Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very infected computer


  • This topic is locked This topic is locked
20 replies to this topic

#1 kansas

kansas

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 31 March 2009 - 01:31 PM

Hi! I am helping one of my friends with her computer. It is very infected with a bunch of things. I know one of them is Antiwalware 2009 which is creating a ton of pop-ups. I've run Adaware, Spybot, HouseCleaner and I downloaded CCleaner but didn't delete much because I was afraid to delete the wrong things. I downloaded Hijack This and here is the log file from it. Any and all help is greatly appreciated. I know there are still a lot of problems.

Thanks!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:28:56 PM, on 3/31/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Digital Images manager\Photags AutoDetect.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: {8693ba1e-e758-6f08-6d54-ecbd9993b672} - {276b3999-dbce-45d6-80f6-857ee1ab3968} - C:\WINDOWS\system32\mngpxb.dll
O2 - BHO: (no name) - {321E22EE-E1E1-4AE2-8F9F-A852F939E943} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: (no name) - {6EA0E0A3-7396-40BC-B08E-0FC66518F346} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {75A47E8A-9441-421D-92FC-6BF87983C643} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll
O2 - BHO: (no name) - {9008FACB-2F13-4497-8447-1AAEC8525630} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: (no name) - {A9DB9D6B-DC12-45CA-94F6-ADEEEE495E2A} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: (no name) - {ad259361-564e-4fe0-9beb-3c47158bb53b} - C:\WINDOWS\system32\yowakiru.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {BB0ABB8F-0270-4FD5-95C1-105970518323} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: (no name) - {be5edce0-d1a9-4288-b4f0-96deedcc914a} - (no file)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe" -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [munoyasiti] Rundll32.exe "C:\WINDOWS\system32\piropedo.dll",s
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Thaped] rundll32.exe "C:\WINDOWS\oqiriqowaqifihu.dll",e
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [a04e9208] rundll32.exe "C:\WINDOWS\system32\zopiwahe.dll",b
O4 - HKLM\..\Run: [CPMa37da194] Rundll32.exe "c:\windows\system32\wunufaku.dll",a
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [] C:\WINDOWS\TEMP\l8hclg.exe
O4 - HKCU\..\Run: [Windows Resurections] C:\WINDOWS\TEMP\l8hclg.exe
O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
O4 - HKCU\..\Run: [Diagnostic Manager] C:\DOCUME~1\DARRYL~1\LOCALS~1\Temp\2512192372.exe
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
O4 - HKUS\S-1-5-19\..\Run: [munoyasiti] Rundll32.exe "C:\WINDOWS\system32\piropedo.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [munoyasiti] Rundll32.exe "C:\WINDOWS\system32\piropedo.dll",s (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Documents and Settings\Darryl Posch\Application Data\IMVUClient\IMVUClient.exe
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files\Digital Images manager\Photags AutoDetect.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Darryl Posch\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{765B3347-AA0D-4BCB-BC58-2A160C730946}: NameServer = 66.37.238.30,66.37.238.26
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\kipudora.dll c:\windows\system32\rusavili.dll mngpxb.dll c:\windows\system32\wunufaku.dll
O20 - Winlogon Notify: bkocm - C:\WINDOWS\Config\bkocm.dll (file missing)
O20 - Winlogon Notify: cacp - C:\WINDOWS\addins\cacp.dll (file missing)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wunufaku.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wunufaku.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Program Files\ProtectService\ProtectService.exe (file missing)
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 18314 bytes

Attached Files



BC AdBot (Login to Remove)

 


#2 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:01:45 PM

Posted 31 March 2009 - 05:47 PM

Hello, kansas.
My name is aommaster and I will be helping you with your log.


If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.

Also, you may want to consider tracking this topic by either adding it to your favourites or clicking the Options button at the top of this thread.

Please note that I am in the process of my training so it may take a while for me to get back to you, as each of my fixes need to be checked by a coach first.
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
In your next reply, please include the following:
  • RSIT Log

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#3 kansas

kansas
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 31 March 2009 - 06:24 PM

Thanks so much for your help! I haven't fixed this yet and will run this program as soon as possible.

#4 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:01:45 PM

Posted 31 March 2009 - 06:33 PM

Fantastic :thumbup2:

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#5 kansas

kansas
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 01 April 2009 - 08:32 AM

Here is what the log created:
Logfile of random's system information tool 1.06 (written by random/random)
Microsoft Windows XP Professional Service Pack 2
System drive C: has 26 GB (36%) free of 71 GB
Total RAM: 1022 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:27:36 AM, on 4/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\TEMP\l8hclg.exe
C:\WINDOWS\TEMP\l8hclg.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\WINDOWS\system32\dllhost.exe
C:\DOCUME~1\DARRYL~1\LOCALS~1\Temp\2512192372.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Digital Images manager\Photags AutoDetect.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\TEMP\l8hclg.exe
C:\WINDOWS\TEMP\l8hclg.exe
C:\WINDOWS\TEMP\l8hclg.exe
C:\WINDOWS\TEMP\l8hclg.exe
C:\WINDOWS\TEMP\l8hclg.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
C:\Documents and Settings\Darryl Posch\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Darryl Posch.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: {8693ba1e-e758-6f08-6d54-ecbd9993b672} - {276b3999-dbce-45d6-80f6-857ee1ab3968} - C:\WINDOWS\system32\mngpxb.dll
O2 - BHO: (no name) - {321E22EE-E1E1-4AE2-8F9F-A852F939E943} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: (no name) - {6EA0E0A3-7396-40BC-B08E-0FC66518F346} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {75A47E8A-9441-421D-92FC-6BF87983C643} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll
O2 - BHO: (no name) - {9008FACB-2F13-4497-8447-1AAEC8525630} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: (no name) - {A9DB9D6B-DC12-45CA-94F6-ADEEEE495E2A} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: (no name) - {ad259361-564e-4fe0-9beb-3c47158bb53b} - C:\WINDOWS\system32\yowakiru.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {BB0ABB8F-0270-4FD5-95C1-105970518323} - C:\WINDOWS\Config\bkocm.dll (file missing)
O2 - BHO: (no name) - {be5edce0-d1a9-4288-b4f0-96deedcc914a} - (no file)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe" -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [munoyasiti] Rundll32.exe "C:\WINDOWS\system32\piropedo.dll",s
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Thaped] rundll32.exe "C:\WINDOWS\oqiriqowaqifihu.dll",e
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [a04e9208] rundll32.exe "C:\WINDOWS\system32\zopiwahe.dll",b
O4 - HKLM\..\Run: [CPMa37da194] Rundll32.exe "c:\windows\system32\wunufaku.dll",a
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [] C:\WINDOWS\TEMP\l8hclg.exe
O4 - HKCU\..\Run: [Windows Resurections] C:\WINDOWS\TEMP\l8hclg.exe
O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
O4 - HKCU\..\Run: [Diagnostic Manager] C:\DOCUME~1\DARRYL~1\LOCALS~1\Temp\2512192372.exe
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
O4 - HKUS\S-1-5-19\..\Run: [munoyasiti] Rundll32.exe "C:\WINDOWS\system32\piropedo.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [munoyasiti] Rundll32.exe "C:\WINDOWS\system32\piropedo.dll",s (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Documents and Settings\Darryl Posch\Application Data\IMVUClient\IMVUClient.exe
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files\Digital Images manager\Photags AutoDetect.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Darryl Posch\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{765B3347-AA0D-4BCB-BC58-2A160C730946}: NameServer = 66.37.238.30,66.37.238.26
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\kipudora.dll c:\windows\system32\rusavili.dll mngpxb.dll c:\windows\system32\wunufaku.dll
O20 - Winlogon Notify: bkocm - C:\WINDOWS\Config\bkocm.dll (file missing)
O20 - Winlogon Notify: cacp - C:\WINDOWS\addins\cacp.dll (file missing)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wunufaku.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wunufaku.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Program Files\ProtectService\ProtectService.exe (file missing)
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 18628 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Disk Cleanup.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (D9C7YK91-Darryl Posch).job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Norton Security Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-01-08 878352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{276b3999-dbce-45d6-80f6-857ee1ab3968}]
C:\WINDOWS\system32\mngpxb.dll [2009-03-26 129024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{321E22EE-E1E1-4AE2-8F9F-A852F939E943}]
C:\WINDOWS\Config\bkocm.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EA0E0A3-7396-40BC-B08E-0FC66518F346}]
C:\WINDOWS\Config\bkocm.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75A47E8A-9441-421D-92FC-6BF87983C643}]
C:\WINDOWS\Config\bkocm.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 440056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar Launcher - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll [2007-01-26 976432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8260C2B8-E0D1-448a-B062-33D12D468BF0}]
ALOT eMusic Toolbar - C:\Program Files\alot\bin\alot.dll [2007-08-10 551208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9008FACB-2F13-4497-8447-1AAEC8525630}]
C:\WINDOWS\Config\bkocm.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9DB9D6B-DC12-45CA-94F6-ADEEEE495E2A}]
C:\WINDOWS\Config\bkocm.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar5.dll [2008-10-02 2549368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ad259361-564e-4fe0-9beb-3c47158bb53b}]
C:\WINDOWS\system32\yowakiru.dll [65535-65535-31889 58368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-22 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BB0ABB8F-0270-4FD5-95C1-105970518323}]
C:\WINDOWS\Config\bkocm.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{be5edce0-d1a9-4288-b4f0-96deedcc914a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - c:\Program Files\GoogleAFE\GoogleAE.dll [2006-01-25 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-01-08 878352]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll [2007-01-26 976432]
{8260C2B8-E0D1-448a-B062-33D12D468BF0} - ALOT eMusic Toolbar - C:\Program Files\alot\bin\alot.dll [2007-08-10 551208]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar5.dll [2008-10-02 2549368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-03-23 339968]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe [2005-06-10 249856]
"HostManager"=C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe [2006-04-13 50792]
"IPHSend"=C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [2005-11-22 128616]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe [2006-12-15 75520]
"HPHmon04"=C:\WINDOWS\system32\hphmon04.exe [2002-04-04 335872]
"HPHUPD04"=C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe [2002-04-04 49152]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-11 69632]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
""= []
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-08-10 221184]
"DMXLauncher"=C:\Program Files\Roxio\Media Experience\DMXLauncher.exe [2006-08-14 102400]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-07-31 1116920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"munoyasiti"=C:\WINDOWS\system32\piropedo.dll [65535-65535-31889 58368]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-03-09 515416]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2005-04-08 48752]
"Thaped"=C:\WINDOWS\oqiriqowaqifihu.dll [2009-03-26 157184]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2009-03-26 995528]
"a04e9208"=C:\WINDOWS\system32\zopiwahe.dll [2009-03-30 90112]
"CPMa37da194"=c:\windows\system32\wunufaku.dll [2009-03-30 94208]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"user32.dll"=C:\Program Files\Video ActiveX Access\iesmn.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2006-11-07 50736]
""=C:\WINDOWS\TEMP\l8hclg.exe [2009-03-25 10241]
"Windows Resurections"=C:\WINDOWS\TEMP\l8hclg.exe [2009-03-25 10241]
"OE"=C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe [2009-03-26 492808]
"Diagnostic Manager"=C:\DOCUME~1\DARRYL~1\LOCALS~1\Temp\2512192372.exe [2009-03-30 22529]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
WinCinema Manager.lnk - C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
HotSync Manager.lnk - C:\Program Files\Palm\Hotsync.exe -logon
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
Photags AutoDetect.lnk - C:\Program Files\Digital Images manager\Photags AutoDetect.exe

C:\Documents and Settings\Darryl Posch\Start Menu\Programs\Startup
IMVU.lnk - C:\Documents and Settings\Darryl Posch\Application Data\IMVUClient\IMVUClient.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\kipudora.dll c:\windows\system32\rusavili.dll mngpxb.dll c:\windows\system32\wunufaku.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bkocm]
C:\WINDOWS\Config\bkocm.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cacp]
C:\WINDOWS\addins\cacp.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2005-04-17 43712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wunufaku.dll [2009-03-30 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wunufaku.dll [2009-03-30 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\kipudora.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\1141789614\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1141789614\ee\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\1141789614\ee\aim6.exe"="C:\Program Files\Common Files\AOL\1141789614\ee\aim6.exe:*:Enabled:AIM"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\DOCUME~1\AMBERM~1\LOCALS~1\Temp\bl4ck.com"="C:\DOCUME~1\AMBERM~1\LOCALS~1\Temp\bl4ck.com:*:ENABLED:0"
"C:\Program Files\Common Files\AOL\1160619292\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1160619292\ee\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\1160619292\ee\aim6.exe"="C:\Program Files\Common Files\AOL\1160619292\ee\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Common Files\AOL\1160619292\ee\aexplore.exe"="C:\Program Files\Common Files\AOL\1160619292\ee\aexplore.exe:*:Disabled:AOL Explorer"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"C:\Program Files\SPSSInc\SPSS16EV\spss.exe"="C:\Program Files\SPSSInc\SPSS16EV\spss.exe:*:Disabled:SPSS 16.0 Evaluation Version (1033:exe)"
"C:\Program Files\SPSSInc\SPSS16EV\spss.com"="C:\Program Files\SPSSInc\SPSS16EV\spss.com:*:Disabled:SPSS 16.0 Evaluation Version (1033:com)"
"C:\Program Files\SPSSInc\SPSS16EV\SPSSWinWrapIDE.exe"="C:\Program Files\SPSSInc\SPSS16EV\SPSSWinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor (1033)"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\tinyproxy\tinyproxy1.exe"="C:\Program Files\tinyproxy\tinyproxy1.exe:*:Enabled:TINYPROXY"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
shell\AutoRun\command - E:\setup.exe


======List of files/folders created in the last 1 months======

65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\zopiwahe.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\zolujiwa.exe
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\zododasa.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\zajifali.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\yowakiru.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\yobijowu.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\yegubewo.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\wunufaku.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\wobehubo.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\weyalomi.exe
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\vaboduka.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\tidetusu.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\tetopamu.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\sibipupu.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\sehejova.exe
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\runilowu.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\ropepenu.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\roniviha.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\piropedo.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\nuvebode.exe
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\nivunaso.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\niveyaha.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\motufoyo.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\mopidozu.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\lovuwufe.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\lehazuta.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\kipudora.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\kidamore.exe
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\kalaweru.exe
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\hitejewe.exe
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\hevolofo.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\gotigide.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\gilimugi.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\gikatuma.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\folatuhi.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\fewefupe.exe
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\fawudipo.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\dukevife.dll
65535-65535-31889 1707:31889:1771 ----ASH---- C:\WINDOWS\system32\disuyose.dll
65535-65535-31889 1707:31889:1771 ----A---- C:\WINDOWS\system32\zumaholu.dll
65535-65535-31889 1707:31889:1771 ----A---- C:\WINDOWS\system32\vogegisu.dll
65535-65535-31889 1707:31889:1771 ----A---- C:\WINDOWS\system32\kunobesi.dll
65535-65535-31889 1707:31889:1771 ----A---- C:\WINDOWS\system32\jinonipa.dll
65535-65535-31889 1707:31889:1771 ----A---- C:\WINDOWS\system32\hutubuje.dll
65535-65535-31889 1707:31889:1771 ----A---- C:\WINDOWS\system32\fugedepi.dll
2009-04-01 08:25:37 ----D---- C:\rsit
2009-03-30 08:18:20 ----D---- C:\WINDOWS\system32\Service
2009-03-30 07:51:25 ----SH---- C:\WINDOWS\system32\ehawipoz.ini
2009-03-27 10:36:26 ----D---- C:\Program Files\CCleaner
2009-03-27 09:28:50 ----A---- C:\WINDOWS\DCEBoot.exe
2009-03-26 14:13:38 ----D---- C:\Documents and Settings\All Users\Application Data\Trend Micro
2009-03-26 14:12:21 ----D---- C:\Program Files\Trend Micro
2009-03-26 13:36:26 ----D---- C:\Documents and Settings\Darryl Posch\Application Data\HouseCall 6.6
2009-03-26 13:31:44 ----D---- C:\Program Files\Mozilla Firefox
2009-03-26 11:01:41 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-03-26 10:29:59 ----A---- C:\WINDOWS\oqiriqowaqifihu.dll
2009-03-26 10:15:13 ----ASH---- C:\WINDOWS\system32\mngpxb.dll
2009-03-26 09:33:05 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-03-26 08:12:56 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-03-25 17:09:48 ----A---- C:\WINDOWS\system32\winlg77.dll
2009-03-25 16:49:33 ----A---- C:\WINDOWS\system32\ntdll64.exe
2009-03-25 16:49:10 ----A---- C:\WINDOWS\system32\uacinit.dll
2009-03-25 16:48:57 ----A---- C:\WINDOWS\system32\UACwwybmgly.dll
2009-03-25 15:27:30 ----A---- C:\WINDOWS\system32\frmwrk32.exe
2009-03-25 15:25:52 ----A---- C:\WINDOWS\system32\UACcnwuumrl.dll
2009-03-25 15:25:31 ----A---- C:\aywbok.exe
2009-03-25 15:25:27 ----A---- C:\prsqub.exe
2009-03-25 15:25:25 ----A---- C:\stjr.exe
2009-03-25 15:25:23 ----ASH---- C:\WINDOWS\system32\vfelnx.dll
2009-03-25 15:25:21 ----A---- C:\qurdchd.exe
2009-03-25 15:25:20 ----A---- C:\WINDOWS\instsp2.exe
2009-03-25 03:25:05 ----ASH---- C:\WINDOWS\system32\zmuagi.dll
2009-03-24 20:00:48 ----HDC---- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-24 20:00:25 ----D---- C:\Program Files\Lavasoft
2009-03-24 20:00:25 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-03-24 19:39:20 ----D---- C:\Documents and Settings\Darryl Posch\Application Data\Uniblue
2009-03-24 19:38:47 ----HDC---- C:\Documents and Settings\All Users\Application Data\~0
2009-03-24 03:24:26 ----A---- C:\WINDOWS\system32\xozpxp.dll
2009-03-23 15:24:19 ----ASH---- C:\WINDOWS\system32\wuicpu.dll
2009-03-23 03:24:10 ----A---- C:\WINDOWS\system32\xwugrl.dll
2009-03-22 15:23:59 ----A---- C:\WINDOWS\system32\rlksuc.dll
2009-03-12 03:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-12 03:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-12 03:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$

======List of files/folders modified in the last 1 months======

2009-04-01 08:26:04 ----D---- C:\WINDOWS\Temp
2009-04-01 08:08:17 ----D---- C:\WINDOWS
2009-04-01 08:07:13 ----ASH---- C:\WINDOWS\system32\popukalu.dll
2009-04-01 08:07:13 ----ASH---- C:\WINDOWS\system32\ponimero.exe
2009-04-01 08:07:13 ----ASH---- C:\WINDOWS\system32\hohokaza.dll
2009-04-01 08:07:12 ----D---- C:\WINDOWS\system32
2009-04-01 08:05:15 ----D---- C:\WINDOWS\Registration
2009-04-01 08:05:13 ----SD---- C:\WINDOWS\Tasks
2009-04-01 08:04:29 ----A---- C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt
2009-04-01 08:03:56 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-31 14:30:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-31 13:15:48 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-03-31 13:15:48 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-31 13:15:45 ----HD---- C:\WINDOWS\inf
2009-03-31 11:52:31 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-03-30 15:11:55 ----D---- C:\WINDOWS\Prefetch
2009-03-29 07:05:58 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2009-03-27 16:21:59 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-03-27 11:36:17 ----SHD---- C:\WINDOWS\Installer
2009-03-27 10:36:26 ----D---- C:\Program Files
2009-03-27 09:35:10 ----D---- C:\Program Files\Symantec AntiVirus
2009-03-26 16:36:06 ----D---- C:\Program Files\Common Files\?ecurity
2009-03-26 14:15:33 ----D---- C:\WINDOWS\system32\drivers
2009-03-26 14:14:00 ----SHD---- C:\Config.Msi
2009-03-26 14:03:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-26 14:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-26 13:32:03 ----D---- C:\Documents and Settings\Darryl Posch\Application Data\Mozilla
2009-03-26 12:31:28 ----D---- C:\WINDOWS\Minidump
2009-03-26 11:40:53 ----A---- C:\WINDOWS\system32\wornmsiu.exe
2009-03-26 11:40:46 ----A---- C:\WINDOWS\system32\vxufkmte.exe
2009-03-26 11:40:46 ----A---- C:\WINDOWS\system32\vntglhkl.exe
2009-03-26 11:40:40 ----A---- C:\WINDOWS\system32\tlswhmvl.exe
2009-03-26 11:40:35 ----A---- C:\WINDOWS\system32\ssouwnes.exe
2009-03-26 11:40:32 ----A---- C:\WINDOWS\system32\siwqtxis.exe
2009-03-26 11:40:24 ----A---- C:\WINDOWS\system32\qxgfuvgc.exe
2009-03-26 11:40:17 ----A---- C:\WINDOWS\system32\oxsytrjh.exe
2009-03-26 11:39:47 ----A---- C:\WINDOWS\system32\mdkkimlk.exe
2009-03-26 11:39:39 ----A---- C:\WINDOWS\system32\kpvhlopp.exe
2009-03-26 11:39:39 ----A---- C:\WINDOWS\system32\kokxaiiq.exe
2009-03-26 11:39:38 ----A---- C:\WINDOWS\system32\knesfomq.exe
2009-03-26 11:39:33 ----A---- C:\WINDOWS\system32\jtiugdng.exe
2009-03-26 11:39:23 ----A---- C:\WINDOWS\system32\hsahoxaw.exe
2009-03-26 11:39:10 ----A---- C:\WINDOWS\system32\ebbfkisv.exe
2009-03-26 11:39:08 ----A---- C:\WINDOWS\system32\dtedutfr.exe
2009-03-26 11:38:46 ----A---- C:\WINDOWS\system32\cadycibq.exe
2009-03-26 11:38:44 ----A---- C:\WINDOWS\system32\aujqmmbo.exe
2009-03-26 10:29:22 ----D---- C:\Program Files\tinyproxy
2009-03-26 10:28:58 ----D---- C:\WINDOWS\system32\846888
2009-03-26 10:10:49 ----N---- C:\WINDOWS\system32\svchost.exe
2009-03-26 10:06:52 ----D---- C:\Program Files\ProtectService
2009-03-26 09:33:32 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-03-26 09:33:28 ----D---- C:\Program Files\Symantec
2009-03-26 09:32:48 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-03-26 09:27:12 ----D---- C:\Program Files\Norton Security Scan
2009-03-26 09:04:06 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-24 20:57:28 ----D---- C:\Program Files\Common Files
2009-03-24 20:03:32 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-24 20:00:16 ----D---- C:\WINDOWS\WinSxS
2009-03-24 18:35:09 ----A---- C:\WINDOWS\wininit.ini
2009-03-12 03:01:55 ----A---- C:\WINDOWS\imsins.BAK
2009-03-12 03:00:53 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-11 05:16:52 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-09 19:00:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-05 16:03:34 ----D---- C:\WINDOWS\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-01 12952]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-01 28216]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-04-05 267192]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2009-03-26 80400]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-08 35128]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-08 32504]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-08 9432]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-08 104504]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-08 26136]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-08 14552]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-08 97880]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-08 94680]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-01 51800]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []
R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2009-03-26 36368]
R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2009-03-26 205328]
R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2009-03-26 1195512]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-14 155648]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-17 1042432]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-17 212224]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2005-09-20 10368]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090326.007\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090326.007\navex15.sys []
R3 SAMFILT;SAMFILT; C:\WINDOWS\SYSTEM32\drivers\samfilt.sys [2004-03-20 34688]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-16 1047816]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-04-05 17976]
R3 tmcfw;Trend Micro Common Firewall Service; C:\WINDOWS\system32\DRIVERS\TM_CFW.sys [2009-03-26 335376]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-10-25 27264]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-17 680704]
S1 ce4ac9e4;ce4ac9e4; C:\WINDOWS\System32\drivers\ce4ac9e4.sys []
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 Dot4 HPH11;Dot4 HPH11; C:\WINDOWS\system32\DRIVERS\hphid411.sys [2002-04-04 50800]
S3 Dot4Print HPH11;Print Class Driver for IEEE-1284.4 HPH11; C:\WINDOWS\system32\DRIVERS\hphipr11.sys [2002-04-04 16112]
S3 Dot4Storage HPH11;Storage Class Driver for IEEE-1284.4 (HPH11); C:\WINDOWS\System32\Drivers\hphs2k11.sys [2002-04-04 49956]
S3 Dot4Usb HPH11;Dot4Usb HPH11; C:\WINDOWS\System32\drivers\hphius11.sys [2002-04-04 18928]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
S3 JL2004A;JL2004A Photo Viewer; C:\WINDOWS\System32\Drivers\pv_wdm.sys [2007-02-13 63289]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-05 39424]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mr97310c;CIF Dual-Mode Camera; C:\WINDOWS\system32\DRIVERS\mr97310c.sys [2007-10-26 107904]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2008-07-31 16694]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-12-05 287360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\sscdserd.sys [2005-08-17 73696]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-04 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-04 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-04 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2004-08-03 5504]
S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2006-08-09 50688]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-04 41088]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-04 42240]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2005-04-08 185968]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2005-04-08 161392]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2005-04-17 19648]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-03-26 341256]
R2 TmPfw;Trend Micro Personal Firewall; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [2009-03-26 497008]
R2 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-03-26 677128]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-03-26 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 Pml Driver HPH11;Pml Driver HPH11; C:\WINDOWS\system32\HPHipm11.exe [2002-04-04 77824]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 267776]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 183280]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S2 Network Location Awareness (NLA) (Nla);Network Location Awareness (NLA) (Nla); C:\Program Files\ProtectService\ProtectService.exe []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe [2006-08-10 294912]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2006-08-10 303104]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-08-10 159744]
S2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2009-03-26 711248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2005-04-08 83568]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2009-03-26 14336]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2004-11-19 147456]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe [2006-08-10 57344]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-08-10 880640]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2005-04-17 124608]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2005-04-05 206552]
S3 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2005-03-30 992864]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-07-20 73728]
S3 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2005-04-17 1706176]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------


Thank you for your help!

#6 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:01:45 PM

Posted 01 April 2009 - 01:58 PM

Hello, kansas.
Download and Run ComboFix (by sUBs)

Please download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

The Recovery Console was successfully installed. Click 'Yes' to continue scanning for malware. Click 'No' to exit

Click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a new HijackThis log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


In your next reply, please include the following:
  • ComboFix.txt
  • Fresh HijackThis Log

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#7 kansas

kansas
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 01 April 2009 - 04:37 PM

Attached are the results of the ComboFix and the new Hijack This log.

Thank you!

Attached Files



#8 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:01:45 PM

Posted 01 April 2009 - 05:06 PM

Hi kansas
In the future, please copy and paste your logs (even though they are long) into your reply, rather than attach them. It makes them easier for me to read.

Please give me a while to look through your logs and I'll get back to you as soon as possible :thumbup2:

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#9 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:01:45 PM

Posted 02 April 2009 - 06:38 AM

Hello, kansas.
I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Symantec AntiVirus Corporate Edition or Trend Micro Internet Security .





1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

folder::
C:\32788R22FWJFW
c:\documents and settings\All Users\Application Data\~0
c:\documents and settings\Kelsey Meadows\Application Data\VirusRemover2009
file::
C:\pv.exe
c:\windows\DCEBoot.exe
c:\windows\oqiriqowaqifihu.dll
c:\windows\system32\drivers\c742ed9c.sys
c:\windows\system32\drivers\ce4ac9e4.sys
C:\prsqub.exe
C:\aywbok.exe
C:\qurdchd.exe
C:\stjr.exe
C:\-1605463385
c:\windows\system32\drivers\UACdrsbuwmd.sys

Save this as CFScript.txt, in the same location as ComboFix.exe

Now, drag and drop CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

NEXT:
Run HijackThis.
Click on Do a system scan only.
Place a checkmark next to these lines (if still present).


O4 - HKLM\..\Run: [Thaped] rundll32.exe "C:\WINDOWS\oqiriqowaqifihu.dll",e
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)


Then close all windows except HijackThis and click Fix Checked.

Restart



NEXT:

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan.
    If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    If you encounter any problems while downloading the updates, manually download them from here
    and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



In your next reply, please include the following:
  • ComboFix.txt
  • RSIT Log
  • Description of any remaining problems
  • MBAM Log

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#10 kansas

kansas
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 02 April 2009 - 10:44 AM

Going to have to put this in two replies. I've got to split the combofix log into three parts.


ComboFix 09-04-01.01 - 2009-04-02 9:20:54.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.398 [GMT -5:00]
Running from: c:\documents and settings\Darryl\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Darryl\Desktop\CFScript.txt
AV: Trend Micro Internet Security *On-access scanning disabled* (Updated)
FW: Trend Micro Personal Firewall *disabled*
* Created a new restore point

FILE ::
C:\-1605463385
C:\aywbok.exe
C:\prsqub.exe
C:\pv.exe
C:\qurdchd.exe
C:\stjr.exe
c:\windows\DCEBoot.exe
c:\windows\oqiriqowaqifihu.dll
c:\windows\system32\drivers\c742ed9c.sys
c:\windows\system32\drivers\ce4ac9e4.sys
c:\windows\system32\drivers\UACdrsbuwmd.sys
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\-1605463385
C:\aywbok.exe
c:\documents and settings\All Users\Application Data\~0
c:\documents and settings\All Users\Application Data\~0\mia.lib
c:\documents and settings\All Users\Application Data\~0\Uniblue RegistryBooster.exe
c:\documents and settings\Kelsey Meadows\Application Data\VirusRemover2009
c:\documents and settings\Kelsey Meadows\Application Data\VirusRemover2009\Logs\scns.log
C:\prsqub.exe
C:\pv.exe
c:\windows\DCEBoot.exe
c:\windows\oqiriqowaqifihu.dll
c:\windows\system32\drivers\c742ed9c.sys
c:\windows\system32\drivers\ce4ac9e4.sys
c:\windows\system32\drivers\UACdrsbuwmd.sys

.
((((((((((((((((((((((((( Files Created from 2009-03-02 to 2009-04-02 )))))))))))))))))))))))))))))))
.

2009-04-02 08:13 . 2009-04-02 08:13 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-02 08:13 . 2009-04-02 08:13 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\scripting
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\en
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\bits
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\l2schemas
2009-04-01 17:55 . 2009-04-01 18:04 <DIR> d-------- c:\windows\ServicePackFiles
2009-04-01 17:14 . 2008-12-20 18:15 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2009-04-01 17:14 . 2008-12-20 18:15 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-04-01 17:13 . 2008-12-20 18:15 6,066,688 --------- c:\windows\system32\dllcache\ieframe.dll
2009-04-01 17:13 . 2007-04-17 04:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2009-04-01 17:13 . 2007-03-08 00:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-04-01 17:13 . 2008-12-20 18:15 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2009-04-01 17:13 . 2008-12-20 18:15 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2009-04-01 17:13 . 2008-12-20 18:15 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2009-04-01 17:13 . 2008-12-19 04:10 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2009-04-01 17:03 . 2007-08-13 18:54 33,792 --a------ c:\windows\system32\dllcache\custsat.dll
2009-04-01 08:25 . 2009-04-01 08:28 <DIR> d-------- C:\rsit
2009-03-31 11:52 . 2009-03-31 11:52 <DIR> d-------- c:\documents and settings\LocalService\Application Data\alot
2009-03-30 08:18 . 2009-03-30 08:18 <DIR> d-------- c:\windows\system32\Service
2009-03-27 10:36 . 2009-03-27 10:36 <DIR> d-------- c:\program files\CCleaner
2009-03-26 14:15 . 2009-03-26 13:48 50,192 --a------ c:\windows\system32\drivers\tmevtmgr.sys
2009-03-26 14:15 . 2009-03-26 13:48 50,192 --a------ c:\windows\system32\drivers\tmactmon.sys
2009-03-26 14:13 . 2009-03-27 09:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\Trend Micro
2009-03-26 14:12 . 2009-03-30 15:11 <DIR> d-------- c:\program files\Trend Micro
2009-03-26 13:48 . 2009-03-26 13:48 1,195,512 --a------ c:\windows\system32\drivers\vsapint.sys
2009-03-26 13:48 . 2009-03-26 13:48 661,808 --a------ c:\windows\system32\UfWSC.cpl
2009-03-26 13:48 . 2009-03-26 13:48 335,376 --a------ c:\windows\system32\drivers\TM_CFW.sys
2009-03-26 13:48 . 2009-03-26 13:48 205,328 --a------ c:\windows\system32\drivers\tmxpflt.sys
2009-03-26 13:48 . 2009-03-26 13:48 80,400 --a------ c:\windows\system32\drivers\tmtdi.sys
2009-03-26 13:48 . 2009-03-26 13:48 36,368 --a------ c:\windows\system32\drivers\tmpreflt.sys
2009-03-26 13:37 . 2009-03-26 13:48 150,032 --a------ c:\windows\system32\drivers\tmcomm.sys
2009-03-26 13:36 . 2009-03-26 13:54 <DIR> d-------- c:\documents and settings\Darryl Posch\Application Data\HouseCall 6.6
2009-03-26 11:01 . 2009-03-09 14:06 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-03-26 08:12 . 2008-04-13 19:11 21,504 --a------ c:\windows\system32\hidserv.dll
2009-03-25 17:09 . 2009-01-20 22:11 401,408 --a------ c:\windows\system32\winlg77.dll
2009-03-24 20:03 . 2009-03-09 14:06 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d-------- c:\program files\Lavasoft
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-24 19:39 . 2009-03-24 19:39 <DIR> d-------- c:\documents and settings\Darryl Posch\Application Data\Uniblue
2009-03-24 16:36 . 2009-03-24 16:36 <DIR> d-------- c:\documents and settings\Kelsey Meadows\Application Data\Logs
2009-03-24 07:20 . 2009-03-24 07:20 <DIR> d-------- c:\documents and settings\Ashley\Application Data\Logs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-02 13:23 --------- d-----w c:\program files\Symantec AntiVirus
2009-04-02 13:23 --------- d-----w c:\program files\Symantec
2009-04-02 13:23 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-04-02 13:23 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-04-02 13:13 --------- d-----w c:\program files\Java
2009-04-01 19:07 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-01 13:07 5,982 --sha-w c:\windows\system32\popukalu.dll
2009-04-01 13:07 5,982 --sha-w c:\windows\system32\hohokaza.dll
2009-04-01 13:07 5,869 --sha-w c:\windows\system32\ponimero.exe
2009-03-31 18:52 5,982 --sha-w c:\windows\system32\motufoyo.dll
2009-03-31 18:52 5,982 --sha-w c:\windows\system32\lehazuta.dll
2009-03-31 18:52 5,869 --sha-w c:\windows\system32\weyalomi.exe
2009-03-30 12:51 61,440 --sha-w c:\windows\system32\kidamore.exe
2009-03-29 12:05 --------- d-----w c:\documents and settings\All Users\Application Data\HP
2009-03-29 07:56 5,982 --sha-w c:\windows\system32\niveyaha.dll
2009-03-29 07:56 5,982 --sha-w c:\windows\system32\dukevife.dll
2009-03-29 07:56 5,866 --sha-w c:\windows\system32\hitejewe.exe
2009-03-29 03:15 5,982 --sha-w c:\windows\system32\roniviha.dll
2009-03-29 03:15 5,982 --sha-w c:\windows\system32\lovuwufe.dll
2009-03-29 03:15 5,866 --sha-w c:\windows\system32\sehejova.exe
2009-03-28 15:15 5,982 --sha-w c:\windows\system32\sibipupu.dll
2009-03-28 15:15 5,982 --sha-w c:\windows\system32\runilowu.dll
2009-03-28 15:15 5,866 --sha-w c:\windows\system32\kalaweru.exe
2009-03-28 03:15 5,982 --sha-w c:\windows\system32\yobijowu.dll
2009-03-28 03:15 5,982 --sha-w c:\windows\system32\fawudipo.dll
2009-03-28 03:15 5,866 --sha-w c:\windows\system32\nuvebode.exe
2009-03-27 15:15 5,982 --sha-w c:\windows\system32\gilimugi.dll
2009-03-27 15:15 5,982 --sha-w c:\windows\system32\gikatuma.dll
2009-03-27 15:15 5,868 --sha-w c:\windows\system32\fewefupe.exe
2009-03-27 03:15 5,982 --sha-w c:\windows\system32\wobehubo.dll
2009-03-27 03:15 5,982 --sha-w c:\windows\system32\hevolofo.dll
2009-03-27 03:15 5,868 --sha-w c:\windows\system32\zolujiwa.exe
2009-03-26 19:03 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-26 19:03 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-26 14:27 --------- d-----w c:\program files\Norton Security Scan
2009-03-16 20:17 --------- d-----w c:\documents and settings\Ashley\Application Data\Move Networks
2009-03-12 08:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:13 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-17 02:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2008-07-09 20:58 335 -c-ha-w c:\documents and settings\Darryl Posch\hpothb07.dat
2008-03-11 03:02 350 -c-ha-w c:\documents and settings\Kelsey Meadows\hpothb07.dat
2008-03-11 03:02 339 -c-ha-w c:\documents and settings\Ashley Meadows\hpothb07.dat
2008-03-11 03:02 0 -c-ha-w c:\documents and settings\Default User\hpothb07.dat
2008-03-11 03:02 0 -c-ha-w c:\documents and settings\Ashley\hpothb07.dat
2008-03-11 02:39 164 -c-ha-w c:\documents and settings\All Users\hpothb07.dat
2006-11-21 03:03 183 -c-ha-w c:\documents and settings\Ashley Meadows\Application Data\hpothb07.dat
2006-11-12 09:08 1,315,701 -csh--w c:\windows\addins\pcac.bak1
2007-02-05 01:44 975,149 -csh--w c:\windows\Config\mcokb.bak1
2007-02-05 02:04 974,567 -csh--w c:\windows\Config\mcokb.bak2
2007-02-05 03:21 975,412 -csh--w c:\windows\Config\mcokb.ini2
2007-10-02 00:13 104 --sh--r c:\windows\system32\00C4CCBDBC.sys
2006-11-11 22:17 1,315,975 -csh--w c:\windows\system32\Macromed\Shockwave 8\DswMedia\drhakba.bak1
.

