,528 ----a-w C:\WINDOWS\system32\imapi.exe
- 2006-03-16 04:00:00 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll
+ 2008-04-14 00:11:54 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll
- 2006-03-16 04:00:00 110,080 ----a-w C:\WINDOWS\system32\imm32.dll
+ 2008-04-14 00:11:54 110,080 ----a-w C:\WINDOWS\system32\imm32.dll
- 2006-03-16 04:00:00 274,432 ----a-w C:\WINDOWS\system32\inetcfg.dll
+ 2008-04-14 00:11:54 274,432 ----a-w C:\WINDOWS\system32\inetcfg.dll
- 2007-08-21 06:15:44 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-14 00:11:54 691,712 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2006-03-16 04:00:00 33,280 ----a-w C:\WINDOWS\system32\inetmib1.dll
+ 2008-04-14 00:11:55 32,768 ----a-w C:\WINDOWS\system32\inetmib1.dll
- 2006-03-16 04:00:00 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll
+ 2008-04-14 00:11:55 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll
- 2006-03-16 04:00:00 15,872 ----a-w C:\WINDOWS\system32\inetppui.dll
+ 2008-04-14 00:11:55 15,872 ----a-w C:\WINDOWS\system32\inetppui.dll
- 2006-03-16 04:00:00 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
+ 2008-04-13 16:22:12 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
+ 2008-04-14 00:12:05 221,696 ------w C:\WINDOWS\system32\inetsrv\seo.dll
+ 2008-04-14 00:12:06 189,440 ------w C:\WINDOWS\system32\inetsrv\smtpadm.dll
+ 2008-04-14 00:12:06 2,134,528 ------w C:\WINDOWS\system32\inetsrv\smtpsnap.dll
- 2006-03-16 04:00:00 147,456 ----a-w C:\WINDOWS\system32\initpki.dll
+ 2008-04-14 00:11:55 147,456 ----a-w C:\WINDOWS\system32\initpki.dll
- 2006-03-16 04:00:00 123,392 ----a-w C:\WINDOWS\system32\input.dll
+ 2008-04-14 00:11:55 123,392 ----a-w C:\WINDOWS\system32\input.dll
- 2006-03-16 04:00:00 55,808 ----a-w C:\WINDOWS\system32\ipconfig.exe
+ 2008-04-14 00:12:22 55,808 ----a-w C:\WINDOWS\system32\ipconfig.exe
- 2006-05-19 12:59:41 94,720 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2008-04-14 00:11:55 94,720 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2006-03-16 04:00:00 154,112 ----a-w C:\WINDOWS\system32\ipmontr.dll
+ 2008-04-14 00:11:55 161,280 ----a-w C:\WINDOWS\system32\ipmontr.dll
- 2006-03-16 04:00:00 331,264 ----a-w C:\WINDOWS\system32\ipnathlp.dll
+ 2008-04-14 00:11:55 331,264 ----a-w C:\WINDOWS\system32\ipnathlp.dll
- 2006-03-16 04:00:00 330,752 ----a-w C:\WINDOWS\system32\ippromon.dll
+ 2008-04-14 00:11:55 330,752 ----a-w C:\WINDOWS\system32\ippromon.dll
- 2006-03-16 04:00:00 169,984 ----a-w C:\WINDOWS\system32\iprtrmgr.dll
+ 2008-04-14 00:11:55 177,152 ----a-w C:\WINDOWS\system32\iprtrmgr.dll
- 2006-03-16 04:00:00 349,696 ----a-w C:\WINDOWS\system32\ipsecsnp.dll
+ 2008-04-14 00:11:55 349,696 ----a-w C:\WINDOWS\system32\ipsecsnp.dll
- 2006-03-16 04:00:00 182,784 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
+ 2008-04-14 00:11:55 183,808 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
- 2006-03-16 04:00:00 384,000 ----a-w C:\WINDOWS\system32\ipsmsnap.dll
+ 2008-04-14 00:11:55 384,000 ----a-w C:\WINDOWS\system32\ipsmsnap.dll
- 2006-03-16 04:00:00 53,248 ----a-w C:\WINDOWS\system32\ipv6.exe
+ 2008-04-14 00:12:23 53,248 ----a-w C:\WINDOWS\system32\ipv6.exe
- 2006-03-16 04:00:00 59,904 ----a-w C:\WINDOWS\system32\ipv6mon.dll
+ 2008-04-14 00:11:55 59,904 ----a-w C:\WINDOWS\system32\ipv6mon.dll
- 2006-03-16 04:00:00 23,552 ----a-w C:\WINDOWS\system32\ipxroute.exe
+ 2008-04-14 00:12:23 23,552 ----a-w C:\WINDOWS\system32\ipxroute.exe
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\system32\ipxwan.dll
+ 2008-04-14 00:11:55 22,016 ----a-w C:\WINDOWS\system32\ipxwan.dll
- 2006-03-16 04:00:00 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll
+ 2008-04-14 00:11:55 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll
- 2006-03-16 04:00:00 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll
+ 2008-04-14 00:11:55 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll
- 2006-03-16 04:00:00 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
+ 2008-04-14 00:11:55 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
- 2006-03-16 04:00:00 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll
+ 2008-04-14 00:11:55 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll
- 2006-03-16 04:00:00 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll
+ 2008-04-14 00:11:55 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll
- 2006-03-16 04:00:00 81,920 ----a-w C:\WINDOWS\system32\isign32.dll
+ 2008-04-14 00:11:55 81,920 ----a-w C:\WINDOWS\system32\isign32.dll
- 2006-03-16 04:00:00 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll
+ 2008-04-14 00:11:55 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll
- 2005-05-27 02:04:27 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
+ 2008-04-14 00:11:55 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
- 2005-05-27 02:04:27 137,216 ----a-w C:\WINDOWS\system32\itss.dll
+ 2008-04-14 00:11:55 138,240 ----a-w C:\WINDOWS\system32\itss.dll
- 2006-03-16 04:00:00 54,272 ----a-w C:\WINDOWS\system32\ixsso.dll
+ 2008-04-14 00:11:55 54,272 ----a-w C:\WINDOWS\system32\ixsso.dll
- 2004-08-04 08:56:44 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
+ 2008-04-14 00:11:55 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
- 2006-06-01 18:47:07 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
+ 2008-04-14 00:11:55 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
- 2006-06-01 18:47:07 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
+ 2008-04-14 00:11:55 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
- 2006-10-17 20:00:00 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2008-04-14 00:11:56 512,000 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdbhc.dll
- 2006-03-16 04:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdfi1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdfi1.dll
- 2006-03-16 04:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdinbe1.dll
- 2006-03-16 04:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdinben.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdinben.dll
- 2006-03-16 04:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,656 ----a-w C:\WINDOWS\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdiultn.dll
- 2006-03-16 04:00:00 5,632 ----a-w C:\WINDOWS\system32\kbdmaori.dll
+ 2008-04-14 00:09:55 5,632 ----a-w C:\WINDOWS\system32\kbdmaori.dll
- 2006-03-16 04:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdmlt47.dll
- 2006-03-16 04:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdmlt48.dll
- 2006-03-16 04:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdnepr.dll
- 2006-03-16 04:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdpash.dll
- 2006-03-16 04:00:00 7,680 ----a-w C:\WINDOWS\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ----a-w C:\WINDOWS\system32\kbdsmsfi.dll
- 2006-03-16 04:00:00 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll
- 2006-03-16 04:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdukx.dll
- 2006-03-16 04:00:00 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
- 2005-06-15 17:49:30 295,936 ----a-w C:\WINDOWS\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w C:\WINDOWS\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w C:\WINDOWS\system32\kernel32.dll
- 2006-03-16 04:00:00 150,528 ----a-w C:\WINDOWS\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w C:\WINDOWS\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ------w C:\WINDOWS\system32\kmsvc.dll
- 2004-08-04 08:56:44 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w C:\WINDOWS\system32\l2gpstore.dll
- 2007-02-16 02:01:04 1,476,992 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-21 01:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
- 2006-03-16 04:00:00 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll
- 2005-09-01 01:41:53 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
- 2006-03-16 04:00:00 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll
- 2006-03-16 04:00:00 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll
- 2006-03-16 04:00:00 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
- 2006-03-16 04:00:00 221,696 ----a-w C:\WINDOWS\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w C:\WINDOWS\system32\localsec.dll
- 2006-03-16 04:00:00 341,504 ----a-w C:\WINDOWS\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w C:\WINDOWS\system32\localspl.dll
- 2006-03-16 04:00:00 11,776 ----a-w C:\WINDOWS\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w C:\WINDOWS\system32\localui.dll
- 2006-03-16 04:00:00 75,264 ----a-w C:\WINDOWS\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w C:\WINDOWS\system32\locator.exe
- 2006-03-16 04:00:00 59,392 ----a-w C:\WINDOWS\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ----a-w C:\WINDOWS\system32\logman.exe
- 2006-03-16 04:00:00 220,672 ----a-w C:\WINDOWS\system32\logon.scr
+ 2008-04-14 00:12:43 220,672 ----a-w C:\WINDOWS\system32\logon.scr
- 2006-03-16 04:00:00 514,560 ----a-w C:\WINDOWS\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w C:\WINDOWS\system32\logonui.exe
- 2006-03-16 04:00:00 22,016 ----a-w C:\WINDOWS\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w C:\WINDOWS\system32\lpk.dll
- 2006-03-16 04:00:00 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll
- 2007-11-07 09:26:56 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2006-03-16 04:00:00 13,312 ----a-w C:\WINDOWS\system32\lsass.exe
+ 2008-04-14 00:12:24 13,312 ----a-w C:\WINDOWS\system32\lsass.exe
- 2006-03-16 04:00:00 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
+ 2008-04-14 00:12:24 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
- 2006-03-16 04:00:00 85,504 ----a-w C:\WINDOWS\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w C:\WINDOWS\system32\makecab.exe
- 2006-03-16 04:00:00 14,848 ----a-w C:\WINDOWS\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w C:\WINDOWS\system32\mcastmib.dll
- 2006-03-16 04:00:00 84,480 ----a-w C:\WINDOWS\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w C:\WINDOWS\system32\mciavi32.dll
- 2006-03-16 04:00:00 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll
- 2006-03-16 04:00:00 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll
- 2006-03-16 04:00:00 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll
- 2006-03-16 04:00:00 118,272 ----a-w C:\WINDOWS\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w C:\WINDOWS\system32\mdminst.dll
- 2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
- 2006-03-16 04:00:00 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll
- 2006-03-16 04:00:00 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll
- 2006-03-16 04:00:00 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ------w C:\WINDOWS\system32\microsoft.managementconsole.dll
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w C:\WINDOWS\system32\midimap.dll
- 2006-03-16 04:00:00 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w C:\WINDOWS\system32\mimefilt.dll
- 2006-03-16 04:00:00 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
- 2006-03-16 04:00:00 815,104 ----a-w C:\WINDOWS\system32\mmc.exe
+ 2008-04-14 00:12:25 1,414,656 ----a-w C:\WINDOWS\system32\mmc.exe
- 2006-03-16 04:00:00 70,656 ----a-w C:\WINDOWS\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w C:\WINDOWS\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w C:\WINDOWS\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ------w C:\WINDOWS\system32\mmcfxcommon.dll
- 2006-03-16 04:00:00 1,192,960 ----a-w C:\WINDOWS\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w C:\WINDOWS\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w C:\WINDOWS\system32\mmcperf.exe
- 2006-03-16 04:00:00 50,688 ----a-w C:\WINDOWS\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w C:\WINDOWS\system32\mmcshext.dll
- 2006-03-16 04:00:00 17,408 ----a-w C:\WINDOWS\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w C:\WINDOWS\system32\mmfutil.dll
- 2006-03-16 04:00:00 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll
- 2006-03-16 04:00:00 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
- 2006-03-16 04:00:00 207,360 ----a-w C:\WINDOWS\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w C:\WINDOWS\system32\mobsync.dll
- 2006-03-16 04:00:00 143,360 ----a-w C:\WINDOWS\system32\mobsync.exe
+ 2008-04-14 00:12:26 143,360 ----a-w C:\WINDOWS\system32\mobsync.exe
- 2006-03-16 04:00:00 153,600 ----a-w C:\WINDOWS\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w C:\WINDOWS\system32\modemui.dll
- 2006-03-16 04:00:00 15,872 ----a-w C:\WINDOWS\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w C:\WINDOWS\system32\more.com
- 2006-03-16 04:00:00 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
- 2006-03-16 04:00:00 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll
+ 2008-04-14 00:11:57 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll
- 2006-03-16 04:00:00 123,392 ----a-w C:\WINDOWS\system32\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w C:\WINDOWS\system32\mplay32.exe
- 2006-03-16 04:00:00 59,904 ----a-w C:\WINDOWS\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w C:\WINDOWS\system32\mpr.dll
- 2006-03-16 04:00:00 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
- 2006-03-16 04:00:00 49,152 ----a-w C:\WINDOWS\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w C:\WINDOWS\system32\mprdim.dll
- 2007-07-06 12:46:59 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2008-04-14 00:11:57 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2006-03-16 04:00:00 19,968 ----a-w C:\WINDOWS\system32\mqbkup.exe
+ 2008-04-14 00:12:27 19,968 ----a-w C:\WINDOWS\system32\mqbkup.exe
- 2007-07-06 12:46:59 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2008-04-14 00:11:57 47,616 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2007-07-06 12:46:59 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2008-04-14 00:11:57 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2006-03-16 04:00:00 89,088 ----a-w C:\WINDOWS\system32\mqlogmgr.dll
+ 2008-04-14 00:11:57 89,088 ----a-w C:\WINDOWS\system32\mqlogmgr.dll
- 2006-03-16 04:00:00 225,280 ----a-w C:\WINDOWS\system32\mqoa.dll
+ 2008-04-14 00:11:57 225,280 ----a-w C:\WINDOWS\system32\mqoa.dll
- 2007-07-06 12:46:59 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2008-04-14 00:11:57 663,040 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2007-07-06 12:46:59 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2008-04-14 00:11:57 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2006-03-16 04:00:00 123,392 ----a-w C:\WINDOWS\system32\mqrtdep.dll
+ 2008-04-14 00:11:57 123,904 ----a-w C:\WINDOWS\system32\mqrtdep.dll
- 2007-07-06 12:46:59 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2008-04-14 00:11:57 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2006-03-16 04:00:00 517,632 ----a-w C:\WINDOWS\system32\mqsnap.dll
+ 2008-04-14 00:11:58 517,632 ----a-w C:\WINDOWS\system32\mqsnap.dll
- 2006-03-16 04:00:00 4,608 ----a-w C:\WINDOWS\system32\mqsvc.exe

