Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Vundo Variant


  • Please log in to reply
42 replies to this topic

#1 crocolyle

crocolyle

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 02 August 2008 - 12:01 AM

Our computer seems to have picked up a nasty Trojan. I have tried using SUPER AntiSpyware and SpyBot to remove it, but while both find the infection, neither one is able to remove it. They are showing registry infections as follows:

HKLM\Software\Microsoft\aoprndtws
HKU\S-1-5-21-375\624626-2864485955-407221-8217-1003\Software\Microsoft\rdfa

After scanning and finding them, they both say they will remove the infection, but upon reboot and rescan, they are there again. Prior to scanning and finding these, we noticed pop-up adds even before we had opened Internet Explorer. The pop-ups seem to have stopped for now but we haven't been using the computer for the last day or so while investigating this issue. We have noticed at times all of the icons on the desktop will suddenly disappear.

Below are my DSS and Kapersky Reports. Please help if you can. Thank you.

Main.txt log:
Deckard's System Scanner v20071014.68
Run by Owner on 2008-08-01 23:57:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
7: 2008-08-02 05:57:32 UTC - RP7 - Deckard's System Scanner Restore Point
6: 2008-08-02 02:04:25 UTC - RP6 - Installed Java™ 6 Update 7
5: 2008-08-01 23:15:31 UTC - RP5 - Software Distribution Service 3.0
4: 2008-08-01 22:41:37 UTC - RP4 - Software Distribution Service 3.0
3: 2008-08-01 21:36:40 UTC - RP3 - System Checkpoint


-- First Restore Point --
1: 2008-07-31 18:05:20 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 448 MiB (512 MiB recommended).
System Drive C: has 6.71 GiB (less than 15%) free.


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:59, on 2008-08-01
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\InterMute\SpamSubtract\SpamSub.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://netservices.verizon.net/portal/link/main/vzcentral
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
O2 - BHO: {f897d8d8-5553-142a-6bd4-a9ffaf9748c2} - {2c8479fa-ff9a-4db6-a241-35558d8d798f} - C:\WINDOWS\system32\rrhlcs.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {F995BA63-E03A-45B0-A5DA-BF378DA63DC5} - C:\WINDOWS\system32\urqnoonn.dll (file missing)
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [40408b53] rundll32.exe "C:\WINDOWS\system32\pmqbgarr.dll",b
O4 - HKLM\..\Run: [BM4373b8cf] Rundll32.exe "C:\WINDOWS\system32\mcxihoqo.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Mljvew] C:\WINDOWS\?icrosoft.NET\j?vaw.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe
O4 - Startup: SpamSubtract.lnk = C:\Program Files\InterMute\SpamSubtract\SpamSub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://onlinedesigner.hgtv.com/images/app/view22rte.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/games/web_...outLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.games.yahoo.com/games/web_...e/gpcontrol.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

--
End of file - 12881 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080324-174743-690 O4 - Startup: RABCO - Auto Update.lnk = C:\Program Files\RABCO\RABCOse.exe
backup-20080419-191755-610 O4 - HKLM\..\Run: [BM4373b8cf] Rundll32.exe "C:\WINDOWS\system32\ythphrir.dll",s
backup-20080419-191755-996 O4 - HKLM\..\Run: [40408b53] rundll32.exe "C:\WINDOWS\system32\qmieeofc.dll",b

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 NEOFLTR_520_9895 (Juniper Networks TDI Filter Driver (NEOFLTR_520_9895)) - c:\windows\system32\drivers\neofltr_520_9895.sys <Not Verified; Neoteris; Secure Application Manager>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

S1 s3gnbmm - c:\windows\system32\drivers\s3gnbmm.sys (file missing)
S3 CA500AI (LV-10 Still Image Capture Version 1.00) - c:\windows\system32\drivers\2nf.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S3 catchme - c:\combofix\catchme.sys (file missing)
S3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT®>
S3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys (file missing)
S3 SABProcEnum - c:\program files\internet explorer\sabprocenum.sys (file missing)
S3 vsdatant - c:\windows\system32\vsdatant.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-07 10:01:03 264 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job
2008-06-07 10:00:56 436 --a------ C:\WINDOWS\Tasks\EasyShare Registration Task.job
2007-06-27 17:20:52 338 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser.job


-- Files created between 2008-07-01 and 2008-08-01 -----------------------------

2008-08-01 18:00:57 0 d-------- C:\WINDOWS\Prefetch
2008-08-01 17:50:30 0 d-------- C:\WINDOWS\LastGood.Tmp
2008-08-01 17:43:08 0 d-------- C:\WINDOWS\system32\scripting
2008-08-01 17:43:04 0 d-------- C:\WINDOWS\l2schemas
2008-08-01 17:43:03 0 d-------- C:\WINDOWS\system32\en
2008-08-01 17:34:49 0 d-------- C:\WINDOWS\network diagnostic
2008-08-01 13:02:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-01 10:01:37 53248 --a------ C:\WINDOWS\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-07-31 12:07:27 68096 --a------ C:\WINDOWS\zip.exe
2008-07-31 12:07:27 49152 --a------ C:\WINDOWS\VFind.exe
2008-07-31 12:07:27 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-07-31 12:07:27 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-07-31 12:07:27 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-07-31 12:07:27 98816 --a------ C:\WINDOWS\sed.exe
2008-07-31 12:07:27 80412 --a------ C:\WINDOWS\grep.exe
2008-07-31 12:07:27 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-07-31 01:34:19 0 d-------- C:\WINDOWS\ERUNT
2008-07-30 12:30:06 83456 --a------ C:\WINDOWS\system32\pmqbgarr.dll
2008-07-30 12:26:59 105472 --a------ C:\WINDOWS\system32\xtybkjwi.dll
2008-07-30 11:54:20 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Adobe
2008-07-30 11:31:25 0 d-------- C:\Program Files\Common Files\wiuq
2008-07-30 11:31:24 0 d-------- C:\WINDOWS\wiuq
2008-07-30 10:57:48 105472 --a------ C:\WINDOWS\system32\lccrkb.dll
2008-07-30 10:57:47 105472 --a------ C:\WINDOWS\system32\vjvinlnl.dll
2008-07-30 10:55:57 91648 --a------ C:\WINDOWS\system32\ljoascxp.dll
2008-07-30 10:49:34 0 d-------- C:\WINDOWS\system32\kBin19
2008-07-16 20:47:13 0 d-------- C:\WINDOWS\Cache
2008-07-16 20:47:12 0 d-------- C:\Program Files\Coupons


-- Find3M Report ---------------------------------------------------------------

2008-08-01 20:06:17 0 d-------- C:\Program Files\Java
2008-08-01 18:00:22 0 d-------- C:\Program Files\Messenger
2008-08-01 17:43:02 0 d-------- C:\Program Files\Movie Maker
2008-08-01 17:38:07 0 d-------- C:\Program Files\Windows NT
2008-08-01 13:31:44 0 d-------- C:\Program Files\Enigma Software Group
2008-07-31 17:49:14 0 d-------- C:\Program Files\Common Files
2008-07-26 00:35:11 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-26 00:33:06 0 d-------- C:\Documents and Settings\Owner\Application Data\AdobeUM
2008-06-29 10:09:53 379187 --a------ C:\logfile
2008-06-26 18:51:18 0 d-------- C:\Documents and Settings\Owner\Application Data\Juniper Networks
2008-06-04 20:02:27 0 d-------- C:\Program Files\SUPERAntiSpyware


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2c8479fa-ff9a-4db6-a241-35558d8d798f}]
C:\WINDOWS\system32\rrhlcs.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F995BA63-E03A-45B0-A5DA-BF378DA63DC5}]
C:\WINDOWS\system32\urqnoonn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-04-01 01:28]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04]
"HPHUPD05"="c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-21 05:23]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2003-08-21 05:15]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 14:43]
"VTTimer"="VTTimer.exe" [2004-10-22 10:53 C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 08:06 C:\WINDOWS\AGRSMMSG.exe]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 17:57]
"Motive SmartBridge"="C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe" [2002-05-18 11:04]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 12:47 C:\WINDOWS\ALCXMNTR.EXE]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 09:46]
"UpdateManager"="c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 00:01]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [2005-03-02 18:19]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2005-03-18 19:28]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-10-29 07:43]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-01-27 11:17]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-06-05 08:06]
"40408b53"="C:\WINDOWS\system32\pmqbgarr.dll" [2008-07-30 12:30]
"BM4373b8cf"="C:\WINDOWS\system32\mcxihoqo.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 18:12]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-05-19 18:38]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-06-04 20:02]
"Mljvew"="C:\WINDOWS\?icrosoft.NET\j?vaw.exe" []
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"TSClientMSIUninstaller"=cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
"TSClientAXDisabler"=cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
"disableregistrytools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-21 11:40 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8940 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-08-02 00:01:10 ------------


Extra.txt log:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: English

CPU 0: AMD Athlon™ XP 2800+
Percentage of Memory in Use: 77%
Physical Memory (total/avail): 447.48 MiB / 102.89 MiB
Pagefile Memory (total/avail): 1055.73 MiB / 753.84 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1917.98 MiB

C: is Fixed (NTFS) - 69.73 GiB total, 6.71 GiB free.
D: is CDROM (No Media)
E: is Fixed (FAT32) - 4.79 GiB total, 0.62 GiB free.
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)

\\.\PHYSICALDRIVE0 - WDC WD800BB-22FJA1 - 74.53 GiB - 2 partitions
\PARTITION0 - Unknown - 4.79 GiB - E:
\PARTITION1 (bootable) - Installable File System - 69.73 GiB - C:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PAVILION
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\PAVILION
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\services;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=PAVILION
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)
Administrator (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\PROGRA~1\VERIZO~1\Uninstall.exe Verizon
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\NuNInst.exe /UNINSTALL
--> c:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00B9-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00BF-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{95E1CCAE-8286-4035-B5F7-1B147254A2CB}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
--> VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer'
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Agere Systems PCI Soft Modem --> agrsmdel
BitComet 0.81 --> C:\Program Files\BitComet\uninst.exe
Bounce Symphony from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\D11F7128-8CBD-408B-8BF8-034604DEDD42\Uninstall.exe"
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Coupon Printer for Windows --> "C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
fflink --> MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hoyle Board Games 3 Demo --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HBG3DEMO\Uninst.isu
Hoyle Board Games 4 --> C:\WINDOWS\IsUninst.exe -f"C:\SIERRA\Hoyle Board Games 4\Uninst.isu"
Hoyle Card Games 3 Demo --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HCG3DEMO\Uninst.isu
Hoyle Casino 4 Demo --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HC4DEMO\Uninst.isu
Hoyle Classic Games --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HOYLECG\Uninst.isu
Hoyle Word Games 2 --> C:\WINDOWS\IsUninst.exe -f"C:\SIERRA\Hoyle Word Games 2\Uninst.isu"
HP Deskjet 3840 Series --> rundll32 hpzcon10.dll,VendorJettison HP Deskjet 3840 Series
HP Deskjet Preloaded Printer Drivers --> MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 3.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 3.5 --> C:\Program Files\HP\Digital Imaging\{C6C44651-7C66-4b11-92E8-17565D3D22DD}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Instant Support --> C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Organize --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0122362-6333-4DE4-93F6-A5A2F3CC101A}\Setup.exe" UNINSTALL
HP Photo & Imaging 3.5 - HP Devices --> C:\Program Files\HP\Digital Imaging\{15B9DC72-73F9-4d99-9E28-848D66DA8D99}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP PSC & OfficeJet 3.5 --> "C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update --> MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
HPIZ350 --> MsiExec.exe /X{F247869D-3643-4A9F-821B-3534145928E3}
ImgBurn (Remove Only) --> "C:\Program Files\ImgBurn\uninstall.exe"
IntelliMover Data Transfer Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java™ 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Juniper Networks Secure Application Manager --> C:\Program Files\Neoteris\Secure Application Manager\UninstallSAM.exe
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
KBD --> C:\HP\KBD\KBD.EXE uninstalled
kgcbaby --> MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday --> MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn --> MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt --> MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids --> MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove --> MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday --> MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_190001_d01d5\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Logitech QuickCam --> MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0}
Logitech® Camera Driver --> "C:\Program Files\Common Files\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
LV-10 --> C:\Program Files\mdsclv\uninst.exe C:\Program Files\mdsclv\install.log
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
McAfee SecurityCenter --> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=msc /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm
McAfee VirusScan --> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=vso /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\vsoremui.dll::uninstall.htm
Memorex exPressit Label Design Studio --> C:\WINDOWS\mvuninst\App1\mvuninst.exe "Memorex exPressit Label Design Studio"
Memories Disc Creator 2.0 --> MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
MetaFrame Presentation Server Web Client for Win32 --> C:\WINDOWS\system32\ctxsetup.exe /uninst C:\PROGRA~1\Citrix\icaweb32\uninst.inf
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Outlook Connector --> MsiExec.exe /I{95FC84C0-9F15-4831-8605-396FDC42071D}
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition --> MsiExec.exe /I{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works 7.0 --> MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
MSN --> C:\Program Files\MSN\MsnInstaller\msniadm.exe /Action:ARP
MSN Messenger 7.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600816}
MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MVision --> MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
netbrdg --> MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
Orbital from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\62067F4C-84A9-45B9-8573-B90468B0A3EF\Uninstall.exe"
Otto from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\BFBCBAE3-8293-4215-9C4F-C2402C118EDB\Uninstall.exe"
Overball from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\6723E59E-322A-417A-8E03-27A61E18253C\Uninstall.exe"
PC-Doctor for Windows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
Photosmart 140,240,7200,7600,7700,7900 Series --> C:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
Polar Bowler from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\36317AE4-57EC-4F3E-B828-009A3DD96BE8\Uninstall.exe"
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2004 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8} anything
QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
QuickVCD Player v3.0 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\QuickVCD Player v3.0\ST6UNST.LOG"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
S3 S3Display --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2 --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2 --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
Sierra Utilities --> C:\Program Files\Sierra On-Line\sutil32.exe uninstall
SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Slyder from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A\Uninstall.exe"
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SpamSubtract --> C:\Program Files\InterMute\SpamSubtract\SSuinst.exe
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Toolkit View(HP) --> c:\Windows\HPTK\unhptkit.exe
tooltips --> MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
Tradewinds from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\F5215F01-DFC0-475D-A910-6F1AF94E807E\Uninstall.exe"
Updates from HP --> C:\WINDOWS\BWUnin-6.2.3.66.exe -AppId 137903
Verizon Online --> C:\WINDOWS\System32\VerizonUninstaller.exe
Verizon Online Support Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00A1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
VIA Rhine-Family Fast Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VIA/S3G Display Driver --> VTsetvga.exe -s -rRundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\hg201hp.inf
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Webtools --> cmd /C regsvr32 /u /s "C:\Program Files\Webtools\webtools.dll" & reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Webtools" /f & reg add HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce /v DelOldFile /d "cmd.exe /C rmdir /Q /S \"C:\Program Files\Webtools\\"" /f
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Word Symphony from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\B8610D19-E576-4F91-8A2F-07898D9CA301\Uninstall.exe"
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll


-- Application Event Log -------------------------------------------------------

Event Record #/Type33415 / Warning
Event Submitted/Written: 08/01/2008 11:56:45 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{364EC092-93CF-4DDC-9D7A-7278452028E0}', feature 'QuickCam' failed during request for component '{3BBB8098-03C8-48DC-AA83-9B2159E12E0D}'

Event Record #/Type33414 / Warning
Event Submitted/Written: 08/01/2008 11:56:45 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{364EC092-93CF-4DDC-9D7A-7278452028E0}', feature 'QuickCam', component '{B52C7B4D-F46F-438C-ADF2-05A138C57757}' failed. The resource 'HKEY_CURRENT_USER\Software\Logitech\QuickCam10\DesktopShortcutKey' does not exist.

Event Record #/Type33413 / Warning
Event Submitted/Written: 08/01/2008 11:56:45 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{364EC092-93CF-4DDC-9D7A-7278452028E0}', feature 'QuickCam' failed during request for component '{3BBB8098-03C8-48DC-AA83-9B2159E12E0D}'

Event Record #/Type33412 / Warning
Event Submitted/Written: 08/01/2008 11:56:45 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{364EC092-93CF-4DDC-9D7A-7278452028E0}', feature 'QuickCam', component '{B52C7B4D-F46F-438C-ADF2-05A138C57757}' failed. The resource 'HKEY_CURRENT_USER\Software\Logitech\QuickCam10\DesktopShortcutKey' does not exist.

Event Record #/Type33411 / Warning
Event Submitted/Written: 08/01/2008 11:56:43 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{364EC092-93CF-4DDC-9D7A-7278452028E0}', feature 'QuickCam' failed during request for component '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type46652 / Error
Event Submitted/Written: 08/01/2008 06:01:27 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The mrtRate service failed to start due to the following error:
%%2

Event Record #/Type46615 / Error
Event Submitted/Written: 08/01/2008 04:34:26 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The mrtRate service failed to start due to the following error:
%%2

Event Record #/Type46591 / Error
Event Submitted/Written: 08/01/2008 02:27:42 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The mrtRate service failed to start due to the following error:
%%2

Event Record #/Type46564 / Error
Event Submitted/Written: 08/01/2008 01:43:28 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The mrtRate service failed to start due to the following error:
%%2

Event Record #/Type46533 / Error
Event Submitted/Written: 08/01/2008 00:58:03 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The mrtRate service failed to start due to the following error:
%%2



-- End of Deckard's System Scanner: finished at 2008-08-02 00:01:10 ------------

Kapersky Log:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, August 1, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, August 02, 2008 01:17:16
Records in database: 1043134
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Scan statistics:
Files scanned: 102423
Threat name: 27
Infected objects: 59
Suspicious objects: 0
Duration of the scan: 02:51:18


File name / Threat name / Threats count
C:\WINDOWS\system32\pmqbgarr.dll/C:\WINDOWS\system32\pmqbgarr.dll Infected: Trojan.Win32.Monder.biw 25
C:\QooBox\Quarantine\C\Temp\nmes3302.exe.vir Infected: Trojan-Downloader.Win32.Small.buy 1
C:\QooBox\Quarantine\C\Temp\nmes3302.exe.vir Infected: Trojan-Downloader.Win32.Small.tei 1
C:\QooBox\Quarantine\C\Temp\nmes3302.exe.vir Infected: not-a-virus:AdWare.Win32.TTC.d 1
C:\QooBox\Quarantine\C\Temp\nmes3302.exe.vir Infected: not-a-virus:AdWare.Win32.Rabio.g 1
C:\QooBox\Quarantine\C\WINDOWS\system32\aqVreo01\aqVreo011065.exe.vir Infected: Trojan-Downloader.Win32.VB.dkg 1
C:\QooBox\Quarantine\C\WINDOWS\system32\ethpdyij.dll.vir Infected: Trojan.Win32.Monder.r 1
C:\QooBox\Quarantine\C\WINDOWS\system32\fmevscht.dll.vir Infected: Trojan.Win32.Monder.ac 1
C:\QooBox\Quarantine\C\WINDOWS\system32\gside.exe.vir Infected: not-a-virus:AdWare.Win32.BHO.cdk 1
C:\QooBox\Quarantine\C\WINDOWS\system32\idhxumam.dll.vir Infected: Trojan.Win32.Monder.o 1
C:\QooBox\Quarantine\C\WINDOWS\system32\jopkvmxk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.qua 1
C:\QooBox\Quarantine\C\WINDOWS\system32\larigirv.dll.vir Infected: Trojan.Win32.Monder.bc 1
C:\QooBox\Quarantine\C\WINDOWS\system32\mxikpqgr.dll.vir Infected: Trojan.Win32.Monder.bl 1
C:\QooBox\Quarantine\catchme2008-03-25_162112.46.zip Infected: Trojan.Win32.Monder.gen 2
C:\Temp\bPccE7001.exe Infected: Trojan-Downloader.Win32.Small.buy 1
C:\Temp\bPccE7001.exe Infected: Trojan-Downloader.Win32.Small.uny 1
C:\Temp\bPccE7001.exe Infected: Trojan.Win32.Agent.lke 1
C:\Temp\bPccE7001.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.am 1
C:\Temp\nbU103h.exe Infected: Trojan-Downloader.Win32.Small.buy 1
C:\Temp\nbU103h.exe Infected: Trojan-Downloader.Win32.Small.yxa 1
C:\Temp\nbU103h.exe Infected: Trojan.Win32.Agent.lom 1
C:\Temp\nbU103h.exe Infected: Trojan-Clicker.Win32.Agent.blk 1
C:\VundoFix Backups\jkkjh.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.gen 1
C:\VundoFix Backups\mljjh.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.gen 1
C:\VundoFix Backups\mllmn.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.gen 1
C:\VundoFix Backups\vtsqp.dll.bad Infected: Trojan-Downloader.Win32.ConHook.r 1
C:\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.b 1
C:\WINDOWS\system32\COMDLG32.OCX Infected: HackTool.Win32.VB.yl 1
C:\WINDOWS\system32\kBin19\kBin191065.exe Infected: Trojan-Downloader.Win32.VB.gfh 1
C:\WINDOWS\system32\lccrkb.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.bwk 1
C:\WINDOWS\system32\ljoascxp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.aejo 1
C:\WINDOWS\system32\pmqbgarr.dll Infected: Trojan.Win32.Monder.biw 1
C:\WINDOWS\system32\vjvinlnl.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.bwk 1
C:\WINDOWS\system32\xtybkjwi.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.bwk 1

The selected area was scanned.

BC AdBot (Login to Remove)

 


m

#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:04:49 AM

Posted 02 August 2008 - 05:59 AM

Hi and welcome to BC! :thumbsup:

Please download Combofix to your desktop.
Doubleclick combofix.exe to launch the application.

Follow the prompts that will be displayed on the screen.
Don't click on the window while the fix is running, because that will cause your system to hang.
When finished, it should produce a log, combofix.txt.
Post this log in your next reply together with a new hijackthislog.

#3 crocolyle

crocolyle
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 02 August 2008 - 12:40 PM

Thank you for your quick response D-Trojanator.

When I run ComboFix, how long should it take? I tried running it once but McAfee saw the script running and stopped it. So I rebooted since ComboFix was locked up, disabled script checking, and tried running ComboFix again. After an hour, the window says "Completed Stage_37" but just sits there now.

Any advice?

#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:04:49 AM

Posted 02 August 2008 - 07:07 PM

It could be that the processes you have running are stopping Combofix from working.
We can try something else - first ensure that combofix is saved to your desktop!

Run ComboFix using these instructions:

Click the Windows 'Start' button > Select 'Run' - then copy/paste the following bolded text into the run box & click OK.

"%userprofile%\desktop\combofix.exe" /killall

When finished, it shall produce a log for you. Post that log in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

#5 crocolyle

crocolyle
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 04 August 2008 - 11:17 AM

Thanks D-Trojanator, running it that way did the trick! :thumbsup:

The combfix log was too big to paste into the text part and too big to attach as a file. I will attach as much as I can in one file and then post the rest in the text of the next post.

Below is the Hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:52:54 AM, on 8/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ahead\InCD\InCD.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\InterMute\SpamSubtract\SpamSub.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://netservices.verizon.net/portal/link/main/vzcentral
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [40408b53] rundll32.exe "C:\WINDOWS\system32\pmqbgarr.dll",b
O4 - HKLM\..\Run: [BM4373b8cf] Rundll32.exe "C:\WINDOWS\system32\mcxihoqo.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Mljvew] C:\WINDOWS\?icrosoft.NET\j?vaw.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe
O4 - Startup: SpamSubtract.lnk = C:\Program Files\InterMute\SpamSubtract\SpamSub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://onlinedesigner.hgtv.com/images/app/view22rte.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/games/web_...outLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.games.yahoo.com/games/web_...e/gpcontrol.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

--
End of file - 12461 bytes

Edited by crocolyle, 04 August 2008 - 11:20 AM.


#6 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:04:49 AM

Posted 04 August 2008 - 11:39 AM

Glad to hear that combofix worked now, but I don't see any attachments..

#7 crocolyle

crocolyle
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 04 August 2008 - 11:57 AM

I've got part of the combofix log down to under the 512k limit, but the rest of it is still too big to put into one post. Is there somewhere I can put a larger file? Or how many characters can I have in one post?

#8 crocolyle

crocolyle
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 04 August 2008 - 12:20 PM

Part 1 - http://www.bleepingcomputer.com/forums/ind...ost&id=6895

Part 2:

