Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Virus/Spyware/Malware and can't get rid of it.


  • This topic is locked This topic is locked
13 replies to this topic

#1 Monsieurfitch08

Monsieurfitch08

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 30 March 2009 - 08:36 PM

Hello,

This past week I started having trouble with my computer.

Some of the symptoms include:

-multiple iexplore.exe pop-ups and audio clips in the background
-sometimes the links to my Google results lead to other advertising sites
-when my desktop is loading, my command prompt pops up with a few ".exe"s like "command.com" and "lsass" which never occurred before
-my desktop doesn't fully load. I can only access programs and applications via task manager
-when I try to open certain applications, my computer freezes and/or shuts-down
-there is also a process called "hlimnlnk" that runs sometimes. However, when I looked it up on Google, absolutely nothing showed up on it.
-Also, on occasion two "rundll32" processes will run simultaneously.

I've ran multiple spyware/malware removers but it seems that they aren't really helping.
One of the programs says I have a Win32Rootkit.TDSS. I told it to fix the infection but it shows up again...

I also searched through my computer files and I found I have a few of weird "dll" files.

At this point I have run out of ideas and in need of desperate help. :thumbup2:

Thanks in advance for any help you may provide. :)


Here is my DDS log:

DDS (Ver_09-03-16.01) - NTFSx86
Run by HP_Owner at 20:15:41.26 on Mon 03/30/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.895.172 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
AV: Prevx Edge *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Prevx\prevx.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Cobian Backup 9\Cobian.exe
C:\Program Files\Cobian Backup 9\cbInterface.exe
C:\Documents and Settings\HP_Owner\My Documents\My Stuff\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://myspace.com/
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = hxxp://myspace.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
uURLSearchHooks: Yahoo! Toolbar BETA: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\sdra64.exe,
uWindows: load=???
?
uWindows: run=???
?
BHO: @D18EA1-A523-4961-B6BB-170DE4475CCA} - No File
BHO: rsion - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: blueskyadagency: {585b3151-9219-ff83-11dc-593e7ab9e6c2} - c:\windows\system32\nsv52C.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: blueskyadagency browser enhancer: {8fc25aa3-5af0-5f33-d4b2-4cd9b0658025} - c:\windows\system32\hjywwknutzevnd.dll
BHO: {97b53875-9cd2-440d-b3df-fdfaf96a102b} - c:\windows\system32\likegene.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: ?D78D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: DD0-B101-42AD-A544-FADC6B084872} - No File
BHO: ?D49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No File
TB: Yahoo! Toolbar BETA: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - No File
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [AROReminder] c:\program files\advanced registry optimizer\ARO.exe -rem
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [SpybotDeletingB2356] command.com /c del "c:\windows\wt\webdriver\4.1.1\actorobject.dll"
mRun: [wltray.exe] c:\windows\system32\wltray.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [masqform.exe] c:\program files\pureedge\viewer 6.0\masqform.exe -UpdateCurrentUser
mRun: [bdgxviscots] c:\windows\system32\regsvr32.exe /s "c:\windows\system32\hjywwknutzevnd.dll"
mRun: [hlimnlnk] "c:\windows\system32\hlimnlnk.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [PromoReg] c:\docume~1\hp_owner\locals~1\temp\bleep3.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [CPM6fa4c0b6] Rundll32.exe "c:\windows\system32\subalavi.dll",a
mRun: [6c97f32a] rundll32.exe "c:\windows\system32\demayoha.dll",b
mRun: [votugedope] Rundll32.exe "c:\windows\system32\zawaname.dll",s
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: c:\windows\system32\subalavi.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\subalavi.dll
STS: STS: {ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} - c:\windows\system32\subalavi.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mcenspc.dll
LSA: Notification Packages = scecli c:\windows\system32\bularigi.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\ksqxhua9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - facebook.com
FF - prefs.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\mozilla firefox\components\e6c78e42-685c-084c-52c2-de408f6183ac.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPView22.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\view22\version_4\NPView22.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-25 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-3-24 130424]
R0 pxprot;pxprot;c:\windows\system32\drivers\pxprot.sys [2009-3-27 18440]
R0 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2009-3-27 16904]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-28 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-28 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-28 107272]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-10-28 231704]
R2 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2009-3-27 4414008]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 951632]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-3-24 348752]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-3-24 1095560]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-10-28 875288]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-26 24652]

=============== Created Last 30 ================

2009-03-30 20:10 <DIR> --d----- c:\program files\Cobian Backup 9
2009-03-30 00:12 569 a------- c:\windows\system32\gmyiu_navps.dat
2009-03-30 00:12 362,173 a------- c:\windows\system32\gmyiu_nav.dat
2009-03-30 00:12 292,352 a------- c:\windows\system32\gmyiu.exe
2009-03-30 00:12 5,846 a------- c:\windows\system32\gmyiu.dat
2009-03-30 00:09 3,291,364 ---sh--- c:\windows\system32\ahoyamed.ini2
2009-03-30 00:09 3,291,364 ---sh--- c:\windows\system32\ahoyamed.tmp
2009-03-27 00:19 18,440 a------- c:\windows\system32\drivers\pxprot.sys
2009-03-27 00:19 22,024 a------- c:\windows\system32\drivers\pxscan.sys
2009-03-27 00:19 16,904 a------- c:\windows\system32\drivers\pxrts.sys
2009-03-27 00:19 <DIR> --d----- c:\program files\Prevx
2009-03-27 00:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PrevxCSI
2009-03-26 13:05 3,291,364 ---sh--- c:\windows\system32\ahoyamed.ini
2009-03-26 13:05 129,024 a--sh--- c:\windows\system32\swakte.dll
2009-03-26 01:10 3,289,742 ---sh--- c:\windows\system32\ewanadep.ini
2009-03-25 23:14 15,688 a------- c:\windows\system32\lsdelete.exe
2009-03-25 22:33 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-03-25 22:25 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-25 15:17 <DIR> -cd----- C:\!KillBox
2009-03-25 13:23 <DIR> --dsh--- c:\windows\system32\lowsec
2009-03-25 12:57 3,291,644 ---sh--- c:\windows\system32\usuwisiy.ini
2009-03-25 12:57 128,512 a--sh--- c:\windows\system32\iyauys.dll
2009-03-25 11:45 <DIR> --d----- c:\windows\system32\NtmsData
2009-03-24 23:46 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-03-24 23:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-03-24 23:30 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
2009-03-24 21:57 51,072 a---h--- c:\windows\system32\mlfcache.dat
2009-03-24 12:58 129,024 a--sh--- c:\windows\system32\cgqzrq.dll
2009-03-24 11:10 385,536 a------- c:\windows\tcaqx4813.exe
2009-03-24 11:09 69,697 a------- c:\windows\bdkpa0726.exe
2009-03-24 10:30 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-03-24 10:30 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-03-24 10:30 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-03-24 10:30 <DIR> --d----- c:\program files\common files\PC Tools
2009-03-24 10:30 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-03-24 10:30 <DIR> --d----- c:\program files\Spyware Doctor
2009-03-24 10:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-03-24 10:14 385,024 a------- c:\windows\nldj83573.exe
2009-03-24 10:14 <DIR> --d----- c:\program files\IEToolbar
2009-03-24 10:12 <DIR> --d----- c:\program files\p2pmax
2009-03-24 10:11 <DIR> --d----- c:\program files\runit
2009-03-24 10:11 69,697 a------- c:\windows\ujls35305.exe
2009-03-24 10:10 204,869 a------- c:\windows\xued04546.exe
2009-03-24 10:09 190,667 a------- c:\windows\nmwi87014.exe
2009-03-24 00:18 129,024 a--sh--- c:\windows\system32\avjgip.dll
2009-03-19 19:07 <DIR> --d----- c:\docume~1\hp_owner\applic~1\Any Video Converter
2009-03-19 19:07 <DIR> --d----- c:\program files\Any Video Converter
2009-03-19 18:34 <DIR> -cd----- C:\CoolOutput
2009-03-19 18:31 34 a---h--- c:\windows\system32\Converter_sysquict.dat
2009-03-19 18:31 <DIR> --d----- c:\program files\Cool Free All Video to Mp4 MPEG Converter
2009-03-19 16:15 <DIR> -cd----- C:\divx
2009-03-06 03:47 389,120 a------- c:\windows\system32\actskn43.ocx
2009-03-06 03:47 <DIR> --d----- c:\program files\Flv Audio Extractor
2009-03-06 02:29 237,568 a------- c:\windows\system32\rmc_rtspdl.dll
2009-03-06 02:29 156,672 a------- c:\windows\system32\rmc_fixasf.exe
2009-03-04 16:16 <DIR> --d----- c:\program files\Audacity 1.3 Beta (Unicode)
2009-03-04 11:08 623,104 a------- c:\windows\system32\nsv52C.dll
2009-03-02 22:51 <DIR> --d----- c:\docume~1\hp_owner\applic~1\LimeWireTurbo
2009-03-02 22:45 <DIR> --d----- c:\program files\LimeWireTurbo

==================== Find3M ====================

2009-03-26 13:05 90,112 a--sh--- c:\windows\system32\demayoha.dll
2009-03-26 13:05 129,024 a--sh--- c:\windows\system32\ribehige.dll
2009-03-26 13:05 96,768 a--sh--- c:\windows\system32\subalavi.dll
2009-03-25 12:57 128,512 a--sh--- c:\windows\system32\nawowami.dll
2009-03-25 12:57 94,208 a--sh--- c:\windows\system32\geligehu.dll
2009-03-24 12:58 129,024 a--sh--- c:\windows\system32\nomotuve.dll
2009-03-24 12:58 90,624 a--sh--- c:\windows\system32\teraniye.dll
2009-03-24 00:18 129,024 a--sh--- c:\windows\system32\meginajo.dll
2009-03-24 00:18 94,720 a--sh--- c:\windows\system32\zihemiri.dll
2009-03-06 03:39 323,584 a------- c:\windows\system32\AUDIOGENIE2.DLL
2009-02-16 00:17 202,240 a------- c:\windows\system32\DG_SS09_screensaver_PC.scr
2009-02-09 06:19 1,846,272 a------- c:\windows\system32\win32k.sys
2009-02-09 06:19 1,846,272 a------- c:\windows\system32\dllcache\win32k.sys
2009-02-01 19:29 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-01 19:29 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-01 19:29 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-01-16 22:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2008-05-03 14:08 139 ac--h--- c:\docume~1\hp_owner\applic~1\brara1985.sys
2006-08-01 14:16 404 ac------ c:\docume~1\hp_owner\applic~1\wklnhst.dat

============= FINISH: 20:18:06.29 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:14 AM

Posted 31 March 2009 - 01:58 AM

Hi,

It is normal that, when you don't update your Antivirus, visit questionable sites and download questionable programs, that you get infected.
In your case, Your system is severly infected. Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.
Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.
So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.

In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start. Reason I am telling this is because when a system is so terribly infected and we try to clean this up manually, the damage that is already present may interfere with our removal attempts.

* Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • In case you already used MBAM previously, please update it before proceeding with the scan. To do this, click the "Update" tab and click the "Check For updates" button.
  • Once the program has loaded and updates were downloaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 Monsieurfitch08

Monsieurfitch08
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 31 March 2009 - 06:16 PM

OK, so I ran the Malwarebytes and this is the log:

Malwarebytes' Anti-Malware 1.35
Database version: 1904
Windows 5.1.2600 Service Pack 2

3/31/2009 6:54:36 PM
mbam-log-2009-03-31 (18-54-36).txt

Scan type: Quick Scan
Objects scanned: 80692
Time elapsed: 12 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 30
Registry Values Infected: 8
Registry Data Items Infected: 6
Folders Infected: 3
Files Infected: 41

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
\\?\globalroot\systemroot\system32\UACwayixfpy.dll (Trojan.TDSS) -> Delete on reboot.
c:\WINDOWS\system32\subalavi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\components\e6c78e42-685c-084c-52c2-de408f6183ac.dll (Adware.Yoog) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{97b53875-9cd2-440d-b3df-fdfaf96a102b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{97b53875-9cd2-440d-b3df-fdfaf96a102b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\Interface\{255c13ae-4bb0-45c3-bae1-ba6c088c43b3} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8fbb0d9a-1f7b-465b-8292-1593b880e92a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ceb23d-8f00-4f59-b876-4bc7e48c120c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c9ceb23d-8f00-4f59-b876-4bc7e48c120c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\runit (Adware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbtoolbar.temperaturebarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbtoolbar.temperaturebarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DPS (Adware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\p2pmax (Adware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\p2pmax (Adware.P2Pmax) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{585b3151-9219-ff83-11dc-593e7ab9e6c2} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{585b3151-9219-ff83-11dc-593e7ab9e6c2} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8fc25aa3-5af0-5f33-d4b2-4cd9b0658025} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8fc25aa3-5af0-5f33-d4b2-4cd9b0658025} (Adware.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\6c97f32a (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm6fa4c0b6 (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\votugedope (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PromoReg (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bdgxviscots (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\subalavi.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\subalavi.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: c:\windows\system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\SYSTEM32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\runit (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\p2pmax (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec (Spyware.StolenData) -> Delete on reboot.

Files Infected:
C:\WINDOWS\system32\demayoha.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ahoyamed.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ahoyamed.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\subalavi.dll (Trojan.Vundo.H) -> Delete on reboot.
\\?\globalroot\systemroot\system32\UACwayixfpy.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\ujls35305.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\bdkpa0726.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ribehige.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\swakte.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACgpjnalsd.dll (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\UACifijauyj.dll (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\UACnhsdmstv.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\UACwayixfpy.dll (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\UACwtuuvver.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\drivers\UACoemiluro.sys (Rootkit.TDSS) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\UAC9e2a.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UAC3e04.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UAC4bf3.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UAC4d37.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UAC5109.tmp (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\Temp\UAC68d2.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UAC7516.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UACce7c.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Program Files\runit\config.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\runit\runit_32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\p2pmax\p2pmaxu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Spyware.StolenData) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds (Spyware.StolenData) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\components\e6c78e42-685c-084c-52c2-de408f6183ac.dll (Adware.Yoog) -> Delete on reboot.
C:\WINDOWS\system32\regsvr32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\sdra64.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\system32\euabellxi_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gmyiu_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vckqgkz_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\euabellxi_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gmyiu_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vckqgkz_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACkcuutnpu.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\UACkxjkoele.log (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\nsv52C.dll (Adware.BHO) -> Quarantined and deleted successfully.



And this is the new DDS Log:

DDS (Ver_09-03-16.01) - NTFSx86
Run by HP_Owner at 19:10:25.82 on Tue 03/31/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.895.302 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
AV: Prevx Edge *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Owner\My Documents\My Stuff\dds(2).scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://myspace.com/
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = hxxp://myspace.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
uURLSearchHooks: Yahoo! Toolbar BETA: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\sdra64.exe,
uWindows: load="???
uWindows: run="???
BHO: @D18EA1-A523-4961-B6BB-170DE4475CCA} - No File
BHO: rsion - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {585b3151-9219-ff83-11dc-593e7ab9e6c2} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {8FC25AA3-5AF0-5F33-D4B2-4CD9B0658025} - No File
BHO: {97b53875-9cd2-440d-b3df-fdfaf96a102b} - No File
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: ?D78D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: DD0-B101-42AD-A544-FADC6B084872} - No File
BHO: ?D49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No File
TB: Yahoo! Toolbar BETA: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - No File
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [AROReminder] c:\program files\advanced registry optimizer\ARO.exe -rem
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [SpybotDeletingB2356] command.com /c del "c:\windows\wt\webdriver\4.1.1\actorobject.dll"
mRun: [wltray.exe] c:\windows\system32\wltray.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [masqform.exe] c:\program files\pureedge\viewer 6.0\masqform.exe -UpdateCurrentUser
mRun: [hlimnlnk] "c:\windows\system32\hlimnlnk.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [bdgxviscots] c:\windows\system32\regsvr32.exe /s "c:\windows\system32\hjywwknutzevnd.dll"
mRun: [PromoReg] c:\docume~1\hp_owner\locals~1\temp\bleep3.exe
mRun: [CPM6fa4c0b6] Rundll32.exe "c:\windows\system32\subalavi.dll",a
mRun: [6c97f32a] rundll32.exe "c:\windows\system32\demayoha.dll",b
mRun: [votugedope] Rundll32.exe "c:\windows\system32\zawaname.dll",s
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - No File
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mcenspc.dll
LSA: Notification Packages = scecli c:\windows\system32\bularigi.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\ksqxhua9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - facebook.com
FF - prefs.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\mozilla firefox\components\e6c78e42-685c-084c-52c2-de408f6183ac.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPView22.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\view22\version_4\NPView22.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-25 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-3-24 130424]
R0 pxprot;pxprot;c:\windows\system32\drivers\pxprot.sys [2009-3-27 18440]
R0 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2009-3-27 16904]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-28 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-28 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-28 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-10-28 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-10-28 231704]
R2 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2009-3-27 4414008]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 951632]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-3-24 348752]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-3-24 1095560]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-26 24652]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

=============== Created Last 30 ================

2009-03-31 18:39 <DIR> --d----- c:\docume~1\hp_owner\applic~1\Malwarebytes
2009-03-31 18:32 22,494 a------- c:\windows\system32\AAWService_2009_03_31_18_32_12.dmp
2009-03-31 15:08 <DIR> --d----- c:\program files\Windows Installer Clean Up
2009-03-31 15:08 <DIR> --d----- c:\program files\MSECACHE
2009-03-31 14:54 23,173 a------- c:\windows\system32\AAWService_2009_03_31_14_54_28.dmp
2009-03-31 14:34 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-31 14:34 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-31 14:34 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-03-31 14:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-30 20:10 <DIR> --d----- c:\program files\Cobian Backup 9
2009-03-30 00:12 292,352 a------- c:\windows\system32\gmyiu.exe
2009-03-30 00:12 5,846 a------- c:\windows\system32\gmyiu.dat
2009-03-30 00:09 3,291,364 ---sh--- c:\windows\system32\ahoyamed.tmp
2009-03-27 00:19 18,440 a------- c:\windows\system32\drivers\pxprot.sys
2009-03-27 00:19 22,024 a------- c:\windows\system32\drivers\pxscan.sys
2009-03-27 00:19 16,904 a------- c:\windows\system32\drivers\pxrts.sys
2009-03-27 00:19 <DIR> --d----- c:\program files\Prevx
2009-03-27 00:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PrevxCSI
2009-03-26 01:10 3,289,742 ---sh--- c:\windows\system32\ewanadep.ini
2009-03-25 23:14 15,688 a------- c:\windows\system32\lsdelete.exe
2009-03-25 22:33 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-03-25 22:25 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-25 15:17 <DIR> -cd----- C:\!KillBox
2009-03-25 12:57 3,291,644 ---sh--- c:\windows\system32\usuwisiy.ini
2009-03-25 12:57 128,512 a--sh--- c:\windows\system32\iyauys.dll
2009-03-25 11:45 <DIR> --d----- c:\windows\system32\NtmsData
2009-03-24 23:46 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-03-24 23:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-03-24 23:30 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
2009-03-24 21:57 51,072 a---h--- c:\windows\system32\mlfcache.dat
2009-03-24 12:58 129,024 a--sh--- c:\windows\system32\cgqzrq.dll
2009-03-24 11:10 385,536 a------- c:\windows\tcaqx4813.exe
2009-03-24 10:30 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-03-24 10:30 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-03-24 10:30 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-03-24 10:30 <DIR> --d----- c:\program files\common files\PC Tools
2009-03-24 10:30 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-03-24 10:30 <DIR> --d----- c:\program files\Spyware Doctor
2009-03-24 10:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-03-24 10:14 385,024 a------- c:\windows\nldj83573.exe
2009-03-24 10:14 <DIR> --d----- c:\program files\IEToolbar
2009-03-24 10:10 204,869 a------- c:\windows\xued04546.exe
2009-03-24 10:09 190,667 a------- c:\windows\nmwi87014.exe
2009-03-24 00:18 129,024 a--sh--- c:\windows\system32\avjgip.dll
2009-03-19 19:07 <DIR> --d----- c:\docume~1\hp_owner\applic~1\Any Video Converter
2009-03-19 19:07 <DIR> --d----- c:\program files\Any Video Converter
2009-03-19 18:34 <DIR> -cd----- C:\CoolOutput
2009-03-19 18:31 34 a---h--- c:\windows\system32\Converter_sysquict.dat
2009-03-19 18:31 <DIR> --d----- c:\program files\Cool Free All Video to Mp4 MPEG Converter
2009-03-19 16:15 <DIR> -cd----- C:\divx
2009-03-06 03:47 389,120 a------- c:\windows\system32\actskn43.ocx
2009-03-06 03:47 <DIR> --d----- c:\program files\Flv Audio Extractor
2009-03-06 02:29 237,568 a------- c:\windows\system32\rmc_rtspdl.dll
2009-03-06 02:29 156,672 a------- c:\windows\system32\rmc_fixasf.exe
2009-03-04 16:16 <DIR> --d----- c:\program files\Audacity 1.3 Beta (Unicode)
2009-03-02 22:51 <DIR> --d----- c:\docume~1\hp_owner\applic~1\LimeWireTurbo
2009-03-02 22:45 <DIR> --d----- c:\program files\LimeWireTurbo

==================== Find3M ====================

2009-03-25 12:57 128,512 a--sh--- c:\windows\system32\nawowami.dll
2009-03-25 12:57 94,208 a--sh--- c:\windows\system32\geligehu.dll
2009-03-24 12:58 129,024 a--sh--- c:\windows\system32\nomotuve.dll
2009-03-24 12:58 90,624 a--sh--- c:\windows\system32\teraniye.dll
2009-03-24 00:18 129,024 a--sh--- c:\windows\system32\meginajo.dll
2009-03-24 00:18 94,720 a--sh--- c:\windows\system32\zihemiri.dll
2009-03-06 03:39 323,584 a------- c:\windows\system32\AUDIOGENIE2.DLL
2009-02-16 00:17 202,240 a------- c:\windows\system32\DG_SS09_screensaver_PC.scr
2009-02-09 06:19 1,846,272 a------- c:\windows\system32\win32k.sys
2009-02-09 06:19 1,846,272 a------- c:\windows\system32\dllcache\win32k.sys
2009-02-01 19:29 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-01 19:29 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-01 19:29 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-01-16 22:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2008-05-03 14:08 139 -c--h--- c:\docume~1\hp_owner\applic~1\brara1985.sys
2006-08-01 14:16 404 ac------ c:\docume~1\hp_owner\applic~1\wklnhst.dat

============= FINISH: 19:12:00.62 ===============

Attached Files



#4 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:14 AM

Posted 31 March 2009 - 06:33 PM

Hi,

You didn't update.

Please use the update button, click check for updates, update and rescan again.

Also, your Teatimer is interfering here, so I see you are running Teatimer.
I suggest you to disable it because it can interfere with the changes you'll make on your system.
When everything is done and your log is clean again, you can enable it again.
If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.
How to disable TeaTimer <== click me for instructions.

The same applies for adwatch...

To disable AdWatch:

* Right click on the Ad-Watch icon in the system tray.
* At the bottom of the screen there will be two checkable items called Active and Automatic.
o Active: This will turn Ad-Watch On\Off without closing it.
o Automatic: Suspicious activity will be blocked automatically.
* Uncheck both of those boxes.
* (When done, you can re-enable it using the same steps but this time check both boxes.)

Then run scan again, let it finish, then reboot, then scan again with DDS

Then post the logs in your next reply.

Edited by miekiemoes, 31 March 2009 - 06:35 PM.

AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 Monsieurfitch08

Monsieurfitch08
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 31 March 2009 - 07:33 PM

Hey, sorry about that. I'm hoping I did it right this time...

Here's the Malwarebytes Log:

Malwarebytes' Anti-Malware 1.35
Database version: 1927
Windows 5.1.2600 Service Pack 2

3/31/2009 8:17:54 PM
mbam-log-2009-03-31 (20-17-54).txt

Scan type: Quick Scan
Objects scanned: 81539
Time elapsed: 17 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 6
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm6fa4c0b6 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\6c97f32a (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\votugedope (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PromoReg (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bdgxviscots (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\SYSTEM32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Here's is the DDS Log:

DDS (Ver_09-03-16.01) - NTFSx86
Run by HP_Owner at 20:27:55.92 on Tue 03/31/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.895.393 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
AV: Prevx Edge *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Prevx\prevx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wltray.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Owner\My Documents\My Stuff\dds(3).scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://myspace.com/
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = hxxp://myspace.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
uURLSearchHooks: Yahoo! Toolbar BETA: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
uWindows: load="???
uWindows: run="???
BHO: @D18EA1-A523-4961-B6BB-170DE4475CCA} - No File
BHO: rsion - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {585b3151-9219-ff83-11dc-593e7ab9e6c2} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {8FC25AA3-5AF0-5F33-D4B2-4CD9B0658025} - No File
BHO: {97b53875-9cd2-440d-b3df-fdfaf96a102b} - No File
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: ?D78D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: DD0-B101-42AD-A544-FADC6B084872} - No File
BHO: ?D49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No File
TB: Yahoo! Toolbar BETA: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2} - No File
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [AROReminder] c:\program files\advanced registry optimizer\ARO.exe -rem
mRun: [wltray.exe] c:\windows\system32\wltray.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [masqform.exe] c:\program files\pureedge\viewer 6.0\masqform.exe -UpdateCurrentUser
mRun: [hlimnlnk] "c:\windows\system32\hlimnlnk.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mcenspc.dll
LSA: Notification Packages = scecli c:\windows\system32\bularigi.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\ksqxhua9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - facebook.com
FF - prefs.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\mozilla firefox\components\e6c78e42-685c-084c-52c2-de408f6183ac.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPView22.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\view22\version_4\NPView22.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-25 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-3-24 130424]
R0 pxprot;pxprot;c:\windows\system32\drivers\pxprot.sys [2009-3-27 18440]
R0 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2009-3-27 16904]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-28 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-28 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-28 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-10-28 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-10-28 231704]
R2 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2009-3-27 4414008]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-26 24652]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 951632]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-3-24 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-3-24 1095560]

=============== Created Last 30 ================

2009-03-31 18:39 <DIR> --d----- c:\docume~1\hp_owner\applic~1\Malwarebytes
2009-03-31 18:32 22,494 a------- c:\windows\system32\AAWService_2009_03_31_18_32_12.dmp
2009-03-31 15:08 <DIR> --d----- c:\program files\Windows Installer Clean Up
2009-03-31 15:08 <DIR> --d----- c:\program files\MSECACHE
2009-03-31 14:54 23,173 a------- c:\windows\system32\AAWService_2009_03_31_14_54_28.dmp
2009-03-31 14:34 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-31 14:34 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-31 14:34 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-03-31 14:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-30 20:10 <DIR> --d----- c:\program files\Cobian Backup 9
2009-03-30 00:12 292,352 a------- c:\windows\system32\gmyiu.exe
2009-03-30 00:12 5,846 a------- c:\windows\system32\gmyiu.dat
2009-03-30 00:09 3,291,364 ---sh--- c:\windows\system32\ahoyamed.tmp
2009-03-27 00:19 18,440 a------- c:\windows\system32\drivers\pxprot.sys
2009-03-27 00:19 22,024 a------- c:\windows\system32\drivers\pxscan.sys
2009-03-27 00:19 16,904 a------- c:\windows\system32\drivers\pxrts.sys
2009-03-27 00:19 <DIR> --d----- c:\program files\Prevx
2009-03-27 00:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PrevxCSI
2009-03-26 01:10 3,289,742 ---sh--- c:\windows\system32\ewanadep.ini
2009-03-25 23:14 15,688 a------- c:\windows\system32\lsdelete.exe
2009-03-25 22:33 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-03-25 22:25 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-25 15:17 <DIR> -cd----- C:\!KillBox
2009-03-25 12:57 3,291,644 ---sh--- c:\windows\system32\usuwisiy.ini
2009-03-25 12:57 128,512 a--sh--- c:\windows\system32\iyauys.dll
2009-03-25 11:45 <DIR> --d----- c:\windows\system32\NtmsData
2009-03-24 23:46 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-03-24 23:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-03-24 23:30 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
2009-03-24 21:57 51,072 a---h--- c:\windows\system32\mlfcache.dat
2009-03-24 12:58 129,024 a--sh--- c:\windows\system32\cgqzrq.dll
2009-03-24 11:10 385,536 a------- c:\windows\tcaqx4813.exe
2009-03-24 10:30 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-03-24 10:30 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-03-24 10:30 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-03-24 10:30 <DIR> --d----- c:\program files\common files\PC Tools
2009-03-24 10:30 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-03-24 10:30 <DIR> --d----- c:\program files\Spyware Doctor
2009-03-24 10:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-03-24 10:14 385,024 a------- c:\windows\nldj83573.exe
2009-03-24 10:14 <DIR> --d----- c:\program files\IEToolbar
2009-03-24 10:10 204,869 a------- c:\windows\xued04546.exe
2009-03-24 10:09 190,667 a------- c:\windows\nmwi87014.exe
2009-03-24 00:18 129,024 a--sh--- c:\windows\system32\avjgip.dll
2009-03-19 19:07 <DIR> --d----- c:\docume~1\hp_owner\applic~1\Any Video Converter
2009-03-19 19:07 <DIR> --d----- c:\program files\Any Video Converter
2009-03-19 18:34 <DIR> -cd----- C:\CoolOutput
2009-03-19 18:31 34 a---h--- c:\windows\system32\Converter_sysquict.dat
2009-03-19 18:31 <DIR> --d----- c:\program files\Cool Free All Video to Mp4 MPEG Converter
2009-03-19 16:15 <DIR> -cd----- C:\divx
2009-03-06 03:47 389,120 a------- c:\windows\system32\actskn43.ocx
2009-03-06 03:47 <DIR> --d----- c:\program files\Flv Audio Extractor
2009-03-06 02:29 237,568 a------- c:\windows\system32\rmc_rtspdl.dll
2009-03-06 02:29 156,672 a------- c:\windows\system32\rmc_fixasf.exe
2009-03-04 16:16 <DIR> --d----- c:\program files\Audacity 1.3 Beta (Unicode)
2009-03-02 22:51 <DIR> --d----- c:\docume~1\hp_owner\applic~1\LimeWireTurbo
2009-03-02 22:45 <DIR> --d----- c:\program files\LimeWireTurbo

==================== Find3M ====================

2009-03-25 12:57 128,512 a--sh--- c:\windows\system32\nawowami.dll
2009-03-25 12:57 94,208 a--sh--- c:\windows\system32\geligehu.dll
2009-03-24 12:58 129,024 a--sh--- c:\windows\system32\nomotuve.dll
2009-03-24 12:58 90,624 a--sh--- c:\windows\system32\teraniye.dll
2009-03-24 00:18 129,024 a--sh--- c:\windows\system32\meginajo.dll
2009-03-24 00:18 94,720 a--sh--- c:\windows\system32\zihemiri.dll
2009-03-06 03:39 323,584 a------- c:\windows\system32\AUDIOGENIE2.DLL
2009-02-16 00:17 202,240 a------- c:\windows\system32\DG_SS09_screensaver_PC.scr
2009-02-09 06:19 1,846,272 a------- c:\windows\system32\win32k.sys
2009-02-09 06:19 1,846,272 a------- c:\windows\system32\dllcache\win32k.sys
2009-02-01 19:29 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-01 19:29 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-01 19:29 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-01-16 22:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2008-05-03 14:08 139 -c--h--- c:\docume~1\hp_owner\applic~1\brara1985.sys
2006-08-01 14:16 404 ac------ c:\docume~1\hp_owner\applic~1\wklnhst.dat

============= FINISH: 20:29:17.50 ===============

Attached Files


Edited by Monsieurfitch08, 31 March 2009 - 07:34 PM.


#6 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:14 AM

Posted 31 March 2009 - 07:55 PM

Hi,

* Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the log from ComboFix in your next reply.

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix..This because Security Software may see some components ComboFix uses (prep.com for example) as suspicious and blocks the tool, or even deletes it. Please visit HERE if you don't know how.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 Monsieurfitch08

Monsieurfitch08
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 31 March 2009 - 09:03 PM

Ok, so here's the Combofix Log:

ComboFix 09-03-31.01 - HP_Owner 2009-03-31 21:41:55.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.895.496 [GMT -4:00]
Running from: c:\documents and settings\HP_Owner\My Documents\My Stuff\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\Guest\Application Data\sdra64.exe
c:\program files\IEToolbar
c:\program files\IEToolbar\ECO Bar\basis.xml
c:\program files\IEToolbar\ECO Bar\icons.bmp
c:\program files\IEToolbar\ECO Bar\info.txt
c:\program files\IEToolbar\ECO Bar\uninstall.exe
c:\program files\IEToolbar\ECO Bar\version.txt
c:\program files\IEToolbar\ECO Bar\your_logo.png
c:\windows\IE4 Error Log.txt
c:\windows\nmwi87014.exe
c:\windows\pack.epk
c:\windows\system32\avjgip.dll
c:\windows\system32\cgqzrq.dll
c:\windows\system32\ewanadep.ini
c:\windows\system32\geligehu.dll
c:\windows\system32\iyauys.dll
c:\windows\system32\meginajo.dll
c:\windows\system32\nawowami.dll
c:\windows\system32\nomotuve.dll
c:\windows\system32\teraniye.dll
c:\windows\system32\usuwisiy.ini
c:\windows\system32\zihemiri.dll
c:\windows\xued04546.exe

----- BITS: Possible infected sites -----

hxxp://82.98.235.205
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys


((((((((((((((((((((((((( Files Created from 2009-03-01 to 2009-04-01 )))))))))))))))))))))))))))))))
.

2009-03-31 18:39 . 2009-03-31 18:39 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Malwarebytes
2009-03-31 18:32 . 2009-03-31 18:32 22,494 --a------ c:\windows\system32\AAWService_2009_03_31_18_32_12.dmp
2009-03-31 15:08 . 2009-03-31 15:08 <DIR> d-------- c:\program files\Windows Installer Clean Up
2009-03-31 15:08 . 2009-03-31 15:08 <DIR> d-------- c:\program files\MSECACHE
2009-03-31 14:54 . 2009-03-31 14:54 23,173 --a------ c:\windows\system32\AAWService_2009_03_31_14_54_28.dmp
2009-03-31 14:34 . 2009-03-31 14:59 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-31 14:34 . 2009-03-31 14:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-31 14:34 . 2009-03-26 16:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-31 14:34 . 2009-03-26 16:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-30 20:10 . 2009-03-30 20:10 <DIR> d-------- c:\program files\Cobian Backup 9
2009-03-30 00:12 . 2009-03-30 00:12 292,352 --a------ c:\windows\system32\gmyiu.exe
2009-03-30 00:12 . 2009-03-30 00:13 5,846 --a------ c:\windows\system32\gmyiu.dat
2009-03-30 00:09 . 2009-03-30 00:09 <DIR> d-------- c:\documents and settings\Guest\Application Data\PureEdge
2009-03-30 00:09 . 2009-03-30 00:09 3,291,364 ---hs---- c:\windows\system32\ahoyamed.tmp
2009-03-25 23:14 . 2009-03-09 15:06 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-03-25 22:33 . 2009-03-09 15:06 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-03-25 22:25 . 2009-03-25 22:25 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-25 22:24 . 2009-03-25 22:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-25 15:17 . 2009-03-25 15:23 <DIR> d----c--- C:\!KillBox
2009-03-25 11:45 . 2009-03-25 11:46 <DIR> d-------- c:\windows\system32\NtmsData
2009-03-24 23:46 . 2009-03-24 23:47 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-03-24 23:46 . 2009-03-25 00:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-24 23:30 . 2007-12-24 17:37 138,384 --a------ c:\windows\system32\drivers\tmcomm.sys
2009-03-24 21:57 . 2009-03-24 21:57 51,072 --ah----- c:\windows\system32\mlfcache.dat
2009-03-24 11:10 . 2009-03-24 11:10 385,536 --a------ c:\windows\tcaqx4813.exe
2009-03-24 10:30 . 2009-03-25 00:17 <DIR> d-------- c:\program files\Spyware Doctor
2009-03-24 10:30 . 2009-03-24 10:33 <DIR> d-------- c:\program files\Common Files\PC Tools
2009-03-24 10:30 . 2009-03-24 10:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2009-03-24 10:30 . 2008-12-11 08:38 159,600 --a------ c:\windows\system32\drivers\pctgntdi.sys
2009-03-24 10:30 . 2009-03-06 16:45 130,424 --a------ c:\windows\system32\drivers\PCTCore.sys
2009-03-24 10:30 . 2008-12-18 12:16 73,840 --a------ c:\windows\system32\drivers\PCTAppEvent.sys
2009-03-24 10:30 . 2008-12-10 12:36 64,392 --a------ c:\windows\system32\drivers\pctplsg.sys
2009-03-24 10:14 . 2009-03-24 10:14 385,024 --a------ c:\windows\nldj83573.exe
2009-03-19 19:07 . 2009-03-19 19:08 <DIR> d-------- c:\program files\Any Video Converter
2009-03-19 19:07 . 2009-03-19 19:07 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Media Player Classic
2009-03-19 19:07 . 2009-03-19 19:22 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Any Video Converter
2009-03-19 18:34 . 2009-03-27 10:48 <DIR> d----c--- C:\CoolOutput
2009-03-19 18:31 . 2009-03-19 19:08 <DIR> d-------- c:\program files\Cool Free All Video to Mp4 MPEG Converter
2009-03-19 18:31 . 2009-03-19 18:31 34 --ah----- c:\windows\system32\Converter_sysquict.dat
2009-03-19 16:15 . 2009-03-19 16:55 <DIR> d----c--- C:\divx
2009-03-06 03:47 . 2009-03-06 03:47 <DIR> d-------- c:\program files\Flv Audio Extractor
2009-03-06 03:47 . 2003-05-14 22:07 389,120 --a------ c:\windows\system32\actskn43.ocx
2009-03-06 02:29 . 2009-03-06 03:39 237,568 --a------ c:\windows\system32\rmc_rtspdl.dll
2009-03-06 02:29 . 2009-03-06 03:39 156,672 --a------ c:\windows\system32\rmc_fixasf.exe
2009-03-04 16:17 . 2009-03-27 15:12 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Audacity
2009-03-04 16:16 . 2009-03-04 16:16 <DIR> d-------- c:\program files\Audacity 1.3 Beta (Unicode)
2009-03-02 22:51 . 2009-03-03 00:01 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\LimeWireTurbo
2009-03-02 22:45 . 2009-03-02 22:51 <DIR> d-------- c:\program files\LimeWireTurbo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-01 01:49 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-03-26 02:24 --------- d-----w c:\program files\Lavasoft
2009-03-25 14:34 --------- d-----w c:\program files\FLV Player
2009-03-24 14:30 --------- d-----w c:\documents and settings\HP_Owner\Application Data\PC Tools
2009-03-24 05:14 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-24 04:52 --------- d-----w c:\documents and settings\HP_Owner\Application Data\PC POWER SUITE
2009-03-24 04:51 --------- d-----w c:\program files\PC Power Suite
2009-03-17 03:56 --------- d-----w c:\program files\MegaSpoof
2009-03-06 07:46 --------- d-----w c:\program files\Replay Media Catcher
2009-02-24 04:36 --------- d-----w c:\program files\Apple Software Update
2009-02-18 15:53 --------- d-----w c:\program files\DivX
2009-02-11 02:40 --------- d-----w c:\program files\AIM6
2009-02-11 02:40 --------- d-----w c:\documents and settings\HP_Owner\Application Data\acccore
2009-02-11 02:39 --------- d-----w c:\program files\Common Files\Software Update Utility
2009-02-11 02:39 --------- d-----w c:\program files\AIM Toolbar
2009-02-11 02:39 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2009-02-11 02:39 --------- d-----w c:\documents and settings\All Users\Application Data\AIM Toolbar
2009-02-11 02:39 --------- d-----w c:\documents and settings\All Users\Application Data\acccore
2009-02-11 02:38 --------- d-----w c:\program files\Common Files\AOL
2009-02-06 15:39 --------- d-----w c:\documents and settings\HP_Owner\Application Data\PureEdge
2009-02-06 15:39 --------- d-----w c:\documents and settings\All Users\Application Data\PureEdge
2009-02-06 15:38 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 15:38 --------- d-----w c:\program files\PureEdge
2009-02-01 23:29 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-01 23:29 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2008-05-03 18:08 139 -c-h--w c:\documents and settings\HP_Owner\Application Data\brara1985.sys
2006-08-01 18:16 404 -c--a-w c:\documents and settings\HP_Owner\Application Data\wklnhst.dat
2005-12-31 22:24 0 -c--a-w c:\documents and settings\Guest\Application Data\wklnhst.dat
2007-11-15 20:05 89,088 -c--a-w c:\program files\mozilla firefox\plugins\atl71.dll
2007-11-15 20:05 53,248 -c--a-w c:\program files\mozilla firefox\plugins\boost_filesystem-vc71-mt-1_33_1.dll
2007-11-15 20:05 499,712 -c--a-w c:\program files\mozilla firefox\plugins\msvcp71.dll
2007-11-15 20:05 348,160 -c--a-w c:\program files\mozilla firefox\plugins\msvcr71.dll
2007-11-15 20:05 110,592 -c--a-w c:\program files\mozilla firefox\plugins\v22_base.dll
2007-11-15 20:05 114,688 -c--a-w c:\program files\mozilla firefox\plugins\v22_compression.dll
2007-11-15 20:05 106,496 -c--a-w c:\program files\mozilla firefox\plugins\v22_connect.dll
2007-11-15 20:05 229,376 -c--a-w c:\program files\mozilla firefox\plugins\v22_update.dll
2007-11-15 20:05 196,608 -c--a-w c:\program files\mozilla firefox\plugins\v22_utility.dll
2007-11-15 20:05 159,744 -c--a-w c:\program files\mozilla firefox\plugins\v22_winapplib.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-21 50472]
"AROReminder"="c:\program files\Advanced Registry Optimizer\ARO.exe" [2007-07-23 2084480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"wltray.exe"="c:\windows\system32\wltray.exe" [2005-03-10 778348]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-15 1261336]
"masqform.exe"="c:\program files\PureEdge\Viewer 6.0\masqform.exe" [2003-12-03 1052672]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-09 515416]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-12-08 1173384]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2003-07-14 34880]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= c:\documents and settings\HP_Owner\My Documents\My Stuff\02.jpg
FriendlyName=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-01 19:29 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=c:\windows\pss\Updates from HP.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
? ?????????????????????? [?]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
? ?????????????????????? [?]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a--c--- 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2008-10-21 13:09 50472 c:\program files\AIM6\aim6.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AROReminder]
--a------ 2007-07-23 09:34 2084480 c:\program files\Advanced Registry Optimizer\ARO.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
--a------ 2008-12-15 15:44 1261336 c:\progra~1\AVG\AVG8\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 08:00 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-05-12 09:12 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
--a--c--- 2005-02-26 01:34 245760 c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
--a--c--- 2005-06-02 02:35 49152 c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-07-28 02:50 221184 c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2004-07-28 02:50 81920 c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a--c--- 2008-02-22 04:25 144784 c:\program files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-11-30 17:03 185632 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2006-11-03 19:20 866584 c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
--a------ 2005-05-26 14:01 49152 c:\windows\system32\SiSPower.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TapiSrv"=3 (0x3)
"Spooler"=2 (0x2)
"Fax"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-25 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-03-24 130424]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-28 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-28 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-28 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-10-28 231704]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-10-26 24652]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-03-24 348752]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c901d464-758c-11da-a32e-0013d4d02037}]
\Shell\AutoRun\command - J:\setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder

2009-03-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 15:06]

2009-03-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]

2009-04-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - ORPHANS REMOVED - - - -

BHO-{585b3151-9219-ff83-11dc-593e7ab9e6c2} - (no file)
BHO-{8FC25AA3-5AF0-5F33-D4B2-4CD9B0658025} - (no file)
BHO-{97b53875-9cd2-440d-b3df-fdfaf96a102b} - (no file)
Toolbar-8EAB99C9-F9EC-4b64-A4BA-D9BCAE8779C2 - (no file)
HKLM-Run-hlimnlnk - c:\windows\system32\hlimnlnk.exe
MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe
MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
MSConfigStartUp-vckqgkz - c:\windows\system32\vckqgkz.exe
MSConfigStartUp-Weather - c:\progra~1\AWS\WEATHE~1\Weather.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://myspace.com/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = hxxp://myspace.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\ksqxhua9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - facebook.com
FF - prefs.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPView22.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\view22\version_4\NPView22.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-31 21:47:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\wltrysvc.exe
c:\windows\system32\bcmwltry.exe
c:\windows\system32\netdde.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-03-31 21:58:56 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-01 01:58:44

Pre-Run: 1,036,165,120 bytes free
Post-Run: 1,404,461,056 bytes free

322 --- E O F --- 2009-04-01 01:57:26

#8 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:14 AM

Posted 01 April 2009 - 04:19 AM

Hi,

I see you have Viewpoint installed...
Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546
I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.
  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player
Then,

* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

File::
c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\ksqxhua9.default\user.js
c:\windows\system32\gmyiu.exe
c:\windows\system32\gmyiu.dat
c:\windows\system32\ahoyamed.tmp
c:\windows\tcaqx4813.exe
c:\windows\nldj83573.exe
Firefox::
FF - ProfilePath - c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\ksqxhua9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www14.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: keyword.URL - hxxp://www14.yoog.com/search.php?q=
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]


Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#9 Monsieurfitch08

Monsieurfitch08
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 01 April 2009 - 10:00 AM

Hey, things are starting to clear up pretty nicely.

Here's the new Combofix log:


ComboFix 09-03-31.03 - HP_Owner 2009-04-01 10:33:48.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.895.456 [GMT -4:00]
Running from: c:\documents and settings\HP_Owner\My Documents\My Stuff\ComboFix.exe
Command switches used :: c:\documents and settings\HP_Owner\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
* Created a new restore point

FILE ::
c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\ksqxhua9.default\user.js
c:\windows\nldj83573.exe
c:\windows\system32\ahoyamed.tmp
c:\windows\system32\gmyiu.dat
c:\windows\system32\gmyiu.exe
c:\windows\tcaqx4813.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\ksqxhua9.default\user.js
c:\windows\nldj83573.exe
c:\windows\system32\ahoyamed.tmp
c:\windows\system32\gmyiu.dat
c:\windows\system32\gmyiu.exe
c:\windows\tcaqx4813.exe

.
((((((((((((((((((((((((( Files Created from 2009-03-01 to 2009-04-01 )))))))))))))))))))))))))))))))
.