#11 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 11 June 2008 - 03:58 PM

here is last part of combofix log




+ 2008-04-14 00:12:27 4,608 ----a-w C:\WINDOWS\system32\mqsvc.exe
- 2006-03-16 04:00:00 117,248 ----a-w C:\WINDOWS\system32\mqtgsvc.exe
+ 2008-04-14 00:12:27 117,248 ----a-w C:\WINDOWS\system32\mqtgsvc.exe
- 2006-03-16 04:00:00 186,880 ----a-w C:\WINDOWS\system32\mqtrig.dll
+ 2008-04-14 00:11:58 187,392 ----a-w C:\WINDOWS\system32\mqtrig.dll
- 2007-07-06 12:46:59 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2008-04-14 00:11:58 49,152 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2007-07-06 12:46:59 471,552 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2008-04-14 00:11:58 471,552 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2006-03-16 04:00:00 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll
- 2006-03-16 04:00:00 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll
- 2006-03-16 04:00:00 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll
- 2005-06-29 09:46:00 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
+ 2008-04-14 00:11:58 73,728 ----a-w C:\WINDOWS\system32\mscms.dll
- 2006-03-16 04:00:00 69,632 ----a-w C:\WINDOWS\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w C:\WINDOWS\system32\msconf.dll
- 2006-03-16 04:00:00 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dLL
+ 2008-04-13 17:26:07 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
- 2006-03-16 04:00:00 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dLL
+ 2008-04-14 00:11:58 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dll
- 2008-02-26 11:59:50 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
+ 2008-04-14 00:11:58 297,984 ----a-w C:\WINDOWS\system32\msctf.dll
- 2006-03-16 04:00:00 69,120 ----a-w C:\WINDOWS\system32\MSCTFP.dll
+ 2008-04-14 00:11:58 68,608 ----a-w C:\WINDOWS\system32\msctfp.dll
- 2006-03-16 04:00:00 118,784 ----a-w C:\WINDOWS\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ----a-w C:\WINDOWS\system32\msdadiag.dll
- 2006-03-16 04:00:00 151,552 ----a-w C:\WINDOWS\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w C:\WINDOWS\system32\msdart.dll
- 2006-03-16 04:00:00 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll
- 2006-03-16 04:00:00 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
- 2006-03-16 04:00:00 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll
- 2006-03-02 03:42:42 426,496 ----a-w C:\WINDOWS\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w C:\WINDOWS\system32\msdtcprx.dll
- 2006-03-02 03:42:42 956,416 ----a-w C:\WINDOWS\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w C:\WINDOWS\system32\msdtctm.dll
- 2006-03-02 03:42:42 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
- 2006-11-27 14:54:06 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2006-03-16 04:00:00 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll
- 2006-03-16 04:00:00 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
- 2004-08-04 08:56:58 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w C:\WINDOWS\system32\msi.dll
- 2006-03-16 04:00:00 51,712 ----a-w C:\WINDOWS\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w C:\WINDOWS\system32\msident.dll
- 2006-03-16 04:00:00 6,656 ----a-w C:\WINDOWS\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w C:\WINDOWS\system32\msidle.dll
- 2006-03-16 04:00:00 248,832 ----a-w C:\WINDOWS\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w C:\WINDOWS\system32\msieftp.dll
- 2005-05-03 19:58:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2008-04-14 00:12:28 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2005-05-03 19:58:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2006-03-16 04:00:00 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll
- 2005-05-03 19:58:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2006-03-16 04:00:00 159,232 ----a-w C:\WINDOWS\system32\MSIMTF.dll
+ 2008-04-14 00:11:59 159,232 ----a-w C:\WINDOWS\system32\msimtf.dll
- 2005-05-03 19:58:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
- 2008-03-27 08:12:54 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2006-03-16 04:00:00 25,088 ----a-w C:\WINDOWS\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w C:\WINDOWS\system32\mslbui.dll
- 2006-03-16 04:00:00 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll
- 2006-03-16 04:00:00 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll
- 2006-03-16 04:00:00 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
- 2006-03-16 04:00:00 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll
- 2006-03-16 04:00:00 343,040 ----a-w C:\WINDOWS\system32\mspaint.exe
+ 2008-04-14 00:12:28 343,040 ----a-w C:\WINDOWS\system32\mspaint.exe
- 2006-03-16 04:00:00 30,208 ----a-w C:\WINDOWS\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w C:\WINDOWS\system32\mspatcha.dll
- 2006-03-16 04:00:00 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
- 2006-03-16 04:00:00 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll
- 2006-03-16 04:00:00 134,656 ----a-w C:\WINDOWS\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w C:\WINDOWS\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w C:\WINDOWS\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w C:\WINDOWS\system32\msshavmsg.dll
- 2006-03-16 04:00:00 274,944 ----a-w C:\WINDOWS\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w C:\WINDOWS\system32\mstask.dll
- 2006-03-16 04:00:00 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe
- 2006-03-16 04:00:00 115,712 ----a-w C:\WINDOWS\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w C:\WINDOWS\system32\mstlsapi.dll
- 2006-03-16 04:00:00 407,552 ----a-w C:\WINDOWS\system32\mstsc.exe
+ 2008-04-14 00:12:23 677,888 ----a-w C:\WINDOWS\system32\mstsc.exe
- 2006-03-16 04:00:00 655,360 ----a-w C:\WINDOWS\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w C:\WINDOWS\system32\mstscax.dll
- 2006-03-16 04:00:00 195,072 ----a-w C:\WINDOWS\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w C:\WINDOWS\system32\msutb.dll
- 2006-03-16 04:00:00 129,536 ----a-w C:\WINDOWS\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w C:\WINDOWS\system32\msv1_0.dll
- 2006-03-16 04:00:00 1,392,671 ----a-w C:\WINDOWS\system32\msvbvm60.dll
+ 2008-04-14 00:12:00 1,384,479 ----a-w C:\WINDOWS\system32\msvbvm60.dll
- 2006-03-16 04:00:00 54,784 ----a-w C:\WINDOWS\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w C:\WINDOWS\system32\msvcirt.dll
- 2006-03-16 04:00:00 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll
- 2006-03-16 04:00:00 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
- 2006-03-16 04:00:00 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
- 2006-03-16 04:00:00 120,832 ----a-w C:\WINDOWS\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w C:\WINDOWS\system32\msvfw32.dll
- 2006-03-16 04:00:00 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll
- 2006-03-16 04:00:00 204,288 ----a-w C:\WINDOWS\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w C:\WINDOWS\system32\mswebdvd.dll
- 2006-03-16 04:00:00 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
+ 2008-04-14 00:12:01 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
- 2006-03-16 04:00:00 506,368 ----a-w C:\WINDOWS\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w C:\WINDOWS\system32\msxml.dll
- 2006-03-16 04:00:00 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w C:\WINDOWS\system32\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
- 2004-08-04 08:56:46 17,408 ----a-w C:\WINDOWS\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w C:\WINDOWS\system32\msyuv.dll
- 2006-03-02 03:42:42 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w C:\WINDOWS\system32\mtxdm.dll
- 2006-03-16 04:00:00 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll
- 2006-03-16 04:00:00 25,088 ----a-w C:\WINDOWS\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w C:\WINDOWS\system32\mtxlegih.dll
- 2006-03-02 03:42:42 91,136 ----a-w C:\WINDOWS\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w C:\WINDOWS\system32\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w C:\WINDOWS\system32\mtxparhd.dll
- 2006-03-16 04:00:00 393,728 ----a-w C:\WINDOWS\system32\mui\0401\xpob2res.dll
+ 2008-04-13 18:40:07 393,728 ----a-w C:\WINDOWS\system32\mui\0401\xpob2res.dll
- 2006-03-16 04:00:00 186,880 ----a-w C:\WINDOWS\system32\mui\0401\xpsp1res.dll
+ 2008-04-13 18:35:06 186,880 ----a-w C:\WINDOWS\system32\mui\0401\xpsp1res.dll
- 2006-03-16 04:00:00 2,869,248 ----a-w C:\WINDOWS\system32\mui\0401\xpsp2res.dll
+ 2008-04-13 18:35:49 2,869,248 ----a-w C:\WINDOWS\system32\mui\0401\xpsp2res.dll
+ 2008-04-13 18:39:02 656,896 ------w C:\WINDOWS\system32\mui\0401\xpsp3res.dll
- 2006-03-16 04:00:00 189,440 ----a-w C:\WINDOWS\system32\mui\0402\xpsp1res.dll
+ 2008-04-13 18:35:08 189,440 ----a-w C:\WINDOWS\system32\mui\0402\xpsp1res.dll
- 2006-03-16 04:00:00 212,480 ----a-w C:\WINDOWS\system32\mui\0404\xpob2res.dll
+ 2008-04-13 18:40:23 212,480 ----a-w C:\WINDOWS\system32\mui\0404\xpob2res.dll
- 2006-03-16 04:00:00 161,280 ----a-w C:\WINDOWS\system32\mui\0404\xpsp1res.dll
+ 2008-04-13 18:35:09 161,280 ----a-w C:\WINDOWS\system32\mui\0404\xpsp1res.dll
- 2006-03-16 04:00:00 477,696 ----a-w C:\WINDOWS\system32\mui\0404\xpsp2res.dll
+ 2008-04-13 18:36:10 477,696 ----a-w C:\WINDOWS\system32\mui\0404\xpsp2res.dll
+ 2008-04-13 18:39:13 327,680 ------w C:\WINDOWS\system32\mui\0404\xpsp3res.dll
- 2006-03-16 04:00:00 428,032 ----a-w C:\WINDOWS\system32\mui\0405\xpob2res.dll
+ 2008-04-13 18:40:24 428,032 ----a-w C:\WINDOWS\system32\mui\0405\xpob2res.dll
- 2006-03-16 04:00:00 188,928 ----a-w C:\WINDOWS\system32\mui\0405\xpsp1res.dll
+ 2008-04-13 18:35:09 188,928 ----a-w C:\WINDOWS\system32\mui\0405\xpsp1res.dll
- 2006-03-16 04:00:00 734,720 ----a-w C:\WINDOWS\system32\mui\0405\xpsp2res.dll
+ 2008-04-13 18:36:10 734,720 ----a-w C:\WINDOWS\system32\mui\0405\xpsp2res.dll
+ 2008-04-13 18:39:02 601,088 ------w C:\WINDOWS\system32\mui\0405\xpsp3res.dll
- 2006-03-16 04:00:00 418,816 ----a-w C:\WINDOWS\system32\mui\0406\xpob2res.dll
+ 2008-04-13 18:40:27 418,816 ----a-w C:\WINDOWS\system32\mui\0406\xpob2res.dll
- 2006-03-16 04:00:00 192,512 ----a-w C:\WINDOWS\system32\mui\0406\xpsp1res.dll
+ 2008-04-13 18:35:09 192,000 ----a-w C:\WINDOWS\system32\mui\0406\xpsp1res.dll
- 2006-03-16 04:00:00 742,912 ----a-w C:\WINDOWS\system32\mui\0406\xpsp2res.dll
+ 2008-04-13 18:36:10 742,912 ----a-w C:\WINDOWS\system32\mui\0406\xpsp2res.dll
+ 2008-04-13 18:39:12 605,696 ------w C:\WINDOWS\system32\mui\0406\xpsp3res.dll
- 2006-03-16 04:00:00 403,456 ----a-w C:\WINDOWS\system32\mui\0407\xpob2res.dll
+ 2008-04-13 18:40:34 403,456 ----a-w C:\WINDOWS\system32\mui\0407\xpob2res.dll
- 2006-03-16 04:00:00 199,680 ----a-w C:\WINDOWS\system32\mui\0407\xpsp1res.dll
+ 2008-04-13 18:35:21 199,680 ----a-w C:\WINDOWS\system32\mui\0407\xpsp1res.dll
- 2006-03-16 04:00:00 788,992 ----a-w C:\WINDOWS\system32\mui\0407\xpsp2res.dll
+ 2008-04-13 18:37:03 788,480 ----a-w C:\WINDOWS\system32\mui\0407\xpsp2res.dll
+ 2008-04-13 18:39:19 663,552 ------w C:\WINDOWS\system32\mui\0407\xpsp3res.dll
- 2006-03-16 04:00:00 419,328 ----a-w C:\WINDOWS\system32\mui\0408\xpob2res.dll
+ 2008-04-13 18:40:30 419,328 ----a-w C:\WINDOWS\system32\mui\0408\xpob2res.dll
- 2006-03-16 04:00:00 197,632 ----a-w C:\WINDOWS\system32\mui\0408\xpsp1res.dll
+ 2008-04-13 18:35:11 197,632 ----a-w C:\WINDOWS\system32\mui\0408\xpsp1res.dll
- 2006-03-16 04:00:00 801,280 ----a-w C:\WINDOWS\system32\mui\0408\xpsp2res.dll
+ 2008-04-13 18:36:35 801,280 ----a-w C:\WINDOWS\system32\mui\0408\xpsp2res.dll
+ 2008-04-13 18:39:12 679,936 ------w C:\WINDOWS\system32\mui\0408\xpsp3res.dll
- 2006-03-16 04:00:00 405,504 ----a-w C:\WINDOWS\system32\mui\040b\xpob2res.dll
+ 2008-04-13 18:40:32 405,504 ----a-w C:\WINDOWS\system32\mui\040b\xpob2res.dll
- 2006-03-16 04:00:00 186,368 ----a-w C:\WINDOWS\system32\mui\040b\xpsp1res.dll
+ 2008-04-13 18:35:11 186,368 ----a-w C:\WINDOWS\system32\mui\040b\xpsp1res.dll
- 2006-03-16 04:00:00 729,088 ----a-w C:\WINDOWS\system32\mui\040b\xpsp2res.dll
+ 2008-04-13 18:36:39 729,088 ----a-w C:\WINDOWS\system32\mui\040b\xpsp2res.dll
+ 2008-04-13 18:39:17 604,672 ------w C:\WINDOWS\system32\mui\040b\xpsp3res.dll
- 2006-03-16 04:00:00 410,624 ----a-w C:\WINDOWS\system32\mui\040C\xpob2res.dll
+ 2008-04-13 18:40:33 410,624 ----a-w C:\WINDOWS\system32\mui\040C\xpob2res.dll
- 2006-03-16 04:00:00 197,632 ----a-w C:\WINDOWS\system32\mui\040C\xpsp1res.dll
+ 2008-04-13 18:35:20 197,632 ----a-w C:\WINDOWS\system32\mui\040C\xpsp1res.dll
- 2006-03-16 04:00:00 793,600 ----a-w C:\WINDOWS\system32\mui\040C\xpsp2res.dll
+ 2008-04-13 18:36:55 793,088 ----a-w C:\WINDOWS\system32\mui\040C\xpsp2res.dll
+ 2008-04-13 18:39:20 663,040 ------w C:\WINDOWS\system32\mui\040C\xpsp3res.dll
- 2006-03-16 04:00:00 384,000 ----a-w C:\WINDOWS\system32\mui\040D\xpob2res.dll
+ 2008-04-13 18:40:32 384,000 ----a-w C:\WINDOWS\system32\mui\040D\xpob2res.dll
- 2006-03-16 04:00:00 181,760 ----a-w C:\WINDOWS\system32\mui\040D\xpsp1res.dll