- 2004-08-04 06:07:43 44,672 -c----w C:\WINDOWS\ServicePackFiles\i386\uagp35.sys
+ 2008-04-13 18:36:40 44,672 ------w C:\WINDOWS\ServicePackFiles\i386\uagp35.sys
- 2004-08-04 06:00:31 66,176 -c----w C:\WINDOWS\ServicePackFiles\i386\udfs.sys
+ 2008-04-13 18:32:36 66,048 ------w C:\WINDOWS\ServicePackFiles\i386\udfs.sys
- 2004-08-04 07:56:46 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\udhisapi.dll
- 2004-08-04 07:56:46 275,456 -c----w C:\WINDOWS\ServicePackFiles\i386\ulib.dll
+ 2008-04-14 00:12:07 275,456 ------w C:\WINDOWS\ServicePackFiles\i386\ulib.dll
- 2004-08-04 07:56:46 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\umandlg.dll
- 2004-08-04 07:56:46 118,272 ------w C:\WINDOWS\ServicePackFiles\i386\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\umpnpmgr.dll
- 2004-08-04 07:56:46 264,704 ------w C:\WINDOWS\ServicePackFiles\i386\unidrv.dll
+ 2008-04-14 00:12:07 373,248 ------w C:\WINDOWS\ServicePackFiles\i386\unidrv.dll
- 2004-08-04 07:56:46 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\unidrvui.dll
+ 2008-04-14 00:12:07 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\unidrvui.dll
- 2004-08-04 07:56:46 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\unimdmat.dll
- 2004-08-04 07:56:46 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\uniplat.dll
- 2004-08-04 07:56:34 619,520 ------w C:\WINDOWS\ServicePackFiles\i386\unires.dll
+ 2007-05-15 08:08:53 761,344 ------w C:\WINDOWS\ServicePackFiles\i386\unires.dll
- 2004-08-04 07:56:46 316,416 -c----w C:\WINDOWS\ServicePackFiles\i386\untfs.dll
+ 2008-04-14 00:12:07 316,416 ------w C:\WINDOWS\ServicePackFiles\i386\untfs.dll
- 2004-08-04 05:58:32 209,408 ------w C:\WINDOWS\ServicePackFiles\i386\update.sys
+ 2008-04-13 18:39:46 384,768 ------w C:\WINDOWS\ServicePackFiles\i386\update.sys
- 2004-08-04 07:56:57 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\uploadm.exe
+ 2008-04-14 00:12:38 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\uploadm.exe
- 2004-08-04 07:56:46 132,608 ------w C:\WINDOWS\ServicePackFiles\i386\upnp.dll
+ 2008-04-14 00:12:08 133,632 ------w C:\WINDOWS\ServicePackFiles\i386\upnp.dll
- 2004-08-04 07:56:57 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe
- 2004-08-04 07:56:46 185,344 -c----w C:\WINDOWS\ServicePackFiles\i386\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ------w C:\WINDOWS\ServicePackFiles\i386\upnphost.dll
- 2004-08-04 07:56:46 239,616 ------w C:\WINDOWS\ServicePackFiles\i386\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ------w C:\WINDOWS\ServicePackFiles\i386\upnpui.dll
- 2004-08-04 07:56:57 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\ups.exe
+ 2008-04-14 00:12:38 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\ups.exe
- 2004-08-04 07:56:46 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\url.dll
+ 2008-04-14 00:12:08 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\url.dll
- 2004-08-04 07:56:46 601,088 -c----w C:\WINDOWS\ServicePackFiles\i386\urlmon.dll
+ 2008-04-14 00:12:08 619,520 ------w C:\WINDOWS\ServicePackFiles\i386\urlmon.dll
- 2004-08-04 06:04:32 12,672 -c----w C:\WINDOWS\ServicePackFiles\i386\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023.sys
- 2004-08-04 06:04:33 12,672 -c----w C:\WINDOWS\ServicePackFiles\i386\usb8023x.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023x.sys
- 2004-08-04 06:07:55 59,264 -c----w C:\WINDOWS\ServicePackFiles\i386\usbaudio.sys
+ 2008-04-13 18:45:12 60,032 ------w C:\WINDOWS\ServicePackFiles\i386\usbaudio.sys
+ 2008-04-13 18:45:40 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd.sys
+ 2008-04-13 18:45:41 25,728 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd2.sys
- 2004-08-04 06:08:46 31,616 -c----w C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys
+ 2008-04-13 18:45:39 32,128 ------w C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys
- 2004-08-04 06:08:37 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\usbehci.sys
+ 2008-04-13 18:45:35 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\usbehci.sys
- 2004-08-04 06:08:42 57,600 ------w C:\WINDOWS\ServicePackFiles\i386\usbhub.sys
+ 2008-04-13 18:45:37 59,520 ------w C:\WINDOWS\ServicePackFiles\i386\usbhub.sys
- 2004-08-04 06:08:57 16,000 -c----w C:\WINDOWS\ServicePackFiles\i386\usbintel.sys
+ 2008-04-13 18:45:43 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbintel.sys
- 2004-08-04 07:56:46 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\usbmon.dll
- 2004-08-04 06:08:36 17,024 -c----w C:\WINDOWS\ServicePackFiles\i386\usbohci.sys
+ 2008-04-13 18:45:35 17,152 ------w C:\WINDOWS\ServicePackFiles\i386\usbohci.sys
- 2004-08-04 06:08:42 142,976 -c----w C:\WINDOWS\ServicePackFiles\i386\usbport.sys
+ 2008-04-13 18:45:36 143,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbport.sys
- 2004-08-04 06:01:24 25,856 -c----w C:\WINDOWS\ServicePackFiles\i386\usbprint.sys
+ 2008-04-13 18:47:37 25,856 ------w C:\WINDOWS\ServicePackFiles\i386\usbprint.sys
- 2004-08-04 05:58:45 15,104 ------w C:\WINDOWS\ServicePackFiles\i386\usbscan.sys
+ 2008-04-13 18:45:34 15,104 ------w C:\WINDOWS\ServicePackFiles\i386\usbscan.sys
- 2004-08-04 06:08:42 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\usbser.sys
+ 2008-04-13 18:45:36 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\usbser.sys
- 2004-08-04 06:08:46 26,496 -c----w C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
+ 2008-04-13 18:45:38 26,368 ------w C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
- 2004-08-04 06:08:37 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\usbuhci.sys
+ 2008-04-13 18:45:35 20,608 ------w C:\WINDOWS\ServicePackFiles\i386\usbuhci.sys
- 2004-08-04 07:56:46 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\usbui.dll
+ 2008-04-14 00:12:08 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\usbui.dll
- 2004-08-04 06:10:10 78,464 -c----w C:\WINDOWS\ServicePackFiles\i386\usbvideo.sys
+ 2008-04-13 18:46:20 121,984 ------w C:\WINDOWS\ServicePackFiles\i386\usbvideo.sys
- 2004-08-04 07:56:46 577,024 -c----w C:\WINDOWS\ServicePackFiles\i386\user32.dll
+ 2008-04-14 00:12:08 578,560 ------w C:\WINDOWS\ServicePackFiles\i386\user32.dll
- 2004-08-04 07:56:46 723,456 ------w C:\WINDOWS\ServicePackFiles\i386\userenv.dll
+ 2008-04-14 00:12:08 727,040 ------w C:\WINDOWS\ServicePackFiles\i386\userenv.dll
- 2004-08-04 07:56:57 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\userinit.exe
+ 2008-04-14 00:12:38 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\userinit.exe
- 2004-08-04 07:56:46 406,528 ------w C:\WINDOWS\ServicePackFiles\i386\usp10.dll
+ 2008-04-14 00:12:08 406,016 ------w C:\WINDOWS\ServicePackFiles\i386\usp10.dll
- 2004-08-04 07:56:57 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 00:12:38 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\utilman.exe
- 2004-08-04 07:56:46 218,624 ------w C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ------w C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll
- 2004-08-04 07:56:46 30,749 -c----w C:\WINDOWS\ServicePackFiles\i386\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ------w C:\WINDOWS\ServicePackFiles\i386\vbajet32.dll
- 2004-08-04 07:56:46 417,792 ------w C:\WINDOWS\ServicePackFiles\i386\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ------w C:\WINDOWS\ServicePackFiles\i386\vbscript.dll
- 2004-08-04 07:56:46 11,325 -c----w C:\WINDOWS\ServicePackFiles\i386\vchnt5.dll
+ 2008-04-14 00:12:08 11,325 ------w C:\WINDOWS\ServicePackFiles\i386\vchnt5.dll
- 2004-08-04 07:56:46 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\vdmdbg.dll
- 2004-08-04 07:56:46 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:38 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\verclsid.exe
+ 2008-04-14 00:12:08 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\verifier.dll
- 2004-08-04 07:56:46 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\version.dll
+ 2008-04-14 00:12:08 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\version.dll
- 2004-08-04 07:56:46 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\vfwwdm32.dll
+ 2008-04-14 00:12:08 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\vfwwdm32.dll
- 2004-08-04 06:07:06 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\vga.sys
+ 2008-04-13 18:44:40 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\vga.sys
- 2004-08-04 07:56:46 848,384 -c----w C:\WINDOWS\ServicePackFiles\i386\vgx.dll
+ 2008-04-14 00:12:08 851,968 ------w C:\WINDOWS\ServicePackFiles\i386\vgx.dll
- 2004-08-04 06:07:42 42,240 -c----w C:\WINDOWS\ServicePackFiles\i386\viaagp.sys
+ 2008-04-13 18:36:40 42,240 ------w C:\WINDOWS\ServicePackFiles\i386\viaagp.sys
- 2004-08-04 05:59:42 5,376 -c----w C:\WINDOWS\ServicePackFiles\i386\viaide.sys
+ 2008-04-13 18:40:31 5,376 ------w C:\WINDOWS\ServicePackFiles\i386\viaide.sys
- 2004-08-04 06:07:05 79,744 -c----w C:\WINDOWS\ServicePackFiles\i386\videoprt.sys
+ 2008-04-13 18:44:40 81,664 ------w C:\WINDOWS\ServicePackFiles\i386\videoprt.sys
- 2004-08-04 07:56:46 131,584 ------w C:\WINDOWS\ServicePackFiles\i386\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ------w C:\WINDOWS\ServicePackFiles\i386\viewprov.dll
- 2004-08-04 06:00:16 52,352 -c----w C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
+ 2008-04-13 18:41:01 52,352 ------w C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
- 2004-08-04 07:56:46 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\vssapi.dll
- 2004-08-04 07:56:57 289,792 ------w C:\WINDOWS\ServicePackFiles\i386\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ------w C:\WINDOWS\ServicePackFiles\i386\vssvc.exe
- 2004-08-04 07:56:46 174,592 ------w C:\WINDOWS\ServicePackFiles\i386\w32time.dll
+ 2008-04-14 00:12:08 175,104 ------w C:\WINDOWS\ServicePackFiles\i386\w32time.dll
- 2004-08-04 07:56:46 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\w3ssl.dll
- 2004-08-04 07:56:46 483,840 -c----w C:\WINDOWS\ServicePackFiles\i386\w95upgnt.dll
+ 2008-04-14 00:12:08 483,840 ------w C:\WINDOWS\ServicePackFiles\i386\w95upgnt.dll
- 2004-08-04 07:56:57 46,080 ------w C:\WINDOWS\ServicePackFiles\i386\wab.exe
+ 2008-04-14 00:12:38 46,080 ------w C:\WINDOWS\ServicePackFiles\i386\wab.exe
- 2004-08-04 07:56:46 504,832 ------w C:\WINDOWS\ServicePackFiles\i386\wab32.dll
+ 2008-04-14 00:12:08 510,976 ------w C:\WINDOWS\ServicePackFiles\i386\wab32.dll
- 2004-08-04 07:56:34 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\wab32res.dll
+ 2008-04-13 16:21:48 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\wab32res.dll
- 2004-08-04 07:56:46 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\wabfind.dll
+ 2008-04-14 00:12:08 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\wabfind.dll
- 2004-08-04 07:56:46 84,992 ------w C:\WINDOWS\ServicePackFiles\i386\wabimp.dll
+ 2008-04-14 00:12:08 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\wabimp.dll
- 2004-08-04 07:56:57 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\wabmig.exe
+ 2008-04-14 00:12:39 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\wabmig.exe
- 2004-08-04 06:04:52 13,568 -c----w C:\WINDOWS\ServicePackFiles\i386\wacompen.sys
+ 2008-04-13 18:43:55 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\wacompen.sys
- 2004-08-04 06:04:57 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\wanarp.sys
+ 2008-04-13 18:57:21 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\wanarp.sys
- 2004-08-04 06:07:32 17,664 -c----w C:\WINDOWS\ServicePackFiles\i386\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ------w C:\WINDOWS\ServicePackFiles\i386\watchdog.sys
+ 2008-04-14 00:12:08 215,552 ------w C:\WINDOWS\ServicePackFiles\i386\wavemsp.dll
- 2004-08-04 07:56:46 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcntl.dll
- 2004-08-04 07:56:46 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcomn.dll
- 2004-08-04 07:56:46 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcons.dll
- 2004-08-04 07:56:46 530,944 -c----w C:\WINDOWS\ServicePackFiles\i386\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcore.dll
- 2004-08-04 07:56:46 178,176 -c----w C:\WINDOWS\ServicePackFiles\i386\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ------w C:\WINDOWS\ServicePackFiles\i386\wbemdisp.dll
- 2004-08-04 07:56:46 273,920 -c----w C:\WINDOWS\ServicePackFiles\i386\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ------w C:\WINDOWS\ServicePackFiles\i386\wbemess.dll
- 2004-08-04 07:56:46 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\wbemperf.dll
- 2004-08-04 07:56:46 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\wbemprox.dll
- 2004-08-04 07:56:46 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\wbemsvc.dll
- 2004-08-04 07:56:57 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe
- 2004-08-04 07:56:46 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\wbemupgd.dll
- 2004-08-04 06:08:46 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\wceusbsh.sys
+ 2008-04-13 18:45:38 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\wceusbsh.sys
- 2004-08-04 07:56:46 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\wdigest.dll
- 2004-08-04 07:56:57 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.drv
- 2004-08-04 06:15:04 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.sys
+ 2008-04-13 19:17:18 83,072 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.sys
- 2004-08-04 07:56:46 276,480 -c----w C:\WINDOWS\ServicePackFiles\i386\webcheck.dll
+ 2008-04-14 00:12:08 276,480 ------w C:\WINDOWS\ServicePackFiles\i386\webcheck.dll
- 2004-08-04 07:56:46 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\webclnt.dll
- 2004-08-04 07:56:46 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\webvw.dll
+ 2008-04-14 00:12:08 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\webvw.dll
- 2004-08-04 07:56:57 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 00:12:39 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\wextract.exe
- 2004-08-04 07:56:57 433,664 ------w C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ------w C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe
- 2004-08-04 07:56:46 463,360 ------w C:\WINDOWS\ServicePackFiles\i386\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ------w C:\WINDOWS\ServicePackFiles\i386\wiadefui.dll
- 2004-08-04 07:56:46 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\wiadss.dll
- 2004-08-04 07:56:46 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\wiascr.dll
- 2004-08-04 07:56:46 333,312 ------w C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ------w C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll
- 2004-08-04 07:56:46 589,312 -c----w C:\WINDOWS\ServicePackFiles\i386\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ------w C:\WINDOWS\ServicePackFiles\i386\wiashext.dll
- 2004-08-04 07:56:46 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 712,704 ------w C:\WINDOWS\ServicePackFiles\i386\wic.dll
+ 2008-04-14 00:12:08 346,112 ------w C:\WINDOWS\ServicePackFiles\i386\wicext.dll
- 2004-08-04 06:17:40 1,835,904 -c----w C:\WINDOWS\ServicePackFiles\i386\win32k.sys
+ 2008-04-13 19:30:10 1,845,632 ------w C:\WINDOWS\ServicePackFiles\i386\win32k.sys
- 2004-08-04 07:56:46 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\win32spl.dll
- 2004-08-04 07:56:35 937,984 ------w C:\WINDOWS\ServicePackFiles\i386\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ------w C:\WINDOWS\ServicePackFiles\i386\winbrand.dll
- 2004-08-04 07:56:57 283,648 ------w C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ------w C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe
- 2004-08-04 07:56:46 351,232 -c----w C:\WINDOWS\ServicePackFiles\i386\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ------w C:\WINDOWS\ServicePackFiles\i386\winhttp.dll
- 2004-08-04 07:56:46 656,384 ------w C:\WINDOWS\ServicePackFiles\i386\wininet.dll
+ 2008-04-14 00:12:08 666,112 ------w C:\WINDOWS\ServicePackFiles\i386\wininet.dll
- 2004-08-04 07:56:46 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\winipsec.dll
- 2004-08-04 07:56:57 502,272 ------w C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ------w C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
- 2004-08-04 07:56:46 176,128 ------w C:\WINDOWS\ServicePackFiles\i386\winmm.dll
+ 2008-04-14 00:12:09 176,128 ------w C:\WINDOWS\ServicePackFiles\i386\winmm.dll
- 2004-08-04 07:56:35 764,928 -c----w C:\WINDOWS\ServicePackFiles\i386\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ------w C:\WINDOWS\ServicePackFiles\i386\winntbbu.dll
- 2004-08-04 07:56:46 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
- 2004-08-04 07:56:46 99,328 ------w C:\WINDOWS\ServicePackFiles\i386\winscard.dll
+ 2008-04-14 00:12:09 99,328 ------w C:\WINDOWS\ServicePackFiles\i386\winscard.dll
- 2004-08-04 07:56:46 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\winshfhc.dll
- 2004-08-04 07:56:57 146,432 -c----w C:\WINDOWS\ServicePackFiles\i386\winspool.drv
+ 2008-04-14 00:12:45 146,432 ------w C:\WINDOWS\ServicePackFiles\i386\winspool.drv
- 2004-08-04 07:56:46 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ------w C:\WINDOWS\ServicePackFiles\i386\winsrv.dll
- 2004-08-04 07:56:46 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\winsta.dll
+ 2008-04-14 00:12:09 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\winsta.dll
- 2004-08-04 07:56:46 176,640 ------w C:\WINDOWS\ServicePackFiles\i386\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ------w C:\WINDOWS\ServicePackFiles\i386\wintrust.dll
- 2004-08-04 07:56:57 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\winver.exe
+ 2008-04-14 00:12:40 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\winver.exe
- 2004-08-04 07:56:46 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\wlanapi.dll
- 2004-08-04 07:56:46 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\wldap32.dll
- 2004-08-04 07:56:46 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\wlnotify.dll
- 2004-08-04 07:56:35 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmi.dll
+ 2008-04-14 00:11:15 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmi.dll
- 2004-08-04 06:07:41 8,832 -c----w C:\WINDOWS\ServicePackFiles\i386\wmiacpi.sys
+ 2008-04-13 18:36:38 8,832 ------w C:\WINDOWS\ServicePackFiles\i386\wmiacpi.sys
- 2004-08-04 07:56:57 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe
- 2004-08-04 07:56:35 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapres.dll
- 2004-08-04 07:56:46 89,088 ------w C:\WINDOWS\ServicePackFiles\i386\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\wmiaprpl.dll
- 2004-08-04 07:56:57 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe
- 2004-08-04 07:56:46 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\wmicookr.dll
- 2004-08-04 07:56:46 140,800 ------w C:\WINDOWS\ServicePackFiles\i386\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ------w C:\WINDOWS\ServicePackFiles\i386\wmidcprv.dll
- 2004-08-04 07:56:46 156,672 ------w C:\WINDOWS\ServicePackFiles\i386\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ------w C:\WINDOWS\ServicePackFiles\i386\wmipcima.dll
- 2004-08-04 07:56:46 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmipdskq.dll
- 2004-08-04 07:56:46 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\wmipiprt.dll
- 2004-08-04 07:56:46 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmipjobj.dll
- 2004-08-04 07:56:46 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprov.dll
- 2004-08-04 07:56:46 437,248 -c----w C:\WINDOWS\ServicePackFiles\i386\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvsd.dll
- 2004-08-04 07:56:57 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe
- 2004-08-04 07:56:46 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\wmipsess.dll
- 2004-08-04 07:56:46 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmisvc.dll
- 2004-08-04 07:56:46 95,232 ------w C:\WINDOWS\ServicePackFiles\i386\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ------w C:\WINDOWS\ServicePackFiles\i386\wmiutils.dll
- 2004-08-04 07:56:46 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ae.dll
+ 2008-04-14 00:12:09 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ae.dll
- 2004-08-04 07:56:46 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2eres.dll
+ 2008-04-14 00:12:09 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2eres.dll
- 2004-08-04 07:56:46 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ext.dll
+ 2008-04-14 00:12:09 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ext.dll
- 2004-08-04 07:56:46 402,432 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2filt.dll
+ 2008-04-14 00:12:09 402,432 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2filt.dll
- 2004-08-04 07:56:46 502,272 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxa.dll
+ 2008-04-14 00:12:09 502,272 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxa.dll
- 2004-08-04 07:56:46 325,632 -c----w C:\WINDOWS\ServicePackFiles\i386\wmm2fxb.dll
+ 2008-04-14 00:12:09 325,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxb.dll
- 2004-08-04 07:56:46 4,256,768 -c----w C:\WINDOWS\ServicePackFiles\i386\wmm2res.dll
+ 2008-04-14 00:12:09 4,256,768 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res.dll
- 2004-08-04 07:56:46 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 276,992 ------w C:\WINDOWS\ServicePackFiles\i386\wmphoto.dll
- 2004-08-04 07:56:57 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wordpad.exe
+ 2008-04-14 00:12:40 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wordpad.exe
- 2004-08-04 07:56:46 264,192 -c----w C:\WINDOWS\ServicePackFiles\i386\wow32.dll
+ 2008-04-14 00:12:10 264,192 ------w C:\WINDOWS\ServicePackFiles\i386\wow32.dll
- 2004-08-04 07:56:57 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe
- 2004-08-04 07:56:57 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe
- 2004-08-04 07:56:46 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
- 2004-08-04 07:56:46 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ws2help.dll
- 2004-08-04 07:56:57 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe
- 2004-08-04 07:56:57 114,688 ------w C:\WINDOWS\ServicePackFiles\i386\wscript.exe
+ 2008-04-14 00:12:41 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\wscript.exe
- 2004-08-04 07:56:46 81,408 ------w C:\WINDOWS\ServicePackFiles\i386\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\wscsvc.dll
- 2004-08-04 07:56:46 108,032 ------w C:\WINDOWS\ServicePackFiles\i386\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ------w C:\WINDOWS\ServicePackFiles\i386\wshbth.dll
- 2004-08-04 07:56:46 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\wshcon.dll
- 2004-08-04 07:56:46 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\wshext.dll
+ 2008-04-14 00:12:10 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\wshext.dll
- 2004-08-04 07:56:46 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\wship6.dll
+ 2008-04-14 00:12:10 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\wship6.dll
- 2004-08-04 07:56:46 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\wshirda.dll
+ 2008-04-14 00:12:10 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\wshirda.dll
- 2004-08-04 07:56:46 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\wshrm.dll
+ 2008-04-14 00:12:10 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\wshrm.dll
- 2004-08-04 07:56:46 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\wshtcpip.dll
- 2004-08-04 07:56:46 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ------w C:\WINDOWS\ServicePackFiles\i386\wsnmp32.dll
- 2004-08-04 07:56:46 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\wsock32.dll
- 2004-08-04 06:10:21 19,328 -c----w C:\WINDOWS\ServicePackFiles\i386\wstcodec.sys
+ 2008-04-13 18:46:24 19,200 ------w C:\WINDOWS\ServicePackFiles\i386\wstcodec.sys
- 2004-08-04 07:56:46 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\wstdecod.dll
- 2004-08-04 07:56:46 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\wtsapi32.dll
- 2004-08-04 07:56:46 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\wuapi.dll
+ 2008-04-14 00:12:10 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\wuapi.dll
- 2004-08-04 07:56:57 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe
+ 2008-04-14 00:12:41 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe
- 2004-08-04 07:56:57 165,888 -c----w C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe
+ 2008-04-14 00:12:41 165,888 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe
- 2004-08-04 07:56:46 1,134,592 -c----w C:\WINDOWS\ServicePackFiles\i386\wuaueng.dll
+ 2008-04-14 00:12:11 1,135,616 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng.dll
- 2004-08-04 07:56:46 183,296 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng1.dll
+ 2008-04-14 00:12:11 183,296 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng1.dll
- 2004-08-04 07:56:46 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wuauserv.dll
- 2004-08-04 07:56:46 112,640 ------w C:\WINDOWS\ServicePackFiles\i386\wucltui.dll
+ 2008-04-14 00:12:11 112,640 ------w C:\WINDOWS\ServicePackFiles\i386\wucltui.dll
- 2004-08-04 07:56:46 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\wups.dll
+ 2008-04-14 00:12:11 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wups.dll
- 2004-08-04 07:56:46 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\wuweb.dll
+ 2008-04-14 00:12:11 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\wuweb.dll
- 2004-08-04 07:56:46 378,368 -c----w C:\WINDOWS\ServicePackFiles\i386\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ------w C:\WINDOWS\ServicePackFiles\i386\wzcdlg.dll
- 2004-08-04 07:56:46 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsapi.dll
- 2004-08-04 07:56:46 359,936 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsvc.dll
- 2004-08-04 07:56:46 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\xactsrv.dll
- 2004-08-04 07:56:57 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\xcopy.exe
+ 2008-04-14 00:12:11 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\xmllite.dll
- 2004-08-04 07:56:46 129,536 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll
- 2004-08-04 07:56:46 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprovi.dll
- 2004-08-04 07:56:46 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe
- 2004-08-04 07:56:36 438,784 -c----w C:\WINDOWS\ServicePackFiles\i386\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ------w C:\WINDOWS\ServicePackFiles\i386\xpob2res.dll
- 2004-08-04 07:56:36 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp1res.dll
- 2004-08-04 07:56:36 2,897,920 -c----w C:\WINDOWS\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:26 689,152 ------w C:\WINDOWS\ServicePackFiles\i386\xpsp3res.dll
+ 2008-04-14 00:12:11 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\xrxscnui.dll