((((((((((((((((((((((((((((( SnapShot@2009-04-01_15.33.46.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB938464_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB938464_0$\spuninst\updspapi.dll
- 2004-08-04 07:06:34 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2004-08-04 07:06:34 82,944 -c----w c:\windows\$NtUninstallKB946648_0$\msgsc.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB946648_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB946648_0$\spuninst\updspapi.dll
- 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950762_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950762_0$\spuninst\updspapi.dll
- 2005-07-26 04:39:45 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2005-07-26 04:39:45 243,200 -c----w c:\windows\$NtUninstallKB950974_0$\es.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950974_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB950974_0$\spuninst\updspapi.dll
- 2007-08-21 06:15:44 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-08-21 06:15:44 683,520 -c----w c:\windows\$NtUninstallKB951066_0$\inetcomm.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951066_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951066_0$\spuninst\updspapi.dll
- 2008-04-14 11:01:02 272,128 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2008-04-14 11:01:02 272,128 -c----w c:\windows\$NtUninstallKB951376-v2_0$\bthport.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376_0$\spuninst\updspapi.dll
- 2007-10-29 22:35:13 1,287,680 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-10-29 22:35:13 1,287,680 -c----w c:\windows\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951698_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951698_0$\spuninst\updspapi.dll
- 2004-08-10 11:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
- 2008-02-20 05:32:43 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
- 2004-08-10 11:00:00 245,248 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
- 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-10 11:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748_0$\afd.sys
+ 2008-02-20 05:32:43 148,992 -c----w c:\windows\$NtUninstallKB951748_0$\dnsapi.dll
+ 2004-08-10 11:00:00 245,248 -c----w c:\windows\$NtUninstallKB951748_0$\mswsock.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951748_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951748_0$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748_0$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748_0$\tcpip6.sys
- 2004-08-10 11:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2004-08-10 11:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287_0$\msadce.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB952287_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB952287_0$\spuninst\updspapi.dll
- 2005-06-29 01:46:00 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2005-06-29 01:46:00 74,240 -c----w c:\windows\$NtUninstallKB952954_0$\mscms.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB952954_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB952954_0$\spuninst\updspapi.dll
- 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954211_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB954211_0$\spuninst\updspapi.dll
+ 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\$NtUninstallKB954211_0$\win32k.sys
- 2006-08-21 15:52:08 246,814 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954600_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB954600_0$\spuninst\updspapi.dll
+ 2006-08-21 15:52:08 246,814 -c----w c:\windows\$NtUninstallKB954600_0$\strmdll.dll
- 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\$NtUninstallKB955069_0$\msxml3.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB955069_0$\spuninst\spuninst.exe
+ 2008-07-09 19:08:38 382,840 -c----w c:\windows\$NtUninstallKB955069_0$\spuninst\updspapi.dll
- 2008-02-20 06:51:05 282,624 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-02-20 06:51:05 282,624 -c----w c:\windows\$NtUninstallKB956802_0$\gdi32.dll
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB956802_0$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956802_0$\spuninst\updspapi.dll
- 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803_0$\afd.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956803_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB956803_0$\spuninst\updspapi.dll
- 2007-02-28 09:15:59 2,017,280 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
- 2007-02-28 09:53:04 2,137,600 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-02-28 09:53:04 2,137,600 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrnlmp.exe
+ 2007-02-28 09:15:59 2,017,280 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe
+ 2007-02-28 09:15:59 2,017,280 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrpamp.exe
+ 2007-02-28 09:53:04 2,137,600 -c----w c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956841_0$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956841_0$\spuninst\updspapi.dll
- 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB957095_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB957095_0$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095_0$\srv.sys
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097_0$\mrxsmb.sys
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB957097_0$\spuninst\spuninst.exe
+ 2008-07-08 13:02:12 382,840 -c----w c:\windows\$NtUninstallKB957097_0$\spuninst\updspapi.dll
- 2006-08-17 12:28:27 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2006-08-17 12:28:27 332,288 -c----w c:\windows\$NtUninstallKB958644_0$\netapi32.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB958644_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958644_0$\spuninst\updspapi.dll
- 2008-08-28 10:04:17 333,056 -c----w c:\windows\$NtUninstallKB958687$\srv.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB958687_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958687_0$\spuninst\updspapi.dll
+ 2008-08-28 10:04:17 333,056 -c----w c:\windows\$NtUninstallKB958687_0$\srv.sys
- 2008-09-15 11:57:41 1,846,016 -c----w c:\windows\$NtUninstallKB958690$\win32k.sys
- 2007-04-25 14:21:15 144,896 -c----w c:\windows\$NtUninstallKB960225$\schannel.dll
- 2007-10-26 03:34:01 8,460,288 -c----w c:\windows\$NtUninstallKB967715$\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 -c----w c:\windows\$NtUninstallKB967715_0$\shell32.dll
+ 2008-07-09 07:38:25 231,288 -c----w c:\windows\$NtUninstallKB967715_0$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB967715_0$\spuninst\updspapi.dll
- 2006-10-04 14:05:26 39,424 ------w c:\windows\AppPatch\acadproc.dll
+ 2008-04-14 00:11:48 39,424 ----a-w c:\windows\AppPatch\acadproc.dll
- 2004-08-10 11:00:00 1,852,416 ----a-w c:\windows\AppPatch\AcGenral.dll
+ 2008-04-14 00:11:48 1,852,928 ----a-w c:\windows\AppPatch\acgenral.dll
- 2004-08-10 11:00:00 450,048 -c--a-w c:\windows\AppPatch\AcLayers.dll
+ 2008-04-14 00:11:48 451,072 ----a-w c:\windows\AppPatch\aclayers.dll
- 2004-08-10 11:00:00 137,728 -c--a-w c:\windows\AppPatch\AcLua.dll
+ 2008-04-14 00:11:48 141,312 ----a-w c:\windows\AppPatch\aclua.dll
- 2004-08-10 11:00:00 244,736 -c--a-w c:\windows\AppPatch\AcSpecfc.dll
+ 2008-04-14 00:11:48 245,248 ----a-w c:\windows\AppPatch\acspecfc.dll
- 2004-08-10 11:00:00 116,224 -c--a-w c:\windows\AppPatch\AcXtrnal.dll
+ 2008-04-14 00:11:48 116,224 ----a-w c:\windows\AppPatch\acxtrnal.dll
- 2005-08-16 10:39:32 8,704 -c--a-w c:\windows\assembly\GAC\Accessibility\1.0.3300.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-04-01 23:07:35 8,704 ----a-w c:\windows\assembly\GAC\Accessibility\1.0.3300.0__b03f5f7f11d50a3a\Accessibility.dll
- 2005-08-17 03:11:06 117,248 ----a-w c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
+ 2009-04-02 08:13:26 117,248 ----a-w c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
- 2005-08-16 10:39:32 12,288 -c--a-w c:\windows\assembly\GAC\cscompmgd\7.0.3300.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-04-01 23:07:32 12,288 ----a-w c:\windows\assembly\GAC\cscompmgd\7.0.3300.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2005-08-16 10:39:32 34,816 -c--a-w c:\windows\assembly\GAC\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-04-01 23:07:34 34,816 ----a-w c:\windows\assembly\GAC\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2005-08-17 03:11:04 102,400 ----a-w c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
+ 2009-04-02 08:13:25 102,400 ----a-w c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
- 2008-02-19 02:17:06 1,863,680 ----a-w c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll
+ 2009-04-02 08:13:26 1,863,680 ----a-w c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
- 2005-08-17 03:11:06 192,512 -c--a-w c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll
+ 2009-04-02 08:13:26 192,512 ----a-w c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll
- 2008-02-19 02:17:06 868,352 ----a-w c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
+ 2009-04-02 08:13:26 868,352 ----a-w c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
- 2005-08-17 03:11:04 126,976 ----a-w c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
+ 2009-04-02 08:13:26 126,976 ----a-w c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
- 2005-08-17 03:11:02 8,192 -c--a-w c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll
+ 2009-04-02 08:13:25 8,192 ----a-w c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll
- 2005-08-17 03:11:02 73,728 -c--a-w c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll
+ 2009-04-02 08:13:25 73,728 ----a-w c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll
- 2005-08-17 03:11:04 167,936 -c--a-w c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll
+ 2009-04-02 08:13:26 167,936 ----a-w c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll
- 2008-02-19 02:17:06 204,800 -c--a-w c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiplay.dll
+ 2009-04-02 08:13:26 204,800 ----a-w c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiPlay.dll
- 2005-08-17 03:11:04 389,120 ----a-w c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
+ 2009-04-02 08:13:26 389,120 ----a-w c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
- 2005-08-17 03:11:04 18,944 -c--a-w c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll
+ 2009-04-02 08:13:26 18,944 ----a-w c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll
- 2005-08-17 03:11:04 278,528 -c--a-w c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll
+ 2009-04-02 08:13:26 278,528 ----a-w c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll
- 2005-08-17 03:11:02 122,880 -c--a-w c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll
+ 2009-04-02 08:13:25 122,880 ----a-w c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll
- 2005-08-17 03:11:06 53,248 -c--a-w c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll
+ 2009-04-02 08:13:27 53,248 ----a-w c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll
- 2005-08-17 03:11:04 389,120 ----a-w c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
+ 2009-04-02 08:13:25 389,120 ----a-w c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
- 2005-08-16 10:39:34 7,168 -c--a-w c:\windows\assembly\GAC\IEExecRemote\1.0.3300.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-04-01 23:07:41 7,168 ----a-w c:\windows\assembly\GAC\IEExecRemote\1.0.3300.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2005-08-16 10:39:34 32,768 -c--a-w c:\windows\assembly\GAC\IEHost\1.0.3300.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-04-01 23:07:42 32,768 ----a-w c:\windows\assembly\GAC\IEHost\1.0.3300.0__b03f5f7f11d50a3a\IEHost.dll
- 2005-08-16 10:39:34 4,096 -c--a-w c:\windows\assembly\GAC\IIEHost\1.0.3300.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-04-01 23:07:42 4,096 ----a-w c:\windows\assembly\GAC\IIEHost\1.0.3300.0__b03f5f7f11d50a3a\IIEHost.dll
- 2005-08-16 10:39:34 27,136 -c--a-w c:\windows\assembly\GAC\ISymWrapper\1.0.3300.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-04-01 23:07:43 27,136 ----a-w c:\windows\assembly\GAC\ISymWrapper\1.0.3300.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2005-08-16 10:39:32 712,704 -c--a-w c:\windows\assembly\GAC\Microsoft.JScript\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-04-01 23:07:32 712,704 ----a-w c:\windows\assembly\GAC\Microsoft.JScript\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2005-08-17 03:11:06 45,056 -c--a-w c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
+ 2009-04-02 08:13:27 45,056 ----a-w c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
- 2005-08-16 10:39:32 28,672 -c--a-w c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-04-01 23:07:31 28,672 ----a-w c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2005-08-16 10:39:32 286,720 -c--a-w c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-04-01 23:07:32 286,720 ----a-w c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2005-08-16 10:39:32 5,632 -c--a-w c:\windows\assembly\GAC\Microsoft.VisualC\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2009-04-01 23:07:33 5,632 ----a-w c:\windows\assembly\GAC\Microsoft.VisualC\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
- 2005-08-16 10:39:32 11,264 -c--a-w c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-04-01 23:07:30 11,264 ----a-w c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2005-08-16 10:39:32 18,944 -c--a-w c:\windows\assembly\GAC\Microsoft.Vsa\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-04-01 23:07:31 18,944 ----a-w c:\windows\assembly\GAC\Microsoft.Vsa\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2005-08-16 10:39:32 6,656 -c--a-w c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.3300.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-04-01 23:07:30 6,656 ----a-w c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.3300.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2005-08-16 10:39:34 1,564,672 -c--a-w c:\windows\assembly\GAC\mscorcfg\1.0.3300.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2009-04-01 23:07:43 1,564,672 ----a-w c:\windows\assembly\GAC\mscorcfg\1.0.3300.0__b03f5f7f11d50a3a\mscorcfg.dll
- 2005-08-16 10:39:32 32,768 -c--a-w c:\windows\assembly\GAC\Regcode\1.0.3300.0__b03f5f7f11d50a3a\RegCode.dll
+ 2009-04-01 23:07:33 32,768 ----a-w c:\windows\assembly\GAC\Regcode\1.0.3300.0__b03f5f7f11d50a3a\RegCode.dll
- 2005-08-16 10:39:32 77,824 -c--a-w c:\windows\assembly\GAC\System.Configuration.Install\1.0.3300.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-04-01 23:07:35 77,824 ----a-w c:\windows\assembly\GAC\System.Configuration.Install\1.0.3300.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2005-08-16 10:39:34 1,179,648 -c--a-w c:\windows\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll
+ 2009-04-01 23:07:39 1,179,648 ----a-w c:\windows\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll
- 2005-08-16 10:39:34 1,695,744 -c--a-w c:\windows\assembly\GAC\System.Design\1.0.3300.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-04-01 23:07:40 1,695,744 ----a-w c:\windows\assembly\GAC\System.Design\1.0.3300.0__b03f5f7f11d50a3a\System.Design.dll
- 2005-08-16 10:39:32 86,016 -c--a-w c:\windows\assembly\GAC\System.DirectoryServices\1.0.3300.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-04-01 23:07:36 86,016 ----a-w c:\windows\assembly\GAC\System.DirectoryServices\1.0.3300.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2005-08-16 10:39:32 65,536 -c--a-w c:\windows\assembly\GAC\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-04-01 23:07:36 65,536 ----a-w c:\windows\assembly\GAC\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2005-08-16 10:39:34 462,848 -c--a-w c:\windows\assembly\GAC\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-04-01 23:07:40 462,848 ----a-w c:\windows\assembly\GAC\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2005-08-16 10:39:32 212,992 -c--a-w c:\windows\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-04-01 23:07:33 212,992 ----a-w c:\windows\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2005-08-16 10:39:32 48,640 -c--a-w c:\windows\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2009-04-01 23:07:34 48,640 ----a-w c:\windows\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
- 2005-08-16 10:39:34 352,256 -c--a-w c:\windows\assembly\GAC\System.Management\1.0.3300.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-04-01 23:07:44 352,256 ----a-w c:\windows\assembly\GAC\System.Management\1.0.3300.0__b03f5f7f11d50a3a\System.Management.dll
- 2005-08-16 10:39:34 241,664 -c--a-w c:\windows\assembly\GAC\System.Messaging\1.0.3300.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-04-01 23:07:41 241,664 ----a-w c:\windows\assembly\GAC\System.Messaging\1.0.3300.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2005-08-16 10:39:34 311,296 -c--a-w c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.3300.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-04-01 23:07:44 311,296 ----a-w c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.3300.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2005-08-16 10:39:34 131,072 -c--a-w c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-04-01 23:07:44 131,072 ----a-w c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-08-16 10:39:32 77,824 -c--a-w c:\windows\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-04-01 23:07:34 77,824 ----a-w c:\windows\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll
- 2005-08-16 10:39:32 126,976 -c--a-w c:\windows\assembly\GAC\System.ServiceProcess\1.0.3300.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-04-01 23:07:36 126,976 ----a-w c:\windows\assembly\GAC\System.ServiceProcess\1.0.3300.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2005-08-16 10:39:32 61,440 -c--a-w c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.3300.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-04-01 23:07:37 61,440 ----a-w c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.3300.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2005-08-16 10:39:32 507,904 -c--a-w c:\windows\assembly\GAC\System.Web.Services\1.0.3300.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-04-01 23:07:38 507,904 ----a-w c:\windows\assembly\GAC\System.Web.Services\1.0.3300.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-08-16 14:49:56 1,200,128 -c--a-w c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-04-01 23:07:37 1,200,128 ----a-w c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll
- 2005-08-16 10:39:32 2,002,944 -c--a-w c:\windows\assembly\GAC\System.Windows.Forms\1.0.3300.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-04-01 23:07:38 2,002,944 ----a-w c:\windows\assembly\GAC\System.Windows.Forms\1.0.3300.0__b77a5c561934e089\System.Windows.Forms.dll
- 2005-08-16 10:39:32 1,302,528 -c--a-w c:\windows\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll
+ 2009-04-01 23:07:39 1,302,528 ----a-w c:\windows\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll
- 2005-08-16 10:39:34 1,179,648 -c--a-w c:\windows\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll
+ 2009-04-01 23:07:40 1,179,648 ----a-w c:\windows\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll
+ 2009-04-01 23:05:49 61,440 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a_437b5281\CustomMarshalers.dll
+ 2009-04-01 23:05:53 3,301,376 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_65929b02\mscorlib.dll
+ 2009-04-01 23:06:05 1,454,080 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System.Design\1.0.3300.0__b03f5f7f11d50a3a_84520d26\System.Design.dll
+ 2009-04-01 23:06:08 90,112 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a_c3e0a53d\System.Drawing.Design.dll
+ 2009-04-01 23:06:07 847,872 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a_84126c3c\System.Drawing.dll
+ 2009-04-01 23:06:14 2,953,216 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System.Windows.Forms\1.0.3300.0__b77a5c561934e089_cf099ce6\System.Windows.Forms.dll
+ 2009-04-01 23:06:19 2,027,520 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_7c0d47f8\System.Xml.dll
+ 2009-04-01 23:06:00 1,855,488 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_f07efd92\System.dll
+ 2009-04-02 08:12:54 258,048 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\BDATunePIA\6.0.3000.0__31bf3856ad364e35_dfceb2de\BDATunePIA.dll
+ 2009-04-02 08:12:19 159,744 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehCIR\6.0.3000.0__31bf3856ad364e35_063da43e\ehCIR.dll
+ 2009-04-02 08:12:50 2,326,528 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\EhCM\6.0.3000.0__31bf3856ad364e35_417443fd\EhCM.dll
+ 2009-04-02 08:12:52 299,008 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehcommon\6.0.3000.0__31bf3856ad364e35_55be6e88\ehcommon.dll
+ 2009-04-02 08:12:42 1,306,624 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehepg\6.0.3000.0__31bf3856ad364e35_760eda48\ehepg.dll
+ 2009-04-02 08:12:23 167,936 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehepgdat\6.0.3000.0__31bf3856ad364e35_820a03f1\ehepgdat.dll
+ 2009-04-02 08:13:00 167,936 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehExtCOM\6.0.3000.0__31bf3856ad364e35_572bef66\ehExtCOM.dll
+ 2009-04-02 08:13:22 155,648 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehExtHost\6.0.3000.0__31bf3856ad364e35_3d876921\ehExtHost.exe
+ 2009-04-02 08:11:57 10,752 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiExtCOM\6.0.3000.0__31bf3856ad364e35_5fe16dac\ehiExtCOM.dll
+ 2009-04-02 08:12:02 102,400 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiExtens\6.0.3000.0__31bf3856ad364e35_8244c81b\ehiExtens.dll
+ 2009-04-02 08:12:32 266,240 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiMsgr\6.0.3000.0__31bf3856ad364e35_ee9ae82a\ehiMsgr.dll
+ 2009-04-02 08:12:25 380,928 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiPlay\6.0.3000.0__31bf3856ad364e35_026361d4\ehiPlay.dll
+ 2009-04-02 08:12:27 565,248 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiProxy\6.0.3000.0__31bf3856ad364e35_84bf7b5d\ehiProxy.dll
+ 2009-04-02 08:12:28 40,960 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiUserXp\6.0.3000.0__31bf3856ad364e35_9fb04309\ehiUserXp.dll
+ 2009-04-02 08:12:30 458,752 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiVidCtl\6.0.3000.0__31bf3856ad364e35_6e250f88\ehiVidCtl.dll
+ 2009-04-02 08:11:58 180,224 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiwmp\6.0.3000.0__31bf3856ad364e35_5fe16dac\ehiwmp.dll
+ 2009-04-02 08:12:55 69,632 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiWUapi\6.0.3000.0__31bf3856ad364e35_4b1bf029\ehiWUapi.dll
+ 2009-04-02 08:12:16 684,032 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehRecObj\6.0.3000.0__31bf3856ad364e35_4308b2cd\ehRecObj.dll
+ 2009-04-02 08:13:21 6,336,512 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehshell\6.0.3000.0__31bf3856ad364e35_b5fed377\ehshell.exe
+ 2009-04-02 08:12:56 65,536 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35_00ee4ce9\Microsoft.MediaCenter.dll
- 2008-06-13 13:10:50 272,128 -c----w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-06-13 11:05:51 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2008-10-24 11:10:42 453,632 -c----w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2008-08-14 09:55:01 2,142,720 -c----w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 10:09:26 2,145,280 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2008-08-14 09:18:44 2,062,976 -c----w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,066,048 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-08-14 09:18:46 2,020,864 -c----w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:33:16 2,023,936 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-08-14 09:57:20 2,185,984 -c----w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 10:11:02 2,189,184 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2007-06-13 10:23:07 1,033,216 ----a-w c:\windows\explorer.exe
+ 2008-04-14 00:12:19 1,033,728 ----a-w c:\windows\explorer.exe
- 2004-08-10 11:00:00 34,816 ----a-w c:\windows\Help\sniffpol.dll
+ 2008-04-14 00:12:06 34,816 ----a-w c:\windows\Help\sniffpol.dll
- 2004-08-10 11:00:00 33,280 ----a-w c:\windows\Help\sstub.dll
+ 2008-04-14 00:12:07 33,280 ----a-w c:\windows\Help\sstub.dll
- 2004-08-10 11:00:00 279,040 ----a-w c:\windows\Help\tshoot.dll
+ 2008-04-14 00:12:07 279,040 ----a-w c:\windows\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w c:\windows\hh.exe
+ 2008-04-14 00:12:21 10,752 ----a-w c:\windows\hh.exe
+ 2004-08-10 11:00:00 61,440 -c--a-w c:\windows\ie7\admparse.dll
+ 2004-08-10 11:00:00 99,840 -c--a-w c:\windows\ie7\advpack.dll
+ 2004-08-10 11:00:00 35,328 -c--a-w c:\windows\ie7\corpol.dll
+ 2006-06-03 11:40:49 33,792 -c--a-w c:\windows\ie7\custsat.dll
+ 2008-10-16 10:20:45 357,888 -c--a-w c:\windows\ie7\dxtmsft.dll
+ 2008-10-16 10:20:45 205,312 -c--a-w c:\windows\ie7\dxtrans.dll
+ 2008-10-16 10:20:46 55,808 -c--a-w c:\windows\ie7\extmgr.dll
+ 2004-08-10 11:00:00 38,912 -c--a-w c:\windows\ie7\hmmapi.dll
+ 2004-08-10 11:00:00 34,304 -c--a-w c:\windows\ie7\ie4uinit.exe
+ 2004-08-10 11:00:00 139,264 -c--a-w c:\windows\ie7\ieakeng.dll
+ 2004-08-10 11:00:00 216,576 -c--a-w c:\windows\ie7\ieaksie.dll
+ 2004-08-10 11:00:00 221,184 -c--a-w c:\windows\ie7\ieakui.dll
+ 2004-08-10 11:00:00 323,584 -c--a-w c:\windows\ie7\iedkcs32.dll
+ 2008-10-15 14:18:21 18,432 -c--a-w c:\windows\ie7\iedw.exe
+ 2004-08-10 11:00:00 81,920 -c--a-w c:\windows\ie7\ieencode.dll
+ 2008-10-16 10:20:46 251,904 -c--a-w c:\windows\ie7\iepeers.dll
+ 2004-08-10 11:00:00 48,640 -c--a-w c:\windows\ie7\iernonce.dll
+ 2004-08-10 11:00:00 62,976 -c--a-w c:\windows\ie7\iesetup.dll
+ 2004-08-10 11:00:00 93,184 -c--a-w c:\windows\ie7\iexplore.exe
+ 2004-08-10 11:00:00 35,840 -c--a-w c:\windows\ie7\imgutil.dll
+ 2008-10-16 10:20:46 96,256 -c--a-w c:\windows\ie7\inseng.dll
+ 2007-12-18 14:40:58 450,560 -c--a-w c:\windows\ie7\jscript.dll
+ 2008-10-16 10:20:50 16,384 -c--a-w c:\windows\ie7\jsproxy.dll
+ 2004-08-10 11:00:00 22,016 -c--a-w c:\windows\ie7\licmgr10.dll
+ 2004-08-10 11:00:00 29,184 -c--a-w c:\windows\ie7\mshta.exe
+ 2008-12-12 17:27:54 3,067,392 -c--a-w c:\windows\ie7\mshtml.dll
+ 2008-10-16 10:20:50 449,024 -c--a-w c:\windows\ie7\mshtmled.dll
+ 2004-08-10 11:00:00 56,832 -c--a-w c:\windows\ie7\mshtmler.dll
+ 2004-08-10 11:00:00 146,432 -c--a-w c:\windows\ie7\msls31.dll
+ 2008-10-16 10:20:46 146,432 -c--a-w c:\windows\ie7\msrating.dll
+ 2008-10-16 10:20:46 532,480 -c--a-w c:\windows\ie7\mstime.dll
+ 2004-08-10 11:00:00 96,256 -c--a-w c:\windows\ie7\occache.dll
+ 2008-10-16 10:20:46 39,424 -c--a-w c:\windows\ie7\pngfilt.dll
+ 2007-08-13 23:54:42 32,960 -c--a-w c:\windows\ie7\spuninst\iecustom.dll
+ 2007-08-13 23:52:06 66,048 -c--a-w c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 22:43:16 213,216 -c--a-w c:\windows\ie7\spuninst\spuninst.exe
+ 2006-09-06 22:43:18 371,424 -c--a-w c:\windows\ie7\spuninst\updspapi.dll
+ 2004-08-10 11:00:00 37,888 -c--a-w c:\windows\ie7\url.dll
+ 2008-10-16 10:20:53 619,008 -c--a-w c:\windows\ie7\urlmon.dll
+ 2007-12-18 14:40:58 417,792 -c--a-w c:\windows\ie7\vbscript.dll
+ 2007-06-26 15:13:22 851,968 -c--a-w c:\windows\ie7\vgx.dll
+ 2004-08-10 11:00:00 276,480 -c--a-w c:\windows\ie7\webcheck.dll
+ 2008-10-16 10:20:49 667,648 -c--a-w c:\windows\ie7\wininet.dll
+ 2007-08-13 23:39:00 123,904 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2007-08-13 23:39:00 123,904 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll.000
+ 2007-08-13 23:35:46 346,624 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2007-08-13 23:35:38 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2007-08-13 23:54:10 131,584 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2007-08-13 23:36:26 61,952 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2007-08-13 23:39:06 54,784 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2007-08-13 23:39:06 54,784 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe.000
+ 2007-08-13 23:39:26 152,064 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2007-08-13 23:39:26 152,064 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll.000
+ 2007-08-13 23:39:54 229,376 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2007-08-13 23:39:54 229,376 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll.000
+ 2007-08-13 22:56:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2007-08-13 22:56:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll.000
+ 2007-02-12 21:10:12 2,451,312 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dat
+ 2007-07-11 17:27:48 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2007-08-13 23:39:50 382,976 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2007-08-13 23:39:50 382,976 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll.000
+ 2007-08-13 23:54:10 6,049,280 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2007-08-13 23:39:10 43,008 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2007-08-13 23:39:10 43,008 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll.000
+ 2007-08-13 23:34:04 266,752 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2007-08-13 23:39:10 13,312 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2007-08-13 23:43:56 622,080 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2007-08-13 23:43:56 622,080 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe.000
+ 2007-08-13 23:54:10 27,136 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2007-08-13 23:54:10 458,752 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2007-08-13 23:54:10 50,688 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2007-08-13 23:54:12 3,578,368 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2007-08-13 23:54:10 475,648 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2007-08-13 23:44:26 192,000 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2007-08-13 23:54:10 670,720 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2007-08-13 23:44:06 101,376 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2007-08-13 23:44:06 101,376 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll.000
+ 2007-08-13 23:36:12 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2007-08-13 23:44:30 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2007-08-13 23:44:30 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll.000
+ 2007-08-13 23:54:10 1,162,240 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2007-08-13 23:54:10 231,424 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2007-08-13 23:54:10 231,424 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll.000
+ 2007-08-13 23:54:10 818,688 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll.000
+ 2008-08-26 07:24:28 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
+ 2008-08-26 07:24:28 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
+ 2008-08-26 07:24:28 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll.000
+ 2008-08-25 08:37:59 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
+ 2008-08-26 07:24:28 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
+ 2008-08-26 07:24:28 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dat
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll.000
+ 2008-08-26 07:24:29 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll.000
+ 2008-08-26 07:24:29 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll.000
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
+ 2008-08-26 07:24:30 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll.000
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll.000
+ 2008-08-27 18:54:32 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
+ 2008-08-27 18:54:32 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll.000
+ 2008-08-26 07:24:30 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
+ 2008-08-26 07:24:30 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll
+ 2008-08-26 07:24:30 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll.000
+ 2008-08-26 07:24:30 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll.000
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll.000
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll.000
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll.000
- 2004-08-10 11:00:00 175,104 -c--a-w c:\windows\ime\chsime\applets\PINTLCSA.DLL
+ 2008-04-14 00:10:34 175,104 ----a-w c:\windows\ime\chsime\applets\pintlcsa.dll
- 2004-08-10 11:00:00 53,760 -c--a-w c:\windows\ime\chsime\applets\PINTLCSD.DLL
+ 2008-04-14 00:10:34 53,760 ----a-w c:\windows\ime\chsime\applets\pintlcsd.dll
- 2004-08-10 11:00:00 97,792 -c--a-w c:\windows\ime\CHTIME\Applets\CHTMBX.DLL
+ 2008-04-14 00:09:05 97,792 ----a-w c:\windows\ime\CHTIME\Applets\chtmbx.dll
- 2004-08-10 11:00:00 56,320 -c--a-w c:\windows\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2008-04-14 00:09:05 56,320 ----a-w c:\windows\ime\CHTIME\Applets\chtskdic.dll
- 2004-08-10 11:00:00 173,568 -c--a-w c:\windows\ime\CHTIME\Applets\CHTSKF.DLL
+ 2008-04-14 00:09:05 173,568 ----a-w c:\windows\ime\CHTIME\Applets\chtskf.dll
- 2004-08-10 11:00:00 13,463,552 -c--a-w c:\windows\ime\imjp8_1\applets\hwxjpn.dll
+ 2008-04-14 00:09:39 13,463,552 ----a-w c:\windows\ime\imjp8_1\applets\hwxjpn.dll
- 2004-08-10 11:00:00 315,452 -c--a-w c:\windows\ime\imjp8_1\applets\imskf.dll
+ 2008-04-14 00:09:47 315,455 ----a-w c:\windows\ime\imjp8_1\applets\imskf.dll
- 2004-08-10 11:00:00 426,041 -c--a-w c:\windows\ime\imjp8_1\applets\voicepad.dll
+ 2008-04-14 00:11:04 426,041 ----a-w c:\windows\ime\imjp8_1\applets\voicepad.dll
- 2004-08-10 11:00:00 86,073 -c--a-w c:\windows\ime\imjp8_1\applets\voicesub.dll
+ 2008-04-14 00:11:04 86,073 ----a-w c:\windows\ime\imjp8_1\applets\voicesub.dll
- 2004-08-10 11:00:00 368,696 -c--a-w c:\windows\ime\imjp8_1\imjpcic.dll
+ 2008-04-14 00:09:45 368,696 ----a-w c:\windows\ime\imjp8_1\imjpcic.dll
- 2004-08-10 11:00:00 716,856 -c--a-w c:\windows\ime\imjp8_1\imjpcus.dll
+ 2008-04-14 00:09:45 716,856 ----a-w c:\windows\ime\imjp8_1\imjpcus.dll
- 2004-08-10 11:00:00 81,976 -c--a-w c:\windows\ime\imjp8_1\imjpdct.dll
+ 2008-04-14 00:09:45 81,976 ----a-w c:\windows\ime\imjp8_1\imjpdct.dll
- 2004-08-10 11:00:00 274,489 -c--a-w c:\windows\ime\imjp8_1\imjputyc.dll
+ 2008-04-14 00:09:46 274,489 ----a-w c:\windows\ime\imjp8_1\imjputyc.dll
- 2004-08-10 11:00:00 86,016 -c--a-w c:\windows\ime\imkr6_1\applets\imekrmbx.dll
+ 2008-04-14 00:09:43 86,016 ----a-w c:\windows\ime\imkr6_1\applets\imekrmbx.dll
- 2004-08-10 11:00:00 106,496 -c--a-w c:\windows\ime\imkr6_1\imekrcic.dll
+ 2008-04-14 00:09:43 106,496 ----a-w c:\windows\ime\imkr6_1\imekrcic.dll
- 2004-08-10 11:00:00 220,160 ----a-w c:\windows\ime\mscandui.dll
+ 2008-04-14 00:11:58 220,160 ----a-w c:\windows\ime\mscandui.dll
- 2004-08-10 11:00:00 102,456 -c--a-w c:\windows\ime\shared\imlang.dll
+ 2008-04-14 00:09:46 102,456 ----a-w c:\windows\ime\shared\imlang.dll
- 2004-08-10 11:00:00 15,872 -c--a-w c:\windows\ime\shared\res\PADRS404.DLL
+ 2008-04-14 00:10:33 15,872 ----a-w c:\windows\ime\shared\res\padrs404.dll
- 2004-08-10 11:00:00 15,360 -c--a-w c:\windows\ime\shared\res\padrs804.dll
+ 2008-04-14 00:10:33 15,360 ----a-w c:\windows\ime\shared\res\padrs804.dll
- 2004-08-10 11:00:00 130,048 ----a-w c:\windows\ime\SOFTKBD.DLL
+ 2008-04-14 00:12:06 130,048 ----a-w c:\windows\ime\softkbd.dll
- 2004-08-10 11:00:00 62,976 -c--a-w c:\windows\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w c:\windows\ime\spgrmr.dll
- 2004-08-10 11:00:00 250,880 ----a-w c:\windows\ime\SPTIP.dll
+ 2008-04-14 00:12:06 250,368 ----a-w c:\windows\ime\sptip.dll
+ 2008-01-18 15:13:09 2,247 ------w c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w c:\windows\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w c:\windows\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w c:\windows\Installer\tsclientmsitrans\tscupdc.dll
- 2002-06-21 23:31:20 20,480 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_filter.dll
+ 2008-04-13 16:09:58 20,480 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_filter.dll
- 2007-01-02 21:34:04 200,704 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll
+ 2008-04-13 16:09:59 200,704 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll
- 2004-08-04 04:11:06 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_regiis.exe
+ 2008-04-13 16:10:01 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_regiis.exe
- 2002-06-21 23:31:22 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe
+ 2008-04-13 16:10:01 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe
- 2007-01-02 21:34:04 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe
+ 2008-04-13 16:10:01 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe
- 2004-09-30 00:04:48 61,440 -c----w c:\windows\Microsoft.NET\Framework\v1.0.3705\gacutil.exe
+ 2008-04-13 16:10:32 61,440 ------w c:\windows\Microsoft.NET\Framework\v1.0.3705\gacutil.exe
- 2007-01-02 21:28:28 2,273,280 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
+ 2007-12-17 11:58:53 2,273,280 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
- 2007-01-02 21:28:46 2,281,472 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
+ 2007-12-17 11:59:26 2,281,472 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
- 2007-01-15 21:11:26 73,728 -c----w c:\windows\Microsoft.NET\Framework\v1.0.3705\netfxupdate.exe
+ 2007-12-17 11:59:53 82,976 ------w c:\windows\Microsoft.NET\Framework\v1.0.3705\netfxupdate.exe
- 2007-01-15 21:11:30 57,344 -c----w c:\windows\Microsoft.NET\Framework\v1.0.3705\SetRegNI.exe
+ 2007-12-17 11:59:54 66,592 ------w c:\windows\Microsoft.NET\Framework\v1.0.3705\setregni.exe
- 2004-07-20 00:54:18 1,179,648 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\System.dll
+ 2007-12-17 11:59:56 1,179,648 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\system.dll
- 2007-01-15 21:11:30 57,344 -c----w c:\windows\Microsoft.NET\Framework\v1.0.3705\ToGac.exe
+ 2007-12-17 12:00:05 66,592 ------w c:\windows\Microsoft.NET\Framework\v1.0.3705\togac.exe
- 2004-08-10 11:00:00 24,064 -c--a-w c:\windows\msagent\agentanm.dll
+ 2008-04-14 00:11:48 24,064 ----a-w c:\windows\msagent\agentanm.dll
- 2004-08-10 11:00:00 214,016 ----a-w c:\windows\msagent\agentctl.dll
+ 2008-04-14 00:11:48 214,016 ----a-w c:\windows\msagent\agentctl.dll
- 2006-10-12 13:54:18 42,496 ----a-w c:\windows\msagent\agentdp2.dll
+ 2008-04-14 00:11:48 42,496 ----a-w c:\windows\msagent\agentdp2.dll
- 2007-03-09 13:58:57 57,344 ----a-w c:\windows\msagent\agentdpv.dll
+ 2008-04-14 00:11:48 57,344 ----a-w c:\windows\msagent\agentdpv.dll
- 2004-08-10 11:00:00 49,152 ----a-w c:\windows\msagent\agentmpx.dll
+ 2008-04-14 00:11:48 49,152 ----a-w c:\windows\msagent\agentmpx.dll
- 2004-08-10 11:00:00 24,064 ----a-w c:\windows\msagent\agentpsh.dll
+ 2008-04-14 00:11:48 24,064 ----a-w c:\windows\msagent\agentpsh.dll
- 2004-08-10 11:00:00 44,032 ----a-w c:\windows\msagent\agentsr.dll
+ 2008-04-14 00:11:48 44,032 ----a-w c:\windows\msagent\agentsr.dll
- 2006-10-12 11:54:07 256,512 ----a-w c:\windows\msagent\agentsvr.exe
+ 2008-04-14 00:12:12 256,512 ----a-w c:\windows\msagent\agentsvr.exe
- 2004-08-10 11:00:00 24,064 ----a-w c:\windows\msagent\agtintl.dll
+ 2008-04-14 00:11:49 24,064 ----a-w c:\windows\msagent\agtintl.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0404.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0405.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0406.dll
- 2004-08-10 11:00:00 21,504 -c--a-w c:\windows\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt0407.dll
- 2004-08-10 11:00:00 22,016 -c--a-w c:\windows\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w c:\windows\msagent\intl\agt0408.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w c:\windows\msagent\intl\agt0409.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt040b.dll
- 2004-08-10 11:00:00 21,504 -c--a-w c:\windows\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt040c.dll
- 2004-08-10 11:00:00 19,968 -c--a-w c:\windows\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w c:\windows\msagent\intl\agt040e.dll
- 2004-08-10 11:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w c:\windows\msagent\intl\agt0410.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt0411.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0412.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt0412.dll
- 2004-08-10 11:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w c:\windows\msagent\intl\agt0413.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0414.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0415.dll
- 2004-08-10 11:00:00 20,480 -c--a-w c:\windows\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w c:\windows\msagent\intl\agt0416.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0419.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041d.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041f.dll
- 2004-08-10 11:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0804.dll
+ 2007-04-02 18:26:02 19,456 ----a-w c:\windows\msagent\intl\agt0804.dll
- 2004-08-10 11:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w c:\windows\msagent\intl\agt0816.dll
- 2004-08-10 11:00:00 20,480 -c--a-w c:\windows\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w c:\windows\msagent\intl\agt0c0a.dll
- 2004-08-10 11:00:00 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
+ 2008-04-14 00:12:00 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
- 2004-08-10 11:00:00 90,624 -c--a-w c:\windows\mui\muisetup.exe
+ 2008-04-14 00:12:29 90,624 ----a-w c:\windows\mui\muisetup.exe
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\network diagnostic\custsat.dll
+ 2008-04-13 18:53:32 558,080 ------w c:\windows\network diagnostic\xpnetdiag.exe
- 2004-08-10 11:00:00 69,120 ----a-w c:\windows\NOTEPAD.EXE
+ 2008-04-14 00:12:29 69,120 ----a-w c:\windows\notepad.exe
- 2004-08-10 11:00:00 768,512 ----a-w c:\windows\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 00:12:21 769,024 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-10 11:00:00 743,936 ----a-w c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 00:12:21 744,448 ----a-w c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-10 11:00:00 18,944 -c--a-w c:\windows\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 00:12:21 18,432 ----a-w c:\windows\pchealth\helpctr\binaries\hscupd.exe
- 2005-09-27 00:34:26 169,984 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 00:12:27 169,984 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-10 11:00:00 376,320 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 00:11:59 376,832 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-10 11:00:00 102,400 ----a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 00:12:02 102,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-10 11:00:00 38,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 00:12:02 38,400 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
- 2006-03-03 00:11:42 88,699 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2009-04-01 23:07:28 88,699 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
- 2006-03-03 00:11:42 4,404 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2009-04-01 23:07:29 5,142 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-10 11:00:00 150,528 -c--a-w c:\windows\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 00:12:38 150,528 ----a-w c:\windows\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-10 11:00:00 151,552 -c--a-w c:\windows\PeerNet\sqldb20.dll
+ 2008-04-14 00:12:06 151,552 ----a-w c:\windows\PeerNet\sqldb20.dll
- 2004-08-10 11:00:00 462,848 -c--a-w c:\windows\PeerNet\sqlqp20.dll
+ 2008-04-14 00:12:06 462,848 ----a-w c:\windows\PeerNet\sqlqp20.dll
- 2004-08-10 11:00:00 110,592 -c--a-w c:\windows\PeerNet\sqlse20.dll
+ 2008-04-14 00:12:06 110,592 ----a-w c:\windows\PeerNet\sqlse20.dll
- 2004-08-10 11:00:00 146,432 ----a-w c:\windows\regedit.exe
+ 2008-04-14 00:12:32 146,432 ----a-w c:\windows\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w c:\windows\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w c:\windows\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w c:\windows\ServicePackFiles\i386\61883.sys
+ 2008-04-14 00:11:48 100,352 ------w c:\windows\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w c:\windows\ServicePackFiles\i386\aaclient.dll
+ 2004-08-04 03:32:22 231,552 ------w c:\windows\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-04 03:32:32 84,480 ------w c:\windows\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 00:11:48 39,424 ------w c:\windows\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 00:12:11 184,320 ------w c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 00:11:48 1,852,928 ------w c:\windows\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 00:11:48 451,072 ------w c:\windows\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 00:11:48 141,312 ------w c:\windows\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 00:11:48 115,712 ------w c:\windows\ServicePackFiles\i386\aclui.dll
+ 2008-04-13 18:36:35 187,776 ------w c:\windows\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 00:11:48 245,248 ------w c:\windows\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 00:11:48 193,536 ------w c:\windows\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 00:12:12 4,096 ------w c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 00:11:48 98,304 ------w c:\windows\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 00:11:48 116,224 ------w c:\windows\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 00:11:48 29,696 ------w c:\windows\ServicePackFiles\i386\admexs.dll
+ 2008-04-14 00:11:48 20,540 ------w c:\windows\ServicePackFiles\i386\admin.dll
+ 2008-04-14 00:12:12 16,439 ------w c:\windows\ServicePackFiles\i386\admin.exe
+ 2004-08-04 03:32:24 10,880 ------w c:\windows\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 00:11:48 61,440 ------w c:\windows\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 00:11:48 43,520 ------w c:\windows\ServicePackFiles\i386\admwprox.dll
+ 2008-04-14 00:11:48 290,816 ------w c:\windows\ServicePackFiles\i386\adsiis51.dll
+ 2008-04-14 00:11:48 175,616 ------w c:\windows\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 00:11:48 143,360 ------w c:\windows\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 00:11:48 68,096 ------w c:\windows\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 00:11:48 263,680 ------w c:\windows\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 00:11:48 123,392 ------w c:\windows\ServicePackFiles\i386\adsnw.dll
+ 2004-07-17 16:35:20 85,813 ------w c:\windows\ServicePackFiles\i386\adsutil.vbs
+ 2008-04-14 00:11:48 4,255 ------w c:\windows\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w c:\windows\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w c:\windows\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w c:\windows\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w c:\windows\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w c:\windows\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w c:\windows\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 00:11:48 617,472 ------w c:\windows\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 00:11:48 99,840 ------w c:\windows\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w c:\windows\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w c:\windows\ServicePackFiles\i386\afd.sys
+ 2008-04-14 00:11:48 24,064 ------w c:\windows\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 00:11:48 214,016 ------w c:\windows\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 00:11:48 42,496 ------w c:\windows\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 00:11:48 57,344 ------w c:\windows\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 00:11:48 49,152 ------w c:\windows\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 00:11:48 24,064 ------w c:\windows\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 00:11:48 44,032 ------w c:\windows\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 00:12:12 256,512 ------w c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w c:\windows\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w c:\windows\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00 22,016 ------w c:\windows\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28 19,968 ------w c:\windows\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00 19,968 ------w c:\windows\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00 20,992 ------w c:\windows\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01 20,992 ------w c:\windows\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01 20,480 ------w c:\windows\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02 19,456 ------w c:\windows\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02 20,992 ------w c:\windows\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02 20,480 ------w c:\windows\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 00:11:49 24,064 ------w c:\windows\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 00:12:12 98,304 ------w c:\windows\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 00:12:12 44,544 ------w c:\windows\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38 42,752 ------w c:\windows\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 00:11:49 17,408 ------w c:\windows\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39 43,008 ------w c:\windows\ServicePackFiles\i386\amdagp.sys
+ 2008-04-13 18:31:32 37,376 ------w c:\windows\ServicePackFiles\i386\amdk6.sys
+ 2008-04-13 18:31:33 37,760 ------w c:\windows\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 00:11:49 70,656 ------w c:\windows\ServicePackFiles\i386\amstream.dll
+ 2004-08-04 03:31:20 36,224 ------w c:\windows\ServicePackFiles\i386\an983.sys
+ 2008-04-14 00:11:49 108,544 ------w c:\windows\ServicePackFiles\i386\appconf.dll
+ 2008-04-14 00:11:49 125,952 ------w c:\windows\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 00:11:49 167,936 ------w c:\windows\ServicePackFiles\i386\appmgmts.dll
+ 2008-04-14 00:11:49 295,936 ------w c:\windows\ServicePackFiles\i386\appmgr.dll
+ 2008-04-14 00:11:49 331,264 ------w c:\windows\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25 60,800 ------w c:\windows\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 00:11:49 369,664 ------w c:\windows\ServicePackFiles\i386\asp51.dll
+ 2008-04-13 16:09:58 20,480 ------w c:\windows\ServicePackFiles\i386\aspnet_filter.dll
+ 2008-04-13 16:09:59 200,704 ------w c:\windows\ServicePackFiles\i386\aspnet_isapi.dll
+ 2008-04-13 16:10:01 24,576 ------w c:\windows\ServicePackFiles\i386\aspnet_regiis.exe
+ 2008-04-13 16:10:01 32,768 ------w c:\windows\ServicePackFiles\i386\aspnet_state.exe
+ 2008-04-13 16:10:01 32,768 ------w c:\windows\ServicePackFiles\i386\aspnet_wp.exe
+ 2008-04-14 00:12:12 30,208 ------w c:\windows\ServicePackFiles\i386\asr_fmt.exe
+ 2008-04-14 00:12:12 32,768 ------w c:\windows\ServicePackFiles\i386\asr_pfu.exe
+ 2008-04-14 00:11:49 65,024 ------w c:\windows\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27 14,336 ------w c:\windows\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 00:12:12 25,088 ------w c:\windows\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30 96,512 ------w c:\windows\ServicePackFiles\i386\atapi.sys
+ 2004-08-04 03:29:30 56,623 ------w c:\windows\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-04 03:29:30 11,615 ------w c:\windows\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-04 03:29:30 12,047 ------w c:\windows\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-04 03:29:32 30,671 ------w c:\windows\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-04 03:29:32 63,663 ------w c:\windows\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-04 03:29:32 26,367 ------w c:\windows\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-04 03:29:32 21,343 ------w c:\windows\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-04 03:29:32 36,463 ------w c:\windows\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-04 03:29:32 29,455 ------w c:\windows\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-04 03:29:32 34,735 ------w c:\windows\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 00:11:49 229,376 ------w c:\windows\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 00:11:49 377,984 ------w c:\windows\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 00:11:49 201,728 ------w c:\windows\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-04 03:29:28 327,040 ------w c:\windows\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-04 03:29:28 701,440 ------w c:\windows\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 00:11:49 870,784 ------w c:\windows\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 00:11:49 1,057,760 ------w c:\windows\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 00:11:50 1,888,992 ------w c:\windows\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-04 03:29:28 57,856 ------w c:\windows\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-04 03:29:30 13,824 ------w c:\windows\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-04 03:29:30 14,336 ------w c:\windows\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-04 03:29:30 52,224 ------w c:\windows\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-04 03:29:32 104,960 ------w c:\windows\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-04 03:29:32 28,672 ------w c:\windows\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-04 03:29:32 13,824 ------w c:\windows\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-04 03:29:32 73,216 ------w c:\windows\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-04 03:29:32 31,744 ------w c:\windows\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-04 03:29:32 63,488 ------w c:\windows\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 00:11:50 32,768 ------w c:\windows\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 00:11:50 516,768 ------w c:\windows\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 00:11:50 58,880 ------w c:\windows\ServicePackFiles\i386\atl.dll
+ 2008-04-14 00:12:12 11,264 ------w c:\windows\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25 59,904 ------w c:\windows\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 00:09:01 285,696 ------w c:\windows\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30 55,808 ------w c:\windows\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 00:11:50 30,208 ------w c:\windows\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 00:12:12 12,288 ------w c:\windows\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 00:11:50 21,183 ------w c:\windows\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w c:\windows\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w c:\windows\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w c:\windows\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w c:\windows\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 00:11:50 42,496 ------w c:\windows\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 00:12:12 14,336 ------w c:\windows\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 00:11:50 20,540 ------w c:\windows\ServicePackFiles\i386\author.dll
+ 2008-04-14 00:12:12 16,439 ------w c:\windows\ServicePackFiles\i386\author.exe