+ 2008-04-13 18:35:21 181,760 ----a-w C:\WINDOWS\system32\mui\040D\xpsp1res.dll
- 2006-03-16 04:00:00 2,842,112 ----a-w C:\WINDOWS\system32\mui\040D\xpsp2res.dll
+ 2008-04-13 18:37:07 2,842,112 ----a-w C:\WINDOWS\system32\mui\040D\xpsp2res.dll
+ 2008-04-13 18:39:28 620,544 ------w C:\WINDOWS\system32\mui\040D\xpsp3res.dll
- 2006-03-16 04:00:00 434,176 ----a-w C:\WINDOWS\system32\mui\040e\xpob2res.dll
+ 2008-04-13 18:40:39 434,176 ----a-w C:\WINDOWS\system32\mui\040e\xpob2res.dll
- 2006-03-16 04:00:00 195,584 ----a-w C:\WINDOWS\system32\mui\040e\xpsp1res.dll
+ 2008-04-13 18:35:23 195,584 ----a-w C:\WINDOWS\system32\mui\040e\xpsp1res.dll
- 2006-03-16 04:00:00 769,536 ----a-w C:\WINDOWS\system32\mui\040e\xpsp2res.dll
+ 2008-04-13 18:37:22 769,536 ----a-w C:\WINDOWS\system32\mui\040e\xpsp2res.dll
+ 2008-04-13 18:39:28 645,120 ------w C:\WINDOWS\system32\mui\040e\xpsp3res.dll
- 2006-03-16 04:00:00 413,696 ----a-w C:\WINDOWS\system32\mui\0410\xpob2res.dll
+ 2008-04-13 18:40:39 413,696 ----a-w C:\WINDOWS\system32\mui\0410\xpob2res.dll
- 2006-03-16 04:00:00 195,072 ----a-w C:\WINDOWS\system32\mui\0410\xpsp1res.dll
+ 2008-04-13 18:35:23 195,072 ----a-w C:\WINDOWS\system32\mui\0410\xpsp1res.dll
- 2006-03-16 04:00:00 769,536 ----a-w C:\WINDOWS\system32\mui\0410\xpsp2res.dll
+ 2008-04-13 18:37:22 769,536 ----a-w C:\WINDOWS\system32\mui\0410\xpsp2res.dll
+ 2008-04-13 18:39:28 658,432 ------w C:\WINDOWS\system32\mui\0410\xpsp3res.dll
- 2006-03-16 04:00:00 275,456 ----a-w C:\WINDOWS\system32\mui\0411\xpob2res.dll
+ 2008-04-13 18:40:44 275,456 ----a-w C:\WINDOWS\system32\mui\0411\xpob2res.dll
- 2006-03-16 04:00:00 171,008 ----a-w C:\WINDOWS\system32\mui\0411\xpsp1res.dll
+ 2008-04-13 18:35:23 171,008 ----a-w C:\WINDOWS\system32\mui\0411\xpsp1res.dll
- 2006-03-16 04:00:00 562,688 ----a-w C:\WINDOWS\system32\mui\0411\xpsp2res.dll
+ 2008-04-13 18:37:34 562,688 ----a-w C:\WINDOWS\system32\mui\0411\xpsp2res.dll
+ 2008-04-13 18:39:49 412,672 ------w C:\WINDOWS\system32\mui\0411\xpsp3res.dll
- 2006-03-16 04:00:00 306,688 ----a-w C:\WINDOWS\system32\mui\0412\xpob2res.dll
+ 2008-04-13 18:40:48 306,688 ----a-w C:\WINDOWS\system32\mui\0412\xpob2res.dll
- 2006-03-16 04:00:00 167,936 ----a-w C:\WINDOWS\system32\mui\0412\xpsp1res.dll
+ 2008-04-13 18:35:23 167,936 ----a-w C:\WINDOWS\system32\mui\0412\xpsp1res.dll
- 2006-03-16 04:00:00 543,744 ----a-w C:\WINDOWS\system32\mui\0412\xpsp2res.dll
+ 2008-04-13 18:37:37 543,744 ----a-w C:\WINDOWS\system32\mui\0412\xpsp2res.dll
+ 2008-04-13 18:39:49 392,704 ------w C:\WINDOWS\system32\mui\0412\xpsp3res.dll
- 2006-03-16 04:00:00 401,920 ----a-w C:\WINDOWS\system32\mui\0413\xpob2res.dll
+ 2008-04-13 18:40:44 401,920 ----a-w C:\WINDOWS\system32\mui\0413\xpob2res.dll
- 2006-03-16 04:00:00 196,096 ----a-w C:\WINDOWS\system32\mui\0413\xpsp1res.dll
+ 2008-04-13 18:35:25 196,096 ----a-w C:\WINDOWS\system32\mui\0413\xpsp1res.dll
- 2006-03-16 04:00:00 769,024 ----a-w C:\WINDOWS\system32\mui\0413\xpsp2res.dll
+ 2008-04-13 18:38:00 769,024 ----a-w C:\WINDOWS\system32\mui\0413\xpsp2res.dll
+ 2008-04-13 18:39:47 645,120 ------w C:\WINDOWS\system32\mui\0413\xpsp3res.dll
- 2006-03-16 04:00:00 353,792 ----a-w C:\WINDOWS\system32\mui\0414\xpob2res.dll
+ 2008-04-13 18:40:44 353,792 ----a-w C:\WINDOWS\system32\mui\0414\xpob2res.dll
- 2006-03-16 04:00:00 189,440 ----a-w C:\WINDOWS\system32\mui\0414\xpsp1res.dll
+ 2008-04-13 18:35:25 189,440 ----a-w C:\WINDOWS\system32\mui\0414\xpsp1res.dll
- 2006-03-16 04:00:00 716,288 ----a-w C:\WINDOWS\system32\mui\0414\xpsp2res.dll
+ 2008-04-13 18:38:02 716,288 ----a-w C:\WINDOWS\system32\mui\0414\xpsp2res.dll
+ 2008-04-13 18:39:48 591,872 ------w C:\WINDOWS\system32\mui\0414\xpsp3res.dll
- 2006-03-16 04:00:00 391,680 ----a-w C:\WINDOWS\system32\mui\0415\xpob2res.dll
+ 2008-04-13 18:40:47 391,680 ----a-w C:\WINDOWS\system32\mui\0415\xpob2res.dll
- 2006-03-16 04:00:00 194,560 ----a-w C:\WINDOWS\system32\mui\0415\xpsp1res.dll
+ 2008-04-13 18:35:26 194,560 ----a-w C:\WINDOWS\system32\mui\0415\xpsp1res.dll
- 2006-03-16 04:00:00 759,808 ----a-w C:\WINDOWS\system32\mui\0415\xpsp2res.dll
+ 2008-04-13 18:38:05 759,808 ----a-w C:\WINDOWS\system32\mui\0415\xpsp2res.dll
+ 2008-04-13 18:39:52 641,024 ------w C:\WINDOWS\system32\mui\0415\xpsp3res.dll
- 2006-03-16 04:00:00 409,600 ----a-w C:\WINDOWS\system32\mui\0416\xpob2res.dll
+ 2008-04-13 18:40:10 409,600 ----a-w C:\WINDOWS\system32\mui\0416\xpob2res.dll
- 2006-03-16 04:00:00 192,512 ----a-w C:\WINDOWS\system32\mui\0416\xpsp1res.dll
+ 2008-04-13 18:35:08 192,512 ----a-w C:\WINDOWS\system32\mui\0416\xpsp1res.dll
- 2006-03-16 04:00:00 752,128 ----a-w C:\WINDOWS\system32\mui\0416\xpsp2res.dll
+ 2008-04-13 18:35:43 752,128 ----a-w C:\WINDOWS\system32\mui\0416\xpsp2res.dll
+ 2008-04-13 18:38:56 620,032 ------w C:\WINDOWS\system32\mui\0416\xpsp3res.dll
- 2006-03-16 04:00:00 190,464 ----a-w C:\WINDOWS\system32\mui\0418\xpsp1res.dll
+ 2008-04-13 18:35:27 190,464 ----a-w C:\WINDOWS\system32\mui\0418\xpsp1res.dll
- 2006-03-16 04:00:00 427,008 ----a-w C:\WINDOWS\system32\mui\0419\xpob2res.dll
+ 2008-04-13 18:40:50 427,008 ----a-w C:\WINDOWS\system32\mui\0419\xpob2res.dll
- 2006-03-16 04:00:00 192,512 ----a-w C:\WINDOWS\system32\mui\0419\xpsp1res.dll
+ 2008-04-13 18:35:27 192,512 ----a-w C:\WINDOWS\system32\mui\0419\xpsp1res.dll
- 2006-03-16 04:00:00 736,768 ----a-w C:\WINDOWS\system32\mui\0419\xpsp2res.dll
+ 2008-04-13 18:38:28 736,768 ----a-w C:\WINDOWS\system32\mui\0419\xpsp2res.dll
+ 2008-04-13 18:39:56 627,200 ------w C:\WINDOWS\system32\mui\0419\xpsp3res.dll
- 2006-03-16 04:00:00 188,928 ----a-w C:\WINDOWS\system32\mui\041a\xpsp1res.dll
+ 2008-04-13 18:35:21 188,928 ----a-w C:\WINDOWS\system32\mui\041a\xpsp1res.dll
- 2006-03-16 04:00:00 405,504 ----a-w C:\WINDOWS\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ----a-w C:\WINDOWS\system32\mui\041b\xpob2res.dll
- 2006-03-16 04:00:00 193,024 ----a-w C:\WINDOWS\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w C:\WINDOWS\system32\mui\041b\xpsp1res.dll
- 2006-03-16 04:00:00 757,248 ----a-w C:\WINDOWS\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ----a-w C:\WINDOWS\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ------w C:\WINDOWS\system32\mui\041b\xpsp3res.dll
- 2006-03-16 04:00:00 363,520 ----a-w C:\WINDOWS\system32\mui\041D\xpob2res.dll
+ 2008-04-13 18:40:56 363,008 ----a-w C:\WINDOWS\system32\mui\041D\xpob2res.dll
- 2006-03-16 04:00:00 188,928 ----a-w C:\WINDOWS\system32\mui\041D\xpsp1res.dll
+ 2008-04-13 18:35:28 188,928 ----a-w C:\WINDOWS\system32\mui\041D\xpsp1res.dll
- 2006-03-16 04:00:00 724,992 ----a-w C:\WINDOWS\system32\mui\041D\xpsp2res.dll
+ 2008-04-13 18:38:47 724,480 ----a-w C:\WINDOWS\system32\mui\041D\xpsp2res.dll
+ 2008-04-13 18:40:05 590,848 ------w C:\WINDOWS\system32\mui\041D\xpsp3res.dll
- 2006-03-16 04:00:00 188,416 ----a-w C:\WINDOWS\system32\mui\041e\xpsp1res.dll
+ 2008-04-13 18:35:29 188,416 ----a-w C:\WINDOWS\system32\mui\041e\xpsp1res.dll
- 2006-03-16 04:00:00 390,144 ----a-w C:\WINDOWS\system32\mui\041f\xpob2res.dll
+ 2008-04-13 18:41:00 390,144 ----a-w C:\WINDOWS\system32\mui\041f\xpob2res.dll
- 2006-03-16 04:00:00 188,928 ----a-w C:\WINDOWS\system32\mui\041f\xpsp1res.dll
+ 2008-04-13 18:35:30 188,928 ----a-w C:\WINDOWS\system32\mui\041f\xpsp1res.dll
- 2006-03-16 04:00:00 724,480 ----a-w C:\WINDOWS\system32\mui\041f\xpsp2res.dll
+ 2008-04-13 18:38:51 724,480 ----a-w C:\WINDOWS\system32\mui\041f\xpsp2res.dll
+ 2008-04-13 18:40:09 592,896 ------w C:\WINDOWS\system32\mui\041f\xpsp3res.dll
- 2006-03-16 04:00:00 408,576 ----a-w C:\WINDOWS\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ----a-w C:\WINDOWS\system32\mui\0424\xpob2res.dll
- 2006-03-16 04:00:00 192,512 ----a-w C:\WINDOWS\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w C:\WINDOWS\system32\mui\0424\xpsp1res.dll
- 2006-03-16 04:00:00 732,160 ----a-w C:\WINDOWS\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ----a-w C:\WINDOWS\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ------w C:\WINDOWS\system32\mui\0424\xpsp3res.dll
- 2006-03-16 04:00:00 187,392 ----a-w C:\WINDOWS\system32\mui\0425\xpsp1res.dll
+ 2008-04-13 18:35:11 186,880 ----a-w C:\WINDOWS\system32\mui\0425\xpsp1res.dll
- 2006-03-16 04:00:00 188,928 ----a-w C:\WINDOWS\system32\mui\0426\xpsp1res.dll
+ 2008-04-13 18:35:24 188,928 ----a-w C:\WINDOWS\system32\mui\0426\xpsp1res.dll
- 2006-03-16 04:00:00 189,952 ----a-w C:\WINDOWS\system32\mui\0427\xpsp1res.dll
+ 2008-04-13 18:35:24 189,952 ----a-w C:\WINDOWS\system32\mui\0427\xpsp1res.dll
- 2006-03-16 04:00:00 270,336 ----a-w C:\WINDOWS\system32\mui\0804\xpob2res.dll
+ 2008-04-13 18:40:24 270,336 ----a-w C:\WINDOWS\system32\mui\0804\xpob2res.dll
- 2006-03-16 04:00:00 161,280 ----a-w C:\WINDOWS\system32\mui\0804\xpsp1res.dll
+ 2008-04-13 18:35:06 161,280 ----a-w C:\WINDOWS\system32\mui\0804\xpsp1res.dll
- 2006-03-16 04:00:00 470,016 ----a-w C:\WINDOWS\system32\mui\0804\xpsp2res.dll
+ 2008-04-13 18:35:54 470,016 ----a-w C:\WINDOWS\system32\mui\0804\xpsp2res.dll
+ 2008-04-13 18:39:03 322,560 ------w C:\WINDOWS\system32\mui\0804\xpsp3res.dll
- 2006-03-16 04:00:00 435,200 ----a-w C:\WINDOWS\system32\mui\0816\xpob2res.dll
+ 2008-04-13 18:40:48 435,200 ----a-w C:\WINDOWS\system32\mui\0816\xpob2res.dll
- 2006-03-16 04:00:00 194,560 ----a-w C:\WINDOWS\system32\mui\0816\xpsp1res.dll
+ 2008-04-13 18:35:26 194,560 ----a-w C:\WINDOWS\system32\mui\0816\xpsp1res.dll
- 2006-03-16 04:00:00 751,616 ----a-w C:\WINDOWS\system32\mui\0816\xpsp2res.dll
+ 2008-04-13 18:38:06 751,616 ----a-w C:\WINDOWS\system32\mui\0816\xpsp2res.dll
+ 2008-04-13 18:39:53 639,488 ------w C:\WINDOWS\system32\mui\0816\xpsp3res.dll
- 2006-03-16 04:00:00 446,464 ----a-w C:\WINDOWS\system32\mui\0C0A\xpob2res.dll
+ 2008-04-13 18:40:30 446,464 ----a-w C:\WINDOWS\system32\mui\0C0A\xpob2res.dll
- 2006-03-16 04:00:00 196,096 ----a-w C:\WINDOWS\system32\mui\0C0A\xpsp1res.dll
+ 2008-04-13 18:35:11 196,096 ----a-w C:\WINDOWS\system32\mui\0C0A\xpsp1res.dll
- 2006-03-16 04:00:00 773,632 ----a-w C:\WINDOWS\system32\mui\0C0A\xpsp2res.dll
+ 2008-04-13 18:36:38 773,632 ----a-w C:\WINDOWS\system32\mui\0C0A\xpsp2res.dll
+ 2008-04-13 18:39:13 648,704 ------w C:\WINDOWS\system32\mui\0C0A\xpsp3res.dll
- 2006-03-16 04:00:00 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
+ 2008-04-14 00:12:01 30,208 ------w C:\WINDOWS\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w C:\WINDOWS\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w C:\WINDOWS\system32\napstat.exe
- 2006-03-16 04:00:00 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
+ 2008-04-14 00:12:29 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
- 2006-03-16 04:00:00 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll
- 2006-03-16 04:00:00 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll
- 2006-03-16 04:00:00 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w C:\WINDOWS\system32\nddenb32.dll
- 2006-03-16 04:00:00 42,496 ----a-w C:\WINDOWS\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w C:\WINDOWS\system32\net.exe
- 2006-03-16 04:00:00 124,928 ----a-w C:\WINDOWS\system32\net1.exe
+ 2008-04-14 00:12:29 124,928 ----a-w C:\WINDOWS\system32\net1.exe
- 2006-08-17 12:28:27 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2008-04-14 00:12:01 337,408 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2006-03-16 04:00:00 622,080 ----a-w C:\WINDOWS\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w C:\WINDOWS\system32\netcfgx.dll
- 2006-03-16 04:00:00 111,104 ----a-w C:\WINDOWS\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w C:\WINDOWS\system32\netdde.exe
- 2006-03-16 04:00:00 139,264 ----a-w C:\WINDOWS\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w C:\WINDOWS\system32\netid.dll
- 2006-03-16 04:00:00 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll
- 2005-08-22 18:29:46 197,632 ----a-w C:\WINDOWS\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w C:\WINDOWS\system32\netman.dll
- 2006-03-16 04:00:00 875,008 ----a-w C:\WINDOWS\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w C:\WINDOWS\system32\netplwiz.dll
- 2006-03-16 04:00:00 12,288 ----a-w C:\WINDOWS\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w C:\WINDOWS\system32\netrap.dll
- 2006-03-16 04:00:00 86,016 ----a-w C:\WINDOWS\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w C:\WINDOWS\system32\netsh.exe
- 2005-06-22 06:00:18 1,705,472 ----a-w C:\WINDOWS\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w C:\WINDOWS\system32\netshell.dll
- 2006-03-16 04:00:00 36,864 ----a-w C:\WINDOWS\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w C:\WINDOWS\system32\netstat.exe
- 2006-03-16 04:00:00 80,896 ----a-w C:\WINDOWS\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w C:\WINDOWS\system32\netui0.dll
- 2006-03-16 04:00:00 245,760 ----a-w C:\WINDOWS\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w C:\WINDOWS\system32\netui1.dll
- 2004-08-13 01:50:02 247,808 ----a-w C:\WINDOWS\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w C:\WINDOWS\system32\newdev.dll