- 2004-08-04 07:56:46 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\xrxwiadr.dll
+ 2008-04-14 00:12:11 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\xrxwiadr.dll
- 2004-08-04 07:56:46 337,920 -c----w C:\WINDOWS\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ------w C:\WINDOWS\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:11:51 33,792 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\custsat.dll
+ 2008-04-14 00:11:59 82,944 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msgslang.dll
+ 2008-04-14 00:12:28 1,695,232 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
- 2004-08-04 07:56:56 32,866 -c----w C:\WINDOWS\slrundll.exe
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\slrundll.exe
- 2004-08-04 07:56:43 3,166,208 -c--a-w C:\WINDOWS\srchasst\msgr3en.dll
+ 2008-04-14 00:11:59 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
- 2004-08-04 07:56:45 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
+ 2008-04-14 00:12:06 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
- 2004-08-04 07:56:45 725,566 ----a-w C:\WINDOWS\srchasst\srchui.dll
+ 2008-04-14 00:12:07 726,078 ----a-w C:\WINDOWS\srchasst\srchui.dll
+ 2000-08-31 14:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 14:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 14:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2002-08-29 12:00:00 2,000 -c--a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2002-08-29 12:00:00 2,032 -c--a-w C:\WINDOWS\system\MOUSE.DRV
+ 2002-08-29 12:00:00 1,744 -c--a-w C:\WINDOWS\system\SOUND.DRV
+ 2002-08-29 12:00:00 2,176 -c--a-w C:\WINDOWS\system\VGA.DRV
- 2004-08-04 07:56:57 146,432 -c--a-w C:\WINDOWS\system\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w C:\WINDOWS\system\winspool.drv
- 2006-08-16 11:58:05 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2008-04-14 00:11:48 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w C:\WINDOWS\system32\aaclient.dll
- 2004-08-04 07:56:47 183,808 ----a-w C:\WINDOWS\system32\accwiz.exe
+ 2008-04-14 00:12:11 184,320 ----a-w C:\WINDOWS\system32\accwiz.exe
- 2004-08-04 07:56:41 114,688 ----a-w C:\WINDOWS\system32\aclui.dll
+ 2008-04-14 00:11:48 115,712 ----a-w C:\WINDOWS\system32\aclui.dll
- 2004-08-04 07:56:41 194,048 ----a-w C:\WINDOWS\system32\activeds.dll
+ 2008-04-14 00:11:48 193,536 ----a-w C:\WINDOWS\system32\activeds.dll
- 2004-08-04 07:56:47 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
+ 2008-04-14 00:12:12 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
- 2004-08-04 07:56:41 101,888 ----a-w C:\WINDOWS\system32\actxprxy.dll
+ 2008-04-14 00:11:48 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
- 2004-08-04 07:56:41 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2008-04-14 00:11:48 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-04 07:56:41 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
+ 2008-04-14 00:11:48 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
- 2004-08-04 07:56:41 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
+ 2008-04-14 00:11:48 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
- 2004-08-04 07:56:41 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
+ 2008-04-14 00:11:48 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
- 2004-08-04 07:56:41 263,680 -c--a-w C:\WINDOWS\system32\adsnt.dll
+ 2008-04-14 00:11:48 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
- 2004-08-04 07:56:41 616,960 ----a-w C:\WINDOWS\system32\advapi32.dll
+ 2008-04-14 00:11:48 617,472 ----a-w C:\WINDOWS\system32\advapi32.dll
- 2004-08-04 07:56:41 99,840 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-14 00:11:48 99,840 ----a-w C:\WINDOWS\system32\advpack.dll
- 2004-08-04 07:56:47 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
+ 2008-04-14 00:12:12 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
- 2004-08-04 07:56:47 44,544 ----a-w C:\WINDOWS\system32\alg.exe
+ 2008-04-14 00:12:12 44,544 ----a-w C:\WINDOWS\system32\alg.exe
- 2004-08-04 07:56:41 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
+ 2008-04-14 00:11:49 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
- 2004-08-04 07:56:41 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
+ 2008-04-14 00:11:49 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
- 2004-08-04 07:56:41 126,976 ----a-w C:\WINDOWS\system32\apphelp.dll
+ 2008-04-14 00:11:49 125,952 ----a-w C:\WINDOWS\system32\apphelp.dll
- 2004-08-04 07:56:41 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
+ 2008-04-14 00:11:49 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
- 2004-08-04 07:56:47 25,088 ----a-w C:\WINDOWS\system32\at.exe
+ 2008-04-14 00:12:12 25,088 ----a-w C:\WINDOWS\system32\at.exe
- 2004-08-04 07:56:41 229,376 ------w C:\WINDOWS\system32\ati2cqag.dll
+ 2008-04-14 00:11:49 229,376 ------w C:\WINDOWS\system32\ati2cqag.dll
- 2004-08-04 07:56:41 377,984 -c----w C:\WINDOWS\system32\ati2dvaa.dll
+ 2008-04-14 00:11:49 377,984 ------w C:\WINDOWS\system32\ati2dvaa.dll
- 2004-08-04 07:56:41 201,728 ------w C:\WINDOWS\system32\ati2dvag.dll
+ 2008-04-14 00:11:49 201,728 ------w C:\WINDOWS\system32\ati2dvag.dll
- 2004-08-04 07:56:41 870,784 -c----w C:\WINDOWS\system32\ati3d1ag.dll
+ 2008-04-14 00:11:49 870,784 ------w C:\WINDOWS\system32\ati3d1ag.dll
- 2004-08-04 07:56:41 1,888,992 -c----w C:\WINDOWS\system32\ati3duag.dll
+ 2008-04-14 00:11:50 1,888,992 ------w C:\WINDOWS\system32\ati3duag.dll
- 2004-08-04 07:56:41 32,768 ------w C:\WINDOWS\system32\ativtmxx.dll
+ 2008-04-14 00:11:50 32,768 ------w C:\WINDOWS\system32\ativtmxx.dll
- 2004-08-04 07:56:41 516,768 -c----w C:\WINDOWS\system32\ativvaxx.dll
+ 2008-04-14 00:11:50 516,768 ------w C:\WINDOWS\system32\ativvaxx.dll
- 2004-08-04 07:56:41 58,880 ----a-w C:\WINDOWS\system32\atl.dll
+ 2008-04-14 00:11:50 58,880 ----a-w C:\WINDOWS\system32\atl.dll
- 2004-08-04 07:56:47 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
+ 2008-04-14 00:12:12 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
- 2004-08-04 07:55:59 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
+ 2008-04-14 00:09:01 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
- 2004-08-04 07:56:41 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
+ 2008-04-14 00:11:50 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
- 2002-08-29 12:00:00 11,264 ----a-w C:\WINDOWS\system32\attrib.exe
+ 2008-04-14 00:12:12 12,288 ----a-w C:\WINDOWS\system32\attrib.exe
- 2004-08-04 07:56:41 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
+ 2008-04-14 00:11:50 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
- 2004-08-04 07:56:47 14,336 ------w C:\WINDOWS\system32\auditusr.exe
+ 2008-04-14 00:12:12 14,336 ------w C:\WINDOWS\system32\auditusr.exe
- 2005-03-02 18:09:29 56,832 ----a-w C:\WINDOWS\system32\authz.dll
+ 2008-04-14 00:11:50 62,464 ----a-w C:\WINDOWS\system32\authz.dll
- 2004-08-04 07:56:47 588,800 ----a-w C:\WINDOWS\system32\autochk.exe
+ 2008-04-14 00:12:12 588,800 ----a-w C:\WINDOWS\system32\autochk.exe
- 2004-08-04 07:56:47 602,624 -c--a-w C:\WINDOWS\system32\autoconv.exe
+ 2008-04-14 00:12:12 602,624 ----a-w C:\WINDOWS\system32\autoconv.exe
- 2004-08-04 07:56:47 580,608 -c--a-w C:\WINDOWS\system32\autofmt.exe
+ 2008-04-14 00:12:13 580,608 ----a-w C:\WINDOWS\system32\autofmt.exe
- 2004-08-04 07:56:47 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
+ 2008-04-14 00:12:13 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
- 2004-08-04 07:56:41 84,992 ----a-w C:\WINDOWS\system32\avifil32.dll
+ 2008-04-14 00:11:50 84,992 ----a-w C:\WINDOWS\system32\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w C:\WINDOWS\system32\azroles.dll
- 2004-08-04 07:56:41 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
+ 2008-04-14 00:11:50 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
- 2004-08-04 07:56:41 28,672 ----a-w C:\WINDOWS\system32\batmeter.dll
+ 2008-04-14 00:11:50 29,184 ----a-w C:\WINDOWS\system32\batmeter.dll
- 2004-08-04 07:56:41 8,704 ----a-w C:\WINDOWS\system32\batt.dll
+ 2008-04-14 00:11:50 8,704 ----a-w C:\WINDOWS\system32\batt.dll
- 2004-08-04 07:56:41 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
+ 2008-04-14 00:11:50 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
+ 2007-01-04 01:03:21 2,560 ----a-w C:\WINDOWS\system32\BitCometRes.dll
- 2004-07-01 22:08:18 361,984 -c----w C:\WINDOWS\system32\bits\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ------w C:\WINDOWS\system32\bits\qmgr.dll
- 2004-08-04 07:56:41 8,192 ------w C:\WINDOWS\system32\bitsprx2.dll
+ 2008-04-14 00:11:50 8,192 ------w C:\WINDOWS\system32\bitsprx2.dll
- 2004-08-04 07:56:41 7,168 ------w C:\WINDOWS\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w C:\WINDOWS\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w C:\WINDOWS\system32\bitsprx4.dll
- 2004-08-04 07:56:47 71,680 ------w C:\WINDOWS\system32\blastcln.exe
+ 2008-04-14 00:12:13 71,680 ------w C:\WINDOWS\system32\blastcln.exe
- 2004-08-04 07:55:59 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
+ 2008-04-13 17:03:24 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
- 2004-08-04 07:56:41 77,312 ----a-w C:\WINDOWS\system32\browser.dll
+ 2008-04-14 00:11:50 77,824 ----a-w C:\WINDOWS\system32\browser.dll
- 2007-12-07 01:07:12 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-04-14 00:11:50 1,025,024 ----a-w C:\WINDOWS\system32\browseui.dll
- 2004-08-04 07:56:41 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
+ 2008-04-14 00:11:50 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
- 2004-08-04 07:56:41 20,992 ------w C:\WINDOWS\system32\bthci.dll
+ 2008-04-14 00:11:50 20,992 ------w C:\WINDOWS\system32\bthci.dll
- 2004-08-04 07:56:41 30,208 ------w C:\WINDOWS\system32\bthserv.dll
+ 2008-04-14 00:11:50 30,208 ------w C:\WINDOWS\system32\bthserv.dll
- 2004-08-04 07:56:41 50,688 ------w C:\WINDOWS\system32\btpanui.dll
+ 2008-04-14 00:11:50 50,688 ------w C:\WINDOWS\system32\btpanui.dll
- 2002-08-29 12:00:00 218,112 ----a-w C:\WINDOWS\system32\c_g18030.dll
+ 2008-04-14 00:11:50 218,112 ----a-w C:\WINDOWS\system32\c_g18030.dll
- 2004-08-04 07:56:41 59,904 ----a-w C:\WINDOWS\system32\cabinet.dll
+ 2008-04-14 00:11:50 60,416 ----a-w C:\WINDOWS\system32\cabinet.dll
- 2004-08-04 07:56:41 84,480 ----a-w C:\WINDOWS\system32\cabview.dll
+ 2008-04-14 00:11:50 84,480 ----a-w C:\WINDOWS\system32\cabview.dll
- 2002-08-29 12:00:00 18,432 ----a-w C:\WINDOWS\system32\cacls.exe
+ 2008-04-14 00:12:13 19,968 ----a-w C:\WINDOWS\system32\cacls.exe
- 2004-08-04 07:56:41 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
+ 2008-04-14 00:11:50 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
- 2002-08-29 12:00:00 142,848 ----a-w C:\WINDOWS\system32\capesnpn.dll
+ 2008-04-14 00:11:50 150,016 ----a-w C:\WINDOWS\system32\capesnpn.dll
- 2005-07-26 04:39:42 225,792 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2008-04-14 00:11:50 226,304 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2004-08-04 07:56:41 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
+ 2008-04-14 00:11:50 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
- 2005-07-26 04:39:43 625,152 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2008-04-14 00:11:50 625,664 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2007-12-07 01:07:12 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-04-14 00:11:50 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2005-09-10 01:53:41 2,067,968 -c--a-w C:\WINDOWS\system32\cdosys.dll
+ 2008-04-14 00:11:50 2,091,520 ----a-w C:\WINDOWS\system32\cdosys.dll
- 2004-08-04 07:56:41 194,560 ----a-w C:\WINDOWS\system32\certcli.dll
+ 2008-04-14 00:11:50 194,560 ----a-w C:\WINDOWS\system32\certcli.dll
- 2004-08-04 07:56:41 457,728 -c--a-w C:\WINDOWS\system32\certmgr.dll
+ 2008-04-14 00:11:50 457,728 ----a-w C:\WINDOWS\system32\certmgr.dll
- 2004-08-04 07:56:41 38,912 ----a-w C:\WINDOWS\system32\cfgbkend.dll
+ 2008-04-14 00:11:50 38,912 ----a-w C:\WINDOWS\system32\cfgbkend.dll
- 2004-08-04 07:56:00 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
+ 2008-04-14 00:09:05 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
- 2002-08-29 12:00:00 109,568 ----a-w C:\WINDOWS\system32\cic.dll
+ 2008-04-14 00:11:50 148,480 ----a-w C:\WINDOWS\system32\cic.dll
- 2006-06-22 05:06:29 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2008-04-14 00:11:50 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2004-08-04 07:56:47 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
+ 2008-04-14 00:12:14 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
- 2005-07-26 04:39:43 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2008-04-14 00:11:50 110,592 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2005-07-26 04:39:43 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2008-04-14 00:11:50 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2004-08-04 07:56:47 64,000 ----a-w C:\WINDOWS\system32\cleanmgr.exe
+ 2008-04-14 00:12:14 64,000 ----a-w C:\WINDOWS\system32\cleanmgr.exe
- 2004-08-04 07:56:41 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
+ 2008-04-14 00:11:50 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
- 2004-08-04 07:56:47 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
+ 2008-04-14 00:12:14 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
- 2004-08-04 07:56:47 102,912 ----a-w C:\WINDOWS\system32\clipbrd.exe
+ 2008-04-14 00:12:14 102,912 ----a-w C:\WINDOWS\system32\clipbrd.exe
- 2004-08-04 07:56:47 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
+ 2008-04-14 00:12:14 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
- 2004-08-04 07:56:41 57,856 ----a-w C:\WINDOWS\system32\clusapi.dll
+ 2008-04-14 00:11:50 58,368 ----a-w C:\WINDOWS\system32\clusapi.dll
- 2004-08-04 07:56:41 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
+ 2008-04-14 00:11:50 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
- 2004-08-04 07:56:48 388,608 ----a-w C:\WINDOWS\system32\cmd.exe
+ 2008-04-14 00:12:14 389,120 ----a-w C:\WINDOWS\system32\cmd.exe
- 2004-08-04 07:56:41 343,040 -c--a-w C:\WINDOWS\system32\cmdial32.dll
+ 2008-04-14 00:11:50 344,064 ----a-w C:\WINDOWS\system32\cmdial32.dll
- 2004-08-04 07:56:48 47,104 ----a-w C:\WINDOWS\system32\cmdl32.exe
+ 2008-04-14 00:12:14 25,600 ----a-w C:\WINDOWS\system32\cmdl32.exe
- 2004-08-04 07:56:48 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe
+ 2008-04-14 00:12:15 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe
- 2004-08-04 07:56:41 185,344 -c--a-w C:\WINDOWS\system32\cmprops.dll
+ 2008-04-14 00:11:50 185,344 ----a-w C:\WINDOWS\system32\cmprops.dll
- 2004-08-04 07:56:41 13,824 ------w C:\WINDOWS\system32\cmsetacl.dll
+ 2008-04-14 00:11:50 13,312 ------w C:\WINDOWS\system32\cmsetacl.dll
- 2004-08-04 07:56:48 63,488 ----a-w C:\WINDOWS\system32\cmstp.exe
+ 2008-04-14 00:12:15 63,488 ----a-w C:\WINDOWS\system32\cmstp.exe
- 2004-08-04 07:56:41 39,936 ----a-w C:\WINDOWS\system32\cmutil.dll
+ 2008-04-14 00:11:50 39,424 ----a-w C:\WINDOWS\system32\cmutil.dll
- 2004-08-04 07:56:41 47,104 ----a-w C:\WINDOWS\system32\cnbjmon.dll
+ 2008-04-14 00:11:50 47,104 ----a-w C:\WINDOWS\system32\cnbjmon.dll
- 2005-07-26 04:39:43 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2008-04-14 00:11:51 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
- 2005-07-26 04:39:44 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2008-04-14 00:11:51 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2004-08-04 07:56:48 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
+ 2008-04-14 00:12:15 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
- 2002-08-29 12:00:00 5,120 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
+ 2008-04-14 00:12:15 6,144 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
- 2002-08-29 12:00:00 25,600 ----a-w C:\WINDOWS\system32\comaddin.dll
+ 2008-04-14 00:11:51 28,160 ----a-w C:\WINDOWS\system32\comaddin.dll
- 2006-08-25 15:45:58 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2008-04-14 00:11:51 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2004-08-04 07:56:41 276,992 ----a-w C:\WINDOWS\system32\comdlg32.dll
+ 2008-04-14 00:11:51 276,992 ----a-w C:\WINDOWS\system32\comdlg32.dll
- 2004-08-04 07:56:41 252,928 ----a-w C:\WINDOWS\system32\compatui.dll
+ 2008-04-14 00:11:51 252,928 ----a-w C:\WINDOWS\system32\compatui.dll
- 2004-08-04 07:56:41 229,376 ----a-w C:\WINDOWS\system32\compstui.dll
+ 2008-04-14 00:11:51 229,376 ----a-w C:\WINDOWS\system32\compstui.dll
- 2005-07-26 04:39:44 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2008-04-14 00:11:51 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2004-08-04 07:56:41 792,064 ----a-w C:\WINDOWS\system32\comres.dll
+ 2008-04-14 00:11:51 792,064 ----a-w C:\WINDOWS\system32\comres.dll
- 2002-08-29 12:00:00 147,456 ----a-w C:\WINDOWS\system32\comsnap.dll
+ 2008-04-14 00:11:51 167,424 ----a-w C:\WINDOWS\system32\comsnap.dll
- 2005-07-26 04:39:44 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2008-04-14 00:11:51 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2005-07-26 04:39:45 540,160 -c--a-w C:\WINDOWS\system32\comuid.dll
+ 2008-04-14 00:11:51 539,648 ----a-w C:\WINDOWS\system32\comuid.dll
- 2005-11-16 05:33:51 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-08-02 00:00:57 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2005-11-16 05:33:51 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-08-02 00:00:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-08-02 00:00:55 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008080120080802\index.dat
- 2005-11-16 05:33:51 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-02 00:00:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2002-08-29 12:00:00 345,600 ----a-w C:\WINDOWS\system32\confmsp.dll
+ 2008-04-14 00:11:51 357,888 ----a-w C:\WINDOWS\system32\confmsp.dll
- 2004-08-04 07:56:48 27,648 ----a-w C:\WINDOWS\system32\conime.exe
+ 2008-04-14 00:12:15 27,648 ----a-w C:\WINDOWS\system32\conime.exe
- 2004-08-04 07:56:41 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2008-04-14 00:11:51 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w C:\WINDOWS\system32\credssp.dll
- 2004-08-04 07:56:41 163,840 ----a-w C:\WINDOWS\system32\credui.dll
+ 2008-04-14 00:11:51 163,840 ----a-w C:\WINDOWS\system32\credui.dll
- 2004-08-04 07:56:41 597,504 ----a-w C:\WINDOWS\system32\crypt32.dll
+ 2008-04-14 00:11:51 599,040 ----a-w C:\WINDOWS\system32\crypt32.dll
- 2004-08-04 07:56:41 74,752 ----a-w C:\WINDOWS\system32\cryptdlg.dll
+ 2008-04-14 00:11:51 74,752 ----a-w C:\WINDOWS\system32\cryptdlg.dll
- 2004-08-04 07:56:41 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
+ 2008-04-14 00:11:51 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
- 2004-08-04 07:56:41 53,760 ----a-w C:\WINDOWS\system32\cryptext.dll
+ 2008-04-14 00:11:51 53,760 ----a-w C:\WINDOWS\system32\cryptext.dll
- 2004-08-04 07:56:41 63,488 ----a-w C:\WINDOWS\system32\cryptnet.dll
+ 2008-04-14 00:11:51 64,512 ----a-w C:\WINDOWS\system32\cryptnet.dll
- 2004-08-04 07:56:41 60,416 ----a-w C:\WINDOWS\system32\cryptsvc.dll
+ 2008-04-14 00:11:51 62,464 ----a-w C:\WINDOWS\system32\cryptsvc.dll
- 2004-08-04 07:56:41 512,512 ----a-w C:\WINDOWS\system32\cryptui.dll
+ 2008-04-14 00:11:51 512,512 ----a-w C:\WINDOWS\system32\cryptui.dll
- 2004-08-04 07:56:41 101,888 ----a-w C:\WINDOWS\system32\cscdll.dll
+ 2008-04-14 00:11:51 101,888 ----a-w C:\WINDOWS\system32\cscdll.dll
- 2004-08-04 07:56:41 326,656 ----a-w C:\WINDOWS\system32\cscui.dll
+ 2008-04-14 00:11:51 326,656 ----a-w C:\WINDOWS\system32\cscui.dll
- 2004-08-04 07:56:41 32,768 ----a-w C:\WINDOWS\system32\csrsrv.dll
+ 2008-04-14 00:11:51 32,256 ----a-w C:\WINDOWS\system32\csrsrv.dll
- 2004-08-04 07:56:48 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
+ 2008-04-14 00:12:15 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
- 2004-08-04 07:56:48 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
+ 2008-04-14 00:12:16 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
- 2004-08-04 07:56:41 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
+ 2008-04-14 00:11:51 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
- 2004-08-04 07:56:41 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
+ 2008-04-14 00:11:51 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
- 2004-08-04 07:56:41 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
+ 2008-04-14 00:11:51 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
- 2004-08-04 07:56:41 825,344 ----a-w C:\WINDOWS\system32\d3dim700.dll
+ 2008-04-14 00:11:51 824,320 ----a-w C:\WINDOWS\system32\d3dim700.dll
- 2007-12-07 01:07:12 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-04-14 00:11:51 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-04 07:56:42 54,272 ----a-w C:\WINDOWS\system32\dataclen.dll
+ 2008-04-14 00:11:51 54,272 ----a-w C:\WINDOWS\system32\dataclen.dll
- 2002-08-29 12:00:00 152,064 ----a-w C:\WINDOWS\system32\datime.dll
+ 2008-04-14 00:11:51 165,376 ----a-w C:\WINDOWS\system32\datime.dll
- 2004-08-04 07:56:42 24,576 ----a-w C:\WINDOWS\system32\davclnt.dll
+ 2008-04-14 00:11:51 25,088 ----a-w C:\WINDOWS\system32\davclnt.dll
- 2004-08-04 07:56:42 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
+ 2008-04-14 00:11:51 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
- 2004-08-04 07:56:42 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
+ 2008-04-14 00:11:51 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
- 2004-08-04 07:56:42 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
+ 2008-04-14 00:11:51 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
- 2004-08-04 07:56:42 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
+ 2008-04-14 00:11:51 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
+ 2008-04-14 00:25:26 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
- 2004-08-04 07:56:42 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
+ 2008-04-14 00:11:51 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
- 2002-08-29 12:00:00 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
+ 2008-04-14 00:12:16 6,144 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
- 2004-08-04 07:56:48 30,208 ----a-w C:\WINDOWS\system32\ddeshare.exe
+ 2008-04-14 00:12:16 30,208 ----a-w C:\WINDOWS\system32\ddeshare.exe
- 2004-08-04 07:56:42 266,240 ----a-w C:\WINDOWS\system32\ddraw.dll
+ 2008-04-14 00:11:51 279,552 ----a-w C:\WINDOWS\system32\ddraw.dll
- 2004-08-04 07:56:42 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
+ 2008-04-14 00:11:51 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
- 2004-08-04 07:56:48 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
+ 2008-04-14 00:12:16 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
- 2004-08-04 07:56:42 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
+ 2008-04-14 00:11:51 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
- 2004-08-04 07:56:42 282,624 ----a-w C:\WINDOWS\system32\devmgr.dll
+ 2008-04-14 00:11:51 282,624 ----a-w C:\WINDOWS\system32\devmgr.dll
- 2004-08-04 07:56:48 82,432 ----a-w C:\WINDOWS\system32\dfrgfat.exe
+ 2008-04-14 00:12:16 82,944 ----a-w C:\WINDOWS\system32\dfrgfat.exe
- 2004-08-04 07:56:48 104,960 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
+ 2008-04-14 00:12:16 105,472 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
- 2004-08-04 07:56:42 38,912 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
+ 2008-04-14 00:11:51 39,424 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
- 2004-08-04 07:56:42 123,904 ----a-w C:\WINDOWS\system32\dfrgui.dll
+ 2008-04-14 00:11:51 124,416 ----a-w C:\WINDOWS\system32\dfrgui.dll
- 2004-08-04 07:56:42 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
+ 2008-04-14 00:11:51 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
- 2004-08-04 07:56:42 111,104 ----a-w C:\WINDOWS\system32\dgnet.dll
+ 2008-04-14 00:11:51 111,104 ----a-w C:\WINDOWS\system32\dgnet.dll
- 2006-05-19 12:59:41 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2008-04-14 00:11:51 126,976 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2002-08-29 12:00:00 370,176 ----a-w C:\WINDOWS\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 379,904 ----a-w C:\WINDOWS\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w C:\WINDOWS\system32\dhcpqec.dll
- 2004-08-04 07:56:48 85,504 ----a-w C:\WINDOWS\system32\diantz.exe
+ 2008-04-14 00:12:17 87,040 ----a-w C:\WINDOWS\system32\diantz.exe
- 2004-08-04 07:56:42 68,608 ----a-w C:\WINDOWS\system32\digest.dll
+ 2008-04-14 00:11:52 68,608 ----a-w C:\WINDOWS\system32\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w C:\WINDOWS\system32\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\system32\dimsroam.dll
- 2004-08-04 07:56:42 159,232 ----a-w C:\WINDOWS\system32\dinput.dll
+ 2008-04-14 00:11:52 158,720 ----a-w C:\WINDOWS\system32\dinput.dll
- 2004-08-04 07:56:42 181,760 -c--a-w C:\WINDOWS\system32\dinput8.dll
+ 2008-04-14 00:11:52 181,760 ----a-w C:\WINDOWS\system32\dinput8.dll
- 2002-08-29 12:00:00 1,501,696 ----a-w C:\WINDOWS\system32\diskcopy.dll
+ 2008-04-14 00:11:52 1,504,256 ----a-w C:\WINDOWS\system32\diskcopy.dll
- 2004-08-04 07:56:48 163,840 ----a-w C:\WINDOWS\system32\diskpart.exe
+ 2008-04-14 00:12:17 163,840 ----a-w C:\WINDOWS\system32\diskpart.exe
- 2002-08-29 12:00:00 45,083 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2008-04-14 00:11:52 32,768 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2008-06-20 11:40:08 138,496 -c----w C:\WINDOWS\system32\dllcache\afd.sys
- 2004-08-04 06:10:37 274,304 -c--a-w C:\WINDOWS\system32\dllcache\bthport.sys
+ 2008-06-13 11:05:51 272,128 -c----w C:\WINDOWS\system32\dllcache\bthport.sys
- 2002-08-29 02:39:42 97,792 -c--a-w C:\WINDOWS\system32\dllcache\chtmbx.dll
+ 2008-04-14 00:09:05 97,792 -c--a-w C:\WINDOWS\system32\dllcache\chtmbx.dll
- 2002-08-29 02:39:42 56,320 -c--a-w C:\WINDOWS\system32\dllcache\chtskdic.dll
+ 2008-04-14 00:09:05 56,320 -c--a-w C:\WINDOWS\system32\dllcache\chtskdic.dll
- 2002-08-29 02:39:42 173,568 -c--a-w C:\WINDOWS\system32\dllcache\chtskf.dll
+ 2008-04-14 00:09:05 173,568 -c--a-w C:\WINDOWS\system32\dllcache\chtskf.dll
- 2004-08-04 05:31:52 198,656 -c--a-w C:\WINDOWS\system32\dllcache\cintime.dll
+ 2008-04-14 00:09:06 198,656 -c--a-w C:\WINDOWS\system32\dllcache\cintime.dll
- 2005-07-26 04:39:43 498,688 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
+ 2008-04-14 00:11:50 498,688 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
+ 2008-05-07 09:07:23 135,168 -c----w C:\WINDOWS\system32\dllcache\cscript.exe
- 2004-08-04 07:56:42 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2006-06-26 17:37:10 148,480 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2006-08-22 10:05:26 498,742 -c----w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 -c----w C:\WINDOWS\system32\dllcache\dxmasf.dll
- 2005-07-26 04:39:45 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2008-04-14 00:11:53 246,272 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