+ 2008-04-14 00:11:50 62,464 ------w c:\windows\ServicePackFiles\i386\authz.dll
+ 2008-04-14 00:12:12 588,800 ------w c:\windows\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 00:12:12 602,624 ------w c:\windows\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 00:12:13 580,608 ------w c:\windows\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 00:12:13 11,264 ------w c:\windows\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20 38,912 ------w c:\windows\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07 13,696 ------w c:\windows\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 00:11:50 84,992 ------w c:\windows\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w c:\windows\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 00:11:50 52,736 ------w c:\windows\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 00:11:50 29,184 ------w c:\windows\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 00:11:50 8,704 ------w c:\windows\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32 14,208 ------w c:\windows\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21 11,776 ------w c:\windows\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 00:11:50 17,408 ------w c:\windows\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 00:11:50 8,192 ------w c:\windows\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 00:12:13 71,680 ------w c:\windows\ServicePackFiles\i386\blastcln.exe
+ 2008-04-14 00:12:13 142,848 ------w c:\windows\ServicePackFiles\i386\bootcfg.exe
+ 2008-04-13 18:53:23 71,552 ------w c:\windows\ServicePackFiles\i386\bridge.sys
+ 2008-04-13 17:03:24 63,488 ------w c:\windows\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 00:11:50 77,824 ------w c:\windows\ServicePackFiles\i386\browser.dll
+ 2008-04-14 00:11:50 1,025,024 ------w c:\windows\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 00:11:50 78,336 ------w c:\windows\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 00:11:50 20,992 ------w c:\windows\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33 17,024 ------w c:\windows\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w c:\windows\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w c:\windows\ServicePackFiles\i386\bthpan.sys
+ 2008-04-13 18:46:32 273,024 ------w c:\windows\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w c:\windows\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 00:11:50 30,208 ------w c:\windows\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29 18,944 ------w c:\windows\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 00:11:50 50,688 ------w c:\windows\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 00:11:50 218,112 ------w c:\windows\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 00:11:50 60,416 ------w c:\windows\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 00:11:50 84,480 ------w c:\windows\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 00:12:13 19,968 ------w c:\windows\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 00:11:50 385,024 ------w c:\windows\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 00:11:50 121,856 ------w c:\windows\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 00:11:50 50,688 ------w c:\windows\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 00:11:50 150,016 ------w c:\windows\ServicePackFiles\i386\capesnpn.dll
+ 2004-07-20 00:54:04 94,208 ------w c:\windows\ServicePackFiles\i386\caspol.exe
+ 2008-04-14 00:11:50 226,304 ------w c:\windows\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 00:11:50 85,504 ------w c:\windows\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 00:11:50 625,664 ------w c:\windows\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23 17,024 ------w c:\windows\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21 63,744 ------w c:\windows\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 00:11:50 151,040 ------w c:\windows\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 00:11:50 66,560 ------w c:\windows\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 00:11:50 2,091,520 ------w c:\windows\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46 62,976 ------w c:\windows\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 00:11:50 194,560 ------w c:\windows\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 00:11:50 457,728 ------w c:\windows\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 00:11:50 38,912 ------w c:\windows\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 00:09:05 16,896 ------w c:\windows\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 00:12:14 188,480 ------w c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 00:11:50 15,423 ------w c:\windows\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58 8,192 ------w c:\windows\ServicePackFiles\i386\changer.sys
+ 2008-04-14 00:11:50 148,480 ------w c:\windows\ServicePackFiles\i386\cic.dll
+ 2008-04-14 00:11:50 1,358,848 ------w c:\windows\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 00:11:50 69,120 ------w c:\windows\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 00:12:14 56,832 ------w c:\windows\ServicePackFiles\i386\cipher.exe
+ 2008-04-14 00:12:14 5,632 ------w c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22 49,536 ------w c:\windows\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 00:11:50 110,592 ------w c:\windows\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 00:11:50 498,688 ------w c:\windows\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 00:12:14 64,000 ------w c:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 00:11:50 77,824 ------w c:\windows\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 00:12:14 20,480 ------w c:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 00:12:14 102,912 ------w c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 00:12:14 33,280 ------w c:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 00:11:50 58,368 ------w c:\windows\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37 13,952 ------w c:\windows\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 00:11:50 15,872 ------w c:\windows\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 00:12:14 389,120 ------w c:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 00:11:50 344,064 ------w c:\windows\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 00:12:14 25,600 ------w c:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 00:12:15 39,936 ------w c:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 00:11:50 185,344 ------w c:\windows\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 00:11:50 13,312 ------w c:\windows\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 00:12:15 63,488 ------w c:\windows\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 00:11:50 39,424 ------w c:\windows\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 00:11:50 47,104 ------w c:\windows\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 00:11:50 79,360 ------w c:\windows\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-14 00:11:51 46,592 ------w c:\windows\ServicePackFiles\i386\coadmin.dll
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 00:11:51 60,416 ------w c:\windows\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 00:11:51 28,160 ------w c:\windows\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 00:11:51 195,072 ------w c:\windows\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 00:11:51 617,472 ------w c:\windows\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 00:11:51 276,992 ------w c:\windows\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 00:11:51 252,928 ------w c:\windows\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37 10,240 ------w c:\windows\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 00:11:51 24,064 ------w c:\windows\ServicePackFiles\i386\compfilt.dll
+ 2008-04-14 00:11:51 229,376 ------w c:\windows\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 00:11:51 97,792 ------w c:\windows\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 00:12:15 9,728 ------w c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 00:12:15 6,144 ------w c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 00:11:51 792,064 ------w c:\windows\ServicePackFiles\i386\comres.dll
+ 2008-04-13 18:43:32 9,728 ------w c:\windows\ServicePackFiles\i386\comsdupd.exe
+ 2008-04-14 00:11:51 274,944 ------w c:\windows\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 00:11:51 167,424 ------w c:\windows\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 00:11:51 1,267,200 ------w c:\windows\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 00:11:51 539,648 ------w c:\windows\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 00:12:15 1,032,192 ------w c:\windows\ServicePackFiles\i386\conf.exe
+ 2008-04-14 00:11:51 45,056 ------w c:\windows\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 00:11:51 357,888 ------w c:\windows\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 00:12:15 27,648 ------w c:\windows\ServicePackFiles\i386\conime.exe
+ 2004-08-04 04:11:12 69,632 ------w c:\windows\ServicePackFiles\i386\corperfmonext.dll
+ 2008-04-14 00:11:51 35,328 ------w c:\windows\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w c:\windows\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 00:11:51 163,840 ------w c:\windows\ServicePackFiles\i386\credui.dll
+ 2008-04-13 18:31:32 36,736 ------w c:\windows\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 00:11:51 599,040 ------w c:\windows\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 00:11:51 74,752 ------w c:\windows\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 00:11:51 33,280 ------w c:\windows\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 00:11:51 53,760 ------w c:\windows\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 00:11:51 64,512 ------w c:\windows\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 00:11:51 62,464 ------w c:\windows\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 00:11:51 512,512 ------w c:\windows\ServicePackFiles\i386\cryptui.dll
+ 2004-08-04 04:11:18 49,152 ------w c:\windows\ServicePackFiles\i386\csc.exe
+ 2008-04-14 00:11:51 101,888 ------w c:\windows\ServicePackFiles\i386\cscdll.dll
+ 2004-07-20 00:54:04 589,824 ------w c:\windows\ServicePackFiles\i386\cscomp.dll
+ 2008-04-14 00:12:15 139,264 ------w c:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 00:11:51 326,656 ------w c:\windows\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 00:11:51 32,256 ------w c:\windows\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 00:12:15 6,144 ------w c:\windows\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 00:12:16 15,360 ------w c:\windows\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 00:11:51 249,856 ------w c:\windows\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\ServicePackFiles\i386\custsat.dll
+ 2004-08-04 03:32:26 48,640 ------w c:\windows\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 00:11:51 1,179,648 ------w c:\windows\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 00:11:51 8,192 ------w c:\windows\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 00:11:51 1,689,088 ------w c:\windows\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 00:11:51 824,320 ------w c:\windows\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 00:11:51 1,054,208 ------w c:\windows\ServicePackFiles\i386\danim.dll
+ 2008-03-25 04:50:25 554,008 ------w c:\windows\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 00:11:51 54,272 ------w c:\windows\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 00:11:51 165,376 ------w c:\windows\ServicePackFiles\i386\datime.dll
+ 2008-04-14 00:12:16 42,496 ------w c:\windows\ServicePackFiles\i386\davcdata.exe
+ 2008-04-14 00:11:51 25,088 ------w c:\windows\ServicePackFiles\i386\davclnt.dll
+ 2008-04-14 00:11:51 640,000 ------w c:\windows\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 00:11:51 24,576 ------w c:\windows\ServicePackFiles\i386\dbmsrpcn.dll
+ 2008-04-14 00:11:51 110,592 ------w c:\windows\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 00:11:51 28,672 ------w c:\windows\ServicePackFiles\i386\dbnmpntw.dll
+ 2008-04-14 00:25:26 1,804 ------w c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:11:51 40,960 ------w c:\windows\ServicePackFiles\i386\dcap32.dll
+ 2008-04-14 00:11:51 8,704 ------w c:\windows\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 00:12:16 6,144 ------w c:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 00:12:16 30,208 ------w c:\windows\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 00:11:51 279,552 ------w c:\windows\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 00:11:51 27,136 ------w c:\windows\ServicePackFiles\i386\ddrawex.dll
+ 2008-04-14 00:12:16 25,088 ------w c:\windows\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 00:11:51 59,904 ------w c:\windows\ServicePackFiles\i386\devenum.dll
+ 2008-04-14 00:11:51 282,624 ------w c:\windows\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 00:12:16 82,944 ------w c:\windows\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 00:12:16 105,472 ------w c:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 00:11:51 39,424 ------w c:\windows\ServicePackFiles\i386\dfrgsnap.dll
+ 2008-04-14 00:11:51 124,416 ------w c:\windows\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 00:11:51 28,672 ------w c:\windows\ServicePackFiles\i386\dfsshlex.dll
+ 2008-04-14 00:11:51 111,104 ------w c:\windows\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 00:11:51 126,976 ------w c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 00:11:52 379,904 ------w c:\windows\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w c:\windows\ServicePackFiles\i386\dhcpqec.dll
+ 2008-04-14 00:12:17 539,136 ------w c:\windows\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 00:12:17 87,040 ------w c:\windows\ServicePackFiles\i386\diantz.exe
+ 2004-08-10 11:00:00 884,712 ------w c:\windows\ServicePackFiles\i386\digcore.exe
+ 2008-04-14 00:11:52 68,608 ------w c:\windows\ServicePackFiles\i386\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\ServicePackFiles\i386\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\ServicePackFiles\i386\dimsroam.dll
+ 2008-04-14 00:11:52 158,720 ------w c:\windows\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 00:11:52 181,760 ------w c:\windows\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 00:11:52 86,528 ------w c:\windows\ServicePackFiles\i386\directdb.dll
+ 2008-04-13 18:40:47 36,352 ------w c:\windows\ServicePackFiles\i386\disk.sys
+ 2008-04-14 00:11:52 1,504,256 ------w c:\windows\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-13 18:40:44 14,208 ------w c:\windows\ServicePackFiles\i386\diskdump.sys
+ 2008-04-14 00:12:17 163,840 ------w c:\windows\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 00:11:52 32,768 ------w c:\windows\ServicePackFiles\i386\dispex.dll
+ 2008-04-14 00:12:17 5,120 ------w c:\windows\ServicePackFiles\i386\dllhost.exe
+ 2008-04-13 18:40:51 8,320 ------w c:\windows\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 00:12:17 224,768 ------w c:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 00:11:52 28,672 ------w c:\windows\ServicePackFiles\i386\dmband.dll
+ 2008-04-13 18:44:48 799,744 ------w c:\windows\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 00:11:52 61,440 ------w c:\windows\ServicePackFiles\i386\dmcompos.dll
+ 2008-04-14 00:11:52 285,184 ------w c:\windows\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 00:11:52 200,704 ------w c:\windows\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 00:11:52 181,248 ------w c:\windows\ServicePackFiles\i386\dmime.dll
+ 2008-04-13 18:44:46 153,344 ------w c:\windows\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 00:11:52 35,840 ------w c:\windows\ServicePackFiles\i386\dmloader.dll
+ 2008-04-14 00:12:17 15,872 ------w c:\windows\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 00:11:52 82,432 ------w c:\windows\ServicePackFiles\i386\dmscript.dll
+ 2008-04-14 00:11:52 23,552 ------w c:\windows\ServicePackFiles\i386\dmserver.dll
+ 2008-04-14 00:11:52 105,984 ------w c:\windows\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 00:11:52 103,424 ------w c:\windows\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 00:11:52 104,448 ------w c:\windows\ServicePackFiles\i386\dmusic.dll
+ 2008-04-13 18:45:01 52,864 ------w c:\windows\ServicePackFiles\i386\dmusic.sys
+ 2008-04-14 00:11:52 52,224 ------w c:\windows\ServicePackFiles\i386\dmutil.dll
+ 2008-04-14 00:11:52 147,968 ------w c:\windows\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 00:11:52 45,568 ------w c:\windows\ServicePackFiles\i386\dnsrslvr.dll
+ 2008-04-14 00:11:52 48,128 ------w c:\windows\ServicePackFiles\i386\docprop2.dll
+ 2004-08-10 11:00:00 53,840 ------w c:\windows\ServicePackFiles\i386\dosx.exe
+ 2008-04-14 00:11:52 26,112 ------w c:\windows\ServicePackFiles\i386\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w c:\windows\ServicePackFiles\i386\dot3cfg.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\ServicePackFiles\i386\dot3clnt.dll
+ 2008-04-14 00:11:52 9,216 ------w c:\windows\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-14 00:11:52 56,320 ------w c:\windows\ServicePackFiles\i386\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w c:\windows\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w c:\windows\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-13 18:39:46 206,976 ------w c:\windows\ServicePackFiles\i386\dot4.sys
+ 2008-04-14 00:11:52 102,912 ------w c:\windows\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-14 00:12:17 29,696 ------w c:\windows\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 00:11:52 229,888 ------w c:\windows\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 00:11:52 23,552 ------w c:\windows\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 00:09:19 3,072 ------w c:\windows\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 00:11:52 375,296 ------w c:\windows\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 00:11:52 35,328 ------w c:\windows\ServicePackFiles\i386\dpnhpast.dll
+ 2008-04-14 00:11:52 60,928 ------w c:\windows\ServicePackFiles\i386\dpnhupnp.dll
+ 2008-04-14 00:09:20 3,072 ------w c:\windows\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 00:12:17 17,920 ------w c:\windows\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 00:11:52 21,504 ------w c:\windows\ServicePackFiles\i386\dpvacm.dll
+ 2008-04-14 00:11:52 212,480 ------w c:\windows\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 00:12:18 83,456 ------w c:\windows\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 00:11:52 116,736 ------w c:\windows\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 00:11:52 57,344 ------w c:\windows\ServicePackFiles\i386\dpwsockx.dll
+ 2008-04-13 18:45:14 60,160 ------w c:\windows\ServicePackFiles\i386\drmk.sys
+ 2008-04-13 18:45:13 2,944 ------w c:\windows\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 00:11:52 14,336 ------w c:\windows\ServicePackFiles\i386\drprov.dll
+ 2008-04-14 00:12:18 62,976 ------w c:\windows\ServicePackFiles\i386\drvqry.exe
+ 2004-08-10 11:00:00 4,656 ------w c:\windows\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-14 00:11:52 16,384 ------w c:\windows\ServicePackFiles\i386\ds32gt.dll
+ 2008-04-14 00:11:52 181,248 ------w c:\windows\ServicePackFiles\i386\dsdmo.dll
+ 2008-04-14 00:11:52 71,680 ------w c:\windows\ServicePackFiles\i386\dsdmoprp.dll
+ 2008-04-14 00:11:52 92,672 ------w c:\windows\ServicePackFiles\i386\dskquota.dll
+ 2008-04-14 00:11:52 155,648 ------w c:\windows\ServicePackFiles\i386\dskquoui.dll
+ 2008-04-14 00:11:52 367,616 ------w c:\windows\ServicePackFiles\i386\dsound.dll
+ 2008-04-14 00:11:52 1,293,824 ------w c:\windows\ServicePackFiles\i386\dsound3d.dll
+ 2008-04-14 00:11:52 142,848 ------w c:\windows\ServicePackFiles\i386\dsprop.dll
+ 2008-04-13 17:09:30 4,096 ------w c:\windows\ServicePackFiles\i386\dsprpres.dll
+ 2008-04-14 00:11:52 239,104 ------w c:\windows\ServicePackFiles\i386\dsquery.dll
+ 2008-04-14 00:11:52 51,200 ------w c:\windows\ServicePackFiles\i386\dssec.dll
+ 2008-04-13 17:37:57 138,752 ------w c:\windows\ServicePackFiles\i386\dssenh.dll
+ 2008-04-14 00:11:52 113,152 ------w c:\windows\ServicePackFiles\i386\dsuiext.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\ServicePackFiles\i386\dswave.dll
+ 2008-04-14 00:12:18 10,752 ------w c:\windows\ServicePackFiles\i386\dumprep.exe
+ 2008-04-14 00:11:52 304,128 ------w c:\windows\ServicePackFiles\i386\duser.dll
+ 2008-04-14 00:12:18 17,920 ------w c:\windows\ServicePackFiles\i386\dvdupgrd.exe
+ 2008-04-14 00:12:18 180,224 ------w c:\windows\ServicePackFiles\i386\dwwin.exe
+ 2008-04-14 00:11:52 619,008 ------w c:\windows\ServicePackFiles\i386\dx7vb.dll
+ 2008-04-14 00:11:52 1,227,264 ------w c:\windows\ServicePackFiles\i386\dx8vb.dll
+ 2008-04-14 00:12:18 1,298,432 ------w c:\windows\ServicePackFiles\i386\dxdiag.exe
+ 2008-04-14 00:11:52 2,113,536 ------w c:\windows\ServicePackFiles\i386\dxdiagn.dll
+ 2008-04-13 18:38:29 71,168 ------w c:\windows\ServicePackFiles\i386\dxg.sys
+ 2008-04-14 00:11:52 357,888 ------w c:\windows\ServicePackFiles\i386\dxtmsft.dll
+ 2008-04-14 00:11:52 205,312 ------w c:\windows\ServicePackFiles\i386\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ------w c:\windows\ServicePackFiles\i386\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w c:\windows\ServicePackFiles\i386\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w c:\windows\ServicePackFiles\i386\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w c:\windows\ServicePackFiles\i386\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w c:\windows\ServicePackFiles\i386\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w c:\windows\ServicePackFiles\i386\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w c:\windows\ServicePackFiles\i386\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w c:\windows\ServicePackFiles\i386\eapsvc.dll
+ 2008-04-14 00:11:52 26,624 ------w c:\windows\ServicePackFiles\i386\efsadu.dll
+ 2008-04-14 00:11:53 183,296 ------w c:\windows\ServicePackFiles\i386\els.dll
+ 2008-04-14 00:11:53 20,480 ------w c:\windows\ServicePackFiles\i386\encapi.dll
+ 2008-04-14 00:11:53 186,880 ------w c:\windows\ServicePackFiles\i386\encdec.dll
+ 2008-04-13 16:26:02 40,960 ------w c:\windows\ServicePackFiles\i386\ep9res.dll
+ 2004-07-17 16:39:36 120,320 ------w c:\windows\ServicePackFiles\i386\epcl5res.dll
+ 2008-04-14 00:11:53 23,040 ------w c:\windows\ServicePackFiles\i386\ersvc.dll
+ 2008-04-14 00:11:53 246,272 ------w c:\windows\ServicePackFiles\i386\es.dll
+ 2008-04-14 00:11:53 1,082,368 ------w c:\windows\ServicePackFiles\i386\esent.dll
+ 2008-04-14 00:11:53 247,808 ------w c:\windows\ServicePackFiles\i386\esscli.dll
+ 2004-08-04 03:32:28 137,088 ------w c:\windows\ServicePackFiles\i386\essm2e.sys
+ 2008-04-14 00:12:19 193,024 ------w c:\windows\ServicePackFiles\i386\eudcedit.exe
+ 2008-04-14 00:12:19 50,688 ------w c:\windows\ServicePackFiles\i386\evcreate.exe
+ 2008-04-14 00:11:53 56,320 ------w c:\windows\ServicePackFiles\i386\eventlog.dll
+ 2004-07-20 00:54:06 798,720 ------w c:\windows\ServicePackFiles\i386\eventlogmessages.dll
+ 2008-04-14 00:11:53 101,888 ------w c:\windows\ServicePackFiles\i386\evntagnt.dll
+ 2008-04-14 00:12:19 24,064 ------w c:\windows\ServicePackFiles\i386\evntcmd.exe
+ 2008-04-14 00:11:53 21,504 ------w c:\windows\ServicePackFiles\i386\evntrprv.dll
+ 2008-04-14 00:12:19 92,160 ------w c:\windows\ServicePackFiles\i386\evntwin.exe
+ 2008-04-14 00:11:53 45,056 ------w c:\windows\ServicePackFiles\i386\evtgprov.dll
+ 2008-04-14 00:12:19 82,944 ------w c:\windows\ServicePackFiles\i386\evtrig.exe
+ 2008-04-14 00:12:19 1,033,728 ------w c:\windows\ServicePackFiles\i386\explorer.exe
+ 2008-04-14 00:11:53 380,445 ------w c:\windows\ServicePackFiles\i386\expsrv.dll
+ 2008-04-14 00:11:53 14,336 ------w c:\windows\ServicePackFiles\i386\exstrace.dll
+ 2008-04-14 00:11:53 55,808 ------w c:\windows\ServicePackFiles\i386\extmgr.dll
+ 2008-04-14 00:12:19 24,064 ------w c:\windows\ServicePackFiles\i386\extrac32.exe
+ 2008-04-14 00:11:53 125,952 ------w c:\windows\ServicePackFiles\i386\exts.dll
+ 2008-04-14 00:09:30 7,168 ------w c:\windows\ServicePackFiles\i386\f3ahvoas.dll
+ 2008-04-13 19:14:29 143,744 ------w c:\windows\ServicePackFiles\i386\fastfat.sys
+ 2008-04-14 00:11:53 472,064 ------w c:\windows\ServicePackFiles\i386\fastprox.dll
+ 2008-04-14 00:11:53 80,384 ------w c:\windows\ServicePackFiles\i386\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\ServicePackFiles\i386\faxpatch.exe
+ 2008-04-13 18:40:25 27,392 ------w c:\windows\ServicePackFiles\i386\fdc.sys
+ 2008-04-14 00:11:53 124,928 ------w c:\windows\ServicePackFiles\i386\fde.dll
+ 2008-04-14 00:11:53 73,728 ------w c:\windows\ServicePackFiles\i386\fdeploy.dll
+ 2008-04-14 00:11:53 21,504 ------w c:\windows\ServicePackFiles\i386\feclient.dll
+ 2008-04-14 00:11:53 337,920 ------w c:\windows\ServicePackFiles\i386\filemgmt.dll
+ 2008-04-14 00:12:20 27,136 ------w c:\windows\ServicePackFiles\i386\findstr.exe
+ 2008-04-13 18:33:28 44,544 ------w c:\windows\ServicePackFiles\i386\fips.sys
+ 2008-04-14 00:11:53 87,552 ------w c:\windows\ServicePackFiles\i386\fldrclnr.dll
+ 2008-04-13 18:40:25 20,480 ------w c:\windows\ServicePackFiles\i386\flpydisk.sys
+ 2008-04-14 00:11:53 16,896 ------w c:\windows\ServicePackFiles\i386\fltlib.dll
+ 2008-04-14 00:12:20 23,040 ------w c:\windows\ServicePackFiles\i386\fltmc.exe
+ 2008-04-13 18:32:59 129,792 ------w c:\windows\ServicePackFiles\i386\fltmgr.sys
+ 2008-04-14 00:11:53 382,976 ------w c:\windows\ServicePackFiles\i386\fontext.dll
+ 2008-04-14 00:11:53 80,896 ------w c:\windows\ServicePackFiles\i386\fontsub.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\ServicePackFiles\i386\fontview.exe
+ 2008-04-14 00:12:20 7,680 ------w c:\windows\ServicePackFiles\i386\forcedos.exe
+ 2004-08-04 03:31:24 34,173 ------w c:\windows\ServicePackFiles\i386\forehe.sys
+ 2008-04-14 00:12:42 29,696 ------w c:\windows\ServicePackFiles\i386\format.com
+ 2008-04-14 00:11:53 32,828 ------w c:\windows\ServicePackFiles\i386\fp40ext.dll
+ 2008-04-14 00:11:53 184,435 ------w c:\windows\ServicePackFiles\i386\fp4amsft.dll
+ 2008-04-14 00:11:53 82,035 ------w c:\windows\ServicePackFiles\i386\fp4anscp.dll
+ 2008-04-14 00:11:53 147,513 ------w c:\windows\ServicePackFiles\i386\fp4apws.dll
+ 2008-04-14 00:11:53 49,210 ------w c:\windows\ServicePackFiles\i386\fp4areg.dll
+ 2008-04-14 00:11:53 102,509 ------w c:\windows\ServicePackFiles\i386\fp4atxt.dll
+ 2008-04-14 00:11:53 618,605 ------w c:\windows\ServicePackFiles\i386\fp4autl.dll
+ 2008-04-14 00:11:53 41,020 ------w c:\windows\ServicePackFiles\i386\fp4avnb.dll
+ 2008-04-14 00:11:53 32,826 ------w c:\windows\ServicePackFiles\i386\fp4avss.dll
+ 2008-04-14 00:11:53 49,212 ------w c:\windows\ServicePackFiles\i386\fp4awebs.dll
+ 2008-04-14 00:11:53 876,653 ------w c:\windows\ServicePackFiles\i386\fp4awel.dll
+ 2008-04-14 00:12:20 15,120 ------w c:\windows\ServicePackFiles\i386\fp98sadm.exe
+ 2008-04-14 00:12:20 109,840 ------w c:\windows\ServicePackFiles\i386\fp98swin.exe
+ 2008-04-14 00:12:20 24,632 ------w c:\windows\ServicePackFiles\i386\fpadmcgi.exe
+ 2008-04-14 00:11:53 20,541 ------w c:\windows\ServicePackFiles\i386\fpadmdll.dll
+ 2008-04-14 00:12:20 188,494 ------w c:\windows\ServicePackFiles\i386\fpcount.exe
+ 2008-04-14 00:11:53 94,208 ------w c:\windows\ServicePackFiles\i386\fpencode.dll
+ 2008-04-14 00:11:53 20,541 ------w c:\windows\ServicePackFiles\i386\fpexedll.dll
+ 2008-04-14 00:11:53 598,071 ------w c:\windows\ServicePackFiles\i386\fpmmc.dll
+ 2007-04-02 16:36:04 208,896 ------w c:\windows\ServicePackFiles\i386\fpmmcsat.dll
+ 2008-04-14 00:12:20 20,538 ------w c:\windows\ServicePackFiles\i386\fpremadm.exe
+ 2008-04-14 00:12:20 28,728 ------w c:\windows\ServicePackFiles\i386\fpsrvadm.exe
+ 2008-04-14 00:09:33 9,344 ------w c:\windows\ServicePackFiles\i386\framebuf.dll
+ 2008-04-14 00:11:53 185,344 ------w c:\windows\ServicePackFiles\i386\framedyn.dll
+ 2008-04-14 00:12:20 193,024 ------w c:\windows\ServicePackFiles\i386\fsquirt.exe
+ 2008-04-14 00:12:20 42,496 ------w c:\windows\ServicePackFiles\i386\ftp.exe
+ 2008-04-14 00:11:53 6,144 ------w c:\windows\ServicePackFiles\i386\ftpmib.dll
+ 2008-04-14 00:11:53 125,952 ------w c:\windows\ServicePackFiles\i386\ftpsv251.dll
+ 2004-07-20 00:54:06 233,472 ------w c:\windows\ServicePackFiles\i386\fusion.dll
+ 2008-04-14 00:11:53 60,416 ------w c:\windows\ServicePackFiles\i386\fwcfg.dll
+ 2008-04-14 00:11:53 451,584 ------w c:\windows\ServicePackFiles\i386\fxsapi.dll
+ 2008-04-14 00:12:21 142,848 ------w c:\windows\ServicePackFiles\i386\fxsclnt.exe
+ 2008-04-14 00:11:54 72,192 ------w c:\windows\ServicePackFiles\i386\fxscom.dll
+ 2008-04-14 00:11:54 285,184 ------w c:\windows\ServicePackFiles\i386\fxscomex.dll
+ 2008-04-14 00:12:21 229,376 ------w c:\windows\ServicePackFiles\i386\fxscover.exe
+ 2008-04-14 00:11:54 26,624 ------w c:\windows\ServicePackFiles\i386\fxsdrv.dll
+ 2008-04-14 00:11:54 55,296 ------w c:\windows\ServicePackFiles\i386\fxsevent.dll
+ 2008-04-14 00:11:54 23,552 ------w c:\windows\ServicePackFiles\i386\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ------w c:\windows\ServicePackFiles\i386\fxsmon.dll
+ 2008-04-14 00:11:54 132,608 ------w c:\windows\ServicePackFiles\i386\fxsocm.dll
+ 2008-04-14 00:11:54 8,704 ------w c:\windows\ServicePackFiles\i386\fxsperf.dll
+ 2008-04-14 00:09:33 6,656 ------w c:\windows\ServicePackFiles\i386\fxsres.dll
+ 2008-04-14 00:11:54 562,176 ------w c:\windows\ServicePackFiles\i386\fxsst.dll
+ 2008-04-14 00:12:21 267,776 ------w c:\windows\ServicePackFiles\i386\fxssvc.exe
+ 2008-04-14 00:11:54 246,272 ------w c:\windows\ServicePackFiles\i386\fxst30.dll
+ 2008-04-14 00:11:54 397,312 ------w c:\windows\ServicePackFiles\i386\fxstiff.dll
+ 2008-04-14 00:11:54 154,112 ------w c:\windows\ServicePackFiles\i386\fxsui.dll
+ 2008-04-14 00:11:54 192,512 ------w c:\windows\ServicePackFiles\i386\fxswzrd.dll
+ 2008-04-14 00:11:54 400,384 ------w c:\windows\ServicePackFiles\i386\fxsxp32.dll
+ 2008-04-13 18:36:40 46,464 ------w c:\windows\ServicePackFiles\i386\gagp30kx.sys
+ 2008-04-13 18:45:29 10,624 ------w c:\windows\ServicePackFiles\i386\gameenum.sys
+ 2008-04-13 18:45:32 59,136 ------w c:\windows\ServicePackFiles\i386\gckernel.sys
+ 2008-04-14 00:11:54 285,184 ------w c:\windows\ServicePackFiles\i386\gdi32.dll
+ 2008-04-14 00:12:21 59,904 ------w c:\windows\ServicePackFiles\i386\getmac.exe
+ 2008-04-14 00:11:54 122,880 ------w c:\windows\ServicePackFiles\i386\glu32.dll
+ 2008-04-14 00:09:35 566,784 ------w c:\windows\ServicePackFiles\i386\gpedit.dll
+ 2004-08-10 11:00:00 101,888 ------w c:\windows\ServicePackFiles\i386\gpkcsp.dll
+ 2006-12-31 01:26:44 9,728 ------w c:\windows\ServicePackFiles\i386\gpkrsrc.dll
+ 2008-04-14 00:12:21 120,832 ------w c:\windows\ServicePackFiles\i386\gprslt.exe
+ 2008-04-14 00:11:54 199,680 ------w c:\windows\ServicePackFiles\i386\gptext.dll
+ 2008-04-14 00:12:21 39,424 ------w c:\windows\ServicePackFiles\i386\grpconv.exe
+ 2008-04-13 18:40:21 28,288 ------w c:\windows\ServicePackFiles\i386\grserial.sys
+ 2008-04-14 00:11:54 133,120 ------w c:\windows\ServicePackFiles\i386\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w c:\windows\ServicePackFiles\i386\guitrna.dll
+ 2008-04-14 00:11:54 32,256 ------w c:\windows\ServicePackFiles\i386\gzip.dll
+ 2008-04-14 00:11:54 57,344 ------w c:\windows\ServicePackFiles\i386\h323cc.dll
+ 2008-04-14 00:11:54 614,912 ------w c:\windows\ServicePackFiles\i386\h323msp.dll
+ 2008-04-13 18:31:32 105,344 ------w c:\windows\ServicePackFiles\i386\hal.dll
+ 2008-04-13 18:31:28 131,840 ------w c:\windows\ServicePackFiles\i386\halaacpi.dll
+ 2008-04-13 18:31:27 81,152 ------w c:\windows\ServicePackFiles\i386\halacpi.dll
+ 2008-04-13 18:31:28 150,528 ------w c:\windows\ServicePackFiles\i386\halapic.dll
+ 2008-04-13 18:31:28 134,400 ------w c:\windows\ServicePackFiles\i386\halmacpi.dll
+ 2008-04-13 18:31:32 152,576 ------w c:\windows\ServicePackFiles\i386\halmps.dll
+ 2008-04-13 18:31:31 77,696 ------w c:\windows\ServicePackFiles\i386\halsp.dll
+ 2008-04-14 00:11:54 7,168 ------w c:\windows\ServicePackFiles\i386\hccoin.dll
+ 2008-04-13 16:36:05 144,384 ------w c:\windows\ServicePackFiles\i386\hdaudbus.sys
+ 2008-04-14 00:12:21 15,872 ------w c:\windows\ServicePackFiles\i386\help.exe
+ 2008-04-14 00:12:21 769,024 ------w c:\windows\ServicePackFiles\i386\helpctr.exe
+ 2008-04-14 00:12:21 744,448 ------w c:\windows\ServicePackFiles\i386\helpsvc.exe
+ 2008-04-14 00:12:21 10,752 ------w c:\windows\ServicePackFiles\i386\hh.exe
+ 2008-04-14 00:11:54 41,472 ------w c:\windows\ServicePackFiles\i386\hhsetup.dll
+ 2008-04-14 00:11:54 20,992 ------w c:\windows\ServicePackFiles\i386\hid.dll
+ 2008-04-13 18:36:38 20,352 ------w c:\windows\ServicePackFiles\i386\hidbatt.sys
+ 2008-04-13 18:46:30 25,600 ------w c:\windows\ServicePackFiles\i386\hidbth.sys
+ 2008-04-13 18:45:26 36,864 ------w c:\windows\ServicePackFiles\i386\hidclass.sys
+ 2008-04-13 18:45:26 19,200 ------w c:\windows\ServicePackFiles\i386\hidir.sys
+ 2008-04-13 18:45:22 24,960 ------w c:\windows\ServicePackFiles\i386\hidparse.sys
+ 2008-04-14 00:11:54 21,504 ------w c:\windows\ServicePackFiles\i386\hidserv.dll
+ 2008-04-13 18:45:27 10,368 ------w c:\windows\ServicePackFiles\i386\hidusb.sys
+ 2008-04-14 00:11:54 72,704 ------w c:\windows\ServicePackFiles\i386\hlink.dll
+ 2008-04-14 00:11:54 38,912 ------w c:\windows\ServicePackFiles\i386\hmmapi.dll
+ 2008-04-14 00:11:54 344,064 ------w c:\windows\ServicePackFiles\i386\hnetcfg.dll
+ 2008-04-14 00:11:54 330,752 ------w c:\windows\ServicePackFiles\i386\hnetwiz.dll
+ 2008-04-14 00:11:54 39,936 ------w c:\windows\ServicePackFiles\i386\hostmib.dll
+ 2008-04-14 00:11:54 144,896 ------w c:\windows\ServicePackFiles\i386\hotplug.dll
+ 2008-04-14 00:11:54 10,752 ------w c:\windows\ServicePackFiles\i386\hpcjrr.dll
+ 2008-04-14 00:11:54 10,240 ------w c:\windows\ServicePackFiles\i386\hpcjrrps.dll
+ 2008-04-14 00:11:54 87,552 ------w c:\windows\ServicePackFiles\i386\hpfud50.dll
+ 2008-04-14 00:12:21 18,432 ------w c:\windows\ServicePackFiles\i386\hscupd.exe
+ 2004-08-04 03:41:48 220,032 ------w c:\windows\ServicePackFiles\i386\hsfbs2s2.sys
+ 2008-04-14 00:11:54 32,285 ------w c:\windows\ServicePackFiles\i386\hsfcisp2.dll
+ 2004-08-04 03:41:50 685,056 ------w c:\windows\ServicePackFiles\i386\hsfcxts2.sys
+ 2004-08-04 03:41:56 1,041,536 ------w c:\windows\ServicePackFiles\i386\hsfdpsp2.sys
+ 2008-04-13 18:53:53 264,832 ------w c:\windows\ServicePackFiles\i386\http.sys
+ 2008-04-14 00:11:54 24,576 ------w c:\windows\ServicePackFiles\i386\httpapi.dll
+ 2008-04-14 00:11:54 268,288 ------w c:\windows\ServicePackFiles\i386\httpext.dll
+ 2008-04-14 00:11:54 8,192 ------w c:\windows\ServicePackFiles\i386\httpmb51.dll
+ 2008-04-14 00:11:54 61,440 ------w c:\windows\ServicePackFiles\i386\httpod51.dll
+ 2008-04-14 00:11:54 41,984 ------w c:\windows\ServicePackFiles\i386\htui.dll
+ 2008-04-14 00:11:54 347,136 ------w c:\windows\ServicePackFiles\i386\hypertrm.dll
+ 2008-04-13 18:41:22 8,576 ------w c:\windows\ServicePackFiles\i386\i2omgmt.sys
+ 2008-04-13 18:41:22 18,560 ------w c:\windows\ServicePackFiles\i386\i2omp.sys
+ 2008-04-13 19:18:00 52,480 ------w c:\windows\ServicePackFiles\i386\i8042prt.sys
+ 2008-04-14 00:11:54 702,845 ------w c:\windows\ServicePackFiles\i386\i81xdnt5.dll
+ 2004-08-04 03:29:38 161,020 ------w c:\windows\ServicePackFiles\i386\i81xnt5.sys
+ 2008-04-14 00:11:54 119,808 ------w c:\windows\ServicePackFiles\i386\iasrad.dll
+ 2008-04-14 00:11:54 11,264 ------w c:\windows\ServicePackFiles\i386\icaapi.dll
+ 2008-04-14 00:11:54 80,384 ------w c:\windows\ServicePackFiles\i386\iccvid.dll
+ 2008-04-14 00:11:54 254,976 ------w c:\windows\ServicePackFiles\i386\icm32.dll
+ 2008-04-14 00:09:40 3,584 ------w c:\windows\ServicePackFiles\i386\icmp.dll
+ 2008-04-13 16:44:29 2,560 ------w c:\windows\ServicePackFiles\i386\iconlib.dll
+ 2008-04-14 00:11:54 61,440 ------w c:\windows\ServicePackFiles\i386\icwconn.dll
+ 2008-04-14 00:12:22 214,528 ------w c:\windows\ServicePackFiles\i386\icwconn1.exe
+ 2008-04-14 00:12:22 86,016 ------w c:\windows\ServicePackFiles\i386\icwconn2.exe
+ 2008-04-14 00:11:54 73,728 ------w c:\windows\ServicePackFiles\i386\icwdial.dll
+ 2008-04-14 00:11:54 32,768 ------w c:\windows\ServicePackFiles\i386\icwdl.dll
+ 2008-04-14 00:11:54 172,032 ------w c:\windows\ServicePackFiles\i386\icwhelp.dll
+ 2008-04-14 00:11:54 65,536 ------w c:\windows\ServicePackFiles\i386\icwphbk.dll
+ 2008-04-14 00:12:22 24,576 ------w c:\windows\ServicePackFiles\i386\icwrmind.exe
+ 2008-04-14 00:11:54 49,152 ------w c:\windows\ServicePackFiles\i386\icwutil.dll
+ 2008-04-14 00:11:54 120,832 ------w c:\windows\ServicePackFiles\i386\idq.dll
+ 2008-04-14 00:12:22 34,304 ------w c:\windows\ServicePackFiles\i386\ie4uinit.exe
+ 2008-04-14 00:11:54 143,360 ------w c:\windows\ServicePackFiles\i386\ieakeng.dll
+ 2008-04-14 00:11:54 216,576 ------w c:\windows\ServicePackFiles\i386\ieaksie.dll
+ 2008-04-14 00:11:54 323,584 ------w c:\windows\ServicePackFiles\i386\iedkcs32.dll
+ 2008-04-14 00:12:22 18,432 ------w c:\windows\ServicePackFiles\i386\iedw.exe
+ 2008-04-14 00:11:54 81,920 ------w c:\windows\ServicePackFiles\i386\ieencode.dll
+ 2007-01-02 21:29:28 8,192 ------w c:\windows\ServicePackFiles\i386\ieexec.exe
+ 2004-07-20 00:54:06 7,168 ------w c:\windows\ServicePackFiles\i386\ieexecremote.dll
+ 2004-07-20 00:54:06 32,768 ------w c:\windows\ServicePackFiles\i386\iehost.dll
+ 2008-04-14 00:11:54 251,904 ------w c:\windows\ServicePackFiles\i386\iepeers.dll
+ 2008-04-14 00:11:54 48,640 ------w c:\windows\ServicePackFiles\i386\iernonce.dll
+ 2008-04-14 00:11:54 62,976 ------w c:\windows\ServicePackFiles\i386\iesetup.dll
+ 2008-04-14 00:12:22 93,184 ------w c:\windows\ServicePackFiles\i386\iexplore.exe
+ 2008-04-14 00:12:22 114,688 ------w c:\windows\ServicePackFiles\i386\iexpress.exe
+ 2008-04-14 00:11:54 135,680 ------w c:\windows\ServicePackFiles\i386\ifmon.dll
+ 2008-04-14 00:11:54 8,192 ------w c:\windows\ServicePackFiles\i386\igmpagnt.dll
+ 2008-04-14 00:11:54 505,344 ------w c:\windows\ServicePackFiles\i386\iis.dll
+ 2008-04-14 00:11:54 25,088 ------w c:\windows\ServicePackFiles\i386\iisadmin.dll
+ 2008-04-14 00:11:54 145,408 ------w c:\windows\ServicePackFiles\i386\iische51.dll
+ 2008-04-14 00:11:54 68,608 ------w c:\windows\ServicePackFiles\i386\iisext51.dll
+ 2008-04-14 00:11:54 7,168 ------w c:\windows\ServicePackFiles\i386\iisfecnv.dll
+ 2008-04-14 00:11:54 79,872 ------w c:\windows\ServicePackFiles\i386\iislog51.dll
+ 2008-04-14 00:11:54 64,512 ------w c:\windows\ServicePackFiles\i386\iismap.dll
+ 2008-04-14 00:12:22 30,720 ------w c:\windows\ServicePackFiles\i386\iisrstas.exe
+ 2008-04-14 00:11:54 133,632 ------w c:\windows\ServicePackFiles\i386\iisrtl.dll
+ 2004-08-04 04:11:48 184,320 ------w c:\windows\ServicePackFiles\i386\ilasm.exe
+ 2008-04-14 00:11:54 81,920 ------w c:\windows\ServicePackFiles\i386\ils.dll
+ 2008-04-14 00:11:54 144,384 ------w c:\windows\ServicePackFiles\i386\imagehlp.dll
+ 2008-04-14 00:12:22 150,528 ------w c:\windows\ServicePackFiles\i386\imapi.exe
+ 2008-04-13 18:40:58 42,112 ------w c:\windows\ServicePackFiles\i386\imapi.sys
+ 2008-04-14 00:11:54 36,921 ------w c:\windows\ServicePackFiles\i386\imeshare.dll
+ 2008-04-14 00:11:54 35,840 ------w c:\windows\ServicePackFiles\i386\imgutil.dll
+ 2008-04-14 00:11:54 110,080 ------w c:\windows\ServicePackFiles\i386\imm32.dll
+ 2008-04-14 00:11:54 123,392 ------w c:\windows\ServicePackFiles\i386\imsinsnt.dll
+ 2008-04-14 00:11:54 274,432 ------w c:\windows\ServicePackFiles\i386\inetcfg.dll
+ 2008-04-14 00:11:54 691,712 ------w c:\windows\ServicePackFiles\i386\inetcomm.dll
+ 2008-04-14 00:12:22 15,360 ------w c:\windows\ServicePackFiles\i386\inetin51.exe
+ 2008-04-14 00:11:55 829,440 ------w c:\windows\ServicePackFiles\i386\inetmgr.dll
+ 2008-04-14 00:11:55 32,768 ------w c:\windows\ServicePackFiles\i386\inetmib1.dll
+ 2008-04-14 00:11:55 75,264 ------w c:\windows\ServicePackFiles\i386\inetpp.dll
+ 2008-04-14 00:11:55 15,872 ------w c:\windows\ServicePackFiles\i386\inetppui.dll
+ 2008-04-13 16:22:12 48,128 ------w c:\windows\ServicePackFiles\i386\inetres.dll
+ 2008-04-14 00:12:22 20,480 ------w c:\windows\ServicePackFiles\i386\inetwiz.exe
+ 2008-04-14 00:11:55 13,312 ------w c:\windows\ServicePackFiles\i386\infoadmn.dll
+ 2008-04-14 00:11:55 257,024 ------w c:\windows\ServicePackFiles\i386\infocomm.dll
+ 2008-04-14 00:11:55 147,456 ------w c:\windows\ServicePackFiles\i386\initpki.dll
+ 2008-04-14 00:11:55 123,392 ------w c:\windows\ServicePackFiles\i386\input.dll
+ 2008-04-14 00:11:55 96,256 ------w c:\windows\ServicePackFiles\i386\inseng.dll
+ 2004-07-20 00:54:06 24,576 ------w c:\windows\ServicePackFiles\i386\installutil.exe
+ 2008-04-13 18:40:29 5,504 ------w c:\windows\ServicePackFiles\i386\intelide.sys
+ 2008-04-13 18:31:32 36,352 ------w c:\windows\ServicePackFiles\i386\intelppm.sys
+ 2008-04-13 18:53:34 36,608 ------w c:\windows\ServicePackFiles\i386\ip6fw.sys
+ 2008-04-14 00:12:22 55,808 ------w c:\windows\ServicePackFiles\i386\ipconfig.exe
+ 2008-04-14 00:09:30 103,424 ------w c:\windows\ServicePackFiles\i386\ipevldpc.dll
+ 2008-04-14 00:09:23 24,064 ------w c:\windows\ServicePackFiles\i386\ipevlpid.dll
+ 2008-04-14 00:11:55 94,720 ------w c:\windows\ServicePackFiles\i386\iphlpapi.dll
+ 2008-04-13 18:57:07 20,864 ------w c:\windows\ServicePackFiles\i386\ipinip.sys
+ 2008-04-14 00:11:55 161,280 ------w c:\windows\ServicePackFiles\i386\ipmontr.dll
+ 2008-04-13 18:57:15 152,832 ------w c:\windows\ServicePackFiles\i386\ipnat.sys
+ 2008-04-14 00:11:55 331,264 ------w c:\windows\ServicePackFiles\i386\ipnathlp.dll
+ 2008-04-14 00:11:55 330,752 ------w c:\windows\ServicePackFiles\i386\ippromon.dll
+ 2008-04-14 00:11:55 35,328 ------w c:\windows\ServicePackFiles\i386\iprip.dll
+ 2008-04-14 00:11:55 177,152 ------w c:\windows\ServicePackFiles\i386\iprtrmgr.dll
+ 2008-04-13 19:19:42 75,264 ------w c:\windows\ServicePackFiles\i386\ipsec.sys
+ 2008-04-14 00:11:55 349,696 ------w c:\windows\ServicePackFiles\i386\ipsecsnp.dll
+ 2008-04-14 00:11:55 183,808 ------w c:\windows\ServicePackFiles\i386\ipsecsvc.dll
+ 2008-04-14 00:10:45 102,912 ------w c:\windows\ServicePackFiles\i386\ipseldpc.dll
+ 2008-04-14 00:09:24 24,064 ------w c:\windows\ServicePackFiles\i386\ipselpid.dll
+ 2008-04-14 00:11:55 384,000 ------w c:\windows\ServicePackFiles\i386\ipsmsnap.dll
+ 2008-04-14 00:12:23 53,248 ------w c:\windows\ServicePackFiles\i386\ipv6.exe
+ 2008-04-14 00:11:55 59,904 ------w c:\windows\ServicePackFiles\i386\ipv6mon.dll
+ 2008-04-14 00:12:23 23,552 ------w c:\windows\ServicePackFiles\i386\ipxroute.exe
+ 2008-04-14 00:11:55 22,016 ------w c:\windows\ServicePackFiles\i386\ipxwan.dll
+ 2008-04-14 00:11:55 120,320 ------w c:\windows\ServicePackFiles\i386\ir41_qc.dll
+ 2008-04-14 00:11:55 338,432 ------w c:\windows\ServicePackFiles\i386\ir41_qcx.dll
+ 2008-04-14 00:11:55 755,200 ------w c:\windows\ServicePackFiles\i386\ir50_32.dll
+ 2008-04-14 00:11:55 200,192 ------w c:\windows\ServicePackFiles\i386\ir50_qc.dll
+ 2008-04-14 00:11:55 183,808 ------w c:\windows\ServicePackFiles\i386\ir50_qcx.dll
+ 2008-04-13 18:45:34 46,592 ------w c:\windows\ServicePackFiles\i386\irbus.sys
+ 2008-04-13 18:54:36 88,192 ------w c:\windows\ServicePackFiles\i386\irda.sys
+ 2008-04-13 18:54:28 11,264 ------w c:\windows\ServicePackFiles\i386\irenum.sys
+ 2008-04-14 00:12:23 151,552 ------w c:\windows\ServicePackFiles\i386\irftp.exe
+ 2008-04-14 00:11:55 28,160 ------w c:\windows\ServicePackFiles\i386\irmon.dll
+ 2008-04-13 18:36:41 37,248 ------w c:\windows\ServicePackFiles\i386\isapnp.sys
+ 2008-04-14 00:11:55 68,608 ------w c:\windows\ServicePackFiles\i386\isatq.dll
+ 2008-04-14 00:11:55 26,624 ------w c:\windows\ServicePackFiles\i386\iscomlog.dll
+ 2008-04-14 00:10:32 105,984 ------w c:\windows\ServicePackFiles\i386\isdpc.dll
+ 2008-04-14 00:10:55 105,984 ------w c:\windows\ServicePackFiles\i386\isendpc.dll
+ 2008-04-14 00:10:55 24,064 ------w c:\windows\ServicePackFiles\i386\isenpid.dll
+ 2008-04-14 00:11:55 81,920 ------w c:\windows\ServicePackFiles\i386\isign32.dll
+ 2008-04-14 00:10:32 24,064 ------w c:\windows\ServicePackFiles\i386\ispid.dll
+ 2008-04-14 00:11:55 32,768 ------w c:\windows\ServicePackFiles\i386\isrdbg32.dll
+ 2008-04-14 00:11:55 155,136 ------w c:\windows\ServicePackFiles\i386\itircl.dll
+ 2008-04-14 00:11:55 138,240 ------w c:\windows\ServicePackFiles\i386\itss.dll
+ 2008-04-14 00:11:55 191,488 ------w c:\windows\ServicePackFiles\i386\iuengine.dll
+ 2008-04-14 00:11:55 54,272 ------w c:\windows\ServicePackFiles\i386\ixsso.dll
+ 2008-04-14 00:11:55 47,616 ------w c:\windows\ServicePackFiles\i386\iyuv_32.dll
+ 2008-04-14 00:11:55 163,840 ------w c:\windows\ServicePackFiles\i386\jgdw400.dll
+ 2008-04-14 00:11:55 27,648 ------w c:\windows\ServicePackFiles\i386\jgpl400.dll
+ 2004-07-20 00:54:06 40,960 ------w c:\windows\ServicePackFiles\i386\jsc.exe
+ 2008-04-14 00:11:56 512,000 ------w c:\windows\ServicePackFiles\i386\jscript.dll
+ 2008-04-14 00:11:56 15,872 ------w c:\windows\ServicePackFiles\i386\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd101.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdbhc.dll
+ 2008-04-13 18:39:47 24,576 ------w c:\windows\ServicePackFiles\i386\kbdclass.sys
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdfi1.dll
+ 2008-04-13 18:39:48 14,592 ------w c:\windows\ServicePackFiles\i386\kbdhid.sys
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdibm02.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdinben.dll
+ 2008-04-14 00:09:55 6,656 ------w c:\windows\ServicePackFiles\i386\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdiultn.dll
+ 2008-04-14 00:09:55 6,656 ------w c:\windows\ServicePackFiles\i386\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdlk41j.dll
+ 2008-04-14 00:09:55 5,632 ------w c:\windows\ServicePackFiles\i386\kbdmaori.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdmlt48.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdnepr.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdpash.dll
+ 2008-04-14 00:09:55 7,680 ------w c:\windows\ServicePackFiles\i386\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ------w c:\windows\ServicePackFiles\i386\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdukx.dll
+ 2008-04-13 18:31:35 7,424 ------w c:\windows\ServicePackFiles\i386\kd1394.dll
+ 2008-04-14 00:11:56 184,832 ------w c:\windows\ServicePackFiles\i386\kdcsvc.dll
+ 2008-04-14 00:11:56 48,640 ------w c:\windows\ServicePackFiles\i386\kdsui.dll
+ 2008-04-14 00:11:56 253,952 ------w c:\windows\ServicePackFiles\i386\kdsusd.dll
+ 2008-04-14 00:11:56 299,520 ------w c:\windows\ServicePackFiles\i386\kerberos.dll
+ 2008-04-14 00:11:56 989,696 ------w c:\windows\ServicePackFiles\i386\kernel32.dll
+ 2004-08-10 11:00:00 42,537 ------w c:\windows\ServicePackFiles\i386\keyboard.sys
+ 2008-04-14 00:11:56 150,528 ------w c:\windows\ServicePackFiles\i386\keymgr.dll
+ 2008-04-13 18:45:09 172,416 ------w c:\windows\ServicePackFiles\i386\kmixer.sys
+ 2008-04-14 00:11:56 61,440 ------w c:\windows\ServicePackFiles\i386\kmsvc.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\knperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w c:\windows\ServicePackFiles\i386\knperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\knprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w c:\windows\ServicePackFiles\i386\knpropid.dll
+ 2008-04-14 00:11:56 8,192 ------w c:\windows\ServicePackFiles\i386\koc.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\kperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w c:\windows\ServicePackFiles\i386\kperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\kprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w c:\windows\ServicePackFiles\i386\kpropid.dll
+ 2004-08-10 11:00:00 92,224 ------w c:\windows\ServicePackFiles\i386\krnl386.exe
+ 2008-04-14 00:11:56 24,576 ------w c:\windows\ServicePackFiles\i386\krnlprov.dll
+ 2008-04-13 19:16:36 141,056 ------w c:\windows\ServicePackFiles\i386\ks.sys
+ 2008-04-13 18:31:43 92,288 ------w c:\windows\ServicePackFiles\i386\ksecdd.sys
+ 2008-04-14 00:11:56 4,096 ------w c:\windows\ServicePackFiles\i386\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w c:\windows\ServicePackFiles\i386\l2store.dll
+ 2008-04-14 00:09:05 97,792 ------w c:\windows\ServicePackFiles\i386\lang\chtmbx.dll
+ 2008-04-14 00:09:05 56,320 ------w c:\windows\ServicePackFiles\i386\lang\chtskdic.dll
+ 2008-04-14 00:09:05 173,568 ------w c:\windows\ServicePackFiles\i386\lang\chtskf.dll
+ 2008-04-14 00:09:06 198,656 ------w c:\windows\ServicePackFiles\i386\lang\cintime.dll
+ 2004-08-10 11:00:00 480,256 ------w c:\windows\ServicePackFiles\i386\lang\cintsetp.exe
+ 2004-08-10 11:00:00 57,399 ------w c:\windows\ServicePackFiles\i386\lang\cplexe.exe
+ 2008-04-14 00:09:39 13,463,552 ------w c:\windows\ServicePackFiles\i386\lang\hwxjpn.dll
+ 2008-04-14 00:09:43 106,496 ------w c:\windows\ServicePackFiles\i386\lang\imekrcic.dll
+ 2008-04-14 00:09:43 86,016 ------w c:\windows\ServicePackFiles\i386\lang\imekrmbx.dll
+ 2008-04-14 00:09:44 811,064 ------w c:\windows\ServicePackFiles\i386\lang\imjp81k.dll
+ 2008-04-14 00:09:45 368,696 ------w c:\windows\ServicePackFiles\i386\lang\imjpcic.dll
+ 2008-04-14 00:09:45 716,856 ------w c:\windows\ServicePackFiles\i386\lang\imjpcus.dll
+ 2008-04-14 00:09:45 81,976 ------w c:\windows\ServicePackFiles\i386\lang\imjpdct.dll
+ 2004-08-10 11:00:00 307,257 ------w c:\windows\ServicePackFiles\i386\lang\imjpdct.exe
+ 2004-08-10 11:00:00 155,705 ------w c:\windows\ServicePackFiles\i386\lang\imjpdsvr.exe
+ 2004-08-10 11:00:00 196,665 ------w c:\windows\ServicePackFiles\i386\lang\imjpinst.exe
+ 2004-08-10 11:00:00 208,952 ------w c:\windows\ServicePackFiles\i386\lang\imjpmig.exe
+ 2004-08-10 11:00:00 233,527 ------w c:\windows\ServicePackFiles\i386\lang\imjprw.exe
+ 2004-08-10 11:00:00 262,200 ------w c:\windows\ServicePackFiles\i386\lang\imjputy.exe
+ 2008-04-14 00:09:46 274,489 ------w c:\windows\ServicePackFiles\i386\lang\imjputyc.dll
+ 2008-04-14 00:09:46 102,456 ------w c:\windows\ServicePackFiles\i386\lang\imlang.dll
+ 2004-08-10 11:00:00 59,392 ------w c:\windows\ServicePackFiles\i386\lang\imscinst.exe
+ 2008-04-14 00:09:47 315,455 ------w c:\windows\ServicePackFiles\i386\lang\imskf.dll
+ 2008-04-14 00:10:33 15,872 ------w c:\windows\ServicePackFiles\i386\lang\padrs404.dll
+ 2008-04-14 00:10:33 15,360 ------w c:\windows\ServicePackFiles\i386\lang\padrs804.dll
+ 2008-04-14 00:10:34 175,104 ------w c:\windows\ServicePackFiles\i386\lang\pintlcsa.dll
+ 2008-04-14 00:10:34 53,760 ------w c:\windows\ServicePackFiles\i386\lang\pintlcsd.dll
+ 2008-04-13 16:43:36 70,144 ------w c:\windows\ServicePackFiles\i386\lang\pintlphr.exe
+ 2008-04-14 00:10:34 67,584 ------w c:\windows\ServicePackFiles\i386\lang\pmigrate.dll
+ 2004-08-10 11:00:00 44,032 ------w c:\windows\ServicePackFiles\i386\lang\tintlphr.exe
+ 2004-08-10 11:00:00 455,168 ------w c:\windows\ServicePackFiles\i386\lang\tintsetp.exe
+ 2008-04-14 00:10:59 10,240 ------w c:\windows\ServicePackFiles\i386\lang\tmigrate.dll
+ 2008-04-14 00:11:01 76,288 ------w c:\windows\ServicePackFiles\i386\lang\uniime.dll
+ 2008-04-14 00:11:04 426,041 ------w c:\windows\ServicePackFiles\i386\lang\voicepad.dll
+ 2008-04-14 00:11:04 86,073 ------w c:\windows\ServicePackFiles\i386\lang\voicesub.dll
+ 2008-04-13 18:40:26 34,688 ------w c:\windows\ServicePackFiles\i386\lbrtfdc.sys
+ 2008-04-14 00:12:23 677,888 ------w c:\windows\ServicePackFiles\i386\lhmstsc.exe
+ 2008-04-14 00:11:56 2,061,824 ------w c:\windows\ServicePackFiles\i386\lhmstscx.dll
+ 2008-04-14 10:41:58 423,936 ------w c:\windows\ServicePackFiles\i386\licdll.dll
+ 2008-04-14 00:11:56 22,016 ------w c:\windows\ServicePackFiles\i386\licmgr10.dll
+ 2008-04-14 00:11:56 58,880 ------w c:\windows\ServicePackFiles\i386\licwmi.dll
+ 2008-04-14 00:11:56 19,968 ------w c:\windows\ServicePackFiles\i386\linkinfo.dll
+ 2008-04-14 00:11:56 13,824 ------w c:\windows\ServicePackFiles\i386\lmhsvc.dll
+ 2008-04-14 00:11:56 33,792 ------w c:\windows\ServicePackFiles\i386\lmmib2.dll
+ 2008-04-14 00:11:56 399,872 ------w c:\windows\ServicePackFiles\i386\lmrt.dll
+ 2008-04-14 00:11:56 97,280 ------w c:\windows\ServicePackFiles\i386\loadperf.dll
+ 2008-04-14 00:11:56 221,696 ------w c:\windows\ServicePackFiles\i386\localsec.dll
+ 2008-04-14 00:11:56 343,040 ------w c:\windows\ServicePackFiles\i386\localspl.dll
+ 2008-04-14 00:11:56 11,776 ------w c:\windows\ServicePackFiles\i386\localui.dll
+ 2008-04-14 00:12:24 75,264 ------w c:\windows\ServicePackFiles\i386\locator.exe
+ 2008-04-14 00:11:56 19,968 ------w c:\windows\ServicePackFiles\i386\log.dll
+ 2008-04-14 00:12:24 59,392 ------w c:\windows\ServicePackFiles\i386\logman.exe
+ 2008-04-14 00:12:43 220,672 ------w c:\windows\ServicePackFiles\i386\logon.scr
+ 2008-04-14 00:12:24 514,560 ------w c:\windows\ServicePackFiles\i386\logonui.exe
+ 2008-04-14 00:11:56 13,312 ------w c:\windows\ServicePackFiles\i386\lonsint.dll
+ 2008-04-14 00:11:56 22,528 ------w c:\windows\ServicePackFiles\i386\lpdsvc.dll
+ 2008-04-14 00:11:56 22,016 ------w c:\windows\ServicePackFiles\i386\lpk.dll
+ 2008-04-14 00:11:56 10,240 ------w c:\windows\ServicePackFiles\i386\lprhelp.dll
+ 2008-04-14 00:11:56 18,944 ------w c:\windows\ServicePackFiles\i386\lprmon.dll
+ 2008-04-14 00:11:56 728,064 ------w c:\windows\ServicePackFiles\i386\lsasrv.dll
+ 2008-04-14 00:12:24 13,312 ------w c:\windows\ServicePackFiles\i386\lsass.exe
+ 2004-08-04 03:41:36 606,684 ------w c:\windows\ServicePackFiles\i386\ltmdmnt.sys
+ 2004-08-04 03:41:38 420,992 ------w c:\windows\ServicePackFiles\i386\ltmdmntt.sys
+ 2008-04-13 18:40:52 7,040 ------w c:\windows\ServicePackFiles\i386\ltotape.sys
+ 2004-08-04 03:39:32 20,864 ------w c:\windows\ServicePackFiles\i386\lwadihid.sys
+ 2008-04-14 00:12:24 72,704 ------w c:\windows\ServicePackFiles\i386\magnify.exe
+ 2008-04-14 00:12:25 57,344 ------w c:\windows\ServicePackFiles\i386\makecab.exe
+ 2008-04-14 00:11:56 14,336 ------w c:\windows\ServicePackFiles\i386\mcastmib.dll
+ 2008-04-14 00:11:56 84,480 ------w c:\windows\ServicePackFiles\i386\mciavi32.dll
+ 2008-04-14 00:11:56 35,328 ------w c:\windows\ServicePackFiles\i386\mciqtz32.dll
+ 2008-04-14 00:11:56 23,040 ------w c:\windows\ServicePackFiles\i386\mciseq.dll
+ 2008-04-14 00:11:56 23,552 ------w c:\windows\ServicePackFiles\i386\mciwave.dll
+ 2008-04-14 00:11:56 37,888 ------w c:\windows\ServicePackFiles\i386\md5filt.dll
+ 2008-04-14 00:11:56 118,272 ------w c:\windows\ServicePackFiles\i386\mdminst.dll
+ 2008-04-14 00:11:56 86,016 ------w c:\windows\ServicePackFiles\i386\mdmxsdk.dll
+ 2004-08-04 03:41:56 11,868 ------w c:\windows\ServicePackFiles\i386\mdmxsdk.sys
+ 2008-04-14 00:11:56 16,896 ------w c:\windows\ServicePackFiles\i386\medctroc.dll
+ 2008-04-13 18:41:21 26,112 ------w c:\windows\ServicePackFiles\i386\memstpci.sys
+ 2008-04-14 00:11:56 85,504 ------w c:\windows\ServicePackFiles\i386\metada51.dll
+ 2008-04-13 18:36:41 63,744 ------w c:\windows\ServicePackFiles\i386\mf.sys
+ 2008-04-14 00:11:56 40,960 ------w c:\windows\ServicePackFiles\i386\mf3216.dll
+ 2008-04-14 00:11:56 927,504 ------w c:\windows\ServicePackFiles\i386\mfc40u.dll