- 2006-03-16 04:00:00 103,936 ----a-w C:\WINDOWS\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w C:\WINDOWS\system32\nlhtml.dll
- 2006-03-16 04:00:00 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll
- 2006-03-16 04:00:00 69,120 ----a-w C:\WINDOWS\system32\notepad.exe
+ 2008-04-14 00:12:29 69,120 ----a-w C:\WINDOWS\system32\notepad.exe
- 2006-03-16 04:00:00 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll
- 2006-03-16 04:00:00 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe
- 2006-03-16 04:00:00 54,784 ----a-w C:\WINDOWS\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w C:\WINDOWS\system32\npptools.dll
- 2006-03-16 04:00:00 76,800 ----a-w C:\WINDOWS\system32\nslookup.exe
+ 2008-04-14 00:12:29 76,800 ----a-w C:\WINDOWS\system32\nslookup.exe
- 2006-03-16 04:00:00 1,200,128 ----a-w C:\WINDOWS\system32\ntbackup.exe
+ 2008-04-14 00:12:30 1,200,640 ----a-w C:\WINDOWS\system32\ntbackup.exe
- 2006-03-16 04:00:00 708,096 ----a-w C:\WINDOWS\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w C:\WINDOWS\system32\ntdll.dll
- 2006-03-16 04:00:00 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll
- 2007-02-28 09:15:59 2,017,280 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2006-03-16 04:00:00 43,520 ----a-w C:\WINDOWS\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w C:\WINDOWS\system32\ntlanman.dll
- 2006-03-16 04:00:00 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll
- 2006-03-16 04:00:00 118,784 ----a-w C:\WINDOWS\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w C:\WINDOWS\system32\ntmarta.dll
- 2006-03-16 04:00:00 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll
- 2006-03-16 04:00:00 179,712 ----a-w C:\WINDOWS\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w C:\WINDOWS\system32\ntmsdba.dll
- 2006-03-16 04:00:00 488,448 ----a-w C:\WINDOWS\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w C:\WINDOWS\system32\ntmsmgr.dll
- 2006-03-16 04:00:00 435,200 ----a-w C:\WINDOWS\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w C:\WINDOWS\system32\ntmssvc.dll
- 2006-03-16 04:00:00 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
- 2006-03-16 04:00:00 143,872 ----a-w C:\WINDOWS\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w C:\WINDOWS\system32\ntshrui.dll
- 2006-03-16 04:00:00 419,840 ----a-w C:\WINDOWS\system32\ntvdm.exe
+ 2008-04-14 00:12:30 420,864 ----a-w C:\WINDOWS\system32\ntvdm.exe
- 2006-03-16 04:00:00 13,312 ----a-w C:\WINDOWS\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\ntvdmd.dll
- 2006-10-13 12:35:12 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll
+ 2008-04-14 00:12:02 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll
- 2006-10-13 12:35:12 142,336 ----a-w C:\WINDOWS\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w C:\WINDOWS\system32\nwprovau.dll
- 2006-10-13 12:35:12 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll
- 2006-03-16 04:00:00 266,752 ----a-w C:\WINDOWS\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w C:\WINDOWS\system32\oakley.dll
- 2006-03-16 04:00:00 285,696 ----a-w C:\WINDOWS\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w C:\WINDOWS\system32\objsel.dll
- 2006-03-16 04:00:00 60,928 ----a-w C:\WINDOWS\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\ocmanage.dll
- 2006-03-16 04:00:00 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll
- 2006-03-16 04:00:00 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll
- 2006-03-16 04:00:00 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe
+ 2008-04-14 00:12:30 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe
- 2006-03-16 04:00:00 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll
- 2006-03-16 04:00:00 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll
- 2006-03-16 04:00:00 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe
- 2006-03-16 04:00:00 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll
- 2006-03-16 04:00:00 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll
- 2006-03-16 04:00:00 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll
- 2006-03-16 04:00:00 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
- 2006-03-16 04:00:00 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll
- 2006-03-16 04:00:00 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
- 2006-03-16 04:00:00 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll
- 2006-03-16 04:00:00 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll
- 2006-03-16 04:00:00 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll
- 2006-03-16 04:00:00 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll
- 2006-03-16 04:00:00 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll
- 2006-03-16 04:00:00 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll
- 2006-03-16 04:00:00 120,832 ----a-w C:\WINDOWS\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w C:\WINDOWS\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w C:\WINDOWS\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w C:\WINDOWS\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w C:\WINDOWS\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w C:\WINDOWS\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2006-03-16 04:00:00 107,008 ----a-w C:\WINDOWS\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w C:\WINDOWS\system32\oleprn.dll
- 2006-03-16 04:00:00 83,456 ----a-w C:\WINDOWS\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w C:\WINDOWS\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w C:\WINDOWS\system32\onex.dll
- 2006-03-16 04:00:00 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll
- 2006-03-16 04:00:00 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll
- 2004-11-25 00:31:13 563,200 ----a-w C:\WINDOWS\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w C:\WINDOWS\system32\oobe\msobmain.dll
- 2006-03-16 04:00:00 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll
- 2006-03-16 04:00:00 28,160 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe
- 2006-03-16 04:00:00 51,200 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe
- 2006-03-16 04:00:00 67,584 ----a-w C:\WINDOWS\system32\openfiles.exe
+ 2008-04-14 00:12:31 67,584 ----a-w C:\WINDOWS\system32\openfiles.exe
- 2006-03-16 04:00:00 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll
- 2006-03-16 04:00:00 215,552 ----a-w C:\WINDOWS\system32\osk.exe
+ 2008-04-14 00:12:31 215,552 ----a-w C:\WINDOWS\system32\osk.exe
- 2006-03-16 04:00:00 67,584 ----a-w C:\WINDOWS\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\osuninst.dll
- 2006-03-16 04:00:00 116,224 ----a-w C:\WINDOWS\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ----a-w C:\WINDOWS\system32\p2p.dll
- 2006-03-16 04:00:00 86,016 ----a-w C:\WINDOWS\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ----a-w C:\WINDOWS\system32\p2pgasvc.dll
- 2006-03-16 04:00:00 312,320 ----a-w C:\WINDOWS\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ----a-w C:\WINDOWS\system32\p2pgraph.dll
- 2006-03-16 04:00:00 88,064 ----a-w C:\WINDOWS\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ----a-w C:\WINDOWS\system32\p2pnetsh.dll
- 2006-03-16 04:00:00 526,848 ----a-w C:\WINDOWS\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ----a-w C:\WINDOWS\system32\p2psvc.dll
- 2006-03-16 04:00:00 58,368 ----a-w C:\WINDOWS\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w C:\WINDOWS\system32\packager.exe
- 2006-03-16 04:00:00 62,976 ----a-w C:\WINDOWS\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\pautoenr.dll
- 2006-03-16 04:00:00 283,648 ----a-w C:\WINDOWS\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w C:\WINDOWS\system32\pdh.dll
- 2008-03-13 03:30:55 56,124 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-06-11 17:01:46 56,124 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2006-03-16 04:00:00 39,936 ----a-w C:\WINDOWS\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w C:\WINDOWS\system32\perfctrs.dll
- 2006-03-16 04:00:00 26,624 ----a-w C:\WINDOWS\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w C:\WINDOWS\system32\perfdisk.dll
- 2008-03-13 03:30:56 391,638 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-06-11 17:01:46 391,638 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2006-03-16 04:00:00 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe
- 2006-03-16 04:00:00 16,896 ----a-w C:\WINDOWS\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w C:\WINDOWS\system32\perfnet.dll
- 2006-03-16 04:00:00 25,088 ----a-w C:\WINDOWS\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w C:\WINDOWS\system32\perfos.dll
- 2006-03-16 04:00:00 34,816 ----a-w C:\WINDOWS\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w C:\WINDOWS\system32\perfproc.dll
+ 2008-04-14 00:12:02 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll
- 2006-03-16 04:00:00 176,128 ----a-w C:\WINDOWS\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w C:\WINDOWS\system32\photowiz.dll
- 2006-03-16 04:00:00 35,328 ----a-w C:\WINDOWS\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w C:\WINDOWS\system32\pid.dll
- 2006-03-16 04:00:00 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
+ 2008-04-14 00:11:09 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
- 2006-03-16 04:00:00 17,920 ----a-w C:\WINDOWS\system32\ping.exe
+ 2008-04-14 00:12:31 17,920 ----a-w C:\WINDOWS\system32\ping.exe
- 2006-03-16 04:00:00 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
- 2006-03-16 04:00:00 48,640 ----a-w C:\WINDOWS\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ----a-w C:\WINDOWS\system32\pnrpnsp.dll
- 2006-03-16 04:00:00 105,472 ----a-w C:\WINDOWS\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w C:\WINDOWS\system32\polstore.dll
- 2006-03-16 04:00:00 49,152 ----a-w C:\WINDOWS\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ----a-w C:\WINDOWS\system32\powercfg.exe
- 2006-03-16 04:00:00 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll
- 2006-03-16 04:00:00 560,640 ----a-w C:\WINDOWS\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w C:\WINDOWS\system32\printui.dll
- 2006-03-16 04:00:00 27,648 ----a-w C:\WINDOWS\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w C:\WINDOWS\system32\profmap.dll
- 2006-03-16 04:00:00 109,568 ----a-w C:\WINDOWS\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w C:\WINDOWS\system32\progman.exe
- 2006-03-16 04:00:00 50,176 ----a-w C:\WINDOWS\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w C:\WINDOWS\system32\proquota.exe
- 2006-03-16 04:00:00 9,216 ----a-w C:\WINDOWS\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ----a-w C:\WINDOWS\system32\proxycfg.exe
- 2006-03-16 04:00:00 23,040 ----a-w C:\WINDOWS\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w C:\WINDOWS\system32\psapi.dll
- 2006-03-16 04:00:00 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
- 2006-03-16 04:00:00 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll
- 2006-03-16 04:00:00 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 150,528 ------w C:\WINDOWS\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w C:\WINDOWS\system32\qagentrt.dll
- 2006-03-16 04:00:00 192,512 ----a-w C:\WINDOWS\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w C:\WINDOWS\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w C:\WINDOWS\system32\qcliprov.dll
- 2006-03-16 04:00:00 279,040 ----a-w C:\WINDOWS\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w C:\WINDOWS\system32\qdv.dll
- 2005-06-29 09:55:08 385,024 ----a-w C:\WINDOWS\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w C:\WINDOWS\system32\qdvd.dll
- 2006-03-16 04:00:00 562,176 ----a-w C:\WINDOWS\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w C:\WINDOWS\system32\qedit.dll
- 2006-03-16 04:00:00 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
- 2006-03-16 04:00:00 382,464 ----a-w C:\WINDOWS\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w C:\WINDOWS\system32\qmgr.dll
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\qprocess.exe
+ 2008-04-14 00:12:32 19,968 ----a-w C:\WINDOWS\system32\qprocess.exe
- 2007-10-29 22:35:13 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-04-14 00:12:03 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
- 2006-06-22 05:06:30 1,435,648 ----a-w C:\WINDOWS\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w C:\WINDOWS\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ------w C:\WINDOWS\system32\qutil.dll
- 2006-03-16 04:00:00 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w C:\WINDOWS\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w C:\WINDOWS\system32\rasadhlp.dll
- 2006-03-16 04:00:00 236,544 ----a-w C:\WINDOWS\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\rasapi32.dll
- 2006-03-16 04:00:00 89,088 ----a-w C:\WINDOWS\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w C:\WINDOWS\system32\rasauto.dll
- 2006-03-16 04:00:00 69,632 ----a-w C:\WINDOWS\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w C:\WINDOWS\system32\raschap.dll