- 2002-08-29 12:00:00 13,463,552 -c--a-w C:\WINDOWS\system32\dllcache\hwxjpn.dll
+ 2008-04-14 00:09:39 13,463,552 -c--a-w C:\WINDOWS\system32\dllcache\hwxjpn.dll
- 2004-08-04 06:04:36 106,496 -c--a-w C:\WINDOWS\system32\dllcache\imekrcic.dll
+ 2008-04-14 00:09:43 106,496 -c--a-w C:\WINDOWS\system32\dllcache\imekrcic.dll
- 2004-08-04 06:04:32 86,016 -c--a-w C:\WINDOWS\system32\dllcache\imekrmbx.dll
+ 2008-04-14 00:09:43 86,016 -c--a-w C:\WINDOWS\system32\dllcache\imekrmbx.dll
- 2004-08-04 05:31:48 811,064 -c--a-w C:\WINDOWS\system32\dllcache\imjp81k.dll
+ 2008-04-14 00:09:44 811,064 -c--a-w C:\WINDOWS\system32\dllcache\imjp81k.dll
- 2004-08-04 05:31:50 368,696 -c--a-w C:\WINDOWS\system32\dllcache\imjpcic.dll
+ 2008-04-14 00:09:45 368,696 -c--a-w C:\WINDOWS\system32\dllcache\imjpcic.dll
- 2004-08-04 05:31:51 716,856 -c--a-w C:\WINDOWS\system32\dllcache\imjpcus.dll
+ 2008-04-14 00:09:45 716,856 -c--a-w C:\WINDOWS\system32\dllcache\imjpcus.dll
- 2004-08-04 05:31:52 81,976 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.dll
+ 2008-04-14 00:09:45 81,976 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.dll
- 2004-08-04 05:32:15 274,489 -c--a-w C:\WINDOWS\system32\dllcache\imjputyc.dll
+ 2008-04-14 00:09:46 274,489 -c--a-w C:\WINDOWS\system32\dllcache\imjputyc.dll
- 2002-08-29 02:39:02 102,456 -c--a-w C:\WINDOWS\system32\dllcache\imlang.dll
+ 2008-04-14 00:09:46 102,456 -c--a-w C:\WINDOWS\system32\dllcache\imlang.dll
- 2002-08-29 12:00:00 315,452 -c--a-w C:\WINDOWS\system32\dllcache\imskf.dll
+ 2008-04-14 00:09:47 315,455 -c--a-w C:\WINDOWS\system32\dllcache\imskf.dll
- 2007-11-14 07:26:56 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2008-05-09 10:53:39 512,000 -c----w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2002-08-29 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
- 2004-08-04 07:56:42 22,016 -c--a-w C:\WINDOWS\system32\dllcache\lpk.dll
+ 2008-04-14 00:11:56 22,016 -c--a-w C:\WINDOWS\system32\dllcache\lpk.dll
+ 2002-08-29 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2002-08-29 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
- 2004-08-04 07:56:52 4,639 -c--a-w C:\WINDOWS\system32\dllcache\mplayer2.exe
+ 2008-04-14 00:12:27 4,639 -c--a-w C:\WINDOWS\system32\dllcache\mplayer2.exe
- 2004-08-04 07:56:42 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-04-14 00:11:58 297,984 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
- 2004-08-04 07:56:13 4,126 -c--a-w C:\WINDOWS\system32\dllcache\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 -c--a-w C:\WINDOWS\system32\dllcache\msdxmlc.dll
- 2004-08-04 07:56:43 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-04 07:56:43 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2007-12-07 14:37:14 3,059,200 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-21 06:44:29 3,066,880 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2004-08-04 07:56:43 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:40 355,112 -c----w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-04 07:56:43 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-04 07:56:43 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-04 07:56:43 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-08-04 07:56:43 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2004-08-04 07:56:43 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-04 07:56:43 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-04 07:56:43 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-04 07:56:43 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2004-08-04 07:56:44 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-04 07:56:44 245,248 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-06-20 17:46:57 245,248 -c----w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2004-08-04 07:56:44 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-04 07:56:44 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-04-14 00:12:01 1,306,624 -c----w C:\WINDOWS\system32\dllcache\msxml6.dll
+ 2008-04-13 17:27:18 79,872 -c----w C:\WINDOWS\system32\dllcache\msxml6r.dll
+ 2002-08-29 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2002-08-29 02:39:46 15,872 -c--a-w C:\WINDOWS\system32\dllcache\padrs404.dll
+ 2008-04-14 00:10:33 15,872 -c--a-w C:\WINDOWS\system32\dllcache\padrs404.dll
- 2002-08-29 02:39:08 15,360 -c--a-w C:\WINDOWS\system32\dllcache\padrs804.dll
+ 2008-04-14 00:10:33 15,360 -c--a-w C:\WINDOWS\system32\dllcache\padrs804.dll
- 2002-08-29 02:39:08 175,104 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsa.dll
+ 2008-04-14 00:10:34 175,104 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsa.dll
- 2002-08-29 02:39:08 53,760 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsd.dll
+ 2008-04-14 00:10:34 53,760 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsd.dll
- 2002-08-29 02:39:06 70,144 -c--a-w C:\WINDOWS\system32\dllcache\pintlphr.exe
+ 2008-04-13 16:43:36 70,144 -c--a-w C:\WINDOWS\system32\dllcache\pintlphr.exe
- 2002-08-29 02:39:08 67,584 -c--a-w C:\WINDOWS\system32\dllcache\pmigrate.dll
+ 2008-04-14 00:10:34 67,584 -c--a-w C:\WINDOWS\system32\dllcache\pmigrate.dll
- 2007-10-29 22:43:03 1,287,680 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 14:02:52 203,136 -c----w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-04-14 00:12:33 33,280 -c--a-w C:\WINDOWS\system32\dllcache\rundll32.exe
+ 2008-05-09 10:53:39 180,224 -c----w C:\WINDOWS\system32\dllcache\scrobj.dll
+ 2008-05-09 10:53:40 172,032 -c----w C:\WINDOWS\system32\dllcache\scrrun.dll
+ 2008-04-14 11:42:06 985,088 -c--a-w C:\WINDOWS\system32\dllcache\setupapi.dll
- 2007-12-07 01:07:13 1,494,528 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2007-10-26 03:36:51 8,454,656 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2008-04-14 00:12:05 8,461,312 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2002-08-29 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
- 2006-08-21 15:52:08 246,814 -c----w C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2008-04-14 00:12:07 246,814 -c----w C:\WINDOWS\system32\dllcache\strmdll.dll
- 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 11:51:12 361,600 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2002-08-29 02:39:48 10,240 -c--a-w C:\WINDOWS\system32\dllcache\tmigrate.dll
+ 2008-04-14 00:10:59 10,240 -c--a-w C:\WINDOWS\system32\dllcache\tmigrate.dll
- 2004-08-04 06:04:11 76,288 -c--a-w C:\WINDOWS\system32\dllcache\uniime.dll
+ 2008-04-14 00:11:01 76,288 -c--a-w C:\WINDOWS\system32\dllcache\uniime.dll
- 2004-08-04 07:56:46 218,624 -c--a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 -c--a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
+ 2008-05-09 10:53:40 430,080 -c----w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2002-08-29 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
- 2004-08-04 05:32:34 426,041 -c--a-w C:\WINDOWS\system32\dllcache\voicepad.dll
+ 2008-04-14 00:11:04 426,041 -c--a-w C:\WINDOWS\system32\dllcache\voicepad.dll
- 2004-08-04 05:32:35 86,073 -c--a-w C:\WINDOWS\system32\dllcache\voicesub.dll
+ 2008-04-14 00:11:04 86,073 -c--a-w C:\WINDOWS\system32\dllcache\voicesub.dll
- 2007-12-07 01:07:14 659,456 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-21 06:44:29 666,112 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2004-08-04 07:56:46 176,128 -c--a-w C:\WINDOWS\system32\dllcache\winmm.dll
+ 2008-04-14 00:12:09 176,128 -c--a-w C:\WINDOWS\system32\dllcache\winmm.dll
+ 2002-08-29 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2002-08-29 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
- 2004-08-04 07:56:46 303,616 -c--a-w C:\WINDOWS\system32\dllcache\wmstream.dll
+ 2008-04-14 00:12:10 303,616 -c--a-w C:\WINDOWS\system32\dllcache\wmstream.dll
+ 2002-08-29 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
- 2004-08-04 07:56:46 82,944 -c--a-w C:\WINDOWS\system32\dllcache\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 -c--a-w C:\WINDOWS\system32\dllcache\ws2_32.dll
+ 2008-05-08 11:24:44 155,648 -c----w C:\WINDOWS\system32\dllcache\wscript.exe
+ 2008-05-09 10:53:40 90,112 -c----w C:\WINDOWS\system32\dllcache\wshext.dll
- 2004-08-04 07:56:48 5,120 ----a-w C:\WINDOWS\system32\dllhost.exe
+ 2008-04-14 00:12:17 5,120 ----a-w C:\WINDOWS\system32\dllhost.exe
- 2004-08-04 07:56:48 224,768 ----a-w C:\WINDOWS\system32\dmadmin.exe
+ 2008-04-14 00:12:17 224,768 ----a-w C:\WINDOWS\system32\dmadmin.exe
- 2004-08-04 07:56:42 28,672 ----a-w C:\WINDOWS\system32\dmband.dll
+ 2008-04-14 00:11:52 28,672 ----a-w C:\WINDOWS\system32\dmband.dll
- 2004-08-04 07:56:42 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll
+ 2008-04-14 00:11:52 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll
- 2002-08-29 12:00:00 273,920 -c--a-w C:\WINDOWS\system32\dmdlgs.dll
+ 2008-04-14 00:11:52 285,184 ----a-w C:\WINDOWS\system32\dmdlgs.dll
- 2004-08-04 07:56:42 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll
+ 2008-04-14 00:11:52 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll
- 2004-08-04 07:56:42 181,248 ----a-w C:\WINDOWS\system32\dmime.dll
+ 2008-04-14 00:11:52 181,248 ----a-w C:\WINDOWS\system32\dmime.dll
- 2004-08-04 07:56:42 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll
+ 2008-04-14 00:11:52 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll
- 2004-08-04 07:56:48 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe
+ 2008-04-14 00:12:17 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe
- 2004-08-04 07:56:42 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll
+ 2008-04-14 00:11:52 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll
- 2004-08-04 07:56:42 23,552 ----a-w C:\WINDOWS\system32\dmserver.dll
+ 2008-04-14 00:11:52 23,552 ----a-w C:\WINDOWS\system32\dmserver.dll
- 2004-08-04 07:56:42 105,984 ----a-w C:\WINDOWS\system32\dmstyle.dll
+ 2008-04-14 00:11:52 105,984 ----a-w C:\WINDOWS\system32\dmstyle.dll
- 2004-08-04 07:56:42 103,424 ----a-w C:\WINDOWS\system32\dmsynth.dll
+ 2008-04-14 00:11:52 103,424 ----a-w C:\WINDOWS\system32\dmsynth.dll
- 2004-08-04 07:56:42 104,448 ----a-w C:\WINDOWS\system32\dmusic.dll
+ 2008-04-14 00:11:52 104,448 ----a-w C:\WINDOWS\system32\dmusic.dll
- 2004-08-04 07:56:42 52,224 ----a-w C:\WINDOWS\system32\dmutil.dll
+ 2008-04-14 00:11:52 52,224 ----a-w C:\WINDOWS\system32\dmutil.dll
- 2006-06-26 17:37:10 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-04 07:56:42 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-04-14 00:11:52 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2004-08-04 07:56:42 48,128 ----a-w C:\WINDOWS\system32\docprop2.dll
+ 2008-04-14 00:11:52 48,128 ----a-w C:\WINDOWS\system32\docprop2.dll
+ 2008-04-14 00:11:52 26,112 ------w C:\WINDOWS\system32\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w C:\WINDOWS\system32\dot3cfg.dll
+ 2008-04-14 00:11:52 9,216 ------w C:\WINDOWS\system32\dot3dlg.dll
+ 2008-04-14 00:11:52 39,936 ------w C:\WINDOWS\system32\dot3gpclnt.dll
+ 2008-04-14 00:11:52 56,320 ------w C:\WINDOWS\system32\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w C:\WINDOWS\system32\dot3svc.dll
- 2004-08-04 06:13:53 97,280 ----a-w C:\WINDOWS\system32\dpcdll.dll
+ 2008-04-13 21:00:49 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
- 2004-08-04 07:56:48 30,208 ----a-w C:\WINDOWS\system32\dplaysvr.exe
+ 2008-04-14 00:12:17 29,696 ----a-w C:\WINDOWS\system32\dplaysvr.exe
- 2004-08-04 07:56:42 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll
+ 2008-04-14 00:11:52 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll
- 2004-08-04 07:56:42 23,552 ----a-w C:\WINDOWS\system32\dpmodemx.dll
+ 2008-04-14 00:11:52 23,552 ----a-w C:\WINDOWS\system32\dpmodemx.dll
- 2004-08-04 07:56:03 3,584 ----a-w C:\WINDOWS\system32\dpnaddr.dll
+ 2008-04-14 00:09:19 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
- 2004-08-04 07:56:42 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll
+ 2008-04-14 00:11:52 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll
- 2004-08-04 07:56:42 35,328 ----a-w C:\WINDOWS\system32\dpnhpast.dll
+ 2008-04-14 00:11:52 35,328 ----a-w C:\WINDOWS\system32\dpnhpast.dll
- 2004-08-04 07:56:42 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll
+ 2008-04-14 00:11:52 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll
- 2004-08-04 07:56:03 3,584 ----a-w C:\WINDOWS\system32\dpnlobby.dll
+ 2008-04-14 00:09:20 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
- 2004-08-04 07:56:48 18,432 ----a-w C:\WINDOWS\system32\dpnsvr.exe
+ 2008-04-14 00:12:17 17,920 ----a-w C:\WINDOWS\system32\dpnsvr.exe
- 2004-08-04 07:56:42 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll
+ 2008-04-14 00:11:52 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll
- 2004-08-04 07:56:42 212,480 -c--a-w C:\WINDOWS\system32\dpvoice.dll
+ 2008-04-14 00:11:52 212,480 ----a-w C:\WINDOWS\system32\dpvoice.dll
- 2004-08-04 07:56:48 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe
+ 2008-04-14 00:12:18 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe
- 2004-08-04 07:56:42 116,736 ----a-w C:\WINDOWS\system32\dpvvox.dll
+ 2008-04-14 00:11:52 116,736 ----a-w C:\WINDOWS\system32\dpvvox.dll
- 2004-08-04 07:56:42 57,344 ----a-w C:\WINDOWS\system32\dpwsockx.dll
+ 2008-04-14 00:11:52 57,344 ----a-w C:\WINDOWS\system32\dpwsockx.dll
- 2004-08-04 06:10:06 53,248 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys
+ 2008-04-13 18:46:18 53,376 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys
- 2004-08-04 06:07:38 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
+ 2008-04-13 18:36:35 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
- 2004-08-04 07:56:41 4,255 -c----w C:\WINDOWS\system32\drivers\adv01nt5.dll
+ 2008-04-14 00:11:48 4,255 ------w C:\WINDOWS\system32\drivers\adv01nt5.dll
- 2004-08-04 07:56:41 3,967 -c----w C:\WINDOWS\system32\drivers\adv02nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w C:\WINDOWS\system32\drivers\adv02nt5.dll
- 2004-08-04 07:56:41 3,615 -c----w C:\WINDOWS\system32\drivers\adv05nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w C:\WINDOWS\system32\drivers\adv05nt5.dll
- 2004-08-04 07:56:41 3,647 -c----w C:\WINDOWS\system32\drivers\adv07nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w C:\WINDOWS\system32\drivers\adv07nt5.dll
- 2004-08-04 07:56:41 3,135 -c----w C:\WINDOWS\system32\drivers\adv08nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w C:\WINDOWS\system32\drivers\adv08nt5.dll
- 2004-08-04 07:56:41 3,711 -c----w C:\WINDOWS\system32\drivers\adv09nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w C:\WINDOWS\system32\drivers\adv09nt5.dll
- 2004-08-04 07:56:41 3,775 -c----w C:\WINDOWS\system32\drivers\adv11nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w C:\WINDOWS\system32\drivers\adv11nt5.dll
- 2006-02-15 00:22:26 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys
+ 2008-04-13 16:39:23 142,592 ----a-w C:\WINDOWS\system32\drivers\aec.sys
- 2004-08-04 06:07:41 42,368 -c----w C:\WINDOWS\system32\drivers\agp440.sys
+ 2008-04-13 18:36:38 42,368 ------w C:\WINDOWS\system32\drivers\agp440.sys
- 2004-08-04 06:07:42 44,928 -c----w C:\WINDOWS\system32\drivers\agpcpq.sys
+ 2008-04-13 18:36:39 44,928 ------w C:\WINDOWS\system32\drivers\agpcpq.sys
- 2004-08-04 06:07:41 42,752 -c----w C:\WINDOWS\system32\drivers\alim1541.sys
+ 2008-04-13 18:36:38 42,752 ------w C:\WINDOWS\system32\drivers\alim1541.sys
- 2004-08-04 06:07:42 43,008 ------w C:\WINDOWS\system32\drivers\amdagp.sys
+ 2008-04-13 18:36:39 43,008 ------w C:\WINDOWS\system32\drivers\amdagp.sys
- 2004-08-04 05:59:19 36,992 -c--a-w C:\WINDOWS\system32\drivers\amdk6.sys
+ 2008-04-13 18:31:32 37,376 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
- 2004-08-04 05:59:20 37,376 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
+ 2008-04-13 18:31:33 37,760 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
- 2004-08-04 05:58:29 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
+ 2008-04-13 18:51:25 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
- 2004-08-04 06:05:03 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
+ 2008-04-13 18:57:27 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
- 2004-08-04 05:59:42 95,360 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
+ 2008-04-13 18:40:30 96,512 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
- 2004-08-04 05:58:30 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
+ 2008-04-13 18:51:25 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
- 2004-08-04 05:58:34 55,936 -c--a-w C:\WINDOWS\system32\drivers\atmlane.sys
+ 2008-04-13 18:51:30 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
- 2004-08-04 07:56:41 21,183 -c----w C:\WINDOWS\system32\drivers\atv01nt5.dll
+ 2008-04-14 00:11:50 21,183 ------w C:\WINDOWS\system32\drivers\atv01nt5.dll
- 2004-08-04 07:56:41 11,359 -c----w C:\WINDOWS\system32\drivers\atv02nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w C:\WINDOWS\system32\drivers\atv02nt5.dll
- 2004-08-04 07:56:41 25,471 ------w C:\WINDOWS\system32\drivers\atv04nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w C:\WINDOWS\system32\drivers\atv04nt5.dll
- 2004-08-04 07:56:41 14,143 -c----w C:\WINDOWS\system32\drivers\atv06nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w C:\WINDOWS\system32\drivers\atv06nt5.dll
- 2004-08-04 07:56:41 17,279 -c----w C:\WINDOWS\system32\drivers\atv10nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w C:\WINDOWS\system32\drivers\atv10nt5.dll
- 2004-08-04 06:10:12 11,776 ----a-w C:\WINDOWS\system32\drivers\bdasup.sys
+ 2008-04-13 18:46:21 11,776 ----a-w C:\WINDOWS\system32\drivers\bdasup.sys
- 2004-08-04 05:59:57 71,552 -c--a-w C:\WINDOWS\system32\drivers\bridge.sys
+ 2008-04-13 18:53:23 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
- 2004-08-04 06:10:38 17,024 -c----w C:\WINDOWS\system32\drivers\bthenum.sys
+ 2008-04-13 18:46:33 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys
- 2004-08-04 06:10:38 38,016 -c----w C:\WINDOWS\system32\drivers\bthmodem.sys
+ 2008-04-13 18:46:33 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys
- 2004-08-04 05:58:38 100,992 -c----w C:\WINDOWS\system32\drivers\bthpan.sys
+ 2008-04-13 18:51:34 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
- 2004-08-04 06:10:37 35,456 -c----w C:\WINDOWS\system32\drivers\bthprint.sys
+ 2008-04-13 18:46:31 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys
- 2004-08-04 06:10:34 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys
+ 2008-04-13 18:46:29 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys
- 2004-08-04 06:10:16 17,024 ----a-w C:\WINDOWS\system32\drivers\ccdecode.sys
+ 2008-04-13 18:46:23 17,024 ----a-w C:\WINDOWS\system32\drivers\ccdecode.sys
- 2004-08-04 06:14:10 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
+ 2008-04-13 19:14:21 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
+ 2006-10-18 09:00:00 2,432 ----a-w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2006-10-18 09:00:00 2,560 ----a-w C:\WINDOWS\system32\drivers\cdralw2k.sys
- 2004-08-04 05:59:52 49,536 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys
+ 2008-04-13 18:40:46 62,976 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys
- 2004-08-04 07:56:41 15,423 -c----w C:\WINDOWS\system32\drivers\ch7xxnt5.dll
+ 2008-04-14 00:11:50 15,423 ------w C:\WINDOWS\system32\drivers\ch7xxnt5.dll
- 2004-08-04 06:14:26 49,664 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
+ 2008-04-13 19:16:22 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
- 2004-08-04 05:59:20 36,480 -c--a-w C:\WINDOWS\system32\drivers\crusoe.sys
+ 2008-04-13 18:31:32 36,736 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
- 2004-08-04 05:59:54 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys
+ 2008-04-13 18:40:47 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys
- 2004-08-04 05:59:52 14,208 -c--a-w C:\WINDOWS\system32\drivers\diskdump.sys
+ 2008-04-13 18:40:44 14,208 ----a-w C:\WINDOWS\system32\drivers\diskdump.sys
- 2004-08-04 06:07:17 799,744 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
+ 2008-04-13 18:44:48 799,744 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
- 2004-08-04 06:07:16 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
+ 2008-04-13 18:44:46 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
- 2004-08-04 06:07:38 52,864 ----a-w C:\WINDOWS\system32\drivers\dmusic.sys
+ 2008-04-13 18:45:01 52,864 ----a-w C:\WINDOWS\system32\drivers\dmusic.sys
- 2004-08-04 06:07:58 60,288 ----a-w C:\WINDOWS\system32\drivers\drmk.sys
+ 2008-04-13 18:45:14 60,160 ----a-w C:\WINDOWS\system32\drivers\drmk.sys
+ 2008-04-13 18:45:13 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
- 2004-08-04 06:00:54 71,040 ----a-w C:\WINDOWS\system32\drivers\dxg.sys
+ 2008-04-13 18:38:29 71,168 ----a-w C:\WINDOWS\system32\drivers\dxg.sys
- 2004-08-04 06:14:16 143,360 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
+ 2008-04-13 19:14:29 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
- 2004-08-04 05:59:27 27,392 ----a-w C:\WINDOWS\system32\drivers\fdc.sys
+ 2008-04-13 18:40:25 27,392 ----a-w C:\WINDOWS\system32\drivers\fdc.sys
- 2002-08-29 12:00:00 34,944 ----a-w C:\WINDOWS\system32\drivers\fips.sys
+ 2008-04-13 18:33:28 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys
- 2004-08-04 05:59:27 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys
+ 2008-04-13 18:40:25 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys
- 2006-08-21 09:14:58 128,896 ------w C:\WINDOWS\system32\drivers\fltmgr.sys
+ 2008-04-13 18:32:59 129,792 ------w C:\WINDOWS\system32\drivers\fltmgr.sys
- 2004-08-04 06:07:43 46,464 -c----w C:\WINDOWS\system32\drivers\gagp30kx.sys
+ 2008-04-13 18:36:40 46,464 ------w C:\WINDOWS\system32\drivers\gagp30kx.sys
+ 2008-04-13 16:36:05 144,384 ------w C:\WINDOWS\system32\drivers\hdaudbus.sys
- 2004-08-04 06:10:36 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys
+ 2008-04-13 18:46:30 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys
- 2004-08-04 06:08:19 36,224 -c--a-w C:\WINDOWS\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 36,864 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys
- 2004-08-04 06:08:18 15,104 ------w C:\WINDOWS\system32\drivers\hidir.sys
+ 2008-04-13 18:45:26 19,200 ------w C:\WINDOWS\system32\drivers\hidir.sys
- 2004-08-04 06:08:16 24,960 -c--a-w C:\WINDOWS\system32\drivers\hidparse.sys
+ 2008-04-13 18:45:22 24,960 ----a-w C:\WINDOWS\system32\drivers\hidparse.sys
- 2002-08-29 12:00:00 9,600 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys
+ 2008-04-13 18:45:27 10,368 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys
- 2006-03-17 00:33:10 262,784 ------w C:\WINDOWS\system32\drivers\http.sys
+ 2008-04-13 18:53:53 264,832 ------w C:\WINDOWS\system32\drivers\http.sys
- 2004-08-04 06:14:36 52,736 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
+ 2008-04-13 19:18:00 52,480 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
- 2004-08-04 06:00:15 41,856 ----a-w C:\WINDOWS\system32\drivers\imapi.sys
+ 2008-04-13 18:40:58 42,112 ----a-w C:\WINDOWS\system32\drivers\imapi.sys
- 2004-08-04 05:59:41 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
+ 2008-04-13 18:40:29 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
- 2004-08-04 05:59:19 36,096 ------w C:\WINDOWS\system32\drivers\intelppm.sys
+ 2008-04-13 18:31:32 36,352 ------w C:\WINDOWS\system32\drivers\intelppm.sys
- 2004-08-04 06:00:06 29,056 ------w C:\WINDOWS\system32\drivers\ip6fw.sys
+ 2008-04-13 18:53:34 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys
- 2004-08-04 06:04:45 20,992 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
+ 2008-04-13 18:57:07 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
- 2004-09-29 22:28:37 134,912 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
+ 2008-04-13 18:57:15 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
- 2004-08-04 06:14:28 74,752 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
+ 2008-04-13 19:19:42 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
- 2004-08-04 06:00:46 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
+ 2008-04-13 18:54:28 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
- 2002-08-29 12:00:00 35,840 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
+ 2008-04-13 18:36:41 37,248 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
- 2004-08-04 05:58:32 24,576 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
+ 2008-04-13 18:39:47 24,576 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
- 2006-06-14 08:47:45 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
+ 2008-04-13 18:45:09 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
- 2004-08-04 07:15:22 140,928 ----a-w C:\WINDOWS\system32\drivers\ks.sys
+ 2008-04-13 19:16:36 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
- 2004-08-04 05:59:47 92,032 -c--a-w C:\WINDOWS\system32\drivers\ksecdd.sys
+ 2008-04-13 18:31:43 92,288 ----a-w C:\WINDOWS\system32\drivers\ksecdd.sys
- 2004-08-04 06:07:44 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys
+ 2008-04-13 18:36:41 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys
- 2004-08-04 06:08:05 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
+ 2008-04-13 19:00:19 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
- 2004-08-04 05:58:32 23,040 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
+ 2008-04-13 18:39:47 23,040 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
- 2004-08-04 05:58:30 42,240 -c--a-w C:\WINDOWS\system32\drivers\mountmgr.sys
+ 2008-04-13 18:39:46 42,368 ----a-w C:\WINDOWS\system32\drivers\mountmgr.sys
- 2004-08-04 06:10:12 15,360 ----a-w C:\WINDOWS\system32\drivers\mpe.sys
+ 2008-04-13 18:46:22 15,232 ----a-w C:\WINDOWS\system32\drivers\mpe.sys
- 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2008-04-13 18:32:44 180,608 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
- 2006-05-05 09:41:45 453,120 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
+ 2008-04-13 19:17:01 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
- 2004-08-04 06:09:58 51,328 -c--a-w C:\WINDOWS\system32\drivers\msdv.sys
+ 2008-04-13 18:46:09 51,200 ----a-w C:\WINDOWS\system32\drivers\msdv.sys
- 2004-08-04 06:00:41 19,072 ----a-w C:\WINDOWS\system32\drivers\msfs.sys
+ 2008-04-13 18:32:39 19,072 ----a-w C:\WINDOWS\system32\drivers\msfs.sys
- 2004-08-04 06:04:12 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
+ 2008-04-13 18:56:32 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
- 2004-08-04 05:58:41 7,552 ----a-w C:\WINDOWS\system32\drivers\mskssrv.sys
+ 2008-04-13 18:39:52 7,552 ----a-w C:\WINDOWS\system32\drivers\mskssrv.sys
- 2004-08-04 05:58:38 5,376 ----a-w C:\WINDOWS\system32\drivers\mspclock.sys
+ 2008-04-13 18:39:50 5,376 ----a-w C:\WINDOWS\system32\drivers\mspclock.sys
- 2004-08-04 05:58:40 4,992 ----a-w C:\WINDOWS\system32\drivers\mspqm.sys