2009-04-01 10:10 . 2009-04-01 10:10 <DIR> d-------- c:\windows\LastGood.Tmp
2009-04-01 10:01 . 2009-04-01 10:01 <DIR> d-------- c:\windows\system32\scripting
2009-04-01 10:01 . 2009-04-01 10:01 <DIR> d-------- c:\windows\system32\en
2009-04-01 10:01 . 2009-04-01 10:01 <DIR> d-------- c:\windows\system32\bits
2009-04-01 10:01 . 2009-04-01 10:01 <DIR> d-------- c:\windows\l2schemas
2009-04-01 09:51 . 2009-04-01 10:01 <DIR> d-------- c:\windows\ServicePackFiles
2009-04-01 09:33 . 2009-04-01 09:33 <DIR> d-------- c:\windows\EHome
2009-04-01 01:55 . 2009-04-01 01:55 57,344 --a------ c:\windows\system32\ROB268.tmp
2009-03-31 18:39 . 2009-03-31 18:39 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Malwarebytes
2009-03-31 18:32 . 2009-03-31 18:32 22,494 --a------ c:\windows\system32\AAWService_2009_03_31_18_32_12.dmp
2009-03-31 15:08 . 2009-03-31 15:08 <DIR> d-------- c:\program files\Windows Installer Clean Up
2009-03-31 15:08 . 2009-03-31 15:08 <DIR> d-------- c:\program files\MSECACHE
2009-03-31 14:54 . 2009-03-31 14:54 23,173 --a------ c:\windows\system32\AAWService_2009_03_31_14_54_28.dmp
2009-03-31 14:34 . 2009-03-31 14:59 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-31 14:34 . 2009-03-31 14:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-31 14:34 . 2009-03-26 16:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-31 14:34 . 2009-03-26 16:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-30 20:10 . 2009-03-30 20:10 <DIR> d-------- c:\program files\Cobian Backup 9
2009-03-30 00:09 . 2009-03-30 00:09 <DIR> d-------- c:\documents and settings\Guest\Application Data\PureEdge
2009-03-25 23:14 . 2009-03-09 15:06 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-03-25 22:33 . 2009-03-09 15:06 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-03-25 22:25 . 2009-03-25 22:25 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-25 22:24 . 2009-03-25 22:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-25 15:17 . 2009-03-25 15:23 <DIR> d----c--- C:\!KillBox
2009-03-25 11:45 . 2009-03-25 11:46 <DIR> d-------- c:\windows\system32\NtmsData
2009-03-24 23:46 . 2009-03-24 23:47 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-03-24 23:46 . 2009-03-25 00:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-24 23:30 . 2007-12-24 17:37 138,384 --a------ c:\windows\system32\drivers\tmcomm.sys
2009-03-24 21:57 . 2009-03-24 21:57 51,072 --ah----- c:\windows\system32\mlfcache.dat
2009-03-24 10:30 . 2009-04-01 09:45 <DIR> d-------- c:\program files\Spyware Doctor
2009-03-24 10:30 . 2009-03-24 10:33 <DIR> d-------- c:\program files\Common Files\PC Tools
2009-03-24 10:30 . 2009-03-24 10:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2009-03-24 10:30 . 2008-12-11 08:38 159,600 --a------ c:\windows\system32\drivers\pctgntdi.sys
2009-03-24 10:30 . 2009-03-06 16:45 130,424 --a------ c:\windows\system32\drivers\PCTCore.sys
2009-03-24 10:30 . 2008-12-18 12:16 73,840 --a------ c:\windows\system32\drivers\PCTAppEvent.sys
2009-03-24 10:30 . 2008-12-10 12:36 64,392 --a------ c:\windows\system32\drivers\pctplsg.sys
2009-03-19 19:07 . 2009-03-19 19:08 <DIR> d-------- c:\program files\Any Video Converter
2009-03-19 19:07 . 2009-03-19 19:07 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Media Player Classic
2009-03-19 19:07 . 2009-03-19 19:22 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Any Video Converter
2009-03-19 18:34 . 2009-03-27 10:48 <DIR> d----c--- C:\CoolOutput
2009-03-19 18:31 . 2009-03-19 19:08 <DIR> d-------- c:\program files\Cool Free All Video to Mp4 MPEG Converter
2009-03-19 18:31 . 2009-03-19 18:31 34 --ah----- c:\windows\system32\Converter_sysquict.dat
2009-03-19 16:15 . 2009-03-19 16:55 <DIR> d----c--- C:\divx
2009-03-06 03:47 . 2009-03-06 03:47 <DIR> d-------- c:\program files\Flv Audio Extractor
2009-03-06 03:47 . 2003-05-14 22:07 389,120 --a------ c:\windows\system32\actskn43.ocx
2009-03-06 02:29 . 2009-03-06 03:39 237,568 --a------ c:\windows\system32\rmc_rtspdl.dll
2009-03-06 02:29 . 2009-03-06 03:39 156,672 --a------ c:\windows\system32\rmc_fixasf.exe
2009-03-04 16:17 . 2009-04-01 01:48 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Audacity
2009-03-04 16:16 . 2009-03-04 16:16 <DIR> d-------- c:\program files\Audacity 1.3 Beta (Unicode)
2009-03-02 22:51 . 2009-03-03 00:01 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\LimeWireTurbo
2009-03-02 22:45 . 2009-03-02 22:51 <DIR> d-------- c:\program files\LimeWireTurbo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-01 14:34 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-01 14:07 61,440 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2009-04-01 14:07 45,056 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2009-04-01 14:07 44,032 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2009-04-01 14:07 40,960 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2009-04-01 14:07 32,768 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2009-04-01 14:07 32,768 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2009-04-01 14:07 287,310 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection.dll
2009-04-01 14:07 163,840 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2009-04-01 13:48 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2009-04-01 05:56 4 -c--a-w C:\WINDOWSRegDefrag.dat
2009-03-26 02:24 --------- d-----w c:\program files\Lavasoft
2009-03-25 14:34 --------- d-----w c:\program files\FLV Player
2009-03-24 14:30 --------- d-----w c:\documents and settings\HP_Owner\Application Data\PC Tools
2009-03-24 05:14 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-24 04:52 --------- d-----w c:\documents and settings\HP_Owner\Application Data\PC POWER SUITE
2009-03-24 04:51 --------- d-----w c:\program files\PC Power Suite
2009-03-17 03:56 --------- d-----w c:\program files\MegaSpoof
2009-03-06 07:46 --------- d-----w c:\program files\Replay Media Catcher
2009-03-06 07:39 323,584 ----a-w c:\windows\system32\AUDIOGENIE2.DLL
2009-02-24 04:36 --------- d-----w c:\program files\Apple Software Update
2009-02-18 15:53 --------- d-----w c:\program files\DivX
2009-02-16 04:17 202,240 ----a-w c:\windows\system32\DG_SS09_screensaver_PC.scr
2009-02-11 02:40 --------- d-----w c:\program files\AIM6
2009-02-11 02:40 --------- d-----w c:\documents and settings\HP_Owner\Application Data\acccore
2009-02-11 02:39 --------- d-----w c:\program files\Common Files\Software Update Utility
2009-02-11 02:39 --------- d-----w c:\program files\AIM Toolbar
2009-02-11 02:39 --------- d-----w c:\documents and settings\All Users\Application Data\AIM Toolbar
2009-02-11 02:39 --------- d-----w c:\documents and settings\All Users\Application Data\acccore
2009-02-11 02:38 --------- d-----w c:\program files\Common Files\AOL
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:13 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-06 15:39 --------- d-----w c:\documents and settings\HP_Owner\Application Data\PureEdge
2009-02-06 15:39 --------- d-----w c:\documents and settings\All Users\Application Data\PureEdge
2009-02-06 15:38 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 15:38 --------- d-----w c:\program files\PureEdge
2009-02-01 23:29 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-01 23:29 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-01 23:29 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-01-17 02:35 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-05-03 18:08 139 -c-h--w c:\documents and settings\HP_Owner\Application Data\brara1985.sys
2006-08-01 18:16 404 -c--a-w c:\documents and settings\HP_Owner\Application Data\wklnhst.dat
2005-12-31 22:24 0 -c--a-w c:\documents and settings\Guest\Application Data\wklnhst.dat
2007-11-15 20:05 89,088 -c--a-w c:\program files\mozilla firefox\plugins\atl71.dll
2007-11-15 20:05 53,248 -c--a-w c:\program files\mozilla firefox\plugins\boost_filesystem-vc71-mt-1_33_1.dll
2007-11-15 20:05 499,712 -c--a-w c:\program files\mozilla firefox\plugins\msvcp71.dll
2007-11-15 20:05 348,160 -c--a-w c:\program files\mozilla firefox\plugins\msvcr71.dll
2007-11-15 20:05 110,592 -c--a-w c:\program files\mozilla firefox\plugins\v22_base.dll
2007-11-15 20:05 114,688 -c--a-w c:\program files\mozilla firefox\plugins\v22_compression.dll
2007-11-15 20:05 106,496 -c--a-w c:\program files\mozilla firefox\plugins\v22_connect.dll
2007-11-15 20:05 229,376 -c--a-w c:\program files\mozilla firefox\plugins\v22_update.dll
2007-11-15 20:05 196,608 -c--a-w c:\program files\mozilla firefox\plugins\v22_utility.dll
2007-11-15 20:05 159,744 -c--a-w c:\program files\mozilla firefox\plugins\v22_winapplib.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-03-31_21.57.32.62 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB938464_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB938464_0$\spuninst\updspapi.dll
- 2004-08-04 15:06:34 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2004-08-04 15:06:34 82,944 -c----w c:\windows\$NtUninstallKB946648_0$\msgsc.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB946648_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB946648_0$\spuninst\updspapi.dll
- 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950762_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950762_0$\spuninst\updspapi.dll
- 2005-07-26 04:39:45 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2005-07-26 04:39:45 243,200 -c----w c:\windows\$NtUninstallKB950974_0$\es.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950974_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB950974_0$\spuninst\updspapi.dll
- 2007-08-21 06:15:44 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-08-21 06:15:44 683,520 -c----w c:\windows\$NtUninstallKB951066_0$\inetcomm.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951066_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951066_0$\spuninst\updspapi.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
- 2007-10-29 22:43:03 1,287,680 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 -c----w c:\windows\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951698_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951698_0$\spuninst\updspapi.dll
- 2004-08-04 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
- 2008-02-20 05:32:43 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
- 2004-08-04 12:00:00 245,248 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
- 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-04 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748_0$\afd.sys
+ 2008-02-20 05:32:43 148,992 -c----w c:\windows\$NtUninstallKB951748_0$\dnsapi.dll
+ 2004-08-04 12:00:00 245,248 -c----w c:\windows\$NtUninstallKB951748_0$\mswsock.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951748_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951748_0$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748_0$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748_0$\tcpip6.sys
- 2004-08-04 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2004-08-04 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287_0$\msadce.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB952287_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB952287_0$\spuninst\updspapi.dll
- 2005-06-29 01:46:00 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2005-06-29 01:46:00 74,240 -c----w c:\windows\$NtUninstallKB952954_0$\mscms.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB952954_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB952954_0$\spuninst\updspapi.dll
- 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954211_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB954211_0$\spuninst\updspapi.dll
+ 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\$NtUninstallKB954211_0$\win32k.sys
- 2006-08-21 14:52:08 246,814 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954600_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB954600_0$\spuninst\updspapi.dll
+ 2006-08-21 14:52:08 246,814 -c----w c:\windows\$NtUninstallKB954600_0$\strmdll.dll
- 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\$NtUninstallKB955069_0$\msxml3.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB955069_0$\spuninst\spuninst.exe
+ 2008-07-09 18:08:38 382,840 -c----w c:\windows\$NtUninstallKB955069_0$\spuninst\updspapi.dll
- 2008-02-20 06:51:05 282,624 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-02-20 06:51:05 282,624 -c----w c:\windows\$NtUninstallKB956802_0$\gdi32.dll
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB956802_0$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956802_0$\spuninst\updspapi.dll
- 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803_0$\afd.sys
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803_0$\afd.sys.000
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956803_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB956803_0$\spuninst\updspapi.dll
- 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
- 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrnlmp.exe
+ 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe
+ 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrpamp.exe
+ 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956841_0$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956841_0$\spuninst\updspapi.dll
- 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB957095_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB957095_0$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095_0$\srv.sys
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097_0$\mrxsmb.sys
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB957097_0$\spuninst\spuninst.exe
+ 2008-07-08 13:02:12 382,840 -c----w c:\windows\$NtUninstallKB957097_0$\spuninst\updspapi.dll
- 2006-08-17 12:28:27 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2006-08-17 12:28:27 332,288 -c----w c:\windows\$NtUninstallKB958644_0$\netapi32.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB958644_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958644_0$\spuninst\updspapi.dll
- 2008-08-28 10:04:17 333,056 -c----w c:\windows\$NtUninstallKB958687$\srv.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB958687_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958687_0$\spuninst\updspapi.dll
+ 2008-08-28 10:04:17 333,056 -c----w c:\windows\$NtUninstallKB958687_0$\srv.sys
- 2008-09-15 11:57:41 1,846,016 -c----w c:\windows\$NtUninstallKB958690$\win32k.sys
- 2007-04-25 14:21:15 144,896 -c----w c:\windows\$NtUninstallKB960225$\schannel.dll
- 2007-10-26 03:34:01 8,460,288 -c----w c:\windows\$NtUninstallKB967715$\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 -c----w c:\windows\$NtUninstallKB967715_0$\shell32.dll
+ 2008-07-09 07:38:25 231,288 -c----w c:\windows\$NtUninstallKB967715_0$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB967715_0$\spuninst\updspapi.dll
+ 2007-10-29 10:04:03 350,720 -c----w c:\windows\$NtUninstallKB967715_0$\xpsp3res.dll
- 2006-10-04 14:05:26 39,424 ------w c:\windows\AppPatch\acadproc.dll
+ 2008-04-14 00:11:48 39,424 ----a-w c:\windows\AppPatch\acadproc.dll
- 2004-08-04 12:00:00 1,852,416 ----a-w c:\windows\AppPatch\AcGenral.dll
+ 2008-04-14 00:11:48 1,852,928 ----a-w c:\windows\AppPatch\acgenral.dll
- 2004-08-04 12:00:00 450,048 -c--a-w c:\windows\AppPatch\AcLayers.dll
+ 2008-04-14 00:11:48 451,072 ----a-w c:\windows\AppPatch\aclayers.dll
- 2004-08-04 12:00:00 137,728 -c--a-w c:\windows\AppPatch\AcLua.dll
+ 2008-04-14 00:11:48 141,312 ----a-w c:\windows\AppPatch\aclua.dll
- 2004-08-04 12:00:00 244,736 -c--a-w c:\windows\AppPatch\AcSpecfc.dll
+ 2008-04-14 00:11:48 245,248 ----a-w c:\windows\AppPatch\acspecfc.dll
- 2004-08-04 12:00:00 116,224 -c--a-w c:\windows\AppPatch\AcXtrnal.dll
+ 2008-04-14 00:11:48 116,224 ----a-w c:\windows\AppPatch\acxtrnal.dll
- 2008-06-13 13:10:50 272,128 -c----w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-06-13 11:05:51 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2008-10-24 11:10:42 453,632 -c--a-w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2008-08-14 09:58:27 2,136,064 -c----w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 10:09:26 2,145,280 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2008-08-14 09:22:13 2,057,728 -c----w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,066,048 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-08-14 09:22:14 2,015,744 -c----w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:33:16 2,023,936 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-08-14 10:00:45 2,180,352 -c----w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 10:11:02 2,189,184 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-04-01 14:32:38 614,400 ----a-w c:\windows\ERDNT\Hiv-backup\NTUSER.DAT
- 2007-06-13 10:23:07 1,033,216 ----a-w c:\windows\explorer.exe
+ 2008-04-14 00:12:19 1,033,728 ----a-w c:\windows\explorer.exe
- 2004-08-04 12:00:00 34,816 -c--a-w c:\windows\Help\sniffpol.dll
+ 2008-04-14 00:12:06 34,816 ----a-w c:\windows\Help\sniffpol.dll
- 2004-08-04 12:00:00 33,280 -c--a-w c:\windows\Help\sstub.dll
+ 2008-04-14 00:12:07 33,280 ----a-w c:\windows\Help\sstub.dll
- 2004-08-04 12:00:00 279,040 -c--a-w c:\windows\Help\tshoot.dll
+ 2008-04-14 00:12:07 279,040 ----a-w c:\windows\Help\tshoot.dll
- 2005-05-27 06:22:02 10,752 ----a-w c:\windows\hh.exe
+ 2008-04-14 00:12:21 10,752 ----a-w c:\windows\hh.exe
- 2004-08-04 12:00:00 220,160 -c--a-w c:\windows\ime\mscandui.dll
+ 2008-04-14 00:11:58 220,160 ----a-w c:\windows\ime\mscandui.dll
- 2004-08-04 12:00:00 130,048 -c--a-w c:\windows\ime\SOFTKBD.DLL
+ 2008-04-14 00:12:06 130,048 ----a-w c:\windows\ime\softkbd.dll
- 2004-08-04 12:00:00 62,976 -c--a-w c:\windows\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w c:\windows\ime\spgrmr.dll
- 2004-08-04 12:00:00 250,880 ----a-w c:\windows\ime\SPTIP.dll
+ 2008-04-14 00:12:06 250,368 ----a-w c:\windows\ime\sptip.dll
+ 2008-01-18 15:13:09 2,247 ------w c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w c:\windows\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w c:\windows\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w c:\windows\Installer\tsclientmsitrans\tscupdc.dll
- 2004-08-04 12:00:00 24,064 -c--a-w c:\windows\msagent\agentanm.dll
+ 2008-04-14 00:11:48 24,064 ----a-w c:\windows\msagent\agentanm.dll
- 2004-08-04 12:00:00 214,016 -c--a-w c:\windows\msagent\agentctl.dll
+ 2008-04-14 00:11:48 214,016 ----a-w c:\windows\msagent\agentctl.dll
- 2006-10-12 13:54:18 42,496 ----a-w c:\windows\msagent\agentdp2.dll
+ 2008-04-14 00:11:48 42,496 ----a-w c:\windows\msagent\agentdp2.dll
- 2007-03-09 13:58:57 57,344 ----a-w c:\windows\msagent\agentdpv.dll
+ 2008-04-14 00:11:48 57,344 ----a-w c:\windows\msagent\agentdpv.dll
- 2004-08-04 12:00:00 49,152 -c--a-w c:\windows\msagent\agentmpx.dll
+ 2008-04-14 00:11:48 49,152 ----a-w c:\windows\msagent\agentmpx.dll
- 2004-08-04 12:00:00 24,064 -c--a-w c:\windows\msagent\agentpsh.dll
+ 2008-04-14 00:11:48 24,064 ----a-w c:\windows\msagent\agentpsh.dll
- 2004-08-04 12:00:00 44,032 -c--a-w c:\windows\msagent\agentsr.dll
+ 2008-04-14 00:11:48 44,032 ----a-w c:\windows\msagent\agentsr.dll
- 2006-10-12 11:54:07 256,512 ----a-w c:\windows\msagent\agentsvr.exe
+ 2008-04-14 00:12:12 256,512 ----a-w c:\windows\msagent\agentsvr.exe
- 2004-08-04 12:00:00 24,064 -c--a-w c:\windows\msagent\agtintl.dll
+ 2008-04-14 00:11:49 24,064 ----a-w c:\windows\msagent\agtintl.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0405.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0406.dll
- 2004-08-04 12:00:00 21,504 -c--a-w c:\windows\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt0407.dll
- 2004-08-04 12:00:00 22,016 -c--a-w c:\windows\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w c:\windows\msagent\intl\agt0408.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w c:\windows\msagent\intl\agt0409.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt040b.dll
- 2004-08-04 12:00:00 21,504 -c--a-w c:\windows\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt040c.dll
- 2004-08-04 12:00:00 19,968 -c--a-w c:\windows\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w c:\windows\msagent\intl\agt040e.dll
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w c:\windows\msagent\intl\agt0410.dll
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w c:\windows\msagent\intl\agt0413.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0414.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0415.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w c:\windows\msagent\intl\agt0416.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0419.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041d.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041f.dll
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w c:\windows\msagent\intl\agt0816.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w c:\windows\msagent\intl\agt0c0a.dll
- 2004-08-04 12:00:00 39,936 -c--a-w c:\windows\msagent\mslwvtts.dll
+ 2008-04-14 00:12:00 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
- 2006-06-03 11:40:49 33,792 -c----w c:\windows\network diagnostic\custsat.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\network diagnostic\custsat.dll
- 2006-10-10 12:44:50 557,568 ------w c:\windows\network diagnostic\xpnetdiag.exe
+ 2008-04-13 18:53:32 558,080 ------w c:\windows\network diagnostic\xpnetdiag.exe
- 2004-08-04 12:00:00 69,120 ----a-w c:\windows\NOTEPAD.EXE
+ 2008-04-14 00:12:29 69,120 ----a-w c:\windows\notepad.exe
- 2004-08-04 12:00:00 768,512 -c--a-w c:\windows\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 00:12:21 769,024 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-04 12:00:00 743,936 ----a-w c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 00:12:21 744,448 ----a-w c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-04 12:00:00 18,944 -c--a-w c:\windows\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 00:12:21 18,432 ----a-w c:\windows\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-04 12:00:00 158,208 -c--a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 00:12:27 169,984 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-04 12:00:00 376,320 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 00:11:59 376,832 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-04 12:00:00 102,400 -c--a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 00:12:02 102,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-04 12:00:00 38,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 00:12:02 38,400 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
- 2005-09-10 20:07:51 81,867 -c--a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2009-04-01 14:08:06 81,867 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
- 2005-09-10 20:07:51 7,150 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2009-04-01 14:08:06 7,520 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-04 12:00:00 150,528 -c--a-w c:\windows\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 00:12:38 150,528 ----a-w c:\windows\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-04 12:00:00 151,552 -c--a-w c:\windows\PeerNet\sqldb20.dll
+ 2008-04-14 00:12:06 151,552 ----a-w c:\windows\PeerNet\sqldb20.dll
- 2004-08-04 12:00:00 462,848 -c--a-w c:\windows\PeerNet\sqlqp20.dll
+ 2008-04-14 00:12:06 462,848 ----a-w c:\windows\PeerNet\sqlqp20.dll
- 2004-08-04 12:00:00 110,592 -c--a-w c:\windows\PeerNet\sqlse20.dll
+ 2008-04-14 00:12:06 110,592 ----a-w c:\windows\PeerNet\sqlse20.dll
- 2004-08-04 19:00:00 146,432 ----a-w c:\windows\regedit.exe
+ 2008-04-14 00:12:32 146,432 ----a-w c:\windows\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w c:\windows\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w c:\windows\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w c:\windows\ServicePackFiles\i386\61883.sys
+ 2008-04-14 00:11:48 100,352 ------w c:\windows\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w c:\windows\ServicePackFiles\i386\aaclient.dll
+ 2004-08-04 03:32:22 231,552 ------w c:\windows\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-04 03:32:32 84,480 ------w c:\windows\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 00:11:48 39,424 ------w c:\windows\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 00:12:11 184,320 ------w c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 00:11:48 1,852,928 ------w c:\windows\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 00:11:48 451,072 ------w c:\windows\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 00:11:48 141,312 ------w c:\windows\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 00:11:48 115,712 ------w c:\windows\ServicePackFiles\i386\aclui.dll
+ 2008-04-13 18:36:35 187,776 ------w c:\windows\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 00:11:48 245,248 ------w c:\windows\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 00:11:48 193,536 ------w c:\windows\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 00:12:12 4,096 ------w c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 00:11:48 98,304 ------w c:\windows\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 00:11:48 116,224 ------w c:\windows\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 00:11:48 20,540 ------w c:\windows\ServicePackFiles\i386\admin.dll
+ 2008-04-14 00:12:12 16,439 ------w c:\windows\ServicePackFiles\i386\admin.exe
+ 2004-08-04 03:32:24 10,880 ------w c:\windows\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 00:11:48 61,440 ------w c:\windows\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 00:11:48 175,616 ------w c:\windows\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 00:11:48 143,360 ------w c:\windows\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 00:11:48 68,096 ------w c:\windows\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 00:11:48 263,680 ------w c:\windows\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 00:11:48 4,255 ------w c:\windows\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w c:\windows\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w c:\windows\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w c:\windows\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w c:\windows\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w c:\windows\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w c:\windows\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 00:11:48 617,472 ------w c:\windows\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 00:11:48 99,840 ------w c:\windows\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w c:\windows\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w c:\windows\ServicePackFiles\i386\afd.sys
+ 2008-04-14 00:11:48 24,064 ------w c:\windows\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 00:11:48 214,016 ------w c:\windows\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 00:11:48 42,496 ------w c:\windows\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 00:11:48 57,344 ------w c:\windows\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 00:11:48 49,152 ------w c:\windows\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 00:11:48 24,064 ------w c:\windows\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 00:11:48 44,032 ------w c:\windows\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 00:12:12 256,512 ------w c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w c:\windows\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w c:\windows\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00 22,016 ------w c:\windows\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28 19,968 ------w c:\windows\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00 19,968 ------w c:\windows\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00 20,992 ------w c:\windows\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01 20,992 ------w c:\windows\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01 20,480 ------w c:\windows\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02 19,456 ------w c:\windows\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02 20,992 ------w c:\windows\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02 20,480 ------w c:\windows\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 00:11:49 24,064 ------w c:\windows\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 00:12:12 98,304 ------w c:\windows\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 00:12:12 44,544 ------w c:\windows\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38 42,752 ------w c:\windows\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 00:11:49 17,408 ------w c:\windows\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39 43,008 ------w c:\windows\ServicePackFiles\i386\amdagp.sys
+ 2008-04-13 18:31:32 37,376 ------w c:\windows\ServicePackFiles\i386\amdk6.sys
+ 2008-04-13 18:31:33 37,760 ------w c:\windows\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 00:11:49 70,656 ------w c:\windows\ServicePackFiles\i386\amstream.dll
+ 2004-08-04 03:31:20 36,224 ------w c:\windows\ServicePackFiles\i386\an983.sys
+ 2008-04-14 00:11:49 125,952 ------w c:\windows\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 00:11:49 331,264 ------w c:\windows\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25 60,800 ------w c:\windows\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 00:11:49 65,024 ------w c:\windows\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27 14,336 ------w c:\windows\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 00:12:12 25,088 ------w c:\windows\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30 96,512 ------w c:\windows\ServicePackFiles\i386\atapi.sys
+ 2004-08-04 03:29:30 56,623 ------w c:\windows\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-04 03:29:30 11,615 ------w c:\windows\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-04 03:29:30 12,047 ------w c:\windows\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-04 03:29:32 30,671 ------w c:\windows\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-04 03:29:32 63,663 ------w c:\windows\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-04 03:29:32 26,367 ------w c:\windows\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-04 03:29:32 21,343 ------w c:\windows\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-04 03:29:32 36,463 ------w c:\windows\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-04 03:29:32 29,455 ------w c:\windows\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-04 03:29:32 34,735 ------w c:\windows\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 00:11:49 229,376 ------w c:\windows\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 00:11:49 377,984 ------w c:\windows\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 00:11:49 201,728 ------w c:\windows\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-04 03:29:28 327,040 ------w c:\windows\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-04 03:29:28 701,440 ------w c:\windows\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 00:11:49 870,784 ------w c:\windows\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 00:11:49 1,057,760 ------w c:\windows\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 00:11:50 1,888,992 ------w c:\windows\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-04 03:29:28 57,856 ------w c:\windows\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-04 03:29:30 13,824 ------w c:\windows\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-04 03:29:30 14,336 ------w c:\windows\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-04 03:29:30 52,224 ------w c:\windows\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-04 03:29:32 104,960 ------w c:\windows\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-04 03:29:32 28,672 ------w c:\windows\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-04 03:29:32 13,824 ------w c:\windows\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-04 03:29:32 73,216 ------w c:\windows\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-04 03:29:32 31,744 ------w c:\windows\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-04 03:29:32 63,488 ------w c:\windows\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 00:11:50 32,768 ------w c:\windows\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 00:11:50 516,768 ------w c:\windows\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 00:11:50 58,880 ------w c:\windows\ServicePackFiles\i386\atl.dll
+ 2008-04-14 00:12:12 11,264 ------w c:\windows\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25 59,904 ------w c:\windows\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 00:09:01 285,696 ------w c:\windows\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30 55,808 ------w c:\windows\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 00:11:50 30,208 ------w c:\windows\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 00:12:12 12,288 ------w c:\windows\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 00:11:50 21,183 ------w c:\windows\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w c:\windows\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w c:\windows\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w c:\windows\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w c:\windows\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 00:11:50 42,496 ------w c:\windows\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 00:12:12 14,336 ------w c:\windows\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 00:11:50 20,540 ------w c:\windows\ServicePackFiles\i386\author.dll
+ 2008-04-14 00:12:12 16,439 ------w c:\windows\ServicePackFiles\i386\author.exe
+ 2008-04-14 00:11:50 62,464 ------w c:\windows\ServicePackFiles\i386\authz.dll
+ 2008-04-14 00:12:12 588,800 ------w c:\windows\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 00:12:12 602,624 ------w c:\windows\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 00:12:13 580,608 ------w c:\windows\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 00:12:13 11,264 ------w c:\windows\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20 38,912 ------w c:\windows\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07 13,696 ------w c:\windows\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 00:11:50 84,992 ------w c:\windows\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w c:\windows\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 00:11:50 52,736 ------w c:\windows\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 00:11:50 29,184 ------w c:\windows\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 00:11:50 8,704 ------w c:\windows\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32 14,208 ------w c:\windows\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21 11,776 ------w c:\windows\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 00:11:50 17,408 ------w c:\windows\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 00:11:50 8,192 ------w c:\windows\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 00:12:13 71,680 ------w c:\windows\ServicePackFiles\i386\blastcln.exe
+ 2008-04-13 18:53:23 71,552 ------w c:\windows\ServicePackFiles\i386\bridge.sys
+ 2008-04-13 17:03:24 63,488 ------w c:\windows\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 00:11:50 77,824 ------w c:\windows\ServicePackFiles\i386\browser.dll
+ 2008-04-14 00:11:50 1,025,024 ------w c:\windows\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 00:11:50 78,336 ------w c:\windows\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 00:11:50 20,992 ------w c:\windows\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33 17,024 ------w c:\windows\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w c:\windows\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w c:\windows\ServicePackFiles\i386\bthpan.sys
+ 2008-04-13 18:46:32 273,024 ------w c:\windows\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w c:\windows\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 00:11:50 30,208 ------w c:\windows\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29 18,944 ------w c:\windows\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 00:11:50 50,688 ------w c:\windows\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 00:11:50 218,112 ------w c:\windows\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 00:11:50 60,416 ------w c:\windows\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 00:11:50 84,480 ------w c:\windows\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 00:12:13 19,968 ------w c:\windows\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 00:11:50 385,024 ------w c:\windows\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 00:11:50 121,856 ------w c:\windows\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 00:11:50 50,688 ------w c:\windows\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 00:11:50 150,016 ------w c:\windows\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 00:11:50 226,304 ------w c:\windows\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 00:11:50 85,504 ------w c:\windows\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 00:11:50 625,664 ------w c:\windows\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23 17,024 ------w c:\windows\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21 63,744 ------w c:\windows\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 00:11:50 151,040 ------w c:\windows\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 00:11:50 66,560 ------w c:\windows\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 00:11:50 2,091,520 ------w c:\windows\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46 62,976 ------w c:\windows\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 00:11:50 194,560 ------w c:\windows\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 00:11:50 457,728 ------w c:\windows\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 00:11:50 38,912 ------w c:\windows\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 00:09:05 16,896 ------w c:\windows\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 00:12:14 188,480 ------w c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 00:11:50 15,423 ------w c:\windows\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58 8,192 ------w c:\windows\ServicePackFiles\i386\changer.sys
+ 2008-04-14 00:11:50 148,480 ------w c:\windows\ServicePackFiles\i386\cic.dll
+ 2008-04-14 00:11:50 1,358,848 ------w c:\windows\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 00:11:50 69,120 ------w c:\windows\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 00:12:14 5,632 ------w c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22 49,536 ------w c:\windows\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 00:11:50 110,592 ------w c:\windows\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 00:11:50 498,688 ------w c:\windows\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 00:12:14 64,000 ------w c:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 00:11:50 77,824 ------w c:\windows\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 00:12:14 20,480 ------w c:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 00:12:14 102,912 ------w c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 00:12:14 33,280 ------w c:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 00:11:50 58,368 ------w c:\windows\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37 13,952 ------w c:\windows\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 00:11:50 15,872 ------w c:\windows\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 00:12:14 389,120 ------w c:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 00:11:50 344,064 ------w c:\windows\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 00:12:14 25,600 ------w c:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 00:12:15 39,936 ------w c:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 00:11:50 185,344 ------w c:\windows\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 00:11:50 13,312 ------w c:\windows\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 00:12:15 63,488 ------w c:\windows\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 00:11:50 39,424 ------w c:\windows\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 00:11:50 47,104 ------w c:\windows\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 00:11:50 79,360 ------w c:\windows\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 00:11:51 60,416 ------w c:\windows\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 00:11:51 28,160 ------w c:\windows\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 00:11:51 195,072 ------w c:\windows\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 00:11:51 617,472 ------w c:\windows\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 00:11:51 276,992 ------w c:\windows\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 00:11:51 252,928 ------w c:\windows\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37 10,240 ------w c:\windows\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 00:11:51 229,376 ------w c:\windows\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 00:11:51 97,792 ------w c:\windows\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 00:12:15 9,728 ------w c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 00:12:15 6,144 ------w c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 00:11:51 792,064 ------w c:\windows\ServicePackFiles\i386\comres.dll