+ 2008-04-14 00:11:56 1,028,096 ------w c:\windows\ServicePackFiles\i386\mfc42.dll
+ 2006-10-14 08:13:25 981,760 ------w c:\windows\ServicePackFiles\i386\mfc42u.dll
+ 2008-04-14 00:11:56 22,528 ------w c:\windows\ServicePackFiles\i386\mfcsubs.dll
+ 2008-04-14 00:11:56 14,848 ------w c:\windows\ServicePackFiles\i386\mgmtapi.dll
+ 2004-07-20 00:54:06 712,704 ------w c:\windows\ServicePackFiles\i386\microsoft.jscript.dll
+ 2004-07-20 00:54:06 286,720 ------w c:\windows\ServicePackFiles\i386\microsoft.visualbasic.dll
+ 2008-04-14 00:11:57 18,944 ------w c:\windows\ServicePackFiles\i386\midimap.dll
+ 2008-04-14 00:11:57 274,432 ------w c:\windows\ServicePackFiles\i386\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w c:\windows\ServicePackFiles\i386\migisma.dll
+ 2008-04-14 00:11:57 60,928 ------w c:\windows\ServicePackFiles\i386\miglibnt.dll
+ 2008-04-14 00:12:25 103,936 ------w c:\windows\ServicePackFiles\i386\migload.exe
+ 2008-04-14 00:12:25 7,680 ------w c:\windows\ServicePackFiles\i386\migregdb.exe
+ 2008-04-14 00:12:25 245,248 ------w c:\windows\ServicePackFiles\i386\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w c:\windows\ServicePackFiles\i386\migwiza.exe
+ 2008-04-14 00:11:57 29,696 ------w c:\windows\ServicePackFiles\i386\mimefilt.dll
+ 2008-04-14 00:11:57 586,240 ------w c:\windows\ServicePackFiles\i386\mlang.dll
+ 2008-04-14 00:12:25 1,414,656 ------w c:\windows\ServicePackFiles\i386\mmc.exe
+ 2008-04-14 00:11:57 184,320 ------w c:\windows\ServicePackFiles\i386\mmc30.dll
+ 2008-04-14 00:11:57 28,672 ------w c:\windows\ServicePackFiles\i386\mmc30r.dll
+ 2008-04-14 00:11:57 163,328 ------w c:\windows\ServicePackFiles\i386\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w c:\windows\ServicePackFiles\i386\mmcex.dll
+ 2008-04-14 00:11:57 40,960 ------w c:\windows\ServicePackFiles\i386\mmcexr.dll
+ 2008-04-14 00:11:57 106,496 ------w c:\windows\ServicePackFiles\i386\mmcfxc.dll
+ 2008-04-14 00:11:57 6,656 ------w c:\windows\ServicePackFiles\i386\mmcfxcr.dll
+ 2008-04-14 00:11:57 1,872,896 ------w c:\windows\ServicePackFiles\i386\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w c:\windows\ServicePackFiles\i386\mmcperf.exe
+ 2008-04-14 00:11:57 61,440 ------w c:\windows\ServicePackFiles\i386\mmcshext.dll
+ 2008-04-14 00:11:57 17,408 ------w c:\windows\ServicePackFiles\i386\mmfutil.dll
+ 2004-08-10 11:00:00 68,768 ------w c:\windows\ServicePackFiles\i386\mmsystem.dll
+ 2008-04-14 00:11:57 34,560 ------w c:\windows\ServicePackFiles\i386\mnmdd.dll
+ 2008-04-14 00:12:25 32,768 ------w c:\windows\ServicePackFiles\i386\mnmsrvc.exe
+ 2008-04-14 00:11:57 207,360 ------w c:\windows\ServicePackFiles\i386\mobsync.dll
+ 2008-04-14 00:12:26 143,360 ------w c:\windows\ServicePackFiles\i386\mobsync.exe
+ 2008-04-13 19:00:19 30,080 ------w c:\windows\ServicePackFiles\i386\modem.sys
+ 2008-04-14 00:11:57 153,600 ------w c:\windows\ServicePackFiles\i386\modemui.dll
+ 2008-04-14 00:12:26 16,384 ------w c:\windows\ServicePackFiles\i386\mofcomp.exe
+ 2008-04-14 00:11:57 123,904 ------w c:\windows\ServicePackFiles\i386\mofd.dll
+ 2008-04-14 00:12:42 16,896 ------w c:\windows\ServicePackFiles\i386\more.com
+ 2008-04-13 16:45:30 216,064 ------w c:\windows\ServicePackFiles\i386\moricons.dll
+ 2008-04-13 18:39:47 23,040 ------w c:\windows\ServicePackFiles\i386\mouclass.sys
+ 2008-04-13 18:39:46 42,368 ------w c:\windows\ServicePackFiles\i386\mountmgr.sys
+ 2008-04-14 00:12:27 3,558,912 ------w c:\windows\ServicePackFiles\i386\moviemk.exe
+ 2008-04-13 18:46:22 15,232 ------w c:\windows\ServicePackFiles\i386\mpe.sys
+ 2008-04-14 00:12:27 123,392 ------w c:\windows\ServicePackFiles\i386\mplay32.exe
+ 2008-04-14 00:11:57 59,904 ------w c:\windows\ServicePackFiles\i386\mpr.dll
+ 2008-04-14 00:11:57 87,040 ------w c:\windows\ServicePackFiles\i386\mprapi.dll
+ 2008-04-14 00:11:57 53,248 ------w c:\windows\ServicePackFiles\i386\mprdim.dll
+ 2008-04-13 18:39:44 92,544 ------w c:\windows\ServicePackFiles\i386\mqac.sys
+ 2008-04-14 00:11:57 138,240 ------w c:\windows\ServicePackFiles\i386\mqad.dll
+ 2008-04-14 00:12:27 19,968 ------w c:\windows\ServicePackFiles\i386\mqbkup.exe
+ 2008-04-14 00:11:57 47,616 ------w c:\windows\ServicePackFiles\i386\mqdscli.dll
+ 2008-04-14 00:11:57 16,896 ------w c:\windows\ServicePackFiles\i386\mqise.dll
+ 2008-04-14 00:11:57 89,088 ------w c:\windows\ServicePackFiles\i386\mqlogmgr.dll
+ 2008-04-14 00:11:57 225,280 ------w c:\windows\ServicePackFiles\i386\mqoa.dll
+ 2008-04-14 00:11:57 663,040 ------w c:\windows\ServicePackFiles\i386\mqqm.dll
+ 2008-04-14 00:11:57 177,152 ------w c:\windows\ServicePackFiles\i386\mqrt.dll
+ 2008-04-14 00:11:57 123,904 ------w c:\windows\ServicePackFiles\i386\mqrtdep.dll
+ 2008-04-14 00:11:57 95,744 ------w c:\windows\ServicePackFiles\i386\mqsec.dll
+ 2008-04-14 00:11:58 517,632 ------w c:\windows\ServicePackFiles\i386\mqsnap.dll
+ 2008-04-14 00:12:27 4,608 ------w c:\windows\ServicePackFiles\i386\mqsvc.exe
+ 2008-04-14 00:12:27 117,248 ------w c:\windows\ServicePackFiles\i386\mqtgsvc.exe
+ 2008-04-14 00:11:58 187,392 ------w c:\windows\ServicePackFiles\i386\mqtrig.dll
+ 2008-04-14 00:11:58 49,152 ------w c:\windows\ServicePackFiles\i386\mqupgrd.dll
+ 2008-04-14 00:11:58 471,552 ------w c:\windows\ServicePackFiles\i386\mqutil.dll
+ 2008-04-13 18:32:44 180,608 ------w c:\windows\ServicePackFiles\i386\mrxdav.sys
+ 2008-04-13 19:17:01 456,576 ------w c:\windows\ServicePackFiles\i386\mrxsmb.sys
+ 2008-04-14 00:11:58 71,680 ------w c:\windows\ServicePackFiles\i386\msacm32.dll
+ 2008-04-14 00:11:58 331,776 ------w c:\windows\ServicePackFiles\i386\msadce.dll
+ 2008-04-13 17:25:57 20,480 ------w c:\windows\ServicePackFiles\i386\msadcer.dll
+ 2008-04-14 00:11:58 61,440 ------w c:\windows\ServicePackFiles\i386\msadcf.dll
+ 2008-04-13 17:25:57 16,384 ------w c:\windows\ServicePackFiles\i386\msadcfr.dll
+ 2008-04-14 00:11:58 143,360 ------w c:\windows\ServicePackFiles\i386\msadco.dll
+ 2008-04-13 17:25:57 16,384 ------w c:\windows\ServicePackFiles\i386\msadcor.dll
+ 2008-04-14 00:11:58 53,248 ------w c:\windows\ServicePackFiles\i386\msadcs.dll
+ 2008-04-14 00:11:58 155,648 ------w c:\windows\ServicePackFiles\i386\msadds.dll
+ 2008-04-13 17:25:58 24,576 ------w c:\windows\ServicePackFiles\i386\msaddsr.dll
+ 2008-04-13 17:26:17 24,576 ------w c:\windows\ServicePackFiles\i386\msader15.dll
+ 2008-04-14 00:11:58 536,576 ------w c:\windows\ServicePackFiles\i386\msado15.dll
+ 2008-04-14 00:11:58 180,224 ------w c:\windows\ServicePackFiles\i386\msadomd.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msador15.dll
+ 2008-04-14 00:11:58 200,704 ------w c:\windows\ServicePackFiles\i386\msadox.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msadrh15.dll
+ 2008-04-14 00:10:06 3,584 ------w c:\windows\ServicePackFiles\i386\msafd.dll
+ 2008-04-14 00:11:58 86,016 ------w c:\windows\ServicePackFiles\i386\msapsspc.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msasn1.dll
+ 2008-04-14 00:11:58 220,160 ------w c:\windows\ServicePackFiles\i386\mscandui.dll
+ 2008-04-14 00:11:58 73,728 ------w c:\windows\ServicePackFiles\i386\mscms.dll
+ 2008-04-14 00:11:58 69,632 ------w c:\windows\ServicePackFiles\i386\msconf.dll
+ 2008-04-14 00:12:27 169,984 ------w c:\windows\ServicePackFiles\i386\msconfig.exe
+ 2004-08-10 11:00:00 116,288 ------w c:\windows\ServicePackFiles\i386\msconv97.dll
+ 2004-07-20 00:54:06 1,564,672 ------w c:\windows\ServicePackFiles\i386\mscorcfg.dll
+ 2004-08-04 04:12:02 69,632 ------w c:\windows\ServicePackFiles\i386\mscordbc.dll
+ 2004-08-04 04:12:02 221,184 ------w c:\windows\ServicePackFiles\i386\mscordbi.dll
+ 2007-06-27 12:55:10 131,072 ------w c:\windows\ServicePackFiles\i386\mscoree.dll
+ 2007-01-02 21:29:12 73,728 ------w c:\windows\ServicePackFiles\i386\mscorie.dll
+ 2004-07-20 00:54:08 303,104 ------w c:\windows\ServicePackFiles\i386\mscorjit.dll
+ 2007-01-02 21:29:12 86,016 ------w c:\windows\ServicePackFiles\i386\mscorld.dll
+ 2007-01-02 21:21:20 1,998,848 ------w c:\windows\ServicePackFiles\i386\mscorlib.dll
+ 2004-08-04 04:12:08 94,208 ------w c:\windows\ServicePackFiles\i386\mscorpe.dll
+ 2004-08-04 04:12:08 143,360 ------w c:\windows\ServicePackFiles\i386\mscorrc.chs.dll
+ 2004-08-04 04:12:08 143,360 ------w c:\windows\ServicePackFiles\i386\mscorrc.cht.dll
+ 2004-08-04 04:12:08 143,360 ------w c:\windows\ServicePackFiles\i386\mscorrc.dll
+ 2004-08-04 04:12:10 172,032 ------w c:\windows\ServicePackFiles\i386\mscorrc.es.dll
+ 2004-08-04 04:12:10 172,032 ------w c:\windows\ServicePackFiles\i386\mscorrc.fr.dll
+ 2004-08-04 04:12:10 167,936 ------w c:\windows\ServicePackFiles\i386\mscorrc.ger.dll
+ 2004-08-04 04:12:10 167,936 ------w c:\windows\ServicePackFiles\i386\mscorrc.it.dll
+ 2004-08-04 04:12:10 143,360 ------w c:\windows\ServicePackFiles\i386\mscorrc.ja.dll
+ 2004-08-04 04:12:10 143,360 ------w c:\windows\ServicePackFiles\i386\mscorrc.kor.dll
+ 2004-08-04 04:12:10 46,592 ------w c:\windows\ServicePackFiles\i386\mscorsec.dll
+ 2004-08-04 04:12:10 69,632 ------w c:\windows\ServicePackFiles\i386\mscorsn.dll
+ 2007-12-17 11:58:53 2,273,280 ------w c:\windows\ServicePackFiles\i386\mscorsvr.dll
+ 2004-08-04 04:12:14 8,704 ------w c:\windows\ServicePackFiles\i386\mscortim.dll
+ 2007-12-17 11:59:26 2,281,472 ------w c:\windows\ServicePackFiles\i386\mscorwks.dll
+ 2008-04-13 17:26:07 12,288 ------w c:\windows\ServicePackFiles\i386\mscpx32r.dll
+ 2008-04-14 00:11:58 36,864 ------w c:\windows\ServicePackFiles\i386\mscpxl32.dll
+ 2008-04-14 00:11:58 297,984 ------w c:\windows\ServicePackFiles\i386\msctf.dll
+ 2008-04-14 00:11:58 68,608 ------w c:\windows\ServicePackFiles\i386\msctfp.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdadc.dll
+ 2008-04-14 00:11:58 118,784 ------w c:\windows\ServicePackFiles\i386\msdadiag.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdaenum.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdaer.dll
+ 2008-04-14 00:11:58 532,480 ------w c:\windows\ServicePackFiles\i386\msdaipp.dll
+ 2008-04-14 00:11:58 233,472 ------w c:\windows\ServicePackFiles\i386\msdaora.dll
+ 2008-04-13 17:24:14 16,384 ------w c:\windows\ServicePackFiles\i386\msdaorar.dll
+ 2008-04-14 00:11:58 77,824 ------w c:\windows\ServicePackFiles\i386\msdaosp.dll
+ 2008-04-13 17:25:58 16,384 ------w c:\windows\ServicePackFiles\i386\msdaprsr.dll
+ 2008-04-14 00:11:58 200,704 ------w c:\windows\ServicePackFiles\i386\msdaprst.dll
+ 2008-04-14 00:11:59 204,800 ------w c:\windows\ServicePackFiles\i386\msdaps.dll
+ 2008-04-14 00:11:59 118,784 ------w c:\windows\ServicePackFiles\i386\msdarem.dll
+ 2008-04-13 17:25:58 16,384 ------w c:\windows\ServicePackFiles\i386\msdaremr.dll
+ 2008-04-14 00:11:59 151,552 ------w c:\windows\ServicePackFiles\i386\msdart.dll
+ 2008-04-14 00:11:59 4,096 ------w c:\windows\ServicePackFiles\i386\msdasc.dll
+ 2008-04-14 00:11:59 315,392 ------w c:\windows\ServicePackFiles\i386\msdasql.dll
+ 2008-04-13 17:26:07 16,384 ------w c:\windows\ServicePackFiles\i386\msdasqlr.dll
+ 2008-04-14 00:11:59 94,208 ------w c:\windows\ServicePackFiles\i386\msdatl3.dll
+ 2008-04-14 00:11:59 20,480 ------w c:\windows\ServicePackFiles\i386\msdatt.dll
+ 2008-04-14 00:11:59 4,096 ------w c:\windows\ServicePackFiles\i386\msdaurl.dll
+ 2008-04-14 00:11:59 36,864 ------w c:\windows\ServicePackFiles\i386\msdfmap.dll
+ 2008-04-14 00:11:59 14,336 ------w c:\windows\ServicePackFiles\i386\msdmo.dll
+ 2008-04-14 00:12:27 6,144 ------w c:\windows\ServicePackFiles\i386\msdtc.exe
+ 2008-04-14 00:11:59 58,880 ------w c:\windows\ServicePackFiles\i386\msdtclog.dll
+ 2008-04-14 00:11:59 427,008 ------w c:\windows\ServicePackFiles\i386\msdtcprx.dll
+ 2008-04-14 00:11:59 90,112 ------w c:\windows\ServicePackFiles\i386\msdtcstp.dll
+ 2008-04-14 00:11:59 956,928 ------w c:\windows\ServicePackFiles\i386\msdtctm.dll
+ 2008-04-14 00:11:59 161,792 ------w c:\windows\ServicePackFiles\i386\msdtcuiu.dll
+ 2008-04-13 18:46:09 51,200 ------w c:\windows\ServicePackFiles\i386\msdv.sys
+ 2008-03-25 04:50:28 518,944 ------w c:\windows\ServicePackFiles\i386\msexch40.dll
+ 2008-03-25 04:50:30 326,432 ------w c:\windows\ServicePackFiles\i386\msexcl40.dll
+ 2008-04-13 18:32:39 19,072 ------w c:\windows\ServicePackFiles\i386\msfs.sys
+ 2008-04-14 00:11:59 539,136 ------w c:\windows\ServicePackFiles\i386\msftedit.dll
+ 2008-04-14 00:11:59 997,376 ------w c:\windows\ServicePackFiles\i386\msgina.dll
+ 2008-04-13 18:56:32 35,072 ------w c:\windows\ServicePackFiles\i386\msgpc.sys
+ 2008-04-14 00:11:59 3,166,208 ------w c:\windows\ServicePackFiles\i386\msgr3en.dll
+ 2008-04-14 00:11:59 15,360 ------w c:\windows\ServicePackFiles\i386\msgrocm.dll
+ 2008-04-14 00:11:59 82,944 ------w c:\windows\ServicePackFiles\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w c:\windows\ServicePackFiles\i386\msgslang.dll
+ 2008-04-14 00:11:59 33,792 ------w c:\windows\ServicePackFiles\i386\msgsvc.dll
+ 2008-04-14 00:12:45 188,416 ------w c:\windows\ServicePackFiles\i386\msh261.drv
+ 2008-04-14 00:12:45 294,912 ------w c:\windows\ServicePackFiles\i386\msh263.drv
+ 2008-04-14 00:12:27 29,184 ------w c:\windows\ServicePackFiles\i386\mshta.exe
+ 2008-04-14 00:11:59 3,066,880 ------w c:\windows\ServicePackFiles\i386\mshtml.dll
+ 2008-04-14 00:11:59 449,024 ------w c:\windows\ServicePackFiles\i386\mshtmled.dll
+ 2008-04-13 16:26:26 56,832 ------w c:\windows\ServicePackFiles\i386\mshtmler.dll
+ 2008-04-14 00:11:59 2,843,136 ------w c:\windows\ServicePackFiles\i386\msi.dll
+ 2008-04-14 00:11:59 51,712 ------w c:\windows\ServicePackFiles\i386\msident.dll
+ 2008-04-14 00:11:59 6,656 ------w c:\windows\ServicePackFiles\i386\msidle.dll
+ 2008-04-14 00:11:59 248,832 ------w c:\windows\ServicePackFiles\i386\msieftp.dll
+ 2008-04-14 00:12:28 78,848 ------w c:\windows\ServicePackFiles\i386\msiexec.exe
+ 2008-04-14 00:11:59 271,360 ------w c:\windows\ServicePackFiles\i386\msihnd.dll
+ 2008-04-14 00:11:59 4,608 ------w c:\windows\ServicePackFiles\i386\msimg32.dll
+ 2008-04-14 00:12:28 60,416 ------w c:\windows\ServicePackFiles\i386\msimn.exe
+ 2008-04-13 15:39:43 884,736 ------w c:\windows\ServicePackFiles\i386\msimsg.dll
+ 2008-04-14 00:11:59 159,232 ------w c:\windows\ServicePackFiles\i386\msimtf.dll
+ 2008-04-14 00:11:59 376,832 ------w c:\windows\ServicePackFiles\i386\msinfo.dll
+ 2008-04-13 18:54:28 22,016 ------w c:\windows\ServicePackFiles\i386\msircomm.sys
+ 2008-04-14 00:12:28 40,960 ------w c:\windows\ServicePackFiles\i386\msiregmv.exe
+ 2008-04-14 00:11:59 15,360 ------w c:\windows\ServicePackFiles\i386\msisip.dll
+ 2008-03-25 04:50:34 1,516,568 ------w c:\windows\ServicePackFiles\i386\msjet40.dll
+ 2008-03-25 04:50:40 355,112 ------w c:\windows\ServicePackFiles\i386\msjetol1.dll
+ 2008-04-14 00:12:00 151,583 ------w c:\windows\ServicePackFiles\i386\msjint40.dll
+ 2008-04-14 00:12:00 102,400 ------w c:\windows\ServicePackFiles\i386\msjro.dll
+ 2008-03-25 04:50:42 60,192 ------w c:\windows\ServicePackFiles\i386\msjter40.dll
+ 2008-03-25 04:50:42 248,608 ------w c:\windows\ServicePackFiles\i386\msjtes40.dll
+ 2008-04-13 18:39:52 7,552 ------w c:\windows\ServicePackFiles\i386\mskssrv.sys
+ 2008-04-14 00:12:00 25,088 ------w c:\windows\ServicePackFiles\i386\mslbui.dll
+ 2008-03-25 04:50:44 219,936 ------w c:\windows\ServicePackFiles\i386\msltus40.dll
+ 2008-04-14 00:12:00 39,936 ------w c:\windows\ServicePackFiles\i386\mslwvtts.dll
+ 2008-04-14 00:12:00 170,496 ------w c:\windows\ServicePackFiles\i386\msmqocm.dll
+ 2008-04-14 00:12:28 1,695,232 ------w c:\windows\ServicePackFiles\i386\msmsgs.exe
+ 2004-08-10 11:00:00 11,053,008 ------w c:\windows\ServicePackFiles\i386\msncli.exe
+ 2008-04-14 00:12:00 290,816 ------w c:\windows\ServicePackFiles\i386\msnsspc.dll
+ 2004-08-10 11:00:00 1,327,320 ------w c:\windows\ServicePackFiles\i386\msnsusii.exe
+ 2008-04-14 00:12:00 122,368 ------w c:\windows\ServicePackFiles\i386\msobcomm.dll
+ 2008-04-14 00:12:00 16,384 ------w c:\windows\ServicePackFiles\i386\msobdl.dll
+ 2008-04-14 00:12:00 565,248 ------w c:\windows\ServicePackFiles\i386\msobmain.dll
+ 2008-04-14 00:12:00 30,720 ------w c:\windows\ServicePackFiles\i386\msobshel.dll
+ 2008-04-14 00:12:00 19,456 ------w c:\windows\ServicePackFiles\i386\msobweb.dll
+ 2008-04-14 00:12:00 1,314,816 ------w c:\windows\ServicePackFiles\i386\msoe.dll
+ 2008-04-14 00:12:00 252,928 ------w c:\windows\ServicePackFiles\i386\msoeacct.dll
+ 2008-04-13 16:23:54 2,479,616 ------w c:\windows\ServicePackFiles\i386\msoeres.dll
+ 2008-04-14 00:12:00 105,984 ------w c:\windows\ServicePackFiles\i386\msoert2.dll
+ 2008-04-14 00:12:28 29,184 ------w c:\windows\ServicePackFiles\i386\msoobe.exe
+ 2008-04-13 17:24:14 20,480 ------w c:\windows\ServicePackFiles\i386\msorc32r.dll
+ 2008-04-14 00:12:00 143,360 ------w c:\windows\ServicePackFiles\i386\msorcl32.dll
+ 2008-04-14 00:12:28 343,040 ------w c:\windows\ServicePackFiles\i386\mspaint.exe
+ 2008-04-14 00:12:00 29,696 ------w c:\windows\ServicePackFiles\i386\mspatcha.dll
+ 2008-03-25 04:50:45 355,104 ------w c:\windows\ServicePackFiles\i386\mspbde40.dll
+ 2008-04-13 18:39:50 5,376 ------w c:\windows\ServicePackFiles\i386\mspclock.sys
+ 2008-04-13 18:39:51 4,992 ------w c:\windows\ServicePackFiles\i386\mspqm.sys
+ 2008-04-13 16:23:31 48,128 ------w c:\windows\ServicePackFiles\i386\msprivs.dll
+ 2008-04-14 00:12:00 146,432 ------w c:\windows\ServicePackFiles\i386\msrating.dll
+ 2008-03-25 04:50:47 432,928 ------w c:\windows\ServicePackFiles\i386\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 ------w c:\windows\ServicePackFiles\i386\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 ------w c:\windows\ServicePackFiles\i386\msrepl40.dll
+ 2008-04-14 00:12:00 11,264 ------w c:\windows\ServicePackFiles\i386\msrle32.dll
+ 2008-04-14 00:12:00 134,656 ------w c:\windows\ServicePackFiles\i386\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w c:\windows\ServicePackFiles\i386\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w c:\windows\ServicePackFiles\i386\msshamsg.dll
+ 2008-04-13 18:36:46 15,488 ------w c:\windows\ServicePackFiles\i386\mssmbios.sys
+ 2008-04-14 00:12:00 274,432 ------w c:\windows\ServicePackFiles\i386\mst120.dll
+ 2008-04-14 00:12:00 57,344 ------w c:\windows\ServicePackFiles\i386\mst123.dll
+ 2008-04-13 18:46:08 49,024 ------w c:\windows\ServicePackFiles\i386\mstape.sys
+ 2008-04-14 00:12:00 274,944 ------w c:\windows\ServicePackFiles\i386\mstask.dll
+ 2008-04-13 18:39:50 5,504 ------w c:\windows\ServicePackFiles\i386\mstee.sys
+ 2008-03-25 04:50:55 264,992 ------w c:\windows\ServicePackFiles\i386\mstext40.dll
+ 2008-04-14 00:12:00 532,480 ------w c:\windows\ServicePackFiles\i386\mstime.dll
+ 2008-04-14 00:12:29 12,288 ------w c:\windows\ServicePackFiles\i386\mstinit.exe
+ 2008-04-14 00:12:00 116,224 ------w c:\windows\ServicePackFiles\i386\mstlsapi.dll
+ 2008-04-14 00:12:00 195,072 ------w c:\windows\ServicePackFiles\i386\msutb.dll
+ 2008-04-14 00:12:00 132,608 ------w c:\windows\ServicePackFiles\i386\msv1_0.dll
+ 2008-04-14 00:12:00 1,384,479 ------w c:\windows\ServicePackFiles\i386\msvbvm60.dll
+ 2008-04-14 00:12:01 57,344 ------w c:\windows\ServicePackFiles\i386\msvcirt.dll
+ 2008-04-14 00:12:01 413,696 ------w c:\windows\ServicePackFiles\i386\msvcp60.dll
+ 2008-04-14 00:12:01 343,040 ------w c:\windows\ServicePackFiles\i386\msvcrt.dll
+ 2008-04-13 18:30:46 61,440 ------w c:\windows\ServicePackFiles\i386\msvcrt40.dll
+ 2008-04-14 00:12:01 121,344 ------w c:\windows\ServicePackFiles\i386\msvfw32.dll
+ 2008-04-14 00:12:01 1,428,992 ------w c:\windows\ServicePackFiles\i386\msvidctl.dll
+ 2008-04-14 00:12:01 72,704 ------w c:\windows\ServicePackFiles\i386\msw3prt.dll
+ 2008-03-25 04:50:57 838,432 ------w c:\windows\ServicePackFiles\i386\mswdat10.dll
+ 2008-04-14 00:12:01 203,776 ------w c:\windows\ServicePackFiles\i386\mswebdvd.dll
+ 2008-04-14 00:12:01 245,248 ------w c:\windows\ServicePackFiles\i386\mswsock.dll
+ 2008-03-25 04:50:58 621,344 ------w c:\windows\ServicePackFiles\i386\mswstr10.dll
+ 2008-04-14 00:12:01 24,576 ------w c:\windows\ServicePackFiles\i386\msxactps.dll
+ 2008-03-25 04:50:58 355,104 ------w c:\windows\ServicePackFiles\i386\msxbde40.dll
+ 2008-04-14 00:12:01 506,368 ------w c:\windows\ServicePackFiles\i386\msxml.dll
+ 2008-04-14 00:12:01 701,440 ------w c:\windows\ServicePackFiles\i386\msxml2.dll
+ 2008-04-14 00:12:01 1,104,896 ------w c:\windows\ServicePackFiles\i386\msxml3.dll
+ 2008-04-14 00:12:01 16,896 ------w c:\windows\ServicePackFiles\i386\msyuv.dll
+ 2004-08-04 03:41:40 126,686 ------w c:\windows\ServicePackFiles\i386\mtlmnt5.sys
+ 2004-08-04 03:41:38 1,309,184 ------w c:\windows\ServicePackFiles\i386\mtlstrm.sys
+ 2008-04-14 00:12:29 119,808 ------w c:\windows\ServicePackFiles\i386\mtstocom.exe
+ 2008-04-14 00:12:01 66,560 ------w c:\windows\ServicePackFiles\i386\mtxclu.dll
+ 2008-04-14 00:12:01 30,720 ------w c:\windows\ServicePackFiles\i386\mtxdm.dll
+ 2008-04-14 00:12:01 4,096 ------w c:\windows\ServicePackFiles\i386\mtxex.dll
+ 2008-04-14 00:12:01 34,304 ------w c:\windows\ServicePackFiles\i386\mtxlegih.dll
+ 2008-04-14 00:12:01 91,648 ------w c:\windows\ServicePackFiles\i386\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w c:\windows\ServicePackFiles\i386\mtxparhd.dll
+ 2004-08-04 03:29:38 452,736 ------w c:\windows\ServicePackFiles\i386\mtxparhm.sys
+ 2008-04-14 00:12:29 90,624 ------w c:\windows\ServicePackFiles\i386\muisetup.exe
+ 2008-04-13 19:17:05 105,344 ------w c:\windows\ServicePackFiles\i386\mup.sys
+ 2008-04-13 18:43:55 12,672 ------w c:\windows\ServicePackFiles\i386\mutohpen.sys
+ 2008-04-14 00:12:01 90,624 ------w c:\windows\ServicePackFiles\i386\mydocs.dll
+ 2008-04-13 18:46:25 85,248 ------w c:\windows\ServicePackFiles\i386\nabtsfec.sys
+ 2008-04-14 00:12:01 221,184 ------w c:\windows\ServicePackFiles\i386\nac.dll
+ 2008-04-14 00:12:01 30,208 ------w c:\windows\ServicePackFiles\i386\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w c:\windows\ServicePackFiles\i386\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w c:\windows\ServicePackFiles\i386\napstat.exe
+ 2008-04-14 00:12:29 53,760 ------w c:\windows\ServicePackFiles\i386\narrator.exe
+ 2008-04-14 00:12:01 36,352 ------w c:\windows\ServicePackFiles\i386\ncobjapi.dll
+ 2008-04-14 00:12:01 47,104 ------w c:\windows\ServicePackFiles\i386\ncprov.dll
+ 2008-04-14 00:12:01 9,728 ------w c:\windows\ServicePackFiles\i386\ncpsres.dll
+ 2008-04-14 00:12:01 17,920 ------w c:\windows\ServicePackFiles\i386\nddeapi.dll
+ 2008-04-14 00:12:29 4,096 ------w c:\windows\ServicePackFiles\i386\nddeapir.exe
+ 2008-04-14 00:12:01 18,944 ------w c:\windows\ServicePackFiles\i386\nddenb32.dll
+ 2008-04-13 19:20:37 182,656 ------w c:\windows\ServicePackFiles\i386\ndis.sys
+ 2008-04-13 18:46:22 10,880 ------w c:\windows\ServicePackFiles\i386\ndisip.sys
+ 2008-04-14 00:12:01 57,344 ------w c:\windows\ServicePackFiles\i386\ndisnpp.dll
+ 2008-04-13 18:57:27 10,112 ------w c:\windows\ServicePackFiles\i386\ndistapi.sys
+ 2008-04-13 18:55:58 14,592 ------w c:\windows\ServicePackFiles\i386\ndisuio.sys
+ 2008-04-13 19:20:42 91,520 ------w c:\windows\ServicePackFiles\i386\ndiswan.sys
+ 2008-04-13 18:57:29 40,576 ------w c:\windows\ServicePackFiles\i386\ndproxy.sys
+ 2008-04-14 00:12:29 42,496 ------w c:\windows\ServicePackFiles\i386\net.exe
+ 2008-04-14 00:12:29 124,928 ------w c:\windows\ServicePackFiles\i386\net1.exe
+ 2008-04-14 00:12:01 337,408 ------w c:\windows\ServicePackFiles\i386\netapi32.dll
+ 2008-04-13 18:56:02 34,688 ------w c:\windows\ServicePackFiles\i386\netbios.sys
+ 2008-04-13 19:21:00 162,816 ------w c:\windows\ServicePackFiles\i386\netbt.sys
+ 2008-04-14 00:12:01 622,592 ------w c:\windows\ServicePackFiles\i386\netcfgx.dll
+ 2008-04-14 00:12:29 111,104 ------w c:\windows\ServicePackFiles\i386\netdde.exe
+ 2004-08-10 11:00:00 126,976 ------w c:\windows\ServicePackFiles\i386\netfxocm.dll
+ 2007-12-17 11:59:53 82,976 ------w c:\windows\ServicePackFiles\i386\netfxupdate.exe
+ 2008-04-14 00:12:01 139,264 ------w c:\windows\ServicePackFiles\i386\netid.dll
+ 2008-04-14 00:12:01 407,040 ------w c:\windows\ServicePackFiles\i386\netlogon.dll
+ 2008-04-14 00:12:01 198,144 ------w c:\windows\ServicePackFiles\i386\netman.dll
+ 2008-04-14 00:12:01 77,312 ------w c:\windows\ServicePackFiles\i386\netoc.dll
+ 2008-04-14 00:12:01 875,008 ------w c:\windows\ServicePackFiles\i386\netplwiz.dll
+ 2008-04-14 00:12:01 11,776 ------w c:\windows\ServicePackFiles\i386\netrap.dll
+ 2008-04-14 00:16:51 329,728 ------w c:\windows\ServicePackFiles\i386\netsetup.exe
+ 2008-04-14 00:12:29 86,016 ------w c:\windows\ServicePackFiles\i386\netsh.exe
+ 2008-04-14 00:12:02 1,703,936 ------w c:\windows\ServicePackFiles\i386\netshell.dll
+ 2008-04-14 00:12:29 36,864 ------w c:\windows\ServicePackFiles\i386\netstat.exe
+ 2008-04-14 00:12:02 80,896 ------w c:\windows\ServicePackFiles\i386\netui0.dll
+ 2008-04-14 00:12:02 245,760 ------w c:\windows\ServicePackFiles\i386\netui1.dll
+ 2004-08-04 03:31:42 132,695 ------w c:\windows\ServicePackFiles\i386\netwlan5.sys
+ 2008-04-14 00:12:02 247,808 ------w c:\windows\ServicePackFiles\i386\newdev.dll
+ 2004-08-04 04:12:20 147,456 ------w c:\windows\ServicePackFiles\i386\ngen.exe
+ 2008-04-13 18:51:25 61,824 ------w c:\windows\ServicePackFiles\i386\nic1394.sys
+ 2008-04-14 00:12:02 98,304 ------w c:\windows\ServicePackFiles\i386\nlhtml.dll
+ 2008-04-14 00:12:02 229,376 ------w c:\windows\ServicePackFiles\i386\nmas.dll
+ 2008-04-14 00:12:02 28,672 ------w c:\windows\ServicePackFiles\i386\nmasnt.dll
+ 2008-04-14 00:12:02 81,920 ------w c:\windows\ServicePackFiles\i386\nmchat.dll
+ 2008-04-14 00:12:02 77,824 ------w c:\windows\ServicePackFiles\i386\nmcom.dll
+ 2008-04-14 00:12:02 151,552 ------w c:\windows\ServicePackFiles\i386\nmft.dll
+ 2008-04-14 00:12:02 28,672 ------w c:\windows\ServicePackFiles\i386\nmmkcert.dll
+ 2008-04-13 18:53:09 40,320 ------w c:\windows\ServicePackFiles\i386\nmnt.sys
+ 2008-04-14 00:12:02 172,032 ------w c:\windows\ServicePackFiles\i386\nmoldwb.dll
+ 2008-04-14 00:12:02 188,416 ------w c:\windows\ServicePackFiles\i386\nmwb.dll
+ 2008-04-14 00:12:29 69,120 ------w c:\windows\ServicePackFiles\i386\notepad.exe
+ 2008-04-13 18:32:39 30,848 ------w c:\windows\ServicePackFiles\i386\npfs.sys
+ 2008-04-14 00:12:29 15,360 ------w c:\windows\ServicePackFiles\i386\nppagent.exe
+ 2008-04-14 00:12:02 54,784 ------w c:\windows\ServicePackFiles\i386\npptools.dll
+ 2008-04-13 18:54:36 28,672 ------w c:\windows\ServicePackFiles\i386\nscirda.sys
+ 2008-04-14 00:12:02 44,544 ------w c:\windows\ServicePackFiles\i386\nsepm.dll
+ 2008-04-14 00:12:29 76,800 ------w c:\windows\ServicePackFiles\i386\nslookup.exe
+ 2008-04-14 00:12:30 1,200,640 ------w c:\windows\ServicePackFiles\i386\ntbackup.exe
+ 2004-08-10 11:00:00 47,564 ------w c:\windows\ServicePackFiles\i386\ntdetect.com
+ 2008-04-14 00:11:24 706,048 ------w c:\windows\ServicePackFiles\i386\ntdll.dll
+ 2008-04-14 00:12:02 67,072 ------w c:\windows\ServicePackFiles\i386\ntdsapi.dll
+ 2008-04-14 00:12:02 212,992 ------w c:\windows\ServicePackFiles\i386\ntevt.dll
+ 2008-04-13 19:15:53 574,976 ------w c:\windows\ServicePackFiles\i386\ntfs.sys
+ 2004-08-10 11:00:00 33,840 ------w c:\windows\ServicePackFiles\i386\ntio.sys
+ 2004-08-10 11:00:00 34,560 ------w c:\windows\ServicePackFiles\i386\ntio404.sys
+ 2004-08-10 11:00:00 35,648 ------w c:\windows\ServicePackFiles\i386\ntio411.sys
+ 2004-08-10 11:00:00 35,424 ------w c:\windows\ServicePackFiles\i386\ntio412.sys
+ 2004-08-10 11:00:00 34,560 ------w c:\windows\ServicePackFiles\i386\ntio804.sys
+ 2008-04-13 19:24:37 2,145,280 ------w c:\windows\ServicePackFiles\i386\ntkrnlmp.exe
+ 2008-04-13 18:31:21 2,065,792 ------w c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ------w c:\windows\ServicePackFiles\i386\ntkrpamp.exe
+ 2008-04-14 00:12:02 44,032 ------w c:\windows\ServicePackFiles\i386\ntlanman.dll
+ 2008-04-14 00:12:02 8,192 ------w c:\windows\ServicePackFiles\i386\ntlsapi.dll
+ 2008-04-14 00:12:02 118,784 ------w c:\windows\ServicePackFiles\i386\ntmarta.dll
+ 2008-04-14 00:12:02 40,960 ------w c:\windows\ServicePackFiles\i386\ntmsapi.dll
+ 2008-04-14 00:12:02 179,200 ------w c:\windows\ServicePackFiles\i386\ntmsdba.dll
+ 2008-04-14 00:12:02 488,448 ------w c:\windows\ServicePackFiles\i386\ntmsmgr.dll
+ 2008-04-14 00:12:02 435,200 ------w c:\windows\ServicePackFiles\i386\ntmssvc.dll
+ 2004-08-04 03:41:40 180,360 ------w c:\windows\ServicePackFiles\i386\ntmtlfax.sys
+ 2008-04-14 00:12:02 62,976 ------w c:\windows\ServicePackFiles\i386\ntoc.dll
+ 2008-04-13 19:27:53 2,188,928 ------w c:\windows\ServicePackFiles\i386\ntoskrnl.exe
+ 2008-04-14 00:12:02 91,136 ------w c:\windows\ServicePackFiles\i386\ntprint.dll
+ 2008-04-14 00:12:02 143,360 ------w c:\windows\ServicePackFiles\i386\ntshrui.dll
+ 2008-04-14 00:12:30 420,864 ------w c:\windows\ServicePackFiles\i386\ntvdm.exe
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\ntvdmd.dll
+ 2008-04-14 00:12:02 4,274,816 ------w c:\windows\ServicePackFiles\i386\nv4_disp.dll
+ 2004-08-04 04:29:56 1,897,408 ------w c:\windows\ServicePackFiles\i386\nv4_mini.sys
+ 2008-04-14 00:12:02 64,000 ------w c:\windows\ServicePackFiles\i386\nwapi32.dll
+ 2008-04-13 18:56:06 88,320 ------w c:\windows\ServicePackFiles\i386\nwlnkipx.sys
+ 2008-04-14 00:12:02 142,336 ------w c:\windows\ServicePackFiles\i386\nwprovau.dll
+ 2008-04-13 18:34:12 163,584 ------w c:\windows\ServicePackFiles\i386\nwrdr.sys
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\nwwks.dll
+ 2008-04-14 00:12:02 270,336 ------w c:\windows\ServicePackFiles\i386\oakley.dll
+ 2008-04-14 00:10:30 229,376 ------w c:\windows\ServicePackFiles\i386\obelog.dll
+ 2008-04-14 00:10:30 966,656 ------w c:\windows\ServicePackFiles\i386\obemetal.dll
+ 2007-04-02 18:44:11 77,824 ------w c:\windows\ServicePackFiles\i386\obemtllc.dll
+ 2008-04-14 00:10:30 86,016 ------w c:\windows\ServicePackFiles\i386\obepopc.dll
+ 2008-04-14 00:12:02 286,208 ------w c:\windows\ServicePackFiles\i386\objsel.dll
+ 2008-04-13 18:40:07 393,728 ------w c:\windows\ServicePackFiles\i386\obrb0401.dll
+ 2008-04-13 18:40:23 212,480 ------w c:\windows\ServicePackFiles\i386\obrb0404.dll
+ 2008-04-13 18:40:24 428,032 ------w c:\windows\ServicePackFiles\i386\obrb0405.dll
+ 2008-04-13 18:40:27 418,816 ------w c:\windows\ServicePackFiles\i386\obrb0406.dll
+ 2008-04-13 18:40:34 403,456 ------w c:\windows\ServicePackFiles\i386\obrb0407.dll
+ 2008-04-13 18:40:30 419,328 ------w c:\windows\ServicePackFiles\i386\obrb0408.dll
+ 2008-04-13 18:40:32 405,504 ------w c:\windows\ServicePackFiles\i386\obrb040b.dll
+ 2008-04-13 18:40:33 410,624 ------w c:\windows\ServicePackFiles\i386\obrb040c.dll
+ 2008-04-13 18:40:32 384,000 ------w c:\windows\ServicePackFiles\i386\obrb040d.dll
+ 2008-04-13 18:40:39 434,176 ------w c:\windows\ServicePackFiles\i386\obrb040e.dll
+ 2008-04-13 18:40:39 413,696 ------w c:\windows\ServicePackFiles\i386\obrb0410.dll
+ 2008-04-13 18:40:44 275,456 ------w c:\windows\ServicePackFiles\i386\obrb0411.dll
+ 2008-04-13 18:40:48 306,688 ------w c:\windows\ServicePackFiles\i386\obrb0412.dll
+ 2008-04-13 18:40:44 401,920 ------w c:\windows\ServicePackFiles\i386\obrb0413.dll
+ 2008-04-13 18:40:44 353,792 ------w c:\windows\ServicePackFiles\i386\obrb0414.dll
+ 2008-04-13 18:40:47 391,680 ------w c:\windows\ServicePackFiles\i386\obrb0415.dll
+ 2008-04-13 18:40:10 409,600 ------w c:\windows\ServicePackFiles\i386\obrb0416.dll
+ 2008-04-13 18:40:50 427,008 ------w c:\windows\ServicePackFiles\i386\obrb0419.dll
+ 2008-04-13 18:40:52 405,504 ------w c:\windows\ServicePackFiles\i386\obrb041b.dll
+ 2008-04-13 18:40:56 363,008 ------w c:\windows\ServicePackFiles\i386\obrb041d.dll
+ 2008-04-13 18:41:00 390,144 ------w c:\windows\ServicePackFiles\i386\obrb041f.dll
+ 2008-04-13 18:40:56 408,576 ------w c:\windows\ServicePackFiles\i386\obrb0424.dll
+ 2008-04-13 18:40:24 270,336 ------w c:\windows\ServicePackFiles\i386\obrb0804.dll
+ 2008-04-13 18:40:48 435,200 ------w c:\windows\ServicePackFiles\i386\obrb0816.dll
+ 2008-04-13 18:40:30 446,464 ------w c:\windows\ServicePackFiles\i386\obrb0c0a.dll
+ 2008-04-14 00:12:02 96,256 ------w c:\windows\ServicePackFiles\i386\occache.dll
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\ocgen.dll
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\ocmanage.dll
+ 2008-04-14 00:12:02 17,408 ------w c:\windows\ServicePackFiles\i386\ocmsn.dll
+ 2004-08-10 11:00:00 26,224 ------w c:\windows\ServicePackFiles\i386\odbc16gt.dll
+ 2008-04-14 00:12:02 249,856 ------w c:\windows\ServicePackFiles\i386\odbc32.dll
+ 2008-04-14 00:12:02 16,384 ------w c:\windows\ServicePackFiles\i386\odbc32gt.dll
+ 2008-04-14 00:12:30 32,768 ------w c:\windows\ServicePackFiles\i386\odbcad32.exe
+ 2008-04-14 00:12:02 24,576 ------w c:\windows\ServicePackFiles\i386\odbcbcp.dll
+ 2008-04-14 00:12:02 135,168 ------w c:\windows\ServicePackFiles\i386\odbcconf.dll
+ 2008-04-14 00:12:30 69,632 ------w c:\windows\ServicePackFiles\i386\odbcconf.exe
+ 2008-04-14 00:12:02 106,496 ------w c:\windows\ServicePackFiles\i386\odbccp32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\odbccu32.dll
+ 2008-04-13 17:26:05 94,208 ------w c:\windows\ServicePackFiles\i386\odbcint.dll
+ 2008-04-14 00:10:31 53,279 ------w c:\windows\ServicePackFiles\i386\odbcji32.dll
+ 2008-04-14 00:12:02 278,559 ------w c:\windows\ServicePackFiles\i386\odbcjt32.dll
+ 2008-04-13 17:26:05 12,288 ------w c:\windows\ServicePackFiles\i386\odbcp32r.dll
+ 2008-04-14 00:12:02 147,456 ------w c:\windows\ServicePackFiles\i386\odbctrac.dll
+ 2008-04-14 00:12:02 20,511 ------w c:\windows\ServicePackFiles\i386\oddbse32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odpdx32.dll
+ 2008-04-14 00:12:02 20,511 ------w c:\windows\ServicePackFiles\i386\odtext32.dll
+ 2008-04-14 00:12:02 104,448 ------w c:\windows\ServicePackFiles\i386\oeimport.dll
+ 2008-04-14 00:12:30 60,416 ------w c:\windows\ServicePackFiles\i386\oemig50.exe
+ 2008-04-14 00:12:02 35,328 ------w c:\windows\ServicePackFiles\i386\oemiglib.dll
+ 2008-04-14 00:12:02 192,000 ------w c:\windows\ServicePackFiles\i386\offfilt.dll
+ 2008-04-13 18:46:18 61,696 ------w c:\windows\ServicePackFiles\i386\ohci1394.sys
+ 2008-04-14 00:12:02 1,287,168 ------w c:\windows\ServicePackFiles\i386\ole32.dll
+ 2008-04-14 00:12:02 551,936 ------w c:\windows\ServicePackFiles\i386\oleaut32.dll
+ 2008-04-14 00:12:02 74,752 ------w c:\windows\ServicePackFiles\i386\olecli32.dll
+ 2008-04-14 00:12:02 37,376 ------w c:\windows\ServicePackFiles\i386\olecnv32.dll
+ 2008-04-14 00:12:02 487,424 ------w c:\windows\ServicePackFiles\i386\oledb32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\oledb32r.dll
+ 2008-04-14 00:12:02 122,880 ------w c:\windows\ServicePackFiles\i386\oledlg.dll
+ 2008-04-14 00:12:02 107,008 ------w c:\windows\ServicePackFiles\i386\oleprn.dll
+ 2008-04-14 00:12:02 84,992 ------w c:\windows\ServicePackFiles\i386\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w c:\windows\ServicePackFiles\i386\onex.dll
+ 2008-04-14 00:12:31 51,200 ------w c:\windows\ServicePackFiles\i386\oobebaln.exe
+ 2008-04-14 00:12:02 713,728 ------w c:\windows\ServicePackFiles\i386\opengl32.dll
+ 2008-04-14 00:12:31 67,584 ------w c:\windows\ServicePackFiles\i386\opnfiles.exe
+ 2008-04-13 18:32:32 166,912 ------w c:\windows\ServicePackFiles\i386\oschoice.exe
+ 2008-04-14 00:12:31 215,552 ------w c:\windows\ServicePackFiles\i386\osk.exe
+ 2008-04-13 18:31:43 230,400 ------w c:\windows\ServicePackFiles\i386\osloader.exe
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\osuninst.dll
+ 2008-04-14 00:12:02 153,600 ------w c:\windows\ServicePackFiles\i386\p2p.dll
+ 2008-04-14 00:12:02 105,472 ------w c:\windows\ServicePackFiles\i386\p2pgasvc.dll
+ 2008-04-14 00:12:02 313,856 ------w c:\windows\ServicePackFiles\i386\p2pgraph.dll
+ 2008-04-14 00:12:02 115,712 ------w c:\windows\ServicePackFiles\i386\p2pnetsh.dll
+ 2008-04-14 00:12:02 554,496 ------w c:\windows\ServicePackFiles\i386\p2psvc.dll
+ 2008-04-13 18:31:31 42,752 ------w c:\windows\ServicePackFiles\i386\p3.sys
+ 2008-04-14 00:12:31 58,368 ------w c:\windows\ServicePackFiles\i386\packager.exe
+ 2008-04-13 18:40:10 80,128 ------w c:\windows\ServicePackFiles\i386\parport.sys
+ 2008-04-13 18:40:49 19,712 ------w c:\windows\ServicePackFiles\i386\partmgr.sys
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\pautoenr.dll
+ 2004-08-04 03:31:24 29,502 ------w c:\windows\ServicePackFiles\i386\pca200e.sys
+ 2008-04-14 00:12:02 102,912 ------w c:\windows\ServicePackFiles\i386\pchshell.dll
+ 2008-04-14 00:12:02 38,400 ------w c:\windows\ServicePackFiles\i386\pchsvc.dll
+ 2008-04-13 18:36:44 68,224 ------w c:\windows\ServicePackFiles\i386\pci.sys
+ 2008-04-13 18:40:29 24,960 ------w c:\windows\ServicePackFiles\i386\pciidex.sys
+ 2007-05-15 08:08:11 288,768 ------w c:\windows\ServicePackFiles\i386\pcl4res.dll
+ 2007-05-15 08:08:13 1,058,816 ------w c:\windows\ServicePackFiles\i386\pcl5eres.dll
+ 2007-05-15 08:08:14 1,057,280 ------w c:\windows\ServicePackFiles\i386\pcl5ures.dll
+ 2007-05-15 08:08:14 207,872 ------w c:\windows\ServicePackFiles\i386\pclxl.dll
+ 2008-04-13 18:36:43 120,192 ------w c:\windows\ServicePackFiles\i386\pcmcia.sys
+ 2004-08-04 03:06:18 169,984 ------w c:\windows\ServicePackFiles\i386\pcx500.sys
+ 2008-04-14 00:12:02 284,160 ------w c:\windows\ServicePackFiles\i386\pdh.dll
+ 2004-08-04 04:12:20 20,480 ------w c:\windows\ServicePackFiles\i386\perfcounter.dll
+ 2008-04-14 00:12:02 39,936 ------w c:\windows\ServicePackFiles\i386\perfctrs.dll
+ 2008-04-14 00:12:02 26,624 ------w c:\windows\ServicePackFiles\i386\perfdisk.dll
+ 2008-04-14 00:12:31 15,872 ------w c:\windows\ServicePackFiles\i386\perfmon.exe
+ 2008-04-14 00:12:02 17,920 ------w c:\windows\ServicePackFiles\i386\perfnet.dll
+ 2008-04-14 00:12:02 25,088 ------w c:\windows\ServicePackFiles\i386\perfos.dll
+ 2008-04-14 00:12:02 34,816 ------w c:\windows\ServicePackFiles\i386\perfproc.dll
+ 2008-04-13 18:44:29 27,904 ------w c:\windows\ServicePackFiles\i386\perm2.sys
+ 2008-04-14 00:10:34 211,584 ------w c:\windows\ServicePackFiles\i386\perm2dll.dll
+ 2008-04-13 18:44:30 28,032 ------w c:\windows\ServicePackFiles\i386\perm3.sys
+ 2008-04-14 00:10:34 259,328 ------w c:\windows\ServicePackFiles\i386\perm3dd.dll
+ 2008-04-14 00:12:02 176,128 ------w c:\windows\ServicePackFiles\i386\photowiz.dll
+ 2008-04-14 00:12:02 35,328 ------w c:\windows\ServicePackFiles\i386\pid.dll
+ 2008-04-14 00:11:09 24,064 ------w c:\windows\ServicePackFiles\i386\pidgen.dll
+ 2008-04-14 00:12:31 281,088 ------w c:\windows\ServicePackFiles\i386\pinball.exe
+ 2008-04-14 00:12:31 17,920 ------w c:\windows\ServicePackFiles\i386\ping.exe
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\pjlmon.dll
+ 2008-04-14 00:12:02 44,544 ------w c:\windows\ServicePackFiles\i386\plotter.dll
+ 2008-04-14 00:12:02 52,736 ------w c:\windows\ServicePackFiles\i386\plotui.dll
+ 2008-04-14 00:12:02 412,160 ------w c:\windows\ServicePackFiles\i386\pmh.dll
+ 2008-04-14 00:12:02 39,424 ------w c:\windows\ServicePackFiles\i386\pngfilt.dll
+ 2008-04-14 00:12:02 58,880 ------w c:\windows\ServicePackFiles\i386\pnrpnsp.dll
+ 2008-04-14 00:12:02 92,672 ------w c:\windows\ServicePackFiles\i386\policman.dll
+ 2008-04-14 00:12:02 105,472 ------w c:\windows\ServicePackFiles\i386\polstore.dll
+ 2008-04-13 19:19:41 146,048 ------w c:\windows\ServicePackFiles\i386\portcls.sys
+ 2008-04-14 00:12:31 49,152 ------w c:\windows\ServicePackFiles\i386\powercfg.exe
+ 2008-04-13 18:40:56 8,832 ------w c:\windows\ServicePackFiles\i386\powerfil.sys
+ 2008-04-14 00:12:03 17,408 ------w c:\windows\ServicePackFiles\i386\powrprof.dll
+ 2008-04-13 18:41:00 17,664 ------w c:\windows\ServicePackFiles\i386\ppa3.sys
+ 2008-04-14 00:12:03 560,640 ------w c:\windows\ServicePackFiles\i386\printui.dll
+ 2008-04-13 18:31:30 35,840 ------w c:\windows\ServicePackFiles\i386\processr.sys
+ 2008-04-14 00:12:03 27,648 ------w c:\windows\ServicePackFiles\i386\profmap.dll
+ 2008-04-14 00:12:31 109,568 ------w c:\windows\ServicePackFiles\i386\progman.exe
+ 2008-04-14 00:12:32 50,176 ------w c:\windows\ServicePackFiles\i386\proquota.exe
+ 2008-04-14 00:12:03 237,056 ------w c:\windows\ServicePackFiles\i386\provthrd.dll
+ 2008-04-14 00:12:32 9,216 ------w c:\windows\ServicePackFiles\i386\proxycfg.exe
+ 2008-04-14 00:12:03 728,576 ------w c:\windows\ServicePackFiles\i386\ps5ui.dll
+ 2008-04-14 00:12:03 23,040 ------w c:\windows\ServicePackFiles\i386\psapi.dll
+ 2008-04-14 00:12:03 96,768 ------w c:\windows\ServicePackFiles\i386\psbase.dll
+ 2008-04-13 18:56:38 69,120 ------w c:\windows\ServicePackFiles\i386\psched.sys
+ 2008-04-14 00:12:03 543,232 ------w c:\windows\ServicePackFiles\i386\pscript5.dll
+ 2008-04-14 00:12:03 363,520 ------w c:\windows\ServicePackFiles\i386\psisdecd.dll
+ 2008-04-14 00:12:03 43,520 ------w c:\windows\ServicePackFiles\i386\pstorec.dll
+ 2008-04-14 00:12:03 34,304 ------w c:\windows\ServicePackFiles\i386\pstorsvc.dll
+ 2008-04-14 00:12:03 159,232 ------w c:\windows\ServicePackFiles\i386\ptpusd.dll
+ 2008-04-14 00:12:03 7,680 ------w c:\windows\ServicePackFiles\i386\pwsdata.dll
+ 2008-04-14 00:12:03 150,528 ------w c:\windows\ServicePackFiles\i386\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w c:\windows\ServicePackFiles\i386\qagentrt.dll
+ 2008-04-14 00:12:03 237,568 ------w c:\windows\ServicePackFiles\i386\qasf.dll
+ 2008-04-14 00:12:03 192,512 ------w c:\windows\ServicePackFiles\i386\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w c:\windows\ServicePackFiles\i386\qcliprov.dll
+ 2008-04-14 00:12:03 279,040 ------w c:\windows\ServicePackFiles\i386\qdv.dll
+ 2008-04-14 00:12:03 386,048 ------w c:\windows\ServicePackFiles\i386\qdvd.dll