- 2006-03-16 04:00:00 657,920 ----a-w C:\WINDOWS\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w C:\WINDOWS\system32\rasdlg.dll
- 2006-03-16 04:00:00 61,440 ----a-w C:\WINDOWS\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w C:\WINDOWS\system32\rasman.dll
- 2006-06-22 10:47:18 181,248 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2006-03-16 04:00:00 56,832 ----a-w C:\WINDOWS\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w C:\WINDOWS\system32\rasphone.exe
- 2006-03-16 04:00:00 206,336 ----a-w C:\WINDOWS\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w C:\WINDOWS\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ------w C:\WINDOWS\system32\rasqec.dll
- 2006-03-16 04:00:00 16,896 ----a-w C:\WINDOWS\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w C:\WINDOWS\system32\rassapi.dll
- 2006-03-16 04:00:00 58,880 ----a-w C:\WINDOWS\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w C:\WINDOWS\system32\rastapi.dll
- 2006-03-16 04:00:00 112,128 ----a-w C:\WINDOWS\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w C:\WINDOWS\system32\rastls.dll
- 2006-03-16 04:00:00 102,400 ----a-w C:\WINDOWS\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w C:\WINDOWS\system32\rcbdyctl.dll
- 2006-03-16 04:00:00 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe
+ 2008-04-14 00:12:32 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe
- 2006-03-16 04:00:00 21,504 ----a-w C:\WINDOWS\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w C:\WINDOWS\system32\rcp.exe
- 2006-03-16 04:00:00 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll
- 2006-03-16 04:00:00 62,464 ----a-w C:\WINDOWS\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w C:\WINDOWS\system32\rdpclip.exe
- 2006-03-16 04:00:00 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll
- 2006-03-16 04:00:00 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe
- 2006-03-16 04:00:00 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe
- 2006-03-16 04:00:00 50,176 ----a-w C:\WINDOWS\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w C:\WINDOWS\system32\reg.exe
- 2006-03-16 04:00:00 49,664 ----a-w C:\WINDOWS\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w C:\WINDOWS\system32\regapi.dll
- 2006-03-16 04:00:00 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll
- 2006-03-16 04:00:00 11,776 ----a-w C:\WINDOWS\system32\regsvr32.exe
+ 2008-04-14 00:12:32 11,776 ----a-w C:\WINDOWS\system32\regsvr32.exe
- 2006-03-16 04:00:00 397,824 ----a-w C:\WINDOWS\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w C:\WINDOWS\system32\regwizc.dll
+ 2006-03-16 04:00:00 36,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\intelppm.sys
+ 2006-03-16 04:00:00 36,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\intelppm.sys
+ 2006-03-16 04:00:00 67,584 ----a-w C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\sdbus.sys
+ 2005-01-08 00:07:18 138,752 ----a-w C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\hdaudbus.sys
- 2006-03-16 04:00:00 60,416 ----a-w C:\WINDOWS\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w C:\WINDOWS\system32\remotepg.dll
- 2006-03-16 04:00:00 380,416 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 380,416 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
- 2006-03-16 04:00:00 58,880 ----a-w C:\WINDOWS\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w C:\WINDOWS\system32\resutils.dll
- 2006-03-16 04:00:00 13,824 ----a-w C:\WINDOWS\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w C:\WINDOWS\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ------w C:\WINDOWS\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w C:\WINDOWS\system32\riched20.dll
- 2007-07-09 13:16:16 582,656 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w C:\WINDOWS\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w C:\WINDOWS\system32\rpcss.dll
- 2006-03-16 04:00:00 152,576 ----a-w C:\WINDOWS\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
- 2006-03-16 04:00:00 14,848 ----a-w C:\WINDOWS\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w C:\WINDOWS\system32\rsh.exe
- 2006-03-16 04:00:00 39,936 ----a-w C:\WINDOWS\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w C:\WINDOWS\system32\rshx32.dll
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll
- 2006-03-16 04:00:00 107,520 ----a-w C:\WINDOWS\system32\rsnotify.exe
+ 2008-04-14 00:12:33 107,520 ----a-w C:\WINDOWS\system32\rsnotify.exe
- 2006-03-16 04:00:00 90,112 ----a-w C:\WINDOWS\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w C:\WINDOWS\system32\rsvpsp.dll
- 2006-03-16 04:00:00 77,312 ----a-w C:\WINDOWS\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w C:\WINDOWS\system32\rtcshare.exe
- 2006-03-16 04:00:00 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll
- 2006-03-16 04:00:00 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll
- 2006-03-16 04:00:00 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
+ 2008-04-14 00:12:33 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
- 2006-03-16 04:00:00 14,336 ----a-w C:\WINDOWS\system32\runonce.exe
+ 2008-04-14 00:12:33 14,336 ----a-w C:\WINDOWS\system32\runonce.exe
+ 2008-04-14 00:12:04 9,728 ------w C:\WINDOWS\system32\rwnh.dll
+ 2008-04-14 00:12:04 397,056 ------w C:\WINDOWS\system32\s3gnb.dll
- 2006-03-16 04:00:00 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll
- 2006-03-16 04:00:00 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll
- 2006-03-16 04:00:00 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll
- 2006-03-16 04:00:00 64,000 ----a-w C:\WINDOWS\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w C:\WINDOWS\system32\samlib.dll
- 2006-03-16 04:00:00 415,744 ----a-w C:\WINDOWS\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w C:\WINDOWS\system32\samsrv.dll
- 2006-03-16 04:00:00 13,312 ----a-w C:\WINDOWS\system32\savedump.exe
+ 2008-04-14 00:12:33 13,312 ----a-w C:\WINDOWS\system32\savedump.exe
- 2006-03-16 04:00:00 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll
- 2006-03-16 04:00:00 69,632 ----a-w C:\WINDOWS\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w C:\WINDOWS\system32\scarddlg.dll
- 2006-03-16 04:00:00 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
- 2006-03-16 04:00:00 171,008 ----a-w C:\WINDOWS\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w C:\WINDOWS\system32\sccsccp.dll
- 2006-03-16 04:00:00 180,224 ----a-w C:\WINDOWS\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w C:\WINDOWS\system32\scecli.dll
- 2006-03-16 04:00:00 313,856 ----a-w C:\WINDOWS\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w C:\WINDOWS\system32\scesrv.dll
- 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2008-04-14 00:12:05 144,384 ----a-w C:\WINDOWS\system32\schannel.dll
- 2006-03-16 04:00:00 190,976 ----a-w C:\WINDOWS\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w C:\WINDOWS\system32\schedsvc.dll
- 2006-03-16 04:00:00 121,856 ----a-w C:\WINDOWS\system32\schtasks.exe
+ 2008-04-14 00:12:34 121,856 ----a-w C:\WINDOWS\system32\schtasks.exe
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w C:\WINDOWS\system32\sclgntfy.dll
- 2006-03-16 04:00:00 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr
+ 2008-04-14 00:12:43 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr
- 2006-03-16 04:00:00 159,744 ----a-w C:\WINDOWS\system32\scrobj.dll
+ 2008-04-14 00:12:05 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
- 2006-03-16 04:00:00 151,552 ----a-w C:\WINDOWS\system32\scrrun.dll
+ 2008-04-14 00:12:05 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
- 2006-03-16 04:00:00 77,312 ----a-w C:\WINDOWS\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w C:\WINDOWS\system32\sdbinst.exe
- 2006-03-16 04:00:00 29,184 ----a-w C:\WINDOWS\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ----a-w C:\WINDOWS\system32\sdhcinst.dll
- 2006-03-16 04:00:00 18,432 ----a-w C:\WINDOWS\system32\secedit.exe
+ 2008-04-14 00:12:34 18,944 ----a-w C:\WINDOWS\system32\secedit.exe
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll
- 2006-03-16 04:00:00 55,808 ----a-w C:\WINDOWS\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w C:\WINDOWS\system32\secur32.dll
- 2006-03-16 04:00:00 5,632 ----a-w C:\WINDOWS\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w C:\WINDOWS\system32\security.dll
- 2006-03-16 04:00:00 29,184 ----a-w C:\WINDOWS\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w C:\WINDOWS\system32\sendcmsg.dll
- 2006-03-16 04:00:00 55,296 ----a-w C:\WINDOWS\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w C:\WINDOWS\system32\sendmail.dll
- 2006-03-16 04:00:00 38,912 ----a-w C:\WINDOWS\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w C:\WINDOWS\system32\sens.dll
- 2006-03-16 04:00:00 6,656 ----a-w C:\WINDOWS\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w C:\WINDOWS\system32\sensapi.dll
- 2006-03-16 04:00:00 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll
- 2006-03-16 04:00:00 108,032 ----a-w C:\WINDOWS\system32\services.exe
+ 2008-04-14 00:12:34 108,544 ----a-w C:\WINDOWS\system32\services.exe
- 2006-03-16 04:00:00 140,800 ----a-w C:\WINDOWS\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w C:\WINDOWS\system32\sessmgr.exe
- 2006-03-16 04:00:00 31,232 ----a-w C:\WINDOWS\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w C:\WINDOWS\system32\sethc.exe
- 2006-03-16 04:00:00 23,040 ----a-w C:\WINDOWS\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w C:\WINDOWS\system32\setup.exe
- 2006-03-16 04:00:00 259,584 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll
- 2006-03-16 04:00:00 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll
- 2006-03-16 04:00:00 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll
- 2006-03-16 04:00:00 505,344 ----a-w C:\WINDOWS\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w C:\WINDOWS\system32\Setup\iis.dll
- 2006-03-16 04:00:00 115,712 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w C:\WINDOWS\system32\Setup\koc.dll
- 2006-03-16 04:00:00 82,432 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll
- 2006-03-16 04:00:00 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll
- 2006-03-16 04:00:00 169,984 ----a-w C:\WINDOWS\system32\Setup\msmqocm.dll
+ 2008-04-14 00:12:00 170,496 ----a-w C:\WINDOWS\system32\Setup\msmqocm.dll
- 2006-03-16 04:00:00 77,312 ----a-w C:\WINDOWS\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w C:\WINDOWS\system32\Setup\netoc.dll
- 2006-03-16 04:00:00 62,976 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll
- 2006-03-16 04:00:00 15,872 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll
- 2006-03-16 04:00:00 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll
- 2006-03-16 04:00:00 101,376 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll
- 2006-03-16 04:00:00 33,792 ----a-w C:\WINDOWS\system32\Setup\tabletoc.dll
+ 2008-04-14 00:12:07 33,792 ----a-w C:\WINDOWS\system32\Setup\tabletoc.dll
- 2006-03-16 04:00:00 121,856 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:35 32,768 ------w C:\WINDOWS\system32\setupn.exe
- 2006-03-16 04:00:00 5,120 ----a-w C:\WINDOWS\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w C:\WINDOWS\system32\sfc.dll
- 2006-03-16 04:00:00 140,288 ----a-w C:\WINDOWS\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w C:\WINDOWS\system32\sfc_os.dll
- 2006-03-16 04:00:00 1,580,544 ----a-w C:\WINDOWS\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w C:\WINDOWS\system32\sfcfiles.dll
- 2006-03-16 04:00:00 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
- 2006-10-23 15:34:22 1,497,600 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2008-04-14 00:12:05 8,461,312 ----a-w C:\WINDOWS\system32\shell32.dll
- 2006-03-16 04:00:00 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll
- 2006-03-16 04:00:00 68,096 ----a-w C:\WINDOWS\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w C:\WINDOWS\system32\shgina.dll
- 2006-03-16 04:00:00 65,536 ----a-w C:\WINDOWS\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w C:\WINDOWS\system32\shimeng.dll
- 2006-03-16 04:00:00 438,272 ----a-w C:\WINDOWS\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w C:\WINDOWS\system32\shimgvw.dll
- 2006-10-23 15:34:22 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2006-03-16 04:00:00 151,552 ----a-w C:\WINDOWS\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w C:\WINDOWS\system32\shmedia.dll
- 2006-03-16 04:00:00 42,496 ----a-w C:\WINDOWS\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w C:\WINDOWS\system32\shmgrate.exe
- 2006-03-16 04:00:00 77,824 ----a-w C:\WINDOWS\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w C:\WINDOWS\system32\shrpubw.exe
- 2006-03-16 04:00:00 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
- 2006-03-16 04:00:00 19,456 ----a-w C:\WINDOWS\system32\shutdown.exe
+ 2008-04-14 00:12:35 19,456 ----a-w C:\WINDOWS\system32\shutdown.exe
- 2006-03-16 04:00:00 13,312 ----a-w C:\WINDOWS\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w C:\WINDOWS\system32\sigtab.dll