+ 2008-04-14 00:11:51 274,944 ------w c:\windows\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 00:11:51 167,424 ------w c:\windows\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 00:11:51 1,267,200 ------w c:\windows\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 00:11:51 539,648 ------w c:\windows\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 00:12:15 1,032,192 ------w c:\windows\ServicePackFiles\i386\conf.exe
+ 2008-04-14 00:11:51 45,056 ------w c:\windows\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 00:11:51 357,888 ------w c:\windows\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 00:12:15 27,648 ------w c:\windows\ServicePackFiles\i386\conime.exe
+ 2008-04-14 00:11:51 35,328 ------w c:\windows\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w c:\windows\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 00:11:51 163,840 ------w c:\windows\ServicePackFiles\i386\credui.dll
+ 2008-04-13 18:31:32 36,736 ------w c:\windows\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 00:11:51 599,040 ------w c:\windows\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 00:11:51 74,752 ------w c:\windows\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 00:11:51 33,280 ------w c:\windows\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 00:11:51 53,760 ------w c:\windows\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 00:11:51 64,512 ------w c:\windows\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 00:11:51 62,464 ------w c:\windows\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 00:11:51 512,512 ------w c:\windows\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 00:11:51 101,888 ------w c:\windows\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 00:12:15 139,264 ------w c:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 00:11:51 326,656 ------w c:\windows\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 00:11:51 32,256 ------w c:\windows\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 00:12:15 6,144 ------w c:\windows\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 00:12:16 15,360 ------w c:\windows\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 00:11:51 249,856 ------w c:\windows\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\ServicePackFiles\i386\custsat.dll
+ 2004-08-04 03:32:26 48,640 ------w c:\windows\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 00:11:51 1,179,648 ------w c:\windows\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 00:11:51 8,192 ------w c:\windows\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 00:11:51 1,689,088 ------w c:\windows\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 00:11:51 824,320 ------w c:\windows\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 00:11:51 1,054,208 ------w c:\windows\ServicePackFiles\i386\danim.dll
+ 2008-03-25 04:50:25 554,008 ------w c:\windows\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 00:11:51 54,272 ------w c:\windows\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 00:11:51 165,376 ------w c:\windows\ServicePackFiles\i386\datime.dll
+ 2008-04-14 00:11:51 25,088 ------w c:\windows\ServicePackFiles\i386\davclnt.dll
+ 2008-04-14 00:11:51 640,000 ------w c:\windows\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 00:11:51 24,576 ------w c:\windows\ServicePackFiles\i386\dbmsrpcn.dll
+ 2008-04-14 00:11:51 110,592 ------w c:\windows\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 00:11:51 28,672 ------w c:\windows\ServicePackFiles\i386\dbnmpntw.dll
+ 2008-04-14 00:25:26 1,804 ------w c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:11:51 40,960 ------w c:\windows\ServicePackFiles\i386\dcap32.dll
+ 2008-04-14 00:11:51 8,704 ------w c:\windows\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 00:12:16 6,144 ------w c:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 00:12:16 30,208 ------w c:\windows\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 00:11:51 279,552 ------w c:\windows\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 00:11:51 27,136 ------w c:\windows\ServicePackFiles\i386\ddrawex.dll
+ 2008-04-14 00:12:16 25,088 ------w c:\windows\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 00:11:51 59,904 ------w c:\windows\ServicePackFiles\i386\devenum.dll
+ 2008-04-14 00:11:51 282,624 ------w c:\windows\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 00:12:16 82,944 ------w c:\windows\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 00:12:16 105,472 ------w c:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 00:11:51 39,424 ------w c:\windows\ServicePackFiles\i386\dfrgsnap.dll
+ 2008-04-14 00:11:51 124,416 ------w c:\windows\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 00:11:51 28,672 ------w c:\windows\ServicePackFiles\i386\dfsshlex.dll
+ 2008-04-14 00:11:51 111,104 ------w c:\windows\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 00:11:51 126,976 ------w c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 00:11:52 379,904 ------w c:\windows\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w c:\windows\ServicePackFiles\i386\dhcpqec.dll
+ 2008-04-14 00:12:17 539,136 ------w c:\windows\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 00:12:17 87,040 ------w c:\windows\ServicePackFiles\i386\diantz.exe
+ 2004-08-04 12:00:00 884,712 ------w c:\windows\ServicePackFiles\i386\digcore.exe
+ 2008-04-14 00:11:52 68,608 ------w c:\windows\ServicePackFiles\i386\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\ServicePackFiles\i386\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\ServicePackFiles\i386\dimsroam.dll
+ 2008-04-14 00:11:52 158,720 ------w c:\windows\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 00:11:52 181,760 ------w c:\windows\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 00:11:52 86,528 ------w c:\windows\ServicePackFiles\i386\directdb.dll
+ 2008-04-13 18:40:47 36,352 ------w c:\windows\ServicePackFiles\i386\disk.sys
+ 2008-04-14 00:11:52 1,504,256 ------w c:\windows\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-13 18:40:44 14,208 ------w c:\windows\ServicePackFiles\i386\diskdump.sys
+ 2008-04-14 00:12:17 163,840 ------w c:\windows\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 00:11:52 32,768 ------w c:\windows\ServicePackFiles\i386\dispex.dll
+ 2008-04-14 00:12:17 5,120 ------w c:\windows\ServicePackFiles\i386\dllhost.exe
+ 2008-04-13 18:40:51 8,320 ------w c:\windows\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 00:12:17 224,768 ------w c:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 00:11:52 28,672 ------w c:\windows\ServicePackFiles\i386\dmband.dll
+ 2008-04-13 18:44:48 799,744 ------w c:\windows\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 00:11:52 61,440 ------w c:\windows\ServicePackFiles\i386\dmcompos.dll
+ 2008-04-14 00:11:52 285,184 ------w c:\windows\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 00:11:52 200,704 ------w c:\windows\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 00:11:52 181,248 ------w c:\windows\ServicePackFiles\i386\dmime.dll
+ 2008-04-13 18:44:46 153,344 ------w c:\windows\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 00:11:52 35,840 ------w c:\windows\ServicePackFiles\i386\dmloader.dll
+ 2008-04-14 00:12:17 15,872 ------w c:\windows\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 00:11:52 82,432 ------w c:\windows\ServicePackFiles\i386\dmscript.dll
+ 2008-04-14 00:11:52 23,552 ------w c:\windows\ServicePackFiles\i386\dmserver.dll
+ 2008-04-14 00:11:52 105,984 ------w c:\windows\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 00:11:52 103,424 ------w c:\windows\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 00:11:52 104,448 ------w c:\windows\ServicePackFiles\i386\dmusic.dll
+ 2008-04-13 18:45:01 52,864 ------w c:\windows\ServicePackFiles\i386\dmusic.sys
+ 2008-04-14 00:11:52 52,224 ------w c:\windows\ServicePackFiles\i386\dmutil.dll
+ 2008-04-14 00:11:52 147,968 ------w c:\windows\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 00:11:52 45,568 ------w c:\windows\ServicePackFiles\i386\dnsrslvr.dll
+ 2008-04-14 00:11:52 48,128 ------w c:\windows\ServicePackFiles\i386\docprop2.dll
+ 2004-08-04 12:00:00 53,840 ------w c:\windows\ServicePackFiles\i386\dosx.exe
+ 2008-04-14 00:11:52 26,112 ------w c:\windows\ServicePackFiles\i386\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w c:\windows\ServicePackFiles\i386\dot3cfg.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\ServicePackFiles\i386\dot3clnt.dll
+ 2008-04-14 00:11:52 9,216 ------w c:\windows\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-14 00:11:52 56,320 ------w c:\windows\ServicePackFiles\i386\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w c:\windows\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w c:\windows\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-13 18:39:46 206,976 ------w c:\windows\ServicePackFiles\i386\dot4.sys
+ 2008-04-13 21:00:49 103,424 ------w c:\windows\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-14 00:12:17 29,696 ------w c:\windows\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 00:11:52 229,888 ------w c:\windows\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 00:11:52 23,552 ------w c:\windows\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 00:09:19 3,072 ------w c:\windows\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 00:11:52 375,296 ------w c:\windows\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 00:11:52 35,328 ------w c:\windows\ServicePackFiles\i386\dpnhpast.dll
+ 2008-04-14 00:11:52 60,928 ------w c:\windows\ServicePackFiles\i386\dpnhupnp.dll
+ 2008-04-14 00:09:20 3,072 ------w c:\windows\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 00:12:17 17,920 ------w c:\windows\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 00:11:52 21,504 ------w c:\windows\ServicePackFiles\i386\dpvacm.dll
+ 2008-04-14 00:11:52 212,480 ------w c:\windows\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 00:12:18 83,456 ------w c:\windows\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 00:11:52 116,736 ------w c:\windows\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 00:11:52 57,344 ------w c:\windows\ServicePackFiles\i386\dpwsockx.dll
+ 2008-04-13 18:45:14 60,160 ------w c:\windows\ServicePackFiles\i386\drmk.sys
+ 2008-04-13 18:45:13 2,944 ------w c:\windows\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 00:11:52 14,336 ------w c:\windows\ServicePackFiles\i386\drprov.dll
+ 2004-08-04 12:00:00 4,656 ------w c:\windows\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-14 00:11:52 16,384 ------w c:\windows\ServicePackFiles\i386\ds32gt.dll
+ 2008-04-14 00:11:52 181,248 ------w c:\windows\ServicePackFiles\i386\dsdmo.dll
+ 2008-04-14 00:11:52 71,680 ------w c:\windows\ServicePackFiles\i386\dsdmoprp.dll
+ 2008-04-14 00:11:52 92,672 ------w c:\windows\ServicePackFiles\i386\dskquota.dll
+ 2008-04-14 00:11:52 155,648 ------w c:\windows\ServicePackFiles\i386\dskquoui.dll
+ 2008-04-14 00:11:52 367,616 ------w c:\windows\ServicePackFiles\i386\dsound.dll
+ 2008-04-14 00:11:52 1,293,824 ------w c:\windows\ServicePackFiles\i386\dsound3d.dll
+ 2008-04-14 00:11:52 142,848 ------w c:\windows\ServicePackFiles\i386\dsprop.dll
+ 2008-04-13 17:09:30 4,096 ------w c:\windows\ServicePackFiles\i386\dsprpres.dll
+ 2008-04-14 00:11:52 239,104 ------w c:\windows\ServicePackFiles\i386\dsquery.dll
+ 2008-04-14 00:11:52 51,200 ------w c:\windows\ServicePackFiles\i386\dssec.dll
+ 2008-04-13 17:37:57 138,752 ------w c:\windows\ServicePackFiles\i386\dssenh.dll
+ 2008-04-14 00:11:52 113,152 ------w c:\windows\ServicePackFiles\i386\dsuiext.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\ServicePackFiles\i386\dswave.dll
+ 2008-04-14 00:12:18 10,752 ------w c:\windows\ServicePackFiles\i386\dumprep.exe
+ 2008-04-14 00:11:52 304,128 ------w c:\windows\ServicePackFiles\i386\duser.dll
+ 2008-04-14 00:12:18 17,920 ------w c:\windows\ServicePackFiles\i386\dvdupgrd.exe
+ 2008-04-14 00:12:18 180,224 ------w c:\windows\ServicePackFiles\i386\dwwin.exe
+ 2008-04-14 00:11:52 619,008 ------w c:\windows\ServicePackFiles\i386\dx7vb.dll
+ 2008-04-14 00:11:52 1,227,264 ------w c:\windows\ServicePackFiles\i386\dx8vb.dll
+ 2008-04-14 00:12:18 1,298,432 ------w c:\windows\ServicePackFiles\i386\dxdiag.exe
+ 2008-04-14 00:11:52 2,113,536 ------w c:\windows\ServicePackFiles\i386\dxdiagn.dll
+ 2008-04-13 18:38:29 71,168 ------w c:\windows\ServicePackFiles\i386\dxg.sys
+ 2008-04-14 00:11:52 357,888 ------w c:\windows\ServicePackFiles\i386\dxtmsft.dll
+ 2008-04-14 00:11:52 205,312 ------w c:\windows\ServicePackFiles\i386\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ------w c:\windows\ServicePackFiles\i386\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w c:\windows\ServicePackFiles\i386\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w c:\windows\ServicePackFiles\i386\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w c:\windows\ServicePackFiles\i386\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w c:\windows\ServicePackFiles\i386\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w c:\windows\ServicePackFiles\i386\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w c:\windows\ServicePackFiles\i386\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w c:\windows\ServicePackFiles\i386\eapsvc.dll
+ 2008-04-14 00:11:52 175,616 ------w c:\windows\ServicePackFiles\i386\ediskeer.dll
+ 2008-04-14 00:11:53 183,296 ------w c:\windows\ServicePackFiles\i386\els.dll
+ 2008-04-14 00:11:53 20,480 ------w c:\windows\ServicePackFiles\i386\encapi.dll
+ 2008-04-14 00:11:53 186,880 ------w c:\windows\ServicePackFiles\i386\encdec.dll
+ 2008-04-13 16:26:02 40,960 ------w c:\windows\ServicePackFiles\i386\ep9res.dll
+ 2004-07-17 16:39:36 120,320 ------w c:\windows\ServicePackFiles\i386\epcl5res.dll
+ 2008-04-14 00:11:53 23,040 ------w c:\windows\ServicePackFiles\i386\ersvc.dll
+ 2008-04-14 00:11:53 246,272 ------w c:\windows\ServicePackFiles\i386\es.dll
+ 2008-04-14 00:11:53 1,082,368 ------w c:\windows\ServicePackFiles\i386\esent.dll
+ 2008-04-14 00:11:53 247,808 ------w c:\windows\ServicePackFiles\i386\esscli.dll
+ 2004-08-04 03:32:28 137,088 ------w c:\windows\ServicePackFiles\i386\essm2e.sys
+ 2008-04-14 00:12:19 193,024 ------w c:\windows\ServicePackFiles\i386\eudcedit.exe
+ 2008-04-14 00:11:53 56,320 ------w c:\windows\ServicePackFiles\i386\eventlog.dll
+ 2008-04-14 00:11:53 101,888 ------w c:\windows\ServicePackFiles\i386\evntagnt.dll
+ 2008-04-14 00:12:19 24,064 ------w c:\windows\ServicePackFiles\i386\evntcmd.exe
+ 2008-04-14 00:11:53 21,504 ------w c:\windows\ServicePackFiles\i386\evntrprv.dll
+ 2008-04-14 00:12:19 92,160 ------w c:\windows\ServicePackFiles\i386\evntwin.exe
+ 2008-04-14 00:12:19 1,033,728 ------w c:\windows\ServicePackFiles\i386\explorer.exe
+ 2008-04-14 00:11:53 380,445 ------w c:\windows\ServicePackFiles\i386\expsrv.dll
+ 2008-04-14 00:11:53 55,808 ------w c:\windows\ServicePackFiles\i386\extmgr.dll
+ 2008-04-14 00:12:19 24,064 ------w c:\windows\ServicePackFiles\i386\extrac32.exe
+ 2008-04-14 00:11:53 125,952 ------w c:\windows\ServicePackFiles\i386\exts.dll
+ 2008-04-14 00:09:30 7,168 ------w c:\windows\ServicePackFiles\i386\f3ahvoas.dll
+ 2008-04-13 19:14:29 143,744 ------w c:\windows\ServicePackFiles\i386\fastfat.sys
+ 2008-04-14 00:11:53 472,064 ------w c:\windows\ServicePackFiles\i386\fastprox.dll
+ 2008-04-14 00:11:53 80,384 ------w c:\windows\ServicePackFiles\i386\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\ServicePackFiles\i386\faxpatch.exe
+ 2008-04-13 18:40:25 27,392 ------w c:\windows\ServicePackFiles\i386\fdc.sys
+ 2008-04-14 00:11:53 21,504 ------w c:\windows\ServicePackFiles\i386\feclient.dll
+ 2008-04-14 00:11:53 337,920 ------w c:\windows\ServicePackFiles\i386\filemgmt.dll
+ 2008-04-14 00:12:20 27,136 ------w c:\windows\ServicePackFiles\i386\findstr.exe
+ 2008-04-13 18:33:28 44,544 ------w c:\windows\ServicePackFiles\i386\fips.sys
+ 2008-04-14 00:11:53 87,552 ------w c:\windows\ServicePackFiles\i386\fldrclnr.dll
+ 2008-04-13 18:40:25 20,480 ------w c:\windows\ServicePackFiles\i386\flpydisk.sys
+ 2008-04-14 00:11:53 16,896 ------w c:\windows\ServicePackFiles\i386\fltlib.dll
+ 2008-04-14 00:12:20 23,040 ------w c:\windows\ServicePackFiles\i386\fltmc.exe
+ 2008-04-13 18:32:59 129,792 ------w c:\windows\ServicePackFiles\i386\fltmgr.sys
+ 2008-04-14 00:11:53 382,976 ------w c:\windows\ServicePackFiles\i386\fontext.dll
+ 2008-04-14 00:11:53 80,896 ------w c:\windows\ServicePackFiles\i386\fontsub.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\ServicePackFiles\i386\fontview.exe
+ 2008-04-14 00:12:20 7,680 ------w c:\windows\ServicePackFiles\i386\forcedos.exe
+ 2004-08-04 03:31:24 34,173 ------w c:\windows\ServicePackFiles\i386\forehe.sys
+ 2008-04-14 00:12:42 29,696 ------w c:\windows\ServicePackFiles\i386\format.com
+ 2008-04-14 00:11:53 32,828 ------w c:\windows\ServicePackFiles\i386\fp40ext.dll
+ 2008-04-14 00:11:53 184,435 ------w c:\windows\ServicePackFiles\i386\fp4amsft.dll
+ 2008-04-14 00:11:53 82,035 ------w c:\windows\ServicePackFiles\i386\fp4anscp.dll
+ 2008-04-14 00:11:53 147,513 ------w c:\windows\ServicePackFiles\i386\fp4apws.dll
+ 2008-04-14 00:11:53 49,210 ------w c:\windows\ServicePackFiles\i386\fp4areg.dll
+ 2008-04-14 00:11:53 102,509 ------w c:\windows\ServicePackFiles\i386\fp4atxt.dll
+ 2008-04-14 00:11:53 618,605 ------w c:\windows\ServicePackFiles\i386\fp4autl.dll
+ 2008-04-14 00:11:53 41,020 ------w c:\windows\ServicePackFiles\i386\fp4avnb.dll
+ 2008-04-14 00:11:53 32,826 ------w c:\windows\ServicePackFiles\i386\fp4avss.dll
+ 2008-04-14 00:11:53 49,212 ------w c:\windows\ServicePackFiles\i386\fp4awebs.dll
+ 2008-04-14 00:11:53 876,653 ------w c:\windows\ServicePackFiles\i386\fp4awel.dll
+ 2008-04-14 00:12:20 15,120 ------w c:\windows\ServicePackFiles\i386\fp98sadm.exe
+ 2008-04-14 00:12:20 109,840 ------w c:\windows\ServicePackFiles\i386\fp98swin.exe
+ 2008-04-14 00:12:20 24,632 ------w c:\windows\ServicePackFiles\i386\fpadmcgi.exe
+ 2008-04-14 00:11:53 20,541 ------w c:\windows\ServicePackFiles\i386\fpadmdll.dll
+ 2008-04-14 00:12:20 188,494 ------w c:\windows\ServicePackFiles\i386\fpcount.exe
+ 2008-04-14 00:11:53 94,208 ------w c:\windows\ServicePackFiles\i386\fpencode.dll
+ 2008-04-14 00:11:53 20,541 ------w c:\windows\ServicePackFiles\i386\fpexedll.dll
+ 2008-04-14 00:11:53 598,071 ------w c:\windows\ServicePackFiles\i386\fpmmc.dll
+ 2007-04-02 16:36:04 208,896 ------w c:\windows\ServicePackFiles\i386\fpmmcsat.dll
+ 2008-04-14 00:12:20 20,538 ------w c:\windows\ServicePackFiles\i386\fpremadm.exe
+ 2008-04-14 00:12:20 28,728 ------w c:\windows\ServicePackFiles\i386\fpsrvadm.exe
+ 2008-04-14 00:09:33 9,344 ------w c:\windows\ServicePackFiles\i386\framebuf.dll
+ 2008-04-14 00:11:53 185,344 ------w c:\windows\ServicePackFiles\i386\framedyn.dll
+ 2008-04-14 00:12:20 193,024 ------w c:\windows\ServicePackFiles\i386\fsquirt.exe
+ 2008-04-14 00:12:20 42,496 ------w c:\windows\ServicePackFiles\i386\ftp.exe
+ 2008-04-14 00:11:53 60,416 ------w c:\windows\ServicePackFiles\i386\fwcfg.dll
+ 2008-04-14 00:11:53 451,584 ------w c:\windows\ServicePackFiles\i386\fxsapi.dll
+ 2008-04-14 00:12:21 142,848 ------w c:\windows\ServicePackFiles\i386\fxsclnt.exe
+ 2008-04-14 00:11:54 72,192 ------w c:\windows\ServicePackFiles\i386\fxscom.dll
+ 2008-04-14 00:11:54 285,184 ------w c:\windows\ServicePackFiles\i386\fxscomex.dll
+ 2008-04-14 00:12:21 229,376 ------w c:\windows\ServicePackFiles\i386\fxscover.exe
+ 2008-04-14 00:11:54 26,624 ------w c:\windows\ServicePackFiles\i386\fxsdrv.dll
+ 2008-04-14 00:11:54 55,296 ------w c:\windows\ServicePackFiles\i386\fxsevent.dll
+ 2008-04-14 00:11:54 23,552 ------w c:\windows\ServicePackFiles\i386\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ------w c:\windows\ServicePackFiles\i386\fxsmon.dll
+ 2008-04-14 00:11:54 132,608 ------w c:\windows\ServicePackFiles\i386\fxsocm.dll
+ 2008-04-14 00:11:54 8,704 ------w c:\windows\ServicePackFiles\i386\fxsperf.dll
+ 2008-04-14 00:09:33 6,656 ------w c:\windows\ServicePackFiles\i386\fxsres.dll
+ 2008-04-14 00:11:54 562,176 ------w c:\windows\ServicePackFiles\i386\fxsst.dll
+ 2008-04-14 00:12:21 267,776 ------w c:\windows\ServicePackFiles\i386\fxssvc.exe
+ 2008-04-14 00:11:54 246,272 ------w c:\windows\ServicePackFiles\i386\fxst30.dll
+ 2008-04-14 00:11:54 397,312 ------w c:\windows\ServicePackFiles\i386\fxstiff.dll
+ 2008-04-14 00:11:54 154,112 ------w c:\windows\ServicePackFiles\i386\fxsui.dll
+ 2008-04-14 00:11:54 192,512 ------w c:\windows\ServicePackFiles\i386\fxswzrd.dll
+ 2008-04-14 00:11:54 400,384 ------w c:\windows\ServicePackFiles\i386\fxsxp32.dll
+ 2008-04-13 18:36:40 46,464 ------w c:\windows\ServicePackFiles\i386\gagp30kx.sys
+ 2008-04-13 18:45:29 10,624 ------w c:\windows\ServicePackFiles\i386\gameenum.sys
+ 2008-04-13 18:45:32 59,136 ------w c:\windows\ServicePackFiles\i386\gckernel.sys
+ 2008-04-14 00:11:54 285,184 ------w c:\windows\ServicePackFiles\i386\gdi32.dll
+ 2008-04-14 00:11:54 122,880 ------w c:\windows\ServicePackFiles\i386\glu32.dll
+ 2004-08-04 12:00:00 101,888 ------w c:\windows\ServicePackFiles\i386\gpkcsp.dll
+ 2006-12-31 01:26:44 9,728 ------w c:\windows\ServicePackFiles\i386\gpkrsrc.dll
+ 2008-04-14 00:12:21 39,424 ------w c:\windows\ServicePackFiles\i386\grpconv.exe
+ 2008-04-13 18:40:21 28,288 ------w c:\windows\ServicePackFiles\i386\grserial.sys
+ 2008-04-14 00:11:54 133,120 ------w c:\windows\ServicePackFiles\i386\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w c:\windows\ServicePackFiles\i386\guitrna.dll
+ 2008-04-14 00:11:54 57,344 ------w c:\windows\ServicePackFiles\i386\h323cc.dll
+ 2008-04-14 00:11:54 614,912 ------w c:\windows\ServicePackFiles\i386\h323msp.dll
+ 2008-04-13 18:31:32 105,344 ------w c:\windows\ServicePackFiles\i386\hal.dll
+ 2008-04-13 18:31:28 131,840 ------w c:\windows\ServicePackFiles\i386\halaacpi.dll
+ 2008-04-13 18:31:27 81,152 ------w c:\windows\ServicePackFiles\i386\halacpi.dll
+ 2008-04-13 18:31:28 150,528 ------w c:\windows\ServicePackFiles\i386\halapic.dll
+ 2008-04-13 18:31:28 134,400 ------w c:\windows\ServicePackFiles\i386\halmacpi.dll
+ 2008-04-13 18:31:32 152,576 ------w c:\windows\ServicePackFiles\i386\halmps.dll
+ 2008-04-13 18:31:31 77,696 ------w c:\windows\ServicePackFiles\i386\halsp.dll
+ 2008-04-14 00:11:54 7,168 ------w c:\windows\ServicePackFiles\i386\hccoin.dll
+ 2008-04-13 16:36:05 144,384 ------w c:\windows\ServicePackFiles\i386\hdaudbus.sys
+ 2008-04-14 00:12:21 15,872 ------w c:\windows\ServicePackFiles\i386\help.exe
+ 2008-04-14 00:12:21 769,024 ------w c:\windows\ServicePackFiles\i386\helpctr.exe
+ 2008-04-14 00:12:21 744,448 ------w c:\windows\ServicePackFiles\i386\helpsvc.exe
+ 2008-04-14 00:12:21 10,752 ------w c:\windows\ServicePackFiles\i386\hh.exe
+ 2008-04-14 00:11:54 41,472 ------w c:\windows\ServicePackFiles\i386\hhsetup.dll
+ 2008-04-14 00:11:54 20,992 ------w c:\windows\ServicePackFiles\i386\hid.dll
+ 2008-04-13 18:36:38 20,352 ------w c:\windows\ServicePackFiles\i386\hidbatt.sys
+ 2008-04-13 18:46:30 25,600 ------w c:\windows\ServicePackFiles\i386\hidbth.sys
+ 2008-04-13 18:45:26 36,864 ------w c:\windows\ServicePackFiles\i386\hidclass.sys
+ 2008-04-13 18:45:26 19,200 ------w c:\windows\ServicePackFiles\i386\hidir.sys
+ 2008-04-13 18:45:22 24,960 ------w c:\windows\ServicePackFiles\i386\hidparse.sys
+ 2008-04-14 00:11:54 21,504 ------w c:\windows\ServicePackFiles\i386\hidserv.dll
+ 2008-04-13 18:45:27 10,368 ------w c:\windows\ServicePackFiles\i386\hidusb.sys
+ 2008-04-14 00:11:54 72,704 ------w c:\windows\ServicePackFiles\i386\hlink.dll
+ 2008-04-14 00:11:54 38,912 ------w c:\windows\ServicePackFiles\i386\hmmapi.dll
+ 2008-04-14 00:11:54 344,064 ------w c:\windows\ServicePackFiles\i386\hnetcfg.dll
+ 2008-04-14 00:11:54 330,752 ------w c:\windows\ServicePackFiles\i386\hnetwiz.dll
+ 2008-04-14 00:11:54 39,936 ------w c:\windows\ServicePackFiles\i386\hostmib.dll
+ 2008-04-14 00:11:54 144,896 ------w c:\windows\ServicePackFiles\i386\hotplug.dll
+ 2008-04-14 00:11:54 10,752 ------w c:\windows\ServicePackFiles\i386\hpcjrr.dll
+ 2008-04-14 00:11:54 10,240 ------w c:\windows\ServicePackFiles\i386\hpcjrrps.dll
+ 2008-04-14 00:11:54 87,552 ------w c:\windows\ServicePackFiles\i386\hpfud50.dll
+ 2008-04-14 00:12:21 18,432 ------w c:\windows\ServicePackFiles\i386\hscupd.exe
+ 2004-08-04 03:41:48 220,032 ------w c:\windows\ServicePackFiles\i386\hsfbs2s2.sys
+ 2008-04-14 00:11:54 32,285 ------w c:\windows\ServicePackFiles\i386\hsfcisp2.dll
+ 2004-08-04 03:41:50 685,056 ------w c:\windows\ServicePackFiles\i386\hsfcxts2.sys
+ 2004-08-04 03:41:56 1,041,536 ------w c:\windows\ServicePackFiles\i386\hsfdpsp2.sys
+ 2008-04-13 18:53:53 264,832 ------w c:\windows\ServicePackFiles\i386\http.sys
+ 2008-04-14 00:11:54 24,576 ------w c:\windows\ServicePackFiles\i386\httpapi.dll
+ 2008-04-14 00:11:54 41,984 ------w c:\windows\ServicePackFiles\i386\htui.dll
+ 2008-04-14 00:11:54 347,136 ------w c:\windows\ServicePackFiles\i386\hypertrm.dll
+ 2008-04-13 18:41:22 8,576 ------w c:\windows\ServicePackFiles\i386\i2omgmt.sys
+ 2008-04-13 18:41:22 18,560 ------w c:\windows\ServicePackFiles\i386\i2omp.sys
+ 2008-04-13 19:18:00 52,480 ------w c:\windows\ServicePackFiles\i386\i8042prt.sys
+ 2008-04-14 00:11:54 702,845 ------w c:\windows\ServicePackFiles\i386\i81xdnt5.dll
+ 2004-08-04 03:29:38 161,020 ------w c:\windows\ServicePackFiles\i386\i81xnt5.sys
+ 2008-04-14 00:11:54 119,808 ------w c:\windows\ServicePackFiles\i386\iasrad.dll
+ 2008-04-14 00:11:54 11,264 ------w c:\windows\ServicePackFiles\i386\icaapi.dll
+ 2008-04-14 00:11:54 80,384 ------w c:\windows\ServicePackFiles\i386\iccvid.dll
+ 2008-04-14 00:11:54 254,976 ------w c:\windows\ServicePackFiles\i386\icm32.dll
+ 2008-04-14 00:09:40 3,584 ------w c:\windows\ServicePackFiles\i386\icmp.dll
+ 2008-04-13 16:44:29 2,560 ------w c:\windows\ServicePackFiles\i386\iconlib.dll
+ 2008-04-14 00:11:54 61,440 ------w c:\windows\ServicePackFiles\i386\icwconn.dll
+ 2008-04-14 00:12:22 214,528 ------w c:\windows\ServicePackFiles\i386\icwconn1.exe
+ 2008-04-14 00:12:22 86,016 ------w c:\windows\ServicePackFiles\i386\icwconn2.exe
+ 2008-04-14 00:11:54 73,728 ------w c:\windows\ServicePackFiles\i386\icwdial.dll
+ 2008-04-14 00:11:54 32,768 ------w c:\windows\ServicePackFiles\i386\icwdl.dll
+ 2008-04-14 00:11:54 172,032 ------w c:\windows\ServicePackFiles\i386\icwhelp.dll
+ 2008-04-14 00:11:54 65,536 ------w c:\windows\ServicePackFiles\i386\icwphbk.dll
+ 2008-04-14 00:12:22 24,576 ------w c:\windows\ServicePackFiles\i386\icwrmind.exe
+ 2008-04-14 00:11:54 49,152 ------w c:\windows\ServicePackFiles\i386\icwutil.dll
+ 2008-04-14 00:11:54 120,832 ------w c:\windows\ServicePackFiles\i386\idq.dll
+ 2008-04-14 00:12:22 34,304 ------w c:\windows\ServicePackFiles\i386\ie4uinit.exe
+ 2008-04-14 00:11:54 143,360 ------w c:\windows\ServicePackFiles\i386\ieakeng.dll
+ 2008-04-14 00:11:54 216,576 ------w c:\windows\ServicePackFiles\i386\ieaksie.dll
+ 2008-04-14 00:11:54 323,584 ------w c:\windows\ServicePackFiles\i386\iedkcs32.dll
+ 2008-04-14 00:12:22 18,432 ------w c:\windows\ServicePackFiles\i386\iedw.exe
+ 2008-04-14 00:11:54 81,920 ------w c:\windows\ServicePackFiles\i386\ieencode.dll
+ 2008-04-14 00:11:54 251,904 ------w c:\windows\ServicePackFiles\i386\iepeers.dll
+ 2008-04-14 00:11:54 48,640 ------w c:\windows\ServicePackFiles\i386\iernonce.dll
+ 2008-04-14 00:11:54 62,976 ------w c:\windows\ServicePackFiles\i386\iesetup.dll
+ 2008-04-14 00:12:22 93,184 ------w c:\windows\ServicePackFiles\i386\iexplore.exe
+ 2008-04-14 00:12:22 114,688 ------w c:\windows\ServicePackFiles\i386\iexpress.exe
+ 2008-04-14 00:11:54 135,680 ------w c:\windows\ServicePackFiles\i386\ifmon.dll
+ 2008-04-14 00:11:54 8,192 ------w c:\windows\ServicePackFiles\i386\igmpagnt.dll
+ 2008-04-14 00:11:54 505,344 ------w c:\windows\ServicePackFiles\i386\iis.dll
+ 2008-04-14 00:11:54 81,920 ------w c:\windows\ServicePackFiles\i386\ils.dll
+ 2008-04-14 00:11:54 144,384 ------w c:\windows\ServicePackFiles\i386\imagehlp.dll
+ 2008-04-14 00:12:22 150,528 ------w c:\windows\ServicePackFiles\i386\imapi.exe
+ 2008-04-13 18:40:58 42,112 ------w c:\windows\ServicePackFiles\i386\imapi.sys
+ 2008-04-14 00:11:54 36,921 ------w c:\windows\ServicePackFiles\i386\imeshare.dll
+ 2008-04-14 00:11:54 35,840 ------w c:\windows\ServicePackFiles\i386\imgutil.dll
+ 2008-04-14 00:11:54 110,080 ------w c:\windows\ServicePackFiles\i386\imm32.dll
+ 2008-04-14 00:11:54 123,392 ------w c:\windows\ServicePackFiles\i386\imsinsnt.dll
+ 2008-04-14 00:11:54 274,432 ------w c:\windows\ServicePackFiles\i386\inetcfg.dll
+ 2008-04-14 00:11:54 691,712 ------w c:\windows\ServicePackFiles\i386\inetcomm.dll
+ 2008-04-14 00:11:55 32,768 ------w c:\windows\ServicePackFiles\i386\inetmib1.dll
+ 2008-04-14 00:11:55 75,264 ------w c:\windows\ServicePackFiles\i386\inetpp.dll
+ 2008-04-14 00:11:55 15,872 ------w c:\windows\ServicePackFiles\i386\inetppui.dll
+ 2008-04-13 16:22:12 48,128 ------w c:\windows\ServicePackFiles\i386\inetres.dll
+ 2008-04-14 00:12:22 20,480 ------w c:\windows\ServicePackFiles\i386\inetwiz.exe
+ 2008-04-14 00:11:55 147,456 ------w c:\windows\ServicePackFiles\i386\initpki.dll
+ 2008-04-14 00:11:55 123,392 ------w c:\windows\ServicePackFiles\i386\input.dll
+ 2008-04-14 00:11:55 96,256 ------w c:\windows\ServicePackFiles\i386\inseng.dll
+ 2008-04-13 18:40:29 5,504 ------w c:\windows\ServicePackFiles\i386\intelide.sys
+ 2008-04-13 18:31:32 36,352 ------w c:\windows\ServicePackFiles\i386\intelppm.sys
+ 2008-04-13 18:53:34 36,608 ------w c:\windows\ServicePackFiles\i386\ip6fw.sys
+ 2008-04-14 00:12:22 55,808 ------w c:\windows\ServicePackFiles\i386\ipconfig.exe
+ 2008-04-14 00:09:30 103,424 ------w c:\windows\ServicePackFiles\i386\ipevldpc.dll
+ 2008-04-14 00:09:23 24,064 ------w c:\windows\ServicePackFiles\i386\ipevlpid.dll
+ 2008-04-14 00:11:55 94,720 ------w c:\windows\ServicePackFiles\i386\iphlpapi.dll
+ 2008-04-13 18:57:07 20,864 ------w c:\windows\ServicePackFiles\i386\ipinip.sys
+ 2008-04-14 00:11:55 161,280 ------w c:\windows\ServicePackFiles\i386\ipmontr.dll
+ 2008-04-13 18:57:15 152,832 ------w c:\windows\ServicePackFiles\i386\ipnat.sys
+ 2008-04-14 00:11:55 331,264 ------w c:\windows\ServicePackFiles\i386\ipnathlp.dll
+ 2008-04-14 00:11:55 330,752 ------w c:\windows\ServicePackFiles\i386\ippromon.dll
+ 2008-04-14 00:11:55 35,328 ------w c:\windows\ServicePackFiles\i386\iprip.dll
+ 2008-04-14 00:11:55 177,152 ------w c:\windows\ServicePackFiles\i386\iprtrmgr.dll
+ 2008-04-13 19:19:42 75,264 ------w c:\windows\ServicePackFiles\i386\ipsec.sys
+ 2008-04-14 00:11:55 349,696 ------w c:\windows\ServicePackFiles\i386\ipsecsnp.dll
+ 2008-04-14 00:11:55 183,808 ------w c:\windows\ServicePackFiles\i386\ipsecsvc.dll
+ 2008-04-14 00:10:45 102,912 ------w c:\windows\ServicePackFiles\i386\ipseldpc.dll
+ 2008-04-14 00:09:24 24,064 ------w c:\windows\ServicePackFiles\i386\ipselpid.dll
+ 2008-04-14 00:11:55 384,000 ------w c:\windows\ServicePackFiles\i386\ipsmsnap.dll
+ 2008-04-14 00:12:23 53,248 ------w c:\windows\ServicePackFiles\i386\ipv6.exe
+ 2008-04-14 00:11:55 59,904 ------w c:\windows\ServicePackFiles\i386\ipv6mon.dll
+ 2008-04-14 00:12:23 23,552 ------w c:\windows\ServicePackFiles\i386\ipxroute.exe
+ 2008-04-14 00:11:55 22,016 ------w c:\windows\ServicePackFiles\i386\ipxwan.dll
+ 2008-04-14 00:11:55 120,320 ------w c:\windows\ServicePackFiles\i386\ir41_qc.dll
+ 2008-04-14 00:11:55 338,432 ------w c:\windows\ServicePackFiles\i386\ir41_qcx.dll
+ 2008-04-14 00:11:55 755,200 ------w c:\windows\ServicePackFiles\i386\ir50_32.dll
+ 2008-04-14 00:11:55 200,192 ------w c:\windows\ServicePackFiles\i386\ir50_qc.dll
+ 2008-04-14 00:11:55 183,808 ------w c:\windows\ServicePackFiles\i386\ir50_qcx.dll
+ 2008-04-13 18:54:36 88,192 ------w c:\windows\ServicePackFiles\i386\irda.sys
+ 2008-04-13 18:54:28 11,264 ------w c:\windows\ServicePackFiles\i386\irenum.sys
+ 2008-04-14 00:12:23 151,552 ------w c:\windows\ServicePackFiles\i386\irftp.exe
+ 2008-04-14 00:11:55 28,160 ------w c:\windows\ServicePackFiles\i386\irmon.dll
+ 2008-04-13 18:36:41 37,248 ------w c:\windows\ServicePackFiles\i386\isapnp.sys
+ 2008-04-14 00:10:32 105,984 ------w c:\windows\ServicePackFiles\i386\isdpc.dll
+ 2008-04-14 00:10:55 105,984 ------w c:\windows\ServicePackFiles\i386\isendpc.dll
+ 2008-04-14 00:10:55 24,064 ------w c:\windows\ServicePackFiles\i386\isenpid.dll
+ 2008-04-14 00:11:55 81,920 ------w c:\windows\ServicePackFiles\i386\isign32.dll
+ 2008-04-14 00:10:32 24,064 ------w c:\windows\ServicePackFiles\i386\ispid.dll
+ 2008-04-14 00:11:55 32,768 ------w c:\windows\ServicePackFiles\i386\isrdbg32.dll
+ 2008-04-14 00:11:55 155,136 ------w c:\windows\ServicePackFiles\i386\itircl.dll
+ 2008-04-14 00:11:55 138,240 ------w c:\windows\ServicePackFiles\i386\itss.dll
+ 2008-04-14 00:11:55 191,488 ------w c:\windows\ServicePackFiles\i386\iuengine.dll
+ 2008-04-14 00:11:55 54,272 ------w c:\windows\ServicePackFiles\i386\ixsso.dll
+ 2008-04-14 00:11:55 47,616 ------w c:\windows\ServicePackFiles\i386\iyuv_32.dll
+ 2008-04-14 00:11:55 163,840 ------w c:\windows\ServicePackFiles\i386\jgdw400.dll
+ 2008-04-14 00:11:55 27,648 ------w c:\windows\ServicePackFiles\i386\jgpl400.dll
+ 2008-04-14 00:11:56 512,000 ------w c:\windows\ServicePackFiles\i386\jscript.dll
+ 2008-04-14 00:11:56 15,872 ------w c:\windows\ServicePackFiles\i386\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd101.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdbhc.dll
+ 2008-04-13 18:39:47 24,576 ------w c:\windows\ServicePackFiles\i386\kbdclass.sys
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdfi1.dll
+ 2008-04-13 18:39:48 14,592 ------w c:\windows\ServicePackFiles\i386\kbdhid.sys
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdibm02.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdinben.dll
+ 2008-04-14 00:09:55 6,656 ------w c:\windows\ServicePackFiles\i386\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdiultn.dll
+ 2008-04-14 00:09:55 6,656 ------w c:\windows\ServicePackFiles\i386\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdlk41j.dll
+ 2008-04-14 00:09:55 5,632 ------w c:\windows\ServicePackFiles\i386\kbdmaori.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdmlt48.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdnepr.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdpash.dll
+ 2008-04-14 00:09:55 7,680 ------w c:\windows\ServicePackFiles\i386\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ------w c:\windows\ServicePackFiles\i386\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdukx.dll
+ 2008-04-13 18:31:35 7,424 ------w c:\windows\ServicePackFiles\i386\kd1394.dll
+ 2008-04-14 00:11:56 184,832 ------w c:\windows\ServicePackFiles\i386\kdcsvc.dll
+ 2008-04-14 00:11:56 48,640 ------w c:\windows\ServicePackFiles\i386\kdsui.dll
+ 2008-04-14 00:11:56 253,952 ------w c:\windows\ServicePackFiles\i386\kdsusd.dll
+ 2008-04-14 00:11:56 299,520 ------w c:\windows\ServicePackFiles\i386\kerberos.dll
+ 2008-04-14 00:11:56 989,696 ------w c:\windows\ServicePackFiles\i386\kernel32.dll
+ 2004-08-04 12:00:00 42,537 ------w c:\windows\ServicePackFiles\i386\keyboard.sys
+ 2008-04-14 00:11:56 150,528 ------w c:\windows\ServicePackFiles\i386\keymgr.dll
+ 2008-04-13 18:45:09 172,416 ------w c:\windows\ServicePackFiles\i386\kmixer.sys
+ 2008-04-14 00:11:56 61,440 ------w c:\windows\ServicePackFiles\i386\kmsvc.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\knperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w c:\windows\ServicePackFiles\i386\knperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\knprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w c:\windows\ServicePackFiles\i386\knpropid.dll
+ 2008-04-14 00:11:56 8,192 ------w c:\windows\ServicePackFiles\i386\koc.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\kperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w c:\windows\ServicePackFiles\i386\kperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\kprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w c:\windows\ServicePackFiles\i386\kpropid.dll
+ 2004-08-04 12:00:00 92,224 ------w c:\windows\ServicePackFiles\i386\krnl386.exe
+ 2008-04-14 00:11:56 24,576 ------w c:\windows\ServicePackFiles\i386\krnlprov.dll
+ 2008-04-13 19:16:36 141,056 ------w c:\windows\ServicePackFiles\i386\ks.sys
+ 2008-04-13 18:31:43 92,288 ------w c:\windows\ServicePackFiles\i386\ksecdd.sys
+ 2008-04-14 00:11:56 4,096 ------w c:\windows\ServicePackFiles\i386\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w c:\windows\ServicePackFiles\i386\l2store.dll
+ 2008-04-14 00:09:05 97,792 ------w c:\windows\ServicePackFiles\i386\lang\chtmbx.dll
+ 2008-04-14 00:09:05 56,320 ------w c:\windows\ServicePackFiles\i386\lang\chtskdic.dll
+ 2008-04-14 00:09:05 173,568 ------w c:\windows\ServicePackFiles\i386\lang\chtskf.dll
+ 2008-04-14 00:09:06 198,656 ------w c:\windows\ServicePackFiles\i386\lang\cintime.dll
+ 2004-08-04 03:31:56 480,256 ------w c:\windows\ServicePackFiles\i386\lang\cintsetp.exe
+ 2004-08-04 03:31:40 57,399 ------w c:\windows\ServicePackFiles\i386\lang\cplexe.exe
+ 2008-04-14 00:09:39 13,463,552 ------w c:\windows\ServicePackFiles\i386\lang\hwxjpn.dll
+ 2008-04-14 00:09:43 106,496 ------w c:\windows\ServicePackFiles\i386\lang\imekrcic.dll
+ 2008-04-14 00:09:43 86,016 ------w c:\windows\ServicePackFiles\i386\lang\imekrmbx.dll
+ 2008-04-14 00:09:44 811,064 ------w c:\windows\ServicePackFiles\i386\lang\imjp81k.dll
+ 2008-04-14 00:09:45 368,696 ------w c:\windows\ServicePackFiles\i386\lang\imjpcic.dll
+ 2008-04-14 00:09:45 716,856 ------w c:\windows\ServicePackFiles\i386\lang\imjpcus.dll
+ 2008-04-14 00:09:45 81,976 ------w c:\windows\ServicePackFiles\i386\lang\imjpdct.dll
+ 2004-08-04 03:31:54 307,257 ------w c:\windows\ServicePackFiles\i386\lang\imjpdct.exe
+ 2004-08-04 03:31:56 155,705 ------w c:\windows\ServicePackFiles\i386\lang\imjpdsvr.exe
+ 2004-08-04 03:31:58 196,665 ------w c:\windows\ServicePackFiles\i386\lang\imjpinst.exe
+ 2004-08-04 03:32:00 208,952 ------w c:\windows\ServicePackFiles\i386\lang\imjpmig.exe
+ 2004-08-04 03:32:12 233,527 ------w c:\windows\ServicePackFiles\i386\lang\imjprw.exe
+ 2004-08-04 03:32:16 262,200 ------w c:\windows\ServicePackFiles\i386\lang\imjputy.exe
+ 2008-04-14 00:09:46 274,489 ------w c:\windows\ServicePackFiles\i386\lang\imjputyc.dll
+ 2008-04-14 00:09:46 102,456 ------w c:\windows\ServicePackFiles\i386\lang\imlang.dll
+ 2004-08-04 03:31:50 59,392 ------w c:\windows\ServicePackFiles\i386\lang\imscinst.exe
+ 2008-04-14 00:09:47 315,455 ------w c:\windows\ServicePackFiles\i386\lang\imskf.dll
+ 2008-04-14 00:10:33 15,872 ------w c:\windows\ServicePackFiles\i386\lang\padrs404.dll
+ 2008-04-14 00:10:33 15,360 ------w c:\windows\ServicePackFiles\i386\lang\padrs804.dll
+ 2008-04-14 00:10:34 175,104 ------w c:\windows\ServicePackFiles\i386\lang\pintlcsa.dll
+ 2008-04-14 00:10:34 53,760 ------w c:\windows\ServicePackFiles\i386\lang\pintlcsd.dll
+ 2008-04-13 16:43:36 70,144 ------w c:\windows\ServicePackFiles\i386\lang\pintlphr.exe
+ 2008-04-14 00:10:34 67,584 ------w c:\windows\ServicePackFiles\i386\lang\pmigrate.dll
+ 2004-08-04 03:32:16 44,032 ------w c:\windows\ServicePackFiles\i386\lang\tintlphr.exe
+ 2004-08-04 03:32:16 455,168 ------w c:\windows\ServicePackFiles\i386\lang\tintsetp.exe
+ 2008-04-14 00:10:59 10,240 ------w c:\windows\ServicePackFiles\i386\lang\tmigrate.dll
+ 2008-04-14 00:11:01 76,288 ------w c:\windows\ServicePackFiles\i386\lang\uniime.dll
+ 2008-04-14 00:11:04 426,041 ------w c:\windows\ServicePackFiles\i386\lang\voicepad.dll
+ 2008-04-14 00:11:04 86,073 ------w c:\windows\ServicePackFiles\i386\lang\voicesub.dll
+ 2008-04-13 18:40:26 34,688 ------w c:\windows\ServicePackFiles\i386\lbrtfdc.sys
+ 2008-04-14 00:12:23 677,888 ------w c:\windows\ServicePackFiles\i386\lhmstsc.exe
+ 2008-04-14 00:11:56 2,061,824 ------w c:\windows\ServicePackFiles\i386\lhmstscx.dll
+ 2008-04-14 10:41:58 423,936 ------w c:\windows\ServicePackFiles\i386\licdll.dll
+ 2008-04-14 00:11:56 22,016 ------w c:\windows\ServicePackFiles\i386\licmgr10.dll
+ 2008-04-14 00:11:56 58,880 ------w c:\windows\ServicePackFiles\i386\licwmi.dll
+ 2008-04-14 00:11:56 19,968 ------w c:\windows\ServicePackFiles\i386\linkinfo.dll
+ 2008-04-14 00:11:56 13,824 ------w c:\windows\ServicePackFiles\i386\lmhsvc.dll
+ 2008-04-14 00:11:56 33,792 ------w c:\windows\ServicePackFiles\i386\lmmib2.dll
+ 2008-04-14 00:11:56 399,872 ------w c:\windows\ServicePackFiles\i386\lmrt.dll
+ 2008-04-14 00:11:56 97,280 ------w c:\windows\ServicePackFiles\i386\loadperf.dll
+ 2008-04-14 00:11:56 221,696 ------w c:\windows\ServicePackFiles\i386\localsec.dll
+ 2008-04-14 00:11:56 343,040 ------w c:\windows\ServicePackFiles\i386\localspl.dll
+ 2008-04-14 00:11:56 11,776 ------w c:\windows\ServicePackFiles\i386\localui.dll
+ 2008-04-14 00:12:24 75,264 ------w c:\windows\ServicePackFiles\i386\locator.exe
+ 2008-04-14 00:11:56 19,968 ------w c:\windows\ServicePackFiles\i386\log.dll
+ 2008-04-14 00:12:24 59,392 ------w c:\windows\ServicePackFiles\i386\logman.exe
+ 2008-04-14 00:12:43 220,672 ------w c:\windows\ServicePackFiles\i386\logon.scr
+ 2008-04-14 00:12:24 514,560 ------w c:\windows\ServicePackFiles\i386\logonui.exe
+ 2008-04-14 00:11:56 22,528 ------w c:\windows\ServicePackFiles\i386\lpdsvc.dll
+ 2008-04-14 00:11:56 22,016 ------w c:\windows\ServicePackFiles\i386\lpk.dll
+ 2008-04-14 00:11:56 10,240 ------w c:\windows\ServicePackFiles\i386\lprhelp.dll
+ 2008-04-14 00:11:56 18,944 ------w c:\windows\ServicePackFiles\i386\lprmon.dll