+ 2008-04-14 00:12:03 562,176 ------w c:\windows\ServicePackFiles\i386\qedit.dll
+ 2008-04-13 17:21:32 733,696 ------w c:\windows\ServicePackFiles\i386\qedwipes.dll
+ 2008-04-13 18:40:52 6,016 ------w c:\windows\ServicePackFiles\i386\qic157.sys
+ 2008-04-14 00:12:03 409,088 ------w c:\windows\ServicePackFiles\i386\qmgr.dll
+ 2008-04-14 00:12:03 18,944 ------w c:\windows\ServicePackFiles\i386\qmgrprxy.dll
+ 2008-04-14 00:12:32 19,968 ------w c:\windows\ServicePackFiles\i386\qprocess.exe
+ 2008-04-14 00:12:03 1,288,192 ------w c:\windows\ServicePackFiles\i386\quartz.dll
+ 2008-04-14 00:12:03 1,435,648 ------w c:\windows\ServicePackFiles\i386\query.dll
+ 2008-04-14 00:12:03 76,800 ------w c:\windows\ServicePackFiles\i386\qutil.dll
+ 2008-04-14 00:12:03 43,520 ------w c:\windows\ServicePackFiles\i386\racpldlg.dll
+ 2008-04-13 18:41:23 20,736 ------w c:\windows\ServicePackFiles\i386\ramdisk.sys
+ 2008-04-14 00:12:03 7,680 ------w c:\windows\ServicePackFiles\i386\rasadhlp.dll
+ 2008-04-14 00:12:03 237,056 ------w c:\windows\ServicePackFiles\i386\rasapi32.dll
+ 2008-04-14 00:12:03 88,576 ------w c:\windows\ServicePackFiles\i386\rasauto.dll
+ 2008-04-14 00:12:03 79,872 ------w c:\windows\ServicePackFiles\i386\raschap.dll
+ 2008-04-14 00:12:03 658,432 ------w c:\windows\ServicePackFiles\i386\rasdlg.dll
+ 2008-04-13 19:19:43 51,328 ------w c:\windows\ServicePackFiles\i386\rasl2tp.sys
+ 2008-04-14 00:12:03 61,440 ------w c:\windows\ServicePackFiles\i386\rasman.dll
+ 2008-04-14 00:12:03 186,368 ------w c:\windows\ServicePackFiles\i386\rasmans.dll
+ 2008-04-14 00:12:32 56,832 ------w c:\windows\ServicePackFiles\i386\rasphone.exe
+ 2008-04-14 00:12:03 210,944 ------w c:\windows\ServicePackFiles\i386\rasppp.dll
+ 2008-04-13 18:57:32 41,472 ------w c:\windows\ServicePackFiles\i386\raspppoe.sys
+ 2008-04-13 19:19:48 48,384 ------w c:\windows\ServicePackFiles\i386\raspptp.sys
+ 2008-04-14 00:12:03 61,952 ------w c:\windows\ServicePackFiles\i386\rasqec.dll
+ 2008-04-14 00:12:03 16,384 ------w c:\windows\ServicePackFiles\i386\rassapi.dll
+ 2008-04-14 00:12:03 58,368 ------w c:\windows\ServicePackFiles\i386\rastapi.dll
+ 2008-04-14 00:12:03 150,016 ------w c:\windows\ServicePackFiles\i386\rastls.dll
+ 2008-04-14 00:12:03 102,400 ------w c:\windows\ServicePackFiles\i386\rcbdyctl.dll
+ 2008-04-14 00:12:32 35,840 ------w c:\windows\ServicePackFiles\i386\rcimlby.exe
+ 2008-04-14 00:12:32 21,504 ------w c:\windows\ServicePackFiles\i386\rcp.exe
+ 2008-04-13 19:28:39 175,744 ------w c:\windows\ServicePackFiles\i386\rdbss.sys
+ 2008-04-14 00:12:03 147,968 ------w c:\windows\ServicePackFiles\i386\rdchost.dll
+ 2008-04-14 00:12:32 62,976 ------w c:\windows\ServicePackFiles\i386\rdpclip.exe
+ 2008-04-14 00:13:22 92,424 ------w c:\windows\ServicePackFiles\i386\rdpdd.dll
+ 2008-04-13 18:32:51 196,224 ------w c:\windows\ServicePackFiles\i386\rdpdr.sys
+ 2008-04-14 00:12:04 19,968 ------w c:\windows\ServicePackFiles\i386\rdpsnd.dll
+ 2008-04-14 00:13:22 139,656 ------w c:\windows\ServicePackFiles\i386\rdpwd.sys
+ 2008-04-14 00:13:22 87,176 ------w c:\windows\ServicePackFiles\i386\rdpwsx.dll
+ 2008-04-14 00:12:32 13,824 ------w c:\windows\ServicePackFiles\i386\rdsaddin.exe
+ 2008-04-14 00:12:32 67,072 ------w c:\windows\ServicePackFiles\i386\rdshost.exe
+ 2004-08-04 03:41:40 13,776 ------w c:\windows\ServicePackFiles\i386\recagent.sys
+ 2008-04-13 18:40:27 57,600 ------w c:\windows\ServicePackFiles\i386\redbook.sys
+ 2004-08-10 11:00:00 3,338 ------w c:\windows\ServicePackFiles\i386\redir.exe
+ 2008-04-14 00:12:32 50,176 ------w c:\windows\ServicePackFiles\i386\reg.exe
+ 2008-04-14 00:12:04 49,664 ------w c:\windows\ServicePackFiles\i386\regapi.dll
+ 2004-07-20 00:54:16 28,672 ------w c:\windows\ServicePackFiles\i386\regasm.exe
+ 2004-07-20 00:54:16 32,768 ------w c:\windows\ServicePackFiles\i386\regcode.dll
+ 2008-04-14 00:12:32 146,432 ------w c:\windows\ServicePackFiles\i386\regedit.exe
+ 2008-04-14 00:12:04 59,904 ------w c:\windows\ServicePackFiles\i386\regsvc.dll
+ 2004-07-20 00:54:16 11,264 ------w c:\windows\ServicePackFiles\i386\regsvcs.exe
+ 2008-04-14 00:12:32 11,776 ------w c:\windows\ServicePackFiles\i386\regsvr32.exe
+ 2008-04-14 00:12:04 397,824 ------w c:\windows\ServicePackFiles\i386\regwizc.dll
+ 2008-04-14 00:12:04 60,416 ------w c:\windows\ServicePackFiles\i386\remotepg.dll
+ 2008-04-14 00:12:04 178,176 ------w c:\windows\ServicePackFiles\i386\repdrvfs.dll
+ 2008-04-14 00:12:04 58,880 ------w c:\windows\ServicePackFiles\i386\resutils.dll
+ 2008-04-14 00:12:33 13,824 ------w c:\windows\ServicePackFiles\i386\rexec.exe
+ 2008-04-13 18:46:32 59,136 ------w c:\windows\ServicePackFiles\i386\rfcomm.sys
+ 2008-04-14 00:12:04 290,304 ------w c:\windows\ServicePackFiles\i386\rhttpaa.dll
+ 2008-04-14 00:12:04 123,392 ------w c:\windows\ServicePackFiles\i386\riafres.dll
+ 2008-04-14 00:12:04 11,776 ------w c:\windows\ServicePackFiles\i386\riafui1.dll
+ 2008-04-14 00:12:04 11,776 ------w c:\windows\ServicePackFiles\i386\riafui2.dll
+ 2008-04-14 00:12:04 433,664 ------w c:\windows\ServicePackFiles\i386\riched20.dll
+ 2008-04-13 18:55:08 202,624 ------w c:\windows\ServicePackFiles\i386\rmcast.sys
+ 2008-04-13 18:56:49 30,592 ------w c:\windows\ServicePackFiles\i386\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ------w c:\windows\ServicePackFiles\i386\rndismpx.sys
+ 2008-04-13 18:40:14 79,104 ------w c:\windows\ServicePackFiles\i386\rocket.sys
+ 2008-04-14 00:12:04 4,096 ------w c:\windows\ServicePackFiles\i386\rpcref.dll
+ 2008-04-14 00:12:04 584,704 ------w c:\windows\ServicePackFiles\i386\rpcrt4.dll
+ 2008-04-14 00:12:04 399,360 ------w c:\windows\ServicePackFiles\i386\rpcss.dll
+ 2008-04-14 00:12:04 61,440 ------w c:\windows\ServicePackFiles\i386\rrcm.dll
+ 2008-04-13 17:37:57 208,384 ------w c:\windows\ServicePackFiles\i386\rsaenh.dll
+ 2008-04-14 00:12:33 14,848 ------w c:\windows\ServicePackFiles\i386\rsh.exe
+ 2008-04-14 00:12:04 39,936 ------w c:\windows\ServicePackFiles\i386\rshx32.dll
+ 2008-04-14 00:12:04 18,944 ------w c:\windows\ServicePackFiles\i386\rsmps.dll
+ 2008-04-14 00:12:33 107,520 ------w c:\windows\ServicePackFiles\i386\rsnotify.exe
+ 2008-04-14 00:12:33 380,416 ------w c:\windows\ServicePackFiles\i386\rstrui.exe
+ 2008-04-14 00:12:04 92,672 ------w c:\windows\ServicePackFiles\i386\rsvpsp.dll
+ 2008-04-14 00:12:33 77,312 ------w c:\windows\ServicePackFiles\i386\rtcshare.exe
+ 2008-04-14 00:12:04 31,744 ------w c:\windows\ServicePackFiles\i386\rtipxmib.dll
+ 2004-08-04 03:31:34 20,992 ------w c:\windows\ServicePackFiles\i386\rtl8139.sys
+ 2008-04-14 00:12:04 44,032 ------w c:\windows\ServicePackFiles\i386\rtutils.dll
+ 2008-04-14 00:12:33 33,280 ------w c:\windows\ServicePackFiles\i386\rundll32.exe
+ 2008-04-14 00:12:33 14,336 ------w c:\windows\ServicePackFiles\i386\runonce.exe
+ 2008-04-14 00:12:04 27,648 ------w c:\windows\ServicePackFiles\i386\rw001ext.dll
+ 2008-04-14 00:12:04 29,184 ------w c:\windows\ServicePackFiles\i386\rw330ext.dll
+ 2008-04-14 00:12:04 27,648 ------w c:\windows\ServicePackFiles\i386\rw430ext.dll
+ 2008-04-14 00:12:04 29,696 ------w c:\windows\ServicePackFiles\i386\rw450ext.dll
+ 2008-04-14 00:12:04 9,728 ------w c:\windows\ServicePackFiles\i386\rwnh.dll
+ 2008-04-14 00:12:04 397,056 ------w c:\windows\ServicePackFiles\i386\s3gnb.dll
+ 2004-08-04 03:29:52 166,912 ------w c:\windows\ServicePackFiles\i386\s3gnbm.sys
+ 2008-04-14 00:12:04 43,520 ------w c:\windows\ServicePackFiles\i386\safrcdlg.dll
+ 2008-04-14 00:12:04 29,696 ------w c:\windows\ServicePackFiles\i386\safrdm.dll
+ 2008-04-14 00:12:04 45,568 ------w c:\windows\ServicePackFiles\i386\safrslv.dll
+ 2008-04-14 00:12:04 64,000 ------w c:\windows\ServicePackFiles\i386\samlib.dll
+ 2008-04-14 00:12:04 415,744 ------w c:\windows\ServicePackFiles\i386\samsrv.dll
+ 2008-04-14 00:12:04 741,376 ------w c:\windows\ServicePackFiles\i386\sapi.dll
+ 2008-04-14 00:12:33 13,312 ------w c:\windows\ServicePackFiles\i386\savedump.exe
+ 2008-04-14 00:12:04 270,848 ------w c:\windows\ServicePackFiles\i386\sbe.dll
+ 2008-04-14 00:12:04 159,232 ------w c:\windows\ServicePackFiles\i386\sbeio.dll
+ 2008-04-13 18:40:48 43,904 ------w c:\windows\ServicePackFiles\i386\sbp2port.sys
+ 2008-04-14 00:12:04 69,632 ------w c:\windows\ServicePackFiles\i386\scarddlg.dll
+ 2008-04-14 00:12:33 95,744 ------w c:\windows\ServicePackFiles\i386\scardsvr.exe
+ 2004-08-10 11:00:00 169,984 ------w c:\windows\ServicePackFiles\i386\sccbase.dll
+ 2008-04-14 00:12:05 171,008 ------w c:\windows\ServicePackFiles\i386\sccsccp.dll
+ 2008-04-14 00:12:05 181,248 ------w c:\windows\ServicePackFiles\i386\scecli.dll
+ 2008-04-14 00:12:05 314,880 ------w c:\windows\ServicePackFiles\i386\scesrv.dll
+ 2008-04-14 00:12:05 144,384 ------w c:\windows\ServicePackFiles\i386\schannel.dll
+ 2008-04-14 00:12:05 192,512 ------w c:\windows\ServicePackFiles\i386\schedsvc.dll
+ 2008-04-14 00:12:05 20,480 ------w c:\windows\ServicePackFiles\i386\sclgntfy.dll
+ 2008-04-14 00:12:34 36,352 ------w c:\windows\ServicePackFiles\i386\scrcons.exe
+ 2008-04-14 00:12:05 215,552 ------w c:\windows\ServicePackFiles\i386\script.dll
+ 2008-04-14 00:12:05 199,680 ------w c:\windows\ServicePackFiles\i386\scripta.dll
+ 2008-04-14 00:12:43 9,216 ------w c:\windows\ServicePackFiles\i386\scrnsave.scr
+ 2008-04-14 00:12:05 180,224 ------w c:\windows\ServicePackFiles\i386\scrobj.dll
+ 2008-04-14 00:12:05 172,032 ------w c:\windows\ServicePackFiles\i386\scrrun.dll
+ 2008-04-13 18:40:30 96,384 ------w c:\windows\ServicePackFiles\i386\scsiport.sys
+ 2008-04-13 18:45:33 11,520 ------w c:\windows\ServicePackFiles\i386\scsiscan.sys
+ 2008-04-14 00:12:34 121,856 ------w c:\windows\ServicePackFiles\i386\sctasks.exe
+ 2008-04-14 00:12:34 77,312 ------w c:\windows\ServicePackFiles\i386\sdbinst.exe
+ 2008-04-13 18:36:44 79,232 ------w c:\windows\ServicePackFiles\i386\sdbus.sys
+ 2008-04-14 00:12:05 29,184 ------w c:\windows\ServicePackFiles\i386\sdhcinst.dll
+ 2007-11-13 10:25:53 20,480 ------w c:\windows\ServicePackFiles\i386\secdrv.sys
+ 2008-04-14 00:12:34 18,944 ------w c:\windows\ServicePackFiles\i386\secedit.exe
+ 2008-04-14 00:12:05 18,944 ------w c:\windows\ServicePackFiles\i386\seclogon.dll
+ 2006-12-31 12:57:08 4,569 ------w c:\windows\ServicePackFiles\i386\secupd.dat
+ 2008-04-14 00:12:05 56,320 ------w c:\windows\ServicePackFiles\i386\secur32.dll
+ 2008-04-14 00:12:05 5,632 ------w c:\windows\ServicePackFiles\i386\security.dll
+ 2008-04-14 00:12:05 29,184 ------w c:\windows\ServicePackFiles\i386\sendcmsg.dll
+ 2008-04-14 00:12:05 54,784 ------w c:\windows\ServicePackFiles\i386\sendmail.dll
+ 2008-04-14 00:12:05 39,424 ------w c:\windows\ServicePackFiles\i386\sens.dll
+ 2008-04-14 00:12:05 7,168 ------w c:\windows\ServicePackFiles\i386\sensapi.dll
+ 2008-04-14 00:12:05 221,696 ------w c:\windows\ServicePackFiles\i386\seo.dll
+ 2008-04-13 18:40:12 15,744 ------w c:\windows\ServicePackFiles\i386\serenum.sys
+ 2008-04-13 19:15:45 64,512 ------w c:\windows\ServicePackFiles\i386\serial.sys
+ 2008-04-14 00:12:05 56,320 ------w c:\windows\ServicePackFiles\i386\servdeps.dll
+ 2008-04-14 00:12:34 108,544 ------w c:\windows\ServicePackFiles\i386\services.exe
+ 2008-04-14 00:12:34 141,312 ------w c:\windows\ServicePackFiles\i386\sessmgr.exe
+ 2008-04-14 00:12:34 31,232 ------w c:\windows\ServicePackFiles\i386\sethc.exe
+ 2007-12-17 11:59:54 66,592 ------w c:\windows\ServicePackFiles\i386\setregni.exe
+ 2008-04-14 00:12:34 23,040 ------w c:\windows\ServicePackFiles\i386\setup.exe
+ 2008-04-14 00:12:34 73,216 ------w c:\windows\ServicePackFiles\i386\setup50.exe
+ 2008-04-14 10:42:06 985,088 ------w c:\windows\ServicePackFiles\i386\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w c:\windows\ServicePackFiles\i386\setupn.exe
+ 2008-04-14 00:12:05 101,376 ------w c:\windows\ServicePackFiles\i386\setupqry.dll
+ 2008-04-14 00:12:05 5,120 ------w c:\windows\ServicePackFiles\i386\sfc.dll
+ 2008-04-14 00:12:05 140,288 ------w c:\windows\ServicePackFiles\i386\sfc_os.dll
+ 2008-04-14 00:12:05 1,614,848 ------w c:\windows\ServicePackFiles\i386\sfcfiles.dll
+ 2008-04-13 18:40:47 11,904 ------w c:\windows\ServicePackFiles\i386\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w c:\windows\ServicePackFiles\i386\sffp_mmc.sys
+ 2008-04-13 18:40:47 11,008 ------w c:\windows\ServicePackFiles\i386\sffp_sd.sys
+ 2008-04-13 18:40:48 11,392 ------w c:\windows\ServicePackFiles\i386\sfloppy.sys
+ 2008-04-13 17:03:19 549,376 ------w c:\windows\ServicePackFiles\i386\shdoclc.dll
+ 2008-04-14 00:12:05 1,499,136 ------w c:\windows\ServicePackFiles\i386\shdocvw.dll
+ 2008-04-14 00:12:05 8,461,312 ------w c:\windows\ServicePackFiles\i386\shell32.dll
+ 2008-04-14 00:12:05 25,088 ------w c:\windows\ServicePackFiles\i386\shfolder.dll
+ 2008-04-14 00:12:05 68,096 ------w c:\windows\ServicePackFiles\i386\shgina.dll
+ 2008-04-14 00:12:05 65,024 ------w c:\windows\ServicePackFiles\i386\shimeng.dll
+ 2008-04-14 00:12:05 438,272 ------w c:\windows\ServicePackFiles\i386\shimgvw.dll
+ 2008-04-14 00:12:05 474,112 ------w c:\windows\ServicePackFiles\i386\shlwapi.dll
+ 2008-04-14 00:12:35 45,056 ------w c:\windows\ServicePackFiles\i386\shmgrate.exe
+ 2008-04-14 00:12:35 77,824 ------w c:\windows\ServicePackFiles\i386\shrpubw.exe
+ 2008-04-14 00:12:05 27,648 ------w c:\windows\ServicePackFiles\i386\shscrap.dll
+ 2008-04-14 00:12:05 135,168 ------w c:\windows\ServicePackFiles\i386\shsvcs.dll
+ 2008-04-14 00:12:05 20,536 ------w c:\windows\ServicePackFiles\i386\shtml.dll
+ 2008-04-14 00:12:35 16,437 ------w c:\windows\ServicePackFiles\i386\shtml.exe
+ 2008-04-14 00:12:35 19,456 ------w c:\windows\ServicePackFiles\i386\shutdown.exe
+ 2008-04-14 00:12:05 13,312 ------w c:\windows\ServicePackFiles\i386\sigtab.dll
+ 2008-04-14 00:12:35 70,144 ------w c:\windows\ServicePackFiles\i386\sigverif.exe
+ 2008-04-14 00:12:05 3,901 ------w c:\windows\ServicePackFiles\i386\siint5.dll
+ 2008-04-13 18:36:39 40,960 ------w c:\windows\ServicePackFiles\i386\sisagp.sys
+ 2004-08-04 03:31:36 32,768 ------w c:\windows\ServicePackFiles\i386\sisnic.sys
+ 2008-04-14 00:12:35 26,112 ------w c:\windows\ServicePackFiles\i386\skeys.exe
+ 2004-08-04 03:31:42 63,547 ------w c:\windows\ServicePackFiles\i386\sla30nd5.sys
+ 2008-04-14 00:12:06 25,088 ------w c:\windows\ServicePackFiles\i386\slayerxp.dll
+ 2004-08-10 11:00:00 306,176 ------w c:\windows\ServicePackFiles\i386\slbcsp.dll
+ 2008-04-14 00:12:06 98,304 ------w c:\windows\ServicePackFiles\i386\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w c:\windows\ServicePackFiles\i386\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w c:\windows\ServicePackFiles\i386\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w c:\windows\ServicePackFiles\i386\slgen.dll
+ 2008-04-13 18:46:23 11,136 ------w c:\windows\ServicePackFiles\i386\slip.sys
+ 2004-08-04 03:41:42 129,535 ------w c:\windows\ServicePackFiles\i386\slnt7554.sys
+ 2004-08-04 03:41:44 404,990 ------w c:\windows\ServicePackFiles\i386\slntamr.sys
+ 2004-08-04 03:41:46 95,424 ------w c:\windows\ServicePackFiles\i386\slnthal.sys
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\ServicePackFiles\i386\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w c:\windows\ServicePackFiles\i386\slserv.exe
+ 2004-08-04 03:41:46 13,240 ------w c:\windows\ServicePackFiles\i386\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w c:\windows\ServicePackFiles\i386\smbali.sys
+ 2008-04-13 18:36:33 16,000 ------w c:\windows\ServicePackFiles\i386\smbbatt.sys
+ 2008-04-13 18:36:33 6,912 ------w c:\windows\ServicePackFiles\i386\smbclass.sys
+ 2008-04-14 00:12:35 8,192 ------w c:\windows\ServicePackFiles\i386\smbinst.exe
+ 2008-04-14 00:12:35 236,544 ------w c:\windows\ServicePackFiles\i386\smi2smir.exe
+ 2008-04-14 00:12:06 362,496 ------w c:\windows\ServicePackFiles\i386\smlogcfg.dll
+ 2008-04-14 00:12:35 89,600 ------w c:\windows\ServicePackFiles\i386\smlogsvc.exe
+ 2008-04-14 00:12:36 50,688 ------w c:\windows\ServicePackFiles\i386\smss.exe
+ 2008-04-14 00:12:06 189,440 ------w c:\windows\ServicePackFiles\i386\smtpadm.dll
+ 2008-04-14 00:12:06 10,752 ------w c:\windows\ServicePackFiles\i386\smtpapi.dll
+ 2008-04-14 00:12:06 2,134,528 ------w c:\windows\ServicePackFiles\i386\smtpsnap.dll
+ 2008-04-14 00:12:06 456,192 ------w c:\windows\ServicePackFiles\i386\smtpsvc.dll
+ 2008-04-14 00:12:36 131,584 ------w c:\windows\ServicePackFiles\i386\sndrec32.exe
+ 2008-04-14 00:12:06 34,816 ------w c:\windows\ServicePackFiles\i386\sniffpol.dll
+ 2008-04-14 00:12:36 33,280 ------w c:\windows\ServicePackFiles\i386\snmp.exe
+ 2008-04-14 00:12:06 18,944 ------w c:\windows\ServicePackFiles\i386\snmpapi.dll
+ 2008-04-14 00:12:06 259,072 ------w c:\windows\ServicePackFiles\i386\snmpcl.dll
+ 2008-04-14 00:12:06 358,400 ------w c:\windows\ServicePackFiles\i386\snmpincl.dll
+ 2008-04-14 00:12:06 6,144 ------w c:\windows\ServicePackFiles\i386\snmpmib.dll
+ 2008-04-14 00:12:06 188,416 ------w c:\windows\ServicePackFiles\i386\snmpsmir.dll
+ 2008-04-14 00:12:06 182,272 ------w c:\windows\ServicePackFiles\i386\snmpsnap.dll
+ 2008-04-14 00:12:06 39,936 ------w c:\windows\ServicePackFiles\i386\snmpthrd.dll
+ 2008-04-14 00:12:36 8,704 ------w c:\windows\ServicePackFiles\i386\snmptrap.exe
+ 2008-04-14 00:12:06 130,048 ------w c:\windows\ServicePackFiles\i386\softkbd.dll
+ 2008-04-13 18:40:52 7,552 ------w c:\windows\ServicePackFiles\i386\sonyait.sys
+ 2008-04-13 18:46:07 25,344 ------w c:\windows\ServicePackFiles\i386\sonydcam.sys
+ 2008-04-14 00:12:36 24,576 ------w c:\windows\ServicePackFiles\i386\sort.exe
+ 2008-04-14 00:12:36 7,680 ------w c:\windows\ServicePackFiles\i386\spdwnwxp.exe
+ 2008-04-13 16:43:18 62,976 ------w c:\windows\ServicePackFiles\i386\spgrmr.dll
+ 2008-04-14 00:12:36 538,624 ------w c:\windows\ServicePackFiles\i386\spider.exe
+ 2008-04-13 18:43:31 12,800 ------w c:\windows\ServicePackFiles\i386\spiisupd.exe
+ 2008-04-13 18:45:07 6,272 ------w c:\windows\ServicePackFiles\i386\splitter.sys
+ 2008-04-14 10:42:38 11,264 ------w c:\windows\ServicePackFiles\i386\spnpinst.exe
+ 2008-04-14 00:12:06 75,264 ------w c:\windows\ServicePackFiles\i386\spoolss.dll
+ 2008-04-14 00:12:36 57,856 ------w c:\windows\ServicePackFiles\i386\spoolsv.exe
+ 2008-04-13 18:35:06 186,880 ------w c:\windows\ServicePackFiles\i386\spra0401.dll
+ 2008-04-13 18:35:08 189,440 ------w c:\windows\ServicePackFiles\i386\spra0402.dll
+ 2008-04-13 18:35:09 161,280 ------w c:\windows\ServicePackFiles\i386\spra0404.dll
+ 2008-04-13 18:35:09 188,928 ------w c:\windows\ServicePackFiles\i386\spra0405.dll
+ 2008-04-13 18:35:09 192,000 ------w c:\windows\ServicePackFiles\i386\spra0406.dll
+ 2008-04-13 18:35:21 199,680 ------w c:\windows\ServicePackFiles\i386\spra0407.dll
+ 2008-04-13 18:35:11 197,632 ------w c:\windows\ServicePackFiles\i386\spra0408.dll
+ 2008-04-13 18:35:11 186,368 ------w c:\windows\ServicePackFiles\i386\spra040b.dll
+ 2008-04-13 18:35:20 197,632 ------w c:\windows\ServicePackFiles\i386\spra040c.dll
+ 2008-04-13 18:35:21 181,760 ------w c:\windows\ServicePackFiles\i386\spra040d.dll
+ 2008-04-13 18:35:23 195,584 ------w c:\windows\ServicePackFiles\i386\spra040e.dll
+ 2008-04-13 18:35:23 195,072 ------w c:\windows\ServicePackFiles\i386\spra0410.dll
+ 2008-04-13 18:35:23 171,008 ------w c:\windows\ServicePackFiles\i386\spra0411.dll
+ 2008-04-13 18:35:23 167,936 ------w c:\windows\ServicePackFiles\i386\spra0412.dll
+ 2008-04-13 18:35:25 196,096 ------w c:\windows\ServicePackFiles\i386\spra0413.dll
+ 2008-04-13 18:35:25 189,440 ------w c:\windows\ServicePackFiles\i386\spra0414.dll
+ 2008-04-13 18:35:26 194,560 ------w c:\windows\ServicePackFiles\i386\spra0415.dll
+ 2008-04-13 18:35:08 192,512 ------w c:\windows\ServicePackFiles\i386\spra0416.dll
+ 2008-04-13 18:35:27 190,464 ------w c:\windows\ServicePackFiles\i386\spra0418.dll
+ 2008-04-13 18:35:27 192,512 ------w c:\windows\ServicePackFiles\i386\spra0419.dll
+ 2008-04-13 18:35:21 188,928 ------w c:\windows\ServicePackFiles\i386\spra041a.dll
+ 2008-04-13 18:35:28 192,512 ------w c:\windows\ServicePackFiles\i386\spra041b.dll
+ 2008-04-13 18:35:28 188,928 ------w c:\windows\ServicePackFiles\i386\spra041d.dll
+ 2008-04-13 18:35:29 188,416 ------w c:\windows\ServicePackFiles\i386\spra041e.dll
+ 2008-04-13 18:35:30 188,928 ------w c:\windows\ServicePackFiles\i386\spra041f.dll
+ 2008-04-13 18:35:28 192,512 ------w c:\windows\ServicePackFiles\i386\spra0424.dll
+ 2008-04-13 18:35:11 186,880 ------w c:\windows\ServicePackFiles\i386\spra0425.dll
+ 2008-04-13 18:35:24 188,928 ------w c:\windows\ServicePackFiles\i386\spra0426.dll
+ 2008-04-13 18:35:24 189,952 ------w c:\windows\ServicePackFiles\i386\spra0427.dll
+ 2008-04-13 18:35:06 161,280 ------w c:\windows\ServicePackFiles\i386\spra0804.dll
+ 2008-04-13 18:35:26 194,560 ------w c:\windows\ServicePackFiles\i386\spra0816.dll
+ 2008-04-13 18:35:11 196,096 ------w c:\windows\ServicePackFiles\i386\spra0c0a.dll
+ 2008-04-13 18:35:49 2,869,248 ------w c:\windows\ServicePackFiles\i386\sprb0401.dll
+ 2008-04-13 18:36:10 477,696 ------w c:\windows\ServicePackFiles\i386\sprb0404.dll
+ 2008-04-13 18:36:10 734,720 ------w c:\windows\ServicePackFiles\i386\sprb0405.dll
+ 2008-04-13 18:36:10 742,912 ------w c:\windows\ServicePackFiles\i386\sprb0406.dll
+ 2008-04-13 18:37:03 788,480 ------w c:\windows\ServicePackFiles\i386\sprb0407.dll
+ 2008-04-13 18:36:35 801,280 ------w c:\windows\ServicePackFiles\i386\sprb0408.dll
+ 2008-04-13 18:36:39 729,088 ------w c:\windows\ServicePackFiles\i386\sprb040b.dll
+ 2008-04-13 18:36:55 793,088 ------w c:\windows\ServicePackFiles\i386\sprb040c.dll
+ 2008-04-13 18:37:07 2,842,112 ------w c:\windows\ServicePackFiles\i386\sprb040d.dll
+ 2008-04-13 18:37:22 769,536 ------w c:\windows\ServicePackFiles\i386\sprb040e.dll
+ 2008-04-13 18:37:22 769,536 ------w c:\windows\ServicePackFiles\i386\sprb0410.dll
+ 2008-04-13 18:37:34 562,688 ------w c:\windows\ServicePackFiles\i386\sprb0411.dll
+ 2008-04-13 18:37:37 543,744 ------w c:\windows\ServicePackFiles\i386\sprb0412.dll
+ 2008-04-13 18:38:00 769,024 ------w c:\windows\ServicePackFiles\i386\sprb0413.dll
+ 2008-04-13 18:38:02 716,288 ------w c:\windows\ServicePackFiles\i386\sprb0414.dll
+ 2008-04-13 18:38:05 759,808 ------w c:\windows\ServicePackFiles\i386\sprb0415.dll
+ 2008-04-13 18:35:43 752,128 ------w c:\windows\ServicePackFiles\i386\sprb0416.dll
+ 2008-04-13 18:38:28 736,768 ------w c:\windows\ServicePackFiles\i386\sprb0419.dll
+ 2008-04-13 18:38:37 757,248 ------w c:\windows\ServicePackFiles\i386\sprb041b.dll
+ 2008-04-13 18:38:47 724,480 ------w c:\windows\ServicePackFiles\i386\sprb041d.dll
+ 2008-04-13 18:38:51 724,480 ------w c:\windows\ServicePackFiles\i386\sprb041f.dll
+ 2008-04-13 18:38:36 732,160 ------w c:\windows\ServicePackFiles\i386\sprb0424.dll
+ 2008-04-13 18:35:54 470,016 ------w c:\windows\ServicePackFiles\i386\sprb0804.dll
+ 2008-04-13 18:38:06 751,616 ------w c:\windows\ServicePackFiles\i386\sprb0816.dll
+ 2008-04-13 18:36:38 773,632 ------w c:\windows\ServicePackFiles\i386\sprb0c0a.dll
+ 2008-04-13 18:39:02 656,896 ------w c:\windows\ServicePackFiles\i386\sprc0401.dll
+ 2008-04-13 18:39:13 327,680 ------w c:\windows\ServicePackFiles\i386\sprc0404.dll
+ 2008-04-13 18:39:02 601,088 ------w c:\windows\ServicePackFiles\i386\sprc0405.dll
+ 2008-04-13 18:39:12 605,696 ------w c:\windows\ServicePackFiles\i386\sprc0406.dll
+ 2008-04-13 18:39:19 663,552 ------w c:\windows\ServicePackFiles\i386\sprc0407.dll
+ 2008-04-13 18:39:12 679,936 ------w c:\windows\ServicePackFiles\i386\sprc0408.dll
+ 2008-04-13 18:39:17 604,672 ------w c:\windows\ServicePackFiles\i386\sprc040b.dll
+ 2008-04-13 18:39:20 663,040 ------w c:\windows\ServicePackFiles\i386\sprc040c.dll
+ 2008-04-13 18:39:28 620,544 ------w c:\windows\ServicePackFiles\i386\sprc040d.dll
+ 2008-04-13 18:39:28 645,120 ------w c:\windows\ServicePackFiles\i386\sprc040e.dll
+ 2008-04-13 18:39:28 658,432 ------w c:\windows\ServicePackFiles\i386\sprc0410.dll
+ 2008-04-13 18:39:49 412,672 ------w c:\windows\ServicePackFiles\i386\sprc0411.dll
+ 2008-04-13 18:39:49 392,704 ------w c:\windows\ServicePackFiles\i386\sprc0412.dll
+ 2008-04-13 18:39:47 645,120 ------w c:\windows\ServicePackFiles\i386\sprc0413.dll
+ 2008-04-13 18:39:48 591,872 ------w c:\windows\ServicePackFiles\i386\sprc0414.dll
+ 2008-04-13 18:39:52 641,024 ------w c:\windows\ServicePackFiles\i386\sprc0415.dll
+ 2008-04-13 18:38:56 620,032 ------w c:\windows\ServicePackFiles\i386\sprc0416.dll
+ 2008-04-13 18:39:56 627,200 ------w c:\windows\ServicePackFiles\i386\sprc0419.dll
+ 2008-04-13 18:40:04 577,536 ------w c:\windows\ServicePackFiles\i386\sprc041b.dll
+ 2008-04-13 18:40:05 590,848 ------w c:\windows\ServicePackFiles\i386\sprc041d.dll
+ 2008-04-13 18:40:09 592,896 ------w c:\windows\ServicePackFiles\i386\sprc041f.dll
+ 2008-04-13 18:40:05 576,512 ------w c:\windows\ServicePackFiles\i386\sprc0424.dll
+ 2008-04-13 18:39:03 322,560 ------w c:\windows\ServicePackFiles\i386\sprc0804.dll
+ 2008-04-13 18:39:53 639,488 ------w c:\windows\ServicePackFiles\i386\sprc0816.dll
+ 2008-04-13 18:39:13 648,704 ------w c:\windows\ServicePackFiles\i386\sprc0c0a.dll
+ 2008-04-14 00:12:06 250,368 ------w c:\windows\ServicePackFiles\i386\sptip.dll
+ 2008-04-14 00:12:36 20,992 ------w c:\windows\ServicePackFiles\i386\spupdwxp.exe
+ 2008-04-14 00:12:06 151,552 ------w c:\windows\ServicePackFiles\i386\sqldb20.dll
+ 2008-04-14 00:12:06 528,384 ------w c:\windows\ServicePackFiles\i386\sqloledb.dll
+ 2008-04-14 00:12:06 462,848 ------w c:\windows\ServicePackFiles\i386\sqlqp20.dll
+ 2008-04-14 00:12:06 110,592 ------w c:\windows\ServicePackFiles\i386\sqlse20.dll
+ 2008-04-14 00:12:06 442,368 ------w c:\windows\ServicePackFiles\i386\sqlsrv32.dll
+ 2008-04-14 00:12:06 180,800 ------w c:\windows\ServicePackFiles\i386\sqlunirl.dll
+ 2008-04-14 00:12:06 217,088 ------w c:\windows\ServicePackFiles\i386\sqlxmlx.dll
+ 2008-04-13 18:36:52 73,472 ------w c:\windows\ServicePackFiles\i386\sr.sys
+ 2008-04-14 00:12:06 58,434 ------w c:\windows\ServicePackFiles\i386\srchctls.dll
+ 2008-04-14 00:12:07 726,078 ------w c:\windows\ServicePackFiles\i386\srchui.dll
+ 2008-04-14 00:12:07 67,584 ------w c:\windows\ServicePackFiles\i386\srclient.dll
+ 2008-04-14 00:12:07 239,104 ------w c:\windows\ServicePackFiles\i386\srrstr.dll
+ 2008-04-14 00:12:07 171,008 ------w c:\windows\ServicePackFiles\i386\srsvc.dll
+ 2008-04-13 19:15:11 334,848 ------w c:\windows\ServicePackFiles\i386\srv.sys
+ 2008-04-14 00:12:07 96,768 ------w c:\windows\ServicePackFiles\i386\srvsvc.dll
+ 2008-04-14 00:12:43 704,512 ------w c:\windows\ServicePackFiles\i386\ss3dfo.scr
+ 2008-04-14 00:12:43 19,968 ------w c:\windows\ServicePackFiles\i386\ssbezier.scr
+ 2008-04-14 00:12:07 34,816 ------w c:\windows\ServicePackFiles\i386\ssdpapi.dll
+ 2008-04-14 00:12:07 71,680 ------w c:\windows\ServicePackFiles\i386\ssdpsrv.dll
+ 2008-04-14 00:12:43 393,216 ------w c:\windows\ServicePackFiles\i386\ssflwbox.scr
+ 2008-04-14 00:12:07 45,056 ------w c:\windows\ServicePackFiles\i386\ssinc51.dll
+ 2008-04-14 00:12:44 20,992 ------w c:\windows\ServicePackFiles\i386\ssmarque.scr
+ 2008-04-14 00:12:44 47,104 ------w c:\windows\ServicePackFiles\i386\ssmypics.scr
+ 2008-04-14 00:12:44 18,944 ------w c:\windows\ServicePackFiles\i386\ssmyst.scr
+ 2008-04-14 00:12:07 46,592 ------w c:\windows\ServicePackFiles\i386\sspifilt.dll
+ 2008-04-14 00:12:44 610,304 ------w c:\windows\ServicePackFiles\i386\sspipes.scr
+ 2008-04-14 00:12:44 14,336 ------w c:\windows\ServicePackFiles\i386\ssstars.scr
+ 2008-04-14 00:12:44 679,936 ------w c:\windows\ServicePackFiles\i386\sstext3d.scr
+ 2008-04-14 00:12:07 33,280 ------w c:\windows\ServicePackFiles\i386\sstub.dll
+ 2008-04-14 00:12:07 8,192 ------w c:\windows\ServicePackFiles\i386\staxmem.dll
+ 2008-04-14 00:12:07 59,392 ------w c:\windows\ServicePackFiles\i386\stclient.dll
+ 2008-04-14 00:12:07 86,528 ------w c:\windows\ServicePackFiles\i386\stdprov.dll
+ 2008-04-14 00:12:07 68,096 ------w c:\windows\ServicePackFiles\i386\sti.dll
+ 2008-04-14 00:12:07 136,704 ------w c:\windows\ServicePackFiles\i386\sti_ci.dll
+ 2008-04-14 00:12:36 14,848 ------w c:\windows\ServicePackFiles\i386\stimon.exe
+ 2008-04-14 00:12:07 121,856 ------w c:\windows\ServicePackFiles\i386\stobject.dll
+ 2008-04-14 00:12:07 74,752 ------w c:\windows\ServicePackFiles\i386\storprop.dll
+ 2008-04-13 18:45:15 49,408 ------w c:\windows\ServicePackFiles\i386\stream.sys
+ 2008-04-13 18:46:21 15,232 ------w c:\windows\ServicePackFiles\i386\streamip.sys
+ 2008-04-14 00:12:07 75,776 ------w c:\windows\ServicePackFiles\i386\strmfilt.dll
+ 2008-04-14 00:12:36 16,449 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe
+ 2008-04-14 00:12:36 65,601 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe
+ 2008-04-14 00:12:07 46,592 ------w c:\windows\ServicePackFiles\i386\svcext51.dll
+ 2008-04-14 00:12:36 14,336 ------w c:\windows\ServicePackFiles\i386\svchost.exe
+ 2008-04-13 18:39:53 4,352 ------w c:\windows\ServicePackFiles\i386\swenum.sys
+ 2008-04-13 18:45:09 56,576 ------w c:\windows\ServicePackFiles\i386\swmidi.sys
+ 2008-04-14 00:12:07 713,216 ------w c:\windows\ServicePackFiles\i386\sxs.dll
+ 2007-12-17 11:59:56 1,179,648 ------w c:\windows\ServicePackFiles\i386\sy52106.dll
+ 2008-04-14 00:12:07 57,856 ------w c:\windows\ServicePackFiles\i386\synceng.dll
+ 2008-04-14 00:12:07 191,488 ------w c:\windows\ServicePackFiles\i386\syncui.dll
+ 2008-04-13 19:15:55 60,800 ------w c:\windows\ServicePackFiles\i386\sysaudio.sys
+ 2008-04-14 00:12:36 71,680 ------w c:\windows\ServicePackFiles\i386\sysinfo.exe
+ 2008-04-14 00:12:07 193,024 ------w c:\windows\ServicePackFiles\i386\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w c:\windows\ServicePackFiles\i386\sysmoda.dll
+ 2008-04-14 00:12:37 106,496 ------w c:\windows\ServicePackFiles\i386\sysocmgr.exe
+ 2008-04-14 00:12:07 990,208 ------w c:\windows\ServicePackFiles\i386\syssetup.dll
+ 2004-07-20 00:54:18 77,824 ------w c:\windows\ServicePackFiles\i386\system.configuration.install.dll
+ 2004-07-20 00:54:18 1,179,648 ------w c:\windows\ServicePackFiles\i386\system.data.dll
+ 2004-07-20 00:54:18 1,695,744 ------w c:\windows\ServicePackFiles\i386\system.design.dll
+ 2004-07-20 00:54:18 86,016 ------w c:\windows\ServicePackFiles\i386\system.directoryservices.dll
+ 2004-07-20 00:54:18 65,536 ------w c:\windows\ServicePackFiles\i386\system.drawing.design.dll
+ 2004-07-20 00:54:18 462,848 ------w c:\windows\ServicePackFiles\i386\system.drawing.dll
+ 2004-07-20 00:54:18 212,992 ------w c:\windows\ServicePackFiles\i386\system.enterpriseservices.dll
+ 2004-08-04 04:12:34 48,640 ------w c:\windows\ServicePackFiles\i386\system.enterpriseservices.thunk.dll
+ 2004-07-20 00:54:18 352,256 ------w c:\windows\ServicePackFiles\i386\system.management.dll
+ 2004-07-20 00:54:18 241,664 ------w c:\windows\ServicePackFiles\i386\system.messaging.dll
+ 2004-07-20 00:54:20 311,296 ------w c:\windows\ServicePackFiles\i386\system.runtime.remoting.dll
+ 2004-07-20 00:54:20 131,072 ------w c:\windows\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
+ 2004-07-20 00:54:20 77,824 ------w c:\windows\ServicePackFiles\i386\system.security.dll
+ 2004-07-20 00:54:20 126,976 ------w c:\windows\ServicePackFiles\i386\system.serviceprocess.dll
+ 2007-01-02 21:40:24 1,200,128 ------w c:\windows\ServicePackFiles\i386\system.web.dll
+ 2004-07-20 00:54:20 61,440 ------w c:\windows\ServicePackFiles\i386\system.web.regularexpressions.dll
+ 2004-07-20 00:54:20 507,904 ------w c:\windows\ServicePackFiles\i386\system.web.services.dll
+ 2004-07-20 00:54:22 2,002,944 ------w c:\windows\ServicePackFiles\i386\system.windows.forms.dll
+ 2004-07-20 00:54:22 1,302,528 ------w c:\windows\ServicePackFiles\i386\system.xml.dll
+ 2008-04-14 00:12:07 117,760 ------w c:\windows\ServicePackFiles\i386\t2embed.dll
+ 2008-04-14 00:12:07 33,792 ------w c:\windows\ServicePackFiles\i386\tabletoc.dll
+ 2008-04-13 18:40:50 14,976 ------w c:\windows\ServicePackFiles\i386\tape.sys
+ 2008-04-14 00:12:07 858,624 ------w c:\windows\ServicePackFiles\i386\tapi3.dll
+ 2008-04-14 00:12:07 181,760 ------w c:\windows\ServicePackFiles\i386\tapi32.dll
+ 2008-04-14 00:12:07 249,856 ------w c:\windows\ServicePackFiles\i386\tapisrv.dll
+ 2008-04-14 00:12:37 76,288 ------w c:\windows\ServicePackFiles\i386\taskkill.exe
+ 2008-04-14 00:12:37 77,824 ------w c:\windows\ServicePackFiles\i386\tasklist.exe
+ 2008-04-14 00:12:37 135,680 ------w c:\windows\ServicePackFiles\i386\taskmgr.exe
+ 2008-04-13 19:20:16 361,344 ------w c:\windows\ServicePackFiles\i386\tcpip.sys
+ 2008-04-13 19:00:02 225,664 ------w c:\windows\ServicePackFiles\i386\tcpip6.sys
+ 2008-04-14 00:12:07 14,848 ------w c:\windows\ServicePackFiles\i386\tcpmib.dll
+ 2008-04-14 00:12:07 45,568 ------w c:\windows\ServicePackFiles\i386\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ------w c:\windows\ServicePackFiles\i386\tcpmonui.dll
+ 2008-04-14 00:12:37 32,827 ------w c:\windows\ServicePackFiles\i386\tcptest.exe
+ 2007-04-02 16:36:07 16,384 ------w c:\windows\ServicePackFiles\i386\tcptsat.dll
+ 2008-04-13 19:00:05 19,072 ------w c:\windows\ServicePackFiles\i386\tdi.sys
+ 2008-04-14 00:13:20 12,040 ------w c:\windows\ServicePackFiles\i386\tdpipe.sys
+ 2008-04-14 00:13:21 21,896 ------w c:\windows\ServicePackFiles\i386\tdtcp.sys
+ 2008-04-14 00:12:37 75,776 ------w c:\windows\ServicePackFiles\i386\telnet.exe
+ 2008-04-14 00:13:20 40,840 ------w c:\windows\ServicePackFiles\i386\termdd.sys
+ 2008-04-14 00:12:07 358,400 ------w c:\windows\ServicePackFiles\i386\termmgr.dll
+ 2008-04-14 00:12:07 295,424 ------w c:\windows\ServicePackFiles\i386\termsrv.dll
+ 2008-04-13 18:40:50 149,376 ------w c:\windows\ServicePackFiles\i386\tffsport.sys
+ 2008-04-14 00:12:07 385,536 ------w c:\windows\ServicePackFiles\i386\themeui.dll
+ 2008-04-14 00:12:37 61,440 ------w c:\windows\ServicePackFiles\i386\tlntadmn.exe
+ 2008-04-14 00:12:37 78,336 ------w c:\windows\ServicePackFiles\i386\tlntsess.exe
+ 2008-04-14 00:12:38 73,216 ------w c:\windows\ServicePackFiles\i386\tlntsvr.exe
+ 2008-04-14 00:12:07 7,168 ------w c:\windows\ServicePackFiles\i386\tlntsvrp.dll
+ 2007-12-17 12:00:05 66,592 ------w c:\windows\ServicePackFiles\i386\togac.exe
+ 2008-04-14 00:12:07 33,792 ------w c:\windows\ServicePackFiles\i386\tools.dll
+ 2008-04-14 00:12:38 347,136 ------w c:\windows\ServicePackFiles\i386\tourstrt.exe
+ 2008-04-14 00:12:38 82,944 ------w c:\windows\ServicePackFiles\i386\tp4mon.exe
+ 2008-04-14 00:12:38 259,584 ------w c:\windows\ServicePackFiles\i386\tracerpt.exe
+ 2008-04-14 00:12:38 12,288 ------w c:\windows\ServicePackFiles\i386\tracert.exe
+ 2008-04-14 00:12:42 12,800 ------w c:\windows\ServicePackFiles\i386\tree.com
+ 2008-04-14 00:12:07 153,088 ------w c:\windows\ServicePackFiles\i386\triedit.dll
+ 2008-04-14 00:12:07 90,112 ------w c:\windows\ServicePackFiles\i386\trkwks.dll
+ 2008-01-18 15:13:09 2,247 ------w c:\windows\ServicePackFiles\i386\tscdsbl.bat
+ 2008-04-14 00:12:07 93,696 ------w c:\windows\ServicePackFiles\i386\tscfgwmi.dll
+ 2007-12-12 10:33:51 18,917 ------w c:\windows\ServicePackFiles\i386\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w c:\windows\ServicePackFiles\i386\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w c:\windows\ServicePackFiles\i386\tscupdc.dll
+ 2008-04-14 00:13:21 12,168 ------w c:\windows\ServicePackFiles\i386\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w c:\windows\ServicePackFiles\i386\tsgqec.dll
+ 2008-04-14 00:12:07 279,040 ------w c:\windows\ServicePackFiles\i386\tshoot.dll
+ 2008-04-14 00:12:07 130,048 ------w c:\windows\ServicePackFiles\i386\tsoc.dll
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\ServicePackFiles\i386\tspkg.dll
+ 2008-04-14 00:12:07 8,704 ------w c:\windows\ServicePackFiles\i386\tty.dll
+ 2007-04-02 15:31:00 39,936 ------w c:\windows\ServicePackFiles\i386\ttyres.dll
+ 2008-04-14 00:12:07 16,384 ------w c:\windows\ServicePackFiles\i386\ttyui.dll
+ 2008-04-13 18:56:01 12,288 ------w c:\windows\ServicePackFiles\i386\tunmp.sys
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\ServicePackFiles\i386\twain_32.dll
+ 2008-04-14 00:12:07 57,856 ------w c:\windows\ServicePackFiles\i386\twext.dll
+ 2008-04-14 00:12:07 101,376 ------w c:\windows\ServicePackFiles\i386\txflog.dll
+ 2008-04-14 00:12:38 60,416 ------w c:\windows\ServicePackFiles\i386\tzchange.exe
+ 2008-04-13 18:36:40 44,672 ------w c:\windows\ServicePackFiles\i386\uagp35.sys
+ 2008-04-13 18:32:36 66,048 ------w c:\windows\ServicePackFiles\i386\udfs.sys
+ 2008-04-14 00:12:07 26,624 ------w c:\windows\ServicePackFiles\i386\udhisapi.dll
+ 2008-04-14 00:12:07 103,424 ------w c:\windows\ServicePackFiles\i386\uihelper.dll
+ 2008-04-14 00:12:07 275,456 ------w c:\windows\ServicePackFiles\i386\ulib.dll
+ 2008-04-14 00:12:07 35,840 ------w c:\windows\ServicePackFiles\i386\umandlg.dll
+ 2008-04-14 00:12:07 123,392 ------w c:\windows\ServicePackFiles\i386\umpnpmgr.dll
+ 2008-04-14 00:12:07 373,248 ------w c:\windows\ServicePackFiles\i386\unidrv.dll
+ 2008-04-14 00:12:07 744,448 ------w c:\windows\ServicePackFiles\i386\unidrvui.dll
+ 2008-04-14 00:12:07 74,240 ------w c:\windows\ServicePackFiles\i386\unimdmat.dll
+ 2008-04-14 00:12:07 13,824 ------w c:\windows\ServicePackFiles\i386\uniplat.dll
+ 2007-05-15 08:08:53 761,344 ------w c:\windows\ServicePackFiles\i386\unires.dll
+ 2008-04-14 00:12:07 316,416 ------w c:\windows\ServicePackFiles\i386\untfs.dll
+ 2008-04-13 18:39:46 384,768 ------w c:\windows\ServicePackFiles\i386\update.sys
+ 2008-04-14 00:12:38 150,528 ------w c:\windows\ServicePackFiles\i386\uploadm.exe
+ 2008-04-14 00:12:08 133,632 ------w c:\windows\ServicePackFiles\i386\upnp.dll
+ 2008-04-14 00:12:38 16,896 ------w c:\windows\ServicePackFiles\i386\upnpcont.exe
+ 2008-04-14 00:12:08 185,856 ------w c:\windows\ServicePackFiles\i386\upnphost.dll
+ 2008-04-14 00:12:08 239,616 ------w c:\windows\ServicePackFiles\i386\upnpui.dll
+ 2008-04-14 00:12:38 18,432 ------w c:\windows\ServicePackFiles\i386\ups.exe
+ 2008-04-14 00:12:08 37,888 ------w c:\windows\ServicePackFiles\i386\url.dll
+ 2008-04-14 00:12:08 619,520 ------w c:\windows\ServicePackFiles\i386\urlmon.dll
+ 2004-08-04 03:31:26 32,384 ------w c:\windows\ServicePackFiles\i386\usb101et.sys
+ 2008-04-13 18:56:49 12,800 ------w c:\windows\ServicePackFiles\i386\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w c:\windows\ServicePackFiles\i386\usb8023x.sys
+ 2008-04-13 18:45:12 60,032 ------w c:\windows\ServicePackFiles\i386\usbaudio.sys
+ 2008-04-13 18:45:40 25,600 ------w c:\windows\ServicePackFiles\i386\usbcamd.sys
+ 2008-04-13 18:45:41 25,728 ------w c:\windows\ServicePackFiles\i386\usbcamd2.sys
+ 2008-04-13 18:45:39 32,128 ------w c:\windows\ServicePackFiles\i386\usbccgp.sys
+ 2008-04-13 18:45:35 30,208 ------w c:\windows\ServicePackFiles\i386\usbehci.sys
+ 2008-04-13 18:45:37 59,520 ------w c:\windows\ServicePackFiles\i386\usbhub.sys
+ 2008-04-13 18:45:43 15,872 ------w c:\windows\ServicePackFiles\i386\usbintel.sys
+ 2008-04-14 00:12:08 16,896 ------w c:\windows\ServicePackFiles\i386\usbmon.dll
+ 2008-04-13 18:45:35 17,152 ------w c:\windows\ServicePackFiles\i386\usbohci.sys
+ 2008-04-13 18:45:36 143,872 ------w c:\windows\ServicePackFiles\i386\usbport.sys
+ 2008-04-13 18:47:37 25,856 ------w c:\windows\ServicePackFiles\i386\usbprint.sys
+ 2008-04-13 18:45:34 15,104 ------w c:\windows\ServicePackFiles\i386\usbscan.sys
+ 2008-04-13 18:45:36 26,112 ------w c:\windows\ServicePackFiles\i386\usbser.sys
+ 2008-04-13 18:45:38 26,368 ------w c:\windows\ServicePackFiles\i386\usbstor.sys
+ 2008-04-13 18:45:35 20,608 ------w c:\windows\ServicePackFiles\i386\usbuhci.sys
+ 2008-04-14 00:12:08 74,240 ------w c:\windows\ServicePackFiles\i386\usbui.dll
+ 2008-04-13 18:46:20 121,984 ------w c:\windows\ServicePackFiles\i386\usbvideo.sys
+ 2008-04-14 00:12:08 578,560 ------w c:\windows\ServicePackFiles\i386\user32.dll
+ 2008-04-14 00:12:08 727,040 ------w c:\windows\ServicePackFiles\i386\userenv.dll
+ 2008-04-14 00:12:38 26,112 ------w c:\windows\ServicePackFiles\i386\userinit.exe
+ 2008-04-14 00:12:08 406,016 ------w c:\windows\ServicePackFiles\i386\usp10.dll
+ 2008-04-14 00:12:38 50,176 ------w c:\windows\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 00:12:08 218,624 ------w c:\windows\ServicePackFiles\i386\uxtheme.dll
+ 2008-04-14 00:12:08 30,749 ------w c:\windows\ServicePackFiles\i386\vbajet32.dll
+ 2004-07-20 00:54:22 716,800 ------w c:\windows\ServicePackFiles\i386\vbc.exe
+ 2004-08-04 04:12:48 126,976 ------w c:\windows\ServicePackFiles\i386\vbc7ui.chs.dll
+ 2004-08-04 04:12:48 126,976 ------w c:\windows\ServicePackFiles\i386\vbc7ui.cht.dll
+ 2004-08-04 04:12:48 126,976 ------w c:\windows\ServicePackFiles\i386\vbc7ui.dll
+ 2004-08-04 04:12:48 147,456 ------w c:\windows\ServicePackFiles\i386\vbc7ui.es.dll
+ 2004-08-04 04:12:48 151,552 ------w c:\windows\ServicePackFiles\i386\vbc7ui.fr.dll
+ 2004-08-04 04:12:48 151,552 ------w c:\windows\ServicePackFiles\i386\vbc7ui.ger.dll
+ 2004-08-04 04:12:50 147,456 ------w c:\windows\ServicePackFiles\i386\vbc7ui.it.dll
+ 2004-08-04 04:12:50 126,976 ------w c:\windows\ServicePackFiles\i386\vbc7ui.ja.dll
+ 2004-08-04 04:12:50 126,976 ------w c:\windows\ServicePackFiles\i386\vbc7ui.kor.dll
+ 2008-04-14 00:12:08 434,176 ------w c:\windows\ServicePackFiles\i386\vbscript.dll
+ 2008-04-14 00:12:08 11,325 ------w c:\windows\ServicePackFiles\i386\vchnt5.dll
+ 2008-04-14 00:12:08 26,112 ------w c:\windows\ServicePackFiles\i386\vdmdbg.dll
+ 2008-04-14 00:12:08 51,712 ------w c:\windows\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:38 28,672 ------w c:\windows\ServicePackFiles\i386\verclsid.exe