+ 2008-04-13 18:39:51 4,992 ----a-w C:\WINDOWS\system32\drivers\mspqm.sys
- 2004-08-04 06:07:47 15,488 ------w C:\WINDOWS\system32\drivers\mssmbios.sys
+ 2008-04-13 18:36:46 15,488 ------w C:\WINDOWS\system32\drivers\mssmbios.sys
- 2004-08-04 05:58:38 5,504 ----a-w C:\WINDOWS\system32\drivers\mstee.sys
+ 2008-04-13 18:39:50 5,504 ----a-w C:\WINDOWS\system32\drivers\mstee.sys
- 2004-08-04 06:15:20 107,904 -c--a-w C:\WINDOWS\system32\drivers\mup.sys
+ 2008-04-13 19:17:05 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
- 2004-08-04 06:04:51 12,672 -c----w C:\WINDOWS\system32\drivers\mutohpen.sys
+ 2008-04-13 18:43:55 12,672 ------w C:\WINDOWS\system32\drivers\mutohpen.sys
- 2004-08-04 06:10:28 85,376 ----a-w C:\WINDOWS\system32\drivers\nabtsfec.sys
+ 2008-04-13 18:46:25 85,248 ----a-w C:\WINDOWS\system32\drivers\nabtsfec.sys
- 2004-08-04 06:14:28 182,912 -c--a-w C:\WINDOWS\system32\drivers\ndis.sys
+ 2008-04-13 19:20:37 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
- 2004-08-04 06:10:12 10,880 ----a-w C:\WINDOWS\system32\drivers\ndisip.sys
+ 2008-04-13 18:46:22 10,880 ----a-w C:\WINDOWS\system32\drivers\ndisip.sys
- 2002-08-29 12:00:00 9,600 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
+ 2008-04-13 18:57:27 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
- 2004-08-04 06:03:12 12,928 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
+ 2008-04-13 18:55:58 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
- 2004-08-04 06:14:31 91,776 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
+ 2008-04-13 19:20:42 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
- 2002-08-29 12:00:00 38,016 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
+ 2008-04-13 18:57:29 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
- 2004-08-04 06:03:21 34,560 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
+ 2008-04-13 18:56:02 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
- 2004-08-04 06:14:37 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
+ 2008-04-13 19:21:00 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
- 2004-08-04 05:58:29 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
+ 2008-04-13 18:51:25 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
- 2004-08-04 05:59:50 40,320 -c--a-w C:\WINDOWS\system32\drivers\nmnt.sys
+ 2008-04-13 18:53:09 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
- 2004-08-04 06:00:43 30,848 ----a-w C:\WINDOWS\system32\drivers\npfs.sys
+ 2008-04-13 18:32:39 30,848 ----a-w C:\WINDOWS\system32\drivers\npfs.sys
- 2007-02-09 11:10:35 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
+ 2008-04-13 19:15:53 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
+ 2002-08-29 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
- 2004-08-04 06:03:35 88,448 -c--a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
+ 2008-04-13 18:56:06 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
- 2004-08-04 06:10:08 61,056 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys
+ 2008-04-13 18:46:18 61,696 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys
- 2004-08-04 05:59:19 42,496 ----a-w C:\WINDOWS\system32\drivers\p3.sys
+ 2008-04-13 18:31:31 42,752 ----a-w C:\WINDOWS\system32\drivers\p3.sys
- 2004-08-04 05:59:06 80,128 ----a-w C:\WINDOWS\system32\drivers\parport.sys
+ 2008-04-13 18:40:10 80,128 ----a-w C:\WINDOWS\system32\drivers\parport.sys
- 2002-08-29 12:00:00 18,688 -c--a-w C:\WINDOWS\system32\drivers\partmgr.sys
+ 2008-04-13 18:40:49 19,712 ----a-w C:\WINDOWS\system32\drivers\partmgr.sys
- 2004-08-04 06:07:46 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys
+ 2008-04-13 18:36:44 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys
- 2004-08-04 05:59:41 25,088 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys
+ 2008-04-13 18:40:29 24,960 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys
- 2004-08-04 06:07:46 119,936 -c--a-w C:\WINDOWS\system32\drivers\pcmcia.sys
+ 2008-04-13 18:36:43 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
- 2004-08-04 06:15:50 145,792 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
+ 2008-04-13 19:19:41 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
- 2004-08-04 05:59:17 35,328 ----a-w C:\WINDOWS\system32\drivers\processr.sys
+ 2008-04-13 18:31:30 35,840 ----a-w C:\WINDOWS\system32\drivers\processr.sys
- 2004-08-04 06:04:19 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
+ 2008-04-13 18:56:38 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
- 2004-08-04 06:14:22 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
+ 2008-04-13 19:19:43 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
- 2004-08-04 06:05:07 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
+ 2008-04-13 18:57:32 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
- 2004-08-04 06:14:26 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
+ 2008-04-13 19:19:48 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
- 2006-05-05 09:47:57 174,592 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
+ 2008-04-13 19:28:39 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
- 2004-08-04 06:01:15 196,864 -c--a-w C:\WINDOWS\system32\drivers\rdpdr.sys
+ 2008-04-13 18:32:51 196,224 ----a-w C:\WINDOWS\system32\drivers\rdpdr.sys
- 2005-06-10 04:09:46 139,528 -c--a-w C:\WINDOWS\system32\drivers\rdpwd.sys
+ 2008-04-14 00:13:22 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
- 2004-08-04 05:59:37 57,472 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
+ 2008-04-13 18:40:27 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
- 2004-08-04 06:10:39 59,648 ------w C:\WINDOWS\system32\drivers\rfcomm.sys
+ 2008-04-13 18:46:32 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2004-08-04 06:04:31 30,080 -c--a-w C:\WINDOWS\system32\drivers\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
- 2004-08-04 06:04:31 30,080 -c----w C:\WINDOWS\system32\drivers\rndismpx.sys
+ 2008-04-13 18:56:49 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
+ 2006-06-05 14:08:33 30,556 ----a-w C:\WINDOWS\system32\drivers\scdemu.sys
- 2004-08-04 05:59:41 96,256 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys
+ 2008-04-13 18:40:30 96,384 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys
- 2004-08-04 06:07:47 67,584 ------w C:\WINDOWS\system32\drivers\sdbus.sys
+ 2008-04-13 18:36:44 79,232 ------w C:\WINDOWS\system32\drivers\sdbus.sys
- 2004-08-04 05:59:07 15,488 ----a-w C:\WINDOWS\system32\drivers\serenum.sys
+ 2008-04-13 18:40:12 15,744 ----a-w C:\WINDOWS\system32\drivers\serenum.sys
- 2004-08-04 06:15:52 64,896 ----a-w C:\WINDOWS\system32\drivers\serial.sys
+ 2008-04-13 19:15:45 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys
- 2004-08-04 05:59:54 11,136 -c----w C:\WINDOWS\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:47 11,904 ------w C:\WINDOWS\system32\drivers\sffdisk.sys
- 2004-08-04 05:59:54 10,240 ------w C:\WINDOWS\system32\drivers\sffp_sd.sys
+ 2008-04-13 18:40:47 11,008 ------w C:\WINDOWS\system32\drivers\sffp_sd.sys
- 2004-08-04 05:59:54 11,392 ----a-w C:\WINDOWS\system32\drivers\sfloppy.sys
+ 2008-04-13 18:40:48 11,392 ----a-w C:\WINDOWS\system32\drivers\sfloppy.sys
- 2004-08-04 07:56:45 3,901 -c----w C:\WINDOWS\system32\drivers\siint5.dll
+ 2008-04-14 00:12:05 3,901 ------w C:\WINDOWS\system32\drivers\siint5.dll
- 2004-08-04 06:07:42 41,088 -c----w C:\WINDOWS\system32\drivers\sisagp.sys
+ 2008-04-13 18:36:39 40,960 ------w C:\WINDOWS\system32\drivers\sisagp.sys
- 2004-08-04 06:10:16 11,136 ----a-w C:\WINDOWS\system32\drivers\slip.sys
+ 2008-04-13 18:46:23 11,136 ----a-w C:\WINDOWS\system32\drivers\slip.sys
- 2004-08-04 06:07:36 6,016 -c----w C:\WINDOWS\system32\drivers\smbali.sys
+ 2008-04-13 18:36:34 5,888 ------w C:\WINDOWS\system32\drivers\smbali.sys
- 2004-08-04 06:09:55 25,472 -c--a-w C:\WINDOWS\system32\drivers\sonydcam.sys
+ 2008-04-13 18:46:07 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
- 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
+ 2008-04-13 18:45:07 6,272 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
- 2004-08-04 06:06:25 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
+ 2008-04-13 18:36:52 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
- 2006-08-14 10:34:41 332,928 ----a-w C:\WINDOWS\system32\drivers\srv.sys
+ 2008-04-13 19:15:11 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
- 2004-08-04 06:08:02 48,640 ----a-w C:\WINDOWS\system32\drivers\stream.sys
+ 2008-04-13 18:45:15 49,408 ----a-w C:\WINDOWS\system32\drivers\stream.sys
- 2004-08-04 06:10:12 15,360 ----a-w C:\WINDOWS\system32\drivers\streamip.sys
+ 2008-04-13 18:46:21 15,232 ----a-w C:\WINDOWS\system32\drivers\streamip.sys
- 2004-08-04 05:58:41 4,352 ----a-w C:\WINDOWS\system32\drivers\swenum.sys
+ 2008-04-13 18:39:53 4,352 ----a-w C:\WINDOWS\system32\drivers\swenum.sys
- 2001-08-17 21:00:52 54,272 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys
+ 2008-04-13 18:45:09 56,576 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys
- 2004-08-04 06:15:55 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
+ 2008-04-13 19:15:55 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
- 2004-08-04 05:59:59 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys
+ 2008-04-13 18:40:50 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys
- 2004-08-04 06:07:48 18,560 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
+ 2008-04-13 19:00:05 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
- 2004-08-04 08:01:07 12,040 -c--a-w C:\WINDOWS\system32\drivers\tdpipe.sys
+ 2008-04-14 00:13:20 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
- 2004-08-04 08:01:07 21,896 -c--a-w C:\WINDOWS\system32\drivers\tdtcp.sys
+ 2008-04-14 00:13:21 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
- 2004-08-04 08:01:07 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
+ 2008-04-14 00:13:20 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
- 2004-08-04 06:03:17 12,416 -c--a-w C:\WINDOWS\system32\drivers\tunmp.sys
+ 2008-04-13 18:56:01 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
- 2004-08-04 06:07:43 44,672 -c----w C:\WINDOWS\system32\drivers\uagp35.sys
+ 2008-04-13 18:36:40 44,672 ------w C:\WINDOWS\system32\drivers\uagp35.sys
- 2004-08-04 06:00:31 66,176 ----a-w C:\WINDOWS\system32\drivers\udfs.sys
+ 2008-04-13 18:32:36 66,048 ----a-w C:\WINDOWS\system32\drivers\udfs.sys
- 2004-08-04 05:58:32 209,408 ----a-w C:\WINDOWS\system32\drivers\update.sys
+ 2008-04-13 18:39:46 384,768 ----a-w C:\WINDOWS\system32\drivers\update.sys
- 2004-08-04 06:04:32 12,672 -c--a-w C:\WINDOWS\system32\drivers\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
- 2004-08-04 06:04:33 12,672 -c----w C:\WINDOWS\system32\drivers\usb8023x.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
- 2004-08-04 07:07:56 59,264 ----a-w C:\WINDOWS\system32\drivers\USBAUDIO.sys
+ 2008-04-13 18:45:12 60,032 ----a-w C:\WINDOWS\system32\drivers\usbaudio.sys
- 2002-08-29 19:00:00 23,808 -c--a-w C:\WINDOWS\system32\drivers\usbcamd.sys
+ 2008-04-13 18:45:40 25,600 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys
- 2002-08-29 19:00:00 23,936 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys
+ 2008-04-13 18:45:41 25,728 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys
- 2004-08-04 07:08:46 31,616 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
+ 2008-04-13 18:45:39 32,128 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
- 2004-08-04 06:08:37 26,624 ----a-w C:\WINDOWS\system32\drivers\usbehci.sys
+ 2008-04-13 18:45:35 30,208 ----a-w C:\WINDOWS\system32\drivers\usbehci.sys
- 2004-08-04 06:08:42 57,600 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys
+ 2008-04-13 18:45:37 59,520 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys
- 2004-08-04 06:08:57 16,000 -c--a-w C:\WINDOWS\system32\drivers\usbintel.sys
+ 2008-04-13 18:45:43 15,872 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys
- 2004-08-04 06:08:36 17,024 ----a-w C:\WINDOWS\system32\drivers\usbohci.sys
+ 2008-04-13 18:45:35 17,152 ----a-w C:\WINDOWS\system32\drivers\usbohci.sys
- 2004-08-04 06:08:42 142,976 ----a-w C:\WINDOWS\system32\drivers\usbport.sys
+ 2008-04-13 18:45:36 143,872 ----a-w C:\WINDOWS\system32\drivers\usbport.sys
- 2004-08-04 06:01:24 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys
+ 2008-04-13 18:47:37 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys
- 2004-08-04 06:58:46 15,104 ----a-w C:\WINDOWS\system32\drivers\usbscan.sys
+ 2008-04-13 18:45:34 15,104 ----a-w C:\WINDOWS\system32\drivers\usbscan.sys
- 2004-08-04 06:08:46 26,496 ----a-w C:\WINDOWS\system32\drivers\usbstor.sys
+ 2008-04-13 18:45:38 26,368 ----a-w C:\WINDOWS\system32\drivers\usbstor.sys
- 2004-08-04 06:08:37 20,480 ----a-w C:\WINDOWS\system32\drivers\usbuhci.sys
+ 2008-04-13 18:45:35 20,608 ----a-w C:\WINDOWS\system32\drivers\usbuhci.sys
- 2004-08-04 06:10:10 78,464 -c----w C:\WINDOWS\system32\drivers\usbvideo.sys
+ 2008-04-13 18:46:20 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys
- 2004-08-04 07:56:46 11,325 -c----w C:\WINDOWS\system32\drivers\vchnt5.dll
+ 2008-04-14 00:12:08 11,325 ------w C:\WINDOWS\system32\drivers\vchnt5.dll
- 2004-08-04 06:07:06 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys
+ 2008-04-13 18:44:40 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys
- 2004-08-04 06:07:42 42,240 -c----w C:\WINDOWS\system32\drivers\viaagp.sys
+ 2008-04-13 18:36:40 42,240 ------w C:\WINDOWS\system32\drivers\viaagp.sys
- 2004-08-04 05:59:42 5,376 ----a-w C:\WINDOWS\system32\drivers\viaide.sys
+ 2008-04-13 18:40:31 5,376 ----a-w C:\WINDOWS\system32\drivers\viaide.sys
- 2004-08-04 06:07:05 79,744 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys
+ 2008-04-13 18:44:40 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys
- 2004-08-04 06:00:16 52,352 -c--a-w C:\WINDOWS\system32\drivers\volsnap.sys
+ 2008-04-13 18:41:01 52,352 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
- 2004-08-04 06:04:52 13,568 -c----w C:\WINDOWS\system32\drivers\wacompen.sys
+ 2008-04-13 18:43:55 14,208 ------w C:\WINDOWS\system32\drivers\wacompen.sys
- 2004-08-04 06:04:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
+ 2008-04-13 18:57:21 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
- 2006-06-14 09:00:45 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
+ 2008-04-13 19:17:18 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
- 2004-08-04 06:10:21 19,328 ----a-w C:\WINDOWS\system32\drivers\wstcodec.sys
+ 2008-04-13 18:46:24 19,200 ----a-w C:\WINDOWS\system32\drivers\wstcodec.sys
- 2004-08-04 07:56:42 14,336 ----a-w C:\WINDOWS\system32\drprov.dll
+ 2008-04-14 00:11:52 14,336 ----a-w C:\WINDOWS\system32\drprov.dll
- 2004-08-04 07:56:42 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll
+ 2008-04-14 00:11:52 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll
- 2004-08-04 07:56:42 181,760 -c--a-w C:\WINDOWS\system32\dsdmo.dll
+ 2008-04-14 00:11:52 181,248 ----a-w C:\WINDOWS\system32\dsdmo.dll
- 2004-08-04 07:56:42 71,680 ----a-w C:\WINDOWS\system32\dsdmoprp.dll
+ 2008-04-14 00:11:52 71,680 ----a-w C:\WINDOWS\system32\dsdmoprp.dll
- 2004-08-04 07:56:42 92,672 ----a-w C:\WINDOWS\system32\dskquota.dll
+ 2008-04-14 00:11:52 92,672 ----a-w C:\WINDOWS\system32\dskquota.dll
- 2002-08-29 12:00:00 144,384 ----a-w C:\WINDOWS\system32\dskquoui.dll
+ 2008-04-14 00:11:52 155,648 ----a-w C:\WINDOWS\system32\dskquoui.dll
- 2004-08-04 07:56:42 367,616 ----a-w C:\WINDOWS\system32\dsound.dll
+ 2008-04-14 00:11:52 367,616 ----a-w C:\WINDOWS\system32\dsound.dll
- 2004-08-04 07:56:42 1,294,336 -c--a-w C:\WINDOWS\system32\dsound3d.dll
+ 2008-04-14 00:11:52 1,293,824 ----a-w C:\WINDOWS\system32\dsound3d.dll
- 2004-08-04 07:56:42 142,336 ----a-w C:\WINDOWS\system32\dsprop.dll
+ 2008-04-14 00:11:52 142,848 ----a-w C:\WINDOWS\system32\dsprop.dll
- 2004-08-04 07:56:04 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
+ 2008-04-13 17:09:30 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
- 2004-08-04 07:56:42 239,104 ----a-w C:\WINDOWS\system32\dsquery.dll
+ 2008-04-14 00:11:52 239,104 ----a-w C:\WINDOWS\system32\dsquery.dll
- 2004-08-04 07:56:42 51,200 ----a-w C:\WINDOWS\system32\dssec.dll
+ 2008-04-14 00:11:52 51,200 ----a-w C:\WINDOWS\system32\dssec.dll
- 2004-08-04 05:31:43 137,216 ----a-w C:\WINDOWS\system32\dssenh.dll
+ 2008-04-13 17:37:57 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
- 2004-08-04 07:56:42 113,152 ----a-w C:\WINDOWS\system32\dsuiext.dll
+ 2008-04-14 00:11:52 113,152 ----a-w C:\WINDOWS\system32\dsuiext.dll
- 2004-08-04 07:56:42 19,456 ----a-w C:\WINDOWS\system32\dswave.dll
+ 2008-04-14 00:11:52 19,456 ----a-w C:\WINDOWS\system32\dswave.dll
- 2004-08-04 07:56:48 10,752 ----a-w C:\WINDOWS\system32\dumprep.exe
+ 2008-04-14 00:12:18 10,752 ----a-w C:\WINDOWS\system32\dumprep.exe
- 2004-08-04 07:56:42 304,128 ----a-w C:\WINDOWS\system32\duser.dll
+ 2008-04-14 00:11:52 304,128 ----a-w C:\WINDOWS\system32\duser.dll
- 2004-08-04 07:56:48 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe
+ 2008-04-14 00:12:18 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe
- 2004-08-04 07:56:48 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe
+ 2008-04-14 00:12:18 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe
- 2004-08-04 07:56:42 619,008 -c--a-w C:\WINDOWS\system32\dx7vb.dll
+ 2008-04-14 00:11:52 619,008 ----a-w C:\WINDOWS\system32\dx7vb.dll
- 2004-08-04 07:56:42 1,227,264 -c--a-w C:\WINDOWS\system32\dx8vb.dll
+ 2008-04-14 00:11:52 1,227,264 ----a-w C:\WINDOWS\system32\dx8vb.dll
- 2004-08-04 07:56:48 1,298,432 -c--a-w C:\WINDOWS\system32\dxdiag.exe
+ 2008-04-14 00:12:18 1,298,432 ----a-w C:\WINDOWS\system32\dxdiag.exe
- 2004-08-04 07:56:42 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll
+ 2008-04-14 00:11:52 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll
- 2006-08-22 10:05:26 498,742 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ----a-w C:\WINDOWS\system32\dxmasf.dll
- 2007-12-07 01:07:12 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-14 00:11:52 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-12-07 01:07:12 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-14 00:11:52 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ------w C:\WINDOWS\system32\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w C:\WINDOWS\system32\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w C:\WINDOWS\system32\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w C:\WINDOWS\system32\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w C:\WINDOWS\system32\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w C:\WINDOWS\system32\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w C:\WINDOWS\system32\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w C:\WINDOWS\system32\eapsvc.dll
- 2004-08-04 07:56:42 183,296 ----a-w C:\WINDOWS\system32\els.dll
+ 2008-04-14 00:11:53 183,296 ----a-w C:\WINDOWS\system32\els.dll
+ 2008-04-14 00:11:57 28,672 ------w C:\WINDOWS\system32\en\microsoft.managementconsole.resources.dll
+ 2008-04-14 00:11:57 40,960 ------w C:\WINDOWS\system32\en\mmcex.resources.dll
+ 2008-04-14 00:11:57 6,656 ------w C:\WINDOWS\system32\en\mmcfxcommon.resources.dll
- 2004-08-04 07:56:42 20,480 ----a-w C:\WINDOWS\system32\encapi.dll
+ 2008-04-14 00:11:53 20,480 ----a-w C:\WINDOWS\system32\encapi.dll
- 2004-08-04 07:56:42 186,368 ----a-w C:\WINDOWS\system32\encdec.dll
+ 2008-04-14 00:11:53 186,880 ----a-w C:\WINDOWS\system32\encdec.dll
- 2004-08-04 07:56:42 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll
+ 2008-04-14 00:11:53 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll
- 2005-07-26 04:39:45 243,200 ----a-w C:\WINDOWS\system32\es.dll
+ 2008-04-14 00:11:53 246,272 ----a-w C:\WINDOWS\system32\es.dll
- 2005-10-20 22:20:03 1,082,368 ----a-w C:\WINDOWS\system32\esent.dll
+ 2008-04-14 00:11:53 1,082,368 ----a-w C:\WINDOWS\system32\esent.dll
- 2004-08-04 07:56:49 193,024 ----a-w C:\WINDOWS\system32\eudcedit.exe
+ 2008-04-14 00:12:19 193,024 ----a-w C:\WINDOWS\system32\eudcedit.exe
- 2004-08-04 07:56:42 55,808 ----a-w C:\WINDOWS\system32\eventlog.dll
+ 2008-04-14 00:11:53 56,320 ----a-w C:\WINDOWS\system32\eventlog.dll
- 2004-08-04 07:56:42 380,957 -c--a-w C:\WINDOWS\system32\expsrv.dll
+ 2008-04-14 00:11:53 380,445 ----a-w C:\WINDOWS\system32\expsrv.dll
- 2007-12-07 01:07:12 55,808 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-14 00:11:53 55,808 ------w C:\WINDOWS\system32\extmgr.dll
- 2004-08-04 07:56:49 45,568 ----a-w C:\WINDOWS\system32\extrac32.exe
+ 2008-04-14 00:12:19 24,064 ----a-w C:\WINDOWS\system32\extrac32.exe
- 2002-08-29 19:00:00 121,856 ----a-w C:\WINDOWS\system32\exts.dll
+ 2008-04-14 00:11:53 125,952 ----a-w C:\WINDOWS\system32\exts.dll
- 2002-08-29 12:00:00 7,168 ----a-w C:\WINDOWS\system32\f3ahvoas.dll
+ 2008-04-14 00:09:30 7,168 ----a-w C:\WINDOWS\system32\f3ahvoas.dll
- 2004-08-04 07:56:42 80,384 ----a-w C:\WINDOWS\system32\faultrep.dll
+ 2008-04-14 00:11:53 80,384 ----a-w C:\WINDOWS\system32\faultrep.dll
- 2004-08-04 07:56:49 20,992 ------w C:\WINDOWS\system32\faxpatch.exe
+ 2008-04-14 00:12:20 20,992 ------w C:\WINDOWS\system32\faxpatch.exe
- 2004-08-04 07:56:42 21,504 ----a-w C:\WINDOWS\system32\feclient.dll
+ 2008-04-14 00:11:53 21,504 ----a-w C:\WINDOWS\system32\feclient.dll
- 2004-08-04 07:56:42 337,920 -c--a-w C:\WINDOWS\system32\filemgmt.dll
+ 2008-04-14 00:11:53 337,920 ----a-w C:\WINDOWS\system32\filemgmt.dll
- 2004-08-04 07:56:49 27,136 ----a-w C:\WINDOWS\system32\findstr.exe
+ 2008-04-14 00:12:20 27,136 ----a-w C:\WINDOWS\system32\findstr.exe
- 2004-08-04 07:56:42 87,552 ----a-w C:\WINDOWS\system32\fldrclnr.dll
+ 2008-04-14 00:11:53 87,552 ----a-w C:\WINDOWS\system32\fldrclnr.dll
- 2006-08-21 12:21:06 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
+ 2008-04-14 00:11:53 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
- 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
+ 2008-04-14 00:12:20 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
- 2005-03-17 21:39:56 1,146,320 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2007-06-06 16:53:34 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2003-07-15 13:57:04 32,584 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
+ 2007-03-23 01:17:04 35,440 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
- 2007-09-16 18:13:05 205,712 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-08-02 00:00:25 205,712 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2004-08-04 07:56:42 382,976 ----a-w C:\WINDOWS\system32\fontext.dll
+ 2008-04-14 00:11:53 382,976 ----a-w C:\WINDOWS\system32\fontext.dll
- 2005-10-17 21:14:45 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
+ 2008-04-14 00:11:53 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
- 2004-08-04 07:56:49 20,992 ----a-w C:\WINDOWS\system32\fontview.exe
+ 2008-04-14 00:12:20 20,992 ----a-w C:\WINDOWS\system32\fontview.exe
- 2002-08-29 12:00:00 7,168 ----a-w C:\WINDOWS\system32\forcedos.exe
+ 2008-04-14 00:12:20 7,680 ----a-w C:\WINDOWS\system32\forcedos.exe
- 2002-08-29 12:00:00 25,600 ----a-w C:\WINDOWS\system32\format.com
+ 2008-04-14 00:12:42 29,696 ----a-w C:\WINDOWS\system32\format.com
- 2004-08-04 07:56:06 9,344 -c--a-w C:\WINDOWS\system32\framebuf.dll
+ 2008-04-14 00:09:33 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
- 2004-08-04 07:56:49 193,024 ------w C:\WINDOWS\system32\fsquirt.exe
+ 2008-04-14 00:12:20 193,024 ------w C:\WINDOWS\system32\fsquirt.exe
- 2004-08-04 07:56:49 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
+ 2008-04-14 00:12:20 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
- 2004-08-04 07:56:42 60,416 ------w C:\WINDOWS\system32\fwcfg.dll
+ 2008-04-14 00:11:53 60,416 ------w C:\WINDOWS\system32\fwcfg.dll
- 2004-08-04 07:56:42 452,096 ----a-w C:\WINDOWS\system32\fxsapi.dll
+ 2008-04-14 00:11:53 451,584 ----a-w C:\WINDOWS\system32\fxsapi.dll
- 2004-08-04 07:56:49 143,360 ----a-w C:\WINDOWS\system32\fxsclnt.exe
+ 2008-04-14 00:12:21 142,848 ----a-w C:\WINDOWS\system32\fxsclnt.exe
- 2004-08-04 07:56:42 72,192 ----a-w C:\WINDOWS\system32\fxscom.dll
+ 2008-04-14 00:11:54 72,192 ----a-w C:\WINDOWS\system32\fxscom.dll
- 2004-08-04 07:56:42 285,184 -c--a-w C:\WINDOWS\system32\fxscomex.dll
+ 2008-04-14 00:11:54 285,184 ----a-w C:\WINDOWS\system32\fxscomex.dll
- 2004-08-04 07:56:49 229,376 ----a-w C:\WINDOWS\system32\fxscover.exe
+ 2008-04-14 00:12:21 229,376 ----a-w C:\WINDOWS\system32\fxscover.exe
- 2004-08-04 07:56:42 27,136 ----a-w C:\WINDOWS\system32\fxsdrv.dll
+ 2008-04-14 00:11:54 26,624 ----a-w C:\WINDOWS\system32\fxsdrv.dll
- 2004-08-04 07:56:42 55,296 ----a-w C:\WINDOWS\system32\fxsevent.dll
+ 2008-04-14 00:11:54 55,296 ----a-w C:\WINDOWS\system32\fxsevent.dll
- 2004-08-04 07:56:42 23,552 ----a-w C:\WINDOWS\system32\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ----a-w C:\WINDOWS\system32\fxsext32.dll
- 2004-08-04 07:56:42 23,552 ----a-w C:\WINDOWS\system32\fxsmon.dll
+ 2008-04-14 00:11:54 23,552 ----a-w C:\WINDOWS\system32\fxsmon.dll
- 2004-08-04 07:56:42 8,704 ----a-w C:\WINDOWS\system32\fxsperf.dll
+ 2008-04-14 00:11:54 8,704 ----a-w C:\WINDOWS\system32\fxsperf.dll
- 2004-08-04 07:56:06 6,656 ----a-w C:\WINDOWS\system32\fxsres.dll
+ 2008-04-14 00:09:33 6,656 ----a-w C:\WINDOWS\system32\fxsres.dll
- 2004-08-04 07:56:42 562,176 ----a-w C:\WINDOWS\system32\fxsst.dll
+ 2008-04-14 00:11:54 562,176 ----a-w C:\WINDOWS\system32\fxsst.dll
- 2004-08-04 07:56:49 267,776 ----a-w C:\WINDOWS\system32\fxssvc.exe
+ 2008-04-14 00:12:21 267,776 ----a-w C:\WINDOWS\system32\fxssvc.exe
- 2004-08-04 07:56:42 246,272 -c--a-w C:\WINDOWS\system32\fxst30.dll
+ 2008-04-14 00:11:54 246,272 ----a-w C:\WINDOWS\system32\fxst30.dll
- 2004-08-04 07:56:42 397,312 ----a-w C:\WINDOWS\system32\fxstiff.dll
+ 2008-04-14 00:11:54 397,312 ----a-w C:\WINDOWS\system32\fxstiff.dll
- 2004-08-04 07:56:42 154,112 ----a-w C:\WINDOWS\system32\fxsui.dll
+ 2008-04-14 00:11:54 154,112 ----a-w C:\WINDOWS\system32\fxsui.dll
- 2004-08-04 07:56:42 192,512 ----a-w C:\WINDOWS\system32\fxswzrd.dll
+ 2008-04-14 00:11:54 192,512 ----a-w C:\WINDOWS\system32\fxswzrd.dll
- 2004-08-04 07:56:42 400,384 -c--a-w C:\WINDOWS\system32\fxsxp32.dll
+ 2008-04-14 00:11:54 400,384 ----a-w C:\WINDOWS\system32\fxsxp32.dll
- 2007-06-19 13:31:19 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-04-14 00:11:54 285,184 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2004-08-04 07:56:42 122,880 ----a-w C:\WINDOWS\system32\glu32.dll
+ 2008-04-14 00:11:54 122,880 ----a-w C:\WINDOWS\system32\glu32.dll
- 2004-08-04 07:56:07 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
+ 2006-12-31 01:26:44 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
- 2004-08-04 07:56:49 39,424 ----a-w C:\WINDOWS\system32\grpconv.exe
+ 2008-04-14 00:12:21 39,424 ----a-w C:\WINDOWS\system32\grpconv.exe