+ 2008-04-14 00:11:56 728,064 ------w c:\windows\ServicePackFiles\i386\lsasrv.dll
+ 2008-04-14 00:12:24 13,312 ------w c:\windows\ServicePackFiles\i386\lsass.exe
+ 2004-08-04 03:41:36 606,684 ------w c:\windows\ServicePackFiles\i386\ltmdmnt.sys
+ 2004-08-04 03:41:38 420,992 ------w c:\windows\ServicePackFiles\i386\ltmdmntt.sys
+ 2008-04-13 18:40:52 7,040 ------w c:\windows\ServicePackFiles\i386\ltotape.sys
+ 2004-08-04 03:39:32 20,864 ------w c:\windows\ServicePackFiles\i386\lwadihid.sys
+ 2008-04-14 00:12:24 72,704 ------w c:\windows\ServicePackFiles\i386\magnify.exe
+ 2008-04-14 00:12:25 57,344 ------w c:\windows\ServicePackFiles\i386\makecab.exe
+ 2008-04-14 00:11:56 14,336 ------w c:\windows\ServicePackFiles\i386\mcastmib.dll
+ 2008-04-14 00:11:56 84,480 ------w c:\windows\ServicePackFiles\i386\mciavi32.dll
+ 2008-04-14 00:11:56 35,328 ------w c:\windows\ServicePackFiles\i386\mciqtz32.dll
+ 2008-04-14 00:11:56 23,040 ------w c:\windows\ServicePackFiles\i386\mciseq.dll
+ 2008-04-14 00:11:56 23,552 ------w c:\windows\ServicePackFiles\i386\mciwave.dll
+ 2008-04-14 00:11:56 118,272 ------w c:\windows\ServicePackFiles\i386\mdminst.dll
+ 2008-04-14 00:11:56 86,016 ------w c:\windows\ServicePackFiles\i386\mdmxsdk.dll
+ 2004-08-04 03:41:56 11,868 ------w c:\windows\ServicePackFiles\i386\mdmxsdk.sys
+ 2008-04-13 18:41:21 26,112 ------w c:\windows\ServicePackFiles\i386\memstpci.sys
+ 2008-04-13 18:36:41 63,744 ------w c:\windows\ServicePackFiles\i386\mf.sys
+ 2008-04-14 00:11:56 40,960 ------w c:\windows\ServicePackFiles\i386\mf3216.dll
+ 2008-04-14 00:11:56 927,504 ------w c:\windows\ServicePackFiles\i386\mfc40u.dll
+ 2008-04-14 00:11:56 1,028,096 ------w c:\windows\ServicePackFiles\i386\mfc42.dll
+ 2006-10-14 08:13:25 981,760 ------w c:\windows\ServicePackFiles\i386\mfc42u.dll
+ 2008-04-14 00:11:56 22,528 ------w c:\windows\ServicePackFiles\i386\mfcsubs.dll
+ 2008-04-14 00:11:56 14,848 ------w c:\windows\ServicePackFiles\i386\mgmtapi.dll
+ 2008-04-14 00:11:57 18,944 ------w c:\windows\ServicePackFiles\i386\midimap.dll
+ 2008-04-14 00:11:57 274,432 ------w c:\windows\ServicePackFiles\i386\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w c:\windows\ServicePackFiles\i386\migisma.dll
+ 2008-04-14 00:11:57 60,928 ------w c:\windows\ServicePackFiles\i386\miglibnt.dll
+ 2008-04-14 00:12:25 103,936 ------w c:\windows\ServicePackFiles\i386\migload.exe
+ 2008-04-14 00:12:25 7,680 ------w c:\windows\ServicePackFiles\i386\migregdb.exe
+ 2008-04-14 00:12:25 245,248 ------w c:\windows\ServicePackFiles\i386\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w c:\windows\ServicePackFiles\i386\migwiza.exe
+ 2008-04-14 00:11:57 29,696 ------w c:\windows\ServicePackFiles\i386\mimefilt.dll
+ 2008-04-14 00:11:57 586,240 ------w c:\windows\ServicePackFiles\i386\mlang.dll
+ 2008-04-14 00:12:25 1,414,656 ------w c:\windows\ServicePackFiles\i386\mmc.exe
+ 2008-04-14 00:11:57 184,320 ------w c:\windows\ServicePackFiles\i386\mmc30.dll
+ 2008-04-14 00:11:57 28,672 ------w c:\windows\ServicePackFiles\i386\mmc30r.dll
+ 2008-04-14 00:11:57 163,328 ------w c:\windows\ServicePackFiles\i386\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w c:\windows\ServicePackFiles\i386\mmcex.dll
+ 2008-04-14 00:11:57 40,960 ------w c:\windows\ServicePackFiles\i386\mmcexr.dll
+ 2008-04-14 00:11:57 106,496 ------w c:\windows\ServicePackFiles\i386\mmcfxc.dll
+ 2008-04-14 00:11:57 6,656 ------w c:\windows\ServicePackFiles\i386\mmcfxcr.dll
+ 2008-04-14 00:11:57 1,872,896 ------w c:\windows\ServicePackFiles\i386\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w c:\windows\ServicePackFiles\i386\mmcperf.exe
+ 2008-04-14 00:11:57 61,440 ------w c:\windows\ServicePackFiles\i386\mmcshext.dll
+ 2008-04-14 00:11:57 17,408 ------w c:\windows\ServicePackFiles\i386\mmfutil.dll
+ 2004-08-04 12:00:00 68,768 ------w c:\windows\ServicePackFiles\i386\mmsystem.dll
+ 2008-04-14 00:11:57 34,560 ------w c:\windows\ServicePackFiles\i386\mnmdd.dll
+ 2008-04-14 00:12:25 32,768 ------w c:\windows\ServicePackFiles\i386\mnmsrvc.exe
+ 2008-04-14 00:11:57 207,360 ------w c:\windows\ServicePackFiles\i386\mobsync.dll
+ 2008-04-14 00:12:26 143,360 ------w c:\windows\ServicePackFiles\i386\mobsync.exe
+ 2008-04-13 19:00:19 30,080 ------w c:\windows\ServicePackFiles\i386\modem.sys
+ 2008-04-14 00:11:57 153,600 ------w c:\windows\ServicePackFiles\i386\modemui.dll
+ 2008-04-14 00:12:26 16,384 ------w c:\windows\ServicePackFiles\i386\mofcomp.exe
+ 2008-04-14 00:11:57 123,904 ------w c:\windows\ServicePackFiles\i386\mofd.dll
+ 2008-04-14 00:12:42 16,896 ------w c:\windows\ServicePackFiles\i386\more.com
+ 2008-04-13 16:45:30 216,064 ------w c:\windows\ServicePackFiles\i386\moricons.dll
+ 2008-04-13 18:39:47 23,040 ------w c:\windows\ServicePackFiles\i386\mouclass.sys
+ 2008-04-13 18:39:46 42,368 ------w c:\windows\ServicePackFiles\i386\mountmgr.sys
+ 2008-04-14 00:12:27 3,558,912 ------w c:\windows\ServicePackFiles\i386\moviemk.exe
+ 2008-04-13 18:46:22 15,232 ------w c:\windows\ServicePackFiles\i386\mpe.sys
+ 2008-04-14 00:12:27 123,392 ------w c:\windows\ServicePackFiles\i386\mplay32.exe
+ 2008-04-14 00:11:57 59,904 ------w c:\windows\ServicePackFiles\i386\mpr.dll
+ 2008-04-14 00:11:57 87,040 ------w c:\windows\ServicePackFiles\i386\mprapi.dll
+ 2008-04-14 00:11:57 53,248 ------w c:\windows\ServicePackFiles\i386\mprdim.dll
+ 2008-04-13 18:32:44 180,608 ------w c:\windows\ServicePackFiles\i386\mrxdav.sys
+ 2008-04-13 19:17:01 456,576 ------w c:\windows\ServicePackFiles\i386\mrxsmb.sys
+ 2008-04-14 00:11:58 71,680 ------w c:\windows\ServicePackFiles\i386\msacm32.dll
+ 2008-04-14 00:11:58 331,776 ------w c:\windows\ServicePackFiles\i386\msadce.dll
+ 2008-04-13 17:25:57 20,480 ------w c:\windows\ServicePackFiles\i386\msadcer.dll
+ 2008-04-14 00:11:58 61,440 ------w c:\windows\ServicePackFiles\i386\msadcf.dll
+ 2008-04-13 17:25:57 16,384 ------w c:\windows\ServicePackFiles\i386\msadcfr.dll
+ 2008-04-14 00:11:58 143,360 ------w c:\windows\ServicePackFiles\i386\msadco.dll
+ 2008-04-13 17:25:57 16,384 ------w c:\windows\ServicePackFiles\i386\msadcor.dll
+ 2008-04-14 00:11:58 53,248 ------w c:\windows\ServicePackFiles\i386\msadcs.dll
+ 2008-04-14 00:11:58 155,648 ------w c:\windows\ServicePackFiles\i386\msadds.dll
+ 2008-04-13 17:25:58 24,576 ------w c:\windows\ServicePackFiles\i386\msaddsr.dll
+ 2008-04-13 17:26:17 24,576 ------w c:\windows\ServicePackFiles\i386\msader15.dll
+ 2008-04-14 00:11:58 536,576 ------w c:\windows\ServicePackFiles\i386\msado15.dll
+ 2008-04-14 00:11:58 180,224 ------w c:\windows\ServicePackFiles\i386\msadomd.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msador15.dll
+ 2008-04-14 00:11:58 200,704 ------w c:\windows\ServicePackFiles\i386\msadox.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msadrh15.dll
+ 2008-04-14 00:10:06 3,584 ------w c:\windows\ServicePackFiles\i386\msafd.dll
+ 2008-04-14 00:11:58 86,016 ------w c:\windows\ServicePackFiles\i386\msapsspc.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msasn1.dll
+ 2008-04-14 00:11:58 220,160 ------w c:\windows\ServicePackFiles\i386\mscandui.dll
+ 2008-04-14 00:11:58 73,728 ------w c:\windows\ServicePackFiles\i386\mscms.dll
+ 2008-04-14 00:11:58 69,632 ------w c:\windows\ServicePackFiles\i386\msconf.dll
+ 2008-04-14 00:12:27 169,984 ------w c:\windows\ServicePackFiles\i386\msconfig.exe
+ 2004-07-17 16:42:20 116,288 ------w c:\windows\ServicePackFiles\i386\msconv97.dll
+ 2008-04-13 17:26:07 12,288 ------w c:\windows\ServicePackFiles\i386\mscpx32r.dll
+ 2008-04-14 00:11:58 36,864 ------w c:\windows\ServicePackFiles\i386\mscpxl32.dll
+ 2008-04-14 00:11:58 297,984 ------w c:\windows\ServicePackFiles\i386\msctf.dll
+ 2008-04-14 00:11:58 68,608 ------w c:\windows\ServicePackFiles\i386\msctfp.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdadc.dll
+ 2008-04-14 00:11:58 118,784 ------w c:\windows\ServicePackFiles\i386\msdadiag.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdaenum.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdaer.dll
+ 2008-04-14 00:11:58 532,480 ------w c:\windows\ServicePackFiles\i386\msdaipp.dll
+ 2008-04-14 00:11:58 233,472 ------w c:\windows\ServicePackFiles\i386\msdaora.dll
+ 2008-04-13 17:24:14 16,384 ------w c:\windows\ServicePackFiles\i386\msdaorar.dll
+ 2008-04-14 00:11:58 77,824 ------w c:\windows\ServicePackFiles\i386\msdaosp.dll
+ 2008-04-13 17:25:58 16,384 ------w c:\windows\ServicePackFiles\i386\msdaprsr.dll
+ 2008-04-14 00:11:58 200,704 ------w c:\windows\ServicePackFiles\i386\msdaprst.dll
+ 2008-04-14 00:11:59 204,800 ------w c:\windows\ServicePackFiles\i386\msdaps.dll
+ 2008-04-14 00:11:59 118,784 ------w c:\windows\ServicePackFiles\i386\msdarem.dll
+ 2008-04-13 17:25:58 16,384 ------w c:\windows\ServicePackFiles\i386\msdaremr.dll
+ 2008-04-14 00:11:59 151,552 ------w c:\windows\ServicePackFiles\i386\msdart.dll
+ 2008-04-14 00:11:59 4,096 ------w c:\windows\ServicePackFiles\i386\msdasc.dll
+ 2008-04-14 00:11:59 315,392 ------w c:\windows\ServicePackFiles\i386\msdasql.dll
+ 2008-04-13 17:26:07 16,384 ------w c:\windows\ServicePackFiles\i386\msdasqlr.dll
+ 2008-04-14 00:11:59 94,208 ------w c:\windows\ServicePackFiles\i386\msdatl3.dll
+ 2008-04-14 00:11:59 20,480 ------w c:\windows\ServicePackFiles\i386\msdatt.dll
+ 2008-04-14 00:11:59 4,096 ------w c:\windows\ServicePackFiles\i386\msdaurl.dll
+ 2008-04-14 00:11:59 36,864 ------w c:\windows\ServicePackFiles\i386\msdfmap.dll
+ 2008-04-14 00:11:59 14,336 ------w c:\windows\ServicePackFiles\i386\msdmo.dll
+ 2008-04-14 00:12:27 6,144 ------w c:\windows\ServicePackFiles\i386\msdtc.exe
+ 2008-04-14 00:11:59 58,880 ------w c:\windows\ServicePackFiles\i386\msdtclog.dll
+ 2008-04-14 00:11:59 427,008 ------w c:\windows\ServicePackFiles\i386\msdtcprx.dll
+ 2008-04-14 00:11:59 90,112 ------w c:\windows\ServicePackFiles\i386\msdtcstp.dll
+ 2008-04-14 00:11:59 956,928 ------w c:\windows\ServicePackFiles\i386\msdtctm.dll
+ 2008-04-14 00:11:59 161,792 ------w c:\windows\ServicePackFiles\i386\msdtcuiu.dll
+ 2008-04-13 18:46:09 51,200 ------w c:\windows\ServicePackFiles\i386\msdv.sys
+ 2008-03-25 04:50:28 518,944 ------w c:\windows\ServicePackFiles\i386\msexch40.dll
+ 2008-03-25 04:50:30 326,432 ------w c:\windows\ServicePackFiles\i386\msexcl40.dll
+ 2008-04-13 18:32:39 19,072 ------w c:\windows\ServicePackFiles\i386\msfs.sys
+ 2008-04-14 00:11:59 539,136 ------w c:\windows\ServicePackFiles\i386\msftedit.dll
+ 2008-04-14 00:11:59 997,376 ------w c:\windows\ServicePackFiles\i386\msgina.dll
+ 2008-04-13 18:56:32 35,072 ------w c:\windows\ServicePackFiles\i386\msgpc.sys
+ 2008-04-14 00:11:59 3,166,208 ------w c:\windows\ServicePackFiles\i386\msgr3en.dll
+ 2008-04-14 00:11:59 15,360 ------w c:\windows\ServicePackFiles\i386\msgrocm.dll
+ 2008-04-14 00:11:59 82,944 ------w c:\windows\ServicePackFiles\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w c:\windows\ServicePackFiles\i386\msgslang.dll
+ 2008-04-14 00:11:59 33,792 ------w c:\windows\ServicePackFiles\i386\msgsvc.dll
+ 2008-04-14 00:12:45 188,416 ------w c:\windows\ServicePackFiles\i386\msh261.drv
+ 2008-04-14 00:12:45 294,912 ------w c:\windows\ServicePackFiles\i386\msh263.drv
+ 2008-04-14 00:12:27 29,184 ------w c:\windows\ServicePackFiles\i386\mshta.exe
+ 2008-04-14 00:11:59 3,066,880 ------w c:\windows\ServicePackFiles\i386\mshtml.dll
+ 2008-04-14 00:11:59 449,024 ------w c:\windows\ServicePackFiles\i386\mshtmled.dll
+ 2008-04-13 16:26:26 56,832 ------w c:\windows\ServicePackFiles\i386\mshtmler.dll
+ 2008-04-14 00:11:59 2,843,136 ------w c:\windows\ServicePackFiles\i386\msi.dll
+ 2008-04-14 00:11:59 51,712 ------w c:\windows\ServicePackFiles\i386\msident.dll
+ 2008-04-14 00:11:59 6,656 ------w c:\windows\ServicePackFiles\i386\msidle.dll
+ 2008-04-14 00:11:59 248,832 ------w c:\windows\ServicePackFiles\i386\msieftp.dll
+ 2008-04-14 00:12:28 78,848 ------w c:\windows\ServicePackFiles\i386\msiexec.exe
+ 2008-04-14 00:11:59 271,360 ------w c:\windows\ServicePackFiles\i386\msihnd.dll
+ 2008-04-14 00:11:59 4,608 ------w c:\windows\ServicePackFiles\i386\msimg32.dll
+ 2008-04-14 00:12:28 60,416 ------w c:\windows\ServicePackFiles\i386\msimn.exe
+ 2008-04-13 15:39:43 884,736 ------w c:\windows\ServicePackFiles\i386\msimsg.dll
+ 2008-04-14 00:11:59 159,232 ------w c:\windows\ServicePackFiles\i386\msimtf.dll
+ 2008-04-14 00:11:59 376,832 ------w c:\windows\ServicePackFiles\i386\msinfo.dll
+ 2008-04-13 18:54:28 22,016 ------w c:\windows\ServicePackFiles\i386\msircomm.sys
+ 2008-04-14 00:12:28 40,960 ------w c:\windows\ServicePackFiles\i386\msiregmv.exe
+ 2008-04-14 00:11:59 15,360 ------w c:\windows\ServicePackFiles\i386\msisip.dll
+ 2008-03-25 04:50:34 1,516,568 ------w c:\windows\ServicePackFiles\i386\msjet40.dll
+ 2008-03-25 04:50:40 355,112 ------w c:\windows\ServicePackFiles\i386\msjetol1.dll
+ 2008-04-14 00:12:00 151,583 ------w c:\windows\ServicePackFiles\i386\msjint40.dll
+ 2008-04-14 00:12:00 102,400 ------w c:\windows\ServicePackFiles\i386\msjro.dll
+ 2008-03-25 04:50:42 60,192 ------w c:\windows\ServicePackFiles\i386\msjter40.dll
+ 2008-03-25 04:50:42 248,608 ------w c:\windows\ServicePackFiles\i386\msjtes40.dll
+ 2008-04-13 18:39:52 7,552 ------w c:\windows\ServicePackFiles\i386\mskssrv.sys
+ 2008-04-14 00:12:00 25,088 ------w c:\windows\ServicePackFiles\i386\mslbui.dll
+ 2008-03-25 04:50:44 219,936 ------w c:\windows\ServicePackFiles\i386\msltus40.dll
+ 2008-04-14 00:12:00 39,936 ------w c:\windows\ServicePackFiles\i386\mslwvtts.dll
+ 2008-04-14 00:12:28 1,695,232 ------w c:\windows\ServicePackFiles\i386\msmsgs.exe
+ 2004-08-04 12:00:00 11,053,008 ------w c:\windows\ServicePackFiles\i386\msncli.exe
+ 2008-04-14 00:12:00 290,816 ------w c:\windows\ServicePackFiles\i386\msnsspc.dll
+ 2004-08-04 12:00:00 1,327,320 ------w c:\windows\ServicePackFiles\i386\msnsusii.exe
+ 2008-04-14 00:12:00 122,368 ------w c:\windows\ServicePackFiles\i386\msobcomm.dll
+ 2008-04-14 00:12:00 16,384 ------w c:\windows\ServicePackFiles\i386\msobdl.dll
+ 2008-04-14 00:12:00 565,248 ------w c:\windows\ServicePackFiles\i386\msobmain.dll
+ 2008-04-14 00:12:00 30,720 ------w c:\windows\ServicePackFiles\i386\msobshel.dll
+ 2008-04-14 00:12:00 19,456 ------w c:\windows\ServicePackFiles\i386\msobweb.dll
+ 2008-04-14 00:12:00 1,314,816 ------w c:\windows\ServicePackFiles\i386\msoe.dll
+ 2008-04-14 00:12:00 252,928 ------w c:\windows\ServicePackFiles\i386\msoeacct.dll
+ 2008-04-13 16:23:54 2,479,616 ------w c:\windows\ServicePackFiles\i386\msoeres.dll
+ 2008-04-14 00:12:00 105,984 ------w c:\windows\ServicePackFiles\i386\msoert2.dll
+ 2008-04-14 00:12:28 29,184 ------w c:\windows\ServicePackFiles\i386\msoobe.exe
+ 2008-04-13 17:24:14 20,480 ------w c:\windows\ServicePackFiles\i386\msorc32r.dll
+ 2008-04-14 00:12:00 143,360 ------w c:\windows\ServicePackFiles\i386\msorcl32.dll
+ 2008-04-14 00:12:28 343,040 ------w c:\windows\ServicePackFiles\i386\mspaint.exe
+ 2008-04-14 00:12:00 29,696 ------w c:\windows\ServicePackFiles\i386\mspatcha.dll
+ 2008-03-25 04:50:45 355,104 ------w c:\windows\ServicePackFiles\i386\mspbde40.dll
+ 2008-04-13 18:39:50 5,376 ------w c:\windows\ServicePackFiles\i386\mspclock.sys
+ 2008-04-13 18:39:51 4,992 ------w c:\windows\ServicePackFiles\i386\mspqm.sys
+ 2008-04-13 16:23:31 48,128 ------w c:\windows\ServicePackFiles\i386\msprivs.dll
+ 2008-04-14 00:12:00 146,432 ------w c:\windows\ServicePackFiles\i386\msrating.dll
+ 2008-03-25 04:50:47 432,928 ------w c:\windows\ServicePackFiles\i386\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 ------w c:\windows\ServicePackFiles\i386\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 ------w c:\windows\ServicePackFiles\i386\msrepl40.dll
+ 2008-04-14 00:12:00 11,264 ------w c:\windows\ServicePackFiles\i386\msrle32.dll
+ 2008-04-14 00:12:00 134,656 ------w c:\windows\ServicePackFiles\i386\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w c:\windows\ServicePackFiles\i386\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w c:\windows\ServicePackFiles\i386\msshamsg.dll
+ 2008-04-13 18:36:46 15,488 ------w c:\windows\ServicePackFiles\i386\mssmbios.sys
+ 2008-04-14 00:12:00 274,432 ------w c:\windows\ServicePackFiles\i386\mst120.dll
+ 2008-04-14 00:12:00 57,344 ------w c:\windows\ServicePackFiles\i386\mst123.dll
+ 2008-04-13 18:46:08 49,024 ------w c:\windows\ServicePackFiles\i386\mstape.sys
+ 2008-04-14 00:12:00 274,944 ------w c:\windows\ServicePackFiles\i386\mstask.dll
+ 2008-04-13 18:39:50 5,504 ------w c:\windows\ServicePackFiles\i386\mstee.sys
+ 2008-03-25 04:50:55 264,992 ------w c:\windows\ServicePackFiles\i386\mstext40.dll
+ 2008-04-14 00:12:00 532,480 ------w c:\windows\ServicePackFiles\i386\mstime.dll
+ 2008-04-14 00:12:29 12,288 ------w c:\windows\ServicePackFiles\i386\mstinit.exe
+ 2008-04-14 00:12:00 116,224 ------w c:\windows\ServicePackFiles\i386\mstlsapi.dll
+ 2008-04-14 00:12:00 195,072 ------w c:\windows\ServicePackFiles\i386\msutb.dll
+ 2008-04-14 00:12:00 132,608 ------w c:\windows\ServicePackFiles\i386\msv1_0.dll
+ 2008-04-14 00:12:00 1,384,479 ------w c:\windows\ServicePackFiles\i386\msvbvm60.dll
+ 2008-04-14 00:12:01 57,344 ------w c:\windows\ServicePackFiles\i386\msvcirt.dll
+ 2008-04-14 00:12:01 413,696 ------w c:\windows\ServicePackFiles\i386\msvcp60.dll
+ 2008-04-14 00:12:01 343,040 ------w c:\windows\ServicePackFiles\i386\msvcrt.dll
+ 2008-04-13 18:30:46 61,440 ------w c:\windows\ServicePackFiles\i386\msvcrt40.dll
+ 2008-04-14 00:12:01 121,344 ------w c:\windows\ServicePackFiles\i386\msvfw32.dll
+ 2008-04-14 00:12:01 1,428,992 ------w c:\windows\ServicePackFiles\i386\msvidctl.dll
+ 2008-04-14 00:12:01 72,704 ------w c:\windows\ServicePackFiles\i386\msw3prt.dll
+ 2008-03-25 04:50:57 838,432 ------w c:\windows\ServicePackFiles\i386\mswdat10.dll
+ 2008-04-14 00:12:01 203,776 ------w c:\windows\ServicePackFiles\i386\mswebdvd.dll
+ 2008-04-14 00:12:01 245,248 ------w c:\windows\ServicePackFiles\i386\mswsock.dll
+ 2008-03-25 04:50:58 621,344 ------w c:\windows\ServicePackFiles\i386\mswstr10.dll
+ 2008-04-14 00:12:01 24,576 ------w c:\windows\ServicePackFiles\i386\msxactps.dll
+ 2008-03-25 04:50:58 355,104 ------w c:\windows\ServicePackFiles\i386\msxbde40.dll
+ 2008-04-14 00:12:01 506,368 ------w c:\windows\ServicePackFiles\i386\msxml.dll
+ 2008-04-14 00:12:01 701,440 ------w c:\windows\ServicePackFiles\i386\msxml2.dll
+ 2008-04-14 00:12:01 1,104,896 ------w c:\windows\ServicePackFiles\i386\msxml3.dll
+ 2008-04-14 00:12:01 16,896 ------w c:\windows\ServicePackFiles\i386\msyuv.dll
+ 2004-08-04 03:41:40 126,686 ------w c:\windows\ServicePackFiles\i386\mtlmnt5.sys
+ 2004-08-04 03:41:38 1,309,184 ------w c:\windows\ServicePackFiles\i386\mtlstrm.sys
+ 2008-04-14 00:12:29 119,808 ------w c:\windows\ServicePackFiles\i386\mtstocom.exe
+ 2008-04-14 00:12:01 66,560 ------w c:\windows\ServicePackFiles\i386\mtxclu.dll
+ 2008-04-14 00:12:01 30,720 ------w c:\windows\ServicePackFiles\i386\mtxdm.dll
+ 2008-04-14 00:12:01 4,096 ------w c:\windows\ServicePackFiles\i386\mtxex.dll
+ 2008-04-14 00:12:01 34,304 ------w c:\windows\ServicePackFiles\i386\mtxlegih.dll
+ 2008-04-14 00:12:01 91,648 ------w c:\windows\ServicePackFiles\i386\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w c:\windows\ServicePackFiles\i386\mtxparhd.dll
+ 2004-08-04 03:29:38 452,736 ------w c:\windows\ServicePackFiles\i386\mtxparhm.sys
+ 2008-04-14 00:12:29 90,624 ------w c:\windows\ServicePackFiles\i386\muisetup.exe
+ 2008-04-13 19:17:05 105,344 ------w c:\windows\ServicePackFiles\i386\mup.sys
+ 2008-04-13 18:43:55 12,672 ------w c:\windows\ServicePackFiles\i386\mutohpen.sys
+ 2008-04-14 00:12:01 90,624 ------w c:\windows\ServicePackFiles\i386\mydocs.dll
+ 2008-04-13 18:46:25 85,248 ------w c:\windows\ServicePackFiles\i386\nabtsfec.sys
+ 2008-04-14 00:12:01 221,184 ------w c:\windows\ServicePackFiles\i386\nac.dll
+ 2008-04-14 00:12:01 30,208 ------w c:\windows\ServicePackFiles\i386\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w c:\windows\ServicePackFiles\i386\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w c:\windows\ServicePackFiles\i386\napstat.exe
+ 2008-04-14 00:12:29 53,760 ------w c:\windows\ServicePackFiles\i386\narrator.exe
+ 2008-04-14 00:12:01 36,352 ------w c:\windows\ServicePackFiles\i386\ncobjapi.dll
+ 2008-04-14 00:12:01 47,104 ------w c:\windows\ServicePackFiles\i386\ncprov.dll
+ 2008-04-14 00:12:01 9,728 ------w c:\windows\ServicePackFiles\i386\ncpsres.dll
+ 2008-04-14 00:12:01 17,920 ------w c:\windows\ServicePackFiles\i386\nddeapi.dll
+ 2008-04-14 00:12:29 4,096 ------w c:\windows\ServicePackFiles\i386\nddeapir.exe
+ 2008-04-14 00:12:01 18,944 ------w c:\windows\ServicePackFiles\i386\nddenb32.dll
+ 2008-04-13 19:20:37 182,656 ------w c:\windows\ServicePackFiles\i386\ndis.sys
+ 2008-04-13 18:46:22 10,880 ------w c:\windows\ServicePackFiles\i386\ndisip.sys
+ 2008-04-14 00:12:01 57,344 ------w c:\windows\ServicePackFiles\i386\ndisnpp.dll
+ 2008-04-13 18:57:27 10,112 ------w c:\windows\ServicePackFiles\i386\ndistapi.sys
+ 2008-04-13 18:55:58 14,592 ------w c:\windows\ServicePackFiles\i386\ndisuio.sys
+ 2008-04-13 19:20:42 91,520 ------w c:\windows\ServicePackFiles\i386\ndiswan.sys
+ 2008-04-13 18:57:29 40,576 ------w c:\windows\ServicePackFiles\i386\ndproxy.sys
+ 2008-04-14 00:12:29 42,496 ------w c:\windows\ServicePackFiles\i386\net.exe
+ 2008-04-14 00:12:29 124,928 ------w c:\windows\ServicePackFiles\i386\net1.exe
+ 2008-04-14 00:12:01 337,408 ------w c:\windows\ServicePackFiles\i386\netapi32.dll
+ 2008-04-13 18:56:02 34,688 ------w c:\windows\ServicePackFiles\i386\netbios.sys
+ 2008-04-13 19:21:00 162,816 ------w c:\windows\ServicePackFiles\i386\netbt.sys
+ 2008-04-14 00:12:01 622,592 ------w c:\windows\ServicePackFiles\i386\netcfgx.dll
+ 2008-04-14 00:12:29 111,104 ------w c:\windows\ServicePackFiles\i386\netdde.exe
+ 2008-04-14 00:12:01 139,264 ------w c:\windows\ServicePackFiles\i386\netid.dll
+ 2008-04-14 00:12:01 407,040 ------w c:\windows\ServicePackFiles\i386\netlogon.dll
+ 2008-04-14 00:12:01 198,144 ------w c:\windows\ServicePackFiles\i386\netman.dll
+ 2008-04-14 00:12:01 77,312 ------w c:\windows\ServicePackFiles\i386\netoc.dll
+ 2008-04-14 00:12:01 875,008 ------w c:\windows\ServicePackFiles\i386\netplwiz.dll
+ 2008-04-14 00:12:01 11,776 ------w c:\windows\ServicePackFiles\i386\netrap.dll
+ 2008-04-14 00:16:51 329,728 ------w c:\windows\ServicePackFiles\i386\netsetup.exe
+ 2008-04-14 00:12:29 86,016 ------w c:\windows\ServicePackFiles\i386\netsh.exe
+ 2008-04-14 00:12:02 1,703,936 ------w c:\windows\ServicePackFiles\i386\netshell.dll
+ 2008-04-14 00:12:29 36,864 ------w c:\windows\ServicePackFiles\i386\netstat.exe
+ 2008-04-14 00:12:02 80,896 ------w c:\windows\ServicePackFiles\i386\netui0.dll
+ 2008-04-14 00:12:02 245,760 ------w c:\windows\ServicePackFiles\i386\netui1.dll
+ 2004-08-04 03:31:42 132,695 ------w c:\windows\ServicePackFiles\i386\netwlan5.sys
+ 2008-04-14 00:12:02 247,808 ------w c:\windows\ServicePackFiles\i386\newdev.dll
+ 2008-04-13 18:51:25 61,824 ------w c:\windows\ServicePackFiles\i386\nic1394.sys
+ 2008-04-14 00:12:02 98,304 ------w c:\windows\ServicePackFiles\i386\nlhtml.dll
+ 2008-04-14 00:12:02 229,376 ------w c:\windows\ServicePackFiles\i386\nmas.dll
+ 2008-04-14 00:12:02 28,672 ------w c:\windows\ServicePackFiles\i386\nmasnt.dll
+ 2008-04-14 00:12:02 81,920 ------w c:\windows\ServicePackFiles\i386\nmchat.dll
+ 2008-04-14 00:12:02 77,824 ------w c:\windows\ServicePackFiles\i386\nmcom.dll
+ 2008-04-14 00:12:02 151,552 ------w c:\windows\ServicePackFiles\i386\nmft.dll
+ 2008-04-14 00:12:02 28,672 ------w c:\windows\ServicePackFiles\i386\nmmkcert.dll
+ 2008-04-13 18:53:09 40,320 ------w c:\windows\ServicePackFiles\i386\nmnt.sys
+ 2008-04-14 00:12:02 172,032 ------w c:\windows\ServicePackFiles\i386\nmoldwb.dll
+ 2008-04-14 00:12:02 188,416 ------w c:\windows\ServicePackFiles\i386\nmwb.dll
+ 2008-04-14 00:12:29 69,120 ------w c:\windows\ServicePackFiles\i386\notepad.exe
+ 2008-04-13 18:32:39 30,848 ------w c:\windows\ServicePackFiles\i386\npfs.sys
+ 2008-04-14 00:12:29 15,360 ------w c:\windows\ServicePackFiles\i386\nppagent.exe
+ 2008-04-14 00:12:02 54,784 ------w c:\windows\ServicePackFiles\i386\npptools.dll
+ 2008-04-13 18:54:36 28,672 ------w c:\windows\ServicePackFiles\i386\nscirda.sys
+ 2008-04-14 00:12:29 76,800 ------w c:\windows\ServicePackFiles\i386\nslookup.exe
+ 2004-08-04 12:00:00 47,564 ------w c:\windows\ServicePackFiles\i386\ntdetect.com
+ 2008-04-14 00:11:24 706,048 ------w c:\windows\ServicePackFiles\i386\ntdll.dll
+ 2008-04-14 00:12:02 67,072 ------w c:\windows\ServicePackFiles\i386\ntdsapi.dll
+ 2008-04-14 00:12:02 212,992 ------w c:\windows\ServicePackFiles\i386\ntevt.dll
+ 2008-04-13 19:15:53 574,976 ------w c:\windows\ServicePackFiles\i386\ntfs.sys
+ 2004-08-04 12:00:00 33,840 ------w c:\windows\ServicePackFiles\i386\ntio.sys
+ 2004-08-04 12:00:00 34,560 ------w c:\windows\ServicePackFiles\i386\ntio404.sys
+ 2004-08-04 12:00:00 35,648 ------w c:\windows\ServicePackFiles\i386\ntio411.sys
+ 2004-08-04 12:00:00 35,424 ------w c:\windows\ServicePackFiles\i386\ntio412.sys
+ 2004-08-04 12:00:00 34,560 ------w c:\windows\ServicePackFiles\i386\ntio804.sys
+ 2008-04-13 19:24:37 2,145,280 ------w c:\windows\ServicePackFiles\i386\ntkrnlmp.exe
+ 2008-04-13 18:31:21 2,065,792 ------w c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ------w c:\windows\ServicePackFiles\i386\ntkrpamp.exe
+ 2008-04-14 00:12:02 44,032 ------w c:\windows\ServicePackFiles\i386\ntlanman.dll
+ 2008-04-14 00:12:02 8,192 ------w c:\windows\ServicePackFiles\i386\ntlsapi.dll
+ 2008-04-14 00:12:02 118,784 ------w c:\windows\ServicePackFiles\i386\ntmarta.dll
+ 2008-04-14 00:12:02 40,960 ------w c:\windows\ServicePackFiles\i386\ntmsapi.dll
+ 2008-04-14 00:12:02 179,200 ------w c:\windows\ServicePackFiles\i386\ntmsdba.dll
+ 2008-04-14 00:12:02 488,448 ------w c:\windows\ServicePackFiles\i386\ntmsmgr.dll
+ 2008-04-14 00:12:02 435,200 ------w c:\windows\ServicePackFiles\i386\ntmssvc.dll
+ 2004-08-04 03:41:40 180,360 ------w c:\windows\ServicePackFiles\i386\ntmtlfax.sys
+ 2008-04-14 00:12:02 62,976 ------w c:\windows\ServicePackFiles\i386\ntoc.dll
+ 2008-04-13 19:27:53 2,188,928 ------w c:\windows\ServicePackFiles\i386\ntoskrnl.exe
+ 2008-04-14 00:12:02 91,136 ------w c:\windows\ServicePackFiles\i386\ntprint.dll
+ 2008-04-14 00:12:02 143,360 ------w c:\windows\ServicePackFiles\i386\ntshrui.dll
+ 2008-04-14 00:12:30 420,864 ------w c:\windows\ServicePackFiles\i386\ntvdm.exe
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\ntvdmd.dll
+ 2008-04-14 00:12:02 4,274,816 ------w c:\windows\ServicePackFiles\i386\nv4_disp.dll
+ 2004-08-04 03:29:56 1,897,408 ------w c:\windows\ServicePackFiles\i386\nv4_mini.sys
+ 2008-04-13 18:56:06 88,320 ------w c:\windows\ServicePackFiles\i386\nwlnkipx.sys
+ 2008-04-14 00:12:02 142,336 ------w c:\windows\ServicePackFiles\i386\nwprovau.dll
+ 2008-04-14 00:12:02 270,336 ------w c:\windows\ServicePackFiles\i386\oakley.dll
+ 2008-04-14 00:10:30 229,376 ------w c:\windows\ServicePackFiles\i386\obelog.dll
+ 2008-04-14 00:10:30 966,656 ------w c:\windows\ServicePackFiles\i386\obemetal.dll
+ 2007-04-02 18:44:11 77,824 ------w c:\windows\ServicePackFiles\i386\obemtllc.dll
+ 2008-04-14 00:10:30 86,016 ------w c:\windows\ServicePackFiles\i386\obepopc.dll
+ 2008-04-14 00:12:02 286,208 ------w c:\windows\ServicePackFiles\i386\objsel.dll
+ 2008-04-13 18:40:52 405,504 ------w c:\windows\ServicePackFiles\i386\obrb041b.dll
+ 2008-04-13 18:40:56 408,576 ------w c:\windows\ServicePackFiles\i386\obrb0424.dll
+ 2008-04-14 00:12:02 96,256 ------w c:\windows\ServicePackFiles\i386\occache.dll
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\ocgen.dll
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\ocmanage.dll
+ 2008-04-14 00:12:02 17,408 ------w c:\windows\ServicePackFiles\i386\ocmsn.dll
+ 2004-08-04 12:00:00 26,224 ------w c:\windows\ServicePackFiles\i386\odbc16gt.dll
+ 2008-04-14 00:12:02 249,856 ------w c:\windows\ServicePackFiles\i386\odbc32.dll
+ 2008-04-14 00:12:02 16,384 ------w c:\windows\ServicePackFiles\i386\odbc32gt.dll
+ 2008-04-14 00:12:30 32,768 ------w c:\windows\ServicePackFiles\i386\odbcad32.exe
+ 2008-04-14 00:12:02 24,576 ------w c:\windows\ServicePackFiles\i386\odbcbcp.dll
+ 2008-04-14 00:12:02 135,168 ------w c:\windows\ServicePackFiles\i386\odbcconf.dll
+ 2008-04-14 00:12:30 69,632 ------w c:\windows\ServicePackFiles\i386\odbcconf.exe
+ 2008-04-14 00:12:02 106,496 ------w c:\windows\ServicePackFiles\i386\odbccp32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\odbccu32.dll
+ 2008-04-13 17:26:05 94,208 ------w c:\windows\ServicePackFiles\i386\odbcint.dll
+ 2008-04-14 00:10:31 53,279 ------w c:\windows\ServicePackFiles\i386\odbcji32.dll
+ 2008-04-14 00:12:02 278,559 ------w c:\windows\ServicePackFiles\i386\odbcjt32.dll
+ 2008-04-13 17:26:05 12,288 ------w c:\windows\ServicePackFiles\i386\odbcp32r.dll
+ 2008-04-14 00:12:02 147,456 ------w c:\windows\ServicePackFiles\i386\odbctrac.dll
+ 2008-04-14 00:12:02 20,511 ------w c:\windows\ServicePackFiles\i386\oddbse32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odpdx32.dll
+ 2008-04-14 00:12:02 20,511 ------w c:\windows\ServicePackFiles\i386\odtext32.dll
+ 2008-04-14 00:12:02 104,448 ------w c:\windows\ServicePackFiles\i386\oeimport.dll
+ 2008-04-14 00:12:30 60,416 ------w c:\windows\ServicePackFiles\i386\oemig50.exe
+ 2008-04-14 00:12:02 35,328 ------w c:\windows\ServicePackFiles\i386\oemiglib.dll
+ 2008-04-14 00:12:02 192,000 ------w c:\windows\ServicePackFiles\i386\offfilt.dll
+ 2008-04-13 18:46:18 61,696 ------w c:\windows\ServicePackFiles\i386\ohci1394.sys
+ 2008-04-14 00:12:02 1,287,168 ------w c:\windows\ServicePackFiles\i386\ole32.dll
+ 2008-04-14 00:12:02 551,936 ------w c:\windows\ServicePackFiles\i386\oleaut32.dll
+ 2008-04-14 00:12:02 74,752 ------w c:\windows\ServicePackFiles\i386\olecli32.dll
+ 2008-04-14 00:12:02 37,376 ------w c:\windows\ServicePackFiles\i386\olecnv32.dll
+ 2008-04-14 00:12:02 487,424 ------w c:\windows\ServicePackFiles\i386\oledb32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\oledb32r.dll
+ 2008-04-14 00:12:02 122,880 ------w c:\windows\ServicePackFiles\i386\oledlg.dll
+ 2008-04-14 00:12:02 107,008 ------w c:\windows\ServicePackFiles\i386\oleprn.dll
+ 2008-04-14 00:12:02 84,992 ------w c:\windows\ServicePackFiles\i386\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w c:\windows\ServicePackFiles\i386\onex.dll
+ 2008-04-14 00:12:31 51,200 ------w c:\windows\ServicePackFiles\i386\oobebaln.exe
+ 2008-04-14 00:12:02 713,728 ------w c:\windows\ServicePackFiles\i386\opengl32.dll
+ 2008-04-13 18:32:32 166,912 ------w c:\windows\ServicePackFiles\i386\oschoice.exe
+ 2008-04-14 00:12:31 215,552 ------w c:\windows\ServicePackFiles\i386\osk.exe
+ 2008-04-13 18:31:43 230,400 ------w c:\windows\ServicePackFiles\i386\osloader.exe
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\osuninst.dll
+ 2008-04-14 00:12:02 153,600 ------w c:\windows\ServicePackFiles\i386\p2p.dll
+ 2008-04-14 00:12:02 105,472 ------w c:\windows\ServicePackFiles\i386\p2pgasvc.dll
+ 2008-04-14 00:12:02 313,856 ------w c:\windows\ServicePackFiles\i386\p2pgraph.dll
+ 2008-04-14 00:12:02 115,712 ------w c:\windows\ServicePackFiles\i386\p2pnetsh.dll
+ 2008-04-14 00:12:02 554,496 ------w c:\windows\ServicePackFiles\i386\p2psvc.dll
+ 2008-04-13 18:31:31 42,752 ------w c:\windows\ServicePackFiles\i386\p3.sys
+ 2008-04-14 00:12:31 58,368 ------w c:\windows\ServicePackFiles\i386\packager.exe
+ 2008-04-13 18:40:10 80,128 ------w c:\windows\ServicePackFiles\i386\parport.sys
+ 2008-04-13 18:40:49 19,712 ------w c:\windows\ServicePackFiles\i386\partmgr.sys
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\pautoenr.dll
+ 2004-08-04 03:31:24 29,502 ------w c:\windows\ServicePackFiles\i386\pca200e.sys
+ 2008-04-14 00:12:02 102,912 ------w c:\windows\ServicePackFiles\i386\pchshell.dll
+ 2008-04-14 00:12:02 38,400 ------w c:\windows\ServicePackFiles\i386\pchsvc.dll
+ 2008-04-13 18:36:44 68,224 ------w c:\windows\ServicePackFiles\i386\pci.sys
+ 2008-04-13 18:40:29 24,960 ------w c:\windows\ServicePackFiles\i386\pciidex.sys
+ 2007-05-15 08:08:11 288,768 ------w c:\windows\ServicePackFiles\i386\pcl4res.dll
+ 2007-05-15 08:08:13 1,058,816 ------w c:\windows\ServicePackFiles\i386\pcl5eres.dll
+ 2007-05-15 08:08:14 1,057,280 ------w c:\windows\ServicePackFiles\i386\pcl5ures.dll
+ 2007-05-15 08:08:14 207,872 ------w c:\windows\ServicePackFiles\i386\pclxl.dll
+ 2008-04-13 18:36:43 120,192 ------w c:\windows\ServicePackFiles\i386\pcmcia.sys
+ 2004-08-04 03:06:18 169,984 ------w c:\windows\ServicePackFiles\i386\pcx500.sys
+ 2008-04-14 00:12:02 284,160 ------w c:\windows\ServicePackFiles\i386\pdh.dll
+ 2008-04-14 00:12:02 39,936 ------w c:\windows\ServicePackFiles\i386\perfctrs.dll
+ 2008-04-14 00:12:02 26,624 ------w c:\windows\ServicePackFiles\i386\perfdisk.dll
+ 2008-04-14 00:12:31 15,872 ------w c:\windows\ServicePackFiles\i386\perfmon.exe
+ 2008-04-14 00:12:02 17,920 ------w c:\windows\ServicePackFiles\i386\perfnet.dll
+ 2008-04-14 00:12:02 25,088 ------w c:\windows\ServicePackFiles\i386\perfos.dll
+ 2008-04-14 00:12:02 34,816 ------w c:\windows\ServicePackFiles\i386\perfproc.dll
+ 2008-04-13 18:44:29 27,904 ------w c:\windows\ServicePackFiles\i386\perm2.sys
+ 2008-04-14 00:10:34 211,584 ------w c:\windows\ServicePackFiles\i386\perm2dll.dll
+ 2008-04-13 18:44:30 28,032 ------w c:\windows\ServicePackFiles\i386\perm3.sys
+ 2008-04-14 00:10:34 259,328 ------w c:\windows\ServicePackFiles\i386\perm3dd.dll
+ 2008-04-14 00:12:02 176,128 ------w c:\windows\ServicePackFiles\i386\photowiz.dll
+ 2008-04-14 00:12:02 35,328 ------w c:\windows\ServicePackFiles\i386\pid.dll
+ 2008-04-13 18:35:22 24,064 ------w c:\windows\ServicePackFiles\i386\pidgen.dll
+ 2008-04-14 00:12:31 281,088 ------w c:\windows\ServicePackFiles\i386\pinball.exe
+ 2008-04-14 00:12:31 17,920 ------w c:\windows\ServicePackFiles\i386\ping.exe
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\pjlmon.dll
+ 2008-04-14 00:12:02 44,544 ------w c:\windows\ServicePackFiles\i386\plotter.dll
+ 2008-04-14 00:12:02 52,736 ------w c:\windows\ServicePackFiles\i386\plotui.dll
+ 2008-04-14 00:12:02 412,160 ------w c:\windows\ServicePackFiles\i386\pmh.dll
+ 2008-04-14 00:12:02 39,424 ------w c:\windows\ServicePackFiles\i386\pngfilt.dll
+ 2008-04-14 00:12:02 58,880 ------w c:\windows\ServicePackFiles\i386\pnrpnsp.dll
+ 2008-04-14 00:12:02 105,472 ------w c:\windows\ServicePackFiles\i386\polstore.dll
+ 2008-04-13 19:19:41 146,048 ------w c:\windows\ServicePackFiles\i386\portcls.sys
+ 2008-04-14 00:12:31 49,152 ------w c:\windows\ServicePackFiles\i386\powercfg.exe
+ 2008-04-13 18:40:56 8,832 ------w c:\windows\ServicePackFiles\i386\powerfil.sys
+ 2008-04-14 00:12:03 17,408 ------w c:\windows\ServicePackFiles\i386\powrprof.dll
+ 2008-04-13 18:41:00 17,664 ------w c:\windows\ServicePackFiles\i386\ppa3.sys
+ 2008-04-14 00:12:03 560,640 ------w c:\windows\ServicePackFiles\i386\printui.dll
+ 2008-04-13 18:31:30 35,840 ------w c:\windows\ServicePackFiles\i386\processr.sys
+ 2008-04-14 00:12:03 27,648 ------w c:\windows\ServicePackFiles\i386\profmap.dll
+ 2008-04-14 00:12:31 109,568 ------w c:\windows\ServicePackFiles\i386\progman.exe
+ 2008-04-14 00:12:32 50,176 ------w c:\windows\ServicePackFiles\i386\proquota.exe
+ 2008-04-14 00:12:03 237,056 ------w c:\windows\ServicePackFiles\i386\provthrd.dll
+ 2008-04-14 00:12:32 9,216 ------w c:\windows\ServicePackFiles\i386\proxycfg.exe
+ 2008-04-14 00:12:03 728,576 ------w c:\windows\ServicePackFiles\i386\ps5ui.dll
+ 2008-04-14 00:12:03 23,040 ------w c:\windows\ServicePackFiles\i386\psapi.dll
+ 2008-04-14 00:12:03 96,768 ------w c:\windows\ServicePackFiles\i386\psbase.dll
+ 2008-04-13 18:56:38 69,120 ------w c:\windows\ServicePackFiles\i386\psched.sys
+ 2008-04-14 00:12:03 543,232 ------w c:\windows\ServicePackFiles\i386\pscript5.dll
+ 2008-04-14 00:12:03 363,520 ------w c:\windows\ServicePackFiles\i386\psisdecd.dll
+ 2008-04-14 00:12:03 43,520 ------w c:\windows\ServicePackFiles\i386\pstorec.dll
+ 2008-04-14 00:12:03 34,304 ------w c:\windows\ServicePackFiles\i386\pstorsvc.dll
+ 2008-04-14 00:12:03 159,232 ------w c:\windows\ServicePackFiles\i386\ptpusd.dll
+ 2008-04-14 00:12:03 150,528 ------w c:\windows\ServicePackFiles\i386\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w c:\windows\ServicePackFiles\i386\qagentrt.dll
+ 2008-04-14 00:12:03 237,568 ------w c:\windows\ServicePackFiles\i386\qasf.dll
+ 2008-04-14 00:12:03 192,512 ------w c:\windows\ServicePackFiles\i386\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w c:\windows\ServicePackFiles\i386\qcliprov.dll
+ 2008-04-14 00:12:03 279,040 ------w c:\windows\ServicePackFiles\i386\qdv.dll
+ 2008-04-14 00:12:03 386,048 ------w c:\windows\ServicePackFiles\i386\qdvd.dll
+ 2008-04-14 00:12:03 562,176 ------w c:\windows\ServicePackFiles\i386\qedit.dll
+ 2008-04-13 17:21:32 733,696 ------w c:\windows\ServicePackFiles\i386\qedwipes.dll
+ 2008-04-13 18:40:52 6,016 ------w c:\windows\ServicePackFiles\i386\qic157.sys
+ 2008-04-14 00:12:03 409,088 ------w c:\windows\ServicePackFiles\i386\qmgr.dll
+ 2008-04-14 00:12:03 18,944 ------w c:\windows\ServicePackFiles\i386\qmgrprxy.dll
+ 2008-04-14 00:12:32 19,968 ------w c:\windows\ServicePackFiles\i386\qprocess.exe
+ 2008-04-14 00:12:03 1,288,192 ------w c:\windows\ServicePackFiles\i386\quartz.dll
+ 2008-04-14 00:12:03 1,435,648 ------w c:\windows\ServicePackFiles\i386\query.dll
+ 2008-04-14 00:12:03 76,800 ------w c:\windows\ServicePackFiles\i386\qutil.dll
+ 2008-04-14 00:12:03 43,520 ------w c:\windows\ServicePackFiles\i386\racpldlg.dll
+ 2008-04-13 18:41:23 20,736 ------w c:\windows\ServicePackFiles\i386\ramdisk.sys
+ 2008-04-14 00:12:03 7,680 ------w c:\windows\ServicePackFiles\i386\rasadhlp.dll
+ 2008-04-14 00:12:03 237,056 ------w c:\windows\ServicePackFiles\i386\rasapi32.dll
+ 2008-04-14 00:12:03 88,576 ------w c:\windows\ServicePackFiles\i386\rasauto.dll
+ 2008-04-14 00:12:03 79,872 ------w c:\windows\ServicePackFiles\i386\raschap.dll
+ 2008-04-14 00:12:03 658,432 ------w c:\windows\ServicePackFiles\i386\rasdlg.dll
+ 2008-04-13 19:19:43 51,328 ------w c:\windows\ServicePackFiles\i386\rasl2tp.sys
+ 2008-04-14 00:12:03 61,440 ------w c:\windows\ServicePackFiles\i386\rasman.dll
+ 2008-04-14 00:12:03 186,368 ------w c:\windows\ServicePackFiles\i386\rasmans.dll
+ 2008-04-14 00:12:32 56,832 ------w c:\windows\ServicePackFiles\i386\rasphone.exe
+ 2008-04-14 00:12:03 210,944 ------w c:\windows\ServicePackFiles\i386\rasppp.dll
+ 2008-04-13 18:57:32 41,472 ------w c:\windows\ServicePackFiles\i386\raspppoe.sys
+ 2008-04-13 19:19:48 48,384 ------w c:\windows\ServicePackFiles\i386\raspptp.sys
+ 2008-04-14 00:12:03 61,952 ------w c:\windows\ServicePackFiles\i386\rasqec.dll
+ 2008-04-14 00:12:03 16,384 ------w c:\windows\ServicePackFiles\i386\rassapi.dll
+ 2008-04-14 00:12:03 58,368 ------w c:\windows\ServicePackFiles\i386\rastapi.dll
+ 2008-04-14 00:12:03 150,016 ------w c:\windows\ServicePackFiles\i386\rastls.dll
+ 2008-04-14 00:12:03 102,400 ------w c:\windows\ServicePackFiles\i386\rcbdyctl.dll
+ 2008-04-14 00:12:32 35,840 ------w c:\windows\ServicePackFiles\i386\rcimlby.exe
+ 2008-04-14 00:12:32 21,504 ------w c:\windows\ServicePackFiles\i386\rcp.exe
+ 2008-04-13 19:28:39 175,744 ------w c:\windows\ServicePackFiles\i386\rdbss.sys
+ 2008-04-14 00:12:03 147,968 ------w c:\windows\ServicePackFiles\i386\rdchost.dll
+ 2008-04-14 00:12:32 62,976 ------w c:\windows\ServicePackFiles\i386\rdpclip.exe
+ 2008-04-14 00:13:22 92,424 ------w c:\windows\ServicePackFiles\i386\rdpdd.dll
+ 2008-04-13 18:32:51 196,224 ------w c:\windows\ServicePackFiles\i386\rdpdr.sys
+ 2008-04-14 00:12:04 19,968 ------w c:\windows\ServicePackFiles\i386\rdpsnd.dll
+ 2008-04-14 00:13:22 139,656 ------w c:\windows\ServicePackFiles\i386\rdpwd.sys
+ 2008-04-14 00:13:22 87,176 ------w c:\windows\ServicePackFiles\i386\rdpwsx.dll
+ 2008-04-14 00:12:32 13,824 ------w c:\windows\ServicePackFiles\i386\rdsaddin.exe
+ 2008-04-14 00:12:32 67,072 ------w c:\windows\ServicePackFiles\i386\rdshost.exe
+ 2004-08-04 03:41:40 13,776 ------w c:\windows\ServicePackFiles\i386\recagent.sys
+ 2008-04-13 18:40:27 57,600 ------w c:\windows\ServicePackFiles\i386\redbook.sys
+ 2004-08-04 12:00:00 3,338 ------w c:\windows\ServicePackFiles\i386\redir.exe
+ 2008-04-14 00:12:32 50,176 ------w c:\windows\ServicePackFiles\i386\reg.exe
+ 2008-04-14 00:12:04 49,664 ------w c:\windows\ServicePackFiles\i386\regapi.dll
+ 2008-04-14 00:12:32 146,432 ------w c:\windows\ServicePackFiles\i386\regedit.exe
+ 2008-04-14 00:12:04 59,904 ------w c:\windows\ServicePackFiles\i386\regsvc.dll
+ 2008-04-14 00:12:32 11,776 ------w c:\windows\ServicePackFiles\i386\regsvr32.exe
+ 2008-04-14 00:12:04 397,824 ------w c:\windows\ServicePackFiles\i386\regwizc.dll
+ 2008-04-14 00:12:04 60,416 ------w c:\windows\ServicePackFiles\i386\remotepg.dll
+ 2008-04-14 00:12:04 178,176 ------w c:\windows\ServicePackFiles\i386\repdrvfs.dll
+ 2008-04-14 00:12:04 58,880 ------w c:\windows\ServicePackFiles\i386\resutils.dll
+ 2008-04-14 00:12:33 13,824 ------w c:\windows\ServicePackFiles\i386\rexec.exe
+ 2008-04-13 18:46:32 59,136 ------w c:\windows\ServicePackFiles\i386\rfcomm.sys
+ 2008-04-14 00:12:04 290,304 ------w c:\windows\ServicePackFiles\i386\rhttpaa.dll
+ 2008-04-14 00:12:04 123,392 ------w c:\windows\ServicePackFiles\i386\riafres.dll
+ 2008-04-14 00:12:04 11,776 ------w c:\windows\ServicePackFiles\i386\riafui1.dll
+ 2008-04-14 00:12:04 11,776 ------w c:\windows\ServicePackFiles\i386\riafui2.dll
+ 2008-04-14 00:12:04 433,664 ------w c:\windows\ServicePackFiles\i386\riched20.dll
+ 2008-04-13 18:55:08 202,624 ------w c:\windows\ServicePackFiles\i386\rmcast.sys