- 2006-03-16 04:00:00 70,144 ----a-w C:\WINDOWS\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w C:\WINDOWS\system32\sigverif.exe
- 2006-03-16 04:00:00 26,112 ----a-w C:\WINDOWS\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w C:\WINDOWS\system32\skeys.exe
- 2006-03-16 04:00:00 25,088 ----a-w C:\WINDOWS\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w C:\WINDOWS\system32\slayerxp.dll
- 2006-03-16 04:00:00 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w C:\WINDOWS\system32\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w C:\WINDOWS\system32\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w C:\WINDOWS\system32\slgen.dll
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\system32\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w C:\WINDOWS\system32\slserv.exe
- 2006-03-16 04:00:00 8,192 ----a-w C:\WINDOWS\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ----a-w C:\WINDOWS\system32\smbinst.exe
- 2006-03-16 04:00:00 363,008 ----a-w C:\WINDOWS\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w C:\WINDOWS\system32\smlogcfg.dll
- 2006-03-16 04:00:00 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
- 2006-03-16 04:00:00 50,688 ----a-w C:\WINDOWS\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w C:\WINDOWS\system32\smss.exe
+ 2008-04-14 00:12:06 10,752 ------w C:\WINDOWS\system32\smtpapi.dll
- 2006-03-16 04:00:00 131,584 ----a-w C:\WINDOWS\system32\sndrec32.exe
+ 2008-04-14 00:12:36 131,584 ----a-w C:\WINDOWS\system32\sndrec32.exe
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll
- 2006-03-16 04:00:00 182,272 ----a-w C:\WINDOWS\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w C:\WINDOWS\system32\snmpsnap.dll
- 2006-03-16 04:00:00 23,552 ----a-w C:\WINDOWS\system32\sort.exe
+ 2008-04-14 00:12:36 24,576 ----a-w C:\WINDOWS\system32\sort.exe
+ 2008-04-14 00:12:36 7,680 ----a-w C:\WINDOWS\system32\spdwnwxp.exe
- 2006-03-16 04:00:00 538,624 ----a-w C:\WINDOWS\system32\spider.exe
+ 2008-04-14 00:12:36 538,624 ----a-w C:\WINDOWS\system32\spider.exe
- 2006-11-17 23:14:30 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-08-11 03:46:18 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2003-05-05 23:47:20 129,024 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\Ps5ui.dll
+ 2008-04-14 00:12:03 728,576 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\ps5ui.dll
- 2003-05-05 23:47:20 455,168 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2008-04-14 00:12:03 543,232 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\pscript5.dll
- 2004-08-04 20:26:48 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2008-04-14 00:12:07 373,248 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrv.dll
- 2004-08-04 20:26:48 197,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2008-04-14 00:12:07 744,448 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrvui.dll
- 2004-08-04 20:26:36 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2007-05-15 08:08:53 761,344 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unires.dll
- 2006-03-16 04:00:00 74,752 ----a-w C:\WINDOWS\system32\spoolss.dll
+ 2008-04-14 00:12:06 75,264 ----a-w C:\WINDOWS\system32\spoolss.dll
- 2005-06-11 07:53:32 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
+ 2008-04-14 00:12:36 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
- 2005-06-28 17:21:34 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2007-08-11 03:46:18 26,488 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2008-04-14 00:12:36 20,992 ------w C:\WINDOWS\system32\spupdwxp.exe
- 2006-03-16 04:00:00 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll
- 2006-03-16 04:00:00 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll
- 2006-03-16 04:00:00 67,584 ----a-w C:\WINDOWS\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w C:\WINDOWS\system32\srclient.dll
- 2006-03-16 04:00:00 239,104 ----a-w C:\WINDOWS\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w C:\WINDOWS\system32\srrstr.dll
- 2006-03-16 04:00:00 170,496 ----a-w C:\WINDOWS\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w C:\WINDOWS\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
- 2006-03-16 04:00:00 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
- 2006-03-16 04:00:00 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
- 2006-03-16 04:00:00 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
- 2006-03-16 04:00:00 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
- 2006-03-16 04:00:00 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
- 2006-03-16 04:00:00 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
- 2006-03-16 04:00:00 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
- 2006-03-16 04:00:00 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
- 2006-03-16 04:00:00 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
- 2006-03-16 04:00:00 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
- 2006-03-16 04:00:00 54,272 ----a-w C:\WINDOWS\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w C:\WINDOWS\system32\stclient.dll
- 2006-03-16 04:00:00 67,584 ----a-w C:\WINDOWS\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w C:\WINDOWS\system32\sti.dll
- 2006-03-16 04:00:00 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
- 2006-03-16 04:00:00 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
- 2006-03-16 04:00:00 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
- 2004-08-04 15:56:46 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
- 2006-08-21 17:52:08 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2006-03-16 04:00:00 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll
- 2006-03-16 04:00:00 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
- 2006-03-16 04:00:00 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
- 2006-03-16 04:00:00 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
- 2006-03-16 04:00:00 105,984 ----a-w C:\WINDOWS\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w C:\WINDOWS\system32\sysocmgr.exe
- 2006-03-16 04:00:00 984,576 ----a-w C:\WINDOWS\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w C:\WINDOWS\system32\syssetup.dll
- 2006-03-16 04:00:00 68,096 ----a-w C:\WINDOWS\system32\systeminfo.exe
+ 2008-04-14 00:12:36 71,680 ----a-w C:\WINDOWS\system32\systeminfo.exe
- 2005-10-18 05:14:46 118,272 ----a-w C:\WINDOWS\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w C:\WINDOWS\system32\t2embed.dll
- 2006-03-16 04:00:00 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
- 2006-03-16 04:00:00 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w C:\WINDOWS\system32\tapisrv.dll
- 2006-03-16 04:00:00 72,192 ----a-w C:\WINDOWS\system32\taskkill.exe
+ 2008-04-14 00:12:37 76,288 ----a-w C:\WINDOWS\system32\taskkill.exe
- 2006-03-16 04:00:00 72,192 ----a-w C:\WINDOWS\system32\tasklist.exe
+ 2008-04-14 00:12:37 77,824 ----a-w C:\WINDOWS\system32\tasklist.exe
- 2006-03-16 04:00:00 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
- 2006-03-16 04:00:00 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
- 2006-03-16 04:00:00 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
- 2006-03-16 04:00:00 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
- 2006-03-16 04:00:00 358,400 ----a-w C:\WINDOWS\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w C:\WINDOWS\system32\termmgr.dll
- 2005-03-10 15:49:52 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
- 2005-11-23 13:39:30 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
- 2006-03-16 04:00:00 61,440 ----a-w C:\WINDOWS\system32\tlntadmn.exe
+ 2008-04-14 00:12:37 61,440 ----a-w C:\WINDOWS\system32\tlntadmn.exe
- 2006-03-16 04:00:00 78,336 ----a-w C:\WINDOWS\system32\tlntsess.exe
+ 2008-04-14 00:12:37 78,336 ----a-w C:\WINDOWS\system32\tlntsess.exe
- 2006-03-16 04:00:00 73,216 ----a-w C:\WINDOWS\system32\tlntsvr.exe
+ 2008-04-14 00:12:38 73,216 ----a-w C:\WINDOWS\system32\tlntsvr.exe
- 2006-03-16 04:00:00 7,168 ----a-w C:\WINDOWS\system32\tlntsvrp.dll
+ 2008-04-14 00:12:07 7,168 ----a-w C:\WINDOWS\system32\tlntsvrp.dll
- 2006-03-16 04:00:00 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
- 2006-03-16 04:00:00 259,584 ----a-w C:\WINDOWS\system32\tracerpt.exe
+ 2008-04-14 00:12:38 259,584 ----a-w C:\WINDOWS\system32\tracerpt.exe
- 2006-03-16 04:00:00 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
- 2006-03-16 04:00:00 11,264 ----a-w C:\WINDOWS\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w C:\WINDOWS\system32\tree.com
- 2006-03-16 04:00:00 90,624 ----a-w C:\WINDOWS\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w C:\WINDOWS\system32\trkwks.dll
- 2006-03-16 04:00:00 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 53,248 ------w C:\WINDOWS\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\system32\tspkg.dll
- 2006-03-16 04:00:00 44,032 ----a-w C:\WINDOWS\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
- 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2006-03-16 04:00:00 25,600 ----a-w C:\WINDOWS\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w C:\WINDOWS\system32\udhisapi.dll
- 2006-03-16 04:00:00 275,456 ----a-w C:\WINDOWS\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w C:\WINDOWS\system32\ulib.dll
- 2006-03-16 04:00:00 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
- 2006-03-16 04:00:00 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
- 2006-03-16 04:00:00 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
- 2006-03-16 04:00:00 316,416 ----a-w C:\WINDOWS\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w C:\WINDOWS\system32\untfs.dll
- 2006-03-16 04:00:00 132,608 ----a-w C:\WINDOWS\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w C:\WINDOWS\system32\upnp.dll
- 2006-03-16 04:00:00 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2006-03-16 04:00:00 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
- 2006-03-16 04:00:00 18,432 ----a-w C:\WINDOWS\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w C:\WINDOWS\system32\ups.exe
- 2006-03-16 04:00:00 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
- 2004-08-04 08:56:48 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w C:\WINDOWS\system32\user32.dll
- 2006-03-16 04:00:00 723,456 ----a-w C:\WINDOWS\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w C:\WINDOWS\system32\userenv.dll
- 2008-05-17 19:56:16 69,632 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\system32\usmt\cobramsg.dll
- 2006-03-16 04:00:00 123,904 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w C:\WINDOWS\system32\usmt\guitrna.dll
- 2006-03-16 04:00:00 4,096 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
- 2006-03-16 04:00:00 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
- 2006-03-16 04:00:00 201,216 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w C:\WINDOWS\system32\usmt\migisma.dll
- 2006-03-16 04:00:00 103,424 ----a-w C:\WINDOWS\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w C:\WINDOWS\system32\usmt\migload.exe
- 2006-03-16 04:00:00 240,128 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w C:\WINDOWS\system32\usmt\migwiza.exe
- 2006-03-16 04:00:00 202,752 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w C:\WINDOWS\system32\usmt\scripta.dll
- 2006-03-16 04:00:00 168,960 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w C:\WINDOWS\system32\usmt\sysmoda.dll
- 2006-03-16 04:00:00 406,528 ----a-w C:\WINDOWS\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w C:\WINDOWS\system32\usp10.dll
- 2006-03-16 04:00:00 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
- 2006-03-16 04:00:00 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
- 2006-03-16 04:00:00 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
- 2006-11-08 05:03:36 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2006-03-16 04:00:00 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
- 2006-03-16 04:00:00 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ------w C:\WINDOWS\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ------w C:\WINDOWS\system32\verclsid.exe
- 2006-03-16 04:00:00 13,312 ----a-w C:\WINDOWS\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w C:\WINDOWS\system32\verifier.dll
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\version.dll
- 2004-08-04 08:56:48 53,760 ----a-w C:\WINDOWS\system32\vfwwdm32.dll
+ 2008-04-14 00:12:08 53,760 ----a-w C:\WINDOWS\system32\vfwwdm32.dll
- 2006-03-16 04:00:00 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
- 2006-03-16 04:00:00 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
- 2006-03-16 04:00:00 174,592 ----a-w C:\WINDOWS\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w C:\WINDOWS\system32\w32time.dll
- 2006-03-16 04:00:00 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll
- 2006-03-16 04:00:00 208,896 ----a-w C:\WINDOWS\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w C:\WINDOWS\system32\wavemsp.dll
- 2006-03-16 04:00:00 1,352,192 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
- 2006-03-16 04:00:00 45,568 ----a-w C:\WINDOWS\system32\wbem\CmdEvTgProv.dll