#9 crocolyle

crocolyle
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 04 August 2008 - 12:22 PM

Part 3:



- 2004-08-04 07:56:42 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll
+ 2008-04-14 00:11:54 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll
- 2004-08-04 05:59:09 131,968 -c--a-w C:\WINDOWS\system32\HAL.DLL
+ 2008-04-13 18:31:28 131,840 ----a-w C:\WINDOWS\system32\HAL.DLL
- 2004-08-04 07:56:42 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll
+ 2008-04-14 00:11:54 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll
- 2002-08-29 12:00:00 14,848 ----a-w C:\WINDOWS\system32\help.exe
+ 2008-04-14 00:12:21 15,872 ----a-w C:\WINDOWS\system32\help.exe
- 2005-05-27 02:04:27 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
+ 2008-04-14 00:11:54 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
- 2004-08-04 07:56:42 20,992 ----a-w C:\WINDOWS\system32\hid.dll
+ 2008-04-14 00:11:54 20,992 ----a-w C:\WINDOWS\system32\hid.dll
- 2006-07-21 08:24:43 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2008-04-14 00:11:54 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2004-08-04 07:56:42 344,064 ----a-w C:\WINDOWS\system32\hnetcfg.dll
+ 2008-04-14 00:11:54 344,064 ----a-w C:\WINDOWS\system32\hnetcfg.dll
- 2004-08-04 07:56:42 330,752 ----a-w C:\WINDOWS\system32\hnetwiz.dll
+ 2008-04-14 00:11:54 330,752 ----a-w C:\WINDOWS\system32\hnetwiz.dll
- 2004-08-04 07:56:42 144,896 ----a-w C:\WINDOWS\system32\hotplug.dll
+ 2008-04-14 00:11:54 144,896 ----a-w C:\WINDOWS\system32\hotplug.dll
- 2004-08-04 07:56:42 32,285 -c----w C:\WINDOWS\system32\hsfcisp2.dll
+ 2008-04-14 00:11:54 32,285 ------w C:\WINDOWS\system32\hsfcisp2.dll
- 2004-08-04 07:56:42 24,576 ------w C:\WINDOWS\system32\httpapi.dll
+ 2008-04-14 00:11:54 24,576 ------w C:\WINDOWS\system32\httpapi.dll
- 2004-08-04 07:56:42 41,984 ----a-w C:\WINDOWS\system32\htui.dll
+ 2008-04-14 00:11:54 41,984 ----a-w C:\WINDOWS\system32\htui.dll
- 2004-11-17 17:41:24 347,136 -c--a-w C:\WINDOWS\system32\hypertrm.dll
+ 2008-04-14 00:11:54 347,136 ----a-w C:\WINDOWS\system32\hypertrm.dll
- 2004-08-04 07:56:42 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll
+ 2008-04-14 00:11:54 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll
- 2004-08-04 07:56:42 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll
+ 2008-04-14 00:11:54 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll
- 2004-08-04 07:56:42 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll
+ 2008-04-14 00:11:54 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll
- 2005-06-29 01:46:00 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
+ 2008-04-14 00:11:54 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
- 2004-08-04 07:56:07 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
+ 2008-04-14 00:09:40 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
- 2004-08-04 07:56:42 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll
+ 2008-04-14 00:11:54 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll
- 2004-08-04 07:56:42 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll
+ 2008-04-14 00:11:54 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll
- 2004-08-04 07:56:42 120,832 ----a-w C:\WINDOWS\system32\idq.dll
+ 2008-04-14 00:11:54 120,832 ----a-w C:\WINDOWS\system32\idq.dll
- 2004-08-04 07:56:50 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-14 00:12:22 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-04 07:56:42 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-14 00:11:54 143,360 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-04 07:56:42 216,576 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-14 00:11:54 216,576 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2004-08-04 07:56:42 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-14 00:11:54 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-04 07:56:42 81,920 ------w C:\WINDOWS\system32\ieencode.dll
+ 2008-04-14 00:11:54 81,920 ------w C:\WINDOWS\system32\ieencode.dll
- 2007-12-07 01:07:12 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-04-14 00:11:54 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-04 07:56:42 48,640 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-14 00:11:54 48,640 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2004-08-04 07:56:42 62,976 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2008-04-14 00:11:54 62,976 ----a-w C:\WINDOWS\system32\iesetup.dll
- 2004-08-04 07:56:50 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe
+ 2008-04-14 00:12:22 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe
- 2004-08-04 07:56:42 135,680 ----a-w C:\WINDOWS\system32\ifmon.dll
+ 2008-04-14 00:11:54 135,680 ----a-w C:\WINDOWS\system32\ifmon.dll
- 2004-08-04 07:56:42 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll
+ 2008-04-14 00:11:54 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll
- 2004-08-04 07:56:42 81,920 ----a-w C:\WINDOWS\system32\ils.dll
+ 2008-04-14 00:11:54 81,920 ----a-w C:\WINDOWS\system32\ils.dll
- 2004-08-04 07:56:42 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll
+ 2008-04-14 00:11:54 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll
- 2004-08-04 07:56:50 150,016 ----a-w C:\WINDOWS\system32\imapi.exe
+ 2008-04-14 00:12:22 150,528 ----a-w C:\WINDOWS\system32\imapi.exe
- 2004-08-04 05:31:52 198,656 ----a-w C:\WINDOWS\system32\IME\CINTLGNT\CINTIME.DLL
+ 2008-04-14 00:09:06 198,656 ----a-w C:\WINDOWS\system32\IME\CINTLGNT\cintime.dll
- 2002-08-29 02:39:06 70,144 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\PINTLPHR.EXE
+ 2008-04-13 16:43:36 70,144 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\pintlphr.exe
- 2002-08-29 02:39:08 67,584 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\PMIGRATE.DLL
+ 2008-04-14 00:10:34 67,584 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\pmigrate.dll
- 2002-08-29 02:39:48 10,240 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TMIGRATE.DLL
+ 2008-04-14 00:10:59 10,240 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tmigrate.dll
- 2004-08-04 07:56:42 36,921 -c--a-w C:\WINDOWS\system32\imeshare.dll
+ 2008-04-14 00:11:54 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll
- 2004-08-04 07:56:42 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2008-04-14 00:11:54 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2004-08-04 05:31:48 811,064 -c--a-w C:\WINDOWS\system32\imjp81k.dll
+ 2008-04-14 00:09:44 811,064 ----a-w C:\WINDOWS\system32\imjp81k.dll
- 2004-08-04 07:56:42 110,080 ----a-w C:\WINDOWS\system32\imm32.dll
+ 2008-04-14 00:11:54 110,080 ----a-w C:\WINDOWS\system32\imm32.dll
- 2004-08-04 07:56:42 274,432 ----a-w C:\WINDOWS\system32\inetcfg.dll
+ 2008-04-14 00:11:54 274,432 ----a-w C:\WINDOWS\system32\inetcfg.dll
- 2007-08-21 06:15:44 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-14 00:11:54 691,712 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2004-08-04 07:56:42 33,280 ----a-w C:\WINDOWS\system32\inetmib1.dll
+ 2008-04-14 00:11:55 32,768 ----a-w C:\WINDOWS\system32\inetmib1.dll
- 2004-08-04 07:56:42 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll
+ 2008-04-14 00:11:55 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll
- 2004-08-04 07:56:42 15,872 ----a-w C:\WINDOWS\system32\inetppui.dll
+ 2008-04-14 00:11:55 15,872 ----a-w C:\WINDOWS\system32\inetppui.dll
- 2004-08-04 07:56:08 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
+ 2008-04-13 16:22:12 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
- 2004-08-04 07:56:42 147,456 ----a-w C:\WINDOWS\system32\initpki.dll
+ 2008-04-14 00:11:55 147,456 ----a-w C:\WINDOWS\system32\initpki.dll
- 2004-08-04 07:56:42 123,392 ----a-w C:\WINDOWS\system32\input.dll
+ 2008-04-14 00:11:55 123,392 ----a-w C:\WINDOWS\system32\input.dll
- 2007-12-07 01:07:12 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-04-14 00:11:55 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
- 2004-08-04 07:56:50 55,808 ----a-w C:\WINDOWS\system32\ipconfig.exe
+ 2008-04-14 00:12:22 55,808 ----a-w C:\WINDOWS\system32\ipconfig.exe
- 2006-05-19 12:59:41 94,720 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2008-04-14 00:11:55 94,720 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2002-08-29 12:00:00 154,112 ----a-w C:\WINDOWS\system32\ipmontr.dll
+ 2008-04-14 00:11:55 161,280 ----a-w C:\WINDOWS\system32\ipmontr.dll
- 2004-08-04 07:56:42 331,264 ----a-w C:\WINDOWS\system32\ipnathlp.dll
+ 2008-04-14 00:11:55 331,264 ----a-w C:\WINDOWS\system32\ipnathlp.dll
- 2004-08-04 07:56:42 330,752 ----a-w C:\WINDOWS\system32\ippromon.dll
+ 2008-04-14 00:11:55 330,752 ----a-w C:\WINDOWS\system32\ippromon.dll
- 2002-08-29 12:00:00 169,984 ----a-w C:\WINDOWS\system32\iprtrmgr.dll
+ 2008-04-14 00:11:55 177,152 ----a-w C:\WINDOWS\system32\iprtrmgr.dll
- 2004-08-04 07:56:42 349,696 -c--a-w C:\WINDOWS\system32\ipsecsnp.dll
+ 2008-04-14 00:11:55 349,696 ----a-w C:\WINDOWS\system32\ipsecsnp.dll
- 2004-08-04 07:56:42 182,784 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
+ 2008-04-14 00:11:55 183,808 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
- 2004-08-04 07:56:42 384,000 -c--a-w C:\WINDOWS\system32\ipsmsnap.dll
+ 2008-04-14 00:11:55 384,000 ----a-w C:\WINDOWS\system32\ipsmsnap.dll
- 2004-08-04 07:56:50 53,248 ----a-w C:\WINDOWS\system32\ipv6.exe
+ 2008-04-14 00:12:23 53,248 ----a-w C:\WINDOWS\system32\ipv6.exe
- 2004-08-04 07:56:42 59,904 ----a-w C:\WINDOWS\system32\ipv6mon.dll
+ 2008-04-14 00:11:55 59,904 ----a-w C:\WINDOWS\system32\ipv6mon.dll
- 2004-08-04 07:56:50 23,552 ----a-w C:\WINDOWS\system32\ipxroute.exe
+ 2008-04-14 00:12:23 23,552 ----a-w C:\WINDOWS\system32\ipxroute.exe
- 2002-08-29 12:00:00 20,992 ----a-w C:\WINDOWS\system32\ipxwan.dll
+ 2008-04-14 00:11:55 22,016 ----a-w C:\WINDOWS\system32\ipxwan.dll
- 2004-08-04 07:56:42 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll
+ 2008-04-14 00:11:55 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll
- 2004-08-04 07:56:42 338,432 -c--a-w C:\WINDOWS\system32\ir41_qcx.dll
+ 2008-04-14 00:11:55 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll
- 2004-08-04 07:56:42 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
+ 2008-04-14 00:11:55 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
- 2002-12-20 16:40:58 200,192 -c--a-w C:\WINDOWS\system32\ir50_qc.dll
+ 2008-04-14 00:11:55 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll
- 2002-12-20 16:40:58 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll
+ 2008-04-14 00:11:55 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll
- 2004-08-04 07:56:42 81,920 ----a-w C:\WINDOWS\system32\isign32.dll
+ 2008-04-14 00:11:55 81,920 ----a-w C:\WINDOWS\system32\isign32.dll
- 2004-08-04 07:56:42 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll
+ 2008-04-14 00:11:55 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll
- 2005-05-27 02:04:27 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
+ 2008-04-14 00:11:55 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
- 2005-05-27 02:04:27 137,216 ----a-w C:\WINDOWS\system32\itss.dll
+ 2008-04-14 00:11:55 138,240 ----a-w C:\WINDOWS\system32\itss.dll
- 2004-08-04 07:56:42 54,272 ----a-w C:\WINDOWS\system32\ixsso.dll
+ 2008-04-14 00:11:55 54,272 ----a-w C:\WINDOWS\system32\ixsso.dll
- 2004-08-04 08:56:42 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
+ 2008-04-14 00:11:55 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
- 2004-04-01 07:28:09 24,681 -c--a-w C:\WINDOWS\system32\java.exe
+ 2008-06-10 07:21:01 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2004-04-01 07:28:09 28,779 -c--a-w C:\WINDOWS\system32\javaw.exe
+ 2008-06-10 07:21:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-06-10 08:32:34 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2006-06-01 18:47:07 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
+ 2008-04-14 00:11:55 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
- 2006-06-01 18:47:07 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
+ 2008-04-14 00:11:55 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
- 2007-11-14 07:26:56 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2008-05-09 10:53:39 512,000 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-12-07 01:07:12 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-14 00:11:56 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2005-05-24 18:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 21:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 21:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2002-08-29 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbd101.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbd101.dll
- 2001-08-17 19:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbd106.dll
- 2002-08-29 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbd106n.dll
- 2002-08-29 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdbhc.dll
- 2004-08-04 07:56:10 7,168 ------w C:\WINDOWS\system32\kbdfi1.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\system32\kbdfi1.dll
- 2002-08-29 12:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdibm02.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdibm02.dll
- 2004-08-04 07:56:10 6,144 ------w C:\WINDOWS\system32\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdinbe1.dll
- 2004-08-04 07:56:10 6,656 ------w C:\WINDOWS\system32\kbdinben.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdinben.dll
- 2004-08-04 07:56:10 6,656 ------w C:\WINDOWS\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,656 ------w C:\WINDOWS\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdiultn.dll
- 2002-08-29 12:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,656 ----a-w C:\WINDOWS\system32\kbdlk41a.dll
- 2002-08-29 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdlk41j.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdlk41j.dll
- 2004-08-04 07:56:10 5,632 ------w C:\WINDOWS\system32\kbdmaori.dll
+ 2008-04-14 00:09:55 5,632 ------w C:\WINDOWS\system32\kbdmaori.dll
- 2004-08-04 07:56:10 6,144 ------w C:\WINDOWS\system32\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdmlt47.dll
- 2004-08-04 07:56:10 6,144 ------w C:\WINDOWS\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdmlt48.dll
- 2002-08-29 12:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdnepr.dll
- 2004-08-04 07:56:10 7,168 ------w C:\WINDOWS\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdpash.dll
- 2004-08-04 07:56:10 7,680 ------w C:\WINDOWS\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ------w C:\WINDOWS\system32\kbdsmsfi.dll
- 2004-08-04 07:56:10 7,680 ------w C:\WINDOWS\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ------w C:\WINDOWS\system32\kbdsmsno.dll
- 2004-08-04 07:56:10 7,168 ------w C:\WINDOWS\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ------w C:\WINDOWS\system32\kbdukx.dll
+ 2008-07-21 13:21:34 32,768 ----a-w C:\WINDOWS\system32\kBin19\kBin191065.exe
- 2004-08-04 05:59:23 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
- 2005-06-15 17:49:30 295,936 ----a-w C:\WINDOWS\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w C:\WINDOWS\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2002-08-29 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\keyboard.drv
- 2004-08-04 07:56:42 150,528 ----a-w C:\WINDOWS\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w C:\WINDOWS\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ------w C:\WINDOWS\system32\kmsvc.dll
- 2004-08-04 07:56:42 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w C:\WINDOWS\system32\l2gpstore.dll
- 2007-03-16 00:19:28 1,476,992 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-21 00:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
- 2004-08-04 05:56:44 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
+ 2008-04-14 11:41:58 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
- 2004-08-04 07:56:42 22,016 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2008-04-14 00:11:56 22,016 ----a-w C:\WINDOWS\system32\licmgr10.dll
- 2004-08-04 07:56:42 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll
- 2005-09-01 01:41:53 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
- 2004-08-04 07:56:42 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll
- 2004-08-04 07:56:42 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll
- 2004-08-04 07:56:42 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
- 2004-08-04 07:56:42 221,696 ----a-w C:\WINDOWS\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w C:\WINDOWS\system32\localsec.dll
- 2004-08-04 07:56:42 341,504 ----a-w C:\WINDOWS\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w C:\WINDOWS\system32\localspl.dll
- 2004-08-04 07:56:42 11,776 ----a-w C:\WINDOWS\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w C:\WINDOWS\system32\localui.dll
- 2004-08-04 07:56:50 75,264 ----a-w C:\WINDOWS\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w C:\WINDOWS\system32\locator.exe
- 2004-08-04 07:56:50 59,392 ------w C:\WINDOWS\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ------w C:\WINDOWS\system32\logman.exe
- 2004-08-04 07:56:57 220,672 ----a-w C:\WINDOWS\system32\logon.scr
+ 2008-04-14 00:12:43 220,672 ----a-w C:\WINDOWS\system32\logon.scr
- 2004-08-04 07:56:50 514,560 ----a-w C:\WINDOWS\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w C:\WINDOWS\system32\logonui.exe
- 2004-08-04 07:56:42 22,016 ----a-w C:\WINDOWS\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w C:\WINDOWS\system32\lpk.dll
- 2004-08-04 07:56:42 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll
- 2007-11-07 09:26:56 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2004-08-04 07:56:50 13,312 ----a-w C:\WINDOWS\system32\lsass.exe
+ 2008-04-14 00:12:24 13,312 ----a-w C:\WINDOWS\system32\lsass.exe
+ 2002-08-29 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
- 2007-06-10 01:40:47 48,238 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-05-11 21:44:51 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
- 2004-08-04 07:56:50 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
+ 2008-04-14 00:12:24 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
- 2004-08-04 07:56:50 85,504 ----a-w C:\WINDOWS\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w C:\WINDOWS\system32\makecab.exe
- 2004-08-04 07:56:42 14,848 ----a-w C:\WINDOWS\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w C:\WINDOWS\system32\mcastmib.dll
- 2004-08-04 07:56:42 84,480 ----a-w C:\WINDOWS\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w C:\WINDOWS\system32\mciavi32.dll
- 2004-08-04 07:56:42 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll
- 2004-08-04 07:56:42 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll
- 2004-08-04 07:56:42 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll
- 2004-03-22 22:17:05 24,816 ----a-w C:\WINDOWS\system32\mdimon.dll
+ 2007-04-09 19:23:54 28,040 ----a-w C:\WINDOWS\system32\mdimon.dll
- 2004-08-04 07:56:42 118,272 ----a-w C:\WINDOWS\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w C:\WINDOWS\system32\mdminst.dll
- 2004-08-04 07:56:42 86,016 ------w C:\WINDOWS\system32\mdmxsdk.dll
+ 2008-04-14 00:11:56 86,016 ------w C:\WINDOWS\system32\mdmxsdk.dll
- 2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
- 2004-08-04 07:56:42 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll
- 2004-08-04 07:56:42 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll
- 2004-08-04 07:56:42 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ------w C:\WINDOWS\system32\microsoft.managementconsole.dll
- 2004-08-04 07:56:42 18,944 ----a-w C:\WINDOWS\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w C:\WINDOWS\system32\midimap.dll
- 2004-08-04 07:56:42 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll
- 2002-08-29 12:00:00 18,944 ----a-w C:\WINDOWS\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w C:\WINDOWS\system32\mimefilt.dll
- 2004-08-04 07:56:42 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
- 2004-08-04 07:56:51 815,104 ----a-w C:\WINDOWS\system32\mmc.exe
+ 2008-04-14 00:12:25 1,414,656 ----a-w C:\WINDOWS\system32\mmc.exe
- 2004-08-04 07:56:42 70,656 ----a-w C:\WINDOWS\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w C:\WINDOWS\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w C:\WINDOWS\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ------w C:\WINDOWS\system32\mmcfxcommon.dll
- 2004-08-04 07:56:42 1,192,960 -c--a-w C:\WINDOWS\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w C:\WINDOWS\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w C:\WINDOWS\system32\mmcperf.exe
- 2004-08-04 07:56:42 50,688 ----a-w C:\WINDOWS\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w C:\WINDOWS\system32\mmcshext.dll
- 2004-08-04 07:56:42 17,408 ----a-w C:\WINDOWS\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w C:\WINDOWS\system32\mmfutil.dll
- 2004-08-04 07:56:42 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll
- 2004-08-04 07:56:51 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
- 2004-08-04 07:56:42 207,360 -c--a-w C:\WINDOWS\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w C:\WINDOWS\system32\mobsync.dll
- 2004-08-04 07:56:51 143,360 ----a-w C:\WINDOWS\system32\mobsync.exe
+ 2008-04-14 00:12:26 143,360 ----a-w C:\WINDOWS\system32\mobsync.exe
- 2004-08-04 07:56:42 153,600 ----a-w C:\WINDOWS\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w C:\WINDOWS\system32\modemui.dll
- 2002-08-29 12:00:00 15,872 ----a-w C:\WINDOWS\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w C:\WINDOWS\system32\more.com
- 2004-08-04 07:56:11 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
+ 2002-08-29 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\mouse.drv
- 2004-08-04 07:56:52 123,392 ----a-w C:\WINDOWS\system32\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w C:\WINDOWS\system32\mplay32.exe
- 2004-08-04 07:56:42 59,904 ----a-w C:\WINDOWS\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w C:\WINDOWS\system32\mpr.dll
- 2004-08-04 07:56:42 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
- 2002-08-29 12:00:00 49,152 ----a-w C:\WINDOWS\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w C:\WINDOWS\system32\mprdim.dll
- 2008-03-05 16:30:54 19,148,408 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-06-25 16:15:46 17,972,344 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-08-04 07:56:42 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll
- 2004-08-04 07:56:12 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
+ 2008-04-14 00:10:06 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
- 2004-08-04 07:56:42 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll
- 2004-08-04 07:56:42 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll
- 2005-06-29 01:46:00 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
+ 2008-04-14 00:11:58 73,728 ----a-w C:\WINDOWS\system32\mscms.dll
- 2004-08-04 07:56:42 69,632 ----a-w C:\WINDOWS\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w C:\WINDOWS\system32\msconf.dll
- 2004-08-04 07:56:12 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
+ 2008-04-13 17:26:07 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
- 2004-08-04 07:56:42 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dll
+ 2008-04-14 00:11:58 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dll
- 2004-08-04 07:56:42 294,400 ----a-w C:\WINDOWS\system32\msctf.dll
+ 2008-04-14 00:11:58 297,984 ----a-w C:\WINDOWS\system32\msctf.dll
- 2004-08-04 07:56:42 69,120 ----a-w C:\WINDOWS\system32\msctfp.dll
+ 2008-04-14 00:11:58 68,608 ----a-w C:\WINDOWS\system32\msctfp.dll
- 2004-08-04 07:56:42 118,784 ------w C:\WINDOWS\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ------w C:\WINDOWS\system32\msdadiag.dll
- 2004-08-04 07:56:43 151,552 ----a-w C:\WINDOWS\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w C:\WINDOWS\system32\msdart.dll
- 2004-08-04 07:56:43 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll
- 2004-08-04 07:56:53 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
- 2004-08-04 07:56:43 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll
- 2006-03-01 19:42:42 426,496 -c--a-w C:\WINDOWS\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w C:\WINDOWS\system32\msdtcprx.dll
- 2006-03-01 19:42:42 956,416 -c--a-w C:\WINDOWS\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w C:\WINDOWS\system32\msdtctm.dll
- 2006-03-01 19:42:42 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
- 2004-08-04 07:56:13 4,126 -c--a-w C:\WINDOWS\system32\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
- 2004-08-04 07:56:43 512,029 -c--a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-04 07:56:43 319,517 -c--a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2006-11-27 14:54:06 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2004-08-04 07:56:43 994,304 ----a-w C:\WINDOWS\system32\msgina.dll
+ 2008-04-14 00:11:59 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
- 2004-08-04 07:56:43 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll
- 2004-08-04 07:56:57 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
- 2004-08-04 08:56:58 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2004-08-04 07:56:53 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2008-04-14 00:12:27 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
- 2007-12-07 14:37:14 3,059,200 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-21 06:44:29 3,066,880 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-12-07 01:07:13 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-14 00:11:59 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-04 07:56:14 56,832 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2008-04-13 16:26:26 56,832 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-04 07:56:43 51,712 ----a-w C:\WINDOWS\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w C:\WINDOWS\system32\msident.dll
- 2004-08-04 07:56:43 6,656 ----a-w C:\WINDOWS\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w C:\WINDOWS\system32\msidle.dll
- 2004-08-04 07:56:43 248,832 -c--a-w C:\WINDOWS\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w C:\WINDOWS\system32\msieftp.dll
- 2005-05-04 19:45:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2008-04-14 00:12:28 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2005-05-04 19:45:36 271,360 -c--a-w C:\WINDOWS\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2004-08-04 07:56:43 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll
- 2005-05-04 19:45:36 884,736 -c--a-w C:\WINDOWS\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2004-08-04 07:56:43 159,232 ----a-w C:\WINDOWS\system32\msimtf.dll
+ 2008-04-14 00:11:59 159,232 ----a-w C:\WINDOWS\system32\msimtf.dll
- 2005-05-04 19:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
- 2004-08-04 07:56:43 1,507,356 -c--a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-07-17 18:34:46 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-04 07:56:43 151,583 -c--a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-04 07:56:43 53,279 -c--a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-04 07:56:43 241,693 -c--a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-04 07:56:43 25,088 ----a-w C:\WINDOWS\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w C:\WINDOWS\system32\mslbui.dll
- 2004-08-04 07:56:43 213,023 -c--a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-04 07:56:43 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll
- 2004-08-04 07:56:43 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll
- 2004-08-04 07:56:43 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll
- 2004-08-04 07:56:18 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
- 2004-08-04 07:56:43 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll
- 2004-08-04 07:56:53 343,040 ----a-w C:\WINDOWS\system32\mspaint.exe
+ 2008-04-14 00:12:28 343,040 ----a-w C:\WINDOWS\system32\mspaint.exe
- 2004-08-04 07:56:43 30,208 ----a-w C:\WINDOWS\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w C:\WINDOWS\system32\mspatcha.dll
- 2004-08-04 07:56:43 348,189 -c--a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2004-08-04 07:56:18 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
- 2007-12-07 01:07:13 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-14 00:12:00 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-08-04 07:56:43 421,919 -c--a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-04 07:56:43 315,423 -c--a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-04 07:56:43 552,989 -c--a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-04 07:56:43 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll
- 2004-08-04 07:56:43 134,656 ----a-w C:\WINDOWS\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w C:\WINDOWS\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w C:\WINDOWS\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w C:\WINDOWS\system32\msshavmsg.dll
- 2004-08-04 07:56:43 274,944 ----a-w C:\WINDOWS\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w C:\WINDOWS\system32\mstask.dll
- 2004-08-04 07:56:43 258,077 -c--a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2007-12-07 01:07:13 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-14 00:12:00 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-04 07:56:53 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe
- 2004-08-04 07:56:43 115,712 ----a-w C:\WINDOWS\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w C:\WINDOWS\system32\mstlsapi.dll
- 2004-08-04 05:59:40 407,552 ----a-w C:\WINDOWS\system32\mstsc.exe
+ 2008-04-14 00:12:23 677,888 ----a-w C:\WINDOWS\system32\mstsc.exe
- 2004-08-04 05:59:43 655,360 ----a-w C:\WINDOWS\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w C:\WINDOWS\system32\mstscax.dll
- 2004-08-04 07:56:43 195,072 ----a-w C:\WINDOWS\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w C:\WINDOWS\system32\msutb.dll
- 2004-08-04 07:56:43 129,536 ----a-w C:\WINDOWS\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w C:\WINDOWS\system32\msv1_0.dll
- 2004-08-04 07:56:43 1,392,671 ----a-w C:\WINDOWS\system32\msvbvm60.dll
+ 2008-04-14 00:12:00 1,384,479 ----a-w C:\WINDOWS\system32\msvbvm60.dll
- 2004-08-04 07:56:43 54,784 ----a-w C:\WINDOWS\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w C:\WINDOWS\system32\msvcirt.dll
- 2004-08-04 07:56:43 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll
- 2004-08-04 07:56:43 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
- 2004-08-04 05:58:25 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
- 2004-08-04 07:56:43 120,832 ----a-w C:\WINDOWS\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w C:\WINDOWS\system32\msvfw32.dll
- 2004-08-04 07:56:43 1,428,480 -c--a-w C:\WINDOWS\system32\msvidctl.dll
+ 2008-04-14 00:12:01 1,428,992 ----a-w C:\WINDOWS\system32\msvidctl.dll
- 2004-08-04 07:56:43 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll
- 2004-08-04 07:56:44 831,519 -c--a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-04 07:56:44 204,288 ----a-w C:\WINDOWS\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w C:\WINDOWS\system32\mswebdvd.dll
- 2004-08-04 07:56:44 614,429 -c--a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-04 07:56:44 348,189 -c--a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
- 2004-08-04 07:56:44 506,368 -c--a-w C:\WINDOWS\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w C:\WINDOWS\system32\msxml.dll
- 2004-08-04 07:56:44 701,440 -c--a-w C:\WINDOWS\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w C:\WINDOWS\system32\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
- 2004-08-04 08:56:44 17,408 ----a-w C:\WINDOWS\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w C:\WINDOWS\system32\msyuv.dll
- 2006-03-01 19:42:42 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
- 2002-08-29 12:00:00 20,480 ----a-w C:\WINDOWS\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w C:\WINDOWS\system32\mtxdm.dll
- 2002-08-29 12:00:00 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll
- 2002-08-29 12:00:00 25,088 ----a-w C:\WINDOWS\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w C:\WINDOWS\system32\mtxlegih.dll
- 2006-03-01 19:42:42 91,136 ----a-w C:\WINDOWS\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w C:\WINDOWS\system32\mtxoci.dll
- 2004-08-04 07:56:44 1,737,856 -c----w C:\WINDOWS\system32\mtxparhd.dll
+ 2008-04-14 00:12:01 1,737,856 ------w C:\WINDOWS\system32\mtxparhd.dll
- 2004-08-04 07:56:22 405,504 ------w C:\WINDOWS\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ------w C:\WINDOWS\system32\mui\041b\xpob2res.dll
- 2004-08-04 07:56:29 193,024 ------w C:\WINDOWS\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ------w C:\WINDOWS\system32\mui\041b\xpsp1res.dll
- 2004-08-04 07:56:29 757,248 -c----w C:\WINDOWS\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ------w C:\WINDOWS\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ------w C:\WINDOWS\system32\mui\041b\xpsp3res.dll
- 2004-08-04 07:56:36 187,392 ------w C:\WINDOWS\system32\mui\041e\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ------w C:\WINDOWS\system32\mui\041e\xpsp1res.dll
- 2004-08-04 07:56:36 2,897,920 -c----w C:\WINDOWS\system32\mui\041e\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ------w C:\WINDOWS\system32\mui\041e\xpsp2res.dll
- 2004-08-04 07:56:22 408,576 -c----w C:\WINDOWS\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ------w C:\WINDOWS\system32\mui\0424\xpob2res.dll
- 2004-08-04 07:56:29 192,512 ------w C:\WINDOWS\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ------w C:\WINDOWS\system32\mui\0424\xpsp1res.dll
- 2004-08-04 07:56:30 732,160 -c----w C:\WINDOWS\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ------w C:\WINDOWS\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ------w C:\WINDOWS\system32\mui\0424\xpsp3res.dll
- 2004-08-04 07:56:44 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
+ 2008-04-14 00:12:01 30,208 ------w C:\WINDOWS\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w C:\WINDOWS\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w C:\WINDOWS\system32\napstat.exe
- 2004-08-04 07:56:54 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
+ 2008-04-14 00:12:29 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
- 2004-08-04 07:56:44 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll
- 2004-08-04 07:56:44 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll
- 2004-08-04 07:56:54 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe
- 2004-08-04 07:56:44 18,944 ----a-w C:\WINDOWS\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w C:\WINDOWS\system32\nddenb32.dll
- 2004-08-04 07:56:54 42,496 ----a-w C:\WINDOWS\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w C:\WINDOWS\system32\net.exe
- 2004-08-04 07:56:54 124,928 ----a-w C:\WINDOWS\system32\net1.exe
+ 2008-04-14 00:12:29 124,928 ----a-w C:\WINDOWS\system32\net1.exe
- 2006-08-17 12:28:27 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2008-04-14 00:12:01 337,408 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2004-08-04 07:56:44 622,080 ----a-w C:\WINDOWS\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w C:\WINDOWS\system32\netcfgx.dll
- 2004-08-04 07:56:54 111,104 ----a-w C:\WINDOWS\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w C:\WINDOWS\system32\netdde.exe
- 2004-08-04 07:56:44 139,264 ----a-w C:\WINDOWS\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w C:\WINDOWS\system32\netid.dll
- 2004-08-04 07:56:44 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll
- 2005-08-22 18:29:46 197,632 ----a-w C:\WINDOWS\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w C:\WINDOWS\system32\netman.dll
- 2004-08-04 07:56:44 875,008 -c--a-w C:\WINDOWS\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w C:\WINDOWS\system32\netplwiz.dll
- 2004-08-04 07:56:44 12,288 ----a-w C:\WINDOWS\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w C:\WINDOWS\system32\netrap.dll
- 2004-08-04 08:02:44 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
+ 2008-04-14 00:16:51 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
- 2004-08-04 07:56:54 86,016 ----a-w C:\WINDOWS\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w C:\WINDOWS\system32\netsh.exe
- 2004-08-04 07:56:44 1,708,032 ----a-w C:\WINDOWS\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w C:\WINDOWS\system32\netshell.dll
- 2004-08-04 07:56:54 36,864 ----a-w C:\WINDOWS\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w C:\WINDOWS\system32\netstat.exe
- 2004-08-04 07:56:44 80,896 ----a-w C:\WINDOWS\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w C:\WINDOWS\system32\netui0.dll
- 2004-08-04 07:56:44 245,760 ----a-w C:\WINDOWS\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w C:\WINDOWS\system32\netui1.dll
- 2004-08-04 07:56:44 248,832 ----a-w C:\WINDOWS\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w C:\WINDOWS\system32\newdev.dll
- 2004-08-04 07:56:44 103,936 ----a-w C:\WINDOWS\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w C:\WINDOWS\system32\nlhtml.dll
- 2004-08-04 07:56:44 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll
- 2004-08-04 07:56:54 69,120 ----a-w C:\WINDOWS\system32\notepad.exe
+ 2008-04-14 00:12:29 69,120 ----a-w C:\WINDOWS\system32\notepad.exe
- 2004-08-04 07:56:44 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll
- 2004-08-04 07:56:54 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe
- 2004-08-04 07:56:44 54,784 ----a-w C:\WINDOWS\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w C:\WINDOWS\system32\npptools.dll
- 2004-08-04 07:56:54 76,800 ----a-w C:\WINDOWS\system32\nslookup.exe
+ 2008-04-14 00:12:29 76,800 ----a-w C:\WINDOWS\system32\nslookup.exe
- 2004-08-04 07:56:36 708,096 ----a-w C:\WINDOWS\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w C:\WINDOWS\system32\ntdll.dll
- 2004-08-04 07:56:44 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll
- 2007-02-28 08:38:55 2,057,600 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,065,792 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2004-08-04 07:56:44 43,520 ----a-w C:\WINDOWS\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w C:\WINDOWS\system32\ntlanman.dll
- 2004-08-04 07:56:44 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll
- 2004-08-04 07:56:44 118,784 ----a-w C:\WINDOWS\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w C:\WINDOWS\system32\ntmarta.dll
- 2004-08-04 07:56:44 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll
- 2004-08-04 07:56:44 179,712 ----a-w C:\WINDOWS\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w C:\WINDOWS\system32\ntmsdba.dll
- 2004-08-04 07:56:44 488,448 ----a-w C:\WINDOWS\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w C:\WINDOWS\system32\ntmsmgr.dll
- 2004-08-04 07:56:44 435,200 ----a-w C:\WINDOWS\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w C:\WINDOWS\system32\ntmssvc.dll
- 2007-02-28 09:10:57 2,180,352 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2008-04-13 19:27:53 2,188,928 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2004-08-04 07:56:44 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
- 2004-08-04 07:56:44 143,872 ----a-w C:\WINDOWS\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w C:\WINDOWS\system32\ntshrui.dll
- 2004-08-04 07:56:54 419,840 ----a-w C:\WINDOWS\system32\ntvdm.exe
+ 2008-04-14 00:12:30 420,864 ----a-w C:\WINDOWS\system32\ntvdm.exe
- 2002-08-29 12:00:00 13,312 ----a-w C:\WINDOWS\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\ntvdmd.dll
- 2004-08-04 07:56:44 4,274,816 -c----w C:\WINDOWS\system32\nv4_disp.dll
+ 2008-04-14 00:12:02 4,274,816 ------w C:\WINDOWS\system32\nv4_disp.dll
- 2006-10-13 12:35:12 142,336 ----a-w C:\WINDOWS\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w C:\WINDOWS\system32\nwprovau.dll
- 2004-08-04 07:56:44 266,752 ----a-w C:\WINDOWS\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w C:\WINDOWS\system32\oakley.dll
- 2004-08-04 07:56:44 285,696 ----a-w C:\WINDOWS\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w C:\WINDOWS\system32\objsel.dll
- 2004-08-04 07:56:44 96,256 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-14 00:12:02 96,256 ----a-w C:\WINDOWS\system32\occache.dll
- 2002-08-29 12:00:00 60,928 ----a-w C:\WINDOWS\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\ocmanage.dll
- 2004-08-04 07:56:44 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll
- 2004-08-04 07:56:44 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll
- 2004-08-04 07:56:54 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe
+ 2008-04-14 00:12:30 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe
- 2004-08-04 07:56:44 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll
- 2004-08-04 07:56:44 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll
- 2004-08-04 07:56:54 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe
- 2004-08-04 07:56:44 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll
- 2004-08-04 07:56:44 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll
- 2004-08-04 07:56:44 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll
- 2004-08-04 07:56:22 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
- 2004-08-04 07:56:22 53,279 -c--a-w C:\WINDOWS\system32\odbcji32.dll
+ 2008-04-14 00:10:31 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
- 2004-08-04 07:56:44 278,559 -c--a-w C:\WINDOWS\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll
- 2004-08-04 07:56:22 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
- 2004-08-04 07:56:44 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll
- 2004-08-04 07:56:44 20,511 -c--a-w C:\WINDOWS\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll
- 2004-08-04 07:56:44 20,510 -c--a-w C:\WINDOWS\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll
- 2004-08-04 07:56:44 20,510 -c--a-w C:\WINDOWS\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll
- 2004-08-04 07:56:44 20,510 -c--a-w C:\WINDOWS\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll
- 2004-08-04 07:56:44 20,511 -c--a-w C:\WINDOWS\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll
- 2004-08-04 07:56:44 120,832 ----a-w C:\WINDOWS\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w C:\WINDOWS\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w C:\WINDOWS\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w C:\WINDOWS\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w C:\WINDOWS\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w C:\WINDOWS\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2004-08-04 07:56:44 107,008 ----a-w C:\WINDOWS\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w C:\WINDOWS\system32\oleprn.dll
- 2004-08-04 07:56:44 83,456 ----a-w C:\WINDOWS\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w C:\WINDOWS\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w C:\WINDOWS\system32\onex.dll
- 2004-08-04 07:56:43 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll
- 2004-08-04 07:56:43 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll
- 2004-08-04 07:56:43 561,664 -c--a-w C:\WINDOWS\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w C:\WINDOWS\system32\oobe\msobmain.dll
- 2004-08-04 07:56:43 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll
- 2004-08-04 07:56:43 18,944 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll
- 2002-08-29 12:00:00 28,160 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe
- 2004-08-04 07:56:54 51,200 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe
- 2004-08-04 07:56:44 713,728 -c--a-w C:\WINDOWS\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll
- 2004-08-04 07:56:55 215,552 ----a-w C:\WINDOWS\system32\osk.exe
+ 2008-04-14 00:12:31 215,552 ----a-w C:\WINDOWS\system32\osk.exe
- 2004-08-04 07:56:44 67,584 ----a-w C:\WINDOWS\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\osuninst.dll
- 2004-08-04 07:56:44 116,224 ------w C:\WINDOWS\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ------w C:\WINDOWS\system32\p2p.dll
- 2004-08-04 07:56:44 86,016 ------w C:\WINDOWS\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ------w C:\WINDOWS\system32\p2pgasvc.dll
- 2004-08-04 07:56:44 312,320 -c----w C:\WINDOWS\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ------w C:\WINDOWS\system32\p2pgraph.dll
- 2004-08-04 07:56:44 88,064 ------w C:\WINDOWS\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ------w C:\WINDOWS\system32\p2pnetsh.dll
- 2004-08-04 07:56:44 526,848 -c----w C:\WINDOWS\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ------w C:\WINDOWS\system32\p2psvc.dll
- 2004-08-04 07:56:55 58,368 ----a-w C:\WINDOWS\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w C:\WINDOWS\system32\packager.exe
- 2004-08-04 07:56:44 62,976 ----a-w C:\WINDOWS\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\pautoenr.dll
- 2004-08-04 07:56:44 283,648 ----a-w C:\WINDOWS\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w C:\WINDOWS\system32\pdh.dll
- 2008-03-22 02:49:47 54,280 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-08-02 00:03:49 54,280 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2004-08-04 07:56:44 39,936 ----a-w C:\WINDOWS\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w C:\WINDOWS\system32\perfctrs.dll
- 2004-08-04 07:56:44 26,624 ----a-w C:\WINDOWS\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w C:\WINDOWS\system32\perfdisk.dll