#10 Monsieurfitch08

Monsieurfitch08
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 01 April 2009 - 10:02 AM

+ 2008-04-13 18:56:49 30,592 ------w c:\windows\ServicePackFiles\i386\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ------w c:\windows\ServicePackFiles\i386\rndismpx.sys
+ 2008-04-13 18:40:14 79,104 ------w c:\windows\ServicePackFiles\i386\rocket.sys
+ 2008-04-14 00:12:04 584,704 ------w c:\windows\ServicePackFiles\i386\rpcrt4.dll
+ 2008-04-14 00:12:04 399,360 ------w c:\windows\ServicePackFiles\i386\rpcss.dll
+ 2008-04-14 00:12:04 61,440 ------w c:\windows\ServicePackFiles\i386\rrcm.dll
+ 2008-04-13 17:37:57 208,384 ------w c:\windows\ServicePackFiles\i386\rsaenh.dll
+ 2008-04-14 00:12:33 14,848 ------w c:\windows\ServicePackFiles\i386\rsh.exe
+ 2008-04-14 00:12:04 39,936 ------w c:\windows\ServicePackFiles\i386\rshx32.dll
+ 2008-04-14 00:12:04 18,944 ------w c:\windows\ServicePackFiles\i386\rsmps.dll
+ 2008-04-14 00:12:33 380,416 ------w c:\windows\ServicePackFiles\i386\rstrui.exe
+ 2008-04-14 00:12:04 92,672 ------w c:\windows\ServicePackFiles\i386\rsvpsp.dll
+ 2008-04-14 00:12:33 77,312 ------w c:\windows\ServicePackFiles\i386\rtcshare.exe
+ 2008-04-14 00:12:04 31,744 ------w c:\windows\ServicePackFiles\i386\rtipxmib.dll
+ 2004-08-04 05:31:34 20,992 ------w c:\windows\ServicePackFiles\i386\rtl8139.sys
+ 2008-04-14 00:12:04 44,032 ------w c:\windows\ServicePackFiles\i386\rtutils.dll
+ 2008-04-14 00:12:33 33,280 ------w c:\windows\ServicePackFiles\i386\rundll32.exe
+ 2008-04-14 00:12:33 14,336 ------w c:\windows\ServicePackFiles\i386\runonce.exe
+ 2008-04-14 00:12:04 27,648 ------w c:\windows\ServicePackFiles\i386\rw001ext.dll
+ 2008-04-14 00:12:04 29,184 ------w c:\windows\ServicePackFiles\i386\rw330ext.dll
+ 2008-04-14 00:12:04 27,648 ------w c:\windows\ServicePackFiles\i386\rw430ext.dll
+ 2008-04-14 00:12:04 29,696 ------w c:\windows\ServicePackFiles\i386\rw450ext.dll
+ 2008-04-14 00:12:04 397,056 ------w c:\windows\ServicePackFiles\i386\s3gnb.dll
+ 2004-08-04 03:29:52 166,912 ------w c:\windows\ServicePackFiles\i386\s3gnbm.sys
+ 2008-04-14 00:12:04 43,520 ------w c:\windows\ServicePackFiles\i386\safrcdlg.dll
+ 2008-04-14 00:12:04 29,696 ------w c:\windows\ServicePackFiles\i386\safrdm.dll
+ 2008-04-14 00:12:04 45,568 ------w c:\windows\ServicePackFiles\i386\safrslv.dll
+ 2008-04-14 00:12:04 64,000 ------w c:\windows\ServicePackFiles\i386\samlib.dll
+ 2008-04-14 00:12:04 415,744 ------w c:\windows\ServicePackFiles\i386\samsrv.dll
+ 2008-04-14 00:12:04 741,376 ------w c:\windows\ServicePackFiles\i386\sapi.dll
+ 2008-04-14 00:12:33 13,312 ------w c:\windows\ServicePackFiles\i386\savedump.exe
+ 2008-04-14 00:12:04 270,848 ------w c:\windows\ServicePackFiles\i386\sbe.dll
+ 2008-04-14 00:12:04 159,232 ------w c:\windows\ServicePackFiles\i386\sbeio.dll
+ 2008-04-13 18:40:48 43,904 ------w c:\windows\ServicePackFiles\i386\sbp2port.sys
+ 2008-04-14 00:12:04 69,632 ------w c:\windows\ServicePackFiles\i386\scarddlg.dll
+ 2008-04-14 00:12:33 95,744 ------w c:\windows\ServicePackFiles\i386\scardsvr.exe
+ 2004-08-04 12:00:00 169,984 ------w c:\windows\ServicePackFiles\i386\sccbase.dll
+ 2008-04-14 00:12:05 171,008 ------w c:\windows\ServicePackFiles\i386\sccsccp.dll
+ 2008-04-14 00:12:05 181,248 ------w c:\windows\ServicePackFiles\i386\scecli.dll
+ 2008-04-14 00:12:05 314,880 ------w c:\windows\ServicePackFiles\i386\scesrv.dll
+ 2008-04-14 00:12:05 144,384 ------w c:\windows\ServicePackFiles\i386\schannel.dll
+ 2008-04-14 00:12:05 192,512 ------w c:\windows\ServicePackFiles\i386\schedsvc.dll
+ 2008-04-14 00:12:05 20,480 ------w c:\windows\ServicePackFiles\i386\sclgntfy.dll
+ 2008-04-14 00:12:34 36,352 ------w c:\windows\ServicePackFiles\i386\scrcons.exe
+ 2008-04-14 00:12:05 215,552 ------w c:\windows\ServicePackFiles\i386\script.dll
+ 2008-04-14 00:12:05 199,680 ------w c:\windows\ServicePackFiles\i386\scripta.dll
+ 2008-04-14 00:12:43 9,216 ------w c:\windows\ServicePackFiles\i386\scrnsave.scr
+ 2008-04-14 00:12:05 180,224 ------w c:\windows\ServicePackFiles\i386\scrobj.dll
+ 2008-04-14 00:12:05 172,032 ------w c:\windows\ServicePackFiles\i386\scrrun.dll
+ 2008-04-13 18:40:30 96,384 ------w c:\windows\ServicePackFiles\i386\scsiport.sys
+ 2008-04-13 18:45:33 11,520 ------w c:\windows\ServicePackFiles\i386\scsiscan.sys
+ 2008-04-14 00:12:34 77,312 ------w c:\windows\ServicePackFiles\i386\sdbinst.exe
+ 2008-04-13 18:36:44 79,232 ------w c:\windows\ServicePackFiles\i386\sdbus.sys
+ 2008-04-14 00:12:05 29,184 ------w c:\windows\ServicePackFiles\i386\sdhcinst.dll
+ 2007-11-13 10:25:53 20,480 ------w c:\windows\ServicePackFiles\i386\secdrv.sys
+ 2008-04-14 00:12:05 18,944 ------w c:\windows\ServicePackFiles\i386\seclogon.dll
+ 2006-12-31 12:57:08 4,569 ------w c:\windows\ServicePackFiles\i386\secupd.dat
+ 2008-04-14 00:12:05 56,320 ------w c:\windows\ServicePackFiles\i386\secur32.dll
+ 2008-04-14 00:12:05 5,632 ------w c:\windows\ServicePackFiles\i386\security.dll
+ 2008-04-14 00:12:05 29,184 ------w c:\windows\ServicePackFiles\i386\sendcmsg.dll
+ 2008-04-14 00:12:05 54,784 ------w c:\windows\ServicePackFiles\i386\sendmail.dll
+ 2008-04-14 00:12:05 39,424 ------w c:\windows\ServicePackFiles\i386\sens.dll
+ 2008-04-14 00:12:05 7,168 ------w c:\windows\ServicePackFiles\i386\sensapi.dll
+ 2008-04-13 18:40:12 15,744 ------w c:\windows\ServicePackFiles\i386\serenum.sys
+ 2008-04-13 19:15:45 64,512 ------w c:\windows\ServicePackFiles\i386\serial.sys
+ 2008-04-14 00:12:05 56,320 ------w c:\windows\ServicePackFiles\i386\servdeps.dll
+ 2008-04-14 00:12:34 108,544 ------w c:\windows\ServicePackFiles\i386\services.exe
+ 2008-04-14 00:12:34 141,312 ------w c:\windows\ServicePackFiles\i386\sessmgr.exe
+ 2008-04-14 00:12:34 31,232 ------w c:\windows\ServicePackFiles\i386\sethc.exe
+ 2008-04-14 00:12:34 23,040 ------w c:\windows\ServicePackFiles\i386\setup.exe
+ 2008-04-14 00:12:34 73,216 ------w c:\windows\ServicePackFiles\i386\setup50.exe
+ 2008-04-14 10:42:06 985,088 ------w c:\windows\ServicePackFiles\i386\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w c:\windows\ServicePackFiles\i386\setupn.exe
+ 2008-04-14 00:12:05 101,376 ------w c:\windows\ServicePackFiles\i386\setupqry.dll
+ 2008-04-14 00:12:05 5,120 ------w c:\windows\ServicePackFiles\i386\sfc.dll
+ 2008-04-14 00:12:05 140,288 ------w c:\windows\ServicePackFiles\i386\sfc_os.dll
+ 2008-04-14 00:12:05 1,614,848 ------w c:\windows\ServicePackFiles\i386\sfcfiles.dll
+ 2008-04-13 18:40:47 11,904 ------w c:\windows\ServicePackFiles\i386\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w c:\windows\ServicePackFiles\i386\sffp_mmc.sys
+ 2008-04-13 18:40:47 11,008 ------w c:\windows\ServicePackFiles\i386\sffp_sd.sys
+ 2008-04-13 18:40:48 11,392 ------w c:\windows\ServicePackFiles\i386\sfloppy.sys
+ 2008-04-13 17:03:19 549,376 ------w c:\windows\ServicePackFiles\i386\shdoclc.dll
+ 2008-04-14 00:12:05 1,499,136 ------w c:\windows\ServicePackFiles\i386\shdocvw.dll
+ 2008-04-14 00:12:05 8,461,312 ------w c:\windows\ServicePackFiles\i386\shell32.dll
+ 2008-04-14 00:12:05 25,088 ------w c:\windows\ServicePackFiles\i386\shfolder.dll
+ 2008-04-14 00:12:05 68,096 ------w c:\windows\ServicePackFiles\i386\shgina.dll
+ 2008-04-14 00:12:05 65,024 ------w c:\windows\ServicePackFiles\i386\shimeng.dll
+ 2008-04-14 00:12:05 438,272 ------w c:\windows\ServicePackFiles\i386\shimgvw.dll
+ 2008-04-14 00:12:05 474,112 ------w c:\windows\ServicePackFiles\i386\shlwapi.dll
+ 2008-04-14 00:12:35 45,056 ------w c:\windows\ServicePackFiles\i386\shmgrate.exe
+ 2008-04-14 00:12:35 77,824 ------w c:\windows\ServicePackFiles\i386\shrpubw.exe
+ 2008-04-14 00:12:05 27,648 ------w c:\windows\ServicePackFiles\i386\shscrap.dll
+ 2008-04-14 00:12:05 135,168 ------w c:\windows\ServicePackFiles\i386\shsvcs.dll
+ 2008-04-14 00:12:05 20,536 ------w c:\windows\ServicePackFiles\i386\shtml.dll
+ 2008-04-14 00:12:35 16,437 ------w c:\windows\ServicePackFiles\i386\shtml.exe
+ 2008-04-14 00:12:35 19,456 ------w c:\windows\ServicePackFiles\i386\shutdown.exe
+ 2008-04-14 00:12:05 13,312 ------w c:\windows\ServicePackFiles\i386\sigtab.dll
+ 2008-04-14 00:12:35 70,144 ------w c:\windows\ServicePackFiles\i386\sigverif.exe
+ 2008-04-14 00:12:05 3,901 ------w c:\windows\ServicePackFiles\i386\siint5.dll
+ 2008-04-13 18:36:39 40,960 ------w c:\windows\ServicePackFiles\i386\sisagp.sys
+ 2004-08-04 03:31:36 32,768 ------w c:\windows\ServicePackFiles\i386\sisnic.sys
+ 2008-04-14 00:12:35 26,112 ------w c:\windows\ServicePackFiles\i386\skeys.exe
+ 2004-08-04 03:31:42 63,547 ------w c:\windows\ServicePackFiles\i386\sla30nd5.sys
+ 2008-04-14 00:12:06 25,088 ------w c:\windows\ServicePackFiles\i386\slayerxp.dll
+ 2004-08-04 12:00:00 306,176 ------w c:\windows\ServicePackFiles\i386\slbcsp.dll
+ 2008-04-14 00:12:06 98,304 ------w c:\windows\ServicePackFiles\i386\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w c:\windows\ServicePackFiles\i386\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w c:\windows\ServicePackFiles\i386\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w c:\windows\ServicePackFiles\i386\slgen.dll
+ 2008-04-13 18:46:23 11,136 ------w c:\windows\ServicePackFiles\i386\slip.sys
+ 2004-08-04 03:41:42 129,535 ------w c:\windows\ServicePackFiles\i386\slnt7554.sys
+ 2004-08-04 03:41:44 404,990 ------w c:\windows\ServicePackFiles\i386\slntamr.sys
+ 2004-08-04 03:41:46 95,424 ------w c:\windows\ServicePackFiles\i386\slnthal.sys
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\ServicePackFiles\i386\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w c:\windows\ServicePackFiles\i386\slserv.exe
+ 2004-08-04 03:41:46 13,240 ------w c:\windows\ServicePackFiles\i386\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w c:\windows\ServicePackFiles\i386\smbali.sys
+ 2008-04-13 18:36:33 16,000 ------w c:\windows\ServicePackFiles\i386\smbbatt.sys
+ 2008-04-13 18:36:33 6,912 ------w c:\windows\ServicePackFiles\i386\smbclass.sys
+ 2008-04-14 00:12:35 8,192 ------w c:\windows\ServicePackFiles\i386\smbinst.exe
+ 2008-04-14 00:12:35 236,544 ------w c:\windows\ServicePackFiles\i386\smi2smir.exe
+ 2008-04-14 00:12:06 362,496 ------w c:\windows\ServicePackFiles\i386\smlogcfg.dll
+ 2008-04-14 00:12:35 89,600 ------w c:\windows\ServicePackFiles\i386\smlogsvc.exe
+ 2008-04-14 00:12:36 50,688 ------w c:\windows\ServicePackFiles\i386\smss.exe
+ 2008-04-14 00:12:06 456,192 ------w c:\windows\ServicePackFiles\i386\smtpsvc.dll
+ 2008-04-14 00:12:36 131,584 ------w c:\windows\ServicePackFiles\i386\sndrec32.exe
+ 2008-04-14 00:12:06 34,816 ------w c:\windows\ServicePackFiles\i386\sniffpol.dll
+ 2008-04-14 00:12:36 33,280 ------w c:\windows\ServicePackFiles\i386\snmp.exe
+ 2008-04-14 00:12:06 18,944 ------w c:\windows\ServicePackFiles\i386\snmpapi.dll
+ 2008-04-14 00:12:06 259,072 ------w c:\windows\ServicePackFiles\i386\snmpcl.dll
+ 2008-04-14 00:12:06 358,400 ------w c:\windows\ServicePackFiles\i386\snmpincl.dll
+ 2008-04-14 00:12:06 6,144 ------w c:\windows\ServicePackFiles\i386\snmpmib.dll
+ 2008-04-14 00:12:06 188,416 ------w c:\windows\ServicePackFiles\i386\snmpsmir.dll
+ 2008-04-14 00:12:06 182,272 ------w c:\windows\ServicePackFiles\i386\snmpsnap.dll
+ 2008-04-14 00:12:06 39,936 ------w c:\windows\ServicePackFiles\i386\snmpthrd.dll
+ 2008-04-14 00:12:36 8,704 ------w c:\windows\ServicePackFiles\i386\snmptrap.exe
+ 2008-04-14 00:12:06 130,048 ------w c:\windows\ServicePackFiles\i386\softkbd.dll
+ 2008-04-13 18:40:52 7,552 ------w c:\windows\ServicePackFiles\i386\sonyait.sys
+ 2008-04-13 18:46:07 25,344 ------w c:\windows\ServicePackFiles\i386\sonydcam.sys
+ 2008-04-14 00:12:36 24,576 ------w c:\windows\ServicePackFiles\i386\sort.exe
+ 2008-04-14 00:12:36 7,680 ------w c:\windows\ServicePackFiles\i386\spdwnwxp.exe
+ 2008-04-13 16:43:18 62,976 ------w c:\windows\ServicePackFiles\i386\spgrmr.dll
+ 2008-04-14 00:12:36 538,624 ------w c:\windows\ServicePackFiles\i386\spider.exe
+ 2008-04-13 18:45:07 6,272 ------w c:\windows\ServicePackFiles\i386\splitter.sys
+ 2008-04-14 10:42:38 11,264 ------w c:\windows\ServicePackFiles\i386\spnpinst.exe
+ 2008-04-14 00:12:06 75,264 ------w c:\windows\ServicePackFiles\i386\spoolss.dll
+ 2008-04-14 00:12:36 57,856 ------w c:\windows\ServicePackFiles\i386\spoolsv.exe
+ 2008-04-13 18:35:28 192,512 ------w c:\windows\ServicePackFiles\i386\spra041b.dll
+ 2008-04-13 18:35:28 192,512 ------w c:\windows\ServicePackFiles\i386\spra0424.dll
+ 2008-04-13 18:38:37 757,248 ------w c:\windows\ServicePackFiles\i386\sprb041b.dll
+ 2008-04-13 18:38:36 732,160 ------w c:\windows\ServicePackFiles\i386\sprb0424.dll
+ 2008-04-13 18:40:04 577,536 ------w c:\windows\ServicePackFiles\i386\sprc041b.dll
+ 2008-04-13 18:40:05 576,512 ------w c:\windows\ServicePackFiles\i386\sprc0424.dll
+ 2008-04-14 00:12:06 250,368 ------w c:\windows\ServicePackFiles\i386\sptip.dll
+ 2008-04-14 00:12:36 20,992 ------w c:\windows\ServicePackFiles\i386\spupdwxp.exe
+ 2008-04-14 00:12:06 151,552 ------w c:\windows\ServicePackFiles\i386\sqldb20.dll
+ 2008-04-14 00:12:06 528,384 ------w c:\windows\ServicePackFiles\i386\sqloledb.dll
+ 2008-04-14 00:12:06 462,848 ------w c:\windows\ServicePackFiles\i386\sqlqp20.dll
+ 2008-04-14 00:12:06 110,592 ------w c:\windows\ServicePackFiles\i386\sqlse20.dll
+ 2008-04-14 00:12:06 442,368 ------w c:\windows\ServicePackFiles\i386\sqlsrv32.dll
+ 2008-04-14 00:12:06 180,800 ------w c:\windows\ServicePackFiles\i386\sqlunirl.dll
+ 2008-04-14 00:12:06 217,088 ------w c:\windows\ServicePackFiles\i386\sqlxmlx.dll
+ 2008-04-13 18:36:52 73,472 ------w c:\windows\ServicePackFiles\i386\sr.sys
+ 2008-04-14 00:12:06 58,434 ------w c:\windows\ServicePackFiles\i386\srchctls.dll
+ 2008-04-14 00:12:07 726,078 ------w c:\windows\ServicePackFiles\i386\srchui.dll
+ 2008-04-14 00:12:07 67,584 ------w c:\windows\ServicePackFiles\i386\srclient.dll
+ 2008-04-14 00:12:07 239,104 ------w c:\windows\ServicePackFiles\i386\srrstr.dll
+ 2008-04-14 00:12:07 171,008 ------w c:\windows\ServicePackFiles\i386\srsvc.dll
+ 2008-04-13 19:15:11 334,848 ------w c:\windows\ServicePackFiles\i386\srv.sys
+ 2008-04-14 00:12:07 96,768 ------w c:\windows\ServicePackFiles\i386\srvsvc.dll
+ 2008-04-14 00:12:43 704,512 ------w c:\windows\ServicePackFiles\i386\ss3dfo.scr
+ 2008-04-14 00:12:43 19,968 ------w c:\windows\ServicePackFiles\i386\ssbezier.scr
+ 2008-04-14 00:12:07 34,816 ------w c:\windows\ServicePackFiles\i386\ssdpapi.dll
+ 2008-04-14 00:12:07 71,680 ------w c:\windows\ServicePackFiles\i386\ssdpsrv.dll
+ 2008-04-14 00:12:43 393,216 ------w c:\windows\ServicePackFiles\i386\ssflwbox.scr
+ 2008-04-14 00:12:44 20,992 ------w c:\windows\ServicePackFiles\i386\ssmarque.scr
+ 2008-04-14 00:12:44 47,104 ------w c:\windows\ServicePackFiles\i386\ssmypics.scr
+ 2008-04-14 00:12:44 18,944 ------w c:\windows\ServicePackFiles\i386\ssmyst.scr
+ 2008-04-14 00:12:44 610,304 ------w c:\windows\ServicePackFiles\i386\sspipes.scr
+ 2008-04-14 00:12:44 14,336 ------w c:\windows\ServicePackFiles\i386\ssstars.scr
+ 2008-04-14 00:12:44 679,936 ------w c:\windows\ServicePackFiles\i386\sstext3d.scr
+ 2008-04-14 00:12:07 33,280 ------w c:\windows\ServicePackFiles\i386\sstub.dll
+ 2008-04-14 00:12:07 26,624 ------w c:\windows\ServicePackFiles\i386\startoc.dll
+ 2008-04-14 00:12:07 59,392 ------w c:\windows\ServicePackFiles\i386\stclient.dll
+ 2008-04-14 00:12:07 86,528 ------w c:\windows\ServicePackFiles\i386\stdprov.dll
+ 2008-04-14 00:12:07 68,096 ------w c:\windows\ServicePackFiles\i386\sti.dll
+ 2008-04-14 00:12:07 136,704 ------w c:\windows\ServicePackFiles\i386\sti_ci.dll
+ 2008-04-14 00:12:36 14,848 ------w c:\windows\ServicePackFiles\i386\stimon.exe
+ 2008-04-14 00:12:07 121,856 ------w c:\windows\ServicePackFiles\i386\stobject.dll
+ 2008-04-14 00:12:07 74,752 ------w c:\windows\ServicePackFiles\i386\storprop.dll
+ 2008-04-13 18:45:15 49,408 ------w c:\windows\ServicePackFiles\i386\stream.sys
+ 2008-04-13 18:46:21 15,232 ------w c:\windows\ServicePackFiles\i386\streamip.sys
+ 2008-04-14 00:12:07 75,776 ------w c:\windows\ServicePackFiles\i386\strmfilt.dll
+ 2008-04-14 00:12:36 16,449 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe
+ 2008-04-14 00:12:36 65,601 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe
+ 2008-04-14 00:12:36 14,336 ------w c:\windows\ServicePackFiles\i386\svchost.exe
+ 2008-04-13 18:39:53 4,352 ------w c:\windows\ServicePackFiles\i386\swenum.sys
+ 2008-04-13 18:45:09 56,576 ------w c:\windows\ServicePackFiles\i386\swmidi.sys
+ 2008-04-14 00:12:07 713,216 ------w c:\windows\ServicePackFiles\i386\sxs.dll
+ 2008-04-14 00:12:07 57,856 ------w c:\windows\ServicePackFiles\i386\synceng.dll
+ 2008-04-14 00:12:07 191,488 ------w c:\windows\ServicePackFiles\i386\syncui.dll
+ 2008-04-13 19:15:55 60,800 ------w c:\windows\ServicePackFiles\i386\sysaudio.sys
+ 2008-04-14 00:12:07 193,024 ------w c:\windows\ServicePackFiles\i386\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w c:\windows\ServicePackFiles\i386\sysmoda.dll
+ 2008-04-14 00:12:37 106,496 ------w c:\windows\ServicePackFiles\i386\sysocmgr.exe
+ 2008-04-14 00:12:07 990,208 ------w c:\windows\ServicePackFiles\i386\syssetup.dll
+ 2008-04-14 00:12:07 117,760 ------w c:\windows\ServicePackFiles\i386\t2embed.dll
+ 2008-04-13 18:40:50 14,976 ------w c:\windows\ServicePackFiles\i386\tape.sys
+ 2008-04-14 00:12:07 858,624 ------w c:\windows\ServicePackFiles\i386\tapi3.dll
+ 2008-04-14 00:12:07 181,760 ------w c:\windows\ServicePackFiles\i386\tapi32.dll
+ 2008-04-14 00:12:07 249,856 ------w c:\windows\ServicePackFiles\i386\tapisrv.dll
+ 2008-04-14 00:12:37 135,680 ------w c:\windows\ServicePackFiles\i386\taskmgr.exe
+ 2008-04-13 19:20:16 361,344 ------w c:\windows\ServicePackFiles\i386\tcpip.sys
+ 2008-04-13 19:00:02 225,664 ------w c:\windows\ServicePackFiles\i386\tcpip6.sys
+ 2008-04-14 00:12:07 14,848 ------w c:\windows\ServicePackFiles\i386\tcpmib.dll
+ 2008-04-14 00:12:07 45,568 ------w c:\windows\ServicePackFiles\i386\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ------w c:\windows\ServicePackFiles\i386\tcpmonui.dll
+ 2008-04-14 00:12:37 32,827 ------w c:\windows\ServicePackFiles\i386\tcptest.exe
+ 2007-04-02 16:36:07 16,384 ------w c:\windows\ServicePackFiles\i386\tcptsat.dll
+ 2008-04-13 19:00:05 19,072 ------w c:\windows\ServicePackFiles\i386\tdi.sys
+ 2008-04-14 00:13:20 12,040 ------w c:\windows\ServicePackFiles\i386\tdpipe.sys
+ 2008-04-14 00:13:21 21,896 ------w c:\windows\ServicePackFiles\i386\tdtcp.sys
+ 2008-04-14 00:12:37 75,776 ------w c:\windows\ServicePackFiles\i386\telnet.exe
+ 2008-04-14 00:13:20 40,840 ------w c:\windows\ServicePackFiles\i386\termdd.sys
+ 2008-04-14 00:12:07 358,400 ------w c:\windows\ServicePackFiles\i386\termmgr.dll
+ 2008-04-14 00:12:07 295,424 ------w c:\windows\ServicePackFiles\i386\termsrv.dll
+ 2008-04-13 18:40:50 149,376 ------w c:\windows\ServicePackFiles\i386\tffsport.sys
+ 2008-04-14 00:12:07 385,536 ------w c:\windows\ServicePackFiles\i386\themeui.dll
+ 2008-04-14 00:12:38 347,136 ------w c:\windows\ServicePackFiles\i386\tourstrt.exe
+ 2008-04-14 00:12:38 82,944 ------w c:\windows\ServicePackFiles\i386\tp4mon.exe
+ 2008-04-14 00:12:38 12,288 ------w c:\windows\ServicePackFiles\i386\tracert.exe
+ 2008-04-14 00:12:42 12,800 ------w c:\windows\ServicePackFiles\i386\tree.com
+ 2008-04-14 00:12:07 153,088 ------w c:\windows\ServicePackFiles\i386\triedit.dll
+ 2008-04-14 00:12:07 90,112 ------w c:\windows\ServicePackFiles\i386\trkwks.dll
+ 2008-01-18 15:13:09 2,247 ------w c:\windows\ServicePackFiles\i386\tscdsbl.bat
+ 2008-04-14 00:12:07 93,696 ------w c:\windows\ServicePackFiles\i386\tscfgwmi.dll
+ 2007-12-12 10:33:51 18,917 ------w c:\windows\ServicePackFiles\i386\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w c:\windows\ServicePackFiles\i386\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w c:\windows\ServicePackFiles\i386\tscupdc.dll
+ 2008-04-14 00:13:21 12,168 ------w c:\windows\ServicePackFiles\i386\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w c:\windows\ServicePackFiles\i386\tsgqec.dll
+ 2008-04-14 00:12:07 279,040 ------w c:\windows\ServicePackFiles\i386\tshoot.dll
+ 2008-04-14 00:12:07 130,048 ------w c:\windows\ServicePackFiles\i386\tsoc.dll
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\ServicePackFiles\i386\tspkg.dll
+ 2008-04-14 00:12:07 8,704 ------w c:\windows\ServicePackFiles\i386\tty.dll
+ 2007-04-02 15:31:00 39,936 ------w c:\windows\ServicePackFiles\i386\ttyres.dll
+ 2008-04-14 00:12:07 16,384 ------w c:\windows\ServicePackFiles\i386\ttyui.dll
+ 2008-04-13 18:56:01 12,288 ------w c:\windows\ServicePackFiles\i386\tunmp.sys
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\ServicePackFiles\i386\twain_32.dll
+ 2008-04-14 00:12:07 57,856 ------w c:\windows\ServicePackFiles\i386\twext.dll
+ 2008-04-14 00:12:07 101,376 ------w c:\windows\ServicePackFiles\i386\txflog.dll
+ 2008-04-14 00:12:38 60,416 ------w c:\windows\ServicePackFiles\i386\tzchange.exe
+ 2008-04-13 18:36:40 44,672 ------w c:\windows\ServicePackFiles\i386\uagp35.sys
+ 2008-04-13 18:32:36 66,048 ------w c:\windows\ServicePackFiles\i386\udfs.sys
+ 2008-04-14 00:12:07 26,624 ------w c:\windows\ServicePackFiles\i386\udhisapi.dll
+ 2008-04-14 00:12:07 275,456 ------w c:\windows\ServicePackFiles\i386\ulib.dll
+ 2008-04-14 00:12:07 35,840 ------w c:\windows\ServicePackFiles\i386\umandlg.dll
+ 2008-04-14 00:12:07 123,392 ------w c:\windows\ServicePackFiles\i386\umpnpmgr.dll
+ 2008-04-14 00:12:07 373,248 ------w c:\windows\ServicePackFiles\i386\unidrv.dll
+ 2008-04-14 00:12:07 744,448 ------w c:\windows\ServicePackFiles\i386\unidrvui.dll
+ 2008-04-14 00:12:07 74,240 ------w c:\windows\ServicePackFiles\i386\unimdmat.dll
+ 2008-04-14 00:12:07 13,824 ------w c:\windows\ServicePackFiles\i386\uniplat.dll
+ 2007-05-15 08:08:53 761,344 ------w c:\windows\ServicePackFiles\i386\unires.dll
+ 2008-04-14 00:12:07 316,416 ------w c:\windows\ServicePackFiles\i386\untfs.dll
+ 2008-04-13 18:39:46 384,768 ------w c:\windows\ServicePackFiles\i386\update.sys
+ 2008-04-14 00:12:38 150,528 ------w c:\windows\ServicePackFiles\i386\uploadm.exe
+ 2008-04-14 00:12:08 133,632 ------w c:\windows\ServicePackFiles\i386\upnp.dll
+ 2008-04-14 00:12:38 16,896 ------w c:\windows\ServicePackFiles\i386\upnpcont.exe
+ 2008-04-14 00:12:08 185,856 ------w c:\windows\ServicePackFiles\i386\upnphost.dll
+ 2008-04-14 00:12:08 239,616 ------w c:\windows\ServicePackFiles\i386\upnpui.dll
+ 2008-04-14 00:12:38 18,432 ------w c:\windows\ServicePackFiles\i386\ups.exe
+ 2008-04-14 00:12:08 37,888 ------w c:\windows\ServicePackFiles\i386\url.dll
+ 2008-04-14 00:12:08 619,520 ------w c:\windows\ServicePackFiles\i386\urlmon.dll
+ 2004-08-04 03:31:26 32,384 ------w c:\windows\ServicePackFiles\i386\usb101et.sys
+ 2008-04-13 18:56:49 12,800 ------w c:\windows\ServicePackFiles\i386\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w c:\windows\ServicePackFiles\i386\usb8023x.sys
+ 2008-04-13 18:45:12 60,032 ------w c:\windows\ServicePackFiles\i386\usbaudio.sys
+ 2008-04-13 18:45:40 25,600 ------w c:\windows\ServicePackFiles\i386\usbcamd.sys
+ 2008-04-13 18:45:41 25,728 ------w c:\windows\ServicePackFiles\i386\usbcamd2.sys
+ 2008-04-13 18:45:39 32,128 ------w c:\windows\ServicePackFiles\i386\usbccgp.sys
+ 2008-04-13 18:45:35 30,208 ------w c:\windows\ServicePackFiles\i386\usbehci.sys
+ 2008-04-13 18:45:37 59,520 ------w c:\windows\ServicePackFiles\i386\usbhub.sys
+ 2008-04-13 18:45:43 15,872 ------w c:\windows\ServicePackFiles\i386\usbintel.sys
+ 2008-04-14 00:12:08 16,896 ------w c:\windows\ServicePackFiles\i386\usbmon.dll
+ 2008-04-13 18:45:35 17,152 ------w c:\windows\ServicePackFiles\i386\usbohci.sys
+ 2008-04-13 18:45:36 143,872 ------w c:\windows\ServicePackFiles\i386\usbport.sys
+ 2008-04-13 18:47:37 25,856 ------w c:\windows\ServicePackFiles\i386\usbprint.sys
+ 2008-04-13 18:45:34 15,104 ------w c:\windows\ServicePackFiles\i386\usbscan.sys
+ 2008-04-13 18:45:36 26,112 ------w c:\windows\ServicePackFiles\i386\usbser.sys
+ 2008-04-13 18:45:38 26,368 ------w c:\windows\ServicePackFiles\i386\usbstor.sys
+ 2008-04-13 18:45:35 20,608 ------w c:\windows\ServicePackFiles\i386\usbuhci.sys
+ 2008-04-14 00:12:08 74,240 ------w c:\windows\ServicePackFiles\i386\usbui.dll
+ 2008-04-13 18:46:20 121,984 ------w c:\windows\ServicePackFiles\i386\usbvideo.sys
+ 2008-04-14 00:12:08 578,560 ------w c:\windows\ServicePackFiles\i386\user32.dll
+ 2008-04-14 00:12:08 727,040 ------w c:\windows\ServicePackFiles\i386\userenv.dll
+ 2008-04-14 00:12:38 26,112 ------w c:\windows\ServicePackFiles\i386\userinit.exe
+ 2008-04-14 00:12:08 406,016 ------w c:\windows\ServicePackFiles\i386\usp10.dll
+ 2008-04-14 00:12:38 50,176 ------w c:\windows\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 00:12:08 218,624 ------w c:\windows\ServicePackFiles\i386\uxtheme.dll
+ 2008-04-14 00:12:08 30,749 ------w c:\windows\ServicePackFiles\i386\vbajet32.dll
+ 2008-04-14 00:12:08 434,176 ------w c:\windows\ServicePackFiles\i386\vbscript.dll
+ 2008-04-14 00:12:08 11,325 ------w c:\windows\ServicePackFiles\i386\vchnt5.dll
+ 2008-04-14 00:12:08 26,112 ------w c:\windows\ServicePackFiles\i386\vdmdbg.dll
+ 2008-04-14 00:12:08 51,712 ------w c:\windows\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:38 28,672 ------w c:\windows\ServicePackFiles\i386\verclsid.exe
+ 2008-04-14 00:12:08 26,624 ------w c:\windows\ServicePackFiles\i386\verifier.dll
+ 2008-04-14 00:12:08 18,944 ------w c:\windows\ServicePackFiles\i386\version.dll
+ 2008-04-14 00:12:08 53,760 ------w c:\windows\ServicePackFiles\i386\vfwwdm32.dll
+ 2008-04-13 18:44:40 20,992 ------w c:\windows\ServicePackFiles\i386\vga.sys
+ 2008-04-14 00:12:08 851,968 ------w c:\windows\ServicePackFiles\i386\vgx.dll
+ 2008-04-13 18:36:40 42,240 ------w c:\windows\ServicePackFiles\i386\viaagp.sys
+ 2008-04-13 18:40:31 5,376 ------w c:\windows\ServicePackFiles\i386\viaide.sys
+ 2008-04-13 18:44:40 81,664 ------w c:\windows\ServicePackFiles\i386\videoprt.sys
+ 2008-04-14 00:12:08 131,584 ------w c:\windows\ServicePackFiles\i386\viewprov.dll
+ 2008-04-13 18:41:01 52,352 ------w c:\windows\ServicePackFiles\i386\volsnap.sys
+ 2008-04-14 00:12:08 430,592 ------w c:\windows\ServicePackFiles\i386\vssapi.dll
+ 2008-04-14 00:12:38 289,792 ------w c:\windows\ServicePackFiles\i386\vssvc.exe
+ 2008-04-14 00:12:08 175,104 ------w c:\windows\ServicePackFiles\i386\w32time.dll
+ 2008-04-14 00:12:08 15,872 ------w c:\windows\ServicePackFiles\i386\w3ssl.dll
+ 2008-04-14 00:12:08 483,840 ------w c:\windows\ServicePackFiles\i386\w95upgnt.dll
+ 2008-04-14 00:12:38 46,080 ------w c:\windows\ServicePackFiles\i386\wab.exe
+ 2008-04-14 00:12:08 510,976 ------w c:\windows\ServicePackFiles\i386\wab32.dll
+ 2008-04-13 16:21:48 249,856 ------w c:\windows\ServicePackFiles\i386\wab32res.dll
+ 2008-04-14 00:12:08 32,768 ------w c:\windows\ServicePackFiles\i386\wabfind.dll
+ 2008-04-14 00:12:08 85,504 ------w c:\windows\ServicePackFiles\i386\wabimp.dll
+ 2008-04-14 00:12:39 30,208 ------w c:\windows\ServicePackFiles\i386\wabmig.exe
+ 2008-04-13 18:43:55 14,208 ------w c:\windows\ServicePackFiles\i386\wacompen.sys
+ 2004-08-04 03:29:38 12,415 ------w c:\windows\ServicePackFiles\i386\wadv01nt.sys
+ 2004-08-04 03:29:38 12,127 ------w c:\windows\ServicePackFiles\i386\wadv02nt.sys
+ 2004-08-04 03:29:38 11,775 ------w c:\windows\ServicePackFiles\i386\wadv05nt.sys
+ 2004-08-04 03:29:40 11,807 ------w c:\windows\ServicePackFiles\i386\wadv07nt.sys
+ 2004-08-04 03:29:40 11,295 ------w c:\windows\ServicePackFiles\i386\wadv08nt.sys
+ 2004-08-04 03:29:42 11,871 ------w c:\windows\ServicePackFiles\i386\wadv09nt.sys
+ 2004-08-04 03:29:42 11,935 ------w c:\windows\ServicePackFiles\i386\wadv11nt.sys
+ 2008-04-13 18:57:21 34,560 ------w c:\windows\ServicePackFiles\i386\wanarp.sys
+ 2008-04-13 18:44:59 17,664 ------w c:\windows\ServicePackFiles\i386\watchdog.sys
+ 2004-08-04 03:29:42 29,311 ------w c:\windows\ServicePackFiles\i386\watv01nt.sys
+ 2004-08-04 03:29:44 19,551 ------w c:\windows\ServicePackFiles\i386\watv02nt.sys
+ 2004-08-04 03:29:44 33,599 ------w c:\windows\ServicePackFiles\i386\watv04nt.sys
+ 2004-08-04 03:29:46 22,271 ------w c:\windows\ServicePackFiles\i386\watv06nt.sys
+ 2004-08-04 03:29:46 25,471 ------w c:\windows\ServicePackFiles\i386\watv10nt.sys
+ 2008-04-14 00:12:08 215,552 ------w c:\windows\ServicePackFiles\i386\wavemsp.dll
+ 2008-04-14 00:12:08 196,608 ------w c:\windows\ServicePackFiles\i386\wbemcntl.dll
+ 2008-04-14 00:12:08 214,528 ------w c:\windows\ServicePackFiles\i386\wbemcomn.dll
+ 2008-04-14 00:12:08 71,680 ------w c:\windows\ServicePackFiles\i386\wbemcons.dll
+ 2008-04-14 00:12:08 531,456 ------w c:\windows\ServicePackFiles\i386\wbemcore.dll
+ 2008-04-14 00:12:08 178,176 ------w c:\windows\ServicePackFiles\i386\wbemdisp.dll
+ 2008-04-14 00:12:08 273,920 ------w c:\windows\ServicePackFiles\i386\wbemess.dll
+ 2008-04-14 00:12:08 43,008 ------w c:\windows\ServicePackFiles\i386\wbemperf.dll
+ 2008-04-14 00:12:08 18,944 ------w c:\windows\ServicePackFiles\i386\wbemprox.dll
+ 2008-04-14 00:12:08 43,520 ------w c:\windows\ServicePackFiles\i386\wbemsvc.dll
+ 2008-04-14 00:12:39 116,224 ------w c:\windows\ServicePackFiles\i386\wbemtest.exe
+ 2008-04-14 00:12:08 197,120 ------w c:\windows\ServicePackFiles\i386\wbemupgd.dll
+ 2008-04-13 18:45:38 31,744 ------w c:\windows\ServicePackFiles\i386\wceusbsh.sys
+ 2004-08-04 03:29:46 23,615 ------w c:\windows\ServicePackFiles\i386\wch7xxnt.sys
+ 2008-04-14 00:12:08 49,152 ------w c:\windows\ServicePackFiles\i386\wdigest.dll
+ 2008-04-14 00:12:45 23,552 ------w c:\windows\ServicePackFiles\i386\wdmaud.drv
+ 2008-04-13 19:17:18 83,072 ------w c:\windows\ServicePackFiles\i386\wdmaud.sys
+ 2008-04-14 00:12:08 276,480 ------w c:\windows\ServicePackFiles\i386\webcheck.dll
+ 2008-04-14 00:12:08 68,096 ------w c:\windows\ServicePackFiles\i386\webclnt.dll
+ 2008-04-14 00:12:08 135,680 ------w c:\windows\ServicePackFiles\i386\webvw.dll
+ 2008-04-14 00:12:39 65,024 ------w c:\windows\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 00:12:39 433,664 ------w c:\windows\ServicePackFiles\i386\wiaacmgr.exe
+ 2008-04-14 00:12:08 463,360 ------w c:\windows\ServicePackFiles\i386\wiadefui.dll
+ 2008-04-14 00:12:08 124,416 ------w c:\windows\ServicePackFiles\i386\wiadss.dll
+ 2008-04-14 00:12:08 75,776 ------w c:\windows\ServicePackFiles\i386\wiascr.dll
+ 2008-04-14 00:12:08 333,824 ------w c:\windows\ServicePackFiles\i386\wiaservc.dll
+ 2008-04-14 00:12:08 589,312 ------w c:\windows\ServicePackFiles\i386\wiashext.dll
+ 2008-04-14 00:12:08 111,104 ------w c:\windows\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 712,704 ------w c:\windows\ServicePackFiles\i386\wic.dll
+ 2008-04-14 00:12:08 346,112 ------w c:\windows\ServicePackFiles\i386\wicext.dll
+ 2008-04-13 19:30:10 1,845,632 ------w c:\windows\ServicePackFiles\i386\win32k.sys
+ 2008-04-14 00:12:08 102,400 ------w c:\windows\ServicePackFiles\i386\win32spl.dll
+ 2008-04-13 16:48:53 1,647,616 ------w c:\windows\ServicePackFiles\i386\winbrand.dll
+ 2008-04-14 00:12:39 283,648 ------w c:\windows\ServicePackFiles\i386\winhlp32.exe
+ 2008-04-14 00:12:08 354,304 ------w c:\windows\ServicePackFiles\i386\winhttp.dll
+ 2008-04-14 00:12:08 666,112 ------w c:\windows\ServicePackFiles\i386\wininet.dll
+ 2008-04-14 00:12:09 32,256 ------w c:\windows\ServicePackFiles\i386\winipsec.dll
+ 2008-04-14 00:12:39 507,904 ------w c:\windows\ServicePackFiles\i386\winlogon.exe
+ 2008-04-14 00:12:09 176,128 ------w c:\windows\ServicePackFiles\i386\winmm.dll
+ 2004-08-04 12:00:00 5,120 ------w c:\windows\ServicePackFiles\i386\winnls.dll
+ 2008-04-14 00:11:11 756,224 ------w c:\windows\ServicePackFiles\i386\winntbbu.dll
+ 2008-04-14 00:12:09 16,896 ------w c:\windows\ServicePackFiles\i386\winrnr.dll
+ 2008-04-14 00:12:09 99,328 ------w c:\windows\ServicePackFiles\i386\winscard.dll
+ 2008-04-14 00:12:09 17,408 ------w c:\windows\ServicePackFiles\i386\winshfhc.dll
+ 2008-04-14 00:12:45 146,432 ------w c:\windows\ServicePackFiles\i386\winspool.drv
+ 2008-04-14 00:12:09 293,376 ------w c:\windows\ServicePackFiles\i386\winsrv.dll
+ 2008-04-14 00:12:09 53,760 ------w c:\windows\ServicePackFiles\i386\winsta.dll
+ 2008-04-14 00:12:09 176,640 ------w c:\windows\ServicePackFiles\i386\wintrust.dll
+ 2008-04-14 00:12:40 5,632 ------w c:\windows\ServicePackFiles\i386\winver.exe
+ 2008-04-14 00:12:09 132,096 ------w c:\windows\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w c:\windows\ServicePackFiles\i386\wlanapi.dll
+ 2008-04-14 00:12:09 172,032 ------w c:\windows\ServicePackFiles\i386\wldap32.dll
+ 2004-08-04 03:31:28 154,624 ------w c:\windows\ServicePackFiles\i386\wlluc48.sys
+ 2008-04-14 00:12:09 92,672 ------w c:\windows\ServicePackFiles\i386\wlnotify.dll
+ 2008-04-14 00:11:15 5,632 ------w c:\windows\ServicePackFiles\i386\wmi.dll
+ 2008-04-13 18:36:38 8,832 ------w c:\windows\ServicePackFiles\i386\wmiacpi.sys
+ 2008-04-14 00:12:40 196,608 ------w c:\windows\ServicePackFiles\i386\wmiadap.exe
+ 2008-04-13 17:10:20 6,656 ------w c:\windows\ServicePackFiles\i386\wmiapres.dll
+ 2008-04-14 00:12:09 88,576 ------w c:\windows\ServicePackFiles\i386\wmiaprpl.dll
+ 2008-04-14 00:12:40 126,464 ------w c:\windows\ServicePackFiles\i386\wmiapsrv.exe
+ 2008-04-14 00:12:09 60,928 ------w c:\windows\ServicePackFiles\i386\wmicookr.dll
+ 2008-04-14 00:12:09 140,800 ------w c:\windows\ServicePackFiles\i386\wmidcprv.dll
+ 2008-04-14 00:12:09 156,672 ------w c:\windows\ServicePackFiles\i386\wmipcima.dll
+ 2008-04-14 00:12:09 132,096 ------w c:\windows\ServicePackFiles\i386\wmipdskq.dll
+ 2008-04-14 00:12:09 61,952 ------w c:\windows\ServicePackFiles\i386\wmipiprt.dll
+ 2008-04-14 00:12:09 62,464 ------w c:\windows\ServicePackFiles\i386\wmipjobj.dll
+ 2008-04-14 00:12:09 144,896 ------w c:\windows\ServicePackFiles\i386\wmiprov.dll
+ 2008-04-14 00:12:09 437,248 ------w c:\windows\ServicePackFiles\i386\wmiprvsd.dll
+ 2008-04-14 00:12:40 218,112 ------w c:\windows\ServicePackFiles\i386\wmiprvse.exe
+ 2008-04-14 00:12:09 41,472 ------w c:\windows\ServicePackFiles\i386\wmipsess.dll
+ 2008-04-14 00:12:09 144,896 ------w c:\windows\ServicePackFiles\i386\wmisvc.dll
+ 2008-04-14 00:12:09 95,232 ------w c:\windows\ServicePackFiles\i386\wmiutils.dll
+ 2008-04-14 00:12:09 167,936 ------w c:\windows\ServicePackFiles\i386\wmm2ae.dll
+ 2008-04-14 00:12:09 4,096 ------w c:\windows\ServicePackFiles\i386\wmm2eres.dll
+ 2008-04-14 00:12:09 7,680 ------w c:\windows\ServicePackFiles\i386\wmm2ext.dll
+ 2008-04-14 00:12:09 402,432 ------w c:\windows\ServicePackFiles\i386\wmm2filt.dll
+ 2008-04-14 00:12:09 502,272 ------w c:\windows\ServicePackFiles\i386\wmm2fxa.dll
+ 2008-04-14 00:12:09 325,632 ------w c:\windows\ServicePackFiles\i386\wmm2fxb.dll
+ 2008-04-14 00:12:09 4,256,768 ------w c:\windows\ServicePackFiles\i386\wmm2res.dll
+ 2008-04-14 00:12:09 5,632 ------w c:\windows\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 276,992 ------w c:\windows\ServicePackFiles\i386\wmphoto.dll
+ 2008-04-14 00:12:40 214,528 ------w c:\windows\ServicePackFiles\i386\wordpad.exe
+ 2008-04-14 00:12:10 264,192 ------w c:\windows\ServicePackFiles\i386\wow32.dll
+ 2008-04-14 00:12:40 32,256 ------w c:\windows\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 00:12:41 11,264 ------w c:\windows\ServicePackFiles\i386\wpnpinst.exe
+ 2008-04-14 00:12:10 82,432 ------w c:\windows\ServicePackFiles\i386\ws2_32.dll
+ 2008-04-14 00:12:10 19,968 ------w c:\windows\ServicePackFiles\i386\ws2help.dll
+ 2008-04-14 00:12:41 13,824 ------w c:\windows\ServicePackFiles\i386\wscntfy.exe
+ 2008-04-14 00:12:41 155,648 ------w c:\windows\ServicePackFiles\i386\wscript.exe
+ 2008-04-14 00:12:10 80,896 ------w c:\windows\ServicePackFiles\i386\wscsvc.dll
+ 2008-04-14 00:12:10 108,032 ------w c:\windows\ServicePackFiles\i386\wshbth.dll
+ 2008-04-14 00:12:10 36,864 ------w c:\windows\ServicePackFiles\i386\wshcon.dll
+ 2008-04-14 00:12:10 90,112 ------w c:\windows\ServicePackFiles\i386\wshext.dll
+ 2008-04-14 00:12:10 14,336 ------w c:\windows\ServicePackFiles\i386\wship6.dll
+ 2008-04-14 00:12:10 8,192 ------w c:\windows\ServicePackFiles\i386\wshirda.dll
+ 2008-04-14 00:12:10 11,264 ------w c:\windows\ServicePackFiles\i386\wshrm.dll
+ 2008-04-14 00:12:10 19,456 ------w c:\windows\ServicePackFiles\i386\wshtcpip.dll
+ 2004-08-04 03:29:48 12,063 ------w c:\windows\ServicePackFiles\i386\wsiintxx.sys
+ 2008-04-14 00:12:10 41,984 ------w c:\windows\ServicePackFiles\i386\wsnmp32.dll
+ 2008-04-14 00:12:10 22,528 ------w c:\windows\ServicePackFiles\i386\wsock32.dll
+ 2008-04-13 18:46:24 19,200 ------w c:\windows\ServicePackFiles\i386\wstcodec.sys
+ 2008-04-14 00:12:10 50,688 ------w c:\windows\ServicePackFiles\i386\wstdecod.dll
+ 2008-04-14 00:12:10 18,432 ------w c:\windows\ServicePackFiles\i386\wtsapi32.dll
+ 2008-04-14 00:12:10 430,592 ------w c:\windows\ServicePackFiles\i386\wuapi.dll
+ 2008-04-14 00:12:41 111,104 ------w c:\windows\ServicePackFiles\i386\wuauclt.exe
+ 2008-04-14 00:12:41 165,888 ------w c:\windows\ServicePackFiles\i386\wuauclt1.exe
+ 2008-04-14 00:12:11 1,135,616 ------w c:\windows\ServicePackFiles\i386\wuaueng.dll
+ 2008-04-14 00:12:11 183,296 ------w c:\windows\ServicePackFiles\i386\wuaueng1.dll
+ 2008-04-14 00:12:11 6,656 ------w c:\windows\ServicePackFiles\i386\wuauserv.dll
+ 2008-04-14 00:12:11 112,640 ------w c:\windows\ServicePackFiles\i386\wucltui.dll
+ 2008-04-14 00:12:11 32,256 ------w c:\windows\ServicePackFiles\i386\wups.dll
+ 2008-04-14 00:12:11 120,320 ------w c:\windows\ServicePackFiles\i386\wuweb.dll
+ 2004-08-04 03:29:50 19,455 ------w c:\windows\ServicePackFiles\i386\wvchntxx.sys
+ 2008-04-14 00:12:11 383,488 ------w c:\windows\ServicePackFiles\i386\wzcdlg.dll
+ 2008-04-14 00:12:11 52,736 ------w c:\windows\ServicePackFiles\i386\wzcsapi.dll
+ 2008-04-14 00:12:11 483,840 ------w c:\windows\ServicePackFiles\i386\wzcsvc.dll
+ 2008-04-14 00:12:11 91,648 ------w c:\windows\ServicePackFiles\i386\xactsrv.dll
+ 2008-04-14 00:12:41 30,720 ------w c:\windows\ServicePackFiles\i386\xcopy.exe
+ 2004-08-04 12:00:00 174,200 ------w c:\windows\ServicePackFiles\i386\xenroll.dll
+ 2008-04-14 00:12:11 121,856 ------w c:\windows\ServicePackFiles\i386\xmllite.dll
+ 2008-04-14 00:12:11 129,024 ------w c:\windows\ServicePackFiles\i386\xmlprov.dll
+ 2008-04-14 00:12:11 50,176 ------w c:\windows\ServicePackFiles\i386\xmlprovi.dll
+ 2008-04-14 00:12:11 11,776 ------w c:\windows\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-13 18:53:32 558,080 ------w c:\windows\ServicePackFiles\i386\xpnetdg.exe
+ 2008-04-13 17:39:29 438,784 ------w c:\windows\ServicePackFiles\i386\xpob2res.dll
+ 2008-04-13 17:39:22 187,392 ------w c:\windows\ServicePackFiles\i386\xpsp1res.dll
+ 2008-04-13 17:39:24 2,897,920 ------w c:\windows\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:26 689,152 ------w c:\windows\ServicePackFiles\i386\xpsp3res.dll
+ 2008-04-14 00:12:11 18,944 ------w c:\windows\ServicePackFiles\i386\xrxscnui.dll
+ 2008-04-14 00:12:11 116,224 ------w c:\windows\ServicePackFiles\i386\xrxwiadr.dll
+ 2008-04-14 00:12:11 338,432 ------w c:\windows\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\custsat.dll
+ 2008-04-14 00:11:59 82,944 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msgslang.dll
+ 2008-04-14 00:12:28 1,695,232 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\slrundll.exe
- 2004-08-04 12:00:00 3,166,208 -c--a-w c:\windows\srchasst\msgr3en.dll
+ 2008-04-14 00:11:59 3,166,208 ----a-w c:\windows\srchasst\msgr3en.dll
- 2004-08-04 12:00:00 58,434 -c--a-w c:\windows\srchasst\srchctls.dll
+ 2008-04-14 00:12:06 58,434 ----a-w c:\windows\srchasst\srchctls.dll
- 2004-08-04 12:00:00 725,566 -c--a-w c:\windows\srchasst\srchui.dll
+ 2008-04-14 00:12:07 726,078 ----a-w c:\windows\srchasst\srchui.dll
- 2004-08-04 12:00:00 146,432 -c--a-w c:\windows\system\WINSPOOL.DRV
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system\winspool.drv
- 2006-08-16 11:58:05 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2008-04-14 00:11:48 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w c:\windows\system32\aaclient.dll
- 2004-08-04 12:00:00 114,688 ----a-w c:\windows\system32\aclui.dll
+ 2008-04-14 00:11:48 115,712 ----a-w c:\windows\system32\aclui.dll
- 2004-08-04 12:00:00 194,048 ----a-w c:\windows\system32\activeds.dll
+ 2008-04-14 00:11:48 193,536 ----a-w c:\windows\system32\activeds.dll
- 2004-08-04 12:00:00 4,096 ----a-w c:\windows\system32\actmovie.exe
+ 2008-04-14 00:12:12 4,096 ----a-w c:\windows\system32\actmovie.exe
- 2004-08-04 12:00:00 101,888 ----a-w c:\windows\system32\actxprxy.dll
+ 2008-04-14 00:11:48 98,304 ----a-w c:\windows\system32\actxprxy.dll
- 2004-08-04 12:00:00 175,616 ----a-w c:\windows\system32\adsldp.dll
+ 2008-04-14 00:11:48 175,616 ----a-w c:\windows\system32\adsldp.dll
- 2004-08-04 12:00:00 143,360 ----a-w c:\windows\system32\adsldpc.dll
+ 2008-04-14 00:11:48 143,360 ----a-w c:\windows\system32\adsldpc.dll
- 2004-08-04 12:00:00 68,096 ----a-w c:\windows\system32\adsmsext.dll
+ 2008-04-14 00:11:48 68,096 ----a-w c:\windows\system32\adsmsext.dll
- 2004-08-04 12:00:00 263,680 ----a-w c:\windows\system32\adsnt.dll
+ 2008-04-14 00:11:48 263,680 ----a-w c:\windows\system32\adsnt.dll
- 2004-08-04 12:00:00 98,304 ----a-w c:\windows\system32\ahui.exe
+ 2008-04-14 00:12:12 98,304 ----a-w c:\windows\system32\ahui.exe
- 2004-08-04 12:00:00 44,544 ----a-w c:\windows\system32\alg.exe
+ 2008-04-14 00:12:12 44,544 ----a-w c:\windows\system32\alg.exe
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\alrsvc.dll
+ 2008-04-14 00:11:49 17,408 ----a-w c:\windows\system32\alrsvc.dll
- 2004-08-04 12:00:00 70,656 ----a-w c:\windows\system32\amstream.dll
+ 2008-04-14 00:11:49 70,656 ----a-w c:\windows\system32\amstream.dll
- 2004-08-04 12:00:00 126,976 ----a-w c:\windows\system32\apphelp.dll
+ 2008-04-14 00:11:49 125,952 ----a-w c:\windows\system32\apphelp.dll
- 2004-08-04 12:00:00 65,024 ----a-w c:\windows\system32\asycfilt.dll
+ 2008-04-14 00:11:49 65,024 ----a-w c:\windows\system32\asycfilt.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\at.exe
+ 2008-04-14 00:12:12 25,088 ----a-w c:\windows\system32\at.exe
+ 2008-04-14 00:11:49 229,376 ------w c:\windows\system32\ati2cqag.dll
+ 2008-04-14 00:11:49 377,984 ------w c:\windows\system32\ati2dvaa.dll
+ 2008-04-14 00:11:49 201,728 ------w c:\windows\system32\ati2dvag.dll
+ 2008-04-14 00:11:49 870,784 ------w c:\windows\system32\ati3d1ag.dll
+ 2008-04-14 00:11:50 1,888,992 ------w c:\windows\system32\ati3duag.dll
+ 2008-04-14 00:11:50 32,768 ------w c:\windows\system32\ativtmxx.dll
+ 2008-04-14 00:11:50 516,768 ------w c:\windows\system32\ativvaxx.dll
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\atl.dll
+ 2008-04-14 00:11:50 58,880 ----a-w c:\windows\system32\atl.dll
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\atmadm.exe
+ 2008-04-14 00:12:12 11,264 ----a-w c:\windows\system32\atmadm.exe
- 2004-08-04 12:00:00 285,696 ----a-w c:\windows\system32\atmfd.dll
+ 2008-04-14 00:09:01 285,696 ----a-w c:\windows\system32\atmfd.dll
- 2004-08-04 12:00:00 30,208 ----a-w c:\windows\system32\atmlib.dll
+ 2008-04-14 00:11:50 30,208 ----a-w c:\windows\system32\atmlib.dll
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\attrib.exe
+ 2008-04-14 00:12:12 12,288 ----a-w c:\windows\system32\attrib.exe
- 2004-08-04 12:00:00 42,496 ----a-w c:\windows\system32\audiosrv.dll
+ 2008-04-14 00:11:50 42,496 ----a-w c:\windows\system32\audiosrv.dll
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\auditusr.exe
+ 2008-04-14 00:12:12 14,336 ----a-w c:\windows\system32\auditusr.exe
- 2005-03-02 18:09:29 56,832 ----a-w c:\windows\system32\authz.dll
+ 2008-04-14 00:11:50 62,464 ----a-w c:\windows\system32\authz.dll
- 2004-08-04 19:00:00 588,800 ----a-w c:\windows\system32\autochk.exe
+ 2008-04-14 00:12:12 588,800 ----a-w c:\windows\system32\autochk.exe
- 2004-08-04 12:00:00 602,624 ----a-w c:\windows\system32\autoconv.exe
+ 2008-04-14 00:12:12 602,624 ----a-w c:\windows\system32\autoconv.exe
- 2004-08-04 19:00:00 580,608 ----a-w c:\windows\system32\autofmt.exe
+ 2008-04-14 00:12:13 580,608 ----a-w c:\windows\system32\autofmt.exe
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\autolfn.exe
+ 2008-04-14 00:12:13 11,264 ----a-w c:\windows\system32\autolfn.exe
- 2004-08-04 12:00:00 84,992 ----a-w c:\windows\system32\avifil32.dll
+ 2008-04-14 00:11:50 84,992 ----a-w c:\windows\system32\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w c:\windows\system32\azroles.dll
- 2004-08-04 12:00:00 52,736 ----a-w c:\windows\system32\basesrv.dll
+ 2008-04-14 00:11:50 52,736 ----a-w c:\windows\system32\basesrv.dll
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\batmeter.dll
+ 2008-04-14 00:11:50 29,184 ----a-w c:\windows\system32\batmeter.dll
- 2004-08-04 12:00:00 8,704 ----a-w c:\windows\system32\batt.dll
+ 2008-04-14 00:11:50 8,704 ----a-w c:\windows\system32\batt.dll
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\bidispl.dll
+ 2008-04-14 00:11:50 17,408 ----a-w c:\windows\system32\bidispl.dll
+ 2008-04-14 00:12:03 409,088 ------w c:\windows\system32\bits\qmgr.dll
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\bitsprx2.dll
+ 2008-04-14 00:11:50 8,192 ----a-w c:\windows\system32\bitsprx2.dll
- 2004-08-04 12:00:00 7,168 ----a-w c:\windows\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ----a-w c:\windows\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\system32\bitsprx4.dll
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\blastcln.exe
+ 2008-04-14 00:12:13 71,680 ----a-w c:\windows\system32\blastcln.exe
- 2004-08-04 12:00:00 63,488 ----a-w c:\windows\system32\browselc.dll
+ 2008-04-13 17:03:24 63,488 ----a-w c:\windows\system32\browselc.dll
- 2004-08-04 12:00:00 77,312 ----a-w c:\windows\system32\browser.dll
+ 2008-04-14 00:11:50 77,824 ----a-w c:\windows\system32\browser.dll
- 2006-09-23 17:12:50 1,022,976 ----a-w c:\windows\system32\browseui.dll
+ 2008-04-14 00:11:50 1,025,024 ----a-w c:\windows\system32\browseui.dll
- 2004-08-04 12:00:00 78,336 ----a-w c:\windows\system32\browsewm.dll
+ 2008-04-14 00:11:50 78,336 ----a-w c:\windows\system32\browsewm.dll
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\bthci.dll
+ 2008-04-14 00:11:50 20,992 ----a-w c:\windows\system32\bthci.dll
- 2004-08-04 12:00:00 30,208 ----a-w c:\windows\system32\bthserv.dll
+ 2008-04-14 00:11:50 30,208 ----a-w c:\windows\system32\bthserv.dll
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\btpanui.dll
+ 2008-04-14 00:11:50 50,688 ----a-w c:\windows\system32\btpanui.dll
- 2004-08-04 19:00:00 59,904 ----a-w c:\windows\system32\cabinet.dll
+ 2008-04-14 00:11:50 60,416 ----a-w c:\windows\system32\cabinet.dll
- 2004-08-04 12:00:00 84,480 ----a-w c:\windows\system32\cabview.dll
+ 2008-04-14 00:11:50 84,480 ----a-w c:\windows\system32\cabview.dll
- 2004-08-04 12:00:00 18,432 ----a-w c:\windows\system32\cacls.exe
+ 2008-04-14 00:12:13 19,968 ----a-w c:\windows\system32\cacls.exe
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\camocx.dll
+ 2008-04-14 00:11:50 50,688 ----a-w c:\windows\system32\camocx.dll
- 2004-08-04 12:00:00 142,848 ----a-w c:\windows\system32\capesnpn.dll
+ 2008-04-14 00:11:50 150,016 ----a-w c:\windows\system32\capesnpn.dll
- 2005-07-26 04:39:42 225,792 ----a-w c:\windows\system32\catsrv.dll
+ 2008-04-14 00:11:50 226,304 ----a-w c:\windows\system32\catsrv.dll
- 2004-08-04 12:00:00 85,504 ----a-w c:\windows\system32\catsrvps.dll
+ 2008-04-14 00:11:50 85,504 ----a-w c:\windows\system32\catsrvps.dll
- 2005-07-26 04:39:43 625,152 ----a-w c:\windows\system32\catsrvut.dll
+ 2008-04-14 00:11:50 625,664 ----a-w c:\windows\system32\catsrvut.dll
- 2006-09-14 08:39:49 151,040 ----a-w c:\windows\system32\cdfview.dll
+ 2008-04-14 00:11:50 151,040 ----a-w c:\windows\system32\cdfview.dll
- 2005-09-10 01:53:41 2,067,968 ----a-w c:\windows\system32\cdosys.dll
+ 2008-04-14 00:11:50 2,091,520 ----a-w c:\windows\system32\cdosys.dll
- 2004-08-04 12:00:00 194,560 ----a-w c:\windows\system32\certcli.dll
+ 2008-04-14 00:11:50 194,560 ----a-w c:\windows\system32\certcli.dll
- 2004-08-04 12:00:00 457,728 ----a-w c:\windows\system32\certmgr.dll
+ 2008-04-14 00:11:50 457,728 ----a-w c:\windows\system32\certmgr.dll
- 2004-08-04 12:00:00 38,912 ----a-w c:\windows\system32\cfgbkend.dll
+ 2008-04-14 00:11:50 38,912 ----a-w c:\windows\system32\cfgbkend.dll
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\cfgmgr32.dll
+ 2008-04-14 00:09:05 16,896 ----a-w c:\windows\system32\cfgmgr32.dll
- 2004-08-04 12:00:00 109,568 ----a-w c:\windows\system32\cic.dll
+ 2008-04-14 00:11:50 148,480 ----a-w c:\windows\system32\cic.dll
- 2006-06-22 05:06:29 69,120 ----a-w c:\windows\system32\ciodm.dll
+ 2008-04-14 00:11:50 69,120 ----a-w c:\windows\system32\ciodm.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\cisvc.exe
+ 2008-04-14 00:12:14 5,632 ----a-w c:\windows\system32\cisvc.exe
- 2005-07-26 04:39:43 110,080 ----a-w c:\windows\system32\clbcatex.dll
+ 2008-04-14 00:11:50 110,592 ----a-w c:\windows\system32\clbcatex.dll
- 2005-07-26 04:39:43 498,688 ----a-w c:\windows\system32\clbcatq.dll
+ 2008-04-14 00:11:50 498,688 ----a-w c:\windows\system32\clbcatq.dll
- 2004-08-04 12:00:00 64,000 ----a-w c:\windows\system32\cleanmgr.exe
+ 2008-04-14 00:12:14 64,000 ----a-w c:\windows\system32\cleanmgr.exe
- 2004-08-04 12:00:00 77,824 ----a-w c:\windows\system32\cliconfg.dll
+ 2008-04-14 00:11:50 77,824 ----a-w c:\windows\system32\cliconfg.dll
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\cliconfg.exe
+ 2008-04-14 00:12:14 20,480 ----a-w c:\windows\system32\cliconfg.exe
- 2004-08-04 12:00:00 33,280 ----a-w c:\windows\system32\clipsrv.exe
+ 2008-04-14 00:12:14 33,280 ----a-w c:\windows\system32\clipsrv.exe
- 2004-08-04 12:00:00 57,856 ----a-w c:\windows\system32\clusapi.dll
+ 2008-04-14 00:11:50 58,368 ----a-w c:\windows\system32\clusapi.dll
- 2004-08-04 12:00:00 15,872 ----a-w c:\windows\system32\cmcfg32.dll
+ 2008-04-14 00:11:50 15,872 ----a-w c:\windows\system32\cmcfg32.dll
- 2004-08-04 12:00:00 388,608 ----a-w c:\windows\system32\cmd.exe
+ 2008-04-14 00:12:14 389,120 ----a-w c:\windows\system32\cmd.exe
- 2004-08-04 12:00:00 343,040 ----a-w c:\windows\system32\cmdial32.dll
+ 2008-04-14 00:11:50 344,064 ----a-w c:\windows\system32\cmdial32.dll
- 2004-08-04 12:00:00 47,104 ----a-w c:\windows\system32\cmdl32.exe
+ 2008-04-14 00:12:14 25,600 ----a-w c:\windows\system32\cmdl32.exe
- 2004-08-04 12:00:00 39,936 ----a-w c:\windows\system32\cmmon32.exe
+ 2008-04-14 00:12:15 39,936 ----a-w c:\windows\system32\cmmon32.exe
- 2004-08-04 12:00:00 185,344 ----a-w c:\windows\system32\cmprops.dll
+ 2008-04-14 00:11:50 185,344 ----a-w c:\windows\system32\cmprops.dll
- 2004-08-04 12:00:00 13,824 ----a-w c:\windows\system32\cmsetACL.dll
+ 2008-04-14 00:11:50 13,312 ----a-w c:\windows\system32\cmsetacl.dll
- 2004-08-04 12:00:00 63,488 ----a-w c:\windows\system32\cmstp.exe
+ 2008-04-14 00:12:15 63,488 ----a-w c:\windows\system32\cmstp.exe
- 2004-08-04 12:00:00 39,936 ----a-w c:\windows\system32\cmutil.dll
+ 2008-04-14 00:11:50 39,424 ----a-w c:\windows\system32\cmutil.dll
- 2004-08-04 19:00:00 47,104 ----a-w c:\windows\system32\cnbjmon.dll
+ 2008-04-14 00:11:50 47,104 ----a-w c:\windows\system32\cnbjmon.dll
- 2005-07-26 04:39:43 60,416 ----a-w c:\windows\system32\colbact.dll
+ 2008-04-14 00:11:51 60,416 ----a-w c:\windows\system32\colbact.dll
- 2005-07-26 04:39:44 195,072 -c--a-w c:\windows\system32\Com\comadmin.dll
+ 2008-04-14 00:11:51 195,072 ----a-w c:\windows\system32\Com\comadmin.dll
- 2004-08-04 12:00:00 9,728 -c--a-w c:\windows\system32\Com\comrepl.exe
+ 2008-04-14 00:12:15 9,728 ----a-w c:\windows\system32\Com\comrepl.exe
- 2004-08-04 12:00:00 5,120 -c--a-w c:\windows\system32\Com\comrereg.exe
+ 2008-04-14 00:12:15 6,144 ----a-w c:\windows\system32\Com\comrereg.exe
- 2004-08-04 12:00:00 25,600 ----a-w c:\windows\system32\comaddin.dll
+ 2008-04-14 00:11:51 28,160 ----a-w c:\windows\system32\comaddin.dll
- 2006-08-25 15:45:58 617,472 ----a-w c:\windows\system32\comctl32.dll
+ 2008-04-14 00:11:51 617,472 ----a-w c:\windows\system32\comctl32.dll
- 2004-08-04 12:00:00 276,992 ----a-w c:\windows\system32\comdlg32.dll
+ 2008-04-14 00:11:51 276,992 ----a-w c:\windows\system32\comdlg32.dll