+ 2008-04-14 00:12:08 26,624 ------w c:\windows\ServicePackFiles\i386\verifier.dll
+ 2008-04-14 00:12:08 18,944 ------w c:\windows\ServicePackFiles\i386\version.dll
+ 2008-04-14 00:12:08 53,760 ------w c:\windows\ServicePackFiles\i386\vfwwdm32.dll
+ 2008-04-13 18:44:40 20,992 ------w c:\windows\ServicePackFiles\i386\vga.sys
+ 2008-04-14 00:12:08 851,968 ------w c:\windows\ServicePackFiles\i386\vgx.dll
+ 2008-04-13 18:36:40 42,240 ------w c:\windows\ServicePackFiles\i386\viaagp.sys
+ 2008-04-13 18:40:31 5,376 ------w c:\windows\ServicePackFiles\i386\viaide.sys
+ 2008-04-13 18:44:40 81,664 ------w c:\windows\ServicePackFiles\i386\videoprt.sys
+ 2008-04-14 00:12:08 131,584 ------w c:\windows\ServicePackFiles\i386\viewprov.dll
+ 2008-04-13 18:41:01 52,352 ------w c:\windows\ServicePackFiles\i386\volsnap.sys
+ 2004-08-04 04:12:50 999,424 ------w c:\windows\ServicePackFiles\i386\vsavb7rt.dll
+ 2008-04-14 00:12:08 430,592 ------w c:\windows\ServicePackFiles\i386\vssapi.dll
+ 2008-04-14 00:12:38 289,792 ------w c:\windows\ServicePackFiles\i386\vssvc.exe
+ 2008-04-14 00:12:08 175,104 ------w c:\windows\ServicePackFiles\i386\w32time.dll
+ 2008-04-14 00:12:08 15,872 ------w c:\windows\ServicePackFiles\i386\w3ssl.dll
+ 2008-04-14 00:12:08 364,032 ------w c:\windows\ServicePackFiles\i386\w3svc.dll
+ 2008-04-14 00:12:08 483,840 ------w c:\windows\ServicePackFiles\i386\w95upgnt.dll
+ 2008-04-14 00:12:38 46,080 ------w c:\windows\ServicePackFiles\i386\wab.exe
+ 2008-04-14 00:12:08 510,976 ------w c:\windows\ServicePackFiles\i386\wab32.dll
+ 2008-04-13 16:21:48 249,856 ------w c:\windows\ServicePackFiles\i386\wab32res.dll
+ 2008-04-14 00:12:08 32,768 ------w c:\windows\ServicePackFiles\i386\wabfind.dll
+ 2008-04-14 00:12:08 85,504 ------w c:\windows\ServicePackFiles\i386\wabimp.dll
+ 2008-04-14 00:12:39 30,208 ------w c:\windows\ServicePackFiles\i386\wabmig.exe
+ 2008-04-13 18:43:55 14,208 ------w c:\windows\ServicePackFiles\i386\wacompen.sys
+ 2004-08-04 03:29:38 12,415 ------w c:\windows\ServicePackFiles\i386\wadv01nt.sys
+ 2004-08-04 03:29:38 12,127 ------w c:\windows\ServicePackFiles\i386\wadv02nt.sys
+ 2004-08-04 03:29:38 11,775 ------w c:\windows\ServicePackFiles\i386\wadv05nt.sys
+ 2004-08-04 03:29:40 11,807 ------w c:\windows\ServicePackFiles\i386\wadv07nt.sys
+ 2004-08-04 03:29:40 11,295 ------w c:\windows\ServicePackFiles\i386\wadv08nt.sys
+ 2004-08-04 03:29:42 11,871 ------w c:\windows\ServicePackFiles\i386\wadv09nt.sys
+ 2004-08-04 03:29:42 11,935 ------w c:\windows\ServicePackFiles\i386\wadv11nt.sys
+ 2008-04-14 00:12:08 76,800 ------w c:\windows\ServicePackFiles\i386\wam51.dll
+ 2008-04-14 00:12:08 53,248 ------w c:\windows\ServicePackFiles\i386\wamreg51.dll
+ 2008-04-13 18:57:21 34,560 ------w c:\windows\ServicePackFiles\i386\wanarp.sys
+ 2008-04-13 18:44:59 17,664 ------w c:\windows\ServicePackFiles\i386\watchdog.sys
+ 2004-08-04 03:29:42 29,311 ------w c:\windows\ServicePackFiles\i386\watv01nt.sys
+ 2004-08-04 03:29:44 19,551 ------w c:\windows\ServicePackFiles\i386\watv02nt.sys
+ 2004-08-04 03:29:44 33,599 ------w c:\windows\ServicePackFiles\i386\watv04nt.sys
+ 2004-08-04 03:29:46 22,271 ------w c:\windows\ServicePackFiles\i386\watv06nt.sys
+ 2004-08-04 03:29:46 25,471 ------w c:\windows\ServicePackFiles\i386\watv10nt.sys
+ 2008-04-14 00:12:08 215,552 ------w c:\windows\ServicePackFiles\i386\wavemsp.dll
+ 2008-04-14 00:12:08 196,608 ------w c:\windows\ServicePackFiles\i386\wbemcntl.dll
+ 2008-04-14 00:12:08 214,528 ------w c:\windows\ServicePackFiles\i386\wbemcomn.dll
+ 2008-04-14 00:12:08 71,680 ------w c:\windows\ServicePackFiles\i386\wbemcons.dll
+ 2008-04-14 00:12:08 531,456 ------w c:\windows\ServicePackFiles\i386\wbemcore.dll
+ 2008-04-14 00:12:08 178,176 ------w c:\windows\ServicePackFiles\i386\wbemdisp.dll
+ 2008-04-14 00:12:08 273,920 ------w c:\windows\ServicePackFiles\i386\wbemess.dll
+ 2008-04-14 00:12:08 43,008 ------w c:\windows\ServicePackFiles\i386\wbemperf.dll
+ 2008-04-14 00:12:08 18,944 ------w c:\windows\ServicePackFiles\i386\wbemprox.dll
+ 2008-04-14 00:12:08 43,520 ------w c:\windows\ServicePackFiles\i386\wbemsvc.dll
+ 2008-04-14 00:12:39 116,224 ------w c:\windows\ServicePackFiles\i386\wbemtest.exe
+ 2008-04-14 00:12:08 197,120 ------w c:\windows\ServicePackFiles\i386\wbemupgd.dll
+ 2008-04-13 18:45:38 31,744 ------w c:\windows\ServicePackFiles\i386\wceusbsh.sys
+ 2004-08-04 03:29:46 23,615 ------w c:\windows\ServicePackFiles\i386\wch7xxnt.sys
+ 2008-04-14 00:12:08 49,152 ------w c:\windows\ServicePackFiles\i386\wdigest.dll
+ 2008-04-14 00:12:45 23,552 ------w c:\windows\ServicePackFiles\i386\wdmaud.drv
+ 2008-04-13 19:17:18 83,072 ------w c:\windows\ServicePackFiles\i386\wdmaud.sys
+ 2008-04-14 00:12:08 276,480 ------w c:\windows\ServicePackFiles\i386\webcheck.dll
+ 2008-04-14 00:12:08 68,096 ------w c:\windows\ServicePackFiles\i386\webclnt.dll
+ 2008-04-14 00:12:08 135,680 ------w c:\windows\ServicePackFiles\i386\webvw.dll
+ 2008-04-14 00:12:39 65,024 ------w c:\windows\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 00:12:39 433,664 ------w c:\windows\ServicePackFiles\i386\wiaacmgr.exe
+ 2008-04-14 00:12:08 463,360 ------w c:\windows\ServicePackFiles\i386\wiadefui.dll
+ 2008-04-14 00:12:08 124,416 ------w c:\windows\ServicePackFiles\i386\wiadss.dll
+ 2008-04-14 00:12:08 75,776 ------w c:\windows\ServicePackFiles\i386\wiascr.dll
+ 2008-04-14 00:12:08 333,824 ------w c:\windows\ServicePackFiles\i386\wiaservc.dll
+ 2008-04-14 00:12:08 589,312 ------w c:\windows\ServicePackFiles\i386\wiashext.dll
+ 2008-04-14 00:12:08 111,104 ------w c:\windows\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 712,704 ------w c:\windows\ServicePackFiles\i386\wic.dll
+ 2008-04-14 00:12:08 346,112 ------w c:\windows\ServicePackFiles\i386\wicext.dll
+ 2008-04-13 19:30:10 1,845,632 ------w c:\windows\ServicePackFiles\i386\win32k.sys
+ 2008-04-14 00:12:08 102,400 ------w c:\windows\ServicePackFiles\i386\win32spl.dll
+ 2008-04-13 16:48:53 1,647,616 ------w c:\windows\ServicePackFiles\i386\winbrand.dll
+ 2008-04-14 00:12:39 283,648 ------w c:\windows\ServicePackFiles\i386\winhlp32.exe
+ 2008-04-14 00:12:08 354,304 ------w c:\windows\ServicePackFiles\i386\winhttp.dll
+ 2008-04-14 00:12:08 666,112 ------w c:\windows\ServicePackFiles\i386\wininet.dll
+ 2008-04-14 00:12:09 32,256 ------w c:\windows\ServicePackFiles\i386\winipsec.dll
+ 2008-04-14 00:12:39 507,904 ------w c:\windows\ServicePackFiles\i386\winlogon.exe
+ 2008-04-14 00:12:09 176,128 ------w c:\windows\ServicePackFiles\i386\winmm.dll
+ 2004-08-10 11:00:00 5,120 ------w c:\windows\ServicePackFiles\i386\winnls.dll
+ 2008-04-14 00:11:11 756,224 ------w c:\windows\ServicePackFiles\i386\winntbbu.dll
+ 2008-04-14 00:12:09 16,896 ------w c:\windows\ServicePackFiles\i386\winrnr.dll
+ 2008-04-14 00:12:09 99,328 ------w c:\windows\ServicePackFiles\i386\winscard.dll
+ 2008-04-14 00:12:09 17,408 ------w c:\windows\ServicePackFiles\i386\winshfhc.dll
+ 2008-04-14 00:12:45 146,432 ------w c:\windows\ServicePackFiles\i386\winspool.drv
+ 2008-04-14 00:12:09 293,376 ------w c:\windows\ServicePackFiles\i386\winsrv.dll
+ 2008-04-14 00:12:09 53,760 ------w c:\windows\ServicePackFiles\i386\winsta.dll
+ 2008-04-14 00:12:09 176,640 ------w c:\windows\ServicePackFiles\i386\wintrust.dll
+ 2008-04-14 00:12:40 5,632 ------w c:\windows\ServicePackFiles\i386\winver.exe
+ 2008-04-14 00:12:09 132,096 ------w c:\windows\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w c:\windows\ServicePackFiles\i386\wlanapi.dll
+ 2008-04-14 00:12:09 172,032 ------w c:\windows\ServicePackFiles\i386\wldap32.dll
+ 2004-08-04 03:31:28 154,624 ------w c:\windows\ServicePackFiles\i386\wlluc48.sys
+ 2008-04-14 00:12:09 92,672 ------w c:\windows\ServicePackFiles\i386\wlnotify.dll
+ 2008-04-14 00:11:15 5,632 ------w c:\windows\ServicePackFiles\i386\wmi.dll
+ 2008-04-13 18:36:38 8,832 ------w c:\windows\ServicePackFiles\i386\wmiacpi.sys
+ 2008-04-14 00:12:40 196,608 ------w c:\windows\ServicePackFiles\i386\wmiadap.exe
+ 2008-04-13 17:10:20 6,656 ------w c:\windows\ServicePackFiles\i386\wmiapres.dll
+ 2008-04-14 00:12:09 88,576 ------w c:\windows\ServicePackFiles\i386\wmiaprpl.dll
+ 2008-04-14 00:12:40 126,464 ------w c:\windows\ServicePackFiles\i386\wmiapsrv.exe
+ 2008-04-14 00:12:40 358,912 ------w c:\windows\ServicePackFiles\i386\wmic.exe
+ 2008-04-14 00:12:09 60,928 ------w c:\windows\ServicePackFiles\i386\wmicookr.dll
+ 2008-04-14 00:12:09 140,800 ------w c:\windows\ServicePackFiles\i386\wmidcprv.dll
+ 2008-04-14 00:12:09 156,672 ------w c:\windows\ServicePackFiles\i386\wmipcima.dll
+ 2008-04-14 00:12:09 132,096 ------w c:\windows\ServicePackFiles\i386\wmipdskq.dll
+ 2008-04-14 00:12:09 61,952 ------w c:\windows\ServicePackFiles\i386\wmipiprt.dll
+ 2008-04-14 00:12:09 62,464 ------w c:\windows\ServicePackFiles\i386\wmipjobj.dll
+ 2008-04-14 00:12:09 144,896 ------w c:\windows\ServicePackFiles\i386\wmiprov.dll
+ 2008-04-14 00:12:09 437,248 ------w c:\windows\ServicePackFiles\i386\wmiprvsd.dll
+ 2008-04-14 00:12:40 218,112 ------w c:\windows\ServicePackFiles\i386\wmiprvse.exe
+ 2008-04-14 00:12:09 41,472 ------w c:\windows\ServicePackFiles\i386\wmipsess.dll
+ 2008-04-14 00:12:09 144,896 ------w c:\windows\ServicePackFiles\i386\wmisvc.dll
+ 2008-04-14 00:12:09 95,232 ------w c:\windows\ServicePackFiles\i386\wmiutils.dll
+ 2008-04-14 00:12:09 167,936 ------w c:\windows\ServicePackFiles\i386\wmm2ae.dll
+ 2008-04-14 00:12:09 4,096 ------w c:\windows\ServicePackFiles\i386\wmm2eres.dll
+ 2008-04-14 00:12:09 7,680 ------w c:\windows\ServicePackFiles\i386\wmm2ext.dll
+ 2008-04-14 00:12:09 402,432 ------w c:\windows\ServicePackFiles\i386\wmm2filt.dll
+ 2008-04-14 00:12:09 502,272 ------w c:\windows\ServicePackFiles\i386\wmm2fxa.dll
+ 2008-04-14 00:12:09 325,632 ------w c:\windows\ServicePackFiles\i386\wmm2fxb.dll
+ 2008-04-14 00:12:09 4,256,768 ------w c:\windows\ServicePackFiles\i386\wmm2res.dll
+ 2008-04-14 00:12:09 5,632 ------w c:\windows\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 276,992 ------w c:\windows\ServicePackFiles\i386\wmphoto.dll
+ 2008-04-14 00:12:40 214,528 ------w c:\windows\ServicePackFiles\i386\wordpad.exe
+ 2008-04-14 00:12:10 264,192 ------w c:\windows\ServicePackFiles\i386\wow32.dll
+ 2008-04-14 00:12:40 32,256 ------w c:\windows\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 00:12:41 11,264 ------w c:\windows\ServicePackFiles\i386\wpnpinst.exe
+ 2008-04-14 00:12:10 82,432 ------w c:\windows\ServicePackFiles\i386\ws2_32.dll
+ 2008-04-14 00:12:10 19,968 ------w c:\windows\ServicePackFiles\i386\ws2help.dll
+ 2008-04-14 00:12:41 13,824 ------w c:\windows\ServicePackFiles\i386\wscntfy.exe
+ 2008-04-14 00:12:41 155,648 ------w c:\windows\ServicePackFiles\i386\wscript.exe
+ 2008-04-14 00:12:10 80,896 ------w c:\windows\ServicePackFiles\i386\wscsvc.dll
+ 2008-04-14 00:12:10 604,160 ------w c:\windows\ServicePackFiles\i386\wsecedit.dll
+ 2008-04-14 00:12:10 108,032 ------w c:\windows\ServicePackFiles\i386\wshbth.dll
+ 2008-04-14 00:12:10 36,864 ------w c:\windows\ServicePackFiles\i386\wshcon.dll
+ 2008-04-14 00:12:10 90,112 ------w c:\windows\ServicePackFiles\i386\wshext.dll
+ 2008-04-14 00:12:10 14,336 ------w c:\windows\ServicePackFiles\i386\wship6.dll
+ 2008-04-14 00:12:10 8,192 ------w c:\windows\ServicePackFiles\i386\wshirda.dll
+ 2008-04-14 00:12:10 11,264 ------w c:\windows\ServicePackFiles\i386\wshrm.dll
+ 2008-04-14 00:12:10 19,456 ------w c:\windows\ServicePackFiles\i386\wshtcpip.dll
+ 2004-08-04 03:29:48 12,063 ------w c:\windows\ServicePackFiles\i386\wsiintxx.sys
+ 2008-04-14 00:12:10 41,984 ------w c:\windows\ServicePackFiles\i386\wsnmp32.dll
+ 2008-04-14 00:12:10 22,528 ------w c:\windows\ServicePackFiles\i386\wsock32.dll
+ 2008-04-13 18:46:24 19,200 ------w c:\windows\ServicePackFiles\i386\wstcodec.sys
+ 2008-04-14 00:12:10 50,688 ------w c:\windows\ServicePackFiles\i386\wstdecod.dll
+ 2008-04-14 00:12:10 18,432 ------w c:\windows\ServicePackFiles\i386\wtsapi32.dll
+ 2008-04-14 00:12:10 430,592 ------w c:\windows\ServicePackFiles\i386\wuapi.dll
+ 2008-04-14 00:12:41 111,104 ------w c:\windows\ServicePackFiles\i386\wuauclt.exe
+ 2008-04-14 00:12:41 165,888 ------w c:\windows\ServicePackFiles\i386\wuauclt1.exe
+ 2008-04-14 00:12:11 1,135,616 ------w c:\windows\ServicePackFiles\i386\wuaueng.dll
+ 2008-04-14 00:12:11 183,296 ------w c:\windows\ServicePackFiles\i386\wuaueng1.dll
+ 2008-04-14 00:12:11 6,656 ------w c:\windows\ServicePackFiles\i386\wuauserv.dll
+ 2008-04-14 00:12:11 112,640 ------w c:\windows\ServicePackFiles\i386\wucltui.dll
+ 2008-04-14 00:12:11 32,256 ------w c:\windows\ServicePackFiles\i386\wups.dll
+ 2008-04-14 00:12:11 120,320 ------w c:\windows\ServicePackFiles\i386\wuweb.dll
+ 2004-08-04 03:29:50 19,455 ------w c:\windows\ServicePackFiles\i386\wvchntxx.sys
+ 2008-04-14 00:12:11 383,488 ------w c:\windows\ServicePackFiles\i386\wzcdlg.dll
+ 2008-04-14 00:12:11 52,736 ------w c:\windows\ServicePackFiles\i386\wzcsapi.dll
+ 2008-04-14 00:12:11 483,840 ------w c:\windows\ServicePackFiles\i386\wzcsvc.dll
+ 2008-04-14 00:12:11 91,648 ------w c:\windows\ServicePackFiles\i386\xactsrv.dll
+ 2008-04-14 00:12:41 30,720 ------w c:\windows\ServicePackFiles\i386\xcopy.exe
+ 2004-08-10 11:00:00 174,200 ------w c:\windows\ServicePackFiles\i386\xenroll.dll
+ 2008-04-14 00:12:11 121,856 ------w c:\windows\ServicePackFiles\i386\xmllite.dll
+ 2008-04-14 00:12:11 129,024 ------w c:\windows\ServicePackFiles\i386\xmlprov.dll
+ 2008-04-14 00:12:11 50,176 ------w c:\windows\ServicePackFiles\i386\xmlprovi.dll
+ 2008-04-14 00:12:11 11,776 ------w c:\windows\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-13 18:53:32 558,080 ------w c:\windows\ServicePackFiles\i386\xpnetdg.exe
+ 2008-04-13 17:39:29 438,784 ------w c:\windows\ServicePackFiles\i386\xpob2res.dll
+ 2008-04-13 17:39:22 187,392 ------w c:\windows\ServicePackFiles\i386\xpsp1res.dll
+ 2008-04-13 17:39:24 2,897,920 ------w c:\windows\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:26 689,152 ------w c:\windows\ServicePackFiles\i386\xpsp3res.dll
+ 2008-04-14 00:12:11 18,944 ------w c:\windows\ServicePackFiles\i386\xrxscnui.dll
+ 2008-04-14 00:12:11 116,224 ------w c:\windows\ServicePackFiles\i386\xrxwiadr.dll
+ 2008-04-14 00:12:11 338,432 ------w c:\windows\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\custsat.dll
+ 2008-04-14 00:11:59 82,944 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msgslang.dll
+ 2008-04-14 00:12:28 1,695,232 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\slrundll.exe
- 2004-08-10 11:00:00 3,166,208 ----a-w c:\windows\srchasst\msgr3en.dll
+ 2008-04-14 00:11:59 3,166,208 ----a-w c:\windows\srchasst\msgr3en.dll
- 2004-08-10 11:00:00 58,434 -c--a-w c:\windows\srchasst\srchctls.dll
+ 2008-04-14 00:12:06 58,434 ----a-w c:\windows\srchasst\srchctls.dll
- 2004-08-10 11:00:00 725,566 ----a-w c:\windows\srchasst\srchui.dll
+ 2008-04-14 00:12:07 726,078 ----a-w c:\windows\srchasst\srchui.dll
- 2004-08-10 11:00:00 146,432 -c--a-w c:\windows\system\WINSPOOL.DRV
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system\winspool.drv
- 2006-08-16 11:58:05 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2008-04-14 00:11:48 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w c:\windows\system32\aaclient.dll
- 2004-08-10 11:00:00 183,808 ----a-w c:\windows\system32\accwiz.exe
+ 2008-04-14 00:12:11 184,320 ----a-w c:\windows\system32\accwiz.exe
- 2004-08-10 11:00:00 114,688 ----a-w c:\windows\system32\aclui.dll
+ 2008-04-14 00:11:48 115,712 ----a-w c:\windows\system32\aclui.dll
- 2004-08-10 11:00:00 194,048 ----a-w c:\windows\system32\activeds.dll
+ 2008-04-14 00:11:48 193,536 ----a-w c:\windows\system32\activeds.dll
- 2004-08-10 11:00:00 4,096 ----a-w c:\windows\system32\actmovie.exe
+ 2008-04-14 00:12:12 4,096 ----a-w c:\windows\system32\actmovie.exe
- 2004-08-10 11:00:00 101,888 ----a-w c:\windows\system32\actxprxy.dll
+ 2008-04-14 00:11:48 98,304 ----a-w c:\windows\system32\actxprxy.dll
- 2004-08-10 11:00:00 61,440 ----a-w c:\windows\system32\admparse.dll
+ 2007-08-13 23:39:20 71,680 ----a-w c:\windows\system32\admparse.dll
- 2004-08-10 11:00:00 175,616 ----a-w c:\windows\system32\adsldp.dll
+ 2008-04-14 00:11:48 175,616 ----a-w c:\windows\system32\adsldp.dll
- 2004-08-10 11:00:00 143,360 ----a-w c:\windows\system32\adsldpc.dll
+ 2008-04-14 00:11:48 143,360 ----a-w c:\windows\system32\adsldpc.dll
- 2004-08-10 11:00:00 68,096 ----a-w c:\windows\system32\adsmsext.dll
+ 2008-04-14 00:11:48 68,096 ----a-w c:\windows\system32\adsmsext.dll
- 2004-08-10 11:00:00 263,680 ----a-w c:\windows\system32\adsnt.dll
+ 2008-04-14 00:11:48 263,680 ----a-w c:\windows\system32\adsnt.dll
- 2004-08-10 11:00:00 109,568 ----a-w c:\windows\system32\adsnw.dll
+ 2008-04-14 00:11:48 123,392 ----a-w c:\windows\system32\adsnw.dll
- 2004-08-10 11:00:00 616,960 ----a-w c:\windows\system32\advapi32.dll
+ 2008-04-14 00:11:48 617,472 ----a-w c:\windows\system32\advapi32.dll
- 2004-08-10 11:00:00 99,840 ----a-w c:\windows\system32\advpack.dll
+ 2008-12-20 23:15:11 124,928 ----a-w c:\windows\system32\advpack.dll
- 2004-08-10 11:00:00 98,304 ----a-w c:\windows\system32\ahui.exe
+ 2008-04-14 00:12:12 98,304 ----a-w c:\windows\system32\ahui.exe
- 2004-08-10 11:00:00 44,544 ----a-w c:\windows\system32\alg.exe
+ 2008-04-14 00:12:12 44,544 ----a-w c:\windows\system32\alg.exe
- 2004-08-10 11:00:00 17,408 ----a-w c:\windows\system32\alrsvc.dll
+ 2008-04-14 00:11:49 17,408 ----a-w c:\windows\system32\alrsvc.dll
- 2004-08-10 11:00:00 70,656 ----a-w c:\windows\system32\amstream.dll
+ 2008-04-14 00:11:49 70,656 ----a-w c:\windows\system32\amstream.dll
- 2004-08-10 11:00:00 126,976 ----a-w c:\windows\system32\apphelp.dll
+ 2008-04-14 00:11:49 125,952 ----a-w c:\windows\system32\apphelp.dll
- 2004-08-10 11:00:00 167,936 ----a-w c:\windows\system32\appmgmts.dll
+ 2008-04-14 00:11:49 167,936 ----a-w c:\windows\system32\appmgmts.dll
- 2004-08-10 11:00:00 295,936 ----a-w c:\windows\system32\appmgr.dll
+ 2008-04-14 00:11:49 295,936 ----a-w c:\windows\system32\appmgr.dll
- 2004-08-10 11:00:00 30,208 ----a-w c:\windows\system32\asr_fmt.exe
+ 2008-04-14 00:12:12 30,208 ----a-w c:\windows\system32\asr_fmt.exe
- 2004-08-10 11:00:00 32,768 ----a-w c:\windows\system32\asr_pfu.exe
+ 2008-04-14 00:12:12 32,768 ----a-w c:\windows\system32\asr_pfu.exe
- 2004-08-10 11:00:00 65,024 ----a-w c:\windows\system32\asycfilt.dll
+ 2008-04-14 00:11:49 65,024 ----a-w c:\windows\system32\asycfilt.dll
- 2004-08-10 11:00:00 25,088 ----a-w c:\windows\system32\at.exe
+ 2008-04-14 00:12:12 25,088 ----a-w c:\windows\system32\at.exe
+ 2008-04-14 00:11:49 377,984 ------w c:\windows\system32\ati2dvaa.dll
+ 2008-04-14 00:11:49 870,784 ------w c:\windows\system32\ati3d1ag.dll
+ 2008-04-14 00:11:50 32,768 ------w c:\windows\system32\ativtmxx.dll
- 2004-08-10 11:00:00 58,880 ----a-w c:\windows\system32\atl.dll
+ 2008-04-14 00:11:50 58,880 ----a-w c:\windows\system32\atl.dll
- 2004-08-10 11:00:00 11,264 ----a-w c:\windows\system32\atmadm.exe
+ 2008-04-14 00:12:12 11,264 ----a-w c:\windows\system32\atmadm.exe
- 2004-08-10 11:00:00 285,696 ----a-w c:\windows\system32\atmfd.dll
+ 2008-04-14 00:09:01 285,696 ----a-w c:\windows\system32\atmfd.dll
- 2004-08-10 11:00:00 30,208 ----a-w c:\windows\system32\atmlib.dll
+ 2008-04-14 00:11:50 30,208 ----a-w c:\windows\system32\atmlib.dll
- 2004-08-10 11:00:00 11,264 ----a-w c:\windows\system32\attrib.exe
+ 2008-04-14 00:12:12 12,288 ----a-w c:\windows\system32\attrib.exe
- 2004-08-10 11:00:00 42,496 ----a-w c:\windows\system32\audiosrv.dll
+ 2008-04-14 00:11:50 42,496 ----a-w c:\windows\system32\audiosrv.dll
- 2004-08-10 11:00:00 14,336 ----a-w c:\windows\system32\auditusr.exe
+ 2008-04-14 00:12:12 14,336 ----a-w c:\windows\system32\auditusr.exe
- 2005-03-02 18:09:29 56,832 ----a-w c:\windows\system32\authz.dll
+ 2008-04-14 00:11:50 62,464 ----a-w c:\windows\system32\authz.dll
- 2004-08-10 11:00:00 588,800 ----a-w c:\windows\system32\autochk.exe
+ 2008-04-14 00:12:12 588,800 ----a-w c:\windows\system32\autochk.exe
- 2004-08-10 11:00:00 602,624 ----a-w c:\windows\system32\autoconv.exe
+ 2008-04-14 00:12:12 602,624 ----a-w c:\windows\system32\autoconv.exe
- 2004-08-10 11:00:00 580,608 ----a-w c:\windows\system32\autofmt.exe
+ 2008-04-14 00:12:13 580,608 ----a-w c:\windows\system32\autofmt.exe
- 2004-08-10 11:00:00 11,264 ----a-w c:\windows\system32\autolfn.exe
+ 2008-04-14 00:12:13 11,264 ----a-w c:\windows\system32\autolfn.exe
- 2004-08-10 11:00:00 84,992 ----a-w c:\windows\system32\avifil32.dll
+ 2008-04-14 00:11:50 84,992 ----a-w c:\windows\system32\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w c:\windows\system32\azroles.dll
- 2004-08-10 11:00:00 52,736 ----a-w c:\windows\system32\basesrv.dll
+ 2008-04-14 00:11:50 52,736 ----a-w c:\windows\system32\basesrv.dll
- 2004-08-10 11:00:00 28,672 ----a-w c:\windows\system32\batmeter.dll
+ 2008-04-14 00:11:50 29,184 ----a-w c:\windows\system32\batmeter.dll
- 2004-08-10 11:00:00 8,704 ----a-w c:\windows\system32\batt.dll
+ 2008-04-14 00:11:50 8,704 ----a-w c:\windows\system32\batt.dll
- 2004-08-10 11:00:00 17,408 ----a-w c:\windows\system32\bidispl.dll
+ 2008-04-14 00:11:50 17,408 ----a-w c:\windows\system32\bidispl.dll
+ 2008-04-14 00:12:03 409,088 ------w c:\windows\system32\bits\qmgr.dll
- 2004-08-10 11:00:00 8,192 ----a-w c:\windows\system32\bitsprx2.dll
+ 2008-04-14 00:11:50 8,192 ----a-w c:\windows\system32\bitsprx2.dll
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ----a-w c:\windows\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\system32\bitsprx4.dll
- 2004-08-10 11:00:00 71,680 ----a-w c:\windows\system32\blastcln.exe
+ 2008-04-14 00:12:13 71,680 ----a-w c:\windows\system32\blastcln.exe
- 2004-08-10 11:00:00 136,704 ----a-w c:\windows\system32\bootcfg.exe
+ 2008-04-14 00:12:13 142,848 ----a-w c:\windows\system32\bootcfg.exe
- 2004-08-10 11:00:00 63,488 ----a-w c:\windows\system32\browselc.dll
+ 2008-04-13 17:03:24 63,488 ----a-w c:\windows\system32\browselc.dll
- 2004-08-10 11:00:00 77,312 ----a-w c:\windows\system32\browser.dll
+ 2008-04-14 00:11:50 77,824 ----a-w c:\windows\system32\browser.dll
- 2008-10-16 10:20:52 1,024,000 ----a-w c:\windows\system32\browseui.dll
+ 2008-04-14 00:11:50 1,025,024 ----a-w c:\windows\system32\browseui.dll
- 2004-08-10 11:00:00 78,336 ----a-w c:\windows\system32\browsewm.dll
+ 2008-04-14 00:11:50 78,336 ----a-w c:\windows\system32\browsewm.dll
- 2004-08-10 11:00:00 20,992 ----a-w c:\windows\system32\bthci.dll
+ 2008-04-14 00:11:50 20,992 ----a-w c:\windows\system32\bthci.dll
- 2004-08-10 11:00:00 30,208 ----a-w c:\windows\system32\bthserv.dll
+ 2008-04-14 00:11:50 30,208 ----a-w c:\windows\system32\bthserv.dll
- 2004-08-10 11:00:00 50,688 ----a-w c:\windows\system32\btpanui.dll
+ 2008-04-14 00:11:50 50,688 ----a-w c:\windows\system32\btpanui.dll
- 2004-08-10 11:00:00 218,112 ----a-w c:\windows\system32\c_g18030.dll
+ 2008-04-14 00:11:50 218,112 ----a-w c:\windows\system32\c_g18030.dll
- 2004-08-10 11:00:00 59,904 ----a-w c:\windows\system32\cabinet.dll
+ 2008-04-14 00:11:50 60,416 ----a-w c:\windows\system32\cabinet.dll
- 2004-08-10 11:00:00 84,480 ----a-w c:\windows\system32\cabview.dll
+ 2008-04-14 00:11:50 84,480 ----a-w c:\windows\system32\cabview.dll
- 2004-08-10 11:00:00 18,432 ----a-w c:\windows\system32\cacls.exe
+ 2008-04-14 00:12:13 19,968 ----a-w c:\windows\system32\cacls.exe
- 2004-08-10 11:00:00 50,688 ----a-w c:\windows\system32\camocx.dll
+ 2008-04-14 00:11:50 50,688 ----a-w c:\windows\system32\camocx.dll
- 2004-08-10 11:00:00 142,848 ----a-w c:\windows\system32\capesnpn.dll
+ 2008-04-14 00:11:50 150,016 ----a-w c:\windows\system32\capesnpn.dll
- 2005-07-26 04:39:42 225,792 ----a-w c:\windows\system32\catsrv.dll
+ 2008-04-14 00:11:50 226,304 ----a-w c:\windows\system32\catsrv.dll
- 2004-08-10 11:00:00 85,504 ----a-w c:\windows\system32\catsrvps.dll
+ 2008-04-14 00:11:50 85,504 ----a-w c:\windows\system32\catsrvps.dll
- 2005-07-26 04:39:43 625,152 ----a-w c:\windows\system32\catsrvut.dll
+ 2008-04-14 00:11:50 625,664 ----a-w c:\windows\system32\catsrvut.dll
- 2008-10-16 10:20:42 151,040 ----a-w c:\windows\system32\cdfview.dll
+ 2008-04-14 00:11:50 151,040 ----a-w c:\windows\system32\cdfview.dll
- 2005-09-10 01:53:41 2,067,968 ----a-w c:\windows\system32\cdosys.dll
+ 2008-04-14 00:11:50 2,091,520 ----a-w c:\windows\system32\cdosys.dll
- 2004-08-10 11:00:00 194,560 ----a-w c:\windows\system32\certcli.dll
+ 2008-04-14 00:11:50 194,560 ----a-w c:\windows\system32\certcli.dll
- 2004-08-10 11:00:00 457,728 ----a-w c:\windows\system32\certmgr.dll
+ 2008-04-14 00:11:50 457,728 ----a-w c:\windows\system32\certmgr.dll
- 2004-08-10 11:00:00 38,912 ----a-w c:\windows\system32\cfgbkend.dll
+ 2008-04-14 00:11:50 38,912 ----a-w c:\windows\system32\cfgbkend.dll
- 2004-08-10 11:00:00 16,896 ----a-w c:\windows\system32\cfgmgr32.dll
+ 2008-04-14 00:09:05 16,896 ----a-w c:\windows\system32\cfgmgr32.dll
- 2004-08-10 11:00:00 109,568 ----a-w c:\windows\system32\cic.dll
+ 2008-04-14 00:11:50 148,480 ----a-w c:\windows\system32\cic.dll
- 2006-06-22 05:06:29 69,120 ----a-w c:\windows\system32\ciodm.dll
+ 2008-04-14 00:11:50 69,120 ----a-w c:\windows\system32\ciodm.dll
- 2004-08-10 11:00:00 56,320 ----a-w c:\windows\system32\cipher.exe
+ 2008-04-14 00:12:14 56,832 ----a-w c:\windows\system32\cipher.exe
- 2004-08-10 11:00:00 5,632 ----a-w c:\windows\system32\cisvc.exe
+ 2008-04-14 00:12:14 5,632 ----a-w c:\windows\system32\cisvc.exe
- 2005-07-26 04:39:43 110,080 ----a-w c:\windows\system32\clbcatex.dll
+ 2008-04-14 00:11:50 110,592 ----a-w c:\windows\system32\clbcatex.dll
- 2005-07-26 04:39:43 498,688 ----a-w c:\windows\system32\clbcatq.dll
+ 2008-04-14 00:11:50 498,688 ----a-w c:\windows\system32\clbcatq.dll
- 2004-08-10 11:00:00 64,000 ----a-w c:\windows\system32\cleanmgr.exe
+ 2008-04-14 00:12:14 64,000 ----a-w c:\windows\system32\cleanmgr.exe
- 2004-08-10 11:00:00 77,824 ----a-w c:\windows\system32\cliconfg.dll
+ 2008-04-14 00:11:50 77,824 ----a-w c:\windows\system32\cliconfg.dll
- 2004-08-10 11:00:00 20,480 ----a-w c:\windows\system32\cliconfg.exe
+ 2008-04-14 00:12:14 20,480 ----a-w c:\windows\system32\cliconfg.exe
- 2004-08-10 11:00:00 102,912 ----a-w c:\windows\system32\clipbrd.exe
+ 2008-04-14 00:12:14 102,912 ----a-w c:\windows\system32\clipbrd.exe
- 2004-08-10 11:00:00 33,280 ----a-w c:\windows\system32\clipsrv.exe
+ 2008-04-14 00:12:14 33,280 ----a-w c:\windows\system32\clipsrv.exe
- 2004-08-10 11:00:00 57,856 ----a-w c:\windows\system32\clusapi.dll
+ 2008-04-14 00:11:50 58,368 ----a-w c:\windows\system32\clusapi.dll
- 2004-08-10 11:00:00 15,872 ----a-w c:\windows\system32\cmcfg32.dll
+ 2008-04-14 00:11:50 15,872 ----a-w c:\windows\system32\cmcfg32.dll
- 2004-08-10 11:00:00 388,608 ----a-w c:\windows\system32\cmd.exe
+ 2008-04-14 00:12:14 389,120 ----a-w c:\windows\system32\cmd.exe
- 2004-08-10 11:00:00 343,040 ----a-w c:\windows\system32\cmdial32.dll
+ 2008-04-14 00:11:50 344,064 ----a-w c:\windows\system32\cmdial32.dll
- 2004-08-10 11:00:00 47,104 ----a-w c:\windows\system32\cmdl32.exe
+ 2008-04-14 00:12:14 25,600 ----a-w c:\windows\system32\cmdl32.exe
- 2004-08-10 11:00:00 39,936 ----a-w c:\windows\system32\cmmon32.exe
+ 2008-04-14 00:12:15 39,936 ----a-w c:\windows\system32\cmmon32.exe
- 2004-08-10 11:00:00 185,344 ----a-w c:\windows\system32\cmprops.dll
+ 2008-04-14 00:11:50 185,344 ----a-w c:\windows\system32\cmprops.dll
- 2004-08-10 11:00:00 13,824 ----a-w c:\windows\system32\cmsetACL.dll
+ 2008-04-14 00:11:50 13,312 ----a-w c:\windows\system32\cmsetacl.dll
- 2004-08-10 11:00:00 63,488 ----a-w c:\windows\system32\cmstp.exe
+ 2008-04-14 00:12:15 63,488 ----a-w c:\windows\system32\cmstp.exe
- 2004-08-10 11:00:00 39,936 ----a-w c:\windows\system32\cmutil.dll
+ 2008-04-14 00:11:50 39,424 ----a-w c:\windows\system32\cmutil.dll
- 2004-08-10 11:00:00 47,104 ----a-w c:\windows\system32\cnbjmon.dll
+ 2008-04-14 00:11:50 47,104 ----a-w c:\windows\system32\cnbjmon.dll
- 2005-07-26 04:39:43 60,416 ----a-w c:\windows\system32\colbact.dll
+ 2008-04-14 00:11:51 60,416 ----a-w c:\windows\system32\colbact.dll
- 2005-07-26 04:39:44 195,072 ----a-w c:\windows\system32\Com\comadmin.dll
+ 2008-04-14 00:11:51 195,072 ----a-w c:\windows\system32\Com\comadmin.dll
- 2004-08-10 11:00:00 9,728 -c--a-w c:\windows\system32\Com\comrepl.exe
+ 2008-04-14 00:12:15 9,728 ----a-w c:\windows\system32\Com\comrepl.exe
- 2004-08-10 11:00:00 5,120 -c--a-w c:\windows\system32\Com\comrereg.exe
+ 2008-04-14 00:12:15 6,144 ----a-w c:\windows\system32\Com\comrereg.exe
- 2004-08-10 11:00:00 25,600 ----a-w c:\windows\system32\comaddin.dll
+ 2008-04-14 00:11:51 28,160 ----a-w c:\windows\system32\comaddin.dll
- 2006-08-25 15:45:58 617,472 ----a-w c:\windows\system32\comctl32.dll
+ 2008-04-14 00:11:51 617,472 ----a-w c:\windows\system32\comctl32.dll
- 2004-08-10 11:00:00 276,992 ----a-w c:\windows\system32\comdlg32.dll
+ 2008-04-14 00:11:51 276,992 ----a-w c:\windows\system32\comdlg32.dll
- 2004-08-10 11:00:00 252,928 ----a-w c:\windows\system32\compatUI.dll
+ 2008-04-14 00:11:51 252,928 ----a-w c:\windows\system32\compatui.dll
- 2004-08-10 11:00:00 229,376 ----a-w c:\windows\system32\compstui.dll
+ 2008-04-14 00:11:51 229,376 ----a-w c:\windows\system32\compstui.dll
- 2005-07-26 04:39:44 97,792 ----a-w c:\windows\system32\comrepl.dll
+ 2008-04-14 00:11:51 97,792 ----a-w c:\windows\system32\comrepl.dll
- 2004-08-10 11:00:00 792,064 ----a-w c:\windows\system32\comres.dll
+ 2008-04-14 00:11:51 792,064 ----a-w c:\windows\system32\comres.dll
+ 2008-04-13 18:43:32 9,728 ------w c:\windows\system32\comsdupd.exe
- 2004-08-10 11:00:00 147,456 ----a-w c:\windows\system32\comsnap.dll
+ 2008-04-14 00:11:51 167,424 ----a-w c:\windows\system32\comsnap.dll
- 2005-07-26 04:39:44 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
+ 2008-04-14 00:11:51 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
- 2005-07-26 04:39:45 540,160 ----a-w c:\windows\system32\comuid.dll
+ 2008-04-14 00:11:51 539,648 ----a-w c:\windows\system32\comuid.dll
- 2009-04-01 13:02:05 32,768 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-04-02 08:10:00 32,768 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-04-01 13:02:05 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-02 08:10:00 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-04-02 08:09:43 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009040220090403\index.dat
- 2009-04-01 13:02:05 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-04-02 08:10:00 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2004-08-10 11:00:00 345,600 ----a-w c:\windows\system32\confmsp.dll
+ 2008-04-14 00:11:51 357,888 ----a-w c:\windows\system32\confmsp.dll
- 2004-08-10 11:00:00 27,648 ----a-w c:\windows\system32\conime.exe
+ 2008-04-14 00:12:15 27,648 ----a-w c:\windows\system32\conime.exe
- 2004-08-10 11:00:00 35,328 ----a-w c:\windows\system32\corpol.dll
+ 2008-04-14 00:11:51 35,328 ------w c:\windows\system32\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w c:\windows\system32\credssp.dll
- 2004-08-10 11:00:00 163,840 ----a-w c:\windows\system32\credui.dll
+ 2008-04-14 00:11:51 163,840 ----a-w c:\windows\system32\credui.dll
- 2004-08-10 11:00:00 597,504 ----a-w c:\windows\system32\crypt32.dll
+ 2008-04-14 00:11:51 599,040 ----a-w c:\windows\system32\crypt32.dll
- 2004-08-10 11:00:00 74,752 ----a-w c:\windows\system32\cryptdlg.dll
+ 2008-04-14 00:11:51 74,752 ----a-w c:\windows\system32\cryptdlg.dll
- 2004-08-10 11:00:00 33,280 ----a-w c:\windows\system32\cryptdll.dll
+ 2008-04-14 00:11:51 33,280 ----a-w c:\windows\system32\cryptdll.dll
- 2004-08-10 11:00:00 53,760 ----a-w c:\windows\system32\cryptext.dll
+ 2008-04-14 00:11:51 53,760 ----a-w c:\windows\system32\cryptext.dll
- 2004-08-10 11:00:00 63,488 ----a-w c:\windows\system32\cryptnet.dll
+ 2008-04-14 00:11:51 64,512 ----a-w c:\windows\system32\cryptnet.dll
- 2004-08-10 11:00:00 60,416 ----a-w c:\windows\system32\cryptsvc.dll
+ 2008-04-14 00:11:51 62,464 ----a-w c:\windows\system32\cryptsvc.dll
- 2004-08-10 11:00:00 512,512 ----a-w c:\windows\system32\cryptui.dll
+ 2008-04-14 00:11:51 512,512 ----a-w c:\windows\system32\cryptui.dll
- 2004-08-10 11:00:00 101,888 ----a-w c:\windows\system32\cscdll.dll
+ 2008-04-14 00:11:51 101,888 ----a-w c:\windows\system32\cscdll.dll
- 2004-08-10 11:00:00 98,304 ----a-w c:\windows\system32\cscript.exe
+ 2008-04-14 00:12:15 139,264 ----a-w c:\windows\system32\cscript.exe
- 2004-08-10 11:00:00 326,656 ----a-w c:\windows\system32\cscui.dll
+ 2008-04-14 00:11:51 326,656 ----a-w c:\windows\system32\cscui.dll
- 2004-08-10 11:00:00 32,768 ----a-w c:\windows\system32\csrsrv.dll
+ 2008-04-14 00:11:51 32,256 ----a-w c:\windows\system32\csrsrv.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\csrss.exe
+ 2008-04-14 00:12:15 6,144 ----a-w c:\windows\system32\csrss.exe
- 2004-08-10 11:00:00 15,360 ----a-w c:\windows\system32\ctfmon.exe
+ 2008-04-14 00:12:16 15,360 ----a-w c:\windows\system32\ctfmon.exe
- 2004-08-10 11:00:00 1,179,648 ----a-w c:\windows\system32\d3d8.dll
+ 2008-04-14 00:11:51 1,179,648 ----a-w c:\windows\system32\d3d8.dll
- 2004-08-10 11:00:00 8,192 ----a-w c:\windows\system32\d3d8thk.dll
+ 2008-04-14 00:11:51 8,192 ----a-w c:\windows\system32\d3d8thk.dll
- 2004-08-10 11:00:00 1,689,088 ----a-w c:\windows\system32\d3d9.dll
+ 2008-04-14 00:11:51 1,689,088 ----a-w c:\windows\system32\d3d9.dll
- 2004-08-10 11:00:00 825,344 ----a-w c:\windows\system32\d3dim700.dll
+ 2008-04-14 00:11:51 824,320 ----a-w c:\windows\system32\d3dim700.dll
- 2008-10-16 10:20:45 1,054,208 ----a-w c:\windows\system32\danim.dll
+ 2008-04-14 00:11:51 1,054,208 ----a-w c:\windows\system32\danim.dll
- 2004-08-10 11:00:00 54,272 ----a-w c:\windows\system32\dataclen.dll
+ 2008-04-14 00:11:51 54,272 ----a-w c:\windows\system32\dataclen.dll
- 2004-08-10 11:00:00 152,064 ----a-w c:\windows\system32\datime.dll
+ 2008-04-14 00:11:51 165,376 ----a-w c:\windows\system32\datime.dll
- 2004-08-10 11:00:00 24,576 ----a-w c:\windows\system32\davclnt.dll
+ 2008-04-14 00:11:51 25,088 ----a-w c:\windows\system32\davclnt.dll
- 2004-08-10 11:00:00 640,000 ----a-w c:\windows\system32\dbghelp.dll
+ 2008-04-14 00:11:51 640,000 ----a-w c:\windows\system32\dbghelp.dll
- 2004-08-10 11:00:00 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll
+ 2008-04-14 00:11:51 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll
- 2004-08-10 11:00:00 110,592 ----a-w c:\windows\system32\dbnetlib.dll
+ 2008-04-14 00:11:51 110,592 ----a-w c:\windows\system32\dbnetlib.dll
- 2004-08-10 11:00:00 28,672 ----a-w c:\windows\system32\dbnmpntw.dll
+ 2008-04-14 00:11:51 28,672 ----a-w c:\windows\system32\dbnmpntw.dll
- 2004-08-10 11:00:00 1,788 ----a-w c:\windows\system32\Dcache.bin
+ 2008-04-14 00:25:26 1,804 ----a-w c:\windows\system32\dcache.bin
- 2004-08-10 11:00:00 8,704 ----a-w c:\windows\system32\dciman32.dll
+ 2008-04-14 00:11:51 8,704 ----a-w c:\windows\system32\dciman32.dll
- 2004-08-10 11:00:00 5,120 ----a-w c:\windows\system32\dcomcnfg.exe
+ 2008-04-14 00:12:16 6,144 ----a-w c:\windows\system32\dcomcnfg.exe
- 2004-08-10 11:00:00 30,208 ----a-w c:\windows\system32\ddeshare.exe
+ 2008-04-14 00:12:16 30,208 ----a-w c:\windows\system32\ddeshare.exe
- 2004-08-10 11:00:00 266,240 ----a-w c:\windows\system32\ddraw.dll
+ 2008-04-14 00:11:51 279,552 ----a-w c:\windows\system32\ddraw.dll
- 2004-08-10 11:00:00 27,136 ----a-w c:\windows\system32\ddrawex.dll
+ 2008-04-14 00:11:51 27,136 ----a-w c:\windows\system32\ddrawex.dll
- 2004-08-10 11:00:00 25,088 ----a-w c:\windows\system32\defrag.exe
+ 2008-04-14 00:12:16 25,088 ----a-w c:\windows\system32\defrag.exe
- 2004-08-10 11:00:00 59,904 ----a-w c:\windows\system32\devenum.dll
+ 2008-04-14 00:11:51 59,904 ----a-w c:\windows\system32\devenum.dll
- 2004-08-10 11:00:00 282,624 ----a-w c:\windows\system32\devmgr.dll
+ 2008-04-14 00:11:51 282,624 ----a-w c:\windows\system32\devmgr.dll
- 2004-08-10 11:00:00 82,432 ----a-w c:\windows\system32\dfrgfat.exe
+ 2008-04-14 00:12:16 82,944 ----a-w c:\windows\system32\dfrgfat.exe
- 2004-08-10 11:00:00 104,960 ----a-w c:\windows\system32\dfrgntfs.exe
+ 2008-04-14 00:12:16 105,472 ----a-w c:\windows\system32\dfrgntfs.exe
- 2004-08-10 11:00:00 38,912 ----a-w c:\windows\system32\dfrgsnap.dll
+ 2008-04-14 00:11:51 39,424 ----a-w c:\windows\system32\dfrgsnap.dll
- 2004-08-10 11:00:00 123,904 ----a-w c:\windows\system32\dfrgui.dll
+ 2008-04-14 00:11:51 124,416 ----a-w c:\windows\system32\dfrgui.dll
- 2004-08-10 11:00:00 28,672 ----a-w c:\windows\system32\dfsshlex.dll
+ 2008-04-14 00:11:51 28,672 ----a-w c:\windows\system32\dfsshlex.dll
- 2004-08-10 11:00:00 111,104 ----a-w c:\windows\system32\dgnet.dll
+ 2008-04-14 00:11:51 111,104 ----a-w c:\windows\system32\dgnet.dll
- 2006-05-19 12:59:41 111,616 ----a-w c:\windows\system32\dhcpcsvc.dll
+ 2008-04-14 00:11:51 126,976 ----a-w c:\windows\system32\dhcpcsvc.dll
- 2004-08-10 11:00:00 370,176 ----a-w c:\windows\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 379,904 ----a-w c:\windows\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w c:\windows\system32\dhcpqec.dll
- 2004-08-10 11:00:00 85,504 ----a-w c:\windows\system32\diantz.exe
+ 2008-04-14 00:12:17 87,040 ----a-w c:\windows\system32\diantz.exe
- 2004-08-10 11:00:00 68,608 ----a-w c:\windows\system32\digest.dll
+ 2008-04-14 00:11:52 68,608 ----a-w c:\windows\system32\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\system32\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\system32\dimsroam.dll
- 2004-08-10 11:00:00 159,232 ----a-w c:\windows\system32\dinput.dll
+ 2008-04-14 00:11:52 158,720 ----a-w c:\windows\system32\dinput.dll
- 2004-08-10 11:00:00 181,760 ----a-w c:\windows\system32\dinput8.dll
+ 2008-04-14 00:11:52 181,760 ----a-w c:\windows\system32\dinput8.dll
- 2004-08-10 11:00:00 1,501,696 ----a-w c:\windows\system32\diskcopy.dll
+ 2008-04-14 00:11:52 1,504,256 ----a-w c:\windows\system32\diskcopy.dll
- 2004-08-10 11:00:00 163,840 ----a-w c:\windows\system32\diskpart.exe
+ 2008-04-14 00:12:17 163,840 ----a-w c:\windows\system32\diskpart.exe
- 2004-08-10 11:00:00 45,083 ----a-w c:\windows\system32\dispex.dll
+ 2008-04-14 00:11:52 32,768 ----a-w c:\windows\system32\dispex.dll
+ 2007-08-13 23:39:20 71,680 ------w c:\windows\system32\dllcache\admparse.dll
+ 2008-12-20 23:15:11 124,928 ------w c:\windows\system32\dllcache\advpack.dll
- 2008-08-14 09:51:43 138,368 -c----w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 10:04:36 138,496 ------w c:\windows\system32\dllcache\afd.sys
- 2008-06-13 13:10:50 272,128 -c----w c:\windows\system32\dllcache\bthport.sys
+ 2008-06-13 11:05:51 272,128 ------w c:\windows\system32\dllcache\bthport.sys
- 2004-08-10 11:00:00 97,792 ----a-w c:\windows\system32\dllcache\chtmbx.dll
+ 2008-04-14 00:09:05 97,792 ----a-w c:\windows\system32\dllcache\chtmbx.dll
- 2004-08-10 11:00:00 56,320 ----a-w c:\windows\system32\dllcache\chtskdic.dll
+ 2008-04-14 00:09:05 56,320 ----a-w c:\windows\system32\dllcache\chtskdic.dll
- 2004-08-10 11:00:00 173,568 ----a-w c:\windows\system32\dllcache\chtskf.dll
+ 2008-04-14 00:09:05 173,568 ----a-w c:\windows\system32\dllcache\chtskf.dll
- 2004-08-10 11:00:00 198,656 ----a-w c:\windows\system32\dllcache\cintime.dll
+ 2008-04-14 00:09:06 198,656 ----a-w c:\windows\system32\dllcache\cintime.dll
- 2008-06-20 17:41:10 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 ------w c:\windows\system32\dllcache\dnsapi.dll
- 2006-08-22 10:05:26 498,742 -c----w c:\windows\system32\dllcache\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ------w c:\windows\system32\dllcache\dxmasf.dll
- 2008-10-16 10:20:45 357,888 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-10-16 10:20:45 205,312 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
- 2008-07-07 20:32:22 253,952 -c----w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:26:58 253,952 ------w c:\windows\system32\dllcache\es.dll
- 2008-10-16 10:20:46 55,808 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ------w c:\windows\system32\dllcache\extmgr.dll
- 2008-10-23 13:01:36 283,648 -c----w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
+ 2007-08-13 23:18:02 60,416 ------w c:\windows\system32\dllcache\hmmapi.dll
- 2004-08-10 11:00:00 13,463,552 ----a-w c:\windows\system32\dllcache\hwxjpn.dll
+ 2008-04-14 00:09:39 13,463,552 ----a-w c:\windows\system32\dllcache\hwxjpn.dll
+ 2008-12-19 09:10:15 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-12-20 23:15:14 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-20 23:15:14 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
+ 2008-12-20 23:15:16 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-15 14:18:21 18,432 -c----w c:\windows\system32\dllcache\iedw.exe
+ 2007-08-13 23:44:02 69,120 ----a-w c:\windows\system32\dllcache\iedw.exe
- 2008-10-16 10:20:46 251,904 -c----w c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 23:54:10 191,488 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2008-12-20 23:15:21 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
+ 2007-08-13 23:39:12 55,296 ------w c:\windows\system32\dllcache\iesetup.dll
+ 2008-12-19 05:25:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
- 2004-08-10 11:00:00 106,496 ----a-w c:\windows\system32\dllcache\imekrcic.dll
+ 2008-04-14 00:09:43 106,496 ----a-w c:\windows\system32\dllcache\imekrcic.dll
- 2004-08-10 11:00:00 86,016 ----a-w c:\windows\system32\dllcache\imekrmbx.dll
+ 2008-04-14 00:09:43 86,016 ----a-w c:\windows\system32\dllcache\imekrmbx.dll
+ 2007-08-13 23:36:06 36,352 ------w c:\windows\system32\dllcache\imgutil.dll
- 2004-08-10 11:00:00 811,064 -c--a-w c:\windows\system32\dllcache\imjp81k.dll