- 2008-03-22 02:49:48 384,596 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-08-02 00:03:50 384,596 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2004-08-04 07:56:55 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe
- 2002-08-29 12:00:00 16,896 ----a-w C:\WINDOWS\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w C:\WINDOWS\system32\perfnet.dll
- 2004-08-04 07:56:44 25,088 ----a-w C:\WINDOWS\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w C:\WINDOWS\system32\perfos.dll
- 2004-08-04 07:56:44 34,816 ----a-w C:\WINDOWS\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w C:\WINDOWS\system32\perfproc.dll
+ 2008-04-14 00:12:02 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll
- 2004-08-04 07:56:44 176,128 ----a-w C:\WINDOWS\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w C:\WINDOWS\system32\photowiz.dll
- 2004-08-04 07:56:44 35,328 ----a-w C:\WINDOWS\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w C:\WINDOWS\system32\pid.dll
- 2004-08-04 06:04:41 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
+ 2008-04-13 18:35:22 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
- 2004-08-04 07:56:55 17,920 ----a-w C:\WINDOWS\system32\ping.exe
+ 2008-04-14 00:12:31 17,920 ----a-w C:\WINDOWS\system32\ping.exe
- 2004-08-04 07:56:44 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
- 2007-12-07 01:07:13 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-14 00:12:02 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-04 07:56:44 48,640 ------w C:\WINDOWS\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ------w C:\WINDOWS\system32\pnrpnsp.dll
- 2004-08-04 07:56:44 105,472 ----a-w C:\WINDOWS\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w C:\WINDOWS\system32\polstore.dll
- 2004-08-04 07:56:55 49,152 ------w C:\WINDOWS\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ------w C:\WINDOWS\system32\powercfg.exe
- 2004-08-04 07:56:44 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll
- 2004-08-04 07:56:44 560,640 ----a-w C:\WINDOWS\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w C:\WINDOWS\system32\printui.dll
- 2004-08-04 07:56:44 27,648 ----a-w C:\WINDOWS\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w C:\WINDOWS\system32\profmap.dll
- 2004-08-04 07:56:55 109,568 ----a-w C:\WINDOWS\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w C:\WINDOWS\system32\progman.exe
- 2004-08-04 07:56:55 50,176 ----a-w C:\WINDOWS\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w C:\WINDOWS\system32\proquota.exe
- 2004-08-04 07:56:55 9,216 ------w C:\WINDOWS\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ------w C:\WINDOWS\system32\proxycfg.exe
- 2004-08-04 07:56:44 23,040 ----a-w C:\WINDOWS\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w C:\WINDOWS\system32\psapi.dll
- 2004-08-04 07:56:44 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
- 2004-08-04 07:56:44 363,520 -c--a-w C:\WINDOWS\system32\psisdecd.dll
+ 2008-04-14 00:12:03 363,520 ----a-w C:\WINDOWS\system32\psisdecd.dll
- 2004-08-04 07:56:44 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll
- 2004-08-04 07:56:44 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 150,528 ------w C:\WINDOWS\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w C:\WINDOWS\system32\qagentrt.dll
- 2004-08-04 07:56:44 192,512 ----a-w C:\WINDOWS\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w C:\WINDOWS\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w C:\WINDOWS\system32\qcliprov.dll
- 2004-08-04 07:56:44 279,040 ----a-w C:\WINDOWS\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w C:\WINDOWS\system32\qdv.dll
- 2004-08-04 07:56:44 385,024 ----a-w C:\WINDOWS\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w C:\WINDOWS\system32\qdvd.dll
- 2004-08-04 07:56:44 562,176 ----a-w C:\WINDOWS\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w C:\WINDOWS\system32\qedit.dll
- 2004-08-04 07:56:24 733,696 -c--a-w C:\WINDOWS\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
- 2004-08-04 07:56:44 382,464 ----a-w C:\WINDOWS\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w C:\WINDOWS\system32\qmgr.dll
- 2004-08-04 07:56:44 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
- 2004-08-04 07:56:55 20,480 ----a-w C:\WINDOWS\system32\qprocess.exe
+ 2008-04-14 00:12:32 19,968 ----a-w C:\WINDOWS\system32\qprocess.exe
- 2006-06-22 05:06:30 1,435,648 ----a-w C:\WINDOWS\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w C:\WINDOWS\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ------w C:\WINDOWS\system32\qutil.dll
- 2004-08-04 07:56:44 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w C:\WINDOWS\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w C:\WINDOWS\system32\rasadhlp.dll
- 2004-08-04 07:56:44 236,544 ----a-w C:\WINDOWS\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\rasapi32.dll
- 2004-08-04 07:56:44 89,088 ----a-w C:\WINDOWS\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w C:\WINDOWS\system32\rasauto.dll
- 2004-08-04 07:56:44 69,632 ----a-w C:\WINDOWS\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w C:\WINDOWS\system32\raschap.dll
- 2004-08-04 07:56:44 657,920 ----a-w C:\WINDOWS\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w C:\WINDOWS\system32\rasdlg.dll
- 2004-08-04 07:56:44 61,440 ----a-w C:\WINDOWS\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w C:\WINDOWS\system32\rasman.dll
- 2006-05-14 08:44:08 181,248 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2004-08-04 07:56:55 56,832 ----a-w C:\WINDOWS\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w C:\WINDOWS\system32\rasphone.exe
- 2004-08-04 07:56:44 206,336 ----a-w C:\WINDOWS\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w C:\WINDOWS\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ------w C:\WINDOWS\system32\rasqec.dll
- 2004-08-04 07:56:44 16,896 ----a-w C:\WINDOWS\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w C:\WINDOWS\system32\rassapi.dll
- 2004-08-04 07:56:44 58,880 ----a-w C:\WINDOWS\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w C:\WINDOWS\system32\rastapi.dll
- 2004-08-04 07:56:44 112,128 ----a-w C:\WINDOWS\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w C:\WINDOWS\system32\rastls.dll
- 2004-08-04 07:56:44 102,400 ----a-w C:\WINDOWS\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w C:\WINDOWS\system32\rcbdyctl.dll
- 2004-08-04 07:56:55 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe
+ 2008-04-14 00:12:32 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe
- 2004-08-04 07:56:55 21,504 ----a-w C:\WINDOWS\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w C:\WINDOWS\system32\rcp.exe
- 2004-08-04 07:56:44 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll
- 2004-08-04 07:56:55 62,464 ----a-w C:\WINDOWS\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w C:\WINDOWS\system32\rdpclip.exe
- 2004-08-04 08:01:07 92,168 -c--a-w C:\WINDOWS\system32\rdpdd.dll
+ 2008-04-14 00:13:22 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
- 2004-08-04 07:56:44 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll
- 2004-08-04 08:01:08 87,176 -c--a-w C:\WINDOWS\system32\rdpwsx.dll
+ 2008-04-14 00:13:22 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
- 2004-08-04 07:56:55 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe
- 2004-08-04 07:56:55 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe
- 2004-08-04 07:56:55 50,176 ----a-w C:\WINDOWS\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w C:\WINDOWS\system32\reg.exe
- 2004-08-04 07:56:44 49,664 ----a-w C:\WINDOWS\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w C:\WINDOWS\system32\regapi.dll
- 2004-08-04 07:56:44 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll
- 2004-08-04 07:56:55 11,776 ----a-w C:\WINDOWS\system32\regsvr32.exe
+ 2008-04-14 00:12:32 11,776 ----a-w C:\WINDOWS\system32\regsvr32.exe
- 2004-08-04 07:56:44 397,824 -c--a-w C:\WINDOWS\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w C:\WINDOWS\system32\regwizc.dll
+ 2004-08-04 05:59:19 36,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\intelppm.sys
+ 2002-08-29 12:00:00 35,840 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\isapnp.sys
+ 2004-08-04 05:59:20 37,376 ----a-w C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\amdk7.sys
- 2004-08-04 07:56:44 60,416 ----a-w C:\WINDOWS\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w C:\WINDOWS\system32\remotepg.dll
- 2004-08-04 07:56:55 380,416 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 380,416 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
- 2004-08-04 07:56:44 58,880 ----a-w C:\WINDOWS\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w C:\WINDOWS\system32\resutils.dll
- 2004-08-04 07:56:55 13,824 ----a-w C:\WINDOWS\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w C:\WINDOWS\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ------w C:\WINDOWS\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w C:\WINDOWS\system32\riched20.dll
- 2007-07-09 13:09:42 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w C:\WINDOWS\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w C:\WINDOWS\system32\rpcss.dll
- 2004-08-04 05:31:43 152,576 ----a-w C:\WINDOWS\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
- 2004-08-04 07:56:55 14,848 ----a-w C:\WINDOWS\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w C:\WINDOWS\system32\rsh.exe
- 2004-08-04 07:56:44 39,936 ----a-w C:\WINDOWS\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w C:\WINDOWS\system32\rshx32.dll
- 2004-08-04 07:56:44 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll
- 2002-08-29 12:00:00 90,112 ----a-w C:\WINDOWS\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w C:\WINDOWS\system32\rsvpsp.dll
- 2004-08-04 07:56:55 77,312 ----a-w C:\WINDOWS\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w C:\WINDOWS\system32\rtcshare.exe
- 2004-08-04 07:56:44 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll
- 2004-08-04 07:56:44 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll
- 2004-08-04 07:56:55 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
+ 2008-04-14 00:12:33 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
- 2004-08-04 07:56:55 14,336 ----a-w C:\WINDOWS\system32\runonce.exe
+ 2008-04-14 00:12:33 14,336 ----a-w C:\WINDOWS\system32\runonce.exe
- 2004-08-04 07:56:44 397,056 -c----w C:\WINDOWS\system32\s3gnb.dll
+ 2008-04-14 00:12:04 397,056 ------w C:\WINDOWS\system32\s3gnb.dll
+ 2005-03-21 17:00:24 4,096 ----a-w C:\WINDOWS\system32\sabprocenum.sys
- 2004-08-04 07:56:44 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll
- 2004-08-04 07:56:44 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll
- 2004-08-04 07:56:44 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll
- 2004-08-04 07:56:44 64,000 ----a-w C:\WINDOWS\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w C:\WINDOWS\system32\samlib.dll
- 2004-08-04 07:56:44 415,744 ----a-w C:\WINDOWS\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w C:\WINDOWS\system32\samsrv.dll
- 2004-08-04 07:56:55 13,312 ----a-w C:\WINDOWS\system32\savedump.exe
+ 2008-04-14 00:12:33 13,312 ----a-w C:\WINDOWS\system32\savedump.exe
- 2004-08-04 07:56:44 270,848 ----a-w C:\WINDOWS\system32\sbe.dll
+ 2008-04-14 00:12:04 270,848 ----a-w C:\WINDOWS\system32\sbe.dll
- 2004-08-04 07:56:44 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll
- 2004-08-04 07:56:44 69,632 ----a-w C:\WINDOWS\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w C:\WINDOWS\system32\scarddlg.dll
- 2004-08-04 07:56:55 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
- 2004-08-04 07:56:44 171,008 -c--a-w C:\WINDOWS\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w C:\WINDOWS\system32\sccsccp.dll
- 2004-08-04 07:56:44 180,224 ----a-w C:\WINDOWS\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w C:\WINDOWS\system32\scecli.dll
- 2004-08-04 07:56:44 313,856 ----a-w C:\WINDOWS\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w C:\WINDOWS\system32\scesrv.dll
- 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2008-04-14 00:12:05 144,384 ----a-w C:\WINDOWS\system32\schannel.dll
- 2004-08-04 07:56:44 190,976 ----a-w C:\WINDOWS\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w C:\WINDOWS\system32\schedsvc.dll
- 2004-08-04 07:56:44 20,992 ----a-w C:\WINDOWS\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w C:\WINDOWS\system32\sclgntfy.dll
- 2004-08-04 07:56:57 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr
+ 2008-04-14 00:12:43 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr
- 2004-08-04 07:56:55 77,312 ----a-w C:\WINDOWS\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w C:\WINDOWS\system32\sdbinst.exe
- 2004-08-04 07:56:44 29,184 ------w C:\WINDOWS\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ------w C:\WINDOWS\system32\sdhcinst.dll
- 2004-08-04 07:56:44 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll
- 2004-08-04 07:56:44 55,808 ----a-w C:\WINDOWS\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w C:\WINDOWS\system32\secur32.dll
- 2004-08-04 07:56:44 5,632 ----a-w C:\WINDOWS\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w C:\WINDOWS\system32\security.dll
- 2004-08-04 07:56:44 29,184 ----a-w C:\WINDOWS\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w C:\WINDOWS\system32\sendcmsg.dll
- 2004-08-04 07:56:44 55,296 ----a-w C:\WINDOWS\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w C:\WINDOWS\system32\sendmail.dll
- 2004-08-04 07:56:44 38,912 ----a-w C:\WINDOWS\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w C:\WINDOWS\system32\sens.dll
- 2004-08-04 07:56:44 6,656 ----a-w C:\WINDOWS\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w C:\WINDOWS\system32\sensapi.dll
- 2004-08-04 07:56:44 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll
- 2004-08-04 07:56:55 108,032 ----a-w C:\WINDOWS\system32\services.exe
+ 2008-04-14 00:12:34 108,544 ----a-w C:\WINDOWS\system32\services.exe
- 2004-08-04 07:56:56 140,800 ----a-w C:\WINDOWS\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w C:\WINDOWS\system32\sessmgr.exe
- 2004-08-04 07:56:56 31,232 ----a-w C:\WINDOWS\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w C:\WINDOWS\system32\sethc.exe
- 2004-08-04 07:56:56 23,040 ----a-w C:\WINDOWS\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w C:\WINDOWS\system32\setup.exe
- 2002-08-29 12:00:00 259,584 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll
- 2004-08-04 07:56:42 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll
- 2004-08-04 07:56:42 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll
- 2004-08-04 07:56:42 505,344 ----a-w C:\WINDOWS\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w C:\WINDOWS\system32\Setup\iis.dll
- 2002-08-29 12:00:00 115,712 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w C:\WINDOWS\system32\Setup\koc.dll
- 2002-08-29 12:00:00 82,432 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll
- 2004-08-04 07:56:43 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll
- 2004-08-04 07:56:44 77,312 ----a-w C:\WINDOWS\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w C:\WINDOWS\system32\Setup\netoc.dll
- 2004-08-04 07:56:44 62,976 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll
- 2004-08-04 07:56:44 15,872 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll
- 2004-08-04 07:56:44 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll
- 2004-08-04 07:56:44 101,376 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll
- 2004-08-04 07:56:45 22,016 ----a-w C:\WINDOWS\system32\Setup\startoc.dll
+ 2008-04-14 00:12:07 26,624 ----a-w C:\WINDOWS\system32\Setup\startoc.dll
- 2004-08-04 07:56:46 121,856 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll
- 2004-08-04 05:56:46 983,552 ----a-w C:\WINDOWS\system32\setupapi.dll
+ 2008-04-14 11:42:06 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
- 2004-08-04 07:56:44 5,120 ----a-w C:\WINDOWS\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w C:\WINDOWS\system32\sfc.dll
- 2004-08-04 07:56:44 140,288 ----a-w C:\WINDOWS\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w C:\WINDOWS\system32\sfc_os.dll
- 2004-08-04 07:56:45 1,580,544 ----a-w C:\WINDOWS\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w C:\WINDOWS\system32\sfcfiles.dll
- 2004-08-04 07:56:27 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
- 2007-12-07 01:07:13 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2007-10-26 03:36:51 8,454,656 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2008-04-14 00:12:05 8,461,312 ----a-w C:\WINDOWS\system32\shell32.dll
- 2004-08-04 07:56:45 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll
- 2004-08-04 07:56:45 68,096 ----a-w C:\WINDOWS\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w C:\WINDOWS\system32\shgina.dll
- 2004-08-04 07:56:45 65,536 ----a-w C:\WINDOWS\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w C:\WINDOWS\system32\shimeng.dll
- 2004-08-04 07:56:45 438,272 ----a-w C:\WINDOWS\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w C:\WINDOWS\system32\shimgvw.dll
- 2007-12-07 01:07:13 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-04 07:56:45 151,552 ----a-w C:\WINDOWS\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w C:\WINDOWS\system32\shmedia.dll
- 2004-08-04 07:56:56 42,496 ----a-w C:\WINDOWS\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w C:\WINDOWS\system32\shmgrate.exe
- 2004-08-04 07:56:56 77,824 ----a-w C:\WINDOWS\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w C:\WINDOWS\system32\shrpubw.exe
- 2004-08-04 07:56:45 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
- 2004-08-04 07:56:56 19,456 ----a-w C:\WINDOWS\system32\shutdown.exe
+ 2008-04-14 00:12:35 19,456 ----a-w C:\WINDOWS\system32\shutdown.exe
- 2004-08-04 07:56:45 13,312 ----a-w C:\WINDOWS\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w C:\WINDOWS\system32\sigtab.dll
- 2004-08-04 07:56:56 70,144 ----a-w C:\WINDOWS\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w C:\WINDOWS\system32\sigverif.exe
- 2004-08-04 07:56:56 26,112 ----a-w C:\WINDOWS\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w C:\WINDOWS\system32\skeys.exe
- 2004-08-04 07:56:45 25,088 ----a-w C:\WINDOWS\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w C:\WINDOWS\system32\slayerxp.dll
- 2004-08-04 07:56:45 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
- 2004-08-04 07:56:45 73,832 -c----w C:\WINDOWS\system32\slcoinst.dll
+ 2008-04-14 00:12:06 73,832 ------w C:\WINDOWS\system32\slcoinst.dll
- 2004-08-04 07:56:45 286,792 -c----w C:\WINDOWS\system32\slextspk.dll
+ 2008-04-14 00:12:06 286,792 ------w C:\WINDOWS\system32\slextspk.dll
- 2004-08-04 07:56:45 188,508 -c----w C:\WINDOWS\system32\slgen.dll
+ 2008-04-14 00:12:06 188,508 ------w C:\WINDOWS\system32\slgen.dll
- 2004-08-04 07:56:56 32,866 -c----w C:\WINDOWS\system32\slrundll.exe
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\system32\slrundll.exe
- 2004-08-04 07:56:56 73,796 -c----w C:\WINDOWS\system32\slserv.exe
+ 2008-04-14 00:12:35 73,796 ------w C:\WINDOWS\system32\slserv.exe
- 2004-08-04 07:56:56 8,192 ------w C:\WINDOWS\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ------w C:\WINDOWS\system32\smbinst.exe
- 2004-08-04 07:56:45 363,008 -c--a-w C:\WINDOWS\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w C:\WINDOWS\system32\smlogcfg.dll
- 2004-08-04 07:56:56 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
- 2004-08-04 07:56:56 50,688 ----a-w C:\WINDOWS\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w C:\WINDOWS\system32\smss.exe
- 2004-08-04 07:56:56 131,584 ----a-w C:\WINDOWS\system32\sndrec32.exe
+ 2008-04-14 00:12:36 131,584 ----a-w C:\WINDOWS\system32\sndrec32.exe
- 2004-08-04 07:56:45 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll
- 2004-08-04 07:56:45 182,272 ----a-w C:\WINDOWS\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w C:\WINDOWS\system32\snmpsnap.dll
- 2002-08-29 12:00:00 23,552 ----a-w C:\WINDOWS\system32\sort.exe
+ 2008-04-14 00:12:36 24,576 ----a-w C:\WINDOWS\system32\sort.exe
+ 2002-08-29 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\sound.drv
- 2004-08-04 07:56:56 8,192 ----a-w C:\WINDOWS\system32\spdwnwxp.exe
+ 2008-04-14 00:12:36 7,680 ----a-w C:\WINDOWS\system32\spdwnwxp.exe
- 2004-08-04 07:56:57 538,624 ----a-w C:\WINDOWS\system32\spider.exe
+ 2008-04-14 00:12:36 538,624 ----a-w C:\WINDOWS\system32\spider.exe
- 2006-09-25 23:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2004-08-04 05:56:58 11,776 ------w C:\WINDOWS\system32\spnpinst.exe
+ 2008-04-14 11:42:38 11,264 ------w C:\WINDOWS\system32\spnpinst.exe
- 2004-08-04 07:56:42 452,096 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsapi.dll
+ 2008-04-14 00:11:53 451,584 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsapi.dll
- 2004-08-04 07:56:42 27,136 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsdrv.dll
+ 2008-04-14 00:11:54 26,624 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsdrv.dll
- 2004-08-04 07:56:06 6,656 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsres.dll
+ 2008-04-14 00:09:33 6,656 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsres.dll
- 2004-08-04 07:56:42 397,312 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxstiff.dll
+ 2008-04-14 00:11:54 397,312 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxstiff.dll
- 2004-08-04 07:56:42 154,112 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsui.dll
+ 2008-04-14 00:11:54 154,112 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsui.dll
- 2004-08-04 07:56:42 192,512 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxswzrd.dll
+ 2008-04-14 00:11:54 192,512 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxswzrd.dll
- 2004-03-22 22:17:02 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2007-04-09 19:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2004-03-22 22:17:08 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2007-04-09 19:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
- 2004-03-22 22:17:02 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
+ 2007-04-09 19:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
- 2004-03-22 22:17:08 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
+ 2007-04-09 19:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
- 2004-03-22 22:17:06 25,840 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2007-04-09 19:23:54 28,552 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
- 2004-08-04 07:56:45 74,752 ----a-w C:\WINDOWS\system32\spoolss.dll
+ 2008-04-14 00:12:06 75,264 ----a-w C:\WINDOWS\system32\spoolss.dll
- 2005-06-10 23:53:32 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
+ 2008-04-14 00:12:36 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
- 2006-09-25 23:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2007-08-11 02:46:18 26,488 ----a-w C:\WINDOWS\system32\spupdsvc.exe
- 2004-08-04 07:56:57 21,504 ------w C:\WINDOWS\system32\spupdwxp.exe
+ 2008-04-14 00:12:36 20,992 ------w C:\WINDOWS\system32\spupdwxp.exe
- 2004-08-04 07:56:45 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll
- 2004-08-04 07:56:45 180,800 -c--a-w C:\WINDOWS\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll
- 2004-08-04 07:56:45 67,584 ----a-w C:\WINDOWS\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w C:\WINDOWS\system32\srclient.dll
- 2004-08-04 07:56:45 239,104 ----a-w C:\WINDOWS\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w C:\WINDOWS\system32\srrstr.dll
- 2004-08-04 07:56:45 170,496 ----a-w C:\WINDOWS\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w C:\WINDOWS\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
- 2004-08-04 07:56:57 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
- 2004-08-04 07:56:57 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
- 2004-08-04 07:56:45 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
- 2004-08-04 07:56:45 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
- 2004-08-04 07:56:57 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
- 2004-08-04 07:56:57 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
- 2004-08-04 07:56:57 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
- 2004-08-04 07:56:57 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
- 2004-08-04 07:56:57 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
- 2004-08-04 07:56:57 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
- 2004-08-04 07:56:57 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
- 2002-08-29 12:00:00 54,272 ----a-w C:\WINDOWS\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w C:\WINDOWS\system32\stclient.dll
- 2004-08-04 07:56:45 67,584 ----a-w C:\WINDOWS\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w C:\WINDOWS\system32\sti.dll
- 2004-08-04 07:56:45 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
- 2004-08-04 07:56:57 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
- 2004-08-04 07:56:45 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
- 2004-08-04 07:56:45 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
- 2006-08-21 15:52:08 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2004-08-04 07:56:45 75,776 ------w C:\WINDOWS\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ------w C:\WINDOWS\system32\strmfilt.dll
- 2004-08-04 07:56:57 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
- 2004-08-04 07:56:46 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
- 2004-08-04 07:56:46 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
- 2004-08-04 07:56:57 105,984 ----a-w C:\WINDOWS\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w C:\WINDOWS\system32\sysocmgr.exe
- 2004-08-04 07:56:46 984,576 ----a-w C:\WINDOWS\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w C:\WINDOWS\system32\syssetup.dll
- 2005-10-17 21:14:46 118,272 ----a-w C:\WINDOWS\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w C:\WINDOWS\system32\t2embed.dll
- 2004-08-04 07:56:46 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
- 2004-08-04 07:56:46 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w C:\WINDOWS\system32\tapisrv.dll
- 2004-08-04 07:56:57 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
- 2004-08-04 07:56:46 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
- 2004-08-04 07:56:46 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
- 2004-08-04 07:56:46 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
- 2004-08-04 07:56:46 358,400 -c--a-w C:\WINDOWS\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w C:\WINDOWS\system32\termmgr.dll
- 2004-08-04 07:56:46 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
- 2004-08-04 07:56:46 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
- 2004-08-04 07:56:57 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
- 2004-08-04 07:56:57 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
- 2002-08-29 12:00:00 11,264 ----a-w C:\WINDOWS\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w C:\WINDOWS\system32\tree.com
- 2004-08-04 07:56:46 90,624 ----a-w C:\WINDOWS\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w C:\WINDOWS\system32\trkwks.dll
- 2004-08-04 07:56:46 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
- 2004-08-04 08:01:07 12,168 -c--a-w C:\WINDOWS\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
- 2004-08-04 07:56:46 44,032 ------w C:\WINDOWS\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ------w C:\WINDOWS\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
- 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2004-08-04 07:56:46 25,600 ----a-w C:\WINDOWS\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w C:\WINDOWS\system32\udhisapi.dll
- 2004-08-04 07:56:46 275,456 -c--a-w C:\WINDOWS\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w C:\WINDOWS\system32\ulib.dll
- 2004-08-04 07:56:46 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2005-03-01 17:27:04 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
- 2004-08-04 06:04:11 76,288 ----a-w C:\WINDOWS\system32\uniime.dll
+ 2008-04-14 00:11:01 76,288 ----a-w C:\WINDOWS\system32\uniime.dll
- 2004-08-04 07:56:46 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
- 2004-08-04 07:56:46 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
- 2004-08-04 07:56:46 316,416 -c--a-w C:\WINDOWS\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w C:\WINDOWS\system32\untfs.dll
- 2004-08-04 07:56:46 132,608 ----a-w C:\WINDOWS\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w C:\WINDOWS\system32\upnp.dll
- 2004-08-04 07:56:57 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2004-08-04 07:56:46 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
- 2004-08-04 07:56:57 18,432 ----a-w C:\WINDOWS\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w C:\WINDOWS\system32\ups.exe
- 2004-08-04 07:56:46 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-14 00:12:08 37,888 ----a-w C:\WINDOWS\system32\url.dll
- 2007-12-07 01:07:14 615,424 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-14 00:12:08 619,520 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-04 07:56:46 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
- 2004-08-04 07:56:46 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w C:\WINDOWS\system32\user32.dll
- 2004-08-04 07:56:46 723,456 ----a-w C:\WINDOWS\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w C:\WINDOWS\system32\userenv.dll
- 2004-08-04 07:56:57 24,576 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\system32\usmt\cobramsg.dll
- 2004-08-04 07:56:42 123,904 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w C:\WINDOWS\system32\usmt\guitrna.dll
- 2004-08-04 07:56:42 4,096 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
- 2004-08-04 07:56:42 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
- 2004-08-04 07:56:42 201,216 -c--a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w C:\WINDOWS\system32\usmt\migisma.dll
- 2004-08-04 07:56:50 103,424 ----a-w C:\WINDOWS\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w C:\WINDOWS\system32\usmt\migload.exe
- 2004-08-04 07:56:51 240,128 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w C:\WINDOWS\system32\usmt\migwiza.exe
- 2004-08-04 07:56:44 202,752 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w C:\WINDOWS\system32\usmt\scripta.dll
- 2004-08-04 07:56:46 168,960 -c--a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w C:\WINDOWS\system32\usmt\sysmoda.dll
- 2004-08-04 07:56:46 406,528 ----a-w C:\WINDOWS\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w C:\WINDOWS\system32\usp10.dll
- 2004-08-04 07:56:57 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
- 2004-08-04 07:56:46 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
- 2004-08-04 07:56:46 30,749 -c--a-w C:\WINDOWS\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
- 2004-08-04 07:56:46 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
- 2004-08-04 07:56:46 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ------w C:\WINDOWS\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ------w C:\WINDOWS\system32\verclsid.exe
- 2002-08-29 12:00:00 13,312 ----a-w C:\WINDOWS\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w C:\WINDOWS\system32\verifier.dll
- 2004-08-04 07:56:46 18,944 ----a-w C:\WINDOWS\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\version.dll
- 2004-08-04 08:56:46 53,760 ----a-w C:\WINDOWS\system32\vfwwdm32.dll
+ 2008-04-14 00:12:08 53,760 ----a-w C:\WINDOWS\system32\vfwwdm32.dll
+ 2002-08-29 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\vga.drv
- 2004-08-04 07:56:46 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
- 2004-08-04 07:56:57 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
- 2004-08-04 07:56:46 174,592 ----a-w C:\WINDOWS\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w C:\WINDOWS\system32\w32time.dll
- 2004-08-04 07:56:46 15,872 ------w C:\WINDOWS\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ------w C:\WINDOWS\system32\w3ssl.dll
- 2004-08-04 06:07:32 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
- 2002-08-29 12:00:00 208,896 ----a-w C:\WINDOWS\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w C:\WINDOWS\system32\wavemsp.dll
- 2004-08-04 07:56:41 1,352,192 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
- 2004-08-04 07:56:42 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
- 2004-08-04 07:56:42 22,016 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
- 2004-08-04 07:56:42 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
- 2004-08-04 07:56:42 185,856 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
- 2004-08-04 07:56:42 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
- 2004-08-04 07:56:51 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
- 2004-08-04 07:56:42 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
- 2004-08-04 07:56:44 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
- 2004-08-04 07:56:44 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
- 2004-08-04 07:56:44 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
- 2004-08-04 07:56:44 177,152 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
- 2004-08-04 07:56:55 36,864 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
- 2004-08-04 07:56:45 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
- 2004-08-04 07:56:46 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
- 2004-08-04 07:56:46 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
- 2004-08-04 07:56:46 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
- 2004-08-04 07:56:46 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
- 2004-08-04 07:56:46 530,944 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
- 2004-08-04 07:56:46 178,176 -c--a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
- 2004-08-04 07:56:46 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
- 2004-08-04 07:56:46 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
- 2004-08-04 07:56:46 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
- 2004-08-04 07:56:46 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
- 2004-08-04 07:56:57 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
- 2004-08-04 07:56:46 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
- 2004-08-04 07:56:57 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
- 2004-08-04 07:56:35 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
- 2004-08-04 07:56:46 89,088 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
- 2004-08-04 07:56:57 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
- 2004-08-04 07:56:46 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
- 2004-08-04 07:56:46 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
- 2004-08-04 07:56:46 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
- 2004-08-04 07:56:46 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
- 2004-08-04 07:56:46 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
- 2004-08-04 07:56:46 62,976 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
- 2004-08-04 07:56:46 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
- 2004-08-04 07:56:46 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
- 2004-08-04 07:56:57 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
- 2004-08-04 07:56:46 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
- 2004-08-04 07:56:46 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
- 2004-08-04 07:56:46 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
- 2004-08-04 07:56:46 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
- 2004-08-04 07:56:57 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2004-08-04 07:56:46 276,480 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-14 00:12:08 276,480 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2006-01-04 03:35:05 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
- 2004-08-04 07:56:46 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
- 2004-08-04 07:56:57 65,536 ----a-w C:\WINDOWS\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w C:\WINDOWS\system32\wextract.exe
- 2004-08-04 07:56:57 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
- 2004-08-04 07:56:46 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
- 2004-08-04 07:56:46 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
- 2004-08-04 07:56:46 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2004-08-04 07:56:46 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
- 2004-08-04 07:56:46 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
- 2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-04-13 19:30:10 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
- 2004-08-04 07:56:46 101,888 ----a-w C:\WINDOWS\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w C:\WINDOWS\system32\win32spl.dll
- 2004-08-04 07:56:35 937,984 ----a-w C:\WINDOWS\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
- 2004-08-04 07:56:46 351,232 ----a-w C:\WINDOWS\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w C:\WINDOWS\system32\winhttp.dll
- 2007-12-07 01:07:14 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-04-21 06:44:29 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
- 2004-08-04 07:56:46 32,768 ----a-w C:\WINDOWS\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w C:\WINDOWS\system32\winipsec.dll
- 2004-08-04 07:56:57 502,272 ----a-w C:\WINDOWS\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w C:\WINDOWS\system32\winlogon.exe
- 2004-08-04 07:56:46 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
- 2004-08-04 07:56:35 764,928 -c--a-w C:\WINDOWS\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w C:\WINDOWS\system32\winntbbu.dll
- 2004-08-04 07:56:46 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
- 2004-08-04 07:56:46 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
- 2004-08-04 07:56:46 17,408 ------w C:\WINDOWS\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ------w C:\WINDOWS\system32\winshfhc.dll
+ 2002-08-29 12:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
- 2004-08-04 07:56:57 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2002-08-29 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\winspool.exe
- 2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2004-08-04 07:56:46 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
- 2004-08-04 07:56:46 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
- 2004-08-04 07:56:57 5,632 ----a-w C:\WINDOWS\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w C:\WINDOWS\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
- 2004-08-04 07:56:46 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
- 2004-08-04 07:56:46 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
- 2004-08-04 07:56:35 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
- 2004-08-04 07:56:46 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
- 2004-08-04 07:56:46 303,616 -c--a-w C:\WINDOWS\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll
- 2004-08-04 07:56:46 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
+ 2002-08-29 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\wowdeb.exe
- 2004-08-04 07:56:57 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
- 2004-08-04 07:56:57 32,256 ----a-w C:\WINDOWS\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w C:\WINDOWS\system32\wpnpinst.exe
- 2004-08-04 07:56:46 82,944 ----a-w C:\WINDOWS\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w C:\WINDOWS\system32\ws2_32.dll
- 2004-08-04 07:56:46 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
- 2004-08-04 07:56:57 13,824 ------w C:\WINDOWS\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
- 2004-08-04 07:56:46 81,408 ------w C:\WINDOWS\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w C:\WINDOWS\system32\wscsvc.dll
- 2004-08-04 07:56:46 108,032 ------w C:\WINDOWS\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ------w C:\WINDOWS\system32\wshbth.dll
- 2004-08-04 07:56:46 28,672 ----a-w C:\WINDOWS\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w C:\WINDOWS\system32\wshcon.dll
- 2004-08-04 07:56:46 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
- 2004-08-04 07:56:46 11,776 ----a-w C:\WINDOWS\system32\wshrm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w C:\WINDOWS\system32\wshrm.dll
- 2004-08-04 07:56:46 19,968 ----a-w C:\WINDOWS\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w C:\WINDOWS\system32\wshtcpip.dll
- 2004-08-04 07:56:46 42,496 ----a-w C:\WINDOWS\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w C:\WINDOWS\system32\wsnmp32.dll
- 2004-08-04 07:56:46 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
- 2004-08-04 07:56:46 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
- 2004-08-04 07:56:46 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
- 2004-08-04 07:56:46 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
- 2004-08-04 07:56:46 378,368 ----a-w C:\WINDOWS\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w C:\WINDOWS\system32\wzcdlg.dll
- 2004-08-04 07:56:46 51,712 ----a-w C:\WINDOWS\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w C:\WINDOWS\system32\wzcsapi.dll
- 2004-08-04 07:56:46 359,936 ----a-w C:\WINDOWS\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w C:\WINDOWS\system32\wzcsvc.dll
- 2004-08-04 07:56:46 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
- 2004-08-04 07:56:57 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
+ 2008-04-14 00:12:11 121,856 ------w C:\WINDOWS\system32\xmllite.dll
- 2004-08-04 07:56:46 129,536 ------w C:\WINDOWS\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ------w C:\WINDOWS\system32\xmlprov.dll
- 2004-08-04 07:56:46 50,176 ------w C:\WINDOWS\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ------w C:\WINDOWS\system32\xmlprovi.dll
- 2006-03-01 19:42:42 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
- 2004-08-04 07:56:36 438,784 ------w C:\WINDOWS\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
- 2004-08-04 07:56:36 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
- 2004-08-04 07:56:36 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
- 2007-12-06 09:38:31 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
- 2004-08-04 07:56:46 337,920 ----a-w C:\WINDOWS\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w C:\WINDOWS\system32\zipfldr.dll
- 2004-08-04 07:56:46 50,688 ----a-w C:\WINDOWS\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w C:\WINDOWS\twain_32.dll
+ 2000-08-31 14:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe
- 2004-08-04 07:56:57 283,648 ----a-w C:\WINDOWS\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w C:\WINDOWS\winhlp32.exe
- 2007-01-19 20:15:24 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2004-08-04 07:56:59 853,504 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2004-08-04 07:56:59 991,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2004-08-04 07:55:56 132,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-07-30 17:34:42 4,423 ----a-w C:\WINDOWS\wiuq\wiuq.dat
+ 2000-08-31 14:00:00 68,096 ----a-w C:\WINDOWS\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mljvew"="C:\WINDOWS\?icrosoft.NET\j?vaw.exe" [?]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 18:12 1695232]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-05-19 18:38 1957888]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-06-04 20:02 1506544]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-04-01 01:28 32881]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04 52736]
"HPHUPD05"="c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-21 05:23 49152]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2003-08-21 05:15 483328]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 14:43 233472]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 17:57 81920]
"Motive SmartBridge"="C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe" [2002-05-18 11:04 327680]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 09:46 172032]
"UpdateManager"="c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 00:01 110592]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [2005-03-02 18:19 143360]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2005-03-18 19:28 196608]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29 303104]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [2006-01-11 12:05 212992]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-10-29 07:43 180269]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-01-27 11:17 1381376]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06 2027792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36 256576]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-06-05 08:06 188416]
"40408b53"="C:\WINDOWS\system32\pmqbgarr.dll" [2008-07-30 12:30 83456]
"VTTimer"="VTTimer.exe" [2004-10-22 10:53 53248 C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 08:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 12:47 57344 C:\WINDOWS\ALCXMNTR.EXE]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-02-26 16:45:21 125624]
Verizon Online Support Center.lnk - C:\Program Files\Verizon Online\bin\matcli.exe [2004-09-04 16:39:50 204800]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 11:40 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Updates from HP\\137903\\Program\\BackWeb-137903.exe"=
"C:\\Program Files\\InterMute\\SpamSubtract\\SpamSub.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Neoteris\\Secure Application Manager\\dsSamProxy.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Ahead\\Nero ShowTime\\ShowTime.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16034:TCP"= 16034:TCP:BitComet 16034 TCP
"16034:UDP"= 16034:UDP:BitComet 16034 UDP