- 2004-08-04 12:00:00 252,928 ----a-w c:\windows\system32\compatUI.dll
+ 2008-04-14 00:11:51 252,928 ----a-w c:\windows\system32\compatui.dll
- 2004-08-04 12:00:00 229,376 ----a-w c:\windows\system32\compstui.dll
+ 2008-04-14 00:11:51 229,376 ----a-w c:\windows\system32\compstui.dll
- 2005-07-26 04:39:44 97,792 ----a-w c:\windows\system32\comrepl.dll
+ 2008-04-14 00:11:51 97,792 ----a-w c:\windows\system32\comrepl.dll
- 2004-08-04 12:00:00 792,064 ----a-w c:\windows\system32\comres.dll
+ 2008-04-14 00:11:51 792,064 ----a-w c:\windows\system32\comres.dll
- 2004-08-04 12:00:00 147,456 ----a-w c:\windows\system32\comsnap.dll
+ 2008-04-14 00:11:51 167,424 ----a-w c:\windows\system32\comsnap.dll
- 2005-07-26 04:39:44 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
+ 2008-04-14 00:11:51 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
- 2005-07-26 04:39:45 540,160 ----a-w c:\windows\system32\comuid.dll
+ 2008-04-14 00:11:51 539,648 ----a-w c:\windows\system32\comuid.dll
- 2009-03-31 20:56:16 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-04-01 14:21:06 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-03-31 20:56:16 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-01 14:21:06 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-01 14:20:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009040120090402\index.dat
- 2009-03-31 20:56:16 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-04-01 14:21:06 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2004-08-04 12:00:00 345,600 ----a-w c:\windows\system32\confmsp.dll
+ 2008-04-14 00:11:51 357,888 ----a-w c:\windows\system32\confmsp.dll
- 2004-08-04 12:00:00 27,648 ----a-w c:\windows\system32\conime.exe
+ 2008-04-14 00:12:15 27,648 ----a-w c:\windows\system32\conime.exe
- 2007-01-09 00:01:14 17,408 ----a-w c:\windows\system32\corpol.dll
+ 2008-04-14 00:11:51 35,328 ----a-w c:\windows\system32\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w c:\windows\system32\credssp.dll
- 2004-08-04 12:00:00 163,840 ----a-w c:\windows\system32\credui.dll
+ 2008-04-14 00:11:51 163,840 ----a-w c:\windows\system32\credui.dll
- 2004-08-04 12:00:00 597,504 ----a-w c:\windows\system32\crypt32.dll
+ 2008-04-14 00:11:51 599,040 ----a-w c:\windows\system32\crypt32.dll
- 2004-08-04 12:00:00 74,752 ----a-w c:\windows\system32\cryptdlg.dll
+ 2008-04-14 00:11:51 74,752 ----a-w c:\windows\system32\cryptdlg.dll
- 2004-08-04 12:00:00 33,280 ----a-w c:\windows\system32\cryptdll.dll
+ 2008-04-14 00:11:51 33,280 ----a-w c:\windows\system32\cryptdll.dll
- 2004-08-04 12:00:00 53,760 ----a-w c:\windows\system32\cryptext.dll
+ 2008-04-14 00:11:51 53,760 ----a-w c:\windows\system32\cryptext.dll
- 2004-08-04 12:00:00 63,488 ----a-w c:\windows\system32\cryptnet.dll
+ 2008-04-14 00:11:51 64,512 ----a-w c:\windows\system32\cryptnet.dll
- 2004-08-04 12:00:00 60,416 ----a-w c:\windows\system32\cryptsvc.dll
+ 2008-04-14 00:11:51 62,464 ----a-w c:\windows\system32\cryptsvc.dll
- 2004-08-04 12:00:00 512,512 ----a-w c:\windows\system32\cryptui.dll
+ 2008-04-14 00:11:51 512,512 ----a-w c:\windows\system32\cryptui.dll
- 2004-08-04 12:00:00 101,888 ----a-w c:\windows\system32\cscdll.dll
+ 2008-04-14 00:11:51 101,888 ----a-w c:\windows\system32\cscdll.dll
- 2004-08-04 12:00:00 98,304 ----a-w c:\windows\system32\cscript.exe
+ 2008-04-14 00:12:15 139,264 ----a-w c:\windows\system32\cscript.exe
- 2004-08-04 12:00:00 326,656 ----a-w c:\windows\system32\cscui.dll
+ 2008-04-14 00:11:51 326,656 ----a-w c:\windows\system32\cscui.dll
- 2004-08-04 12:00:00 32,768 ----a-w c:\windows\system32\csrsrv.dll
+ 2008-04-14 00:11:51 32,256 ----a-w c:\windows\system32\csrsrv.dll
- 2004-08-04 12:00:00 6,144 ----a-w c:\windows\system32\csrss.exe
+ 2008-04-14 00:12:15 6,144 ----a-w c:\windows\system32\csrss.exe
- 2004-08-04 12:00:00 15,360 ----a-w c:\windows\system32\ctfmon.exe
+ 2008-04-14 00:12:16 15,360 ----a-w c:\windows\system32\ctfmon.exe
- 2004-08-04 12:00:00 1,179,648 ----a-w c:\windows\system32\d3d8.dll
+ 2008-04-14 00:11:51 1,179,648 ----a-w c:\windows\system32\d3d8.dll
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\d3d8thk.dll
+ 2008-04-14 00:11:51 8,192 ----a-w c:\windows\system32\d3d8thk.dll
- 2004-08-04 12:00:00 1,689,088 ----a-w c:\windows\system32\d3d9.dll
+ 2008-04-14 00:11:51 1,689,088 ----a-w c:\windows\system32\d3d9.dll
- 2004-08-04 12:00:00 825,344 ----a-w c:\windows\system32\d3dim700.dll
+ 2008-04-14 00:11:51 824,320 ----a-w c:\windows\system32\d3dim700.dll
- 2006-09-14 08:39:50 1,054,208 ----a-w c:\windows\system32\danim.dll
+ 2008-04-14 00:11:51 1,054,208 ----a-w c:\windows\system32\danim.dll
- 2004-08-04 12:00:00 54,272 ----a-w c:\windows\system32\dataclen.dll
+ 2008-04-14 00:11:51 54,272 ----a-w c:\windows\system32\dataclen.dll
- 2004-08-04 12:00:00 152,064 ----a-w c:\windows\system32\datime.dll
+ 2008-04-14 00:11:51 165,376 ----a-w c:\windows\system32\datime.dll
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\davclnt.dll
+ 2008-04-14 00:11:51 25,088 ----a-w c:\windows\system32\davclnt.dll
- 2004-08-04 19:00:00 640,000 ----a-w c:\windows\system32\dbghelp.dll
+ 2008-04-14 00:11:51 640,000 ----a-w c:\windows\system32\dbghelp.dll
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll
+ 2008-04-14 00:11:51 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll
- 2004-08-04 12:00:00 110,592 ----a-w c:\windows\system32\dbnetlib.dll
+ 2008-04-14 00:11:51 110,592 ----a-w c:\windows\system32\dbnetlib.dll
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\dbnmpntw.dll
+ 2008-04-14 00:11:51 28,672 ----a-w c:\windows\system32\dbnmpntw.dll
- 2004-08-04 12:00:00 1,788 -c--a-w c:\windows\system32\Dcache.bin
+ 2008-04-14 00:25:26 1,804 ----a-w c:\windows\system32\dcache.bin
- 2004-08-04 12:00:00 8,704 ----a-w c:\windows\system32\dciman32.dll
+ 2008-04-14 00:11:51 8,704 ----a-w c:\windows\system32\dciman32.dll
- 2004-08-04 12:00:00 5,120 ----a-w c:\windows\system32\dcomcnfg.exe
+ 2008-04-14 00:12:16 6,144 ----a-w c:\windows\system32\dcomcnfg.exe
- 2004-08-04 12:00:00 30,208 ----a-w c:\windows\system32\ddeshare.exe
+ 2008-04-14 00:12:16 30,208 ----a-w c:\windows\system32\ddeshare.exe
- 2004-08-04 12:00:00 266,240 ----a-w c:\windows\system32\ddraw.dll
+ 2008-04-14 00:11:51 279,552 ----a-w c:\windows\system32\ddraw.dll
- 2004-08-04 12:00:00 27,136 ----a-w c:\windows\system32\ddrawex.dll
+ 2008-04-14 00:11:51 27,136 ----a-w c:\windows\system32\ddrawex.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\defrag.exe
+ 2008-04-14 00:12:16 25,088 ----a-w c:\windows\system32\defrag.exe
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\devenum.dll
+ 2008-04-14 00:11:51 59,904 ----a-w c:\windows\system32\devenum.dll
- 2004-08-04 12:00:00 282,624 ----a-w c:\windows\system32\devmgr.dll
+ 2008-04-14 00:11:51 282,624 ----a-w c:\windows\system32\devmgr.dll
- 2004-08-04 12:00:00 82,432 ----a-w c:\windows\system32\dfrgfat.exe
+ 2008-04-14 00:12:16 82,944 ----a-w c:\windows\system32\dfrgfat.exe
- 2004-08-04 12:00:00 104,960 ----a-w c:\windows\system32\dfrgntfs.exe
+ 2008-04-14 00:12:16 105,472 ----a-w c:\windows\system32\dfrgntfs.exe
- 2004-08-04 12:00:00 38,912 ----a-w c:\windows\system32\dfrgsnap.dll
+ 2008-04-14 00:11:51 39,424 ----a-w c:\windows\system32\dfrgsnap.dll
- 2004-08-04 12:00:00 123,904 ----a-w c:\windows\system32\dfrgui.dll
+ 2008-04-14 00:11:51 124,416 ----a-w c:\windows\system32\dfrgui.dll
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\dfsshlex.dll
+ 2008-04-14 00:11:51 28,672 ----a-w c:\windows\system32\dfsshlex.dll
- 2004-08-04 12:00:00 111,104 ----a-w c:\windows\system32\dgnet.dll
+ 2008-04-14 00:11:51 111,104 ----a-w c:\windows\system32\dgnet.dll
- 2006-05-19 12:59:41 111,616 ----a-w c:\windows\system32\dhcpcsvc.dll
+ 2008-04-14 00:11:51 126,976 ----a-w c:\windows\system32\dhcpcsvc.dll
- 2004-08-04 12:00:00 370,176 ----a-w c:\windows\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 379,904 ----a-w c:\windows\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w c:\windows\system32\dhcpqec.dll
- 2004-08-04 12:00:00 85,504 ----a-w c:\windows\system32\diantz.exe
+ 2008-04-14 00:12:17 87,040 ----a-w c:\windows\system32\diantz.exe
- 2004-08-04 12:00:00 68,608 ----a-w c:\windows\system32\digest.dll
+ 2008-04-14 00:11:52 68,608 ----a-w c:\windows\system32\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\system32\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\system32\dimsroam.dll
- 2004-08-04 12:00:00 159,232 ----a-w c:\windows\system32\dinput.dll
+ 2008-04-14 00:11:52 158,720 ----a-w c:\windows\system32\dinput.dll
- 2004-08-04 12:00:00 181,760 ----a-w c:\windows\system32\dinput8.dll
+ 2008-04-14 00:11:52 181,760 ----a-w c:\windows\system32\dinput8.dll
- 2004-08-04 12:00:00 1,501,696 ----a-w c:\windows\system32\diskcopy.dll
+ 2008-04-14 00:11:52 1,504,256 ----a-w c:\windows\system32\diskcopy.dll
- 2004-08-04 12:00:00 163,840 ----a-w c:\windows\system32\diskpart.exe
+ 2008-04-14 00:12:17 163,840 ----a-w c:\windows\system32\diskpart.exe
- 2004-08-04 12:00:00 45,083 ----a-w c:\windows\system32\dispex.dll
+ 2008-04-14 00:11:52 32,768 ----a-w c:\windows\system32\dispex.dll
- 2008-08-14 09:51:43 138,368 -c----w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 10:04:36 138,496 ------w c:\windows\system32\dllcache\afd.sys
- 2008-06-13 13:10:50 272,128 -c----w c:\windows\system32\dllcache\bthport.sys
+ 2008-06-13 11:05:51 272,128 ------w c:\windows\system32\dllcache\bthport.sys
- 2008-06-20 17:41:10 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 ------w c:\windows\system32\dllcache\dnsapi.dll
- 2006-08-22 09:05:26 498,742 -c--a-w c:\windows\system32\dllcache\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ----a-w c:\windows\system32\dllcache\dxmasf.dll
- 2008-07-07 20:32:22 253,952 -c--a-w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:26:58 253,952 ------w c:\windows\system32\dllcache\es.dll
- 2008-10-23 13:01:36 283,648 -c--a-w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
- 2008-04-11 18:50:43 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ------w c:\windows\system32\dllcache\inetcomm.dll
- 2004-08-04 12:00:00 123,392 -c--a-w c:\windows\system32\dllcache\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w c:\windows\system32\dllcache\mplay32.exe
- 2004-08-04 12:00:00 4,639 -c--a-w c:\windows\system32\dllcache\mplayer2.exe
+ 2008-04-14 00:12:27 4,639 ----a-w c:\windows\system32\dllcache\mplayer2.exe
- 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
- 2008-05-01 14:30:33 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:33:02 331,776 ----a-w c:\windows\system32\dllcache\msadce.dll
- 2008-06-24 16:23:05 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:43:16 74,240 ------w c:\windows\system32\dllcache\mscms.dll
- 2004-08-04 12:00:00 4,126 -c--a-w c:\windows\system32\dllcache\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w c:\windows\system32\dllcache\msdxmlc.dll
- 2008-06-20 17:41:10 245,248 -c--a-w c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ------w c:\windows\system32\dllcache\mswsock.dll
- 2008-09-04 16:42:02 1,106,944 -c--a-w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\system32\dllcache\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w c:\windows\system32\dllcache\msxml6r.dll
- 2008-10-15 16:57:55 332,800 -c--a-w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
- 2004-08-04 12:00:00 226,816 -c--a-w c:\windows\system32\dllcache\npdrmv2.dll
+ 2008-04-14 00:12:56 226,816 ----a-w c:\windows\system32\dllcache\npdrmv2.dll
- 2005-11-29 21:27:06 364,544 -c--a-w c:\windows\system32\dllcache\npdsplay.dll
+ 2008-04-14 00:12:02 364,544 ----a-w c:\windows\system32\dllcache\npdsplay.dll
- 2004-08-04 12:00:00 10,240 -c--a-w c:\windows\system32\dllcache\npwmsdrm.dll
+ 2008-04-14 00:12:02 10,240 ----a-w c:\windows\system32\dllcache\npwmsdrm.dll
- 2008-08-14 09:58:27 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 10:09:26 2,145,280 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-08-14 09:22:13 2,057,728 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,066,048 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-08-14 09:22:14 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 09:33:16 2,023,936 ------w c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-08-14 10:00:45 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 10:11:02 2,189,184 ------w c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-05-07 05:18:48 1,287,680 -c--a-w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ------w c:\windows\system32\dllcache\quartz.dll
- 2008-05-08 12:28:49 202,752 -c--a-w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ------w c:\windows\system32\dllcache\rmcast.sys
- 2008-12-05 07:12:45 144,896 ----a-w c:\windows\system32\dllcache\schannel.dll
+ 2008-12-05 06:54:55 144,896 ------w c:\windows\system32\dllcache\schannel.dll
- 2008-07-03 13:03:29 8,460,800 ----a-w c:\windows\system32\dllcache\shell32.dll
+ 2008-06-17 19:02:19 8,461,312 ------w c:\windows\system32\dllcache\shell32.dll
- 2004-08-04 12:00:00 151,552 -c--a-w c:\windows\system32\dllcache\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w c:\windows\system32\dllcache\shmedia.dll
- 2008-12-11 11:57:21 333,184 -c--a-w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 10:57:09 333,952 ------w c:\windows\system32\dllcache\srv.sys
- 2008-10-03 10:15:47 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ----a-w c:\windows\system32\dllcache\strmdll.dll
- 2008-06-20 10:45:13 360,320 -c--a-w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ------w c:\windows\system32\dllcache\tcpip.sys
- 2008-06-20 09:52:06 225,920 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ------w c:\windows\system32\dllcache\tcpip6.sys
- 2004-08-04 12:00:00 115,200 -c--a-w c:\windows\system32\dllcache\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w c:\windows\system32\dllcache\wmsdmoe.dll
- 2004-08-04 12:00:00 303,616 -c--a-w c:\windows\system32\dllcache\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w c:\windows\system32\dllcache\wmstream.dll
- 2004-08-04 12:00:00 5,120 ----a-w c:\windows\system32\dllhost.exe
+ 2008-04-14 00:12:17 5,120 ----a-w c:\windows\system32\dllhost.exe
- 2004-08-04 12:00:00 224,768 ----a-w c:\windows\system32\dmadmin.exe
+ 2008-04-14 00:12:17 224,768 ----a-w c:\windows\system32\dmadmin.exe
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\dmband.dll
+ 2008-04-14 00:11:52 28,672 ----a-w c:\windows\system32\dmband.dll
- 2004-08-04 12:00:00 61,440 ----a-w c:\windows\system32\dmcompos.dll
+ 2008-04-14 00:11:52 61,440 ----a-w c:\windows\system32\dmcompos.dll
- 2004-08-04 12:00:00 273,920 ----a-w c:\windows\system32\dmdlgs.dll
+ 2008-04-14 00:11:52 285,184 ----a-w c:\windows\system32\dmdlgs.dll
- 2004-08-04 12:00:00 200,704 ----a-w c:\windows\system32\dmdskmgr.dll
+ 2008-04-14 00:11:52 200,704 ----a-w c:\windows\system32\dmdskmgr.dll
- 2004-08-04 12:00:00 181,248 ----a-w c:\windows\system32\dmime.dll
+ 2008-04-14 00:11:52 181,248 ----a-w c:\windows\system32\dmime.dll
- 2004-08-04 12:00:00 35,840 ----a-w c:\windows\system32\dmloader.dll
+ 2008-04-14 00:11:52 35,840 ----a-w c:\windows\system32\dmloader.dll
- 2004-08-04 12:00:00 15,872 ----a-w c:\windows\system32\dmremote.exe
+ 2008-04-14 00:12:17 15,872 ----a-w c:\windows\system32\dmremote.exe
- 2004-08-04 12:00:00 82,432 ----a-w c:\windows\system32\dmscript.dll
+ 2008-04-14 00:11:52 82,432 ----a-w c:\windows\system32\dmscript.dll
- 2004-08-04 12:00:00 23,552 ----a-w c:\windows\system32\dmserver.dll
+ 2008-04-14 00:11:52 23,552 ----a-w c:\windows\system32\dmserver.dll
- 2004-08-04 12:00:00 105,984 ----a-w c:\windows\system32\dmstyle.dll
+ 2008-04-14 00:11:52 105,984 ----a-w c:\windows\system32\dmstyle.dll
- 2004-08-04 12:00:00 103,424 ----a-w c:\windows\system32\dmsynth.dll
+ 2008-04-14 00:11:52 103,424 ----a-w c:\windows\system32\dmsynth.dll
- 2004-08-04 12:00:00 104,448 ----a-w c:\windows\system32\dmusic.dll
+ 2008-04-14 00:11:52 104,448 ----a-w c:\windows\system32\dmusic.dll
- 2004-08-04 19:00:00 52,224 ----a-w c:\windows\system32\dmutil.dll
+ 2008-04-14 00:11:52 52,224 ----a-w c:\windows\system32\dmutil.dll
- 2008-06-20 17:41:10 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 ----a-w c:\windows\system32\dnsapi.dll
- 2008-02-20 05:32:43 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
+ 2008-04-14 00:11:52 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
- 2004-08-04 12:00:00 48,128 ----a-w c:\windows\system32\docprop2.dll
+ 2008-04-14 00:11:52 48,128 ----a-w c:\windows\system32\docprop2.dll
+ 2008-04-14 00:11:52 26,112 ------w c:\windows\system32\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w c:\windows\system32\dot3cfg.dll
+ 2008-04-14 00:11:52 9,216 ------w c:\windows\system32\dot3dlg.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\system32\dot3gpclnt.dll
+ 2008-04-14 00:11:52 56,320 ------w c:\windows\system32\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w c:\windows\system32\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w c:\windows\system32\dot3ui.dll
- 2004-08-04 12:00:00 97,280 ----a-w c:\windows\system32\dpcdll.dll
+ 2008-04-13 21:00:49 103,424 ----a-w c:\windows\system32\dpcdll.dll
- 2004-08-04 12:00:00 30,208 ----a-w c:\windows\system32\dplaysvr.exe
+ 2008-04-14 00:12:17 29,696 ----a-w c:\windows\system32\dplaysvr.exe
- 2004-08-04 12:00:00 229,888 ----a-w c:\windows\system32\dplayx.dll
+ 2008-04-14 00:11:52 229,888 ----a-w c:\windows\system32\dplayx.dll
- 2004-08-04 12:00:00 23,552 ----a-w c:\windows\system32\dpmodemx.dll
+ 2008-04-14 00:11:52 23,552 ----a-w c:\windows\system32\dpmodemx.dll
- 2004-08-04 12:00:00 3,584 ----a-w c:\windows\system32\dpnaddr.dll
+ 2008-04-14 00:09:19 3,072 ----a-w c:\windows\system32\dpnaddr.dll
- 2004-08-04 12:00:00 375,296 ----a-w c:\windows\system32\dpnet.dll
+ 2008-04-14 00:11:52 375,296 ----a-w c:\windows\system32\dpnet.dll
- 2004-08-04 12:00:00 35,328 ----a-w c:\windows\system32\dpnhpast.dll
+ 2008-04-14 00:11:52 35,328 ----a-w c:\windows\system32\dpnhpast.dll
- 2004-08-04 12:00:00 60,928 ----a-w c:\windows\system32\dpnhupnp.dll
+ 2008-04-14 00:11:52 60,928 ----a-w c:\windows\system32\dpnhupnp.dll
- 2004-08-04 12:00:00 3,584 ----a-w c:\windows\system32\dpnlobby.dll
+ 2008-04-14 00:09:20 3,072 ----a-w c:\windows\system32\dpnlobby.dll
- 2004-08-04 12:00:00 18,432 ----a-w c:\windows\system32\dpnsvr.exe
+ 2008-04-14 00:12:17 17,920 ----a-w c:\windows\system32\dpnsvr.exe
- 2004-08-04 12:00:00 21,504 ----a-w c:\windows\system32\dpvacm.dll
+ 2008-04-14 00:11:52 21,504 ----a-w c:\windows\system32\dpvacm.dll
- 2004-08-04 12:00:00 212,480 ----a-w c:\windows\system32\dpvoice.dll
+ 2008-04-14 00:11:52 212,480 ----a-w c:\windows\system32\dpvoice.dll
- 2004-08-04 12:00:00 83,456 ----a-w c:\windows\system32\dpvsetup.exe
+ 2008-04-14 00:12:18 83,456 ----a-w c:\windows\system32\dpvsetup.exe
- 2004-08-04 12:00:00 116,736 ----a-w c:\windows\system32\dpvvox.dll
+ 2008-04-14 00:11:52 116,736 ----a-w c:\windows\system32\dpvvox.dll
- 2004-08-04 12:00:00 57,344 ----a-w c:\windows\system32\dpwsockx.dll
+ 2008-04-14 00:11:52 57,344 ----a-w c:\windows\system32\dpwsockx.dll
- 2004-08-04 12:00:00 53,248 -c--a-w c:\windows\system32\drivers\1394bus.sys
+ 2008-04-13 18:46:18 53,376 ----a-w c:\windows\system32\drivers\1394bus.sys
- 2004-08-04 12:00:00 187,776 ----a-w c:\windows\system32\drivers\acpi.sys
+ 2008-04-13 18:36:35 187,776 ----a-w c:\windows\system32\drivers\acpi.sys
+ 2008-04-14 00:11:48 4,255 ------w c:\windows\system32\drivers\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w c:\windows\system32\drivers\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w c:\windows\system32\drivers\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w c:\windows\system32\drivers\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w c:\windows\system32\drivers\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w c:\windows\system32\drivers\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w c:\windows\system32\drivers\adv11nt5.dll
- 2006-02-15 00:22:26 142,464 ----a-w c:\windows\system32\drivers\aec.sys
+ 2008-04-13 16:39:23 142,592 ----a-w c:\windows\system32\drivers\aec.sys
- 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-04-13 18:36:38 42,368 ------w c:\windows\system32\drivers\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w c:\windows\system32\drivers\agpcpq.sys
+ 2008-04-13 18:36:38 42,752 ------w c:\windows\system32\drivers\alim1541.sys
+ 2008-04-13 18:36:39 43,008 ------w c:\windows\system32\drivers\amdagp.sys
- 2004-08-04 19:00:00 36,992 -c--a-w c:\windows\system32\drivers\amdk6.sys
+ 2008-04-13 18:31:32 37,376 ----a-w c:\windows\system32\drivers\amdk6.sys
- 2004-08-04 19:00:00 37,376 -c--a-w c:\windows\system32\drivers\amdk7.sys
+ 2008-04-13 18:31:33 37,760 ----a-w c:\windows\system32\drivers\amdk7.sys
- 2004-08-04 19:00:00 60,800 ----a-w c:\windows\system32\drivers\arp1394.sys
+ 2008-04-13 18:51:25 60,800 ----a-w c:\windows\system32\drivers\arp1394.sys
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\drivers\asyncmac.sys
+ 2008-04-13 18:57:27 14,336 ----a-w c:\windows\system32\drivers\asyncmac.sys
- 2004-08-04 12:00:00 95,360 ----a-w c:\windows\system32\drivers\atapi.sys
+ 2008-04-13 18:40:30 96,512 ----a-w c:\windows\system32\drivers\atapi.sys
+ 2004-08-04 03:29:30 56,623 ------w c:\windows\system32\drivers\ati1btxx.sys
+ 2004-08-04 03:29:30 11,615 ------w c:\windows\system32\drivers\ati1mdxx.sys
+ 2004-08-04 03:29:30 12,047 ------w c:\windows\system32\drivers\ati1pdxx.sys
+ 2004-08-04 03:29:32 30,671 ------w c:\windows\system32\drivers\ati1raxx.sys
+ 2004-08-04 03:29:32 63,663 ------w c:\windows\system32\drivers\ati1rvxx.sys
+ 2004-08-04 03:29:32 26,367 ------w c:\windows\system32\drivers\ati1snxx.sys
+ 2004-08-04 03:29:32 21,343 ------w c:\windows\system32\drivers\ati1ttxx.sys
+ 2004-08-04 03:29:32 36,463 ------w c:\windows\system32\drivers\ati1tuxx.sys
+ 2004-08-04 03:29:32 29,455 ------w c:\windows\system32\drivers\ati1xbxx.sys
+ 2004-08-04 03:29:32 34,735 ------w c:\windows\system32\drivers\ati1xsxx.sys
+ 2004-08-04 03:29:28 327,040 ------w c:\windows\system32\drivers\ati2mtaa.sys
+ 2004-08-04 03:29:28 701,440 ------w c:\windows\system32\drivers\ati2mtag.sys
+ 2004-08-04 03:29:28 57,856 ------w c:\windows\system32\drivers\atinbtxx.sys
+ 2004-08-04 03:29:30 13,824 ------w c:\windows\system32\drivers\atinmdxx.sys
+ 2004-08-04 03:29:30 14,336 ------w c:\windows\system32\drivers\atinpdxx.sys
+ 2004-08-04 03:29:30 52,224 ------w c:\windows\system32\drivers\atinraxx.sys
+ 2004-08-04 03:29:32 104,960 ------w c:\windows\system32\drivers\atinrvxx.sys
+ 2004-08-04 03:29:32 28,672 ------w c:\windows\system32\drivers\atinsnxx.sys
+ 2004-08-04 03:29:32 13,824 ------w c:\windows\system32\drivers\atinttxx.sys
+ 2004-08-04 03:29:32 73,216 ------w c:\windows\system32\drivers\atintuxx.sys
+ 2004-08-04 03:29:32 31,744 ------w c:\windows\system32\drivers\atinxbxx.sys
+ 2004-08-04 03:29:32 63,488 ------w c:\windows\system32\drivers\atinxsxx.sys
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\drivers\atmarpc.sys
+ 2008-04-13 18:51:25 59,904 ----a-w c:\windows\system32\drivers\atmarpc.sys
- 2004-08-04 12:00:00 55,936 -c--a-w c:\windows\system32\drivers\atmlane.sys
+ 2008-04-13 18:51:30 55,808 ----a-w c:\windows\system32\drivers\atmlane.sys
+ 2008-04-14 00:11:50 21,183 ------w c:\windows\system32\drivers\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w c:\windows\system32\drivers\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w c:\windows\system32\drivers\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w c:\windows\system32\drivers\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w c:\windows\system32\drivers\atv10nt5.dll
- 2004-08-04 12:00:00 71,552 -c--a-w c:\windows\system32\drivers\bridge.sys
+ 2008-04-13 18:53:23 71,552 ----a-w c:\windows\system32\drivers\bridge.sys
+ 2008-04-13 18:46:33 17,024 ------w c:\windows\system32\drivers\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w c:\windows\system32\drivers\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w c:\windows\system32\drivers\bthpan.sys
- 2008-06-13 13:10:50 272,128 ------w c:\windows\system32\drivers\bthport.sys
+ 2008-06-13 11:05:51 272,128 ------w c:\windows\system32\drivers\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w c:\windows\system32\drivers\bthprint.sys
+ 2008-04-13 18:46:29 18,944 ------w c:\windows\system32\drivers\bthusb.sys
- 2004-08-04 12:00:00 63,744 ----a-w c:\windows\system32\drivers\cdfs.sys
+ 2008-04-13 19:14:21 63,744 ----a-w c:\windows\system32\drivers\cdfs.sys
- 2004-08-04 12:00:00 49,536 ----a-w c:\windows\system32\drivers\cdrom.sys
+ 2008-04-13 18:40:46 62,976 ----a-w c:\windows\system32\drivers\cdrom.sys
+ 2008-04-14 00:11:50 15,423 ------w c:\windows\system32\drivers\ch7xxnt5.dll
- 2004-08-04 12:00:00 49,664 -c--a-w c:\windows\system32\drivers\classpnp.sys
+ 2008-04-13 19:16:22 49,536 ----a-w c:\windows\system32\drivers\classpnp.sys
- 2004-08-04 19:00:00 36,480 -c--a-w c:\windows\system32\drivers\crusoe.sys
+ 2008-04-13 18:31:32 36,736 ----a-w c:\windows\system32\drivers\crusoe.sys
- 2004-08-04 12:00:00 36,352 ----a-w c:\windows\system32\drivers\disk.sys
+ 2008-04-13 18:40:47 36,352 ----a-w c:\windows\system32\drivers\disk.sys
- 2004-08-04 12:00:00 14,208 -c--a-w c:\windows\system32\drivers\diskdump.sys
+ 2008-04-13 18:40:44 14,208 ----a-w c:\windows\system32\drivers\diskdump.sys
- 2004-08-04 12:00:00 799,744 ----a-w c:\windows\system32\drivers\dmboot.sys
+ 2008-04-13 18:44:48 799,744 ----a-w c:\windows\system32\drivers\dmboot.sys
- 2004-08-04 12:00:00 153,344 ----a-w c:\windows\system32\drivers\dmio.sys
+ 2008-04-13 18:44:46 153,344 ----a-w c:\windows\system32\drivers\dmio.sys
- 2004-08-04 13:07:40 52,864 ----a-w c:\windows\system32\drivers\DMusic.sys
+ 2008-04-13 18:45:01 52,864 ----a-w c:\windows\system32\drivers\dmusic.sys
- 2004-08-04 13:08:00 60,288 ----a-w c:\windows\system32\drivers\drmk.sys
+ 2008-04-13 18:45:14 60,160 ----a-w c:\windows\system32\drivers\drmk.sys
- 2004-08-04 13:07:58 2,944 ----a-w c:\windows\system32\drivers\drmkaud.sys
+ 2008-04-13 18:45:13 2,944 ----a-w c:\windows\system32\drivers\drmkaud.sys
- 2004-08-04 12:00:00 71,040 ----a-w c:\windows\system32\drivers\dxg.sys
+ 2008-04-13 18:38:29 71,168 ----a-w c:\windows\system32\drivers\dxg.sys
- 2004-08-04 12:00:00 143,360 ----a-w c:\windows\system32\drivers\fastfat.sys
+ 2008-04-13 19:14:29 143,744 ----a-w c:\windows\system32\drivers\fastfat.sys
- 2004-08-04 12:00:00 27,392 ----a-w c:\windows\system32\drivers\fdc.sys
+ 2008-04-13 18:40:25 27,392 ----a-w c:\windows\system32\drivers\fdc.sys
- 2004-08-04 12:00:00 34,944 ----a-w c:\windows\system32\drivers\fips.sys
+ 2008-04-13 18:33:28 44,544 ----a-w c:\windows\system32\drivers\fips.sys
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\drivers\flpydisk.sys
+ 2008-04-13 18:40:25 20,480 ----a-w c:\windows\system32\drivers\flpydisk.sys
- 2006-08-21 09:14:58 128,896 ----a-w c:\windows\system32\drivers\fltmgr.sys
+ 2008-04-13 18:32:59 129,792 ----a-w c:\windows\system32\drivers\fltmgr.sys
- 2004-08-04 13:07:44 46,464 ----a-w c:\windows\system32\drivers\GAGP30KX.SYS
+ 2008-04-13 18:36:40 46,464 ----a-w c:\windows\system32\drivers\gagp30kx.sys
- 2005-01-08 07:07:18 138,752 -c--a-w c:\windows\system32\drivers\Hdaudbus.sys
+ 2008-04-13 16:36:05 144,384 ----a-w c:\windows\system32\drivers\hdaudbus.sys
+ 2008-04-13 18:46:30 25,600 ------w c:\windows\system32\drivers\hidbth.sys
- 2004-08-04 12:00:00 36,224 -c--a-w c:\windows\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 36,864 ----a-w c:\windows\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 19,200 ------w c:\windows\system32\drivers\hidir.sys
- 2004-08-04 12:00:00 24,960 -c--a-w c:\windows\system32\drivers\hidparse.sys
+ 2008-04-13 18:45:22 24,960 ----a-w c:\windows\system32\drivers\hidparse.sys
- 2001-08-17 18:02:20 9,600 ----a-w c:\windows\system32\drivers\hidusb.sys
+ 2008-04-13 18:45:27 10,368 ----a-w c:\windows\system32\drivers\hidusb.sys
+ 2004-08-04 03:41:48 220,032 ------w c:\windows\system32\drivers\hsfbs2s2.sys
+ 2004-08-04 03:41:50 685,056 ------w c:\windows\system32\drivers\hsfcxts2.sys
+ 2004-08-04 03:41:56 1,041,536 ------w c:\windows\system32\drivers\hsfdpsp2.sys
- 2006-03-17 00:33:10 262,784 ----a-w c:\windows\system32\drivers\http.sys
+ 2008-04-13 18:53:53 264,832 ----a-w c:\windows\system32\drivers\http.sys
- 2004-08-04 12:00:00 52,736 ----a-w c:\windows\system32\drivers\i8042prt.sys
+ 2008-04-13 19:18:00 52,480 ----a-w c:\windows\system32\drivers\i8042prt.sys
- 2004-08-04 12:00:00 41,856 ----a-w c:\windows\system32\drivers\imapi.sys
+ 2008-04-13 18:40:58 42,112 ----a-w c:\windows\system32\drivers\imapi.sys
- 2004-08-04 12:00:00 5,504 ----a-w c:\windows\system32\drivers\intelide.sys
+ 2008-04-13 18:40:29 5,504 ----a-w c:\windows\system32\drivers\intelide.sys
+ 2008-04-13 18:31:32 36,352 ------w c:\windows\system32\drivers\intelppm.sys
- 2004-08-04 12:00:00 29,056 ----a-w c:\windows\system32\drivers\ip6fw.sys
+ 2008-04-13 18:53:34 36,608 ----a-w c:\windows\system32\drivers\ip6fw.sys
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\drivers\ipinip.sys
+ 2008-04-13 18:57:07 20,864 ----a-w c:\windows\system32\drivers\ipinip.sys
- 2004-09-29 22:28:37 134,912 ----a-w c:\windows\system32\drivers\ipnat.sys
+ 2008-04-13 18:57:15 152,832 ----a-w c:\windows\system32\drivers\ipnat.sys
- 2004-08-04 12:00:00 74,752 ----a-w c:\windows\system32\drivers\ipsec.sys
+ 2008-04-13 19:19:42 75,264 ----a-w c:\windows\system32\drivers\ipsec.sys
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\drivers\irenum.sys
+ 2008-04-13 18:54:28 11,264 ----a-w c:\windows\system32\drivers\irenum.sys
- 2004-08-04 12:00:00 35,840 ----a-w c:\windows\system32\drivers\isapnp.sys
+ 2008-04-13 18:36:41 37,248 ----a-w c:\windows\system32\drivers\isapnp.sys
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-13 18:39:47 24,576 ----a-w c:\windows\system32\drivers\kbdclass.sys
- 2006-06-14 08:47:45 172,416 ----a-w c:\windows\system32\drivers\kmixer.sys
+ 2008-04-13 18:45:09 172,416 ----a-w c:\windows\system32\drivers\kmixer.sys
- 2004-08-04 13:15:22 140,928 ----a-w c:\windows\system32\drivers\ks.sys
+ 2008-04-13 19:16:36 141,056 ----a-w c:\windows\system32\drivers\ks.sys
- 2004-08-04 19:00:00 92,032 -c--a-w c:\windows\system32\drivers\ksecdd.sys
+ 2008-04-13 18:31:43 92,288 ----a-w c:\windows\system32\drivers\ksecdd.sys
- 2004-08-04 19:00:00 63,744 -c--a-w c:\windows\system32\drivers\mf.sys
+ 2008-04-13 18:36:41 63,744 ----a-w c:\windows\system32\drivers\mf.sys
- 2004-08-04 19:00:00 30,080 ----a-w c:\windows\system32\drivers\modem.sys
+ 2008-04-13 19:00:19 30,080 ----a-w c:\windows\system32\drivers\modem.sys
- 2004-08-04 19:00:00 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
+ 2008-04-13 18:39:47 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
- 2004-08-04 12:00:00 42,240 -c--a-w c:\windows\system32\drivers\mountmgr.sys
+ 2008-04-13 18:39:46 42,368 ----a-w c:\windows\system32\drivers\mountmgr.sys
- 2007-12-18 09:51:35 179,584 ----a-w c:\windows\system32\drivers\mrxdav.sys
+ 2008-04-13 18:32:44 180,608 ----a-w c:\windows\system32\drivers\mrxdav.sys
- 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2004-08-04 12:00:00 19,072 ----a-w c:\windows\system32\drivers\msfs.sys
+ 2008-04-13 18:32:39 19,072 ----a-w c:\windows\system32\drivers\msfs.sys
- 2004-08-04 12:00:00 35,072 ----a-w c:\windows\system32\drivers\msgpc.sys
+ 2008-04-13 18:56:32 35,072 ----a-w c:\windows\system32\drivers\msgpc.sys
- 2004-08-04 12:58:42 7,552 ----a-w c:\windows\system32\drivers\MSKSSRV.sys
+ 2008-04-13 18:39:52 7,552 ----a-w c:\windows\system32\drivers\mskssrv.sys
- 2004-08-04 12:58:40 5,376 ----a-w c:\windows\system32\drivers\MSPCLOCK.sys
+ 2008-04-13 18:39:50 5,376 ----a-w c:\windows\system32\drivers\mspclock.sys
- 2004-08-04 12:58:42 4,992 ----a-w c:\windows\system32\drivers\MSPQM.sys
+ 2008-04-13 18:39:51 4,992 ----a-w c:\windows\system32\drivers\mspqm.sys
- 2004-08-04 19:00:00 15,488 ----a-w c:\windows\system32\drivers\mssmbios.sys
+ 2008-04-13 18:36:46 15,488 ----a-w c:\windows\system32\drivers\mssmbios.sys
+ 2004-08-04 03:41:40 126,686 ------w c:\windows\system32\drivers\mtlmnt5.sys
+ 2004-08-04 03:41:38 1,309,184 ------w c:\windows\system32\drivers\mtlstrm.sys
+ 2004-08-04 03:29:38 452,736 ------w c:\windows\system32\drivers\mtxparhm.sys
- 2004-08-04 12:00:00 107,904 -c--a-w c:\windows\system32\drivers\mup.sys
+ 2008-04-13 19:17:05 105,344 ----a-w c:\windows\system32\drivers\mup.sys
+ 2008-04-13 18:43:55 12,672 ------w c:\windows\system32\drivers\mutohpen.sys
- 2004-08-04 12:00:00 182,912 -c--a-w c:\windows\system32\drivers\ndis.sys
+ 2008-04-13 19:20:37 182,656 ----a-w c:\windows\system32\drivers\ndis.sys
- 2004-08-04 12:00:00 9,600 ----a-w c:\windows\system32\drivers\ndistapi.sys
+ 2008-04-13 18:57:27 10,112 ----a-w c:\windows\system32\drivers\ndistapi.sys
- 2004-08-04 19:00:00 12,928 ----a-w c:\windows\system32\drivers\ndisuio.sys
+ 2008-04-13 18:55:58 14,592 ----a-w c:\windows\system32\drivers\ndisuio.sys
- 2004-08-04 12:00:00 91,776 ----a-w c:\windows\system32\drivers\ndiswan.sys
+ 2008-04-13 19:20:42 91,520 ----a-w c:\windows\system32\drivers\ndiswan.sys
- 2004-08-04 12:00:00 38,016 ----a-w c:\windows\system32\drivers\ndproxy.sys
+ 2008-04-13 18:57:29 40,576 ----a-w c:\windows\system32\drivers\ndproxy.sys
- 2004-08-04 12:00:00 34,560 ----a-w c:\windows\system32\drivers\netbios.sys
+ 2008-04-13 18:56:02 34,688 ----a-w c:\windows\system32\drivers\netbios.sys
- 2004-08-04 12:00:00 162,816 ----a-w c:\windows\system32\drivers\netbt.sys
+ 2008-04-13 19:21:00 162,816 ----a-w c:\windows\system32\drivers\netbt.sys
- 2004-08-04 19:00:00 61,824 ----a-w c:\windows\system32\drivers\nic1394.sys
+ 2008-04-13 18:51:25 61,824 ----a-w c:\windows\system32\drivers\nic1394.sys
- 2004-08-04 12:00:00 40,320 -c--a-w c:\windows\system32\drivers\nmnt.sys
+ 2008-04-13 18:53:09 40,320 ----a-w c:\windows\system32\drivers\nmnt.sys
- 2004-08-04 12:00:00 30,848 ----a-w c:\windows\system32\drivers\npfs.sys
+ 2008-04-13 18:32:39 30,848 ----a-w c:\windows\system32\drivers\npfs.sys
- 2007-02-09 11:10:35 574,464 ----a-w c:\windows\system32\drivers\ntfs.sys
+ 2008-04-13 19:15:53 574,976 ----a-w c:\windows\system32\drivers\ntfs.sys
+ 2004-08-04 03:41:40 180,360 ------w c:\windows\system32\drivers\ntmtlfax.sys
+ 2004-08-04 03:29:56 1,897,408 ------w c:\windows\system32\drivers\nv4_mini.sys
- 2004-08-04 12:00:00 88,448 -c--a-w c:\windows\system32\drivers\nwlnkipx.sys
+ 2008-04-13 18:56:06 88,320 ----a-w c:\windows\system32\drivers\nwlnkipx.sys
- 2004-08-04 12:00:00 61,056 ----a-w c:\windows\system32\drivers\ohci1394.sys
+ 2008-04-13 18:46:18 61,696 ----a-w c:\windows\system32\drivers\ohci1394.sys
- 2004-08-04 19:00:00 42,496 -c--a-w c:\windows\system32\drivers\p3.sys
+ 2008-04-13 18:31:31 42,752 ----a-w c:\windows\system32\drivers\p3.sys
- 2004-08-04 19:00:00 80,128 ----a-w c:\windows\system32\drivers\parport.sys
+ 2008-04-13 18:40:10 80,128 ----a-w c:\windows\system32\drivers\parport.sys
- 2004-08-04 12:00:00 18,688 -c--a-w c:\windows\system32\drivers\partmgr.sys
+ 2008-04-13 18:40:49 19,712 ----a-w c:\windows\system32\drivers\partmgr.sys
- 2004-08-04 12:00:00 68,224 ----a-w c:\windows\system32\drivers\pci.sys
+ 2008-04-13 18:36:44 68,224 ----a-w c:\windows\system32\drivers\pci.sys
- 2004-08-04 12:00:00 25,088 -c--a-w c:\windows\system32\drivers\pciidex.sys
+ 2008-04-13 18:40:29 24,960 ----a-w c:\windows\system32\drivers\pciidex.sys
- 2004-08-04 12:00:00 119,936 -c--a-w c:\windows\system32\drivers\pcmcia.sys
+ 2008-04-13 18:36:43 120,192 ----a-w c:\windows\system32\drivers\pcmcia.sys
- 2004-03-17 00:58:20 136,960 ----a-w c:\windows\system32\drivers\portcls.sys
+ 2008-04-13 19:19:41 146,048 ----a-w c:\windows\system32\drivers\portcls.sys
- 2004-08-04 19:00:00 35,328 ----a-w c:\windows\system32\drivers\processr.sys
+ 2008-04-13 18:31:30 35,840 ----a-w c:\windows\system32\drivers\processr.sys
- 2004-08-04 12:00:00 69,120 ----a-w c:\windows\system32\drivers\psched.sys
+ 2008-04-13 18:56:38 69,120 ----a-w c:\windows\system32\drivers\psched.sys
- 2004-08-04 12:00:00 51,328 ----a-w c:\windows\system32\drivers\rasl2tp.sys
+ 2008-04-13 19:19:43 51,328 ----a-w c:\windows\system32\drivers\rasl2tp.sys
- 2004-08-04 12:00:00 41,472 ----a-w c:\windows\system32\drivers\raspppoe.sys
+ 2008-04-13 18:57:32 41,472 ----a-w c:\windows\system32\drivers\raspppoe.sys
- 2004-08-04 12:00:00 48,384 ----a-w c:\windows\system32\drivers\raspptp.sys
+ 2008-04-13 19:19:48 48,384 ----a-w c:\windows\system32\drivers\raspptp.sys
- 2006-05-05 09:47:57 174,592 ----a-w c:\windows\system32\drivers\rdbss.sys
+ 2008-04-13 19:28:39 175,744 ----a-w c:\windows\system32\drivers\rdbss.sys
- 2004-08-04 13:01:16 196,864 -c--a-w c:\windows\system32\drivers\rdpdr.sys
+ 2008-04-13 18:32:51 196,224 ----a-w c:\windows\system32\drivers\rdpdr.sys
- 2005-06-10 04:09:46 139,528 -c--a-w c:\windows\system32\drivers\rdpwd.sys
+ 2008-04-14 00:13:22 139,656 ----a-w c:\windows\system32\drivers\rdpwd.sys
+ 2004-08-04 03:41:40 13,776 ------w c:\windows\system32\drivers\recagent.sys
- 2004-08-04 05:59:38 57,472 ----a-w c:\windows\system32\drivers\redbook.sys
+ 2008-04-13 18:40:27 57,600 ----a-w c:\windows\system32\drivers\redbook.sys
+ 2008-04-13 18:46:32 59,136 ------w c:\windows\system32\drivers\rfcomm.sys
- 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2004-08-04 12:00:00 30,080 -c--a-w c:\windows\system32\drivers\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ----a-w c:\windows\system32\drivers\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ------w c:\windows\system32\drivers\rndismpx.sys
+ 2004-08-04 03:29:52 166,912 ------w c:\windows\system32\drivers\s3gnbm.sys
- 2004-08-04 12:00:00 96,256 -c--a-w c:\windows\system32\drivers\scsiport.sys
+ 2008-04-13 18:40:30 96,384 ----a-w c:\windows\system32\drivers\scsiport.sys
- 2004-08-04 12:00:00 67,584 -c--a-w c:\windows\system32\drivers\sdbus.sys
+ 2008-04-13 18:36:44 79,232 ----a-w c:\windows\system32\drivers\sdbus.sys
- 2004-08-04 12:00:00 15,488 ----a-w c:\windows\system32\drivers\serenum.sys
+ 2008-04-13 18:40:12 15,744 ----a-w c:\windows\system32\drivers\serenum.sys
- 2004-08-04 12:00:00 64,896 ----a-w c:\windows\system32\drivers\serial.sys
+ 2008-04-13 19:15:45 64,512 ----a-w c:\windows\system32\drivers\serial.sys
- 2004-08-04 12:00:00 11,136 -c--a-w c:\windows\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:47 11,904 ----a-w c:\windows\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w c:\windows\system32\drivers\sffp_mmc.sys
- 2004-08-04 12:00:00 10,240 -c--a-w c:\windows\system32\drivers\sffp_sd.sys
+ 2008-04-13 18:40:47 11,008 ----a-w c:\windows\system32\drivers\sffp_sd.sys
- 2004-08-04 12:00:00 11,392 ----a-w c:\windows\system32\drivers\sfloppy.sys
+ 2008-04-13 18:40:48 11,392 ----a-w c:\windows\system32\drivers\sfloppy.sys
+ 2008-04-14 00:12:05 3,901 ------w c:\windows\system32\drivers\siint5.dll
+ 2008-04-13 18:36:39 40,960 ------w c:\windows\system32\drivers\sisagp.sys
+ 2004-08-04 03:41:42 129,535 ------w c:\windows\system32\drivers\slnt7554.sys
+ 2004-08-04 03:41:44 404,990 ------w c:\windows\system32\drivers\slntamr.sys
+ 2004-08-04 03:41:46 95,424 ------w c:\windows\system32\drivers\slnthal.sys
+ 2004-08-04 03:41:46 13,240 ------w c:\windows\system32\drivers\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w c:\windows\system32\drivers\smbali.sys
- 2004-08-04 19:00:00 25,472 -c--a-w c:\windows\system32\drivers\sonydcam.sys
+ 2008-04-13 18:46:07 25,344 ----a-w c:\windows\system32\drivers\sonydcam.sys
- 2006-06-14 08:47:46 6,400 ----a-w c:\windows\system32\drivers\splitter.sys
+ 2008-04-13 18:45:07 6,272 ----a-w c:\windows\system32\drivers\splitter.sys
- 2004-08-04 12:00:00 73,472 ----a-w c:\windows\system32\drivers\sr.sys
+ 2008-04-13 18:36:52 73,472 ----a-w c:\windows\system32\drivers\sr.sys
- 2008-12-11 11:57:21 333,184 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys
- 2004-08-04 13:08:04 48,640 -c--a-w c:\windows\system32\drivers\stream.sys
+ 2008-04-13 18:45:15 49,408 ----a-w c:\windows\system32\drivers\stream.sys
- 2004-08-04 19:00:00 4,352 ----a-w c:\windows\system32\drivers\swenum.sys
+ 2008-04-13 18:39:53 4,352 ----a-w c:\windows\system32\drivers\swenum.sys
- 2001-08-18 04:00:52 54,272 ----a-w c:\windows\system32\drivers\swmidi.sys
+ 2008-04-13 18:45:09 56,576 ----a-w c:\windows\system32\drivers\swmidi.sys
- 2004-08-04 13:15:56 60,800 ----a-w c:\windows\system32\drivers\sysaudio.sys
+ 2008-04-13 19:15:55 60,800 ----a-w c:\windows\system32\drivers\sysaudio.sys
- 2004-08-04 12:00:00 14,976 -c--a-w c:\windows\system32\drivers\tape.sys
+ 2008-04-13 18:40:50 14,976 ----a-w c:\windows\system32\drivers\tape.sys
- 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2004-08-04 12:00:00 18,560 ----a-w c:\windows\system32\drivers\tdi.sys
+ 2008-04-13 19:00:05 19,072 ----a-w c:\windows\system32\drivers\tdi.sys
- 2004-08-04 12:00:00 12,040 -c--a-w c:\windows\system32\drivers\tdpipe.sys
+ 2008-04-14 00:13:20 12,040 ----a-w c:\windows\system32\drivers\tdpipe.sys
- 2004-08-04 12:00:00 21,896 -c--a-w c:\windows\system32\drivers\tdtcp.sys
+ 2008-04-14 00:13:21 21,896 ----a-w c:\windows\system32\drivers\tdtcp.sys
- 2004-08-04 15:01:08 40,840 ----a-w c:\windows\system32\drivers\termdd.sys
+ 2008-04-14 00:13:20 40,840 ----a-w c:\windows\system32\drivers\termdd.sys
- 2004-08-04 19:00:00 12,416 -c--a-w c:\windows\system32\drivers\tunmp.sys
+ 2008-04-13 18:56:01 12,288 ----a-w c:\windows\system32\drivers\tunmp.sys
+ 2008-04-13 18:36:40 44,672 ------w c:\windows\system32\drivers\uagp35.sys
- 2004-08-04 12:00:00 66,176 -c--a-w c:\windows\system32\drivers\udfs.sys
+ 2008-04-13 18:32:36 66,048 ----a-w c:\windows\system32\drivers\udfs.sys
- 2004-08-04 12:00:00 209,408 ----a-w c:\windows\system32\drivers\update.sys
+ 2008-04-13 18:39:46 384,768 ----a-w c:\windows\system32\drivers\update.sys
- 2004-08-04 12:00:00 12,672 -c--a-w c:\windows\system32\drivers\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ----a-w c:\windows\system32\drivers\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w c:\windows\system32\drivers\usb8023x.sys
- 2004-08-04 19:00:00 23,808 -c--a-w c:\windows\system32\drivers\usbcamd.sys
+ 2008-04-13 18:45:40 25,600 ----a-w c:\windows\system32\drivers\usbcamd.sys
- 2004-08-04 19:00:00 23,936 -c--a-w c:\windows\system32\drivers\usbcamd2.sys
+ 2008-04-13 18:45:41 25,728 ----a-w c:\windows\system32\drivers\usbcamd2.sys
- 2004-08-04 12:00:00 26,624 ----a-w c:\windows\system32\drivers\usbehci.sys
+ 2008-04-13 18:45:35 30,208 ----a-w c:\windows\system32\drivers\usbehci.sys
- 2004-08-04 12:00:00 57,600 ----a-w c:\windows\system32\drivers\usbhub.sys
+ 2008-04-13 18:45:37 59,520 ----a-w c:\windows\system32\drivers\usbhub.sys
- 2004-08-04 19:00:00 16,000 -c--a-w c:\windows\system32\drivers\usbintel.sys
+ 2008-04-13 18:45:43 15,872 ----a-w c:\windows\system32\drivers\usbintel.sys
- 2004-08-04 12:00:00 17,024 ----a-w c:\windows\system32\drivers\usbohci.sys
+ 2008-04-13 18:45:35 17,152 ----a-w c:\windows\system32\drivers\usbohci.sys
- 2004-08-04 12:00:00 142,976 ----a-w c:\windows\system32\drivers\usbport.sys
+ 2008-04-13 18:45:36 143,872 ----a-w c:\windows\system32\drivers\usbport.sys
- 2004-08-04 03:01:26 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
+ 2008-04-13 18:47:37 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
- 2004-08-04 03:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
+ 2008-04-13 18:45:34 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
- 2004-08-04 12:00:00 26,496 ----a-w c:\windows\system32\drivers\usbstor.sys
+ 2008-04-13 18:45:38 26,368 ----a-w c:\windows\system32\drivers\usbstor.sys
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 18:45:35 20,608 ----a-w c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 18:46:20 121,984 ------w c:\windows\system32\drivers\usbvideo.sys
+ 2008-04-14 00:12:08 11,325 ------w c:\windows\system32\drivers\vchnt5.dll
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\drivers\vga.sys
+ 2008-04-13 18:44:40 20,992 ----a-w c:\windows\system32\drivers\vga.sys
+ 2008-04-13 18:36:40 42,240 ------w c:\windows\system32\drivers\viaagp.sys
- 2004-08-04 12:00:00 5,376 ----a-w c:\windows\system32\drivers\viaide.sys
+ 2008-04-13 18:40:31 5,376 ----a-w c:\windows\system32\drivers\viaide.sys
- 2004-08-04 12:00:00 79,744 ----a-w c:\windows\system32\drivers\videoprt.sys
+ 2008-04-13 18:44:40 81,664 ----a-w c:\windows\system32\drivers\videoprt.sys
- 2004-08-04 12:00:00 52,352 -c--a-w c:\windows\system32\drivers\volsnap.sys
+ 2008-04-13 18:41:01 52,352 ----a-w c:\windows\system32\drivers\volsnap.sys
+ 2008-04-13 18:43:55 14,208 ------w c:\windows\system32\drivers\wacompen.sys
+ 2004-08-04 03:29:40 11,807 ------w c:\windows\system32\drivers\wadv07nt.sys
+ 2004-08-04 03:29:40 11,295 ------w c:\windows\system32\drivers\wadv08nt.sys
+ 2004-08-04 03:29:42 11,871 ------w c:\windows\system32\drivers\wadv09nt.sys
+ 2004-08-04 03:29:42 11,935 ------w c:\windows\system32\drivers\wadv11nt.sys
- 2004-08-04 12:00:00 34,560 ----a-w c:\windows\system32\drivers\wanarp.sys
+ 2008-04-13 18:57:21 34,560 ----a-w c:\windows\system32\drivers\wanarp.sys
+ 2004-08-04 03:29:46 22,271 ------w c:\windows\system32\drivers\watv06nt.sys
+ 2004-08-04 03:29:46 25,471 ------w c:\windows\system32\drivers\watv10nt.sys
- 2006-06-14 09:00:45 82,944 ----a-w c:\windows\system32\drivers\wdmaud.sys
+ 2008-04-13 19:17:18 83,072 ----a-w c:\windows\system32\drivers\wdmaud.sys
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\drprov.dll
+ 2008-04-14 00:11:52 14,336 ----a-w c:\windows\system32\drprov.dll
- 2004-08-04 12:00:00 16,384 ----a-w c:\windows\system32\ds32gt.dll
+ 2008-04-14 00:11:52 16,384 ----a-w c:\windows\system32\ds32gt.dll
- 2004-08-04 12:00:00 181,760 ----a-w c:\windows\system32\dsdmo.dll
+ 2008-04-14 00:11:52 181,248 ----a-w c:\windows\system32\dsdmo.dll
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\dsdmoprp.dll
+ 2008-04-14 00:11:52 71,680 ----a-w c:\windows\system32\dsdmoprp.dll
- 2004-08-04 12:00:00 92,672 ----a-w c:\windows\system32\dskquota.dll
+ 2008-04-14 00:11:52 92,672 ----a-w c:\windows\system32\dskquota.dll
- 2004-08-04 12:00:00 144,384 ----a-w c:\windows\system32\dskquoui.dll
+ 2008-04-14 00:11:52 155,648 ----a-w c:\windows\system32\dskquoui.dll
- 2004-08-04 12:00:00 367,616 ----a-w c:\windows\system32\dsound.dll
+ 2008-04-14 00:11:52 367,616 ----a-w c:\windows\system32\dsound.dll
- 2004-08-04 12:00:00 1,294,336 ----a-w c:\windows\system32\dsound3d.dll
+ 2008-04-14 00:11:52 1,293,824 ----a-w c:\windows\system32\dsound3d.dll
- 2004-08-04 12:00:00 142,336 ----a-w c:\windows\system32\dsprop.dll
+ 2008-04-14 00:11:52 142,848 ----a-w c:\windows\system32\dsprop.dll
- 2004-08-04 12:00:00 4,096 ----a-w c:\windows\system32\dsprpres.dll
+ 2008-04-13 17:09:30 4,096 ----a-w c:\windows\system32\dsprpres.dll
- 2004-08-04 12:00:00 239,104 ----a-w c:\windows\system32\dsquery.dll
+ 2008-04-14 00:11:52 239,104 ----a-w c:\windows\system32\dsquery.dll
- 2004-08-04 12:00:00 51,200 ----a-w c:\windows\system32\dssec.dll
+ 2008-04-14 00:11:52 51,200 ----a-w c:\windows\system32\dssec.dll
- 2004-08-04 12:00:00 137,216 ----a-w c:\windows\system32\dssenh.dll
+ 2008-04-13 17:37:57 138,752 ----a-w c:\windows\system32\dssenh.dll
- 2004-08-04 12:00:00 113,152 ----a-w c:\windows\system32\dsuiext.dll
+ 2008-04-14 00:11:52 113,152 ----a-w c:\windows\system32\dsuiext.dll
- 2004-08-04 12:00:00 19,456 ----a-w c:\windows\system32\dswave.dll
+ 2008-04-14 00:11:52 19,456 ----a-w c:\windows\system32\dswave.dll
- 2004-08-04 12:00:00 10,752 ----a-w c:\windows\system32\dumprep.exe
+ 2008-04-14 00:12:18 10,752 ----a-w c:\windows\system32\dumprep.exe
- 2004-08-04 12:00:00 304,128 ----a-w c:\windows\system32\duser.dll
+ 2008-04-14 00:11:52 304,128 ----a-w c:\windows\system32\duser.dll
- 2004-08-04 12:00:00 17,920 ----a-w c:\windows\system32\dvdupgrd.exe
+ 2008-04-14 00:12:18 17,920 ----a-w c:\windows\system32\dvdupgrd.exe
- 2004-08-04 12:00:00 180,224 ----a-w c:\windows\system32\dwwin.exe
+ 2008-04-14 00:12:18 180,224 ----a-w c:\windows\system32\dwwin.exe
- 2004-08-04 12:00:00 619,008 ----a-w c:\windows\system32\dx7vb.dll
+ 2008-04-14 00:11:52 619,008 ----a-w c:\windows\system32\dx7vb.dll
- 2004-08-04 12:00:00 1,227,264 ----a-w c:\windows\system32\dx8vb.dll
+ 2008-04-14 00:11:52 1,227,264 ----a-w c:\windows\system32\dx8vb.dll
- 2004-08-04 12:00:00 1,298,432 ----a-w c:\windows\system32\dxdiag.exe
+ 2008-04-14 00:12:18 1,298,432 ----a-w c:\windows\system32\dxdiag.exe
- 2004-08-04 12:00:00 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll
+ 2008-04-14 00:11:52 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll
- 2006-08-22 09:05:26 498,742 ----a-w c:\windows\system32\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ----a-w c:\windows\system32\dxmasf.dll
+ 2008-04-14 00:11:52 30,720 ------w c:\windows\system32\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w c:\windows\system32\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w c:\windows\system32\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w c:\windows\system32\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w c:\windows\system32\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w c:\windows\system32\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w c:\windows\system32\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w c:\windows\system32\eapsvc.dll
- 2004-08-04 12:00:00 183,296 ----a-w c:\windows\system32\els.dll
+ 2008-04-14 00:11:53 183,296 ----a-w c:\windows\system32\els.dll
+ 2008-04-14 00:11:57 28,672 ------w c:\windows\system32\en\microsoft.managementconsole.resources.dll
+ 2008-04-14 00:11:57 40,960 ------w c:\windows\system32\en\mmcex.resources.dll
+ 2008-04-14 00:11:57 6,656 ------w c:\windows\system32\en\mmcfxcommon.resources.dll
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\encapi.dll
+ 2008-04-14 00:11:53 20,480 ----a-w c:\windows\system32\encapi.dll
- 2004-08-04 12:00:00 186,368 ----a-w c:\windows\system32\encdec.dll
+ 2008-04-14 00:11:53 186,880 ----a-w c:\windows\system32\encdec.dll
- 2004-08-04 12:00:00 23,040 ----a-w c:\windows\system32\ersvc.dll
+ 2008-04-14 00:11:53 23,040 ----a-w c:\windows\system32\ersvc.dll
- 2008-07-07 20:32:22 253,952 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\system32\es.dll
- 2005-10-20 22:20:03 1,082,368 ----a-w c:\windows\system32\esent.dll
+ 2008-04-14 00:11:53 1,082,368 ----a-w c:\windows\system32\esent.dll
- 2004-08-04 12:00:00 193,024 ----a-w c:\windows\system32\eudcedit.exe
+ 2008-04-14 00:12:19 193,024 ----a-w c:\windows\system32\eudcedit.exe
- 2004-08-04 12:00:00 55,808 ----a-w c:\windows\system32\eventlog.dll
+ 2008-04-14 00:11:53 56,320 ----a-w c:\windows\system32\eventlog.dll
- 2004-08-04 12:00:00 380,957 ----a-w c:\windows\system32\expsrv.dll
+ 2008-04-14 00:11:53 380,445 ----a-w c:\windows\system32\expsrv.dll
- 2004-08-04 12:00:00 45,568 ----a-w c:\windows\system32\extrac32.exe
+ 2008-04-14 00:12:19 24,064 ----a-w c:\windows\system32\extrac32.exe
- 2004-08-04 19:00:00 121,856 ----a-w c:\windows\system32\exts.dll
+ 2008-04-14 00:11:53 125,952 ----a-w c:\windows\system32\exts.dll
- 2004-08-04 12:00:00 80,384 ----a-w c:\windows\system32\faultrep.dll
+ 2008-04-14 00:11:53 80,384 ----a-w c:\windows\system32\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\system32\faxpatch.exe
- 2004-08-04 12:00:00 21,504 ----a-w c:\windows\system32\feclient.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\feclient.dll
- 2004-08-04 12:00:00 337,920 ----a-w c:\windows\system32\filemgmt.dll
+ 2008-04-14 00:11:53 337,920 ----a-w c:\windows\system32\filemgmt.dll
- 2004-08-04 12:00:00 27,136 ----a-w c:\windows\system32\findstr.exe
+ 2008-04-14 00:12:20 27,136 ----a-w c:\windows\system32\findstr.exe
- 2004-08-04 12:00:00 87,552 ----a-w c:\windows\system32\fldrclnr.dll
+ 2008-04-14 00:11:53 87,552 ----a-w c:\windows\system32\fldrclnr.dll
- 2006-08-21 12:21:06 16,896 ----a-w c:\windows\system32\fltlib.dll
+ 2008-04-14 00:11:53 16,896 ----a-w c:\windows\system32\fltlib.dll
- 2006-08-21 09:14:58 23,040 ----a-w c:\windows\system32\fltmc.exe
+ 2008-04-14 00:12:20 23,040 ----a-w c:\windows\system32\fltmc.exe
- 2009-03-11 02:52:43 237,552 ----a-w c:\windows\system32\FNTCACHE.DAT