+ 2008-04-14 00:09:44 811,064 ----a-w c:\windows\system32\dllcache\imjp81k.dll
- 2004-08-10 11:00:00 368,696 ----a-w c:\windows\system32\dllcache\imjpcic.dll
+ 2008-04-14 00:09:45 368,696 ----a-w c:\windows\system32\dllcache\imjpcic.dll
- 2004-08-10 11:00:00 716,856 ----a-w c:\windows\system32\dllcache\imjpcus.dll
+ 2008-04-14 00:09:45 716,856 ----a-w c:\windows\system32\dllcache\imjpcus.dll
- 2004-08-10 11:00:00 81,976 ----a-w c:\windows\system32\dllcache\imjpdct.dll
+ 2008-04-14 00:09:45 81,976 ----a-w c:\windows\system32\dllcache\imjpdct.dll
- 2004-08-10 11:00:00 274,489 ----a-w c:\windows\system32\dllcache\imjputyc.dll
+ 2008-04-14 00:09:46 274,489 ----a-w c:\windows\system32\dllcache\imjputyc.dll
- 2004-08-10 11:00:00 102,456 ----a-w c:\windows\system32\dllcache\imlang.dll
+ 2008-04-14 00:09:46 102,456 ----a-w c:\windows\system32\dllcache\imlang.dll
- 2004-08-10 11:00:00 315,452 ----a-w c:\windows\system32\dllcache\imskf.dll
+ 2008-04-14 00:09:47 315,455 ----a-w c:\windows\system32\dllcache\imskf.dll
- 2008-04-11 18:50:43 683,520 ------w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ------w c:\windows\system32\dllcache\inetcomm.dll
- 2008-10-16 10:20:46 96,256 -c----w c:\windows\system32\dllcache\inseng.dll
+ 2007-08-13 23:39:02 92,672 ----a-w c:\windows\system32\dllcache\inseng.dll
- 2008-10-16 10:20:50 16,384 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 23:44:18 40,960 ------w c:\windows\system32\dllcache\licmgr10.dll
- 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
- 2008-05-01 14:30:33 331,776 -c----w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:33:02 331,776 ------w c:\windows\system32\dllcache\msadce.dll
- 2008-06-24 16:23:05 74,240 -c----w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:43:16 74,240 ------w c:\windows\system32\dllcache\mscms.dll
+ 2007-08-13 23:32:30 45,568 ------w c:\windows\system32\dllcache\mshta.exe
- 2008-10-16 10:20:50 449,024 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2007-08-13 23:01:12 48,128 ------w c:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 23:54:10 156,160 ------w c:\windows\system32\dllcache\msls31.dll
- 2008-10-16 10:20:46 146,432 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-12-20 23:15:31 193,024 ------w c:\windows\system32\dllcache\msrating.dll
- 2008-10-16 10:20:46 532,480 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-12-20 23:15:32 671,232 ------w c:\windows\system32\dllcache\mstime.dll
- 2008-06-20 17:41:10 245,248 -c----w c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ------w c:\windows\system32\dllcache\mswsock.dll
- 2008-09-04 16:42:02 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w c:\windows\system32\dllcache\msxml6r.dll
- 2008-10-15 16:57:55 332,800 -c----w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
- 2008-08-14 09:55:01 2,142,720 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 10:09:26 2,145,280 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-08-14 09:18:44 2,062,976 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,066,048 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-08-14 09:18:46 2,020,864 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 09:33:16 2,023,936 ------w c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-08-14 09:57:20 2,185,984 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 10:11:02 2,189,184 ------w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-12-20 23:15:38 102,912 ------w c:\windows\system32\dllcache\occache.dll
- 2004-08-10 11:00:00 15,872 ----a-w c:\windows\system32\dllcache\padrs404.dll
+ 2008-04-14 00:10:33 15,872 ----a-w c:\windows\system32\dllcache\padrs404.dll
- 2004-08-10 11:00:00 15,360 ----a-w c:\windows\system32\dllcache\padrs804.dll
+ 2008-04-14 00:10:33 15,360 ----a-w c:\windows\system32\dllcache\padrs804.dll
- 2004-08-10 11:00:00 175,104 ----a-w c:\windows\system32\dllcache\pintlcsa.dll
+ 2008-04-14 00:10:34 175,104 ----a-w c:\windows\system32\dllcache\pintlcsa.dll
- 2004-08-10 11:00:00 53,760 ----a-w c:\windows\system32\dllcache\pintlcsd.dll
+ 2008-04-14 00:10:34 53,760 ----a-w c:\windows\system32\dllcache\pintlcsd.dll
- 2004-08-10 11:00:00 70,144 ----a-w c:\windows\system32\dllcache\pintlphr.exe
+ 2008-04-13 16:43:36 70,144 ----a-w c:\windows\system32\dllcache\pintlphr.exe
- 2004-08-10 11:00:00 67,584 ----a-w c:\windows\system32\dllcache\pmigrate.dll
+ 2008-04-14 00:10:34 67,584 ----a-w c:\windows\system32\dllcache\pmigrate.dll
- 2008-10-16 10:20:46 39,424 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
- 2008-05-07 04:55:40 1,288,192 -c----w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ------w c:\windows\system32\dllcache\quartz.dll
- 2008-05-08 12:28:49 202,752 -c----w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ------w c:\windows\system32\dllcache\rmcast.sys
- 2008-12-05 07:12:45 144,896 ------w c:\windows\system32\dllcache\schannel.dll
+ 2008-12-05 06:54:55 144,896 ------w c:\windows\system32\dllcache\schannel.dll
- 2008-07-03 13:03:29 8,460,800 ----a-w c:\windows\system32\dllcache\shell32.dll
+ 2008-06-17 19:02:19 8,461,312 ------w c:\windows\system32\dllcache\shell32.dll
- 2008-12-11 11:57:21 333,184 -c----w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 10:57:09 333,952 ------w c:\windows\system32\dllcache\srv.sys
- 2008-10-03 10:15:47 247,326 -c----w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ------w c:\windows\system32\dllcache\strmdll.dll
- 2008-06-20 10:45:13 360,320 -c--a-w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ------w c:\windows\system32\dllcache\tcpip.sys
- 2008-06-20 09:52:06 225,920 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ------w c:\windows\system32\dllcache\tcpip6.sys
- 2004-08-10 11:00:00 10,240 ----a-w c:\windows\system32\dllcache\tmigrate.dll
+ 2008-04-14 00:10:59 10,240 ----a-w c:\windows\system32\dllcache\tmigrate.dll
- 2004-08-10 11:00:00 76,288 -c--a-w c:\windows\system32\dllcache\uniime.dll
+ 2008-04-14 00:11:01 76,288 ----a-w c:\windows\system32\dllcache\uniime.dll
+ 2008-12-20 23:15:39 105,984 ------w c:\windows\system32\dllcache\url.dll
- 2008-10-16 10:20:53 619,008 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
- 2007-06-26 15:13:22 851,968 -c----w c:\windows\system32\dllcache\vgx.dll
+ 2007-08-13 23:54:10 765,952 ----a-w c:\windows\system32\dllcache\VGX.dll
- 2004-08-10 11:00:00 426,041 ----a-w c:\windows\system32\dllcache\voicepad.dll
+ 2008-04-14 00:11:04 426,041 ----a-w c:\windows\system32\dllcache\voicepad.dll
- 2004-08-10 11:00:00 86,073 ----a-w c:\windows\system32\dllcache\voicesub.dll
+ 2008-04-14 00:11:04 86,073 ----a-w c:\windows\system32\dllcache\voicesub.dll
+ 2008-12-20 23:15:40 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
- 2008-10-16 10:20:49 667,648 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-12-20 23:15:41 826,368 ------w c:\windows\system32\dllcache\wininet.dll
- 2004-08-10 11:00:00 5,120 ----a-w c:\windows\system32\dllhost.exe
+ 2008-04-14 00:12:17 5,120 ----a-w c:\windows\system32\dllhost.exe
- 2004-08-10 11:00:00 224,768 ----a-w c:\windows\system32\dmadmin.exe
+ 2008-04-14 00:12:17 224,768 ----a-w c:\windows\system32\dmadmin.exe
- 2004-08-10 11:00:00 28,672 ----a-w c:\windows\system32\dmband.dll
+ 2008-04-14 00:11:52 28,672 ----a-w c:\windows\system32\dmband.dll
- 2004-08-10 11:00:00 61,440 ----a-w c:\windows\system32\dmcompos.dll
+ 2008-04-14 00:11:52 61,440 ----a-w c:\windows\system32\dmcompos.dll
- 2004-08-10 11:00:00 273,920 ----a-w c:\windows\system32\dmdlgs.dll
+ 2008-04-14 00:11:52 285,184 ----a-w c:\windows\system32\dmdlgs.dll
- 2004-08-10 11:00:00 200,704 ----a-w c:\windows\system32\dmdskmgr.dll
+ 2008-04-14 00:11:52 200,704 ----a-w c:\windows\system32\dmdskmgr.dll
- 2004-08-10 11:00:00 181,248 ----a-w c:\windows\system32\dmime.dll
+ 2008-04-14 00:11:52 181,248 ----a-w c:\windows\system32\dmime.dll
- 2004-08-10 11:00:00 35,840 ----a-w c:\windows\system32\dmloader.dll
+ 2008-04-14 00:11:52 35,840 ----a-w c:\windows\system32\dmloader.dll
- 2004-08-10 11:00:00 15,872 ----a-w c:\windows\system32\dmremote.exe
+ 2008-04-14 00:12:17 15,872 ----a-w c:\windows\system32\dmremote.exe
- 2004-08-10 11:00:00 82,432 ----a-w c:\windows\system32\dmscript.dll
+ 2008-04-14 00:11:52 82,432 ----a-w c:\windows\system32\dmscript.dll
- 2004-08-10 11:00:00 23,552 ----a-w c:\windows\system32\dmserver.dll
+ 2008-04-14 00:11:52 23,552 ----a-w c:\windows\system32\dmserver.dll
- 2004-08-10 11:00:00 105,984 ----a-w c:\windows\system32\dmstyle.dll
+ 2008-04-14 00:11:52 105,984 ----a-w c:\windows\system32\dmstyle.dll
- 2004-08-10 11:00:00 103,424 ----a-w c:\windows\system32\dmsynth.dll
+ 2008-04-14 00:11:52 103,424 ----a-w c:\windows\system32\dmsynth.dll
- 2004-08-10 11:00:00 104,448 ----a-w c:\windows\system32\dmusic.dll
+ 2008-04-14 00:11:52 104,448 ----a-w c:\windows\system32\dmusic.dll
- 2004-08-10 11:00:00 52,224 ----a-w c:\windows\system32\dmutil.dll
+ 2008-04-14 00:11:52 52,224 ----a-w c:\windows\system32\dmutil.dll
- 2008-06-20 17:41:10 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 ----a-w c:\windows\system32\dnsapi.dll
- 2008-02-20 05:32:43 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
+ 2008-04-14 00:11:52 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
- 2004-08-10 11:00:00 48,128 ----a-w c:\windows\system32\docprop2.dll
+ 2008-04-14 00:11:52 48,128 ----a-w c:\windows\system32\docprop2.dll
+ 2008-04-14 00:11:52 26,112 ------w c:\windows\system32\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w c:\windows\system32\dot3cfg.dll
+ 2008-04-14 00:11:52 9,216 ------w c:\windows\system32\dot3dlg.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\system32\dot3gpclnt.dll
+ 2008-04-14 00:11:52 56,320 ------w c:\windows\system32\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w c:\windows\system32\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w c:\windows\system32\dot3ui.dll
- 2004-08-10 11:00:00 96,768 ----a-w c:\windows\system32\dpcdll.dll
+ 2008-04-14 00:11:52 102,912 ----a-w c:\windows\system32\dpcdll.dll
- 2004-08-10 11:00:00 30,208 ----a-w c:\windows\system32\dplaysvr.exe
+ 2008-04-14 00:12:17 29,696 ----a-w c:\windows\system32\dplaysvr.exe
- 2004-08-10 11:00:00 229,888 ----a-w c:\windows\system32\dplayx.dll
+ 2008-04-14 00:11:52 229,888 ----a-w c:\windows\system32\dplayx.dll
- 2004-08-10 11:00:00 23,552 ----a-w c:\windows\system32\dpmodemx.dll
+ 2008-04-14 00:11:52 23,552 ----a-w c:\windows\system32\dpmodemx.dll
- 2004-08-10 11:00:00 3,584 ----a-w c:\windows\system32\dpnaddr.dll
+ 2008-04-14 00:09:19 3,072 ----a-w c:\windows\system32\dpnaddr.dll
- 2004-08-10 11:00:00 375,296 ----a-w c:\windows\system32\dpnet.dll
+ 2008-04-14 00:11:52 375,296 ----a-w c:\windows\system32\dpnet.dll
- 2004-08-10 11:00:00 35,328 ----a-w c:\windows\system32\dpnhpast.dll
+ 2008-04-14 00:11:52 35,328 ----a-w c:\windows\system32\dpnhpast.dll
- 2004-08-10 11:00:00 60,928 ----a-w c:\windows\system32\dpnhupnp.dll
+ 2008-04-14 00:11:52 60,928 ----a-w c:\windows\system32\dpnhupnp.dll
- 2004-08-10 11:00:00 3,584 ----a-w c:\windows\system32\dpnlobby.dll
+ 2008-04-14 00:09:20 3,072 ----a-w c:\windows\system32\dpnlobby.dll
- 2004-08-10 11:00:00 18,432 ----a-w c:\windows\system32\dpnsvr.exe
+ 2008-04-14 00:12:17 17,920 ----a-w c:\windows\system32\dpnsvr.exe
- 2004-08-10 11:00:00 21,504 ----a-w c:\windows\system32\dpvacm.dll
+ 2008-04-14 00:11:52 21,504 ----a-w c:\windows\system32\dpvacm.dll
- 2004-08-10 11:00:00 212,480 ----a-w c:\windows\system32\dpvoice.dll
+ 2008-04-14 00:11:52 212,480 ----a-w c:\windows\system32\dpvoice.dll
- 2004-08-10 11:00:00 83,456 ----a-w c:\windows\system32\dpvsetup.exe
+ 2008-04-14 00:12:18 83,456 ----a-w c:\windows\system32\dpvsetup.exe
- 2004-08-10 11:00:00 116,736 ----a-w c:\windows\system32\dpvvox.dll
+ 2008-04-14 00:11:52 116,736 ----a-w c:\windows\system32\dpvvox.dll
- 2004-08-10 11:00:00 57,344 ----a-w c:\windows\system32\dpwsockx.dll
+ 2008-04-14 00:11:52 57,344 ----a-w c:\windows\system32\dpwsockx.dll
- 2004-08-10 11:00:00 58,368 ----a-w c:\windows\system32\driverquery.exe
+ 2008-04-14 00:12:18 62,976 ----a-w c:\windows\system32\driverquery.exe
- 2004-08-10 11:00:00 187,776 ----a-w c:\windows\system32\drivers\acpi.sys
+ 2008-04-13 18:36:35 187,776 ----a-w c:\windows\system32\drivers\acpi.sys
+ 2008-04-14 00:11:48 4,255 ------w c:\windows\system32\drivers\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w c:\windows\system32\drivers\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w c:\windows\system32\drivers\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w c:\windows\system32\drivers\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w c:\windows\system32\drivers\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w c:\windows\system32\drivers\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w c:\windows\system32\drivers\adv11nt5.dll
- 2006-02-15 00:22:26 142,464 ----a-w c:\windows\system32\drivers\aec.sys
+ 2008-04-13 16:39:23 142,592 ----a-w c:\windows\system32\drivers\aec.sys
- 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\system32\drivers\afd.sys
- 2004-08-04 05:07:42 42,368 ----a-w c:\windows\system32\drivers\AGP440.SYS
+ 2008-04-13 18:36:38 42,368 ----a-w c:\windows\system32\drivers\agp440.sys
- 2004-08-04 05:07:44 44,928 ----a-w c:\windows\system32\drivers\AGPCPQ.SYS
+ 2008-04-13 18:36:39 44,928 ----a-w c:\windows\system32\drivers\agpcpq.sys
- 2004-08-04 05:07:42 42,752 ----a-w c:\windows\system32\drivers\ALIM1541.SYS
+ 2008-04-13 18:36:38 42,752 ----a-w c:\windows\system32\drivers\alim1541.sys
- 2004-08-04 05:07:44 43,008 ----a-w c:\windows\system32\drivers\AMDAGP.SYS
+ 2008-04-13 18:36:39 43,008 ----a-w c:\windows\system32\drivers\amdagp.sys
- 2004-08-10 11:00:00 36,992 ----a-w c:\windows\system32\drivers\amdk6.sys
+ 2008-04-13 18:31:32 37,376 ----a-w c:\windows\system32\drivers\amdk6.sys
- 2004-08-10 11:00:00 37,376 ----a-w c:\windows\system32\drivers\amdk7.sys
+ 2008-04-13 18:31:33 37,760 ----a-w c:\windows\system32\drivers\amdk7.sys
- 2004-08-10 11:00:00 60,800 ----a-w c:\windows\system32\drivers\arp1394.sys
+ 2008-04-13 18:51:25 60,800 ----a-w c:\windows\system32\drivers\arp1394.sys
- 2004-08-10 11:00:00 14,336 ----a-w c:\windows\system32\drivers\asyncmac.sys
+ 2008-04-13 18:57:27 14,336 ----a-w c:\windows\system32\drivers\asyncmac.sys
- 2004-08-04 04:59:44 95,360 ----a-w c:\windows\system32\drivers\atapi.sys
+ 2008-04-13 18:40:30 96,512 ----a-w c:\windows\system32\drivers\atapi.sys
+ 2004-08-04 03:29:30 56,623 ------w c:\windows\system32\drivers\ati1btxx.sys
+ 2004-08-04 03:29:30 11,615 ------w c:\windows\system32\drivers\ati1mdxx.sys
+ 2004-08-04 03:29:30 12,047 ------w c:\windows\system32\drivers\ati1pdxx.sys
+ 2004-08-04 03:29:32 30,671 ------w c:\windows\system32\drivers\ati1raxx.sys
+ 2004-08-04 03:29:32 63,663 ------w c:\windows\system32\drivers\ati1rvxx.sys
+ 2004-08-04 03:29:32 26,367 ------w c:\windows\system32\drivers\ati1snxx.sys
+ 2004-08-04 03:29:32 21,343 ------w c:\windows\system32\drivers\ati1ttxx.sys
+ 2004-08-04 03:29:32 36,463 ------w c:\windows\system32\drivers\ati1tuxx.sys
+ 2004-08-04 03:29:32 29,455 ------w c:\windows\system32\drivers\ati1xbxx.sys
+ 2004-08-04 03:29:32 34,735 ------w c:\windows\system32\drivers\ati1xsxx.sys
+ 2004-08-04 03:29:28 327,040 ------w c:\windows\system32\drivers\ati2mtaa.sys
+ 2004-08-04 03:29:28 57,856 ------w c:\windows\system32\drivers\atinbtxx.sys
+ 2004-08-04 03:29:30 13,824 ------w c:\windows\system32\drivers\atinmdxx.sys
+ 2004-08-04 03:29:30 14,336 ------w c:\windows\system32\drivers\atinpdxx.sys
+ 2004-08-04 03:29:30 52,224 ------w c:\windows\system32\drivers\atinraxx.sys
+ 2004-08-04 03:29:32 104,960 ------w c:\windows\system32\drivers\atinrvxx.sys
+ 2004-08-04 03:29:32 28,672 ------w c:\windows\system32\drivers\atinsnxx.sys
+ 2004-08-04 03:29:32 13,824 ------w c:\windows\system32\drivers\atinttxx.sys
+ 2004-08-04 03:29:32 73,216 ------w c:\windows\system32\drivers\atintuxx.sys
+ 2004-08-04 03:29:32 31,744 ------w c:\windows\system32\drivers\atinxbxx.sys
+ 2004-08-04 03:29:32 63,488 ------w c:\windows\system32\drivers\atinxsxx.sys
- 2004-08-10 11:00:00 59,904 ----a-w c:\windows\system32\drivers\atmarpc.sys
+ 2008-04-13 18:51:25 59,904 ----a-w c:\windows\system32\drivers\atmarpc.sys
- 2004-08-10 11:00:00 55,936 ----a-w c:\windows\system32\drivers\atmlane.sys
+ 2008-04-13 18:51:30 55,808 ----a-w c:\windows\system32\drivers\atmlane.sys
+ 2008-04-14 00:11:50 21,183 ------w c:\windows\system32\drivers\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w c:\windows\system32\drivers\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w c:\windows\system32\drivers\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w c:\windows\system32\drivers\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w c:\windows\system32\drivers\atv10nt5.dll
- 2004-08-10 11:00:00 71,552 ----a-w c:\windows\system32\drivers\bridge.sys
+ 2008-04-13 18:53:23 71,552 ----a-w c:\windows\system32\drivers\bridge.sys
+ 2008-04-13 18:46:33 17,024 ------w c:\windows\system32\drivers\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w c:\windows\system32\drivers\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w c:\windows\system32\drivers\bthpan.sys
- 2008-06-13 13:10:50 272,128 ------w c:\windows\system32\drivers\bthport.sys
+ 2008-06-13 11:05:51 272,128 ------w c:\windows\system32\drivers\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w c:\windows\system32\drivers\bthprint.sys
+ 2008-04-13 18:46:29 18,944 ------w c:\windows\system32\drivers\bthusb.sys
- 2004-08-04 05:10:18 17,024 ----a-w c:\windows\system32\drivers\CCDECODE.sys
+ 2008-04-13 18:46:23 17,024 ----a-w c:\windows\system32\drivers\ccdecode.sys
- 2004-08-10 11:00:00 63,744 ----a-w c:\windows\system32\drivers\cdfs.sys
+ 2008-04-13 19:14:21 63,744 ----a-w c:\windows\system32\drivers\cdfs.sys
- 2004-08-10 11:00:00 49,536 ----a-w c:\windows\system32\drivers\cdrom.sys
+ 2008-04-13 18:40:46 62,976 ----a-w c:\windows\system32\drivers\cdrom.sys
+ 2008-04-14 00:11:50 15,423 ------w c:\windows\system32\drivers\ch7xxnt5.dll
- 2004-08-10 11:00:00 49,664 ----a-w c:\windows\system32\drivers\classpnp.sys
+ 2008-04-13 19:16:22 49,536 ----a-w c:\windows\system32\drivers\classpnp.sys
- 2004-08-10 11:00:00 36,480 ----a-w c:\windows\system32\drivers\crusoe.sys
+ 2008-04-13 18:31:32 36,736 ----a-w c:\windows\system32\drivers\crusoe.sys
- 2004-08-10 11:00:00 36,352 ----a-w c:\windows\system32\drivers\disk.sys
+ 2008-04-13 18:40:47 36,352 ----a-w c:\windows\system32\drivers\disk.sys
- 2004-08-10 11:00:00 14,208 ----a-w c:\windows\system32\drivers\diskdump.sys
+ 2008-04-13 18:40:44 14,208 ----a-w c:\windows\system32\drivers\diskdump.sys
- 2004-08-10 11:00:00 799,744 ----a-w c:\windows\system32\drivers\dmboot.sys
+ 2008-04-13 18:44:48 799,744 ----a-w c:\windows\system32\drivers\dmboot.sys
- 2004-08-10 11:00:00 153,344 ----a-w c:\windows\system32\drivers\dmio.sys
+ 2008-04-13 18:44:46 153,344 ----a-w c:\windows\system32\drivers\dmio.sys
- 2004-08-04 05:07:40 52,864 ----a-w c:\windows\system32\drivers\DMusic.sys
+ 2008-04-13 18:45:01 52,864 ----a-w c:\windows\system32\drivers\dmusic.sys
- 2004-08-04 05:08:00 60,288 ----a-w c:\windows\system32\drivers\drmk.sys
+ 2008-04-13 18:45:14 60,160 ----a-w c:\windows\system32\drivers\drmk.sys
- 2004-08-04 05:07:58 2,944 ----a-w c:\windows\system32\drivers\drmkaud.sys
+ 2008-04-13 18:45:13 2,944 ----a-w c:\windows\system32\drivers\drmkaud.sys
- 2004-08-10 11:00:00 71,040 ----a-w c:\windows\system32\drivers\dxg.sys
+ 2008-04-13 18:38:29 71,168 ----a-w c:\windows\system32\drivers\dxg.sys
- 2004-08-10 11:00:00 143,360 ----a-w c:\windows\system32\drivers\fastfat.sys
+ 2008-04-13 19:14:29 143,744 ----a-w c:\windows\system32\drivers\fastfat.sys
- 2004-08-10 11:00:00 27,392 ----a-w c:\windows\system32\drivers\fdc.sys
+ 2008-04-13 18:40:25 27,392 ----a-w c:\windows\system32\drivers\fdc.sys
- 2004-08-10 11:00:00 34,944 ----a-w c:\windows\system32\drivers\fips.sys
+ 2008-04-13 18:33:28 44,544 ----a-w c:\windows\system32\drivers\fips.sys
- 2004-08-10 11:00:00 20,480 ----a-w c:\windows\system32\drivers\flpydisk.sys
+ 2008-04-13 18:40:25 20,480 ----a-w c:\windows\system32\drivers\flpydisk.sys
- 2006-08-21 09:14:58 128,896 ----a-w c:\windows\system32\drivers\fltmgr.sys
+ 2008-04-13 18:32:59 129,792 ----a-w c:\windows\system32\drivers\fltmgr.sys
+ 2008-04-13 18:36:40 46,464 ------w c:\windows\system32\drivers\gagp30kx.sys
- 2004-08-12 23:45:54 137,728 ------w c:\windows\system32\drivers\Hdaudbus.sys
+ 2008-04-13 16:36:05 144,384 ------w c:\windows\system32\drivers\hdaudbus.sys
+ 2008-04-13 18:46:30 25,600 ------w c:\windows\system32\drivers\hidbth.sys
- 2004-08-10 11:00:00 36,224 ----a-w c:\windows\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 36,864 ----a-w c:\windows\system32\drivers\hidclass.sys
- 2005-06-28 17:43:36 19,200 ----a-w c:\windows\system32\drivers\hidir.sys
+ 2008-04-13 18:45:26 19,200 ----a-w c:\windows\system32\drivers\hidir.sys
- 2004-08-10 11:00:00 24,960 ----a-w c:\windows\system32\drivers\hidparse.sys
+ 2008-04-13 18:45:22 24,960 ----a-w c:\windows\system32\drivers\hidparse.sys
- 2001-08-17 20:02:20 9,600 ----a-w c:\windows\system32\drivers\hidusb.sys
+ 2008-04-13 18:45:27 10,368 ----a-w c:\windows\system32\drivers\hidusb.sys
+ 2004-08-04 03:41:48 220,032 ------w c:\windows\system32\drivers\hsfbs2s2.sys
+ 2004-08-04 03:41:50 685,056 ------w c:\windows\system32\drivers\hsfcxts2.sys
+ 2004-08-04 03:41:56 1,041,536 ------w c:\windows\system32\drivers\hsfdpsp2.sys
- 2006-03-17 00:33:10 262,784 ----a-w c:\windows\system32\drivers\http.sys
+ 2008-04-13 18:53:53 264,832 ----a-w c:\windows\system32\drivers\http.sys
- 2004-08-04 05:00:52 8,192 ----a-w c:\windows\system32\drivers\i2omgmt.sys
+ 2008-04-13 18:41:22 8,576 ----a-w c:\windows\system32\drivers\i2omgmt.sys
- 2004-08-04 05:00:52 18,560 ----a-w c:\windows\system32\drivers\i2omp.sys
+ 2008-04-13 18:41:22 18,560 ----a-w c:\windows\system32\drivers\i2omp.sys
- 2004-08-10 11:00:00 52,736 ----a-w c:\windows\system32\drivers\i8042prt.sys
+ 2008-04-13 19:18:00 52,480 ----a-w c:\windows\system32\drivers\i8042prt.sys
- 2004-08-10 11:00:00 41,856 ----a-w c:\windows\system32\drivers\imapi.sys
+ 2008-04-13 18:40:58 42,112 ----a-w c:\windows\system32\drivers\imapi.sys
- 2004-08-04 04:59:42 5,504 ----a-w c:\windows\system32\drivers\intelide.sys
+ 2008-04-13 18:40:29 5,504 ----a-w c:\windows\system32\drivers\intelide.sys
- 2004-08-10 11:00:00 36,096 ----a-w c:\windows\system32\drivers\intelppm.sys
+ 2008-04-13 18:31:32 36,352 ----a-w c:\windows\system32\drivers\intelppm.sys
- 2004-08-10 11:00:00 29,056 ----a-w c:\windows\system32\drivers\ip6fw.sys
+ 2008-04-13 18:53:34 36,608 ----a-w c:\windows\system32\drivers\ip6fw.sys
- 2004-08-10 11:00:00 20,992 ----a-w c:\windows\system32\drivers\ipinip.sys
+ 2008-04-13 18:57:07 20,864 ----a-w c:\windows\system32\drivers\ipinip.sys
- 2004-09-29 22:28:37 134,912 ----a-w c:\windows\system32\drivers\ipnat.sys
+ 2008-04-13 18:57:15 152,832 ----a-w c:\windows\system32\drivers\ipnat.sys
- 2004-08-10 11:00:00 74,752 ----a-w c:\windows\system32\drivers\ipsec.sys
+ 2008-04-13 19:19:42 75,264 ----a-w c:\windows\system32\drivers\ipsec.sys
- 2005-06-28 17:43:40 46,592 ----a-w c:\windows\system32\drivers\irbus.sys
+ 2008-04-13 18:45:34 46,592 ----a-w c:\windows\system32\drivers\irbus.sys
- 2004-08-10 11:00:00 11,264 ----a-w c:\windows\system32\drivers\irenum.sys
+ 2008-04-13 18:54:28 11,264 ----a-w c:\windows\system32\drivers\irenum.sys
- 2001-08-17 19:58:02 35,840 ----a-w c:\windows\system32\drivers\isapnp.sys
+ 2008-04-13 18:36:41 37,248 ----a-w c:\windows\system32\drivers\isapnp.sys
- 2004-08-04 04:58:34 24,576 ----a-w c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-13 18:39:47 24,576 ----a-w c:\windows\system32\drivers\kbdclass.sys
- 2004-08-04 04:58:36 14,848 ----a-w c:\windows\system32\drivers\kbdhid.sys
+ 2008-04-13 18:39:48 14,592 ----a-w c:\windows\system32\drivers\kbdhid.sys
- 2006-06-14 08:47:45 172,416 ----a-w c:\windows\system32\drivers\kmixer.sys
+ 2008-04-13 18:45:09 172,416 ----a-w c:\windows\system32\drivers\kmixer.sys
- 2004-08-04 04:15:22 140,928 ----a-w c:\windows\system32\drivers\ks.sys
+ 2008-04-13 19:16:36 141,056 ----a-w c:\windows\system32\drivers\ks.sys
- 2004-08-10 11:00:00 92,032 ----a-w c:\windows\system32\drivers\ksecdd.sys
+ 2008-04-13 18:31:43 92,288 ----a-w c:\windows\system32\drivers\ksecdd.sys
- 2004-08-10 11:00:00 63,744 ----a-w c:\windows\system32\drivers\mf.sys
+ 2008-04-13 18:36:41 63,744 ----a-w c:\windows\system32\drivers\mf.sys
- 2004-08-10 11:00:00 30,080 ----a-w c:\windows\system32\drivers\modem.sys
+ 2008-04-13 19:00:19 30,080 ----a-w c:\windows\system32\drivers\modem.sys
- 2004-08-04 04:58:34 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
+ 2008-04-13 18:39:47 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
- 2004-08-10 11:00:00 42,240 ----a-w c:\windows\system32\drivers\mountmgr.sys
+ 2008-04-13 18:39:46 42,368 ----a-w c:\windows\system32\drivers\mountmgr.sys
- 2007-07-06 10:05:47 72,960 ----a-w c:\windows\system32\drivers\mqac.sys
+ 2008-04-13 18:39:44 92,544 ----a-w c:\windows\system32\drivers\mqac.sys
- 2007-12-18 09:51:35 179,584 ----a-w c:\windows\system32\drivers\mrxdav.sys
+ 2008-04-13 18:32:44 180,608 ----a-w c:\windows\system32\drivers\mrxdav.sys
- 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2004-08-10 11:00:00 19,072 ----a-w c:\windows\system32\drivers\msfs.sys
+ 2008-04-13 18:32:39 19,072 ----a-w c:\windows\system32\drivers\msfs.sys
- 2004-08-10 11:00:00 35,072 ----a-w c:\windows\system32\drivers\msgpc.sys
+ 2008-04-13 18:56:32 35,072 ----a-w c:\windows\system32\drivers\msgpc.sys
- 2004-08-04 04:58:42 7,552 ----a-w c:\windows\system32\drivers\MSKSSRV.sys
+ 2008-04-13 18:39:52 7,552 ----a-w c:\windows\system32\drivers\mskssrv.sys
- 2004-08-04 04:58:40 5,376 ----a-w c:\windows\system32\drivers\MSPCLOCK.sys
+ 2008-04-13 18:39:50 5,376 ----a-w c:\windows\system32\drivers\mspclock.sys
- 2004-08-04 04:58:42 4,992 ----a-w c:\windows\system32\drivers\MSPQM.sys
+ 2008-04-13 18:39:51 4,992 ----a-w c:\windows\system32\drivers\mspqm.sys
- 2004-08-04 05:07:48 15,488 ----a-w c:\windows\system32\drivers\mssmbios.sys
+ 2008-04-13 18:36:46 15,488 ----a-w c:\windows\system32\drivers\mssmbios.sys
- 2004-08-04 04:58:40 5,504 ----a-w c:\windows\system32\drivers\MSTEE.sys
+ 2008-04-13 18:39:50 5,504 ----a-w c:\windows\system32\drivers\mstee.sys
+ 2004-08-04 03:41:40 126,686 ------w c:\windows\system32\drivers\mtlmnt5.sys
+ 2004-08-04 03:41:38 1,309,184 ------w c:\windows\system32\drivers\mtlstrm.sys
+ 2004-08-04 03:29:38 452,736 ------w c:\windows\system32\drivers\mtxparhm.sys
- 2004-08-10 11:00:00 107,904 ----a-w c:\windows\system32\drivers\mup.sys
+ 2008-04-13 19:17:05 105,344 ----a-w c:\windows\system32\drivers\mup.sys
+ 2008-04-13 18:43:55 12,672 ------w c:\windows\system32\drivers\mutohpen.sys
- 2004-08-04 05:10:30 85,376 ----a-w c:\windows\system32\drivers\NABTSFEC.sys
+ 2008-04-13 18:46:25 85,248 ----a-w c:\windows\system32\drivers\nabtsfec.sys
- 2004-08-10 11:00:00 182,912 ----a-w c:\windows\system32\drivers\ndis.sys
+ 2008-04-13 19:20:37 182,656 ----a-w c:\windows\system32\drivers\ndis.sys
- 2004-08-04 05:10:14 10,880 ----a-w c:\windows\system32\drivers\NdisIP.sys
+ 2008-04-13 18:46:22 10,880 ----a-w c:\windows\system32\drivers\ndisip.sys
- 2004-08-10 11:00:00 9,600 ----a-w c:\windows\system32\drivers\ndistapi.sys
+ 2008-04-13 18:57:27 10,112 ----a-w c:\windows\system32\drivers\ndistapi.sys
- 2005-06-20 19:52:56 14,592 ----a-w c:\windows\system32\drivers\ndisuio.sys
+ 2008-04-13 18:55:58 14,592 ----a-w c:\windows\system32\drivers\ndisuio.sys
- 2004-08-10 11:00:00 91,776 ----a-w c:\windows\system32\drivers\ndiswan.sys
+ 2008-04-13 19:20:42 91,520 ----a-w c:\windows\system32\drivers\ndiswan.sys
- 2004-08-10 11:00:00 38,016 ----a-w c:\windows\system32\drivers\ndproxy.sys
+ 2008-04-13 18:57:29 40,576 ----a-w c:\windows\system32\drivers\ndproxy.sys
- 2004-08-10 11:00:00 34,560 ----a-w c:\windows\system32\drivers\netbios.sys
+ 2008-04-13 18:56:02 34,688 ----a-w c:\windows\system32\drivers\netbios.sys
- 2004-08-10 11:00:00 162,816 ----a-w c:\windows\system32\drivers\netbt.sys
+ 2008-04-13 19:21:00 162,816 ----a-w c:\windows\system32\drivers\netbt.sys
- 2004-08-10 11:00:00 61,824 ----a-w c:\windows\system32\drivers\nic1394.sys
+ 2008-04-13 18:51:25 61,824 ----a-w c:\windows\system32\drivers\nic1394.sys
- 2004-08-10 11:00:00 40,320 ----a-w c:\windows\system32\drivers\nmnt.sys
+ 2008-04-13 18:53:09 40,320 ----a-w c:\windows\system32\drivers\nmnt.sys
- 2004-08-10 11:00:00 30,848 ----a-w c:\windows\system32\drivers\npfs.sys
+ 2008-04-13 18:32:39 30,848 ----a-w c:\windows\system32\drivers\npfs.sys
- 2007-02-09 11:10:35 574,464 ----a-w c:\windows\system32\drivers\ntfs.sys
+ 2008-04-13 19:15:53 574,976 ----a-w c:\windows\system32\drivers\ntfs.sys
+ 2004-08-04 03:41:40 180,360 ------w c:\windows\system32\drivers\ntmtlfax.sys
- 2004-08-10 11:00:00 88,448 ----a-w c:\windows\system32\drivers\nwlnkipx.sys
+ 2008-04-13 18:56:06 88,320 ----a-w c:\windows\system32\drivers\nwlnkipx.sys
- 2006-10-13 10:23:15 163,584 ----a-w c:\windows\system32\drivers\nwrdr.sys
+ 2008-04-13 18:34:12 163,584 ----a-w c:\windows\system32\drivers\nwrdr.sys
- 2004-08-10 11:00:00 42,496 ----a-w c:\windows\system32\drivers\p3.sys
+ 2008-04-13 18:31:31 42,752 ----a-w c:\windows\system32\drivers\p3.sys
- 2004-08-10 11:00:00 80,128 ----a-w c:\windows\system32\drivers\parport.sys
+ 2008-04-13 18:40:10 80,128 ----a-w c:\windows\system32\drivers\parport.sys
- 2004-08-10 11:00:00 18,688 ----a-w c:\windows\system32\drivers\partmgr.sys
+ 2008-04-13 18:40:49 19,712 ----a-w c:\windows\system32\drivers\partmgr.sys
- 2004-08-04 05:07:48 68,224 ----a-w c:\windows\system32\drivers\pci.sys
+ 2008-04-13 18:36:44 68,224 ----a-w c:\windows\system32\drivers\pci.sys
- 2004-08-04 04:59:42 25,088 ----a-w c:\windows\system32\drivers\pciidex.sys
+ 2008-04-13 18:40:29 24,960 ----a-w c:\windows\system32\drivers\pciidex.sys
- 2004-08-10 11:00:00 119,936 ----a-w c:\windows\system32\drivers\pcmcia.sys
+ 2008-04-13 18:36:43 120,192 ----a-w c:\windows\system32\drivers\pcmcia.sys
- 2004-03-16 17:58:20 136,960 ------w c:\windows\system32\drivers\portcls.sys
+ 2008-04-13 19:19:41 146,048 ------w c:\windows\system32\drivers\portcls.sys
- 2004-08-10 11:00:00 35,328 ----a-w c:\windows\system32\drivers\processr.sys
+ 2008-04-13 18:31:30 35,840 ----a-w c:\windows\system32\drivers\processr.sys
- 2004-08-10 11:00:00 69,120 ----a-w c:\windows\system32\drivers\psched.sys
+ 2008-04-13 18:56:38 69,120 ----a-w c:\windows\system32\drivers\psched.sys
- 2004-08-10 11:00:00 51,328 ----a-w c:\windows\system32\drivers\rasl2tp.sys
+ 2008-04-13 19:19:43 51,328 ----a-w c:\windows\system32\drivers\rasl2tp.sys
- 2004-08-10 11:00:00 41,472 ----a-w c:\windows\system32\drivers\raspppoe.sys
+ 2008-04-13 18:57:32 41,472 ----a-w c:\windows\system32\drivers\raspppoe.sys
- 2004-08-10 11:00:00 48,384 ----a-w c:\windows\system32\drivers\raspptp.sys
+ 2008-04-13 19:19:48 48,384 ----a-w c:\windows\system32\drivers\raspptp.sys
- 2006-05-05 09:47:57 174,592 ----a-w c:\windows\system32\drivers\rdbss.sys
+ 2008-04-13 19:28:39 175,744 ----a-w c:\windows\system32\drivers\rdbss.sys
- 2004-08-04 05:01:16 196,864 ----a-w c:\windows\system32\drivers\rdpdr.sys
+ 2008-04-13 18:32:51 196,224 ----a-w c:\windows\system32\drivers\rdpdr.sys
- 2005-06-10 04:09:46 139,528 ----a-w c:\windows\system32\drivers\rdpwd.sys
+ 2008-04-14 00:13:22 139,656 ----a-w c:\windows\system32\drivers\rdpwd.sys
+ 2004-08-04 03:41:40 13,776 ------w c:\windows\system32\drivers\recagent.sys
- 2004-08-04 04:59:38 57,472 ----a-w c:\windows\system32\drivers\redbook.sys
+ 2008-04-13 18:40:27 57,600 ----a-w c:\windows\system32\drivers\redbook.sys
+ 2008-04-13 18:46:32 59,136 ------w c:\windows\system32\drivers\rfcomm.sys
- 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2004-12-01 00:28:36 30,464 ----a-w c:\windows\system32\drivers\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ----a-w c:\windows\system32\drivers\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ------w c:\windows\system32\drivers\rndismpx.sys
+ 2004-08-04 03:29:52 166,912 ------w c:\windows\system32\drivers\s3gnbm.sys
- 2004-08-10 11:00:00 96,256 ----a-w c:\windows\system32\drivers\scsiport.sys
+ 2008-04-13 18:40:30 96,384 ----a-w c:\windows\system32\drivers\scsiport.sys
- 2004-08-10 11:00:00 67,584 ----a-w c:\windows\system32\drivers\sdbus.sys
+ 2008-04-13 18:36:44 79,232 ----a-w c:\windows\system32\drivers\sdbus.sys
- 2004-08-10 11:00:00 15,488 ----a-w c:\windows\system32\drivers\serenum.sys
+ 2008-04-13 18:40:12 15,744 ----a-w c:\windows\system32\drivers\serenum.sys
- 2004-08-10 11:00:00 64,896 ----a-w c:\windows\system32\drivers\serial.sys
+ 2008-04-13 19:15:45 64,512 ----a-w c:\windows\system32\drivers\serial.sys
- 2004-08-10 11:00:00 11,136 ----a-w c:\windows\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:47 11,904 ----a-w c:\windows\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w c:\windows\system32\drivers\sffp_mmc.sys
- 2004-08-10 11:00:00 10,240 ----a-w c:\windows\system32\drivers\sffp_sd.sys
+ 2008-04-13 18:40:47 11,008 ----a-w c:\windows\system32\drivers\sffp_sd.sys
- 2004-08-10 11:00:00 11,392 ----a-w c:\windows\system32\drivers\sfloppy.sys
+ 2008-04-13 18:40:48 11,392 ----a-w c:\windows\system32\drivers\sfloppy.sys
+ 2008-04-14 00:12:05 3,901 ------w c:\windows\system32\drivers\siint5.dll
- 2004-08-04 05:07:44 41,088 ----a-w c:\windows\system32\drivers\SISAGP.SYS
+ 2008-04-13 18:36:39 40,960 ----a-w c:\windows\system32\drivers\sisagp.sys
- 2004-08-04 05:10:18 11,136 ----a-w c:\windows\system32\drivers\SLIP.sys
+ 2008-04-13 18:46:23 11,136 ----a-w c:\windows\system32\drivers\slip.sys
+ 2004-08-04 03:41:42 129,535 ------w c:\windows\system32\drivers\slnt7554.sys
+ 2004-08-04 03:41:44 404,990 ------w c:\windows\system32\drivers\slntamr.sys
+ 2004-08-04 03:41:46 95,424 ------w c:\windows\system32\drivers\slnthal.sys
+ 2004-08-04 03:41:46 13,240 ------w c:\windows\system32\drivers\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w c:\windows\system32\drivers\smbali.sys
- 2004-08-10 11:00:00 25,472 ----a-w c:\windows\system32\drivers\sonydcam.sys
+ 2008-04-13 18:46:07 25,344 ----a-w c:\windows\system32\drivers\sonydcam.sys
- 2006-06-14 08:47:46 6,400 ----a-w c:\windows\system32\drivers\splitter.sys
+ 2008-04-13 18:45:07 6,272 ----a-w c:\windows\system32\drivers\splitter.sys
- 2004-08-10 11:00:00 73,472 ----a-w c:\windows\system32\drivers\sr.sys
+ 2008-04-13 18:36:52 73,472 ----a-w c:\windows\system32\drivers\sr.sys
- 2008-12-11 11:57:21 333,184 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys
- 2004-08-04 04:08:04 48,640 ----a-w c:\windows\system32\drivers\stream.sys
+ 2008-04-13 18:45:15 49,408 ----a-w c:\windows\system32\drivers\stream.sys
- 2004-08-04 05:10:14 15,360 ----a-w c:\windows\system32\drivers\StreamIP.sys
+ 2008-04-13 18:46:21 15,232 ----a-w c:\windows\system32\drivers\streamip.sys
- 2004-08-04 04:58:42 4,352 ----a-w c:\windows\system32\drivers\swenum.sys
+ 2008-04-13 18:39:53 4,352 ----a-w c:\windows\system32\drivers\swenum.sys
- 2001-08-17 20:00:52 54,272 ----a-w c:\windows\system32\drivers\swmidi.sys
+ 2008-04-13 18:45:09 56,576 ----a-w c:\windows\system32\drivers\swmidi.sys
- 2004-08-04 05:15:56 60,800 ----a-w c:\windows\system32\drivers\sysaudio.sys
+ 2008-04-13 19:15:55 60,800 ----a-w c:\windows\system32\drivers\sysaudio.sys
- 2004-08-10 11:00:00 14,976 ----a-w c:\windows\system32\drivers\tape.sys
+ 2008-04-13 18:40:50 14,976 ----a-w c:\windows\system32\drivers\tape.sys
- 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2004-08-10 11:00:00 18,560 ----a-w c:\windows\system32\drivers\tdi.sys
+ 2008-04-13 19:00:05 19,072 ----a-w c:\windows\system32\drivers\tdi.sys
- 2004-08-10 11:00:00 12,040 ----a-w c:\windows\system32\drivers\tdpipe.sys
+ 2008-04-14 00:13:20 12,040 ----a-w c:\windows\system32\drivers\tdpipe.sys
- 2004-08-10 11:00:00 21,896 ----a-w c:\windows\system32\drivers\tdtcp.sys
+ 2008-04-14 00:13:21 21,896 ----a-w c:\windows\system32\drivers\tdtcp.sys
- 2004-08-04 07:01:08 40,840 ----a-w c:\windows\system32\drivers\termdd.sys
+ 2008-04-14 00:13:20 40,840 ----a-w c:\windows\system32\drivers\termdd.sys
- 2004-08-10 11:00:00 12,416 ----a-w c:\windows\system32\drivers\tunmp.sys
+ 2008-04-13 18:56:01 12,288 ----a-w c:\windows\system32\drivers\tunmp.sys
+ 2008-04-13 18:36:40 44,672 ------w c:\windows\system32\drivers\uagp35.sys
- 2004-08-10 11:00:00 66,176 ----a-w c:\windows\system32\drivers\udfs.sys
+ 2008-04-13 18:32:36 66,048 ----a-w c:\windows\system32\drivers\udfs.sys
- 2007-04-23 10:32:54 364,160 ----a-w c:\windows\system32\drivers\update.sys
+ 2008-04-13 18:39:46 384,768 ----a-w c:\windows\system32\drivers\update.sys
- 2004-12-08 15:34:36 12,800 ----a-w c:\windows\system32\drivers\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ----a-w c:\windows\system32\drivers\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w c:\windows\system32\drivers\usb8023x.sys
- 2004-08-10 11:00:00 23,808 ----a-w c:\windows\system32\drivers\usbcamd.sys
+ 2008-04-13 18:45:40 25,600 ----a-w c:\windows\system32\drivers\usbcamd.sys
- 2004-08-10 11:00:00 23,936 ----a-w c:\windows\system32\drivers\usbcamd2.sys
+ 2008-04-13 18:45:41 25,728 ----a-w c:\windows\system32\drivers\usbcamd2.sys
- 2004-08-04 04:08:48 31,616 ----a-w c:\windows\system32\drivers\usbccgp.sys
+ 2008-04-13 18:45:39 32,128 ----a-w c:\windows\system32\drivers\usbccgp.sys
- 2005-10-25 23:39:41 27,264 ----a-w c:\windows\system32\drivers\usbehci.sys
+ 2008-04-13 18:45:35 30,208 ----a-w c:\windows\system32\drivers\usbehci.sys
- 2004-08-04 05:08:44 57,600 ----a-w c:\windows\system32\drivers\usbhub.sys
+ 2008-04-13 18:45:37 59,520 ----a-w c:\windows\system32\drivers\usbhub.sys
- 2004-08-10 11:00:00 16,000 ----a-w c:\windows\system32\drivers\usbintel.sys
+ 2008-04-13 18:45:43 15,872 ----a-w c:\windows\system32\drivers\usbintel.sys
- 2005-10-25 23:39:41 143,104 ----a-w c:\windows\system32\drivers\usbport.sys
+ 2008-04-13 18:45:36 143,872 ----a-w c:\windows\system32\drivers\usbport.sys
- 2004-08-04 04:01:26 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
+ 2008-04-13 18:47:37 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
- 2004-08-04 04:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
+ 2008-04-13 18:45:34 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
- 2004-08-04 04:08:48 26,496 ----a-w c:\windows\system32\drivers\USBSTOR.SYS
+ 2008-04-13 18:45:38 26,368 ----a-w c:\windows\system32\drivers\usbstor.sys
- 2004-08-04 05:08:38 20,480 ----a-w c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 18:45:35 20,608 ----a-w c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 18:46:20 121,984 ------w c:\windows\system32\drivers\usbvideo.sys
+ 2008-04-14 00:12:08 11,325 ------w c:\windows\system32\drivers\vchnt5.dll
- 2004-08-10 11:00:00 20,992 ----a-w c:\windows\system32\drivers\vga.sys
+ 2008-04-13 18:44:40 20,992 ----a-w c:\windows\system32\drivers\vga.sys
- 2004-08-04 05:07:44 42,240 ----a-w c:\windows\system32\drivers\VIAAGP.SYS
+ 2008-04-13 18:36:40 42,240 ----a-w c:\windows\system32\drivers\viaagp.sys
- 2004-08-04 04:59:44 5,376 ----a-w c:\windows\system32\drivers\viaide.sys
+ 2008-04-13 18:40:31 5,376 ----a-w c:\windows\system32\drivers\viaide.sys
- 2004-08-10 11:00:00 79,744 ----a-w c:\windows\system32\drivers\videoprt.sys
+ 2008-04-13 18:44:40 81,664 ----a-w c:\windows\system32\drivers\videoprt.sys
- 2004-08-10 11:00:00 52,352 ----a-w c:\windows\system32\drivers\volsnap.sys
+ 2008-04-13 18:41:01 52,352 ----a-w c:\windows\system32\drivers\volsnap.sys
+ 2008-04-13 18:43:55 14,208 ------w c:\windows\system32\drivers\wacompen.sys
+ 2004-08-04 03:29:40 11,807 ------w c:\windows\system32\drivers\wadv07nt.sys
+ 2004-08-04 03:29:40 11,295 ------w c:\windows\system32\drivers\wadv08nt.sys
+ 2004-08-04 03:29:42 11,871 ------w c:\windows\system32\drivers\wadv09nt.sys
+ 2004-08-04 03:29:42 11,935 ------w c:\windows\system32\drivers\wadv11nt.sys
- 2004-08-10 11:00:00 34,560 ----a-w c:\windows\system32\drivers\wanarp.sys
+ 2008-04-13 18:57:21 34,560 ----a-w c:\windows\system32\drivers\wanarp.sys
+ 2004-08-04 03:29:46 22,271 ------w c:\windows\system32\drivers\watv06nt.sys
+ 2004-08-04 03:29:46 25,471 ------w c:\windows\system32\drivers\watv10nt.sys
- 2006-06-14 09:00:45 82,944 ----a-w c:\windows\system32\drivers\wdmaud.sys
+ 2008-04-13 19:17:18 83,072 ----a-w c:\windows\system32\drivers\wdmaud.sys
- 2004-08-04 05:10:22 19,328 ----a-w c:\windows\system32\drivers\WSTCODEC.SYS
+ 2008-04-13 18:46:24 19,200 ----a-w c:\windows\system32\drivers\wstcodec.sys
- 2004-08-10 11:00:00 14,336 ----a-w c:\windows\system32\drprov.dll
+ 2008-04-14 00:11:52 14,336 ----a-w c:\windows\system32\drprov.dll
- 2004-08-10 11:00:00 16,384 ----a-w c:\windows\system32\ds32gt.dll
+ 2008-04-14 00:11:52 16,384 ----a-w c:\windows\system32\ds32gt.dll
- 2004-08-10 11:00:00 181,760 ----a-w c:\windows\system32\dsdmo.dll
+ 2008-04-14 00:11:52 181,248 ----a-w c:\windows\system32\dsdmo.dll
- 2004-08-10 11:00:00 71,680 ----a-w c:\windows\system32\dsdmoprp.dll
+ 2008-04-14 00:11:52 71,680 ----a-w c:\windows\system32\dsdmoprp.dll
- 2004-08-10 11:00:00 92,672 ----a-w c:\windows\system32\dskquota.dll
+ 2008-04-14 00:11:52 92,672 ----a-w c:\windows\system32\dskquota.dll
- 2004-08-10 11:00:00 144,384 ----a-w c:\windows\system32\dskquoui.dll
+ 2008-04-14 00:11:52 155,648 ----a-w c:\windows\system32\dskquoui.dll
- 2004-08-10 11:00:00 367,616 ----a-w c:\windows\system32\dsound.dll
+ 2008-04-14 00:11:52 367,616 ----a-w c:\windows\system32\dsound.dll