R1 NEOFLTR_520_9895;Juniper Networks TDI Filter Driver (NEOFLTR_520_9895);C:\WINDOWS\system32\Drivers\NEOFLTR_520_9895.SYS [2006-01-04 18:04]
S1 s3gnbmm;s3gnbmm;C:\WINDOWS\system32\drivers\s3gnbmm.sys []
S3 CA500AI;LV-10 Still Image Capture Version 1.00;C:\WINDOWS\system32\Drivers\2NF.sys [2000-09-19 11:27]
.
Contents of the 'Scheduled Tasks' folder

2008-06-07 C:\WINDOWS\Tasks\EasyShare Registration Task.job
- C:\WINDOWS\system32\rundll32.exe [2008-04-13 18:12]

2008-06-07 C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe []

2007-06-27 C:\WINDOWS\Tasks\Uniblue SpyEraser.job
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe []
.
- - - - ORPHANS REMOVED - - - -

BHO-{2c8479fa-ff9a-4db6-a241-35558d8d798f} - C:\WINDOWS\system32\rrhlcs.dll
BHO-{F995BA63-E03A-45B0-A5DA-BF378DA63DC5} - C:\WINDOWS\system32\urqnoonn.dll
HKCU-Run-RecordNow! - (no file)
HKLM-Run-BM4373b8cf - C:\WINDOWS\system32\mcxihoqo.dll


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\vptz6nwf.default\


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-04 02:30:57
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\WINDOWS\system32\rragbqmp.ini 1487632 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\pmqbgarr.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\McAfee.com\VSO\McVSEscn.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\PROGRA~1\McAfee.com\Agent\McTskshd.exe
C:\PROGRA~1\McAfee.com\VSO\mcvsrte.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\McAfee.com\VSO\mcvsftsn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee.com\VSO\McShield.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
C:\Program Files\InterMute\SpamSubtract\SpamSub.exe
.
**************************************************************************
.
Completion time: 2008-08-04 2:44:29 - machine was rebooted [Owner]
ComboFix-quarantined-files.txt 2008-08-04 08:44:15
ComboFix2.txt 2008-03-30 20:01:28
ComboFix3.txt 2008-03-25 22:39:11

Pre-Run: 7,085,580,288 bytes free
Post-Run: 7,075,692,544 bytes free

9276 --- E O F --- 2008-08-04 08:17:17

#10 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:04:49 AM

Posted 04 August 2008 - 04:26 PM

The link to the first part of the log does not seem to work for me.

Let's try this. Go to this page.
Where it says, browse to the combofix log file and then click the Send File button below.
Hopefully we'll have more luck that way.. :thumbsup:

#11 crocolyle

crocolyle
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 04 August 2008 - 05:15 PM

Ok, I think I did that right. Let me know.

#12 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:04:49 AM

Posted 05 August 2008 - 01:31 PM

Thanks I got the log.. :thumbsup:

Click start > run and type: notepad, then hit enter.
Copy and paste in the following text into the window.

File::
C:\WINDOWS\system32\rragbqmp.ini
C:\WINDOWS\system32\xtybkjwi.dll
C:\WINDOWS\system32\vjvinlnl.dll
C:\WINDOWS\system32\lccrkb.dll
C:\WINDOWS\system32\ljoascxp.dll
C:\Temp\nbU103h.exe
C:\WINDOWS\system32\drivers\s3gnbmm.sys

Folder::
C:\WINDOWS\wiuq
C:\Program Files\Common Files\wiuq
C:\WINDOWS\system32\kBin19
C:\Temp\epr1

Rootkit::
C:\WINDOWS\system32\rragbqmp.ini
C:\WINDOWS\system32\pmqbgarr.dll

Driver::
s3gnbmm

Click File > Save and call it "CFScript.txt" (without quotes).
Save it to your desktop.
Posted Image
Refering to the picture above, drag CFscript.txt into ComboFix.exe
Combofix will run, and a text file will open. Please post it back here.
Again, if it is too long, please upload it to my submission channel like you did before..

Please download Malwarebytes Anti-Malware and save it to your desktop.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation finishes, leave both 'Update' and 'Launch' checked. Click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.
If an update is found, the program will automatically update itself.
Press the OK button to close that box and continue.
If you encounter any problems while downloading the updates, manually download them from here.

On the Scanner tab, ensure the "Perform Quick Scan" option is selected, then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
When the scan finishes, a box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply and exit MBAM.

Edited by D-Trojanator, 05 August 2008 - 01:31 PM.


#13 crocolyle

crocolyle
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 05 August 2008 - 03:03 PM

I've created the script file, but ComboFix is hanging up again, this time after completing Stage 9. Last time we ran Combo Fix you had me use these instructions:

Click the Windows 'Start' button > Select 'Run' - then copy/paste the following bolded text into the run box & click OK.
"%userprofile%\desktop\combofix.exe" /killall


Is there anyway to do this sort of thing while still using the script file?

For now, I will let ComboFix run to see if it will continue.

Thanks!

#14 crocolyle

crocolyle
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 06 August 2008 - 11:20 AM

ComboFix Log when run with script:
(Had to run twice since the first time I forgot to disable McAfee script checker. This log is from the second time.)

ComboFix 08-08-01.04 - Owner 2008-08-05 14:51:17.18 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.158 [GMT -6:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Owner\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\Temp\nbU103h.exe
C:\WINDOWS\system32\drivers\s3gnbmm.sys
C:\WINDOWS\system32\lccrkb.dll
C:\WINDOWS\system32\ljoascxp.dll
C:\WINDOWS\system32\rragbqmp.ini
C:\WINDOWS\system32\vjvinlnl.dll
C:\WINDOWS\system32\xtybkjwi.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\pmqbgarr.dll
C:\WINDOWS\system32\rragbqmp.ini
.
---- Previous Run -------
.
C:\Program Files\Common Files\wiuq
C:\Program Files\Common Files\wiuq\wiuqa.lck
C:\Program Files\Common Files\wiuq\wiuql.lck
C:\Program Files\Common Files\wiuq\wiuqm.lck
C:\Temp\epr1
C:\Temp\nbU103h.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\kBin19
C:\WINDOWS\system32\kBin19\kBin191065.exe
C:\WINDOWS\system32\lccrkb.dll
C:\WINDOWS\system32\ljoascxp.dll
C:\WINDOWS\system32\rragbqmp.ini
C:\WINDOWS\system32\vjvinlnl.dll
C:\WINDOWS\system32\xtybkjwi.dll
C:\WINDOWS\wiuq
C:\WINDOWS\wiuq\wiuq.dat
C:\WINDOWS\wiuq\wu

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_S3GNBMM
-------\Service_s3gnbmm


((((((((((((((((((((((((( Files Created from 2008-07-06 to 2008-08-06 )))))))))))))))))))))))))))))))
.

2008-08-04 15:29 . 2008-08-04 18:06 <DIR> d-------- C:\Program Files\a-squared Free
2008-08-01 23:56 . 2008-08-01 23:56 <DIR> d-------- C:\Deckard
2008-08-01 20:06 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-08-01 17:43 . 2008-08-01 17:43 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-08-01 17:43 . 2008-08-01 17:43 <DIR> d-------- C:\WINDOWS\system32\en
2008-08-01 17:43 . 2008-08-01 17:43 <DIR> d-------- C:\WINDOWS\l2schemas
2008-08-01 17:12 . 2008-04-13 18:12 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
2008-08-01 17:12 . 2008-04-13 18:12 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-01 17:12 . 2008-04-13 18:12 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
2008-08-01 17:12 . 2008-04-13 18:12 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
2008-08-01 17:12 . 2008-04-13 18:12 53,248 --------- C:\WINDOWS\system32\tsgqec.dll
2008-08-01 17:12 . 2008-04-13 18:12 50,688 --------- C:\WINDOWS\system32\tspkg.dll
2008-08-01 17:12 . 2008-04-13 18:12 32,768 --------- C:\WINDOWS\system32\setupn.exe
2008-08-01 17:12 . 2008-04-13 12:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-08-01 17:10 . 2008-04-13 18:11 650,752 --------- C:\WINDOWS\system32\dot3ui.dll
2008-08-01 13:31 . 2008-08-01 13:31 95 --a------ C:\WINDOWS\wininit.ini
2008-08-01 13:02 . 2008-08-01 13:02 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-01 13:02 . 2008-08-01 13:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-31 01:34 . 2008-07-31 01:34 <DIR> d-------- C:\WINDOWS\ERUNT
2008-07-30 11:37 . 2008-07-30 11:37 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconUS.ico
2008-07-26 18:45 . 2008-07-26 18:45 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-26 18:45 . 2008-07-26 18:45 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-16 20:47 . 2008-07-16 20:47 <DIR> d-------- C:\WINDOWS\Cache
2008-07-16 20:47 . 2008-07-16 20:49 <DIR> d-------- C:\Program Files\Coupons

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-05 09:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-02 02:06 --------- d-----w C:\Program Files\Java
2008-08-01 19:31 --------- d-----w C:\Program Files\Enigma Software Group
2008-07-26 06:35 --------- d-----w C:\Program Files\Common Files\Adobe
2008-07-26 06:33 --------- d-----w C:\Documents and Settings\Owner\Application Data\AdobeUM
2008-06-27 00:51 --------- d-----w C:\Documents and Settings\Owner\Application Data\Juniper Networks
2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-01-02 21:53 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
.

((((((((((((((((((((((((((((( snapshot_2008-08-04_ 2.43.41.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 00:11:48 1,852,928 -c--a-w C:\WINDOWS\system32\dllcache\acgenral.dll
+ 2008-04-14 00:11:53 472,064 -c--a-w C:\WINDOWS\system32\dllcache\fastprox.dll
+ 2008-04-14 00:12:08 406,016 -c--a-w C:\WINDOWS\system32\dllcache\usp10.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mljvew"="C:\WINDOWS\?icrosoft.NET\j?vaw.exe" [?]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 18:12 1695232]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-05-19 18:38 1957888]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-06-04 20:02 1506544]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-04-01 01:28 32881]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04 52736]
"HPHUPD05"="c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-21 05:23 49152]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2003-08-21 05:15 483328]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 21:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 14:43 233472]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 17:57 81920]
"Motive SmartBridge"="C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe" [2002-05-18 11:04 327680]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 09:46 172032]
"UpdateManager"="c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 00:01 110592]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [2005-03-02 18:19 143360]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2005-03-18 19:28 196608]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29 303104]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05 212992]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-10-29 07:43 180269]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-01-27 11:17 1381376]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06 2027792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36 256576]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-06-05 08:06 188416]
"BM4373b8cf"="C:\WINDOWS\system32\mcxihoqo.dll" [BU]
"VTTimer"="VTTimer.exe" [2004-10-22 10:53 53248 C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 08:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 12:47 57344 C:\WINDOWS\ALCXMNTR.EXE]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-02-26 16:45:21 125624]
Verizon Online Support Center.lnk - C:\Program Files\Verizon Online\bin\matcli.exe [2004-09-04 16:39:50 204800]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 11:40 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\InterMute\\SpamSubtract\\SpamSub.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Neoteris\\Secure Application Manager\\dsSamProxy.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Ahead\\Nero ShowTime\\ShowTime.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16034:TCP"= 16034:TCP:BitComet 16034 TCP
"16034:UDP"= 16034:UDP:BitComet 16034 UDP

R1 NEOFLTR_520_9895;Juniper Networks TDI Filter Driver (NEOFLTR_520_9895);C:\WINDOWS\system32\Drivers\NEOFLTR_520_9895.SYS [2006-01-04 18:04]
S3 CA500AI;LV-10 Still Image Capture Version 1.00;C:\WINDOWS\system32\Drivers\2NF.sys [2000-09-19 11:27]
.
Contents of the 'Scheduled Tasks' folder

2008-06-07 C:\WINDOWS\Tasks\EasyShare Registration Task.job
- C:\WINDOWS\system32\rundll32.exe [2008-04-13 18:12]

2008-06-07 C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe []

2007-06-27 C:\WINDOWS\Tasks\Uniblue SpyEraser.job
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe []
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-40408b53 - C:\WINDOWS\system32\pmqbgarr.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-06 08:19:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\s3gnbmm]
"ImagePath"="System32\drivers\s3gnbmm.sys"
.
Completion time: 2008-08-06 8:32:07
ComboFix-quarantined-files.txt 2008-08-06 14:31:55
ComboFix2.txt 2008-08-04 08:44:30
ComboFix3.txt 2008-03-30 20:01:28
ComboFix4.txt 2008-03-25 22:39:11

Pre-Run: 11,179,474,944 bytes free
Post-Run: 11,168,915,456 bytes free

198 --- E O F --- 2008-08-04 08:17:17

Malwarebyte Log:

Malwarebytes' Anti-Malware 1.24
Database version: 1028
Windows 5.1.2600 Service Pack 3

9:52:44 AM 8/6/2008
mbam-log-8-6-2008 (09-52-44).txt

Scan type: Quick Scan
Objects scanned: 43098
Time elapsed: 6 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 14
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RABCO (Adware.RABCO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RABCO (Adware.RABCO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Inet_Get_2 (Trojan.Downloader) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Temp\bPccE7001.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\Components\srff.dll (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

#15 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:04:49 AM

Posted 06 August 2008 - 01:49 PM

Good work, things are looking a lot better! Mcafee would most likely stop Combofix from running..
Please open notepad and and copy and paste next bold in it:
(don't forget to copy and paste REGEDIT4)

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mljvew"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BM4373b8cf"=-

Save this as "fix.reg" Choose to save as *all files and place it on your desktop.
It should look like this: Posted Image
Doubleclick on it and when it asks you if you want to merge the contents to the registry, click yes/ok.

Download Bobbi Flekman's RegSearch from
http://www.bleepingcomputer.com/files/regsearch.php

Create a folder for RegSearch on the C: drive called C:\RegSearch. You can do this by going to My Computer then double click on C: then right click and select New then Folder and name it RegSearch. Extract all the files from the zip archive into that folder.

Open the RegSearch folder and double-click the icon for RegSearch.exe to launch the program.
Copy / Paste the following line into the top Search Box:

s3gnbmm

Now hit OK. After completion Notepad will be opened with all the found instances of the string.
The resulting file is saved in the same location as RegSearch.exe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users