+ 2009-04-01 14:19:58 237,552 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2004-08-04 12:00:00 382,976 ----a-w c:\windows\system32\fontext.dll
+ 2008-04-14 00:11:53 382,976 ----a-w c:\windows\system32\fontext.dll
- 2005-10-17 21:14:45 80,896 ----a-w c:\windows\system32\fontsub.dll
+ 2008-04-14 00:11:53 80,896 ----a-w c:\windows\system32\fontsub.dll
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\fontview.exe
+ 2008-04-14 00:12:20 20,992 ----a-w c:\windows\system32\fontview.exe
- 2004-08-04 12:00:00 7,168 ----a-w c:\windows\system32\forcedos.exe
+ 2008-04-14 00:12:20 7,680 ----a-w c:\windows\system32\forcedos.exe
- 2004-08-04 12:00:00 25,600 ----a-w c:\windows\system32\format.com
+ 2008-04-14 00:12:42 29,696 ----a-w c:\windows\system32\format.com
- 2004-08-04 12:00:00 9,344 ----a-w c:\windows\system32\framebuf.dll
+ 2008-04-14 00:09:33 9,344 ----a-w c:\windows\system32\framebuf.dll
- 2004-08-04 12:00:00 193,024 ----a-w c:\windows\system32\fsquirt.exe
+ 2008-04-14 00:12:20 193,024 ----a-w c:\windows\system32\fsquirt.exe
- 2004-08-04 12:00:00 42,496 ----a-w c:\windows\system32\ftp.exe
+ 2008-04-14 00:12:20 42,496 ----a-w c:\windows\system32\ftp.exe
- 2004-08-04 12:00:00 60,416 ----a-w c:\windows\system32\fwcfg.dll
+ 2008-04-14 00:11:53 60,416 ----a-w c:\windows\system32\fwcfg.dll
- 2004-08-04 12:00:00 452,096 ----a-w c:\windows\system32\fxsapi.dll
+ 2008-04-14 00:11:53 451,584 ----a-w c:\windows\system32\fxsapi.dll
- 2004-08-04 12:00:00 143,360 ----a-w c:\windows\system32\fxsclnt.exe
+ 2008-04-14 00:12:21 142,848 ----a-w c:\windows\system32\fxsclnt.exe
- 2004-08-04 12:00:00 72,192 ----a-w c:\windows\system32\fxscom.dll
+ 2008-04-14 00:11:54 72,192 ----a-w c:\windows\system32\fxscom.dll
- 2004-08-04 12:00:00 285,184 ----a-w c:\windows\system32\fxscomex.dll
+ 2008-04-14 00:11:54 285,184 ----a-w c:\windows\system32\fxscomex.dll
- 2004-08-04 12:00:00 229,376 ----a-w c:\windows\system32\fxscover.exe
+ 2008-04-14 00:12:21 229,376 ----a-w c:\windows\system32\fxscover.exe
- 2004-08-04 12:00:00 27,136 ----a-w c:\windows\system32\fxsdrv.dll
+ 2008-04-14 00:11:54 26,624 ----a-w c:\windows\system32\fxsdrv.dll
- 2004-08-04 12:00:00 55,296 ----a-w c:\windows\system32\fxsevent.dll
+ 2008-04-14 00:11:54 55,296 ----a-w c:\windows\system32\fxsevent.dll
- 2004-08-04 12:00:00 23,552 ----a-w c:\windows\system32\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ----a-w c:\windows\system32\fxsext32.dll
- 2004-08-04 12:00:00 23,552 ----a-w c:\windows\system32\fxsmon.dll
+ 2008-04-14 00:11:54 23,552 ----a-w c:\windows\system32\fxsmon.dll
- 2004-08-04 12:00:00 8,704 ----a-w c:\windows\system32\fxsperf.dll
+ 2008-04-14 00:11:54 8,704 ----a-w c:\windows\system32\fxsperf.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\fxsres.dll
+ 2008-04-14 00:09:33 6,656 ----a-w c:\windows\system32\fxsres.dll
- 2004-08-04 12:00:00 562,176 ----a-w c:\windows\system32\fxsst.dll
+ 2008-04-14 00:11:54 562,176 ----a-w c:\windows\system32\fxsst.dll
- 2004-08-04 12:00:00 267,776 ----a-w c:\windows\system32\fxssvc.exe
+ 2008-04-14 00:12:21 267,776 ----a-w c:\windows\system32\fxssvc.exe
- 2004-08-04 12:00:00 246,272 ----a-w c:\windows\system32\fxst30.dll
+ 2008-04-14 00:11:54 246,272 ----a-w c:\windows\system32\fxst30.dll
- 2004-08-04 12:00:00 397,312 ----a-w c:\windows\system32\fxstiff.dll
+ 2008-04-14 00:11:54 397,312 ----a-w c:\windows\system32\fxstiff.dll
- 2004-08-04 12:00:00 154,112 ----a-w c:\windows\system32\fxsui.dll
+ 2008-04-14 00:11:54 154,112 ----a-w c:\windows\system32\fxsui.dll
- 2004-08-04 12:00:00 192,512 ----a-w c:\windows\system32\fxswzrd.dll
+ 2008-04-14 00:11:54 192,512 ----a-w c:\windows\system32\fxswzrd.dll
- 2004-08-04 12:00:00 400,384 ----a-w c:\windows\system32\fxsxp32.dll
+ 2008-04-14 00:11:54 400,384 ----a-w c:\windows\system32\fxsxp32.dll
- 2008-10-23 13:01:36 283,648 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\system32\gdi32.dll
- 2004-08-04 12:00:00 122,880 ----a-w c:\windows\system32\glu32.dll
+ 2008-04-14 00:11:54 122,880 ----a-w c:\windows\system32\glu32.dll
- 2004-08-04 12:00:00 9,728 ----a-w c:\windows\system32\gpkrsrc.dll
+ 2006-12-31 01:26:44 9,728 ----a-w c:\windows\system32\gpkrsrc.dll
- 2004-08-04 12:00:00 39,424 ----a-w c:\windows\system32\grpconv.exe
+ 2008-04-14 00:12:21 39,424 ----a-w c:\windows\system32\grpconv.exe
- 2004-08-04 12:00:00 614,912 ----a-w c:\windows\system32\h323msp.dll
+ 2008-04-14 00:11:54 614,912 ----a-w c:\windows\system32\h323msp.dll
- 2004-08-04 19:00:00 134,400 ----a-w c:\windows\system32\hal.dll
+ 2008-04-13 18:31:28 134,400 ----a-w c:\windows\system32\HAL.DLL
- 2004-08-04 12:00:00 7,168 ----a-w c:\windows\system32\hccoin.dll
+ 2008-04-14 00:11:54 7,168 ----a-w c:\windows\system32\hccoin.dll
- 2004-08-04 12:00:00 14,848 ----a-w c:\windows\system32\help.exe
+ 2008-04-14 00:12:21 15,872 ----a-w c:\windows\system32\help.exe
- 2005-05-27 09:04:28 41,472 ----a-w c:\windows\system32\hhsetup.dll
+ 2008-04-14 00:11:54 41,472 ----a-w c:\windows\system32\hhsetup.dll
- 2004-08-04 19:00:00 20,992 ----a-w c:\windows\system32\hid.dll
+ 2008-04-14 00:11:54 20,992 ----a-w c:\windows\system32\hid.dll
- 2006-07-21 08:24:43 72,704 ----a-w c:\windows\system32\hlink.dll
+ 2008-04-14 00:11:54 72,704 ----a-w c:\windows\system32\hlink.dll
- 2004-08-04 12:00:00 344,064 ----a-w c:\windows\system32\hnetcfg.dll
+ 2008-04-14 00:11:54 344,064 ----a-w c:\windows\system32\hnetcfg.dll
- 2004-08-04 12:00:00 330,752 ----a-w c:\windows\system32\hnetwiz.dll
+ 2008-04-14 00:11:54 330,752 ----a-w c:\windows\system32\hnetwiz.dll
- 2004-08-04 12:00:00 144,896 ----a-w c:\windows\system32\hotplug.dll
+ 2008-04-14 00:11:54 144,896 ----a-w c:\windows\system32\hotplug.dll
+ 2008-04-14 00:11:54 32,285 ------w c:\windows\system32\hsfcisp2.dll
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\httpapi.dll
+ 2008-04-14 00:11:54 24,576 ----a-w c:\windows\system32\httpapi.dll
- 2004-08-04 12:00:00 41,984 ----a-w c:\windows\system32\htui.dll
+ 2008-04-14 00:11:54 41,984 ----a-w c:\windows\system32\htui.dll
- 2004-08-04 12:00:00 119,808 ----a-w c:\windows\system32\iasrad.dll
+ 2008-04-14 00:11:54 119,808 ----a-w c:\windows\system32\iasrad.dll
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\icaapi.dll
+ 2008-04-14 00:11:54 11,264 ----a-w c:\windows\system32\icaapi.dll
- 2004-08-04 12:00:00 80,384 ----a-w c:\windows\system32\iccvid.dll
+ 2008-04-14 00:11:54 80,384 ----a-w c:\windows\system32\iccvid.dll
- 2005-06-29 01:46:00 254,976 ----a-w c:\windows\system32\icm32.dll
+ 2008-04-14 00:11:54 254,976 ----a-w c:\windows\system32\icm32.dll
- 2004-08-04 12:00:00 3,584 ----a-w c:\windows\system32\icmp.dll
+ 2008-04-14 00:09:40 3,584 ----a-w c:\windows\system32\icmp.dll
- 2004-08-04 12:00:00 73,728 ----a-w c:\windows\system32\icwdial.dll
+ 2008-04-14 00:11:54 73,728 ----a-w c:\windows\system32\icwdial.dll
- 2004-08-04 12:00:00 65,536 ----a-w c:\windows\system32\icwphbk.dll
+ 2008-04-14 00:11:54 65,536 ----a-w c:\windows\system32\icwphbk.dll
- 2004-08-04 12:00:00 120,832 ----a-w c:\windows\system32\idq.dll
+ 2008-04-14 00:11:54 120,832 ----a-w c:\windows\system32\idq.dll
- 2006-10-17 17:06:00 78,336 ----a-w c:\windows\system32\ieencode.dll
+ 2008-04-14 00:11:54 81,920 ----a-w c:\windows\system32\ieencode.dll
- 2004-08-04 12:00:00 114,688 ----a-w c:\windows\system32\iexpress.exe
+ 2008-04-14 00:12:22 114,688 ----a-w c:\windows\system32\iexpress.exe
- 2004-08-04 12:00:00 135,680 ----a-w c:\windows\system32\ifmon.dll
+ 2008-04-14 00:11:54 135,680 ----a-w c:\windows\system32\ifmon.dll
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\igmpagnt.dll
+ 2008-04-14 00:11:54 8,192 ----a-w c:\windows\system32\igmpagnt.dll
- 2004-08-04 12:00:00 81,920 ----a-w c:\windows\system32\ils.dll
+ 2008-04-14 00:11:54 81,920 ----a-w c:\windows\system32\ils.dll
- 2004-08-04 19:00:00 144,384 ----a-w c:\windows\system32\imagehlp.dll
+ 2008-04-14 00:11:54 144,384 ----a-w c:\windows\system32\imagehlp.dll
- 2004-08-04 12:00:00 150,016 ----a-w c:\windows\system32\imapi.exe
+ 2008-04-14 00:12:22 150,528 ----a-w c:\windows\system32\imapi.exe
- 2004-08-04 12:00:00 36,921 ----a-w c:\windows\system32\imeshare.dll
+ 2008-04-14 00:11:54 36,921 ----a-w c:\windows\system32\imeshare.dll
- 2004-08-04 12:00:00 110,080 ----a-w c:\windows\system32\imm32.dll
+ 2008-04-14 00:11:54 110,080 ----a-w c:\windows\system32\imm32.dll
- 2004-08-04 12:00:00 274,432 ----a-w c:\windows\system32\inetcfg.dll
+ 2008-04-14 00:11:54 274,432 ----a-w c:\windows\system32\inetcfg.dll
- 2008-04-11 18:50:43 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w c:\windows\system32\inetcomm.dll
- 2004-08-04 12:00:00 33,280 ----a-w c:\windows\system32\inetmib1.dll
+ 2008-04-14 00:11:55 32,768 ----a-w c:\windows\system32\inetmib1.dll
- 2004-08-04 12:00:00 75,264 ----a-w c:\windows\system32\inetpp.dll
+ 2008-04-14 00:11:55 75,264 ----a-w c:\windows\system32\inetpp.dll
- 2004-08-04 12:00:00 15,872 ----a-w c:\windows\system32\inetppui.dll
+ 2008-04-14 00:11:55 15,872 ----a-w c:\windows\system32\inetppui.dll
- 2004-08-04 12:00:00 48,128 ----a-w c:\windows\system32\inetres.dll
+ 2008-04-13 16:22:12 48,128 ----a-w c:\windows\system32\inetres.dll
- 2004-08-04 12:00:00 147,456 ----a-w c:\windows\system32\initpki.dll
+ 2008-04-14 00:11:55 147,456 ----a-w c:\windows\system32\initpki.dll
- 2004-08-04 12:00:00 123,392 ----a-w c:\windows\system32\input.dll
+ 2008-04-14 00:11:55 123,392 ----a-w c:\windows\system32\input.dll
- 2004-08-04 12:00:00 55,808 ----a-w c:\windows\system32\ipconfig.exe
+ 2008-04-14 00:12:22 55,808 ----a-w c:\windows\system32\ipconfig.exe
- 2006-05-19 12:59:41 94,720 ----a-w c:\windows\system32\iphlpapi.dll
+ 2008-04-14 00:11:55 94,720 ----a-w c:\windows\system32\iphlpapi.dll
- 2004-08-04 12:00:00 154,112 ----a-w c:\windows\system32\ipmontr.dll
+ 2008-04-14 00:11:55 161,280 ----a-w c:\windows\system32\ipmontr.dll
- 2004-08-04 12:00:00 331,264 ----a-w c:\windows\system32\ipnathlp.dll
+ 2008-04-14 00:11:55 331,264 ----a-w c:\windows\system32\ipnathlp.dll
- 2004-08-04 12:00:00 330,752 ----a-w c:\windows\system32\ippromon.dll
+ 2008-04-14 00:11:55 330,752 ----a-w c:\windows\system32\ippromon.dll
- 2004-08-04 12:00:00 169,984 ----a-w c:\windows\system32\iprtrmgr.dll
+ 2008-04-14 00:11:55 177,152 ----a-w c:\windows\system32\iprtrmgr.dll
- 2004-08-04 12:00:00 349,696 ----a-w c:\windows\system32\ipsecsnp.dll
+ 2008-04-14 00:11:55 349,696 ----a-w c:\windows\system32\ipsecsnp.dll
- 2004-08-04 12:00:00 182,784 ----a-w c:\windows\system32\ipsecsvc.dll
+ 2008-04-14 00:11:55 183,808 ----a-w c:\windows\system32\ipsecsvc.dll
- 2004-08-04 12:00:00 384,000 ----a-w c:\windows\system32\ipsmsnap.dll
+ 2008-04-14 00:11:55 384,000 ----a-w c:\windows\system32\ipsmsnap.dll
- 2004-08-04 12:00:00 53,248 ----a-w c:\windows\system32\ipv6.exe
+ 2008-04-14 00:12:23 53,248 ----a-w c:\windows\system32\ipv6.exe
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\ipv6mon.dll
+ 2008-04-14 00:11:55 59,904 ----a-w c:\windows\system32\ipv6mon.dll
- 2004-08-04 12:00:00 23,552 ----a-w c:\windows\system32\ipxroute.exe
+ 2008-04-14 00:12:23 23,552 ----a-w c:\windows\system32\ipxroute.exe
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\ipxwan.dll
+ 2008-04-14 00:11:55 22,016 ----a-w c:\windows\system32\ipxwan.dll
- 2004-08-04 12:00:00 120,320 ----a-w c:\windows\system32\ir41_qc.dll
+ 2008-04-14 00:11:55 120,320 ----a-w c:\windows\system32\ir41_qc.dll
- 2004-08-04 12:00:00 338,432 ----a-w c:\windows\system32\ir41_qcx.dll
+ 2008-04-14 00:11:55 338,432 ----a-w c:\windows\system32\ir41_qcx.dll
- 2004-08-04 12:00:00 755,200 ----a-w c:\windows\system32\ir50_32.dll
+ 2008-04-14 00:11:55 755,200 ----a-w c:\windows\system32\ir50_32.dll
- 2004-08-04 12:00:00 200,192 ----a-w c:\windows\system32\ir50_qc.dll
+ 2008-04-14 00:11:55 200,192 ----a-w c:\windows\system32\ir50_qc.dll
- 2004-08-04 12:00:00 183,808 ----a-w c:\windows\system32\ir50_qcx.dll
+ 2008-04-14 00:11:55 183,808 ----a-w c:\windows\system32\ir50_qcx.dll
- 2004-08-04 12:00:00 81,920 ----a-w c:\windows\system32\isign32.dll
+ 2008-04-14 00:11:55 81,920 ----a-w c:\windows\system32\isign32.dll
- 2004-08-04 12:00:00 32,768 ----a-w c:\windows\system32\isrdbg32.dll
+ 2008-04-14 00:11:55 32,768 ----a-w c:\windows\system32\isrdbg32.dll
- 2005-05-27 09:04:28 155,136 ----a-w c:\windows\system32\itircl.dll
+ 2008-04-14 00:11:55 155,136 ----a-w c:\windows\system32\itircl.dll
- 2005-05-27 09:04:28 137,216 ----a-w c:\windows\system32\itss.dll
+ 2008-04-14 00:11:55 138,240 ----a-w c:\windows\system32\itss.dll
- 2004-08-04 12:00:00 54,272 ----a-w c:\windows\system32\ixsso.dll
+ 2008-04-14 00:11:55 54,272 ----a-w c:\windows\system32\ixsso.dll
- 2004-08-04 19:00:00 47,616 ----a-w c:\windows\system32\iyuv_32.dll
+ 2008-04-14 00:11:55 47,616 ----a-w c:\windows\system32\iyuv_32.dll
- 2006-06-01 18:47:07 163,840 ----a-w c:\windows\system32\jgdw400.dll
+ 2008-04-14 00:11:55 163,840 ----a-w c:\windows\system32\jgdw400.dll
- 2006-06-01 18:47:07 27,648 ----a-w c:\windows\system32\jgpl400.dll
+ 2008-04-14 00:11:55 27,648 ----a-w c:\windows\system32\jgpl400.dll
- 2006-10-17 17:00:00 491,520 ----a-w c:\windows\system32\jscript.dll
+ 2008-04-14 00:11:56 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdbhc.dll
- 2004-08-04 12:00:00 7,168 ----a-w c:\windows\system32\kbdfi1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdfi1.dll
- 2004-08-04 12:00:00 6,144 ----a-w c:\windows\system32\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdinbe1.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\kbdinben.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdinben.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,656 ----a-w c:\windows\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdiultn.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\kbdmaori.dll
+ 2008-04-14 00:09:55 5,632 ----a-w c:\windows\system32\kbdmaori.dll
- 2004-08-04 12:00:00 6,144 ----a-w c:\windows\system32\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt47.dll
- 2004-08-04 12:00:00 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
- 2004-08-04 19:00:00 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdnepr.dll
- 2004-08-04 12:00:00 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdpash.dll
- 2004-08-04 12:00:00 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
- 2004-08-04 12:00:00 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
- 2004-08-04 12:00:00 7,168 ----a-w c:\windows\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdukx.dll
- 2004-08-04 12:00:00 7,424 ----a-w c:\windows\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w c:\windows\system32\kd1394.dll
- 2005-06-15 17:49:30 295,936 ----a-w c:\windows\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w c:\windows\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w c:\windows\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w c:\windows\system32\kernel32.dll
- 2004-08-04 12:00:00 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ------w c:\windows\system32\kmsvc.dll
- 2004-08-04 14:56:44 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w c:\windows\system32\l2gpstore.dll
- 2004-08-04 12:00:00 423,936 ----a-w c:\windows\system32\licdll.dll
+ 2008-04-14 10:41:58 423,936 ----a-w c:\windows\system32\licdll.dll
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w c:\windows\system32\licwmi.dll
- 2005-09-01 01:41:53 19,968 ----a-w c:\windows\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\linkinfo.dll
- 2004-08-04 12:00:00 13,824 ----a-w c:\windows\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w c:\windows\system32\lmhsvc.dll
- 2004-08-04 12:00:00 399,872 ----a-w c:\windows\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w c:\windows\system32\lmrt.dll
- 2004-08-04 12:00:00 97,280 ----a-w c:\windows\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w c:\windows\system32\loadperf.dll
- 2004-08-04 12:00:00 221,696 ----a-w c:\windows\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w c:\windows\system32\localsec.dll
- 2004-08-04 12:00:00 341,504 ----a-w c:\windows\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w c:\windows\system32\localspl.dll
- 2004-08-04 12:00:00 11,776 ----a-w c:\windows\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w c:\windows\system32\localui.dll
- 2004-08-04 12:00:00 75,264 ----a-w c:\windows\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w c:\windows\system32\locator.exe
- 2004-08-04 12:00:00 59,392 ----a-w c:\windows\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ----a-w c:\windows\system32\logman.exe
- 2004-08-04 12:00:00 220,672 ----a-w c:\windows\system32\logon.scr
+ 2008-04-14 00:12:43 220,672 ----a-w c:\windows\system32\logon.scr
- 2004-08-04 12:00:00 514,560 ----a-w c:\windows\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w c:\windows\system32\logonui.exe
- 2004-08-04 12:00:00 22,016 ----a-w c:\windows\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w c:\windows\system32\lpk.dll
- 2004-08-04 12:00:00 10,240 ----a-w c:\windows\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w c:\windows\system32\lprhelp.dll
- 2007-11-07 09:26:56 721,920 ----a-w c:\windows\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w c:\windows\system32\lsasrv.dll
- 2004-08-04 12:00:00 13,312 ----a-w c:\windows\system32\lsass.exe
+ 2008-04-14 00:12:24 13,312 ----a-w c:\windows\system32\lsass.exe
- 2004-08-04 12:00:00 72,704 ----a-w c:\windows\system32\magnify.exe
+ 2008-04-14 00:12:24 72,704 ----a-w c:\windows\system32\magnify.exe
- 2004-08-04 12:00:00 85,504 ----a-w c:\windows\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w c:\windows\system32\makecab.exe
- 2004-08-04 12:00:00 14,848 ----a-w c:\windows\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w c:\windows\system32\mcastmib.dll
- 2004-08-04 12:00:00 84,480 ----a-w c:\windows\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w c:\windows\system32\mciavi32.dll
- 2004-08-04 12:00:00 35,328 ----a-w c:\windows\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w c:\windows\system32\mciqtz32.dll
- 2004-08-04 12:00:00 23,040 ----a-w c:\windows\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w c:\windows\system32\mciseq.dll
- 2004-08-04 12:00:00 23,552 ----a-w c:\windows\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w c:\windows\system32\mciwave.dll
- 2004-08-04 12:00:00 118,272 ----a-w c:\windows\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w c:\windows\system32\mdminst.dll
- 2007-03-08 15:36:28 40,960 ----a-w c:\windows\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w c:\windows\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 ----a-w c:\windows\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w c:\windows\system32\mfc40u.dll
- 2004-08-04 12:00:00 1,028,096 ----a-w c:\windows\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w c:\windows\system32\mfc42.dll
- 2004-08-04 12:00:00 22,528 ----a-w c:\windows\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w c:\windows\system32\mfcsubs.dll
- 2004-08-04 12:00:00 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ------w c:\windows\system32\microsoft.managementconsole.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w c:\windows\system32\midimap.dll
- 2004-08-04 12:00:00 60,928 ----a-w c:\windows\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w c:\windows\system32\miglibnt.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w c:\windows\system32\mimefilt.dll
- 2004-08-04 12:00:00 586,240 ----a-w c:\windows\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w c:\windows\system32\mlang.dll
- 2004-08-04 12:00:00 815,104 ----a-w c:\windows\system32\mmc.exe
+ 2008-04-14 00:12:25 1,414,656 ----a-w c:\windows\system32\mmc.exe
- 2004-08-04 12:00:00 70,656 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w c:\windows\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ------w c:\windows\system32\mmcfxcommon.dll
- 2004-08-04 12:00:00 1,192,960 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w c:\windows\system32\mmcperf.exe
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w c:\windows\system32\mmcshext.dll
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w c:\windows\system32\mmfutil.dll
- 2004-08-04 12:00:00 34,560 ----a-w c:\windows\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w c:\windows\system32\mnmdd.dll
- 2004-08-04 12:00:00 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
- 2004-08-04 12:00:00 207,360 ----a-w c:\windows\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w c:\windows\system32\mobsync.dll
- 2004-08-04 12:00:00 143,360 ----a-w c:\windows\system32\mobsync.exe
+ 2008-04-14 00:12:26 143,360 ----a-w c:\windows\system32\mobsync.exe
- 2004-08-04 12:00:00 153,600 ----a-w c:\windows\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w c:\windows\system32\modemui.dll
- 2004-08-04 12:00:00 15,872 ----a-w c:\windows\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w c:\windows\system32\more.com
- 2004-08-04 12:00:00 216,064 ----a-w c:\windows\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w c:\windows\system32\moricons.dll
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w c:\windows\system32\mpr.dll
- 2004-08-04 12:00:00 87,040 ----a-w c:\windows\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w c:\windows\system32\mprapi.dll
- 2004-08-04 12:00:00 49,152 ----a-w c:\windows\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w c:\windows\system32\mprdim.dll
+ 2009-02-25 16:55:00 24,768,960 ----a-w c:\windows\system32\MRT.exe
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w c:\windows\system32\msacm32.dll
- 2004-08-04 12:00:00 3,584 ----a-w c:\windows\system32\msafd.dll
+ 2008-04-14 00:10:06 3,584 ----a-w c:\windows\system32\msafd.dll
- 2004-08-04 12:00:00 86,016 ----a-w c:\windows\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w c:\windows\system32\msapsspc.dll
- 2004-08-04 12:00:00 57,344 ----a-w c:\windows\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w c:\windows\system32\msasn1.dll
- 2008-06-24 16:23:05 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\system32\mscms.dll
- 2004-08-04 12:00:00 69,632 ----a-w c:\windows\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w c:\windows\system32\msconf.dll
- 2004-08-04 12:00:00 12,288 ----a-w c:\windows\system32\mscpx32r.dLL
+ 2008-04-13 17:26:07 12,288 ----a-w c:\windows\system32\mscpx32r.dll
- 2004-08-04 12:00:00 36,864 ----a-w c:\windows\system32\mscpxl32.dLL
+ 2008-04-14 00:11:58 36,864 ----a-w c:\windows\system32\mscpxl32.dll
- 2008-02-26 11:59:50 294,912 ----a-w c:\windows\system32\msctf.dll
+ 2008-04-14 00:11:58 297,984 ----a-w c:\windows\system32\msctf.dll
- 2004-08-04 12:00:00 69,120 ----a-w c:\windows\system32\MSCTFP.dll
+ 2008-04-14 00:11:58 68,608 ----a-w c:\windows\system32\msctfp.dll
- 2004-08-04 12:00:00 118,784 ----a-w c:\windows\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ----a-w c:\windows\system32\msdadiag.dll
- 2004-08-04 12:00:00 151,552 ----a-w c:\windows\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w c:\windows\system32\msdart.dll
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w c:\windows\system32\msdmo.dll
- 2004-08-04 12:00:00 6,144 ----a-w c:\windows\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w c:\windows\system32\msdtc.exe
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w c:\windows\system32\msdtclog.dll
- 2006-03-01 19:42:42 426,496 ----a-w c:\windows\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w c:\windows\system32\msdtcprx.dll
- 2006-03-01 19:42:42 956,416 ----a-w c:\windows\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w c:\windows\system32\msdtctm.dll
- 2006-03-01 19:42:42 161,280 ----a-w c:\windows\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w c:\windows\system32\msdtcuiu.dll
- 2004-08-04 12:00:00 4,126 ----a-w c:\windows\system32\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w c:\windows\system32\msdxmlc.dll
- 2006-11-27 14:54:06 539,136 ----a-w c:\windows\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w c:\windows\system32\msftedit.dll
- 2004-08-04 12:00:00 994,304 ----a-w c:\windows\system32\msgina.dll
+ 2008-04-14 00:11:59 997,376 ----a-w c:\windows\system32\msgina.dll
- 2004-08-04 12:00:00 33,792 ----a-w c:\windows\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w c:\windows\system32\msgsvc.dll
- 2004-08-04 12:00:00 188,416 ----a-w c:\windows\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w c:\windows\system32\msh261.drv
- 2004-08-04 19:00:00 294,912 ----a-w c:\windows\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w c:\windows\system32\msh263.drv
- 2007-04-18 16:12:23 2,854,400 ----a-w c:\windows\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w c:\windows\system32\msi.dll
- 2004-08-04 12:00:00 51,712 ----a-w c:\windows\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w c:\windows\system32\msident.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w c:\windows\system32\msidle.dll
- 2004-08-04 12:00:00 248,832 ----a-w c:\windows\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w c:\windows\system32\msieftp.dll
- 2005-05-04 19:45:36 78,848 ----a-w c:\windows\system32\msiexec.exe
+ 2008-04-14 00:12:28 78,848 ----a-w c:\windows\system32\msiexec.exe
- 2005-05-04 19:45:36 271,360 ----a-w c:\windows\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w c:\windows\system32\msihnd.dll
- 2004-08-04 12:00:00 4,608 ----a-w c:\windows\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w c:\windows\system32\msimg32.dll
- 2005-05-04 19:45:36 884,736 ----a-w c:\windows\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w c:\windows\system32\msimsg.dll
- 2004-08-04 12:00:00 159,232 ----a-w c:\windows\system32\MSIMTF.dll
+ 2008-04-14 00:11:59 159,232 ----a-w c:\windows\system32\msimtf.dll
- 2005-05-04 19:45:36 15,360 ----a-w c:\windows\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\msisip.dll
- 2008-03-27 08:12:54 151,583 ----a-w c:\windows\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w c:\windows\system32\msjint40.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w c:\windows\system32\mslbui.dll
- 2004-08-04 12:00:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
- 2004-08-04 12:00:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
- 2004-08-04 12:00:00 105,984 ----a-w c:\windows\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w c:\windows\system32\msoert2.dll
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w c:\windows\system32\msorc32r.dll
- 2004-08-04 12:00:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
- 2004-08-04 12:00:00 30,208 ----a-w c:\windows\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w c:\windows\system32\mspatcha.dll
- 2004-08-04 12:00:00 48,128 ----a-w c:\windows\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w c:\windows\system32\msprivs.dll
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w c:\windows\system32\msrle32.dll
- 2004-08-04 12:00:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w c:\windows\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w c:\windows\system32\msshavmsg.dll
- 2004-08-04 12:00:00 274,944 ----a-w c:\windows\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w c:\windows\system32\mstask.dll
- 2004-08-04 12:00:00 12,288 ----a-w c:\windows\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w c:\windows\system32\mstinit.exe
- 2004-08-04 12:00:00 115,712 ----a-w c:\windows\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w c:\windows\system32\mstlsapi.dll
- 2004-08-04 12:00:00 407,552 ----a-w c:\windows\system32\mstsc.exe
+ 2008-04-14 00:12:23 677,888 ----a-w c:\windows\system32\mstsc.exe
- 2004-08-04 12:00:00 655,360 ----a-w c:\windows\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w c:\windows\system32\mstscax.dll
- 2004-08-04 12:00:00 195,072 ----a-w c:\windows\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w c:\windows\system32\msutb.dll
- 2004-08-04 12:00:00 129,536 ----a-w c:\windows\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w c:\windows\system32\msv1_0.dll
- 2004-05-11 07:42:02 4,051,968 ----a-w c:\windows\system32\msvbvm60.dll
+ 2008-04-14 00:12:00 1,384,479 ----a-w c:\windows\system32\msvbvm60.dll
- 2004-08-04 12:00:00 54,784 ----a-w c:\windows\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\msvcirt.dll
- 2004-08-04 12:00:00 413,696 ----a-w c:\windows\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w c:\windows\system32\msvcp60.dll
- 2004-08-04 12:00:00 343,040 ----a-w c:\windows\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w c:\windows\system32\msvcrt.dll
- 2004-08-04 12:00:00 61,440 ----a-w c:\windows\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w c:\windows\system32\msvcrt40.dll
- 2004-08-04 12:00:00 120,832 ----a-w c:\windows\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w c:\windows\system32\msvfw32.dll
- 2004-08-04 12:00:00 1,428,480 ----a-w c:\windows\system32\msvidctl.dll
+ 2008-04-14 00:12:01 1,428,992 ----a-w c:\windows\system32\msvidctl.dll
- 2004-08-04 12:00:00 72,704 ----a-w c:\windows\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w c:\windows\system32\msw3prt.dll
- 2004-08-04 12:00:00 204,288 ----a-w c:\windows\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w c:\windows\system32\mswebdvd.dll
- 2008-06-20 17:41:10 245,248 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\system32\mswsock.dll
- 2004-08-04 12:00:00 506,368 ----a-w c:\windows\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w c:\windows\system32\msxml.dll
- 2004-08-04 12:00:00 701,440 ----a-w c:\windows\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w c:\windows\system32\msxml2.dll
- 2008-09-04 16:42:02 1,106,944 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w c:\windows\system32\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w c:\windows\system32\msxml6r.dll
- 2004-08-04 19:00:00 17,408 ----a-w c:\windows\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w c:\windows\system32\msyuv.dll
- 2006-03-01 19:42:42 66,560 ----a-w c:\windows\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w c:\windows\system32\mtxclu.dll
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w c:\windows\system32\mtxdm.dll
- 2004-08-04 12:00:00 4,096 ----a-w c:\windows\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w c:\windows\system32\mtxex.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w c:\windows\system32\mtxlegih.dll
- 2006-03-01 19:42:42 91,136 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w c:\windows\system32\mtxparhd.dll
- 2004-08-04 19:00:00 405,504 -c--a-w c:\windows\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ----a-w c:\windows\system32\mui\041b\xpob2res.dll
- 2004-08-04 19:00:00 193,024 -c--a-w c:\windows\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\041b\xpsp1res.dll
- 2004-08-04 19:00:00 757,248 -c--a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ----a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ------w c:\windows\system32\mui\041b\xpsp3res.dll
- 2004-08-04 19:00:00 408,576 -c--a-w c:\windows\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ----a-w c:\windows\system32\mui\0424\xpob2res.dll
- 2004-08-04 19:00:00 192,512 -c--a-w c:\windows\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\0424\xpsp1res.dll
- 2004-08-04 19:00:00 732,160 -c--a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ----a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ------w c:\windows\system32\mui\0424\xpsp3res.dll
- 2004-08-04 12:00:00 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 30,208 ------w c:\windows\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w c:\windows\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w c:\windows\system32\napstat.exe
- 2004-08-04 12:00:00 53,760 ----a-w c:\windows\system32\narrator.exe
+ 2008-04-14 00:12:29 53,760 ----a-w c:\windows\system32\narrator.exe
- 2004-08-04 12:00:00 36,352 ----a-w c:\windows\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w c:\windows\system32\ncobjapi.dll
- 2004-08-04 12:00:00 17,920 ----a-w c:\windows\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w c:\windows\system32\nddeapi.dll
- 2004-08-04 12:00:00 4,096 ----a-w c:\windows\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w c:\windows\system32\nddeapir.exe
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w c:\windows\system32\nddenb32.dll
- 2004-08-04 12:00:00 42,496 ----a-w c:\windows\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w c:\windows\system32\net.exe
- 2004-08-04 12:00:00 124,928 ----a-w c:\windows\system32\net1.exe
+ 2008-04-14 00:12:29 124,928 ----a-w c:\windows\system32\net1.exe
- 2008-10-15 16:57:55 332,800 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2004-08-04 12:00:00 622,080 ----a-w c:\windows\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w c:\windows\system32\netcfgx.dll
- 2004-08-04 12:00:00 111,104 ----a-w c:\windows\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w c:\windows\system32\netdde.exe
- 2004-08-04 12:00:00 139,264 ----a-w c:\windows\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w c:\windows\system32\netid.dll
- 2004-08-04 12:00:00 407,040 ----a-w c:\windows\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w c:\windows\system32\netlogon.dll
- 2005-08-22 18:29:46 197,632 ----a-w c:\windows\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w c:\windows\system32\netman.dll
- 2004-08-04 12:00:00 875,008 ----a-w c:\windows\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w c:\windows\system32\netplwiz.dll
- 2004-08-04 12:00:00 12,288 ----a-w c:\windows\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w c:\windows\system32\netrap.dll
- 2004-08-04 19:00:00 329,728 ----a-w c:\windows\system32\netsetup.exe
+ 2008-04-14 00:16:51 329,728 ----a-w c:\windows\system32\netsetup.exe
- 2004-08-04 12:00:00 86,016 ----a-w c:\windows\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w c:\windows\system32\netsh.exe
- 2004-08-04 12:00:00 1,708,032 ----a-w c:\windows\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w c:\windows\system32\netshell.dll
- 2004-08-04 12:00:00 36,864 ----a-w c:\windows\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w c:\windows\system32\netstat.exe
- 2004-08-04 12:00:00 80,896 ----a-w c:\windows\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w c:\windows\system32\netui0.dll
- 2004-08-04 12:00:00 245,760 ----a-w c:\windows\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w c:\windows\system32\netui1.dll
- 2004-08-13 00:50:02 247,808 ----a-w c:\windows\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w c:\windows\system32\newdev.dll
- 2004-08-04 12:00:00 103,936 ----a-w c:\windows\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w c:\windows\system32\nlhtml.dll
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w c:\windows\system32\nmmkcert.dll
- 2004-08-04 12:00:00 69,120 ----a-w c:\windows\system32\notepad.exe
+ 2008-04-14 00:12:29 69,120 ----a-w c:\windows\system32\notepad.exe
- 2004-08-04 12:00:00 57,344 -c--a-w c:\windows\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\npp\ndisnpp.dll
- 2004-08-04 12:00:00 15,360 -c--a-w c:\windows\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w c:\windows\system32\npp\nppagent.exe
- 2004-08-04 12:00:00 54,784 ----a-w c:\windows\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w c:\windows\system32\npptools.dll
- 2004-08-04 12:00:00 76,800 ----a-w c:\windows\system32\nslookup.exe
+ 2008-04-14 00:12:29 76,800 ----a-w c:\windows\system32\nslookup.exe
- 2004-08-04 19:00:00 708,096 ----a-w c:\windows\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w c:\windows\system32\ntdll.dll
- 2004-08-04 12:00:00 67,072 ----a-w c:\windows\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w c:\windows\system32\ntdsapi.dll
- 2008-08-14 09:22:14 2,015,744 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w c:\windows\system32\ntlanman.dll
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w c:\windows\system32\ntlsapi.dll
- 2004-08-04 12:00:00 118,784 ----a-w c:\windows\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w c:\windows\system32\ntmarta.dll
- 2004-08-04 12:00:00 40,960 ----a-w c:\windows\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w c:\windows\system32\ntmsapi.dll
- 2004-08-04 12:00:00 179,712 ----a-w c:\windows\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w c:\windows\system32\ntmsdba.dll
- 2004-08-04 12:00:00 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
- 2004-08-04 12:00:00 435,200 ----a-w c:\windows\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w c:\windows\system32\ntmssvc.dll
- 2008-08-14 09:58:27 2,136,064 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 10:09:26 2,145,280 ----a-w c:\windows\system32\ntoskrnl.exe
- 2004-08-04 12:00:00 91,136 ----a-w c:\windows\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w c:\windows\system32\ntprint.dll
- 2004-08-04 12:00:00 143,872 ----a-w c:\windows\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w c:\windows\system32\ntshrui.dll
- 2004-08-04 12:00:00 419,840 ----a-w c:\windows\system32\ntvdm.exe
+ 2008-04-14 00:12:30 420,864 ----a-w c:\windows\system32\ntvdm.exe
- 2004-08-04 12:00:00 13,312 ----a-w c:\windows\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 4,274,816 ------w c:\windows\system32\nv4_disp.dll
- 2006-10-13 12:35:12 142,336 ----a-w c:\windows\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w c:\windows\system32\nwprovau.dll
- 2004-08-04 12:00:00 266,752 ----a-w c:\windows\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w c:\windows\system32\oakley.dll
- 2004-08-04 12:00:00 285,696 ----a-w c:\windows\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w c:\windows\system32\objsel.dll
- 2004-08-04 12:00:00 60,928 ----a-w c:\windows\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\ocmanage.dll
- 2004-08-04 12:00:00 249,856 ----a-w c:\windows\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w c:\windows\system32\odbc32.dll
- 2004-08-04 12:00:00 16,384 ----a-w c:\windows\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w c:\windows\system32\odbc32gt.dll
- 2004-08-04 12:00:00 32,768 ----a-w c:\windows\system32\odbcad32.exe
+ 2008-04-14 00:12:30 32,768 ----a-w c:\windows\system32\odbcad32.exe
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w c:\windows\system32\odbcbcp.dll
- 2004-08-04 12:00:00 135,168 ----a-w c:\windows\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w c:\windows\system32\odbcconf.dll
- 2004-08-04 12:00:00 69,632 ----a-w c:\windows\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w c:\windows\system32\odbcconf.exe
- 2004-08-04 12:00:00 106,496 ----a-w c:\windows\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w c:\windows\system32\odbccp32.dll
- 2004-08-04 12:00:00 65,536 ----a-w c:\windows\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccr32.dll
- 2004-08-04 12:00:00 65,536 ----a-w c:\windows\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccu32.dll
- 2004-08-04 12:00:00 94,208 ----a-w c:\windows\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w c:\windows\system32\odbcint.dll
- 2004-08-04 12:00:00 53,279 ----a-w c:\windows\system32\odbcji32.dll
+ 2008-04-14 00:10:31 53,279 ----a-w c:\windows\system32\odbcji32.dll
- 2004-08-04 12:00:00 278,559 ----a-w c:\windows\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w c:\windows\system32\odbcjt32.dll
- 2004-08-04 12:00:00 12,288 ----a-w c:\windows\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w c:\windows\system32\odbcp32r.dll
- 2004-08-04 12:00:00 147,456 ----a-w c:\windows\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w c:\windows\system32\odbctrac.dll
- 2004-08-04 12:00:00 20,511 ----a-w c:\windows\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\oddbse32.dll
- 2004-08-04 12:00:00 20,510 ----a-w c:\windows\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odexl32.dll
- 2004-08-04 12:00:00 20,510 ----a-w c:\windows\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odfox32.dll
- 2004-08-04 12:00:00 20,510 ----a-w c:\windows\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odpdx32.dll
- 2004-08-04 12:00:00 20,511 ----a-w c:\windows\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\odtext32.dll
- 2004-08-04 12:00:00 120,832 ----a-w c:\windows\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w c:\windows\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w c:\windows\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w c:\windows\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w c:\windows\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w c:\windows\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w c:\windows\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w c:\windows\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w c:\windows\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w c:\windows\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 ----a-w c:\windows\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w c:\windows\system32\oledlg.dll
- 2004-08-04 12:00:00 107,008 ----a-w c:\windows\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w c:\windows\system32\oleprn.dll
- 2004-08-04 12:00:00 83,456 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w c:\windows\system32\onex.dll
- 2004-08-04 12:00:00 122,368 -c--a-w c:\windows\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w c:\windows\system32\oobe\msobcomm.dll
- 2004-08-04 12:00:00 16,384 -c--a-w c:\windows\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w c:\windows\system32\oobe\msobdl.dll
- 2004-11-25 07:31:14 563,200 -c--a-w c:\windows\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w c:\windows\system32\oobe\msobmain.dll
- 2004-08-04 12:00:00 30,720 -c--a-w c:\windows\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w c:\windows\system32\oobe\msobshel.dll
- 2004-08-04 12:00:00 18,944 -c--a-w c:\windows\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w c:\windows\system32\oobe\msobweb.dll
- 2004-08-04 12:00:00 28,160 -c--a-w c:\windows\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w c:\windows\system32\oobe\msoobe.exe
- 2004-08-04 12:00:00 51,200 -c--a-w c:\windows\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w c:\windows\system32\oobe\oobebaln.exe
- 2004-08-04 12:00:00 713,728 ----a-w c:\windows\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w c:\windows\system32\opengl32.dll
- 2004-08-04 12:00:00 215,552 ----a-w c:\windows\system32\osk.exe
+ 2008-04-14 00:12:31 215,552 ----a-w c:\windows\system32\osk.exe
- 2004-08-04 12:00:00 67,584 ----a-w c:\windows\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\osuninst.dll
- 2004-08-04 12:00:00 116,224 ----a-w c:\windows\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ----a-w c:\windows\system32\p2p.dll
- 2004-08-04 12:00:00 86,016 ----a-w c:\windows\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\p2pgasvc.dll
- 2004-08-04 12:00:00 312,320 ----a-w c:\windows\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ----a-w c:\windows\system32\p2pgraph.dll
- 2004-08-04 12:00:00 88,064 ----a-w c:\windows\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ----a-w c:\windows\system32\p2pnetsh.dll
- 2004-08-04 12:00:00 526,848 ----a-w c:\windows\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ----a-w c:\windows\system32\p2psvc.dll
- 2004-08-04 12:00:00 58,368 ----a-w c:\windows\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w c:\windows\system32\packager.exe
- 2004-08-04 12:00:00 62,976 ----a-w c:\windows\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\pautoenr.dll
- 2004-08-04 12:00:00 283,648 ----a-w c:\windows\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w c:\windows\system32\pdh.dll
- 2009-04-01 01:51:48 54,484 ----a-w c:\windows\system32\perfc009.dat
+ 2009-04-01 14:25:27 54,484 ----a-w c:\windows\system32\perfc009.dat
- 2004-08-04 12:00:00 39,936 ----a-w c:\windows\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w c:\windows\system32\perfctrs.dll
- 2004-08-04 12:00:00 26,624 ----a-w c:\windows\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w c:\windows\system32\perfdisk.dll
- 2009-04-01 01:51:49 384,926 ----a-w c:\windows\system32\perfh009.dat
+ 2009-04-01 14:25:27 384,926 ----a-w c:\windows\system32\perfh009.dat
- 2004-08-04 12:00:00 15,872 ----a-w c:\windows\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w c:\windows\system32\perfmon.exe
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w c:\windows\system32\perfnet.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w c:\windows\system32\perfos.dll
- 2004-08-04 12:00:00 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 412,160 ------w c:\windows\system32\photometadatahandler.dll
- 2004-08-04 12:00:00 176,128 ----a-w c:\windows\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w c:\windows\system32\photowiz.dll
- 2004-08-04 19:00:00 35,328 ----a-w c:\windows\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w c:\windows\system32\pid.dll
- 2004-08-04 19:00:00 24,064 ----a-w c:\windows\system32\pidgen.dll
+ 2008-04-13 18:35:22 24,064 ----a-w c:\windows\system32\pidgen.dll
- 2004-08-04 12:00:00 17,920 ----a-w c:\windows\system32\ping.exe
+ 2008-04-14 00:12:31 17,920 ----a-w c:\windows\system32\ping.exe
- 2004-08-04 19:00:00 15,360 ----a-w c:\windows\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\pjlmon.dll
- 2004-08-04 12:00:00 48,640 ----a-w c:\windows\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ----a-w c:\windows\system32\pnrpnsp.dll
- 2004-08-04 12:00:00 105,472 ----a-w c:\windows\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\polstore.dll
- 2004-08-04 12:00:00 49,152 ----a-w c:\windows\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ----a-w c:\windows\system32\powercfg.exe
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w c:\windows\system32\powrprof.dll
- 2004-08-04 12:00:00 560,640 ----a-w c:\windows\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w c:\windows\system32\printui.dll
- 2004-08-04 12:00:00 27,648 ----a-w c:\windows\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w c:\windows\system32\profmap.dll
- 2004-08-04 12:00:00 109,568 ----a-w c:\windows\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w c:\windows\system32\progman.exe
- 2004-08-04 12:00:00 50,176 ----a-w c:\windows\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\proquota.exe
- 2004-08-04 12:00:00 9,216 ----a-w c:\windows\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ----a-w c:\windows\system32\proxycfg.exe
- 2004-08-04 12:00:00 23,040 ----a-w c:\windows\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w c:\windows\system32\psapi.dll
- 2004-08-04 12:00:00 96,768 ----a-w c:\windows\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w c:\windows\system32\psbase.dll
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\pstorec.dll
- 2004-08-04 12:00:00 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 150,528 ------w c:\windows\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w c:\windows\system32\qagentrt.dll
- 2004-08-04 12:00:00 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w c:\windows\system32\qcliprov.dll
- 2004-08-04 12:00:00 279,040 ----a-w c:\windows\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w c:\windows\system32\qdv.dll
- 2004-08-04 12:00:00 385,024 ----a-w c:\windows\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w c:\windows\system32\qdvd.dll
- 2004-08-04 12:00:00 562,176 ----a-w c:\windows\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w c:\windows\system32\qedit.dll
- 2004-08-04 12:00:00 733,696 ----a-w c:\windows\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w c:\windows\system32\qedwipes.dll
- 2004-08-04 12:00:00 382,464 ----a-w c:\windows\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w c:\windows\system32\qmgr.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\qprocess.exe
+ 2008-04-14 00:12:32 19,968 ----a-w c:\windows\system32\qprocess.exe
- 2008-05-07 05:18:48 1,287,680 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w c:\windows\system32\quartz.dll
- 2006-06-22 05:06:30 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ------w c:\windows\system32\qutil.dll
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w c:\windows\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w c:\windows\system32\rasadhlp.dll
- 2004-08-04 12:00:00 236,544 ----a-w c:\windows\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\rasapi32.dll
- 2004-08-04 12:00:00 89,088 ----a-w c:\windows\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w c:\windows\system32\rasauto.dll
- 2004-08-04 12:00:00 69,632 ----a-w c:\windows\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w c:\windows\system32\raschap.dll
- 2004-08-04 12:00:00 657,920 ----a-w c:\windows\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w c:\windows\system32\rasdlg.dll
- 2004-08-04 12:00:00 61,440 ----a-w c:\windows\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w c:\windows\system32\rasman.dll
- 2006-05-14 08:44:08 181,248 ----a-w c:\windows\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w c:\windows\system32\rasmans.dll
- 2004-08-04 12:00:00 56,832 ----a-w c:\windows\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w c:\windows\system32\rasphone.exe
- 2004-08-04 12:00:00 206,336 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ------w c:\windows\system32\rasqec.dll
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w c:\windows\system32\rassapi.dll
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w c:\windows\system32\rastapi.dll
- 2004-08-04 12:00:00 112,128 ----a-w c:\windows\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w c:\windows\system32\rastls.dll
- 2004-08-04 12:00:00 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
- 2004-08-04 12:00:00 35,840 ----a-w c:\windows\system32\rcimlby.exe
+ 2008-04-14 00:12:32 35,840 ----a-w c:\windows\system32\rcimlby.exe
- 2004-08-04 12:00:00 21,504 ----a-w c:\windows\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w c:\windows\system32\rcp.exe
- 2004-08-04 12:00:00 147,968 ----a-w c:\windows\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w c:\windows\system32\rdchost.dll
- 2004-08-04 12:00:00 62,464 ----a-w c:\windows\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w c:\windows\system32\rdpclip.exe
- 2004-08-04 12:00:00 92,168 ----a-w c:\windows\system32\rdpdd.dll
+ 2008-04-14 00:13:22 92,424 ----a-w c:\windows\system32\rdpdd.dll
- 2004-08-04 12:00:00 19,968 ----a-w c:\windows\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w c:\windows\system32\rdpsnd.dll
- 2004-08-04 12:00:00 87,176 ----a-w c:\windows\system32\rdpwsx.dll
+ 2008-04-14 00:13:22 87,176 ----a-w c:\windows\system32\rdpwsx.dll
- 2004-08-04 12:00:00 13,824 ----a-w c:\windows\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w c:\windows\system32\rdsaddin.exe
- 2004-08-04 12:00:00 67,072 ----a-w c:\windows\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w c:\windows\system32\rdshost.exe
- 2004-08-04 12:00:00 50,176 ----a-w c:\windows\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\reg.exe
- 2004-08-04 12:00:00 49,664 ----a-w c:\windows\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w c:\windows\system32\regapi.dll
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w c:\windows\system32\regsvc.dll
- 2004-08-04 12:00:00 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2004-08-04 13:07:44 46,464 ----a-w c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\GAGP30KX.SYS
- 2004-08-04 12:00:00 60,416 ----a-w c:\windows\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w c:\windows\system32\remotepg.dll
- 2004-08-04 12:00:00 380,416 -c--a-w c:\windows\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w c:\windows\system32\resutils.dll
- 2004-08-04 12:00:00 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ------w c:\windows\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w c:\windows\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w c:\windows\system32\riched20.dll
- 2007-07-09 13:16:16 582,656 ----a-w c:\windows\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w c:\windows\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w c:\windows\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w c:\windows\system32\rpcss.dll
- 2004-08-04 12:00:00 152,576 ----a-w c:\windows\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w c:\windows\system32\rsaenh.dll
- 2004-08-04 12:00:00 14,848 ----a-w c:\windows\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w c:\windows\system32\rsh.exe
- 2004-08-04 12:00:00 39,936 ----a-w c:\windows\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w c:\windows\system32\rshx32.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w c:\windows\system32\rsmps.dll
- 2004-08-04 12:00:00 90,112 ----a-w c:\windows\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w c:\windows\system32\rsvpsp.dll
- 2004-08-04 12:00:00 77,312 ----a-w c:\windows\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w c:\windows\system32\rtcshare.exe
- 2004-08-04 12:00:00 31,744 ----a-w c:\windows\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w c:\windows\system32\rtipxmib.dll
- 2004-08-04 12:00:00 44,032 ----a-w c:\windows\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w c:\windows\system32\rtutils.dll
- 2004-08-04 12:00:00 33,280 ----a-w c:\windows\system32\rundll32.exe
+ 2008-04-14 00:12:33 33,280 ----a-w c:\windows\system32\rundll32.exe
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:33 14,336 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:04 397,056 ------w c:\windows\system32\s3gnb.dll
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w c:\windows\system32\safrcdlg.dll
- 2004-08-04 12:00:00 29,696 ----a-w c:\windows\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w c:\windows\system32\safrdm.dll
- 2004-08-04 12:00:00 45,568 ----a-w c:\windows\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w c:\windows\system32\safrslv.dll
- 2004-08-04 12:00:00 64,000 ----a-w c:\windows\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w c:\windows\system32\samlib.dll
- 2004-08-04 12:00:00 415,744 ----a-w c:\windows\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w c:\windows\system32\samsrv.dll
- 2004-08-04 12:00:00 13,312 ----a-w c:\windows\system32\savedump.exe
+ 2008-04-14 00:12:33 13,312 ----a-w c:\windows\system32\savedump.exe
- 2004-08-04 12:00:00 270,848 ----a-w c:\windows\system32\sbe.dll
+ 2008-04-14 00:12:04 270,848 ----a-w c:\windows\system32\sbe.dll
- 2004-08-04 12:00:00 159,232 ----a-w c:\windows\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w c:\windows\system32\sbeio.dll
- 2004-08-04 12:00:00 69,632 ----a-w c:\windows\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w c:\windows\system32\scarddlg.dll
- 2004-08-04 12:00:00 95,744 ----a-w c:\windows\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w c:\windows\system32\scardsvr.exe
- 2004-08-04 12:00:00 171,008 ----a-w c:\windows\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w c:\windows\system32\sccsccp.dll
- 2004-08-04 12:00:00 180,224 ----a-w c:\windows\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w c:\windows\system32\scecli.dll
- 2004-08-04 12:00:00 313,856 ----a-w c:\windows\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w c:\windows\system32\scesrv.dll
- 2008-12-05 07:12:45 144,896 ----a-w c:\windows\system32\schannel.dll
+ 2008-12-05 06:54:55 144,896 ----a-w c:\windows\system32\schannel.dll
- 2004-08-04 12:00:00 190,976 ----a-w c:\windows\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w c:\windows\system32\schedsvc.dll
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w c:\windows\system32\sclgntfy.dll
- 2004-08-04 12:00:00 9,216 ----a-w c:\windows\system32\scrnsave.scr
+ 2008-04-14 00:12:43 9,216 ----a-w c:\windows\system32\scrnsave.scr
- 2004-08-04 12:00:00 159,744 ----a-w c:\windows\system32\scrobj.dll
+ 2008-04-14 00:12:05 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2004-08-04 12:00:00 151,552 ----a-w c:\windows\system32\scrrun.dll
+ 2008-04-14 00:12:05 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2004-08-04 12:00:00 77,312 ----a-w c:\windows\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w c:\windows\system32\sdbinst.exe
- 2004-08-04 12:00:00 29,184 ----a-w c:\windows\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sdhcinst.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w c:\windows\system32\seclogon.dll
- 2004-08-04 12:00:00 55,808 ----a-w c:\windows\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\secur32.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w c:\windows\system32\security.dll
- 2004-08-04 12:00:00 29,184 ----a-w c:\windows\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sendcmsg.dll
- 2004-08-04 12:00:00 55,296 ----a-w c:\windows\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w c:\windows\system32\sendmail.dll
- 2004-08-04 12:00:00 38,912 ----a-w c:\windows\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w c:\windows\system32\sens.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w c:\windows\system32\sensapi.dll
- 2004-08-04 12:00:00 56,320 ----a-w c:\windows\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\servdeps.dll
- 2004-08-04 12:00:00 108,032 ----a-w c:\windows\system32\services.exe
+ 2008-04-14 00:12:34 108,544 ----a-w c:\windows\system32\services.exe
- 2004-08-04 12:00:00 140,800 ----a-w c:\windows\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w c:\windows\system32\sessmgr.exe
- 2004-08-04 12:00:00 31,232 ----a-w c:\windows\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w c:\windows\system32\sethc.exe
- 2004-08-04 12:00:00 23,040 ----a-w c:\windows\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w c:\windows\system32\setup.exe
- 2004-08-04 12:00:00 259,584 -c--a-w c:\windows\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w c:\windows\system32\Setup\comsetup.dll
- 2004-08-04 12:00:00 32,828 -c--a-w c:\windows\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll
- 2004-08-04 12:00:00 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
- 2004-08-04 12:00:00 505,344 -c--a-w c:\windows\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w c:\windows\system32\Setup\iis.dll
- 2004-08-04 12:00:00 115,712 -c--a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w c:\windows\system32\Setup\koc.dll
- 2004-08-04 12:00:00 82,432 -c--a-w c:\windows\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w c:\windows\system32\Setup\msdtcstp.dll
- 2004-08-04 12:00:00 15,360 -c--a-w c:\windows\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll
- 2004-08-04 12:00:00 77,312 -c--a-w c:\windows\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w c:\windows\system32\Setup\netoc.dll
- 2004-08-04 12:00:00 62,976 -c--a-w c:\windows\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll
- 2004-08-04 12:00:00 15,872 -c--a-w c:\windows\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\Setup\ocgen.dll
- 2004-08-04 12:00:00 17,408 -c--a-w c:\windows\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll
- 2004-08-04 12:00:00 101,376 -c--a-w c:\windows\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll
- 2004-08-04 12:00:00 22,016 -c--a-w c:\windows\system32\Setup\startoc.dll
+ 2008-04-14 00:12:07 26,624 ----a-w c:\windows\system32\Setup\startoc.dll
- 2004-08-04 12:00:00 121,856 -c--a-w c:\windows\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w c:\windows\system32\Setup\tsoc.dll
- 2004-08-04 12:00:00 983,552 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 10:42:06 985,088 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w c:\windows\system32\setupn.exe
- 2004-08-04 12:00:00 5,120 ----a-w c:\windows\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w c:\windows\system32\sfc.dll
- 2004-08-04 12:00:00 140,288 ----a-w c:\windows\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w c:\windows\system32\sfc_os.dll
- 2004-08-04 12:00:00 1,580,544 ----a-w c:\windows\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w c:\windows\system32\sfcfiles.dll
- 2004-08-04 12:00:00 549,376 ----a-w c:\windows\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w c:\windows\system32\shdoclc.dll
- 2006-09-23 17:12:50 1,497,088 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 ----a-w c:\windows\system32\shdocvw.dll
- 2008-07-03 13:03:29 8,460,800 ----a-w c:\windows\system32\shell32.dll
+ 2008-06-17 19:02:19 8,461,312 ----a-w c:\windows\system32\shell32.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w c:\windows\system32\shfolder.dll
- 2004-08-04 12:00:00 68,096 ----a-w c:\windows\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w c:\windows\system32\shgina.dll
- 2004-08-04 12:00:00 65,536 ----a-w c:\windows\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w c:\windows\system32\shimeng.dll
- 2004-08-04 12:00:00 438,272 ----a-w c:\windows\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w c:\windows\system32\shimgvw.dll
- 2006-09-23 17:12:50 474,112 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w c:\windows\system32\shlwapi.dll
- 2004-08-04 12:00:00 151,552 ----a-w c:\windows\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w c:\windows\system32\shmedia.dll
- 2004-08-04 12:00:00 42,496 ----a-w c:\windows\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w c:\windows\system32\shmgrate.exe
- 2004-08-04 12:00:00 77,824 ----a-w c:\windows\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w c:\windows\system32\shrpubw.exe
- 2004-08-04 12:00:00 27,648 ----a-w c:\windows\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w c:\windows\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w c:\windows\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w c:\windows\system32\shsvcs.dll
- 2004-08-04 12:00:00 19,456 ----a-w c:\windows\system32\shutdown.exe
+ 2008-04-14 00:12:35 19,456 ----a-w c:\windows\system32\shutdown.exe
- 2004-08-04 12:00:00 13,312 ----a-w c:\windows\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w c:\windows\system32\sigtab.dll
- 2004-08-04 12:00:00 70,144 ----a-w c:\windows\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w c:\windows\system32\sigverif.exe
- 2004-08-04 12:00:00 26,112 ----a-w c:\windows\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w c:\windows\system32\skeys.exe
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w c:\windows\system32\slayerxp.dll
- 2004-08-04 12:00:00 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w c:\windows\system32\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w c:\windows\system32\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w c:\windows\system32\slgen.dll
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\system32\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w c:\windows\system32\slserv.exe
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ----a-w c:\windows\system32\smbinst.exe
- 2004-08-04 12:00:00 363,008 ----a-w c:\windows\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w c:\windows\system32\smlogcfg.dll
- 2004-08-04 12:00:00 89,600 ----a-w c:\windows\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w c:\windows\system32\smlogsvc.exe
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w c:\windows\system32\smss.exe
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w c:\windows\system32\snmpapi.dll
- 2004-08-04 12:00:00 182,272 ----a-w c:\windows\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w c:\windows\system32\snmpsnap.dll
- 2004-08-04 12:00:00 23,552 ----a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 24,576 ----a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 7,680 ----a-w c:\windows\system32\spdwnwxp.exe
- 2007-11-30 11:18:51 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:38:24 17,272 ------w c:\windows\system32\spmsg.dll
- 2004-08-04 19:00:00 11,776 ----a-w c:\windows\system32\spnpinst.exe
+ 2008-04-14 10:42:38 11,264 ----a-w c:\windows\system32\spnpinst.exe
- 2004-08-04 12:00:00 452,096 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\FXSAPI.DLL
+ 2008-04-14 00:11:53 451,584 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsapi.dll
- 2004-08-04 12:00:00 27,136 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\FXSDRV.DLL
+ 2008-04-14 00:11:54 26,624 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsdrv.dll
- 2004-08-04 12:00:00 6,656 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\FXSRES.DLL
+ 2008-04-14 00:09:33 6,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsres.dll
- 2004-08-04 12:00:00 397,312 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\FXSTIFF.DLL
+ 2008-04-14 00:11:54 397,312 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxstiff.dll
- 2004-08-04 12:00:00 154,112 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\FXSUI.DLL
+ 2008-04-14 00:11:54 154,112 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsui.dll
- 2004-08-04 12:00:00 192,512 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\FXSWZRD.DLL
+ 2008-04-14 00:11:54 192,512 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxswzrd.dll
- 2004-08-04 05:56:48 264,704 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2008-04-14 00:12:07 373,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
- 2004-08-04 05:56:48 197,120 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2008-04-14 00:12:07 744,448 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
- 2004-08-04 05:56:36 619,520 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2007-05-15 08:08:53 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unires.dll
- 2004-08-04 12:00:00 74,752 ----a-w c:\windows\system32\spoolss.dll
+ 2008-04-14 00:12:06 75,264 ----a-w c:\windows\system32\spoolss.dll
- 2005-06-10 23:53:32 57,856 ----a-w c:\windows\system32\spoolsv.exe
+ 2008-04-14 00:12:36 57,856 ----a-w c:\windows\system32\spoolsv.exe
- 2007-07-27 13:41:38 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-08-11 01:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-04-14 00:12:36 20,992 ------w c:\windows\system32\spupdwxp.exe
- 2004-08-04 12:00:00 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
- 2004-08-04 12:00:00 180,800 ----a-w c:\windows\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w c:\windows\system32\sqlunirl.dll
- 2004-08-04 12:00:00 67,584 ----a-w c:\windows\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w c:\windows\system32\srclient.dll
- 2004-08-04 12:00:00 239,104 ----a-w c:\windows\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w c:\windows\system32\srrstr.dll
- 2004-08-04 12:00:00 170,496 ----a-w c:\windows\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w c:\windows\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w c:\windows\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w c:\windows\system32\srvsvc.dll
- 2004-08-04 12:00:00 704,512 ----a-w c:\windows\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w c:\windows\system32\ss3dfo.scr
- 2004-08-04 12:00:00 19,968 ----a-w c:\windows\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w c:\windows\system32\ssbezier.scr
- 2004-08-04 12:00:00 34,816 ----a-w c:\windows\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w c:\windows\system32\ssdpapi.dll
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
- 2004-08-04 12:00:00 393,216 ----a-w c:\windows\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w c:\windows\system32\ssflwbox.scr
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w c:\windows\system32\ssmarque.scr
- 2004-08-04 12:00:00 47,104 ----a-w c:\windows\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w c:\windows\system32\ssmypics.scr
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w c:\windows\system32\ssmyst.scr
- 2004-08-04 12:00:00 610,304 ----a-w c:\windows\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w c:\windows\system32\sspipes.scr
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w c:\windows\system32\ssstars.scr
- 2004-08-04 12:00:00 679,936 ----a-w c:\windows\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w c:\windows\system32\sstext3d.scr
- 2004-08-04 12:00:00 54,272 ----a-w c:\windows\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w c:\windows\system32\stclient.dll
- 2004-08-04 12:00:00 67,584 ----a-w c:\windows\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w c:\windows\system32\sti.dll
- 2004-08-04 12:00:00 136,704 ----a-w c:\windows\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w c:\windows\system32\sti_ci.dll
- 2004-08-04 12:00:00 14,848 ----a-w c:\windows\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w c:\windows\system32\stimon.exe
- 2004-08-04 12:00:00 121,856 ----a-w c:\windows\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w c:\windows\system32\stobject.dll
- 2004-08-04 07:56:46 74,752 ----a-w c:\windows\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w c:\windows\system32\storprop.dll
- 2008-10-03 10:15:47 247,326 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2004-08-04 12:00:00 75,776 ----a-w c:\windows\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w c:\windows\system32\strmfilt.dll
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w c:\windows\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w c:\windows\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w c:\windows\system32\sxs.dll
- 2004-08-04 12:00:00 57,856 ----a-w c:\windows\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\synceng.dll
- 2004-08-04 12:00:00 191,488 ----a-w c:\windows\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w c:\windows\system32\syncui.dll
- 2004-08-04 12:00:00 105,984 ----a-w c:\windows\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w c:\windows\system32\sysocmgr.exe
- 2004-08-04 12:00:00 984,576 ----a-w c:\windows\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w c:\windows\system32\syssetup.dll
- 2005-10-17 21:14:46 118,272 ----a-w c:\windows\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w c:\windows\system32\t2embed.dll
- 2004-08-04 12:00:00 858,624 ----a-w c:\windows\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w c:\windows\system32\tapi3.dll
- 2004-08-04 12:00:00 181,760 ----a-w c:\windows\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w c:\windows\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w c:\windows\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w c:\windows\system32\tapisrv.dll
- 2004-08-04 12:00:00 135,680 ----a-w c:\windows\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w c:\windows\system32\taskmgr.exe
- 2004-08-04 12:00:00 14,848 ----a-w c:\windows\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w c:\windows\system32\tcpmib.dll
- 2004-08-04 12:00:00 45,568 ----a-w c:\windows\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmon.dll
- 2004-08-04 12:00:00 45,568 ----a-w c:\windows\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 ----a-w c:\windows\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w c:\windows\system32\telnet.exe
- 2004-08-04 12:00:00 358,400 ----a-w c:\windows\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w c:\windows\system32\termmgr.dll
- 2004-08-04 12:00:00 295,424 ----a-w c:\windows\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w c:\windows\system32\termsrv.dll
- 2004-08-04 12:00:00 385,536 ----a-w c:\windows\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w c:\windows\system32\themeui.dll
- 2004-08-04 19:00:00 347,136 ----a-w c:\windows\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w c:\windows\system32\tourstart.exe
- 2004-08-04 12:00:00 12,288 ----a-w c:\windows\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w c:\windows\system32\tracert.exe
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w c:\windows\system32\tree.com
- 2004-08-04 12:00:00 90,624 ----a-w c:\windows\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w c:\windows\system32\trkwks.dll
- 2004-08-04 12:00:00 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
- 2004-08-04 12:00:00 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w c:\windows\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\system32\tspkg.dll
- 2004-08-04 12:00:00 44,032 ----a-w c:\windows\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w c:\windows\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w c:\windows\system32\txflog.dll
- 2008-10-22 09:47:07 62,976 ------w c:\windows\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ------w c:\windows\system32\tzchange.exe
- 2004-08-04 12:00:00 25,600 ----a-w c:\windows\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w c:\windows\system32\udhisapi.dll
- 2004-08-04 12:00:00 275,456 ----a-w c:\windows\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w c:\windows\system32\ulib.dll
- 2004-08-04 12:00:00 35,840 ----a-w c:\windows\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w c:\windows\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
- 2004-08-04 12:00:00 74,240 ----a-w c:\windows\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w c:\windows\system32\unimdmat.dll
- 2004-08-04 12:00:00 13,824 ----a-w c:\windows\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w c:\windows\system32\uniplat.dll
- 2004-08-04 12:00:00 316,416 ----a-w c:\windows\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w c:\windows\system32\untfs.dll
- 2004-08-04 12:00:00 132,608 ----a-w c:\windows\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w c:\windows\system32\upnp.dll
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w c:\windows\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w c:\windows\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w c:\windows\system32\upnphost.dll
- 2004-08-04 12:00:00 239,616 ----a-w c:\windows\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w c:\windows\system32\upnpui.dll
- 2004-08-04 12:00:00 18,432 ----a-w c:\windows\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w c:\windows\system32\ups.exe
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w c:\windows\system32\usbmon.dll
- 2004-08-04 07:56:48 74,240 ----a-w c:\windows\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w c:\windows\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w c:\windows\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w c:\windows\system32\user32.dll
- 2004-08-04 12:00:00 723,456 ----a-w c:\windows\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w c:\windows\system32\userenv.dll
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w c:\windows\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\system32\usmt\cobramsg.dll
- 2004-08-04 12:00:00 123,904 -c--a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w c:\windows\system32\usmt\guitrna.dll
- 2004-08-04 12:00:00 4,096 -c--a-w c:\windows\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w c:\windows\system32\usmt\iconlib.dll
- 2004-08-04 12:00:00 19,968 -c--a-w c:\windows\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\usmt\log.dll
- 2004-08-04 12:00:00 201,216 -c--a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w c:\windows\system32\usmt\migisma.dll
- 2004-08-04 12:00:00 103,424 -c--a-w c:\windows\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w c:\windows\system32\usmt\migload.exe
- 2004-08-04 12:00:00 240,128 -c--a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w c:\windows\system32\usmt\migwiza.exe
- 2004-08-04 12:00:00 202,752 -c--a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w c:\windows\system32\usmt\scripta.dll
- 2004-08-04 12:00:00 168,960 -c--a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w c:\windows\system32\usmt\sysmoda.dll
- 2004-08-04 12:00:00 406,528 ----a-w c:\windows\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w c:\windows\system32\usp10.dll
- 2004-08-04 12:00:00 50,176 ----a-w c:\windows\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w c:\windows\system32\utilman.exe
- 2004-08-04 12:00:00 218,624 ----a-w c:\windows\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w c:\windows\system32\uxtheme.dll
- 2004-08-04 12:00:00 30,749 ----a-w c:\windows\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w c:\windows\system32\vbajet32.dll
- 2006-11-08 02:03:36 413,696 ----a-w c:\windows\system32\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ----a-w c:\windows\system32\vbscript.dll
- 2004-08-04 12:00:00 26,112 ----a-w c:\windows\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w c:\windows\system32\vdmdbg.dll
- 2004-08-04 12:00:00 51,712 ----a-w c:\windows\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w c:\windows\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ------w c:\windows\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ------w c:\windows\system32\verclsid.exe
- 2004-08-04 12:00:00 13,312 ----a-w c:\windows\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w c:\windows\system32\verifier.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\version.dll
- 2004-08-04 12:00:00 430,592 ----a-w c:\windows\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w c:\windows\system32\vssapi.dll
- 2004-08-04 12:00:00 289,792 ----a-w c:\windows\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w c:\windows\system32\vssvc.exe
- 2004-08-04 12:00:00 174,592 ----a-w c:\windows\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w c:\windows\system32\w32time.dll
- 2004-08-04 12:00:00 15,872 ----a-w c:\windows\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w c:\windows\system32\w3ssl.dll
- 2004-08-04 12:00:00 17,664 ----a-w c:\windows\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w c:\windows\system32\watchdog.sys
- 2004-08-04 12:00:00 208,896 ----a-w c:\windows\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w c:\windows\system32\wavemsp.dll
- 2004-08-04 12:00:00 1,352,192 ----a-w c:\windows\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w c:\windows\system32\wbem\cimwin32.dll
- 2004-08-04 12:00:00 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
- 2004-08-04 12:00:00 22,016 -c--a-w c:\windows\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\wbem\evntrprv.dll
- 2004-08-04 12:00:00 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
- 2004-08-04 12:00:00 185,856 ----a-w c:\windows\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w c:\windows\system32\wbem\framedyn.dll
- 2004-08-04 12:00:00 24,576 -c--a-w c:\windows\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
- 2004-08-04 12:00:00 16,384 -c--a-w c:\windows\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w c:\windows\system32\wbem\mofcomp.exe
- 2004-08-04 12:00:00 123,904 -c--a-w c:\windows\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
- 2004-08-04 12:00:00 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
- 2004-08-04 12:00:00 212,992 -c--a-w c:\windows\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
- 2004-08-04 12:00:00 237,056 -c--a-w c:\windows\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\wbem\provthrd.dll
- 2004-08-04 12:00:00 177,152 ----a-w c:\windows\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w c:\windows\system32\wbem\repdrvfs.dll
- 2004-08-04 12:00:00 36,864 -c--a-w c:\windows\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w c:\windows\system32\wbem\scrcons.exe
- 2004-08-04 12:00:00 86,528 -c--a-w c:\windows\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
- 2004-08-04 12:00:00 131,584 -c--a-w c:\windows\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
- 2004-08-04 12:00:00 196,608 -c--a-w c:\windows\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
- 2004-08-04 12:00:00 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
- 2004-08-04 12:00:00 530,944 ----a-w c:\windows\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w c:\windows\system32\wbem\wbemcore.dll
- 2004-08-04 12:00:00 178,176 -c--a-w c:\windows\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
- 2004-08-04 12:00:00 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
- 2004-08-04 12:00:00 43,008 -c--a-w c:\windows\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
- 2004-08-04 12:00:00 116,224 -c--a-w c:\windows\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w c:\windows\system32\wbem\wbemtest.exe
- 2004-08-04 12:00:00 197,120 -c--a-w c:\windows\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w c:\windows\system32\wbem\wbemupgd.dll
- 2004-08-04 12:00:00 196,608 -c--a-w c:\windows\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w c:\windows\system32\wbem\wmiadap.exe
- 2004-08-04 12:00:00 6,656 -c--a-w c:\windows\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll
- 2004-08-04 12:00:00 89,088 -c--a-w c:\windows\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w c:\windows\system32\wbem\wmiaprpl.dll
- 2004-08-04 12:00:00 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
- 2004-08-04 12:00:00 60,928 -c--a-w c:\windows\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
- 2004-08-04 12:00:00 140,800 -c--a-w c:\windows\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
- 2004-08-04 12:00:00 156,672 -c--a-w c:\windows\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
- 2004-08-04 12:00:00 132,096 -c--a-w c:\windows\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
- 2004-08-04 12:00:00 62,464 -c--a-w c:\windows\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w c:\windows\system32\wbem\wmipiprt.dll
- 2004-08-04 12:00:00 62,976 -c--a-w c:\windows\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w c:\windows\system32\wbem\wmipjobj.dll
- 2004-08-04 12:00:00 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
- 2004-08-04 12:00:00 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
- 2004-08-04 12:00:00 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
- 2004-08-04 12:00:00 41,472 -c--a-w c:\windows\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
- 2004-08-04 12:00:00 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
- 2004-08-04 12:00:00 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
- 2006-03-24 04:37:50 49,152 ----a-w c:\windows\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w c:\windows\system32\wdigest.dll
- 2004-08-04 14:56:58 23,552 ----a-w c:\windows\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w c:\windows\system32\wdmaud.drv
- 2006-01-04 03:35:05 68,096 ----a-w c:\windows\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w c:\windows\system32\webclnt.dll
- 2004-08-04 12:00:00 135,680 ----a-w c:\windows\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w c:\windows\system32\webvw.dll
- 2004-08-04 12:00:00 65,536 ----a-w c:\windows\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w c:\windows\system32\wextract.exe
- 2004-08-04 12:00:00 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
- 2004-08-04 12:00:00 463,360 ----a-w c:\windows\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w c:\windows\system32\wiadefui.dll
- 2004-08-04 12:00:00 124,416 ----a-w c:\windows\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w c:\windows\system32\wiadss.dll
- 2004-08-04 12:00:00 75,776 ----a-w c:\windows\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w c:\windows\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w c:\windows\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w c:\windows\system32\wiaservc.dll
- 2004-08-04 12:00:00 589,312 ----a-w c:\windows\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w c:\windows\system32\wiashext.dll
- 2004-08-04 12:00:00 111,104 ----a-w c:\windows\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w c:\windows\system32\wiavideo.dll
- 2004-08-04 12:00:00 101,888 ----a-w c:\windows\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w c:\windows\system32\win32spl.dll
- 2004-08-04 12:00:00 937,984 ----a-w c:\windows\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w c:\windows\system32\winbrand.dll
+ 2008-04-14 00:12:08 712,704 ------w c:\windows\system32\windowscodecs.dll
+ 2008-04-14 00:12:08 346,112 ------w c:\windows\system32\windowscodecsext.dll
- 2004-08-04 12:00:00 351,232 ----a-w c:\windows\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w c:\windows\system32\winhttp.dll
- 2004-08-04 12:00:00 32,768 ----a-w c:\windows\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w c:\windows\system32\winipsec.dll
- 2004-08-04 12:00:00 502,272 ----a-w c:\windows\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w c:\windows\system32\winlogon.exe
- 2004-08-04 12:00:00 176,128 ----a-w c:\windows\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w c:\windows\system32\winmm.dll
- 2004-08-04 19:00:00 764,928 ----a-w c:\windows\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w c:\windows\system32\winntbbu.dll
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w c:\windows\system32\winrnr.dll
- 2004-08-04 12:00:00 99,328 ----a-w c:\windows\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w c:\windows\system32\winscard.dll
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w c:\windows\system32\winshfhc.dll
- 2004-08-04 12:00:00 146,432 ----a-w c:\windows\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w c:\windows\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w c:\windows\system32\winsrv.dll
- 2004-08-04 12:00:00 53,760 ----a-w c:\windows\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w c:\windows\system32\winsta.dll
- 2004-08-04 12:00:00 176,640 ----a-w c:\windows\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w c:\windows\system32\wintrust.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w c:\windows\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w c:\windows\system32\wlanapi.dll
- 2004-08-04 12:00:00 172,032 ----a-w c:\windows\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w c:\windows\system32\wldap32.dll
- 2004-08-04 12:00:00 92,672 ----a-w c:\windows\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w c:\windows\system32\wlnotify.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w c:\windows\system32\wmi.dll
+ 2008-04-14 00:12:09 276,992 ------w c:\windows\system32\wmphoto.dll
- 2004-08-04 12:00:00 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
- 2004-08-04 12:00:00 303,616 ----a-w c:\windows\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w c:\windows\system32\wmstream.dll
- 2004-08-04 12:00:00 264,192 ----a-w c:\windows\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w c:\windows\system32\wow32.dll
- 2004-08-04 12:00:00 32,256 ----a-w c:\windows\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w c:\windows\system32\wpabaln.exe
- 2004-08-04 12:00:00 32,256 ----a-w c:\windows\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w c:\windows\system32\wpnpinst.exe
- 2004-08-04 12:00:00 82,944 ----a-w c:\windows\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w c:\windows\system32\ws2_32.dll
- 2004-08-04 12:00:00 19,968 ----a-w c:\windows\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w c:\windows\system32\ws2help.dll
- 2004-08-04 12:00:00 13,824 ----a-w c:\windows\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w c:\windows\system32\wscntfy.exe
- 2004-08-04 12:00:00 114,688 ----a-w c:\windows\system32\wscript.exe
+ 2008-04-14 00:12:41 155,648 ----a-w c:\windows\system32\wscript.exe
- 2004-08-04 12:00:00 81,408 ----a-w c:\windows\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w c:\windows\system32\wscsvc.dll
- 2004-08-04 12:00:00 108,032 ----a-w c:\windows\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w c:\windows\system32\wshbth.dll
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w c:\windows\system32\wshcon.dll
- 2004-08-04 12:00:00 65,536 ----a-w c:\windows\system32\wshext.dll
+ 2008-04-14 00:12:10 90,112 ----a-w c:\windows\system32\wshext.dll
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w c:\windows\system32\wship6.dll
- 2004-08-04 12:00:00 11,776 ----a-w c:\windows\system32\WshRm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w c:\windows\system32\wshrm.dll
- 2004-08-04 12:00:00 19,968 ----a-w c:\windows\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w c:\windows\system32\wshtcpip.dll
- 2004-08-04 12:00:00 42,496 ----a-w c:\windows\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w c:\windows\system32\wsnmp32.dll
- 2004-08-04 12:00:00 22,528 ----a-w c:\windows\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w c:\windows\system32\wsock32.dll
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w c:\windows\system32\wstdecod.dll
- 2004-08-04 12:00:00 18,432 ----a-w c:\windows\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w c:\windows\system32\wtsapi32.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w c:\windows\system32\wuauserv.dll
- 2004-08-04 12:00:00 378,368 ----a-w c:\windows\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w c:\windows\system32\wzcdlg.dll
- 2004-08-04 19:00:00 51,712 ----a-w c:\windows\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w c:\windows\system32\wzcsapi.dll
- 2004-08-04 19:00:00 359,936 ----a-w c:\windows\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w c:\windows\system32\wzcsvc.dll
- 2004-08-04 12:00:00 91,648 ----a-w c:\windows\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w c:\windows\system32\xactsrv.dll
- 2004-08-04 12:00:00 30,720 ----a-w c:\windows\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w c:\windows\system32\xcopy.exe
- 2006-07-14 15:51:52 121,856 ------w c:\windows\system32\xmllite.dll
+ 2008-04-14 00:12:11 121,856 ------w c:\windows\system32\xmllite.dll
- 2004-08-04 12:00:00 129,536 ----a-w c:\windows\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w c:\windows\system32\xmlprov.dll
- 2004-08-04 12:00:00 50,176 ----a-w c:\windows\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w c:\windows\system32\xmlprovi.dll
- 2006-03-01 19:42:42 11,776 ----a-w c:\windows\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w c:\windows\system32\xolehlp.dll
- 2004-08-04 12:00:00 438,784 ----a-w c:\windows\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w c:\windows\system32\xpob2res.dll
- 2004-08-04 12:00:00 187,392 ----a-w c:\windows\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w c:\windows\system32\xpsp1res.dll
- 2004-08-04 12:00:00 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
- 2008-02-15 09:06:21 351,744 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w c:\windows\system32\xpsp3res.dll
- 2004-08-04 12:00:00 337,920 ----a-w c:\windows\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w c:\windows\system32\zipfldr.dll
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w c:\windows\twain_32.dll
- 2004-08-04 12:00:00 283,648 ----a-w c:\windows\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w c:\windows\winhlp32.exe
- 2007-01-19 20:15:24 74,802 -c--a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 -c--a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 -c--a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 -c--a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2004-08-04 19:00:00 853,504 -c--a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2004-08-04 19:00:00 991,232 -c--a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2004-08-04 19:00:00 132,096 -c--a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-21 50472]
"AROReminder"="c:\program files\Advanced Registry Optimizer\ARO.exe" [2007-07-23 2084480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"wltray.exe"="c:\windows\system32\wltray.exe" [2005-03-10 778348]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-15 1261336]
"masqform.exe"="c:\program files\PureEdge\Viewer 6.0\masqform.exe" [2003-12-03 1052672]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-09 515416]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-12-08 1173384]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2003-07-14 34880]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= c:\documents and settings\HP_Owner\My Documents\My Stuff\02.jpg
FriendlyName=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-01 19:29 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=c:\windows\pss\Updates from HP.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vckqgkz