+ 2008-04-14 00:11:53 45,056 ----a-w C:\WINDOWS\system32\wbem\cmdevtgprov.dll
- 2006-03-16 04:00:00 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
- 2006-03-16 04:00:00 22,016 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
- 2006-03-16 04:00:00 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
- 2006-03-16 04:00:00 185,856 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
- 2006-03-16 04:00:00 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
- 2006-03-16 04:00:00 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
- 2006-03-16 04:00:00 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
- 2006-03-16 04:00:00 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
- 2006-03-16 04:00:00 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
- 2006-03-16 04:00:00 92,672 ----a-w C:\WINDOWS\system32\wbem\policman.dll
+ 2008-04-14 00:12:02 92,672 ----a-w C:\WINDOWS\system32\wbem\policman.dll
- 2006-03-16 04:00:00 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
- 2006-03-16 04:00:00 177,152 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
- 2006-03-16 04:00:00 36,864 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
- 2006-03-16 04:00:00 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
- 2006-03-16 04:00:00 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
- 2006-03-16 04:00:00 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
- 2006-03-16 04:00:00 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
- 2006-03-16 04:00:00 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
- 2006-03-16 04:00:00 530,944 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
- 2006-03-16 04:00:00 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
- 2006-03-16 04:00:00 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
- 2006-03-16 04:00:00 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
- 2006-03-16 04:00:00 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
- 2006-03-16 04:00:00 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
- 2006-03-16 04:00:00 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
- 2006-03-16 04:00:00 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
- 2006-03-16 04:00:00 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
- 2006-03-16 04:00:00 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
- 2006-03-16 04:00:00 89,088 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
- 2006-03-16 04:00:00 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
- 2006-03-16 04:00:00 358,912 ----a-w C:\WINDOWS\system32\wbem\wmic.exe
+ 2008-04-14 00:12:40 358,912 ----a-w C:\WINDOWS\system32\wbem\wmic.exe
- 2006-03-16 04:00:00 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
- 2006-03-16 04:00:00 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
- 2006-03-16 04:00:00 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
- 2006-03-16 04:00:00 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
- 2006-03-16 04:00:00 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
- 2006-03-16 04:00:00 62,976 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
- 2006-03-16 04:00:00 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
- 2006-03-16 04:00:00 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
- 2006-03-16 04:00:00 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
- 2006-03-16 04:00:00 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
- 2006-03-16 04:00:00 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
- 2006-03-16 04:00:00 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
- 2006-03-24 04:37:50 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
- 2006-03-16 04:00:00 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2006-01-04 11:35:06 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
- 2006-03-16 04:00:00 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
- 2006-03-16 04:00:00 65,536 ----a-w C:\WINDOWS\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w C:\WINDOWS\system32\wextract.exe
- 2006-03-16 04:00:00 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
- 2006-03-16 04:00:00 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
- 2006-03-16 04:00:00 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
- 2006-03-16 04:00:00 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2006-03-16 04:00:00 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
- 2006-03-16 04:00:00 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
- 2006-03-16 04:00:00 101,888 ----a-w C:\WINDOWS\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w C:\WINDOWS\system32\win32spl.dll
- 2006-03-16 04:00:00 937,984 ----a-w C:\WINDOWS\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
+ 2008-04-14 00:12:08 712,704 ------w C:\WINDOWS\system32\windowscodecs.dll
+ 2008-04-14 00:12:08 346,112 ------w C:\WINDOWS\system32\windowscodecsext.dll
- 2006-03-16 04:00:00 351,232 ----a-w C:\WINDOWS\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w C:\WINDOWS\system32\winhttp.dll
- 2006-03-16 04:00:00 32,768 ----a-w C:\WINDOWS\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w C:\WINDOWS\system32\winipsec.dll
- 2006-03-16 04:00:00 502,272 ----a-w C:\WINDOWS\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w C:\WINDOWS\system32\winlogon.exe
- 2006-03-16 04:00:00 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
- 2006-03-16 04:00:00 764,928 ----a-w C:\WINDOWS\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w C:\WINDOWS\system32\winntbbu.dll
- 2006-03-16 04:00:00 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
- 2006-03-16 04:00:00 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
- 2006-03-16 04:00:00 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll
- 2006-03-16 04:00:00 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2006-03-16 04:00:00 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
- 2006-03-16 04:00:00 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
- 2006-03-16 04:00:00 5,632 ----a-w C:\WINDOWS\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w C:\WINDOWS\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w C:\WINDOWS\system32\wlanapi.dll
- 2006-03-16 04:00:00 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
- 2006-03-16 04:00:00 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
- 2006-03-16 04:00:00 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\wmpcd.dll
+ 2008-04-14 00:12:09 20,480 ----a-w C:\WINDOWS\system32\wmpcd.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\wmpcore.dll
+ 2008-04-14 00:12:09 20,480 ----a-w C:\WINDOWS\system32\wmpcore.dll
+ 2008-04-14 00:12:09 276,992 ------w C:\WINDOWS\system32\wmphoto.dll
- 2006-03-16 04:00:00 20,480 ----a-w C:\WINDOWS\system32\wmpui.dll
+ 2008-04-14 00:12:09 20,480 ----a-w C:\WINDOWS\system32\wmpui.dll
- 2006-03-16 04:00:00 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
- 2006-03-16 04:00:00 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll
- 2006-03-16 04:00:00 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
- 2006-03-16 04:00:00 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
- 2006-03-16 04:00:00 32,256 ----a-w C:\WINDOWS\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w C:\WINDOWS\system32\wpnpinst.exe
- 2006-03-16 04:00:00 82,944 ----a-w C:\WINDOWS\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w C:\WINDOWS\system32\ws2_32.dll
- 2006-03-16 04:00:00 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
- 2006-03-16 04:00:00 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
- 2006-03-16 04:00:00 114,688 ----a-w C:\WINDOWS\system32\wscript.exe
+ 2008-04-14 00:12:41 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
- 2006-03-16 04:00:00 81,408 ----a-w C:\WINDOWS\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w C:\WINDOWS\system32\wscsvc.dll
- 2006-03-16 04:00:00 596,992 ----a-w C:\WINDOWS\system32\wsecedit.dll
+ 2008-04-14 00:12:10 604,160 ----a-w C:\WINDOWS\system32\wsecedit.dll
- 2006-03-16 04:00:00 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll
- 2006-03-16 04:00:00 28,672 ----a-w C:\WINDOWS\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w C:\WINDOWS\system32\wshcon.dll
- 2006-03-16 04:00:00 65,536 ----a-w C:\WINDOWS\system32\wshext.dll
+ 2008-04-14 00:12:10 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
- 2006-03-16 04:00:00 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
- 2006-03-16 04:00:00 11,776 ----a-w C:\WINDOWS\system32\WshRm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w C:\WINDOWS\system32\wshrm.dll
- 2006-03-16 04:00:00 19,968 ----a-w C:\WINDOWS\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w C:\WINDOWS\system32\wshtcpip.dll
- 2006-03-16 04:00:00 42,496 ----a-w C:\WINDOWS\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w C:\WINDOWS\system32\wsnmp32.dll
- 2006-03-16 04:00:00 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
- 2006-03-16 04:00:00 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
- 2006-03-16 04:00:00 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
- 2006-03-16 04:00:00 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
- 2005-06-22 06:00:18 383,488 ----a-w C:\WINDOWS\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w C:\WINDOWS\system32\wzcdlg.dll
- 2005-06-22 06:00:18 52,736 ----a-w C:\WINDOWS\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w C:\WINDOWS\system32\wzcsapi.dll
- 2005-06-22 06:00:18 474,624 ----a-w C:\WINDOWS\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w C:\WINDOWS\system32\wzcsvc.dll
- 2006-03-16 04:00:00 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
- 2006-03-16 04:00:00 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
- 2006-07-14 15:51:51 121,856 ------w C:\WINDOWS\system32\xmllite.dll
+ 2008-04-14 00:12:11 121,856 ----a-w C:\WINDOWS\system32\xmllite.dll
- 2006-03-16 04:00:00 129,536 ----a-w C:\WINDOWS\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w C:\WINDOWS\system32\xmlprov.dll
- 2006-03-16 04:00:00 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll
- 2006-03-02 03:42:42 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
- 2006-03-16 04:00:00 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
- 2006-03-16 04:00:00 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
- 2006-03-16 04:00:00 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
- 2007-10-29 10:04:03 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
- 2006-03-16 04:00:00 337,920 ----a-w C:\WINDOWS\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w C:\WINDOWS\system32\zipfldr.dll
- 2006-03-16 04:00:00 50,688 ----a-w C:\WINDOWS\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w C:\WINDOWS\twain_32.dll
- 2006-03-16 04:00:00 283,648 ----a-w C:\WINDOWS\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w C:\WINDOWS\winhlp32.exe
- 2007-01-19 20:15:24 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-12-02 05:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-02 05:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-02 05:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2006-03-16 04:00:00 853,504 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2006-03-16 04:00:00 991,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2006-03-16 04:00:00 132,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 23:06 2321600]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 16:19 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 17:12 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:56 64512]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 22:58 458752]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 21:03 36975]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-22 13:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 13:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-22 13:17 118784]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 08:02 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-16 22:22 794713]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-07-19 15:14 102400]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 16:30 249856]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 11:33 163840]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 10:50 40960]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 10:23 1187840]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [2006-02-09 09:52 643072]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-10-04 12:42 48752]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2005-11-15 13:28 85744]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24 620152]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40 1884160]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-06-02 11:13 267048]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2007-06-13 18:52:13 295606]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 12:40:44 282624]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 09:39:30 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\mqsvc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