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a--c--- 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2008-10-21 13:09 50472 c:\program files\AIM6\aim6.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AROReminder]
--a------ 2007-07-23 09:34 2084480 c:\program files\Advanced Registry Optimizer\ARO.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
--a------ 2008-12-15 15:44 1261336 c:\progra~1\AVG\AVG8\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 20:12 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-05-12 09:12 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
--a--c--- 2005-02-26 01:34 245760 c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
--a--c--- 2005-06-02 02:35 49152 c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-07-28 02:50 221184 c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2004-07-28 02:50 81920 c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a--c--- 2008-02-22 04:25 144784 c:\program files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-11-30 17:03 185632 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2006-11-03 19:20 866584 c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
--a------ 2005-05-26 14:01 49152 c:\windows\system32\SiSPower.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TapiSrv"=3 (0x3)
"Spooler"=2 (0x2)
"Fax"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-25 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-03-24 130424]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-28 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-28 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-28 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-10-28 231704]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-03-24 348752]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c901d464-758c-11da-a32e-0013d4d02037}]
\Shell\AutoRun\command - J:\setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder

2009-03-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 15:06]

2009-03-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]

2009-04-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://myspace.com/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = hxxp://myspace.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\ksqxhua9.default\
FF - prefs.js: browser.startup.homepage - facebook.com
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPView22.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\view22\version_4\NPView22.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-01 10:43:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-04-01 10:48:48
ComboFix-quarantined-files.txt 2009-04-01 14:48:41
ComboFix2.txt 2009-04-01 01:58:58

Pre-Run: 485,879,808 bytes free
Post-Run: 495,890,432 bytes free

4650 --- E O F --- 2009-04-01 14:16:41

#11 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:14 AM

Posted 01 April 2009 - 10:09 AM

Hi,

This looks OK again.

* Go to start > run and copy and paste next command in the field:

ComboFix /u

Make sure there's a space between Combofix and /
Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Let me know in your next reply how things are now.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#12 Monsieurfitch08

Monsieurfitch08
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:14 AM

Posted 01 April 2009 - 02:56 PM

Hey,

so I uninstalled combofix and everything seems to be running great. Everything seems is back to normal as I far can see. Thanks for all your help. :thumbup2: Hopefully I won't run into anything like that again. :)

#13 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:14 AM

Posted 01 April 2009 - 03:01 PM

Glad I could help. :thumbup2:

Please read my Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.
Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Happy Surfing again!
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#14 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:14 AM

Posted 16 April 2009 - 07:14 AM

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users