R3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;C:\WINDOWS\system32\Drivers\5U870CAP.sys [2006-06-06 13:39]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bd214b2-1a15-11dc-b84d-0018de1c8cff}]
\Shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{65412d33-ca47-11dc-978b-0018de1c8cff}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

.
Contents of the 'Scheduled Tasks' folder
"2008-06-10 02:49:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 10:10:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????^??????`?@?????L?@

scanning hidden files ...


**************************************************************************
.
Completion time: 2008-06-11 10:14:04
ComboFix-quarantined-files.txt 2008-06-11 17:13:00
ComboFix2.txt 2008-06-08 18:50:17
ComboFix3.txt 2008-06-08 18:14:40

Pre-Run: 54,855,835,648 bytes free
Post-Run: 55,025,680,384 bytes free

5043 --- E O F --- 2008-06-02 23:55:02

#12 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 11 June 2008 - 04:00 PM

kaspersky log

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, June 11, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, June 11, 2008 16:41:50
Records in database: 852182
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 172293
Threat name: 8
Infected objects: 10
Suspicious objects: 0
Duration of the scan: 02:56:25


File name / Threat name / Threats count
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1EE0434B.exe Infected: not-a-virus:AdWare.Win32.180Solutions.ax 1
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A300000.VBN Infected: Trojan-Downloader.Win32.Homles.bs 1
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A300001.VBN Infected: Trojan-Downloader.Win32.Agent.plz 1
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BA40000.VBN Infected: Rootkit.Win32.Agent.aiv 1
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C080000\4C4DA88D.VBN Infected: Trojan-Clicker.Win32.Delf.ads 1
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C080001\4C4DB55B.VBN Infected: Trojan-Clicker.Win32.Delf.ads 1
C:\Program Files\Online Services\PeoplePC\ISP5900\Branding\ppal3ppc.exe Infected: not-a-virus:AdWare.Win32.Agent.aeh 1
C:\QooBox\Quarantine\C\WINDOWS\system32\000070.exe.vir Infected: Trojan-Downloader.Win32.PurityScan.gb 1
C:\WINDOWS\system32\5U870CAPm.exe Infected: Trojan.Win32.Pakes.dau 1
C:\WINDOWS\system32\drivers\5U870CAP.sys Infected: Rootkit.Win32.Agent.aiv 1

The selected area was scanned.



hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:35:51 PM, on 6/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\David Garcia\Local Settings\Temp\jkos-David Garcia\binaries\ScanningProcess.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 13860 bytes

#13 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 12 June 2008 - 11:54 AM

Please download GMER and unzip it to your Desktop.
  • Open the program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results (if any) into this thread.

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#14 i8dacat

i8dacat
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 12 June 2008 - 05:55 PM

GMER log

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-06-12 15:54:08
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT 8654AEE0 ZwConnectPort
SSDT \??\C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xA207ADC0]
SSDT \??\C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xA207B020]

---- User code sections - GMER 1.0.14 ----

.text C:\Program Files\internet explorer\iexplore.exe[3824] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 42F0F301 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[3824] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 430A1712 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[3824] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 430A1693 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[3824] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 430A16D7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[3824] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 430A161F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[3824] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 430A1659 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[3824] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 430A174D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[3824] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 42F316B6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.14 ----

#15 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 13 June 2008 - 09:26 AM

Hello, Do you use PeoplePC program?

Please show hidden files and folders. Please visit HERE if you don't know how.

Jotti File Submission:
  • Please go to Jotti's malware scan
  • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:
    • C:\WINDOWS\system32\drivers\5U870CAP.sys
  • Click on the submit button
  • Please post the results in your next reply.
If Jotti server is too busy, please submit the file to VirusTotal instead.



Please post the following in your next reply..

1. Jotti/VirusTotal result
2. A fresh Deckard System Scanner log (afte Jotti step)
3. Tell me about your computer condition..


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users