- 2004-08-10 11:00:00 1,294,336 ----a-w c:\windows\system32\dsound3d.dll
+ 2008-04-14 00:11:52 1,293,824 ----a-w c:\windows\system32\dsound3d.dll
- 2004-08-10 11:00:00 142,336 ----a-w c:\windows\system32\dsprop.dll
+ 2008-04-14 00:11:52 142,848 ----a-w c:\windows\system32\dsprop.dll
- 2004-08-10 11:00:00 4,096 ----a-w c:\windows\system32\dsprpres.dll
+ 2008-04-13 17:09:30 4,096 ----a-w c:\windows\system32\dsprpres.dll
- 2004-08-10 11:00:00 239,104 ----a-w c:\windows\system32\dsquery.dll
+ 2008-04-14 00:11:52 239,104 ----a-w c:\windows\system32\dsquery.dll
- 2004-08-10 11:00:00 51,200 ----a-w c:\windows\system32\dssec.dll
+ 2008-04-14 00:11:52 51,200 ----a-w c:\windows\system32\dssec.dll
- 2004-08-10 11:00:00 137,216 ----a-w c:\windows\system32\dssenh.dll
+ 2008-04-13 17:37:57 138,752 ----a-w c:\windows\system32\dssenh.dll
- 2004-08-10 11:00:00 113,152 ----a-w c:\windows\system32\dsuiext.dll
+ 2008-04-14 00:11:52 113,152 ----a-w c:\windows\system32\dsuiext.dll
- 2004-08-10 11:00:00 19,456 ----a-w c:\windows\system32\dswave.dll
+ 2008-04-14 00:11:52 19,456 ----a-w c:\windows\system32\dswave.dll
- 2004-08-10 11:00:00 10,752 ----a-w c:\windows\system32\dumprep.exe
+ 2008-04-14 00:12:18 10,752 ----a-w c:\windows\system32\dumprep.exe
- 2004-08-10 11:00:00 304,128 ----a-w c:\windows\system32\duser.dll
+ 2008-04-14 00:11:52 304,128 ----a-w c:\windows\system32\duser.dll
- 2004-08-10 11:00:00 17,920 ----a-w c:\windows\system32\dvdupgrd.exe
+ 2008-04-14 00:12:18 17,920 ----a-w c:\windows\system32\dvdupgrd.exe
- 2004-08-10 11:00:00 180,224 ----a-w c:\windows\system32\dwwin.exe
+ 2008-04-14 00:12:18 180,224 ----a-w c:\windows\system32\dwwin.exe
- 2004-08-10 11:00:00 619,008 ----a-w c:\windows\system32\dx7vb.dll
+ 2008-04-14 00:11:52 619,008 ----a-w c:\windows\system32\dx7vb.dll
- 2004-08-10 11:00:00 1,227,264 ----a-w c:\windows\system32\dx8vb.dll
+ 2008-04-14 00:11:52 1,227,264 ----a-w c:\windows\system32\dx8vb.dll
- 2004-08-10 11:00:00 1,298,432 ----a-w c:\windows\system32\dxdiag.exe
+ 2008-04-14 00:12:18 1,298,432 ----a-w c:\windows\system32\dxdiag.exe
- 2004-08-10 11:00:00 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll
+ 2008-04-14 00:11:52 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll
- 2006-08-22 10:05:26 498,742 ----a-w c:\windows\system32\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ----a-w c:\windows\system32\dxmasf.dll
- 2008-10-16 10:20:45 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ------w c:\windows\system32\dxtmsft.dll
- 2008-10-16 10:20:45 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ------w c:\windows\system32\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ------w c:\windows\system32\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w c:\windows\system32\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w c:\windows\system32\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w c:\windows\system32\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w c:\windows\system32\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w c:\windows\system32\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w c:\windows\system32\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w c:\windows\system32\eapsvc.dll
- 2004-08-10 11:00:00 26,624 ----a-w c:\windows\system32\efsadu.dll
+ 2008-04-14 00:11:52 26,624 ----a-w c:\windows\system32\efsadu.dll
- 2004-08-10 11:00:00 183,296 ----a-w c:\windows\system32\els.dll
+ 2008-04-14 00:11:53 183,296 ----a-w c:\windows\system32\els.dll
+ 2008-04-14 00:11:57 28,672 ------w c:\windows\system32\en\microsoft.managementconsole.resources.dll
+ 2008-04-14 00:11:57 40,960 ------w c:\windows\system32\en\mmcex.resources.dll
+ 2008-04-14 00:11:57 6,656 ------w c:\windows\system32\en\mmcfxcommon.resources.dll
- 2004-08-10 11:00:00 20,480 ----a-w c:\windows\system32\encapi.dll
+ 2008-04-14 00:11:53 20,480 ----a-w c:\windows\system32\encapi.dll
- 2004-08-10 11:00:00 23,040 ----a-w c:\windows\system32\ersvc.dll
+ 2008-04-14 00:11:53 23,040 ----a-w c:\windows\system32\ersvc.dll
- 2008-07-07 20:32:22 253,952 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\system32\es.dll
- 2005-10-20 22:20:03 1,082,368 ----a-w c:\windows\system32\esent.dll
+ 2008-04-14 00:11:53 1,082,368 ----a-w c:\windows\system32\esent.dll
- 2004-08-10 11:00:00 193,024 ----a-w c:\windows\system32\eudcedit.exe
+ 2008-04-14 00:12:19 193,024 ----a-w c:\windows\system32\eudcedit.exe
- 2004-08-10 11:00:00 50,176 ----a-w c:\windows\system32\eventcreate.exe
+ 2008-04-14 00:12:19 50,688 ----a-w c:\windows\system32\eventcreate.exe
- 2004-08-10 11:00:00 55,808 ----a-w c:\windows\system32\eventlog.dll
+ 2008-04-14 00:11:53 56,320 ----a-w c:\windows\system32\eventlog.dll
- 2004-08-10 11:00:00 77,824 ----a-w c:\windows\system32\eventtriggers.exe
+ 2008-04-14 00:12:19 82,944 ----a-w c:\windows\system32\eventtriggers.exe
- 2004-08-10 11:00:00 380,957 ----a-w c:\windows\system32\expsrv.dll
+ 2008-04-14 00:11:53 380,445 ----a-w c:\windows\system32\expsrv.dll
- 2008-10-16 10:20:46 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ------w c:\windows\system32\extmgr.dll
- 2004-08-10 11:00:00 45,568 ----a-w c:\windows\system32\extrac32.exe
+ 2008-04-14 00:12:19 24,064 ----a-w c:\windows\system32\extrac32.exe
- 2004-08-10 11:00:00 121,856 ----a-w c:\windows\system32\exts.dll
+ 2008-04-14 00:11:53 125,952 ----a-w c:\windows\system32\exts.dll
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\f3ahvoas.dll
+ 2008-04-14 00:09:30 7,168 ----a-w c:\windows\system32\f3ahvoas.dll
- 2004-08-10 11:00:00 80,384 ----a-w c:\windows\system32\faultrep.dll
+ 2008-04-14 00:11:53 80,384 ----a-w c:\windows\system32\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\system32\faxpatch.exe
- 2004-08-10 11:00:00 117,760 ----a-w c:\windows\system32\fde.dll
+ 2008-04-14 00:11:53 124,928 ----a-w c:\windows\system32\fde.dll
- 2004-08-10 11:00:00 73,728 ----a-w c:\windows\system32\fdeploy.dll
+ 2008-04-14 00:11:53 73,728 ----a-w c:\windows\system32\fdeploy.dll
- 2004-08-10 11:00:00 21,504 ----a-w c:\windows\system32\feclient.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\feclient.dll
- 2004-08-10 11:00:00 337,920 ----a-w c:\windows\system32\filemgmt.dll
+ 2008-04-14 00:11:53 337,920 ----a-w c:\windows\system32\filemgmt.dll
- 2004-08-10 11:00:00 27,136 ----a-w c:\windows\system32\findstr.exe
+ 2008-04-14 00:12:20 27,136 ----a-w c:\windows\system32\findstr.exe
- 2004-08-10 11:00:00 87,552 ----a-w c:\windows\system32\fldrclnr.dll
+ 2008-04-14 00:11:53 87,552 ----a-w c:\windows\system32\fldrclnr.dll
- 2006-08-21 12:21:06 16,896 ----a-w c:\windows\system32\fltlib.dll
+ 2008-04-14 00:11:53 16,896 ----a-w c:\windows\system32\fltlib.dll
- 2006-08-21 09:14:58 23,040 ----a-w c:\windows\system32\fltmc.exe
+ 2008-04-14 00:12:20 23,040 ----a-w c:\windows\system32\fltmc.exe
- 2009-03-25 21:47:45 486,704 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-04-02 08:09:14 488,296 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2004-08-10 11:00:00 382,976 ----a-w c:\windows\system32\fontext.dll
+ 2008-04-14 00:11:53 382,976 ----a-w c:\windows\system32\fontext.dll
- 2005-10-17 21:14:45 80,896 ----a-w c:\windows\system32\fontsub.dll
+ 2008-04-14 00:11:53 80,896 ----a-w c:\windows\system32\fontsub.dll
- 2004-08-10 11:00:00 20,992 ----a-w c:\windows\system32\fontview.exe
+ 2008-04-14 00:12:20 20,992 ----a-w c:\windows\system32\fontview.exe
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\forcedos.exe
+ 2008-04-14 00:12:20 7,680 ----a-w c:\windows\system32\forcedos.exe
- 2004-08-10 11:00:00 25,600 ----a-w c:\windows\system32\format.com
+ 2008-04-14 00:12:42 29,696 ----a-w c:\windows\system32\format.com
- 2004-08-10 11:00:00 9,344 ----a-w c:\windows\system32\framebuf.dll
+ 2008-04-14 00:09:33 9,344 ----a-w c:\windows\system32\framebuf.dll
- 2004-08-10 11:00:00 193,024 ----a-w c:\windows\system32\fsquirt.exe
+ 2008-04-14 00:12:20 193,024 ----a-w c:\windows\system32\fsquirt.exe
- 2004-08-10 11:00:00 42,496 ----a-w c:\windows\system32\ftp.exe
+ 2008-04-14 00:12:20 42,496 ----a-w c:\windows\system32\ftp.exe
- 2004-08-10 11:00:00 60,416 ----a-w c:\windows\system32\fwcfg.dll
+ 2008-04-14 00:11:53 60,416 ----a-w c:\windows\system32\fwcfg.dll
- 2004-08-10 11:00:00 452,096 ----a-w c:\windows\system32\fxsapi.dll
+ 2008-04-14 00:11:53 451,584 ----a-w c:\windows\system32\fxsapi.dll
- 2004-08-10 11:00:00 143,360 ----a-w c:\windows\system32\fxsclnt.exe
+ 2008-04-14 00:12:21 142,848 ----a-w c:\windows\system32\fxsclnt.exe
- 2004-08-10 11:00:00 72,192 ----a-w c:\windows\system32\fxscom.dll
+ 2008-04-14 00:11:54 72,192 ----a-w c:\windows\system32\fxscom.dll
- 2004-08-10 11:00:00 285,184 ----a-w c:\windows\system32\fxscomex.dll
+ 2008-04-14 00:11:54 285,184 ----a-w c:\windows\system32\fxscomex.dll
- 2004-08-10 11:00:00 229,376 ----a-w c:\windows\system32\fxscover.exe
+ 2008-04-14 00:12:21 229,376 ----a-w c:\windows\system32\fxscover.exe
- 2004-08-10 11:00:00 27,136 ----a-w c:\windows\system32\fxsdrv.dll
+ 2008-04-14 00:11:54 26,624 ----a-w c:\windows\system32\fxsdrv.dll
- 2004-08-10 11:00:00 55,296 ----a-w c:\windows\system32\fxsevent.dll
+ 2008-04-14 00:11:54 55,296 ----a-w c:\windows\system32\fxsevent.dll
- 2004-08-10 11:00:00 23,552 ----a-w c:\windows\system32\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ----a-w c:\windows\system32\fxsext32.dll
- 2004-08-10 11:00:00 23,552 ----a-w c:\windows\system32\fxsmon.dll
+ 2008-04-14 00:11:54 23,552 ----a-w c:\windows\system32\fxsmon.dll
- 2004-08-10 11:00:00 8,704 ----a-w c:\windows\system32\fxsperf.dll
+ 2008-04-14 00:11:54 8,704 ----a-w c:\windows\system32\fxsperf.dll
- 2004-08-10 11:00:00 6,656 ----a-w c:\windows\system32\fxsres.dll
+ 2008-04-14 00:09:33 6,656 ----a-w c:\windows\system32\fxsres.dll
- 2004-08-10 11:00:00 562,176 ----a-w c:\windows\system32\fxsst.dll
+ 2008-04-14 00:11:54 562,176 ----a-w c:\windows\system32\fxsst.dll
- 2004-08-10 11:00:00 267,776 ----a-w c:\windows\system32\fxssvc.exe
+ 2008-04-14 00:12:21 267,776 ----a-w c:\windows\system32\fxssvc.exe
- 2004-08-10 11:00:00 246,272 ----a-w c:\windows\system32\fxst30.dll
+ 2008-04-14 00:11:54 246,272 ----a-w c:\windows\system32\fxst30.dll
- 2004-08-10 11:00:00 397,312 ----a-w c:\windows\system32\fxstiff.dll
+ 2008-04-14 00:11:54 397,312 ----a-w c:\windows\system32\fxstiff.dll
- 2004-08-10 11:00:00 154,112 ----a-w c:\windows\system32\fxsui.dll
+ 2008-04-14 00:11:54 154,112 ----a-w c:\windows\system32\fxsui.dll
- 2004-08-10 11:00:00 192,512 ----a-w c:\windows\system32\fxswzrd.dll
+ 2008-04-14 00:11:54 192,512 ----a-w c:\windows\system32\fxswzrd.dll
- 2004-08-10 11:00:00 400,384 ----a-w c:\windows\system32\fxsxp32.dll
+ 2008-04-14 00:11:54 400,384 ----a-w c:\windows\system32\fxsxp32.dll
- 2008-10-23 13:01:36 283,648 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\system32\gdi32.dll
- 2004-08-10 11:00:00 55,296 ----a-w c:\windows\system32\getmac.exe
+ 2008-04-14 00:12:21 59,904 ----a-w c:\windows\system32\getmac.exe
- 2004-08-10 11:00:00 122,880 ----a-w c:\windows\system32\glu32.dll
+ 2008-04-14 00:11:54 122,880 ----a-w c:\windows\system32\glu32.dll
- 2004-08-10 11:00:00 566,784 ----a-w c:\windows\system32\gpedit.dll
+ 2008-04-14 00:09:35 566,784 ----a-w c:\windows\system32\gpedit.dll
- 2004-08-10 11:00:00 9,728 ----a-w c:\windows\system32\gpkrsrc.dll
+ 2006-12-31 01:26:44 9,728 ----a-w c:\windows\system32\gpkrsrc.dll
- 2004-08-10 11:00:00 119,808 ----a-w c:\windows\system32\gpresult.exe
+ 2008-04-14 00:12:21 120,832 ----a-w c:\windows\system32\gpresult.exe
- 2004-08-10 11:00:00 198,656 ----a-w c:\windows\system32\gptext.dll
+ 2008-04-14 00:11:54 199,680 ----a-w c:\windows\system32\gptext.dll
- 2004-08-10 11:00:00 39,424 ----a-w c:\windows\system32\grpconv.exe
+ 2008-04-14 00:12:21 39,424 ----a-w c:\windows\system32\grpconv.exe
- 2004-08-10 11:00:00 614,912 ----a-w c:\windows\system32\h323msp.dll
+ 2008-04-14 00:11:54 614,912 ----a-w c:\windows\system32\h323msp.dll
- 2005-06-23 00:05:52 134,272 ----a-w c:\windows\system32\HAL.DLL
+ 2008-04-13 18:31:28 134,400 ----a-w c:\windows\system32\HAL.DLL
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\hccoin.dll
+ 2008-04-14 00:11:54 7,168 ----a-w c:\windows\system32\hccoin.dll
- 2004-08-10 11:00:00 14,848 ----a-w c:\windows\system32\help.exe
+ 2008-04-14 00:12:21 15,872 ----a-w c:\windows\system32\help.exe
- 2005-05-27 02:04:27 41,472 ----a-w c:\windows\system32\hhsetup.dll
+ 2008-04-14 00:11:54 41,472 ----a-w c:\windows\system32\hhsetup.dll
- 2004-08-10 11:00:00 20,992 ----a-w c:\windows\system32\hid.dll
+ 2008-04-14 00:11:54 20,992 ----a-w c:\windows\system32\hid.dll
- 2006-07-21 08:24:43 72,704 ----a-w c:\windows\system32\hlink.dll
+ 2008-04-14 00:11:54 72,704 ----a-w c:\windows\system32\hlink.dll
- 2004-08-10 11:00:00 344,064 ----a-w c:\windows\system32\hnetcfg.dll
+ 2008-04-14 00:11:54 344,064 ----a-w c:\windows\system32\hnetcfg.dll
- 2004-08-10 11:00:00 330,752 ----a-w c:\windows\system32\hnetwiz.dll
+ 2008-04-14 00:11:54 330,752 ----a-w c:\windows\system32\hnetwiz.dll
- 2004-08-10 11:00:00 144,896 ----a-w c:\windows\system32\hotplug.dll
+ 2008-04-14 00:11:54 144,896 ----a-w c:\windows\system32\hotplug.dll
+ 2008-04-14 00:11:54 32,285 ------w c:\windows\system32\hsfcisp2.dll
- 2004-08-10 11:00:00 24,576 ----a-w c:\windows\system32\httpapi.dll
+ 2008-04-14 00:11:54 24,576 ----a-w c:\windows\system32\httpapi.dll
- 2004-08-10 11:00:00 41,984 ----a-w c:\windows\system32\htui.dll
+ 2008-04-14 00:11:54 41,984 ----a-w c:\windows\system32\htui.dll
- 2004-11-17 17:41:24 347,136 ----a-w c:\windows\system32\hypertrm.dll
+ 2008-04-14 00:11:54 347,136 ----a-w c:\windows\system32\hypertrm.dll
- 2004-08-10 11:00:00 119,808 ----a-w c:\windows\system32\iasrad.dll
+ 2008-04-14 00:11:54 119,808 ----a-w c:\windows\system32\iasrad.dll
- 2004-08-10 11:00:00 11,264 ----a-w c:\windows\system32\icaapi.dll
+ 2008-04-14 00:11:54 11,264 ----a-w c:\windows\system32\icaapi.dll
+ 2008-12-20 23:15:13 63,488 ----a-w c:\windows\system32\icardie.dll
- 2004-08-10 11:00:00 80,384 ----a-w c:\windows\system32\iccvid.dll
+ 2008-04-14 00:11:54 80,384 ----a-w c:\windows\system32\iccvid.dll
- 2005-06-29 01:46:00 254,976 ----a-w c:\windows\system32\icm32.dll
+ 2008-04-14 00:11:54 254,976 ----a-w c:\windows\system32\icm32.dll
- 2004-08-10 11:00:00 3,584 ----a-w c:\windows\system32\icmp.dll
+ 2008-04-14 00:09:40 3,584 ----a-w c:\windows\system32\icmp.dll
- 2004-08-10 11:00:00 73,728 ----a-w c:\windows\system32\icwdial.dll
+ 2008-04-14 00:11:54 73,728 ----a-w c:\windows\system32\icwdial.dll
- 2004-08-10 11:00:00 65,536 ----a-w c:\windows\system32\icwphbk.dll
+ 2008-04-14 00:11:54 65,536 ----a-w c:\windows\system32\icwphbk.dll
+ 2006-06-29 13:05:44 26,112 ------w c:\windows\system32\idndl.dll
- 2004-08-10 11:00:00 120,832 ----a-w c:\windows\system32\idq.dll
+ 2008-04-14 00:11:54 120,832 ----a-w c:\windows\system32\idq.dll
- 2004-08-10 11:00:00 34,304 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2004-08-10 11:00:00 139,264 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ------w c:\windows\system32\ieakeng.dll
- 2004-08-10 11:00:00 216,576 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ------w c:\windows\system32\ieaksie.dll
- 2004-08-10 11:00:00 221,184 ----a-w c:\windows\system32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat
+ 2008-12-20 23:15:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2004-08-10 11:00:00 323,584 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2004-08-10 11:00:00 81,920 ----a-w c:\windows\system32\ieencode.dll
+ 2008-04-14 00:11:54 81,920 ----a-w c:\windows\system32\ieencode.dll
+ 2008-12-20 23:15:21 6,066,688 ----a-w c:\windows\system32\ieframe.dll
- 2008-10-16 10:20:46 251,904 ----a-w c:\windows\system32\iepeers.dll
+ 2007-08-13 23:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll
- 2004-08-10 11:00:00 48,640 ----a-w c:\windows\system32\iernonce.dll
+ 2008-12-20 23:15:21 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-12-20 23:15:22 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2004-08-10 11:00:00 62,976 ----a-w c:\windows\system32\iesetup.dll
+ 2007-08-13 23:39:12 55,296 ----a-w c:\windows\system32\iesetup.dll
+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2007-08-13 23:54:10 180,736 ------w c:\windows\system32\ieui.dll
- 2004-08-10 11:00:00 114,688 ----a-w c:\windows\system32\iexpress.exe
+ 2008-04-14 00:12:22 114,688 ----a-w c:\windows\system32\iexpress.exe
- 2004-08-10 11:00:00 135,680 ----a-w c:\windows\system32\ifmon.dll
+ 2008-04-14 00:11:54 135,680 ----a-w c:\windows\system32\ifmon.dll
- 2004-08-10 11:00:00 8,192 ----a-w c:\windows\system32\igmpagnt.dll
+ 2008-04-14 00:11:54 8,192 ----a-w c:\windows\system32\igmpagnt.dll
- 2004-08-10 11:00:00 81,920 ----a-w c:\windows\system32\ils.dll
+ 2008-04-14 00:11:54 81,920 ----a-w c:\windows\system32\ils.dll
- 2004-08-10 11:00:00 144,384 ----a-w c:\windows\system32\imagehlp.dll
+ 2008-04-14 00:11:54 144,384 ----a-w c:\windows\system32\imagehlp.dll
- 2004-08-10 11:00:00 150,016 ----a-w c:\windows\system32\imapi.exe
+ 2008-04-14 00:12:22 150,528 ----a-w c:\windows\system32\imapi.exe
- 2004-08-10 11:00:00 198,656 -c--a-w c:\windows\system32\IME\CINTLGNT\CINTIME.DLL
+ 2008-04-14 00:09:06 198,656 ----a-w c:\windows\system32\IME\CINTLGNT\cintime.dll
- 2004-08-10 11:00:00 70,144 -c--a-w c:\windows\system32\IME\PINTLGNT\PINTLPHR.EXE
+ 2008-04-13 16:43:36 70,144 ----a-w c:\windows\system32\IME\PINTLGNT\pintlphr.exe
- 2004-08-10 11:00:00 67,584 -c--a-w c:\windows\system32\IME\PINTLGNT\PMIGRATE.DLL
+ 2008-04-14 00:10:34 67,584 ----a-w c:\windows\system32\IME\PINTLGNT\pmigrate.dll
- 2004-08-10 11:00:00 10,240 -c--a-w c:\windows\system32\IME\TINTLGNT\TMIGRATE.DLL
+ 2008-04-14 00:10:59 10,240 ----a-w c:\windows\system32\IME\TINTLGNT\tmigrate.dll
- 2004-08-10 11:00:00 36,921 ----a-w c:\windows\system32\imeshare.dll
+ 2008-04-14 00:11:54 36,921 ----a-w c:\windows\system32\imeshare.dll
- 2004-08-10 11:00:00 35,840 ----a-w c:\windows\system32\imgutil.dll
+ 2007-08-13 23:36:06 36,352 ----a-w c:\windows\system32\imgutil.dll
- 2004-08-10 11:00:00 811,064 ----a-w c:\windows\system32\imjp81k.dll
+ 2008-04-14 00:09:44 811,064 ----a-w c:\windows\system32\imjp81k.dll
- 2004-08-10 11:00:00 110,080 ----a-w c:\windows\system32\imm32.dll
+ 2008-04-14 00:11:54 110,080 ----a-w c:\windows\system32\imm32.dll
- 2004-08-10 11:00:00 274,432 ----a-w c:\windows\system32\inetcfg.dll
+ 2008-04-14 00:11:54 274,432 ----a-w c:\windows\system32\inetcfg.dll
- 2008-04-11 18:50:43 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w c:\windows\system32\inetcomm.dll
- 2004-08-10 11:00:00 33,280 ----a-w c:\windows\system32\inetmib1.dll
+ 2008-04-14 00:11:55 32,768 ----a-w c:\windows\system32\inetmib1.dll
- 2004-08-10 11:00:00 75,264 ----a-w c:\windows\system32\inetpp.dll
+ 2008-04-14 00:11:55 75,264 ----a-w c:\windows\system32\inetpp.dll
- 2004-08-10 11:00:00 15,872 ----a-w c:\windows\system32\inetppui.dll
+ 2008-04-14 00:11:55 15,872 ----a-w c:\windows\system32\inetppui.dll
- 2004-08-10 11:00:00 48,128 ----a-w c:\windows\system32\inetres.dll
+ 2008-04-13 16:22:12 48,128 ----a-w c:\windows\system32\inetres.dll
+ 2008-04-14 00:12:05 221,696 ------w c:\windows\system32\inetsrv\seo.dll
+ 2008-04-14 00:12:06 189,440 ------w c:\windows\system32\inetsrv\smtpadm.dll
+ 2008-04-14 00:12:06 2,134,528 ------w c:\windows\system32\inetsrv\smtpsnap.dll
- 2004-08-10 11:00:00 147,456 ----a-w c:\windows\system32\initpki.dll
+ 2008-04-14 00:11:55 147,456 ----a-w c:\windows\system32\initpki.dll
- 2004-08-10 11:00:00 123,392 ----a-w c:\windows\system32\input.dll
+ 2008-04-14 00:11:55 123,392 ----a-w c:\windows\system32\input.dll
- 2008-10-16 10:20:46 96,256 ----a-w c:\windows\system32\inseng.dll
+ 2007-08-13 23:39:02 92,672 ----a-w c:\windows\system32\inseng.dll
- 2004-08-10 11:00:00 55,808 ----a-w c:\windows\system32\ipconfig.exe
+ 2008-04-14 00:12:22 55,808 ----a-w c:\windows\system32\ipconfig.exe
- 2006-05-19 12:59:41 94,720 ----a-w c:\windows\system32\iphlpapi.dll
+ 2008-04-14 00:11:55 94,720 ----a-w c:\windows\system32\iphlpapi.dll
- 2004-08-10 11:00:00 154,112 ----a-w c:\windows\system32\ipmontr.dll
+ 2008-04-14 00:11:55 161,280 ----a-w c:\windows\system32\ipmontr.dll
- 2004-08-10 11:00:00 331,264 ----a-w c:\windows\system32\ipnathlp.dll
+ 2008-04-14 00:11:55 331,264 ----a-w c:\windows\system32\ipnathlp.dll
- 2004-08-10 11:00:00 330,752 ----a-w c:\windows\system32\ippromon.dll
+ 2008-04-14 00:11:55 330,752 ----a-w c:\windows\system32\ippromon.dll
- 2004-08-10 11:00:00 169,984 ----a-w c:\windows\system32\iprtrmgr.dll
+ 2008-04-14 00:11:55 177,152 ----a-w c:\windows\system32\iprtrmgr.dll
- 2004-08-10 11:00:00 349,696 ----a-w c:\windows\system32\ipsecsnp.dll
+ 2008-04-14 00:11:55 349,696 ----a-w c:\windows\system32\ipsecsnp.dll
- 2004-08-10 11:00:00 182,784 ----a-w c:\windows\system32\ipsecsvc.dll
+ 2008-04-14 00:11:55 183,808 ----a-w c:\windows\system32\ipsecsvc.dll
- 2004-08-10 11:00:00 384,000 ----a-w c:\windows\system32\ipsmsnap.dll
+ 2008-04-14 00:11:55 384,000 ----a-w c:\windows\system32\ipsmsnap.dll
- 2004-08-10 11:00:00 53,248 ----a-w c:\windows\system32\ipv6.exe
+ 2008-04-14 00:12:23 53,248 ----a-w c:\windows\system32\ipv6.exe
- 2004-08-10 11:00:00 59,904 ----a-w c:\windows\system32\ipv6mon.dll
+ 2008-04-14 00:11:55 59,904 ----a-w c:\windows\system32\ipv6mon.dll
- 2004-08-10 11:00:00 23,552 ----a-w c:\windows\system32\ipxroute.exe
+ 2008-04-14 00:12:23 23,552 ----a-w c:\windows\system32\ipxroute.exe
- 2004-08-10 11:00:00 20,992 ----a-w c:\windows\system32\ipxwan.dll
+ 2008-04-14 00:11:55 22,016 ----a-w c:\windows\system32\ipxwan.dll
- 2004-08-10 11:00:00 120,320 ----a-w c:\windows\system32\ir41_qc.dll
+ 2008-04-14 00:11:55 120,320 ----a-w c:\windows\system32\ir41_qc.dll
- 2004-08-10 11:00:00 338,432 ----a-w c:\windows\system32\ir41_qcx.dll
+ 2008-04-14 00:11:55 338,432 ----a-w c:\windows\system32\ir41_qcx.dll
- 2004-08-10 11:00:00 755,200 ----a-w c:\windows\system32\ir50_32.dll
+ 2008-04-14 00:11:55 755,200 ----a-w c:\windows\system32\ir50_32.dll
- 2004-08-10 11:00:00 200,192 ----a-w c:\windows\system32\ir50_qc.dll
+ 2008-04-14 00:11:55 200,192 ----a-w c:\windows\system32\ir50_qc.dll
- 2004-08-10 11:00:00 183,808 ----a-w c:\windows\system32\ir50_qcx.dll
+ 2008-04-14 00:11:55 183,808 ----a-w c:\windows\system32\ir50_qcx.dll
- 2004-08-10 11:00:00 81,920 ----a-w c:\windows\system32\isign32.dll
+ 2008-04-14 00:11:55 81,920 ----a-w c:\windows\system32\isign32.dll
- 2004-08-10 11:00:00 32,768 ----a-w c:\windows\system32\isrdbg32.dll
+ 2008-04-14 00:11:55 32,768 ----a-w c:\windows\system32\isrdbg32.dll
- 2005-05-27 02:04:27 155,136 ----a-w c:\windows\system32\itircl.dll
+ 2008-04-14 00:11:55 155,136 ----a-w c:\windows\system32\itircl.dll
- 2005-05-27 02:04:27 137,216 ----a-w c:\windows\system32\itss.dll
+ 2008-04-14 00:11:55 138,240 ----a-w c:\windows\system32\itss.dll
- 2004-08-10 11:00:00 54,272 ----a-w c:\windows\system32\ixsso.dll
+ 2008-04-14 00:11:55 54,272 ----a-w c:\windows\system32\ixsso.dll
- 2004-08-04 05:56:44 47,616 ----a-w c:\windows\system32\iyuv_32.dll
+ 2008-04-14 00:11:55 47,616 ----a-w c:\windows\system32\iyuv_32.dll
- 2006-12-15 07:30:58 49,248 ----a-w c:\windows\system32\java.exe
+ 2009-04-02 13:13:26 144,792 ----a-w c:\windows\system32\java.exe
- 2006-12-15 07:31:06 53,346 ----a-w c:\windows\system32\javaw.exe
+ 2009-04-02 13:13:26 144,792 ----a-w c:\windows\system32\javaw.exe
- 2006-12-15 09:09:14 127,078 ----a-w c:\windows\system32\javaws.exe
+ 2009-04-02 13:13:26 148,888 ----a-w c:\windows\system32\javaws.exe
- 2006-06-01 18:47:07 163,840 ----a-w c:\windows\system32\jgdw400.dll
+ 2008-04-14 00:11:55 163,840 ----a-w c:\windows\system32\jgdw400.dll
- 2006-06-01 18:47:07 27,648 ----a-w c:\windows\system32\jgpl400.dll
+ 2008-04-14 00:11:55 27,648 ----a-w c:\windows\system32\jgpl400.dll
- 2007-12-18 14:40:58 450,560 ----a-w c:\windows\system32\jscript.dll
+ 2008-04-14 00:11:56 512,000 ----a-w c:\windows\system32\jscript.dll
- 2008-10-16 10:20:50 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ------w c:\windows\system32\jsproxy.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\kbd101.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbd101.dll
- 2001-08-17 19:55:56 6,144 ----a-w c:\windows\system32\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbd106.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbd106n.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdbhc.dll
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\kbdfi1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdfi1.dll
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\kbdibm02.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdibm02.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdinbe1.dll
- 2004-08-10 11:00:00 6,656 ----a-w c:\windows\system32\kbdinben.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdinben.dll
- 2004-08-10 11:00:00 6,656 ----a-w c:\windows\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,656 ----a-w c:\windows\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdiultn.dll
- 2004-08-10 11:00:00 6,656 ----a-w c:\windows\system32\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,656 ----a-w c:\windows\system32\kbdlk41a.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\kbdlk41j.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdlk41j.dll
- 2004-08-10 11:00:00 5,632 ----a-w c:\windows\system32\kbdmaori.dll
+ 2008-04-14 00:09:55 5,632 ----a-w c:\windows\system32\kbdmaori.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt47.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdnepr.dll
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdpash.dll
- 2004-08-10 11:00:00 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
- 2004-08-10 11:00:00 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdukx.dll
- 2004-08-10 11:00:00 7,424 ----a-w c:\windows\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w c:\windows\system32\kd1394.dll
- 2005-06-15 17:49:30 295,936 ----a-w c:\windows\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w c:\windows\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w c:\windows\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w c:\windows\system32\kernel32.dll
- 2004-08-10 11:00:00 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ------w c:\windows\system32\kmsvc.dll
- 2004-08-04 06:56:44 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w c:\windows\system32\l2gpstore.dll
- 2004-08-10 11:00:00 423,936 ----a-w c:\windows\system32\licdll.dll
+ 2008-04-14 10:41:58 423,936 ----a-w c:\windows\system32\licdll.dll
- 2004-08-10 11:00:00 22,016 ----a-w c:\windows\system32\licmgr10.dll
+ 2007-08-13 23:44:18 40,960 ----a-w c:\windows\system32\licmgr10.dll
- 2004-08-10 11:00:00 58,880 ----a-w c:\windows\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w c:\windows\system32\licwmi.dll
- 2005-09-01 01:41:53 19,968 ----a-w c:\windows\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\linkinfo.dll
- 2004-08-10 11:00:00 13,824 ----a-w c:\windows\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w c:\windows\system32\lmhsvc.dll
- 2004-08-10 11:00:00 399,872 ----a-w c:\windows\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w c:\windows\system32\lmrt.dll
- 2004-08-10 11:00:00 97,280 ----a-w c:\windows\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w c:\windows\system32\loadperf.dll
- 2004-08-10 11:00:00 221,696 ----a-w c:\windows\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w c:\windows\system32\localsec.dll
- 2004-08-10 11:00:00 341,504 ----a-w c:\windows\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w c:\windows\system32\localspl.dll
- 2004-08-10 11:00:00 11,776 ----a-w c:\windows\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w c:\windows\system32\localui.dll
- 2004-08-10 11:00:00 75,264 ----a-w c:\windows\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w c:\windows\system32\locator.exe
- 2004-08-10 11:00:00 59,392 ----a-w c:\windows\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ----a-w c:\windows\system32\logman.exe
- 2004-08-10 11:00:00 220,672 ----a-w c:\windows\system32\logon.scr
+ 2008-04-14 00:12:43 220,672 ----a-w c:\windows\system32\logon.scr
- 2004-08-10 11:00:00 514,560 ----a-w c:\windows\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w c:\windows\system32\logonui.exe
- 2004-08-10 11:00:00 22,016 ----a-w c:\windows\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w c:\windows\system32\lpk.dll
- 2004-08-10 11:00:00 10,240 ----a-w c:\windows\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w c:\windows\system32\lprhelp.dll
- 2007-11-07 09:26:56 721,920 ----a-w c:\windows\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w c:\windows\system32\lsasrv.dll
- 2004-08-10 11:00:00 13,312 ----a-w c:\windows\system32\lsass.exe
+ 2008-04-14 00:12:24 13,312 ----a-w c:\windows\system32\lsass.exe
- 2004-08-10 11:00:00 72,704 ----a-w c:\windows\system32\magnify.exe
+ 2008-04-14 00:12:24 72,704 ----a-w c:\windows\system32\magnify.exe
- 2004-08-10 11:00:00 85,504 ----a-w c:\windows\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w c:\windows\system32\makecab.exe
- 2004-08-10 11:00:00 14,848 ----a-w c:\windows\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w c:\windows\system32\mcastmib.dll
- 2004-08-10 11:00:00 84,480 ----a-w c:\windows\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w c:\windows\system32\mciavi32.dll
- 2004-08-10 11:00:00 35,328 ----a-w c:\windows\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w c:\windows\system32\mciqtz32.dll
- 2004-08-10 11:00:00 23,040 ----a-w c:\windows\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w c:\windows\system32\mciseq.dll
- 2004-08-10 11:00:00 23,552 ----a-w c:\windows\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w c:\windows\system32\mciwave.dll
- 2004-08-10 11:00:00 118,272 ----a-w c:\windows\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w c:\windows\system32\mdminst.dll
- 2007-03-08 15:36:28 40,960 ----a-w c:\windows\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w c:\windows\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 ----a-w c:\windows\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w c:\windows\system32\mfc40u.dll
- 2004-08-10 11:00:00 1,028,096 ----a-w c:\windows\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w c:\windows\system32\mfc42.dll
- 2004-08-10 11:00:00 22,528 ----a-w c:\windows\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w c:\windows\system32\mfcsubs.dll
- 2004-08-10 11:00:00 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ------w c:\windows\system32\microsoft.managementconsole.dll
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w c:\windows\system32\midimap.dll
- 2004-08-10 11:00:00 60,928 ----a-w c:\windows\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w c:\windows\system32\miglibnt.dll
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w c:\windows\system32\mimefilt.dll
- 2004-08-10 11:00:00 586,240 ----a-w c:\windows\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w c:\windows\system32\mlang.dll
- 2004-08-10 11:00:00 815,104 ----a-w c:\windows\system32\mmc.exe
+ 2008-04-14 00:12:25 1,414,656 ----a-w c:\windows\system32\mmc.exe
- 2004-08-10 11:00:00 70,656 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w c:\windows\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ------w c:\windows\system32\mmcfxcommon.dll
- 2004-08-10 11:00:00 1,192,960 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w c:\windows\system32\mmcperf.exe
- 2004-08-10 11:00:00 50,688 ----a-w c:\windows\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w c:\windows\system32\mmcshext.dll
- 2004-08-10 11:00:00 17,408 ----a-w c:\windows\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w c:\windows\system32\mmfutil.dll
- 2004-08-10 11:00:00 34,560 ----a-w c:\windows\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w c:\windows\system32\mnmdd.dll
- 2004-08-10 11:00:00 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
- 2004-08-10 11:00:00 207,360 ----a-w c:\windows\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w c:\windows\system32\mobsync.dll
- 2004-08-10 11:00:00 143,360 ----a-w c:\windows\system32\mobsync.exe
+ 2008-04-14 00:12:26 143,360 ----a-w c:\windows\system32\mobsync.exe
- 2004-08-10 11:00:00 153,600 ----a-w c:\windows\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w c:\windows\system32\modemui.dll
- 2004-08-10 11:00:00 15,872 ----a-w c:\windows\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w c:\windows\system32\more.com
- 2004-08-10 11:00:00 216,064 ----a-w c:\windows\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w c:\windows\system32\moricons.dll
- 2004-08-10 11:00:00 123,392 ----a-w c:\windows\system32\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w c:\windows\system32\mplay32.exe
- 2004-08-10 11:00:00 59,904 ----a-w c:\windows\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w c:\windows\system32\mpr.dll
- 2004-08-10 11:00:00 87,040 ----a-w c:\windows\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w c:\windows\system32\mprapi.dll
- 2004-08-10 11:00:00 49,152 ----a-w c:\windows\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w c:\windows\system32\mprdim.dll
- 2007-07-06 12:46:59 138,240 ----a-w c:\windows\system32\mqad.dll
+ 2008-04-14 00:11:57 138,240 ----a-w c:\windows\system32\mqad.dll
- 2004-08-10 11:00:00 19,968 ----a-w c:\windows\system32\mqbkup.exe
+ 2008-04-14 00:12:27 19,968 ----a-w c:\windows\system32\mqbkup.exe
- 2007-07-06 12:46:59 47,104 ----a-w c:\windows\system32\mqdscli.dll
+ 2008-04-14 00:11:57 47,616 ----a-w c:\windows\system32\mqdscli.dll
- 2007-07-06 12:46:59 16,896 ----a-w c:\windows\system32\mqise.dll
+ 2008-04-14 00:11:57 16,896 ----a-w c:\windows\system32\mqise.dll
- 2004-08-10 11:00:00 89,088 ----a-w c:\windows\system32\mqlogmgr.dll
+ 2008-04-14 00:11:57 89,088 ----a-w c:\windows\system32\mqlogmgr.dll
- 2004-08-10 11:00:00 225,280 ----a-w c:\windows\system32\mqoa.dll
+ 2008-04-14 00:11:57 225,280 ----a-w c:\windows\system32\mqoa.dll
- 2007-07-06 12:46:59 660,992 ----a-w c:\windows\system32\mqqm.dll
+ 2008-04-14 00:11:57 663,040 ----a-w c:\windows\system32\mqqm.dll
- 2007-07-06 12:46:59 177,152 ----a-w c:\windows\system32\mqrt.dll
+ 2008-04-14 00:11:57 177,152 ----a-w c:\windows\system32\mqrt.dll
- 2004-08-10 11:00:00 123,392 ----a-w c:\windows\system32\mqrtdep.dll
+ 2008-04-14 00:11:57 123,904 ----a-w c:\windows\system32\mqrtdep.dll
- 2007-07-06 12:46:59 95,744 ----a-w c:\windows\system32\mqsec.dll
+ 2008-04-14 00:11:57 95,744 ----a-w c:\windows\system32\mqsec.dll
- 2004-08-10 11:00:00 517,632 ----a-w c:\windows\system32\mqsnap.dll
+ 2008-04-14 00:11:58 517,632 ----a-w c:\windows\system32\mqsnap.dll
- 2004-08-10 11:00:00 4,608 ----a-w c:\windows\system32\mqsvc.exe
+ 2008-04-14 00:12:27 4,608 ----a-w c:\windows\system32\mqsvc.exe
- 2004-08-10 11:00:00 117,248 ----a-w c:\windows\system32\mqtgsvc.exe
+ 2008-04-14 00:12:27 117,248 ----a-w c:\windows\system32\mqtgsvc.exe
- 2004-08-10 11:00:00 186,880 ----a-w c:\windows\system32\mqtrig.dll
+ 2008-04-14 00:11:58 187,392 ----a-w c:\windows\system32\mqtrig.dll
- 2007-07-06 12:46:59 48,640 ----a-w c:\windows\system32\mqupgrd.dll
+ 2008-04-14 00:11:58 49,152 ----a-w c:\windows\system32\mqupgrd.dll
- 2007-07-06 12:46:59 471,552 ----a-w c:\windows\system32\mqutil.dll
+ 2008-04-14 00:11:58 471,552 ----a-w c:\windows\system32\mqutil.dll
+ 2009-02-25 17:55:00 24,768,960 ----a-w c:\windows\system32\MRT.exe
- 2004-08-10 11:00:00 71,680 ----a-w c:\windows\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w c:\windows\system32\msacm32.dll
- 2004-08-10 11:00:00 3,584 ----a-w c:\windows\system32\msafd.dll
+ 2008-04-14 00:10:06 3,584 ----a-w c:\windows\system32\msafd.dll
- 2004-08-10 11:00:00 86,016 ----a-w c:\windows\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w c:\windows\system32\msapsspc.dll
- 2004-08-10 11:00:00 57,344 ----a-w c:\windows\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w c:\windows\system32\msasn1.dll
- 2008-06-24 16:23:05 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\system32\mscms.dll
- 2004-08-10 11:00:00 69,632 ----a-w c:\windows\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w c:\windows\system32\msconf.dll
- 2004-08-10 11:00:00 12,288 ----a-w c:\windows\system32\mscpx32r.dLL
+ 2008-04-13 17:26:07 12,288 ----a-w c:\windows\system32\mscpx32r.dll
- 2004-08-10 11:00:00 36,864 ----a-w c:\windows\system32\mscpxl32.dLL
+ 2008-04-14 00:11:58 36,864 ----a-w c:\windows\system32\mscpxl32.dll
- 2008-02-26 11:59:50 294,912 ----a-w c:\windows\system32\msctf.dll
+ 2008-04-14 00:11:58 297,984 ----a-w c:\windows\system32\msctf.dll
- 2004-08-10 11:00:00 69,120 ----a-w c:\windows\system32\MSCTFP.dll
+ 2008-04-14 00:11:58 68,608 ----a-w c:\windows\system32\msctfp.dll
- 2004-08-10 11:00:00 118,784 ----a-w c:\windows\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ----a-w c:\windows\system32\msdadiag.dll
- 2004-08-10 11:00:00 151,552 ----a-w c:\windows\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w c:\windows\system32\msdart.dll
- 2004-08-10 11:00:00 14,336 ----a-w c:\windows\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w c:\windows\system32\msdmo.dll
- 2004-08-10 11:00:00 6,144 ----a-w c:\windows\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w c:\windows\system32\msdtc.exe
- 2004-08-10 11:00:00 58,880 ----a-w c:\windows\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w c:\windows\system32\msdtclog.dll
- 2006-03-01 19:42:42 426,496 ----a-w c:\windows\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w c:\windows\system32\msdtcprx.dll
- 2006-03-01 19:42:42 956,416 ----a-w c:\windows\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w c:\windows\system32\msdtctm.dll
- 2006-03-01 19:42:42 161,280 ----a-w c:\windows\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w c:\windows\system32\msdtcuiu.dll
- 2004-08-10 11:00:00 4,126 ----a-w c:\windows\system32\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w c:\windows\system32\msdxmlc.dll
+ 2008-12-20 23:15:23 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-12-20 23:15:24 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 23:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe
- 2006-11-27 14:54:06 539,136 ----a-w c:\windows\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w c:\windows\system32\msftedit.dll
- 2004-08-10 11:00:00 994,304 ----a-w c:\windows\system32\msgina.dll
+ 2008-04-14 00:11:59 997,376 ----a-w c:\windows\system32\msgina.dll
- 2004-08-10 11:00:00 33,792 ----a-w c:\windows\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w c:\windows\system32\msgsvc.dll
- 2004-08-10 11:00:00 188,416 ----a-w c:\windows\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w c:\windows\system32\msh261.drv
- 2004-08-04 05:56:58 294,912 ----a-w c:\windows\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w c:\windows\system32\msh263.drv
- 2004-08-10 11:00:00 29,184 ----a-w c:\windows\system32\mshta.exe
+ 2007-08-13 23:32:30 45,568 ----a-w c:\windows\system32\mshta.exe
- 2008-12-12 17:27:54 3,067,392 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-17 02:35:14 3,594,752 ----a-w c:\windows\system32\mshtml.dll
- 2008-10-16 10:20:50 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ------w c:\windows\system32\mshtmled.dll
- 2004-08-10 11:00:00 56,832 ----a-w c:\windows\system32\mshtmler.dll
+ 2007-08-13 23:01:12 48,128 ----a-w c:\windows\system32\mshtmler.dll
- 2007-04-18 16:12:23 2,854,400 ----a-w c:\windows\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w c:\windows\system32\msi.dll
- 2004-08-10 11:00:00 51,712 ----a-w c:\windows\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w c:\windows\system32\msident.dll
- 2004-08-10 11:00:00 6,656 ----a-w c:\windows\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w c:\windows\system32\msidle.dll
- 2004-08-10 11:00:00 248,832 ----a-w c:\windows\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w c:\windows\system32\msieftp.dll
- 2005-05-05 01:45:36 78,848 ----a-w c:\windows\system32\msiexec.exe
+ 2008-04-14 00:12:28 78,848 ----a-w c:\windows\system32\msiexec.exe
- 2005-05-05 01:45:36 271,360 ----a-w c:\windows\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w c:\windows\system32\msihnd.dll
- 2004-08-10 11:00:00 4,608 ----a-w c:\windows\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w c:\windows\system32\msimg32.dll
- 2005-05-05 01:45:36 884,736 ----a-w c:\windows\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w c:\windows\system32\msimsg.dll
- 2004-08-10 11:00:00 159,232 ----a-w c:\windows\system32\MSIMTF.dll
+ 2008-04-14 00:11:59 159,232 ----a-w c:\windows\system32\msimtf.dll
- 2005-05-05 01:45:36 15,360 ----a-w c:\windows\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\msisip.dll
- 2008-03-27 08:12:54 151,583 ----a-w c:\windows\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w c:\windows\system32\msjint40.dll
- 2004-08-10 11:00:00 25,088 ----a-w c:\windows\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w c:\windows\system32\mslbui.dll
- 2004-08-10 11:00:00 146,432 ----a-w c:\windows\system32\msls31.dll
+ 2007-08-13 23:54:10 156,160 ----a-w c:\windows\system32\msls31.dll
- 2004-08-10 11:00:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
- 2004-08-10 11:00:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
- 2004-08-10 11:00:00 105,984 ----a-w c:\windows\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w c:\windows\system32\msoert2.dll
- 2004-08-10 11:00:00 20,480 ----a-w c:\windows\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w c:\windows\system32\msorc32r.dll
- 2004-08-10 11:00:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
- 2004-08-10 11:00:00 343,040 ----a-w c:\windows\system32\mspaint.exe
+ 2008-04-14 00:12:28 343,040 ----a-w c:\windows\system32\mspaint.exe
- 2004-08-10 11:00:00 30,208 ----a-w c:\windows\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w c:\windows\system32\mspatcha.dll
- 2004-08-10 11:00:00 48,128 ----a-w c:\windows\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w c:\windows\system32\msprivs.dll
- 2008-10-16 10:20:46 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2008-12-20 23:15:31 193,024 ------w c:\windows\system32\msrating.dll
- 2004-08-10 11:00:00 11,264 ----a-w c:\windows\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w c:\windows\system32\msrle32.dll
- 2004-08-10 11:00:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w c:\windows\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w c:\windows\system32\msshavmsg.dll
- 2004-08-10 11:00:00 274,944 ----a-w c:\windows\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w c:\windows\system32\mstask.dll
- 2008-10-16 10:20:46 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2008-12-20 23:15:32 671,232 ------w c:\windows\system32\mstime.dll
- 2004-08-10 11:00:00 12,288 ----a-w c:\windows\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w c:\windows\system32\mstinit.exe
- 2004-08-10 11:00:00 115,712 ----a-w c:\windows\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w c:\windows\system32\mstlsapi.dll
- 2004-08-10 11:00:00 407,552 ----a-w c:\windows\system32\mstsc.exe
+ 2008-04-14 00:12:23 677,888 ----a-w c:\windows\system32\mstsc.exe
- 2004-08-10 11:00:00 655,360 ----a-w c:\windows\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w c:\windows\system32\mstscax.dll
- 2004-08-10 11:00:00 195,072 ----a-w c:\windows\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w c:\windows\system32\msutb.dll
- 2004-08-10 11:00:00 129,536 ----a-w c:\windows\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w c:\windows\system32\msv1_0.dll
- 2004-08-10 11:00:00 1,392,671 ----a-w c:\windows\system32\msvbvm60.dll
+ 2008-04-14 00:12:00 1,384,479 ----a-w c:\windows\system32\msvbvm60.dll
- 2004-08-10 11:00:00 54,784 ----a-w c:\windows\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\msvcirt.dll
- 2004-08-10 11:00:00 413,696 ----a-w c:\windows\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w c:\windows\system32\msvcp60.dll
- 2004-08-10 11:00:00 343,040 ----a-w c:\windows\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w c:\windows\system32\msvcrt.dll
- 2004-08-10 11:00:00 61,440 ----a-w c:\windows\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w c:\windows\system32\msvcrt40.dll
- 2004-08-10 11:00:00 120,832 ----a-w c:\windows\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w c:\windows\system32\msvfw32.dll
- 2004-08-10 11:00:00 72,704 ----a-w c:\windows\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w c:\windows\system32\msw3prt.dll
- 2004-08-10 11:00:00 204,288 ----a-w c:\windows\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w c:\windows\system32\mswebdvd.dll
- 2008-06-20 17:41:10 245,248 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\system32\mswsock.dll
- 2004-08-10 11:00:00 506,368 ----a-w c:\windows\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w c:\windows\system32\msxml.dll
- 2004-08-10 11:00:00 701,440 ----a-w c:\windows\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w c:\windows\system32\msxml2.dll
- 2008-09-04 16:42:02 1,106,944 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w c:\windows\system32\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w c:\windows\system32\msxml6r.dll
- 2004-08-04 05:56:46 17,408 ----a-w c:\windows\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w c:\windows\system32\msyuv.dll
- 2006-03-01 19:42:42 66,560 ----a-w c:\windows\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w c:\windows\system32\mtxclu.dll
- 2004-08-10 11:00:00 20,480 ----a-w c:\windows\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w c:\windows\system32\mtxdm.dll
- 2004-08-10 11:00:00 4,096 ----a-w c:\windows\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w c:\windows\system32\mtxex.dll
- 2004-08-10 11:00:00 25,088 ----a-w c:\windows\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w c:\windows\system32\mtxlegih.dll
- 2006-03-01 19:42:42 91,136 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w c:\windows\system32\mtxparhd.dll
- 2004-08-10 11:00:00 393,728 -c--a-w c:\windows\system32\mui\0401\xpob2res.dll
+ 2008-04-13 18:40:07 393,728 ----a-w c:\windows\system32\mui\0401\xpob2res.dll
- 2004-08-10 11:00:00 186,880 -c--a-w c:\windows\system32\mui\0401\xpsp1res.dll
+ 2008-04-13 18:35:06 186,880 ----a-w c:\windows\system32\mui\0401\xpsp1res.dll
- 2004-08-10 11:00:00 2,869,248 -c--a-w c:\windows\system32\mui\0401\xpsp2res.dll
+ 2008-04-13 18:35:49 2,869,248 ----a-w c:\windows\system32\mui\0401\xpsp2res.dll
+ 2008-04-13 18:39:02 656,896 ------w c:\windows\system32\mui\0401\xpsp3res.dll
- 2004-08-10 11:00:00 189,440 -c--a-w c:\windows\system32\mui\0402\xpsp1res.dll
+ 2008-04-13 18:35:08 189,440 ----a-w c:\windows\system32\mui\0402\xpsp1res.dll
- 2004-08-10 11:00:00 212,480 -c--a-w c:\windows\system32\mui\0404\xpob2res.dll
+ 2008-04-13 18:40:23 212,480 ----a-w c:\windows\system32\mui\0404\xpob2res.dll
- 2004-08-10 11:00:00 161,280 -c--a-w c:\windows\system32\mui\0404\xpsp1res.dll
+ 2008-04-13 18:35:09 161,280 ----a-w c:\windows\system32\mui\0404\xpsp1res.dll
- 2004-08-10 11:00:00 477,696 -c--a-w c:\windows\system32\mui\0404\xpsp2res.dll
+ 2008-04-13 18:36:10 477,696 ----a-w c:\windows\system32\mui\0404\xpsp2res.dll
+ 2008-04-13 18:39:13 327,680 ------w c:\windows\system32\mui\0404\xpsp3res.dll
- 2004-08-10 11:00:00 428,032 -c--a-w c:\windows\system32\mui\0405\xpob2res.dll
+ 2008-04-13 18:40:24 428,032 ----a-w c:\windows\system32\mui\0405\xpob2res.dll
- 2004-08-10 11:00:00 188,928 -c--a-w c:\windows\system32\mui\0405\xpsp1res.dll
+ 2008-04-13 18:35:09 188,928 ----a-w c:\windows\system32\mui\0405\xpsp1res.dll
- 2004-08-10 11:00:00 734,720 -c--a-w c:\windows\system32\mui\0405\xpsp2res.dll
+ 2008-04-13 18:36:10 734,720 ----a-w c:\windows\system32\mui\0405\xpsp2res.dll
+ 2008-04-13 18:39:02 601,088 ------w c:\windows\system32\mui\0405\xpsp3res.dll
- 2004-08-10 11:00:00 418,816 -c--a-w c:\windows\system32\mui\0406\xpob2res.dll
+ 2008-04-13 18:40:27 418,816 ----a-w c:\windows\system32\mui\0406\xpob2res.dll
- 2004-08-10 11:00:00 192,512 -c--a-w c:\windows\system32\mui\0406\xpsp1res.dll
+ 2008-04-13 18:35:09 192,000 ----a-w c:\windows\system32\mui\0406\xpsp1res.dll
- 2004-08-10 11:00:00 742,912 -c--a-w c:\windows\system32\mui\0406\xpsp2res.dll
+ 2008-04-13 18:36:10 742,912 ----a-w c:\windows\system32\mui\0406\xpsp2res.dll
+ 2008-04-13 18:39:12 605,696 ------w c:\windows\system32\mui\0406\xpsp3res.dll
- 2004-08-10 11:00:00 403,456 -c--a-w c:\windows\system32\mui\0407\xpob2res.dll
+ 2008-04-13 18:40:34 403,456 ----a-w c:\windows\system32\mui\0407\xpob2res.dll
- 2004-08-10 11:00:00 199,680 -c--a-w c:\windows\system32\mui\0407\xpsp1res.dll
+ 2008-04-13 18:35:21 199,680 ----a-w c:\windows\system32\mui\0407\xpsp1res.dll
- 2004-08-10 11:00:00 788,992 -c--a-w c:\windows\system32\mui\0407\xpsp2res.dll
+ 2008-04-13 18:37:03 788,480 ----a-w c:\windows\system32\mui\0407\xpsp2res.dll
+ 2008-04-13 18:39:19 663,552 ------w c:\windows\system32\mui\0407\xpsp3res.dll
- 2004-08-10 11:00:00 419,328 -c--a-w c:\windows\system32\mui\0408\xpob2res.dll
+ 2008-04-13 18:40:30 419,328 ----a-w c:\windows\system32\mui\0408\xpob2res.dll
- 2004-08-10 11:00:00 197,632 -c--a-w c:\windows\system32\mui\0408\xpsp1res.dll
+ 2008-04-13 18:35:11 197,632 ----a-w c:\windows\system32\mui\0408\xpsp1res.dll
- 2004-08-10 11:00:00 801,280 -c--a-w c:\windows\system32\mui\0408\xpsp2res.dll
+ 2008-04-13 18:36:35 801,280 ----a-w c:\windows\system32\mui\0408\xpsp2res.dll
+ 2008-04-13 18:39:12 679,936 ------w c:\windows\system32\mui\0408\xpsp3res.dll
- 2004-08-10 11:00:00 405,504 -c--a-w c:\windows\system32\mui\040b\xpob2res.dll
+ 2008-04-13 18:40:32 405,504 ----a-w c:\windows\system32\mui\040b\xpob2res.dll
- 2004-08-10 11:00:00 186,368 -c--a-w c:\windows\system32\mui\040b\xpsp1res.dll
+ 2008-04-13 18:35:11 186,368 ----a-w c:\windows\system32\mui\040b\xpsp1res.dll
- 2004-08-10 11:00:00 729,088 -c--a-w c:\windows\system32\mui\040b\xpsp2res.dll
+ 2008-04-13 18:36:39 729,088 ----a-w c:\windows\system32\mui\040b\xpsp2res.dll
+ 2008-04-13 18:39:17 604,672 ------w c:\windows\system32\mui\040b\xpsp3res.dll
- 2004-08-10 11:00:00 410,624 -c--a-w c:\windows\system32\mui\040C\xpob2res.dll
+ 2008-04-13 18:40:33 410,624 ----a-w c:\windows\system32\mui\040C\xpob2res.dll
- 2004-08-10 11:00:00 197,632 -c--a-w c:\windows\system32\mui\040C\xpsp1res.dll
+ 2008-04-13 18:35:20 197,632 ----a-w c:\windows\system32\mui\040C\xpsp1res.dll
- 2004-08-10 11:00:00 793,600 -c--a-w c:\windows\system32\mui\040C\xpsp2res.dll
+ 2008-04-13 18:36:55 793,088 ----a-w c:\windows\system32\mui\040C\xpsp2res.dll
+ 2008-04-13 18:39:20 663,040 ------w c:\windows\system32\mui\040C\xpsp3res.dll
- 2004-08-10 11:00:00 384,000 -c--a-w c:\windows\system32\mui\040D\xpob2res.dll
+ 2008-04-13 18:40:32 384,000 ----a-w c:\windows\system32\mui\040D\xpob2res.dll
- 2004-08-10 11:00:00 181,760 -c--a-w c:\windows\system32\mui\040D\xpsp1res.dll
+ 2008-04-13 18:35:21 181,760 ----a-w c:\windows\system32\mui\040D\xpsp1res.dll
- 2004-08-10 11:00:00 2,842,112 -c--a-w c:\windows\system32\mui\040D\xpsp2res.dll
+ 2008-04-13 18:37:07 2,842,112 ----a-w c:\windows\system32\mui\040D\xpsp2res.dll
+ 2008-04-13 18:39:28 620,544 ------w c:\windows\system32\mui\040D\xpsp3res.dll
- 2004-08-10 11:00:00 434,176 -c--a-w c:\windows\system32\mui\040e\xpob2res.dll
+ 2008-04-13 18:40:39 434,176 ----a-w c:\windows\system32\mui\040e\xpob2res.dll
- 2004-08-10 11:00:00 195,584 -c--a-w c:\windows\system32\mui\040e\xpsp1res.dll
+ 2008-04-13 18:35:23 195,584 ----a-w c:\windows\system32\mui\040e\xpsp1res.dll
- 2004-08-10 11:00:00 769,536 -c--a-w c:\windows\system32\mui\040e\xpsp2res.dll
+ 2008-04-13 18:37:22 769,536 ----a-w c:\windows\system32\mui\040e\xpsp2res.dll
+ 2008-04-13 18:39:28 645,120 ------w c:\windows\system32\mui\040e\xpsp3res.dll
- 2004-08-10 11:00:00 413,696 -c--a-w c:\windows\system32\mui\0410\xpob2res.dll
+ 2008-04-13 18:40:39 413,696 ----a-w c:\windows\system32\mui\0410\xpob2res.dll
- 2004-08-10 11:00:00 195,072 -c--a-w c:\windows\system32\mui\0410\xpsp1res.dll
+ 2008-04-13 18:35:23 195,072 ----a-w c:\windows\system32\mui\0410\xpsp1res.dll
- 2004-08-10 11:00:00 769,536 -c--a-w c:\windows\system32\mui\0410\xpsp2res.dll
+ 2008-04-13 18:37:22 769,536 ----a-w c:\windows\system32\mui\0410\xpsp2res.dll
+ 2008-04-13 18:39:28 658,432 ------w c:\windows\system32\mui\0410\xpsp3res.dll
- 2004-08-10 11:00:00 275,456 -c--a-w c:\windows\system32\mui\0411\xpob2res.dll
+ 2008-04-13 18:40:44 275,456 ----a-w c:\windows\system32\mui\0411\xpob2res.dll
- 2004-08-10 11:00:00 171,008 -c--a-w c:\windows\system32\mui\0411\xpsp1res.dll
+ 2008-04-13 18:35:23 171,008 ----a-w c:\windows\system32\mui\0411\xpsp1res.dll
- 2004-08-10 11:00:00 562,688 -c--a-w c:\windows\system32\mui\0411\xpsp2res.dll
+ 2008-04-13 18:37:34 562,688 ----a-w c:\windows\system32\mui\0411\xpsp2res.dll
+ 2008-04-13 18:39:49 412,672 ------w c:\windows\system32\mui\0411\xpsp3res.dll
- 2004-08-10 11:00:00 306,688 -c--a-w c:\windows\system32\mui\0412\xpob2res.dll
+ 2008-04-13 18:40:48 306,688 ----a-w c:\windows\system32\mui\0412\xpob2res.dll
- 2004-08-10 11:00:00 167,936 -c--a-w c:\windows\system32\mui\0412\xpsp1res.dll
+ 2008-04-13 18:35:23 167,936 ----a-w c:\windows\system32\mui\0412\xpsp1res.dll
- 2004-08-10 11:00:00 543,744 -c--a-w c:\windows\system32\mui\0412\xpsp2res.dll
+ 2008-04-13 18:37:37 543,744 ----a-w c:\windows\system32\mui\0412\xpsp2res.dll
+ 2008-04-13 18:39:49 392,704 ------w c:\windows\system32\mui\0412\xpsp3res.dll
- 2004-08-10 11:00:00 401,920 -c--a-w c:\windows\system32\mui\0413\xpob2res.dll
+ 2008-04-13 18:40:44 401,920 ----a-w c:\windows\system32\mui\0413\xpob2res.dll
- 2004-08-10 11:00:00 196,096 -c--a-w c:\windows\system32\mui\0413\xpsp1res.dll
+ 2008-04-13 18:35:25 196,096 ----a-w c:\windows\system32\mui\0413\xpsp1res.dll
- 2004-08-10 11:00:00 769,024 -c--a-w c:\windows\system32\mui\0413\xpsp2res.dll
+ 2008-04-13 18:38:00 769,024 ----a-w c:\windows\system32\mui\0413\xpsp2res.dll
+ 2008-04-13 18:39:47 645,120 ------w c:\windows\system32\mui\0413\xpsp3res.dll
- 2004-08-10 11:00:00 353,792 -c--a-w c:\windows\system32\mui\0414\xpob2res.dll
+ 2008-04-13 18:40:44 353,792 ----a-w c:\windows\system32\mui\0414\xpob2res.dll
- 2004-08-10 11:00:00 189,440 -c--a-w c:\windows\system32\mui\0414\xpsp1res.dll
+ 2008-04-13 18:35:25 189,440 ----a-w c:\windows\system32\mui\0414\xpsp1res.dll
- 2004-08-10 11:00:00 716,288 -c--a-w c:\windows\system32\mui\0414\xpsp2res.dll
+ 2008-04-13 18:38:02 716,288 ----a-w c:\windows\system32\mui\0414\xpsp2res.dll
+ 2008-04-13 18:39:48 591,872 ------w c:\windows\system32\mui\0414\xpsp3res.dll
- 2004-08-10 11:00:00 391,680 -c--a-w c:\windows\system32\mui\0415\xpob2res.dll
+ 2008-04-13 18:40:47 391,680 ----a-w c:\windows\system32\mui\0415\xpob2res.dll
- 2004-08-10 11:00:00 194,560 -c--a-w c:\windows\system32\mui\0415\xpsp1res.dll
+ 2008-04-13 18:35:26 194,560 ----a-w c:\windows\system32\mui\0415\xpsp1res.dll
- 2004-08-10 11:00:00 759,808 -c--a-w c:\windows\system32\mui\0415\xpsp2res.dll
+ 2008-04-13 18:38:05 759,808 ----a-w c:\windows\system32\mui\0415\xpsp2res.dll
+ 2008-04-13 18:39:52 641,024 ------w c:\windows\system32\mui\0415\xpsp3res.dll
- 2004-08-10 11:00:00 409,600 -c--a-w c:\windows\system32\mui\0416\xpob2res.dll
+ 2008-04-13 18:40:10 409,600 ----a-w c:\windows\system32\mui\0416\xpob2res.dll
- 2004-08-10 11:00:00 192,512 -c--a-w c:\windows\system32\mui\0416\xpsp1res.dll
+ 2008-04-13 18:35:08 192,512 ----a-w c:\windows\system32\mui\0416\xpsp1res.dll
- 2004-08-10 11:00:00 752,128 -c--a-w c:\windows\system32\mui\0416\xpsp2res.dll
+ 2008-04-13 18:35:43 752,128 ----a-w c:\windows\system32\mui\0416\xpsp2res.dll
+ 2008-04-13 18:38:56 620,032 ------w c:\windows\system32\mui\0416\xpsp3res.dll
- 2004-08-10 11:00:00 190,464 -c--a-w c:\windows\system32\mui\0418\xpsp1res.dll
+ 2008-04-13 18:35:27 190,464 ----a-w c:\windows\system32\mui\0418\xpsp1res.dll
- 2004-08-10 11:00:00 427,008 -c--a-w c:\windows\system32\mui\0419\xpob2res.dll
+ 2008-04-13 18:40:50 427,008 ----a-w c:\windows\system32\mui\0419\xpob2res.dll
- 2004-08-10 11:00:00 192,512 -c--a-w c:\windows\system32\mui\0419\xpsp1res.dll
+ 2008-04-13 18:35:27 192,512 ----a-w c:\windows\system32\mui\0419\xpsp1res.dll
- 2004-08-10 11:00:00 736,768 -c--a-w c:\windows\system32\mui\0419\xpsp2res.dll
+ 2008-04-13 18:38:28 736,768 ----a-w c:\windows\system32\mui\0419\xpsp2res.dll
+ 2008-04-13 18:39:56 627,200 ------w c:\windows\system32\mui\0419\xpsp3res.dll
- 2004-08-10 11:00:00 188,928 -c--a-w c:\windows\system32\mui\041a\xpsp1res.dll
+ 2008-04-13 18:35:21 188,928 ----a-w c:\windows\system32\mui\041a\xpsp1res.dll
- 2004-08-10 11:00:00 405,504 -c--a-w c:\windows\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ----a-w c:\windows\system32\mui\041b\xpob2res.dll
- 2004-08-10 11:00:00 193,024 -c--a-w c:\windows\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\041b\xpsp1res.dll
- 2004-08-10 11:00:00 757,248 -c--a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ----a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ------w c:\windows\system32\mui\041b\xpsp3res.dll
- 2004-08-10 11:00:00 363,520 -c--a-w c:\windows\system32\mui\041D\xpob2res.dll
+ 2008-04-13 18:40:56 363,008 ----a-w c:\windows\system32\mui\041D\xpob2res.dll
- 2004-08-10 11:00:00 188,928 -c--a-w c:\windows\system32\mui\041D\xpsp1res.dll
+ 2008-04-13 18:35:28 188,928 ----a-w c:\windows\system32\mui\041D\xpsp1res.dll
- 2004-08-10 11:00:00 724,992 -c--a-w c:\windows\system32\mui\041D\xpsp2res.dll
+ 2008-04-13 18:38:47 724,480 ----a-w c:\windows\system32\mui\041D\xpsp2res.dll
+ 2008-04-13 18:40:05 590,848 ------w c:\windows\system32\mui\041D\xpsp3res.dll
- 2004-08-10 11:00:00 188,416 -c--a-w c:\windows\system32\mui\041e\xpsp1res.dll
+ 2008-04-13 18:35:29 188,416 ----a-w c:\windows\system32\mui\041e\xpsp1res.dll
- 2004-08-10 11:00:00 390,144 -c--a-w c:\windows\system32\mui\041f\xpob2res.dll
+ 2008-04-13 18:41:00 390,144 ----a-w c:\windows\system32\mui\041f\xpob2res.dll
- 2004-08-10 11:00:00 188,928 -c--a-w c:\windows\system32\mui\041f\xpsp1res.dll
+ 2008-04-13 18:35:30 188,928 ----a-w c:\windows\system32\mui\041f\xpsp1res.dll
- 2004-08-10 11:00:00 724,480 -c--a-w c:\windows\system32\mui\041f\xpsp2res.dll
+ 2008-04-13 18:38:51 724,480 ----a-w c:\windows\system32\mui\041f\xpsp2res.dll
+ 2008-04-13 18:40:09 592,896 ------w c:\windows\system32\mui\041f\xpsp3res.dll
- 2004-08-10 11:00:00 408,576 -c--a-w c:\windows\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ----a-w c:\windows\system32\mui\0424\xpob2res.dll
- 2004-08-10 11:00:00 192,512 -c--a-w c:\windows\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\0424\xpsp1res.dll
- 2004-08-10 11:00:00 732,160 -c--a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ----a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ------w c:\windows\system32\mui\0424\xpsp3res.dll
- 2004-08-10 11:00:00 187,392 -c--a-w c:\windows\system32\mui\0425\xpsp1res.dll
+ 2008-04-13 18:35:11 186,880 ----a-w c:\windows\system32\mui\0425\xpsp1res.dll
- 2004-08-10 11:00:00 188,928 -c--a-w c:\windows\system32\mui\0426\xpsp1res.dll
+ 2008-04-13 18:35:24 188,928 ----a-w c:\windows\system32\mui\0426\xpsp1res.dll
- 2004-08-10 11:00:00 189,952 -c--a-w c:\windows\system32\mui\0427\xpsp1res.dll
+ 2008-04-13 18:35:24 189,952 ----a-w c:\windows\system32\mui\0427\xpsp1res.dll
- 2004-08-10 11:00:00 270,336 -c--a-w c:\windows\system32\mui\0804\xpob2res.dll
+ 2008-04-13 18:40:24 270,336 ----a-w c:\windows\system32\mui\0804\xpob2res.dll
- 2004-08-10 11:00:00 161,280 -c--a-w c:\windows\system32\mui\0804\xpsp1res.dll
+ 2008-04-13 18:35:06 161,280 ----a-w c:\windows\system32\mui\0804\xpsp1res.dll
- 2004-08-10 11:00:00 470,016 -c--a-w c:\windows\system32\mui\0804\xpsp2res.dll
+ 2008-04-13 18:35:54 470,016 ----a-w c:\windows\system32\mui\0804\xpsp2res.dll
+ 2008-04-13 18:39:03 322,560 ------w c:\windows\system32\mui\0804\xpsp3res.dll
- 2004-08-10 11:00:00 435,200 -c--a-w c:\windows\system32\mui\0816\xpob2res.dll
+ 2008-04-13 18:40:48 435,200 ----a-w c:\windows\system32\mui\0816\xpob2res.dll
- 2004-08-10 11:00:00 194,560 -c--a-w c:\windows\system32\mui\0816\xpsp1res.dll
+ 2008-04-13 18:35:26 194,560 ----a-w c:\windows\system32\mui\0816\xpsp1res.dll
- 2004-08-10 11:00:00 751,616 -c--a-w c:\windows\system32\mui\0816\xpsp2res.dll
+ 2008-04-13 18:38:06 751,616 ----a-w c:\windows\system32\mui\0816\xpsp2res.dll
+ 2008-04-13 18:39:53 639,488 ------w c:\windows\system32\mui\0816\xpsp3res.dll
- 2004-08-10 11:00:00 446,464 -c--a-w c:\windows\system32\mui\0C0A\xpob2res.dll
+ 2008-04-13 18:40:30 446,464 ----a-w c:\windows\system32\mui\0C0A\xpob2res.dll
- 2004-08-10 11:00:00 196,096 -c--a-w c:\windows\system32\mui\0C0A\xpsp1res.dll
+ 2008-04-13 18:35:11 196,096 ----a-w c:\windows\system32\mui\0C0A\xpsp1res.dll
- 2004-08-10 11:00:00 773,632 -c--a-w c:\windows\system32\mui\0C0A\xpsp2res.dll
+ 2008-04-13 18:36:38 773,632 ----a-w c:\windows\system32\mui\0C0A\xpsp2res.dll
+ 2008-04-13 18:39:13 648,704 ------w c:\windows\system32\mui\0C0A\xpsp3res.dll
- 2004-08-10 11:00:00 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 30,208 ------w c:\windows\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w c:\windows\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w c:\windows\system32\napstat.exe
- 2004-08-10 11:00:00 53,760 ----a-w c:\windows\system32\narrator.exe
+ 2008-04-14 00:12:29 53,760 ----a-w c:\windows\system32\narrator.exe
- 2004-08-10 11:00:00 36,352 ----a-w c:\windows\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w c:\windows\system32\ncobjapi.dll
- 2004-08-10 11:00:00 17,920 ----a-w c:\windows\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w c:\windows\system32\nddeapi.dll
- 2004-08-10 11:00:00 4,096 ----a-w c:\windows\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w c:\windows\system32\nddeapir.exe
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w c:\windows\system32\nddenb32.dll
- 2004-08-10 11:00:00 42,496 ----a-w c:\windows\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w c:\windows\system32\net.exe
- 2004-08-10 11:00:00 124,928 ----a-w c:\windows\system32\net1.exe
+ 2008-04-14 00:12:29 124,928 ----a-w c:\windows\system32\net1.exe
- 2008-10-15 16:57:55 332,800 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2004-08-10 11:00:00 622,080 ----a-w c:\windows\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w c:\windows\system32\netcfgx.dll
- 2004-08-10 11:00:00 111,104 ----a-w c:\windows\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w c:\windows\system32\netdde.exe
- 2004-08-10 11:00:00 139,264 ----a-w c:\windows\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w c:\windows\system32\netid.dll
- 2004-08-10 11:00:00 407,040 ----a-w c:\windows\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w c:\windows\system32\netlogon.dll
- 2005-08-22 18:29:46 197,632 ----a-w c:\windows\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w c:\windows\system32\netman.dll
- 2004-08-10 11:00:00 875,008 ----a-w c:\windows\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w c:\windows\system32\netplwiz.dll
- 2004-08-10 11:00:00 12,288 ----a-w c:\windows\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w c:\windows\system32\netrap.dll
- 2004-08-10 11:00:00 329,728 ----a-w c:\windows\system32\netsetup.exe
+ 2008-04-14 00:16:51 329,728 ----a-w c:\windows\system32\netsetup.exe
- 2004-08-10 11:00:00 86,016 ----a-w c:\windows\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w c:\windows\system32\netsh.exe
- 2005-06-21 16:00:18 1,705,472 ----a-w c:\windows\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w c:\windows\system32\netshell.dll
- 2004-08-10 11:00:00 36,864 ----a-w c:\windows\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w c:\windows\system32\netstat.exe
- 2004-08-10 11:00:00 80,896 ----a-w c:\windows\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w c:\windows\system32\netui0.dll
- 2004-08-10 11:00:00 245,760 ----a-w c:\windows\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w c:\windows\system32\netui1.dll
- 2004-08-10 11:00:00 248,832 ----a-w c:\windows\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w c:\windows\system32\newdev.dll
- 2004-08-10 11:00:00 103,936 ----a-w c:\windows\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w c:\windows\system32\nlhtml.dll
+ 2006-06-28 22:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
- 2004-08-10 11:00:00 28,672 ----a-w c:\windows\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w c:\windows\system32\nmmkcert.dll
+ 2006-06-29 13:05:44 23,552 ------w c:\windows\system32\normaliz.dll
- 2004-08-10 11:00:00 69,120 ----a-w c:\windows\system32\notepad.exe
+ 2008-04-14 00:12:29 69,120 ----a-w c:\windows\system32\notepad.exe
- 2004-08-10 11:00:00 57,344 -c--a-w c:\windows\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\npp\ndisnpp.dll
- 2004-08-10 11:00:00 15,360 -c--a-w c:\windows\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w c:\windows\system32\npp\nppagent.exe
- 2004-08-10 11:00:00 54,784 ----a-w c:\windows\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w c:\windows\system32\npptools.dll
- 2004-08-10 11:00:00 76,800 ----a-w c:\windows\system32\nslookup.exe
+ 2008-04-14 00:12:29 76,800 ----a-w c:\windows\system32\nslookup.exe
- 2004-08-10 11:00:00 1,200,128 ----a-w c:\windows\system32\ntbackup.exe
+ 2008-04-14 00:12:30 1,200,640 ----a-w c:\windows\system32\ntbackup.exe
- 2004-08-10 11:00:00 708,096 ----a-w c:\windows\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w c:\windows\system32\ntdll.dll
- 2004-08-10 11:00:00 67,072 ----a-w c:\windows\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w c:\windows\system32\ntdsapi.dll
- 2008-08-14 09:18:46 2,020,864 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2004-08-10 11:00:00 43,520 ----a-w c:\windows\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w c:\windows\system32\ntlanman.dll
- 2004-08-10 11:00:00 8,192 ----a-w c:\windows\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w c:\windows\system32\ntlsapi.dll
- 2004-08-10 11:00:00 118,784 ----a-w c:\windows\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w c:\windows\system32\ntmarta.dll
- 2004-08-10 11:00:00 40,960 ----a-w c:\windows\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w c:\windows\system32\ntmsapi.dll
- 2004-08-10 11:00:00 179,712 ----a-w c:\windows\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w c:\windows\system32\ntmsdba.dll
- 2004-08-10 11:00:00 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
- 2004-08-10 11:00:00 435,200 ----a-w c:\windows\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w c:\windows\system32\ntmssvc.dll
- 2008-08-14 09:55:01 2,142,720 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 10:09:26 2,145,280 ----a-w c:\windows\system32\ntoskrnl.exe
- 2004-08-10 11:00:00 91,136 ----a-w c:\windows\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w c:\windows\system32\ntprint.dll
- 2004-08-10 11:00:00 143,872 ----a-w c:\windows\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w c:\windows\system32\ntshrui.dll
- 2004-08-10 11:00:00 419,840 ----a-w c:\windows\system32\ntvdm.exe
+ 2008-04-14 00:12:30 420,864 ----a-w c:\windows\system32\ntvdm.exe
- 2004-08-10 11:00:00 13,312 ----a-w c:\windows\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\ntvdmd.dll
- 2004-08-04 06:56:46 4,274,816 ----a-w c:\windows\system32\nv4_disp.dll
+ 2008-04-14 00:12:02 4,274,816 ----a-w c:\windows\system32\nv4_disp.dll
- 2006-10-13 12:35:12 64,000 ----a-w c:\windows\system32\nwapi32.dll
+ 2008-04-14 00:12:02 64,000 ----a-w c:\windows\system32\nwapi32.dll
- 2006-10-13 12:35:12 142,336 ----a-w c:\windows\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w c:\windows\system32\nwprovau.dll
- 2006-10-13 12:35:12 65,536 ----a-w c:\windows\system32\nwwks.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\nwwks.dll
- 2004-08-10 11:00:00 266,752 ----a-w c:\windows\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w c:\windows\system32\oakley.dll
- 2004-08-10 11:00:00 285,696 ----a-w c:\windows\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w c:\windows\system32\objsel.dll
- 2004-08-10 11:00:00 96,256 ----a-w c:\windows\system32\occache.dll
+ 2008-12-20 23:15:38 102,912 ----a-w c:\windows\system32\occache.dll
- 2004-08-10 11:00:00 60,928 ----a-w c:\windows\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\ocmanage.dll
- 2004-08-10 11:00:00 249,856 ----a-w c:\windows\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w c:\windows\system32\odbc32.dll
- 2004-08-10 11:00:00 16,384 ----a-w c:\windows\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w c:\windows\system32\odbc32gt.dll
- 2004-08-10 11:00:00 32,768 ----a-w c:\windows\system32\odbcad32.exe
+ 2008-04-14 00:12:30 32,768 ----a-w c:\windows\system32\odbcad32.exe
- 2004-08-10 11:00:00 24,576 ----a-w c:\windows\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w c:\windows\system32\odbcbcp.dll
- 2004-08-10 11:00:00 135,168 ----a-w c:\windows\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w c:\windows\system32\odbcconf.dll
- 2004-08-10 11:00:00 69,632 ----a-w c:\windows\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w c:\windows\system32\odbcconf.exe
- 2004-08-10 11:00:00 106,496 ----a-w c:\windows\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w c:\windows\system32\odbccp32.dll
- 2004-08-10 11:00:00 65,536 ----a-w c:\windows\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccr32.dll
- 2004-08-10 11:00:00 65,536 ----a-w c:\windows\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccu32.dll
- 2004-08-10 11:00:00 94,208 ----a-w c:\windows\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w c:\windows\system32\odbcint.dll
- 2004-08-10 11:00:00 53,279 ----a-w c:\windows\system32\odbcji32.dll
+ 2008-04-14 00:10:31 53,279 ----a-w c:\windows\system32\odbcji32.dll
- 2004-08-10 11:00:00 278,559 ----a-w c:\windows\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w c:\windows\system32\odbcjt32.dll
- 2004-08-10 11:00:00 12,288 ----a-w c:\windows\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w c:\windows\system32\odbcp32r.dll
- 2004-08-10 11:00:00 147,456 ----a-w c:\windows\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w c:\windows\system32\odbctrac.dll
- 2004-08-10 11:00:00 20,511 ----a-w c:\windows\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\oddbse32.dll
- 2004-08-10 11:00:00 20,510 ----a-w c:\windows\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odexl32.dll
- 2004-08-10 11:00:00 20,510 ----a-w c:\windows\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odfox32.dll
- 2004-08-10 11:00:00 20,510 ----a-w c:\windows\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odpdx32.dll
- 2004-08-10 11:00:00 20,511 ----a-w c:\windows\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\odtext32.dll
- 2004-08-10 11:00:00 120,832 ----a-w c:\windows\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w c:\windows\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w c:\windows\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w c:\windows\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w c:\windows\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w c:\windows\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w c:\windows\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w c:\windows\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w c:\windows\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w c:\windows\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 ----a-w c:\windows\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w c:\windows\system32\oledlg.dll
- 2004-08-10 11:00:00 107,008 ----a-w c:\windows\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w c:\windows\system32\oleprn.dll
- 2004-08-10 11:00:00 83,456 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w c:\windows\system32\onex.dll
- 2004-08-10 11:00:00 122,368 -c--a-w c:\windows\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w c:\windows\system32\oobe\msobcomm.dll
- 2004-08-10 11:00:00 16,384 -c--a-w c:\windows\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w c:\windows\system32\oobe\msobdl.dll
- 2004-08-10 11:00:00 561,664 -c--a-w c:\windows\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w c:\windows\system32\oobe\msobmain.dll
- 2004-08-10 11:00:00 30,720 -c--a-w c:\windows\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w c:\windows\system32\oobe\msobshel.dll
- 2004-08-10 11:00:00 18,944 -c--a-w c:\windows\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w c:\windows\system32\oobe\msobweb.dll
- 2004-08-10 11:00:00 28,160 -c--a-w c:\windows\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w c:\windows\system32\oobe\msoobe.exe
- 2004-08-10 11:00:00 51,200 -c--a-w c:\windows\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w c:\windows\system32\oobe\oobebaln.exe
- 2004-08-10 11:00:00 67,584 ----a-w c:\windows\system32\openfiles.exe
+ 2008-04-14 00:12:31 67,584 ----a-w c:\windows\system32\openfiles.exe
- 2004-08-10 11:00:00 713,728 ----a-w c:\windows\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w c:\windows\system32\opengl32.dll
- 2004-08-10 11:00:00 215,552 ----a-w c:\windows\system32\osk.exe
+ 2008-04-14 00:12:31 215,552 ----a-w c:\windows\system32\osk.exe
- 2004-08-10 11:00:00 67,584 ----a-w c:\windows\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\osuninst.dll
- 2004-08-10 11:00:00 116,224 ----a-w c:\windows\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ----a-w c:\windows\system32\p2p.dll
- 2004-08-10 11:00:00 86,016 ----a-w c:\windows\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\p2pgasvc.dll
- 2004-08-10 11:00:00 312,320 ----a-w c:\windows\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ----a-w c:\windows\system32\p2pgraph.dll
- 2004-08-10 11:00:00 88,064 ----a-w c:\windows\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ----a-w c:\windows\system32\p2pnetsh.dll
- 2004-08-10 11:00:00 526,848 ----a-w c:\windows\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ----a-w c:\windows\system32\p2psvc.dll
- 2004-08-10 11:00:00 58,368 ----a-w c:\windows\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w c:\windows\system32\packager.exe
- 2004-08-10 11:00:00 62,976 ----a-w c:\windows\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\pautoenr.dll
- 2004-08-10 11:00:00 283,648 ----a-w c:\windows\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w c:\windows\system32\pdh.dll
- 2009-03-10 00:00:09 54,280 ----a-w c:\windows\system32\perfc009.dat
+ 2009-04-02 08:14:43 54,280 ----a-w c:\windows\system32\perfc009.dat
- 2004-08-10 11:00:00 39,936 ----a-w c:\windows\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w c:\windows\system32\perfctrs.dll
- 2004-08-10 11:00:00 26,624 ----a-w c:\windows\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w c:\windows\system32\perfdisk.dll
- 2009-03-10 00:00:09 384,596 ----a-w c:\windows\system32\perfh009.dat
+ 2009-04-02 08:14:43 384,596 ----a-w c:\windows\system32\perfh009.dat
- 2004-08-10 11:00:00 15,872 ----a-w c:\windows\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w c:\windows\system32\perfmon.exe
- 2004-08-10 11:00:00 16,896 ----a-w c:\windows\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w c:\windows\system32\perfnet.dll
- 2004-08-10 11:00:00 25,088 ----a-w c:\windows\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w c:\windows\system32\perfos.dll
- 2004-08-10 11:00:00 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 412,160 ------w c:\windows\system32\photometadatahandler.dll
- 2004-08-10 11:00:00 176,128 ----a-w c:\windows\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w c:\windows\system32\photowiz.dll
- 2004-08-10 11:00:00 35,328 ----a-w c:\windows\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w c:\windows\system32\pid.dll
- 2004-08-10 11:00:00 24,064 ----a-w c:\windows\system32\pidgen.dll
+ 2008-04-14 00:11:09 24,064 ----a-w c:\windows\system32\pidgen.dll
- 2004-08-10 11:00:00 17,920 ----a-w c:\windows\system32\ping.exe
+ 2008-04-14 00:12:31 17,920 ----a-w c:\windows\system32\ping.exe
- 2004-08-10 11:00:00 15,360 ----a-w c:\windows\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\pjlmon.dll
- 2008-10-16 10:20:46 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ------w c:\windows\system32\pngfilt.dll
- 2004-08-10 11:00:00 48,640 ----a-w c:\windows\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ----a-w c:\windows\system32\pnrpnsp.dll
- 2004-08-10 11:00:00 105,472 ----a-w c:\windows\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\polstore.dll
- 2004-08-10 11:00:00 49,152 ----a-w c:\windows\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ----a-w c:\windows\system32\powercfg.exe
- 2004-08-10 11:00:00 17,408 ----a-w c:\windows\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w c:\windows\system32\powrprof.dll
- 2004-08-10 11:00:00 560,640 ----a-w c:\windows\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w c:\windows\system32\printui.dll
- 2004-08-10 11:00:00 27,648 ----a-w c:\windows\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w c:\windows\system32\profmap.dll
- 2004-08-10 11:00:00 109,568 ----a-w c:\windows\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w c:\windows\system32\progman.exe
- 2004-08-10 11:00:00 50,176 ----a-w c:\windows\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\proquota.exe
- 2004-08-10 11:00:00 9,216 ----a-w c:\windows\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ----a-w c:\windows\system32\proxycfg.exe
- 2004-08-10 11:00:00 23,040 ------w c:\windows\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w c:\windows\system32\psapi.dll
- 2004-08-10 11:00:00 96,768 ----a-w c:\windows\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w c:\windows\system32\psbase.dll
- 2004-08-10 11:00:00 43,520 ----a-w c:\windows\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\pstorec.dll
- 2004-08-10 11:00:00 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 150,528 ------w c:\windows\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w c:\windows\system32\qagentrt.dll
- 2004-08-10 11:00:00 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w c:\windows\system32\qcliprov.dll
- 2004-08-10 11:00:00 279,040 ----a-w c:\windows\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w c:\windows\system32\qdv.dll
- 2005-06-28 19:55:08 385,024 ----a-w c:\windows\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w c:\windows\system32\qdvd.dll
- 2004-08-10 11:00:00 562,176 ----a-w c:\windows\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w c:\windows\system32\qedit.dll
- 2004-08-10 11:00:00 733,696 ----a-w c:\windows\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w c:\windows\system32\qedwipes.dll
- 2004-08-10 11:00:00 382,464 ----a-w c:\windows\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w c:\windows\system32\qmgr.dll
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
- 2004-08-10 11:00:00 20,480 ----a-w c:\windows\system32\qprocess.exe
+ 2008-04-14 00:12:32 19,968 ----a-w c:\windows\system32\qprocess.exe
- 2008-05-07 04:55:40 1,288,192 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ------w c:\windows\system32\quartz.dll
- 2006-06-22 05:06:30 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ------w c:\windows\system32\qutil.dll
- 2004-08-10 11:00:00 43,520 ----a-w c:\windows\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w c:\windows\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w c:\windows\system32\rasadhlp.dll
- 2004-08-10 11:00:00 236,544 ----a-w c:\windows\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\rasapi32.dll
- 2004-08-10 11:00:00 89,088 ----a-w c:\windows\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w c:\windows\system32\rasauto.dll
- 2004-08-10 11:00:00 69,632 ----a-w c:\windows\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w c:\windows\system32\raschap.dll
- 2004-08-10 11:00:00 657,920 ----a-w c:\windows\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w c:\windows\system32\rasdlg.dll
- 2004-08-10 11:00:00 61,440 ----a-w c:\windows\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w c:\windows\system32\rasman.dll
- 2006-06-22 10:47:18 181,248 ----a-w c:\windows\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w c:\windows\system32\rasmans.dll
- 2004-08-10 11:00:00 56,832 ----a-w c:\windows\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w c:\windows\system32\rasphone.exe
- 2004-08-10 11:00:00 206,336 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ------w c:\windows\system32\rasqec.dll
- 2004-08-10 11:00:00 16,896 ----a-w c:\windows\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w c:\windows\system32\rassapi.dll
- 2004-08-10 11:00:00 58,880 ----a-w c:\windows\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w c:\windows\system32\rastapi.dll
- 2004-08-10 11:00:00 112,128 ----a-w c:\windows\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w c:\windows\system32\rastls.dll
- 2004-08-10 11:00:00 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
- 2004-08-10 11:00:00 35,840 ----a-w c:\windows\system32\rcimlby.exe
+ 2008-04-14 00:12:32 35,840 ----a-w c:\windows\system32\rcimlby.exe
- 2004-08-10 11:00:00 21,504 ----a-w c:\windows\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w c:\windows\system32\rcp.exe
- 2004-08-10 11:00:00 147,968 ----a-w c:\windows\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w c:\windows\system32\rdchost.dll
- 2004-08-10 11:00:00 62,464 ----a-w c:\windows\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w c:\windows\system32\rdpclip.exe
- 2004-08-10 11:00:00 92,168 ----a-w c:\windows\system32\rdpdd.dll
+ 2008-04-14 00:13:22 92,424 ----a-w c:\windows\system32\rdpdd.dll
- 2004-08-10 11:00:00 19,968 ----a-w c:\windows\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w c:\windows\system32\rdpsnd.dll
- 2004-08-10 11:00:00 87,176 ----a-w c:\windows\system32\rdpwsx.dll
+ 2008-04-14 00:13:22 87,176 ----a-w c:\windows\system32\rdpwsx.dll
- 2004-08-10 11:00:00 13,824 ----a-w c:\windows\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w c:\windows\system32\rdsaddin.exe
- 2004-08-10 11:00:00 67,072 ----a-w c:\windows\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w c:\windows\system32\rdshost.exe
- 2004-08-10 11:00:00 50,176 ----a-w c:\windows\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\reg.exe
- 2004-08-10 11:00:00 49,664 ----a-w c:\windows\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w c:\windows\system32\regapi.dll
- 2004-08-10 11:00:00 59,904 ----a-w c:\windows\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w c:\windows\system32\regsvc.dll
- 2004-08-10 11:00:00 11,776 ----a-w c:\windows\system32\regsvr32.exe
+ 2008-04-14 00:12:32 11,776 ----a-w c:\windows\system32\regsvr32.exe
- 2004-08-10 11:00:00 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2004-08-10 11:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\intelppm.sys
+ 2004-08-10 11:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\intelppm.sys
+ 2004-08-12 23:45:54 137,728 ----a-w c:\windows\system32\ReinstallBackups\0016\DriverFiles\hdaudbus.sys
- 2004-08-10 11:00:00 60,416 ----a-w c:\windows\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w c:\windows\system32\remotepg.dll
- 2004-08-10 11:00:00 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe
- 2004-08-10 11:00:00 58,880 ----a-w c:\windows\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w c:\windows\system32\resutils.dll
- 2004-08-10 11:00:00 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ------w c:\windows\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w c:\windows\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w c:\windows\system32\riched20.dll
- 2007-07-09 13:09:42 584,192 ----a-w c:\windows\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w c:\windows\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w c:\windows\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w c:\windows\system32\rpcss.dll
- 2004-08-10 11:00:00 152,576 ----a-w c:\windows\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w c:\windows\system32\rsaenh.dll
- 2004-08-10 11:00:00 14,848 ----a-w c:\windows\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w c:\windows\system32\rsh.exe
- 2004-08-10 11:00:00 39,936 ----a-w c:\windows\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w c:\windows\system32\rshx32.dll
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w c:\windows\system32\rsmps.dll
- 2004-08-10 11:00:00 107,520 ----a-w c:\windows\system32\rsnotify.exe
+ 2008-04-14 00:12:33 107,520 ----a-w c:\windows\system32\rsnotify.exe
- 2004-08-10 11:00:00 90,112 ----a-w c:\windows\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w c:\windows\system32\rsvpsp.dll
- 2004-08-10 11:00:00 77,312 ----a-w c:\windows\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w c:\windows\system32\rtcshare.exe
- 2004-08-10 11:00:00 31,744 ----a-w c:\windows\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w c:\windows\system32\rtipxmib.dll
- 2004-08-10 11:00:00 44,032 ----a-w c:\windows\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w c:\windows\system32\rtutils.dll
- 2004-08-10 11:00:00 33,280 ----a-w c:\windows\system32\rundll32.exe
+ 2008-04-14 00:12:33 33,280 ----a-w c:\windows\system32\rundll32.exe
- 2004-08-10 11:00:00 14,336 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:33 14,336 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:04 9,728 ------w c:\windows\system32\rwnh.dll
+ 2008-04-14 00:12:04 397,056 ------w c:\windows\system32\s3gnb.dll
- 2004-08-10 11:00:00 43,520 ----a-w c:\windows\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w c:\windows\system32\safrcdlg.dll
- 2004-08-10 11:00:00 29,696 ----a-w c:\windows\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w c:\windows\system32\safrdm.dll
- 2004-08-10 11:00:00 45,568 ----a-w c:\windows\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w c:\windows\system32\safrslv.dll
- 2004-08-10 11:00:00 64,000 ----a-w c:\windows\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w c:\windows\system32\samlib.dll
- 2004-08-10 11:00:00 415,744 ----a-w c:\windows\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w c:\windows\system32\samsrv.dll
- 2004-08-10 11:00:00 13,312 ----a-w c:\windows\system32\savedump.exe
+ 2008-04-14 00:12:33 13,312 ----a-w c:\windows\system32\savedump.exe
- 2004-08-10 11:00:00 159,232 ----a-w c:\windows\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w c:\windows\system32\sbeio.dll
- 2004-08-10 11:00:00 69,632 ----a-w c:\windows\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w c:\windows\system32\scarddlg.dll
- 2004-08-10 11:00:00 95,744 ----a-w c:\windows\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w c:\windows\system32\scardsvr.exe
- 2004-08-10 11:00:00 171,008 ----a-w c:\windows\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w c:\windows\system32\sccsccp.dll
- 2004-08-10 11:00:00 180,224 ----a-w c:\windows\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w c:\windows\system32\scecli.dll
- 2004-08-10 11:00:00 313,856 ----a-w c:\windows\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w c:\windows\system32\scesrv.dll
- 2008-12-05 07:12:45 144,896 ----a-w c:\windows\system32\schannel.dll
+ 2008-12-05 06:54:55 144,896 ----a-w c:\windows\system32\schannel.dll
- 2004-08-10 11:00:00 190,976 ----a-w c:\windows\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w c:\windows\system32\schedsvc.dll
- 2004-08-10 11:00:00 121,856 ----a-w c:\windows\system32\schtasks.exe
+ 2008-04-14 00:12:34 121,856 ----a-w c:\windows\system32\schtasks.exe
- 2004-08-10 11:00:00 20,992 ----a-w c:\windows\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w c:\windows\system32\sclgntfy.dll
- 2004-08-10 11:00:00 9,216 ----a-w c:\windows\system32\scrnsave.scr
+ 2008-04-14 00:12:43 9,216 ----a-w c:\windows\system32\scrnsave.scr
- 2004-08-10 11:00:00 159,744 ----a-w c:\windows\system32\scrobj.dll
+ 2008-04-14 00:12:05 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2004-08-10 11:00:00 151,552 ----a-w c:\windows\system32\scrrun.dll
+ 2008-04-14 00:12:05 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2004-08-10 11:00:00 77,312 ----a-w c:\windows\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w c:\windows\system32\sdbinst.exe
- 2004-08-10 11:00:00 29,184 ----a-w c:\windows\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sdhcinst.dll
- 2004-08-10 11:00:00 18,432 ----a-w c:\windows\system32\secedit.exe
+ 2008-04-14 00:12:34 18,944 ----a-w c:\windows\system32\secedit.exe
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w c:\windows\system32\seclogon.dll
- 2004-08-10 11:00:00 55,808 ----a-w c:\windows\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\secur32.dll
- 2004-08-10 11:00:00 5,632 ----a-w c:\windows\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w c:\windows\system32\security.dll
- 2004-08-10 11:00:00 29,184 ----a-w c:\windows\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sendcmsg.dll
- 2004-08-10 11:00:00 55,296 ----a-w c:\windows\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w c:\windows\system32\sendmail.dll
- 2004-08-10 11:00:00 38,912 ----a-w c:\windows\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w c:\windows\system32\sens.dll
- 2004-08-10 11:00:00 6,656 ----a-w c:\windows\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w c:\windows\system32\sensapi.dll
- 2004-08-10 11:00:00 56,320 ----a-w c:\windows\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\servdeps.dll
- 2004-08-10 11:00:00 108,032 ----a-w c:\windows\system32\services.exe
+ 2008-04-14 00:12:34 108,544 ----a-w c:\windows\system32\services.exe
- 2004-08-10 11:00:00 140,800 ----a-w c:\windows\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w c:\windows\system32\sessmgr.exe
- 2004-08-10 11:00:00 31,232 ----a-w c:\windows\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w c:\windows\system32\sethc.exe
- 2004-08-10 11:00:00 23,040 ----a-w c:\windows\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w c:\windows\system32\setup.exe
- 2004-08-10 11:00:00 259,584 ----a-w c:\windows\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w c:\windows\system32\Setup\comsetup.dll
- 2004-08-10 11:00:00 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll
- 2004-08-10 11:00:00 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
- 2004-08-10 11:00:00 505,344 ----a-w c:\windows\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w c:\windows\system32\Setup\iis.dll
- 2004-08-10 11:00:00 115,712 ----a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w c:\windows\system32\Setup\koc.dll
- 2004-08-10 11:00:00 82,432 ----a-w c:\windows\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w c:\windows\system32\Setup\msdtcstp.dll
- 2004-08-10 11:00:00 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll
- 2004-08-10 11:00:00 169,984 ----a-w c:\windows\system32\Setup\msmqocm.dll
+ 2008-04-14 00:12:00 170,496 ----a-w c:\windows\system32\Setup\msmqocm.dll
- 2004-08-10 11:00:00 77,312 ----a-w c:\windows\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w c:\windows\system32\Setup\netoc.dll
- 2004-08-10 11:00:00 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll
- 2004-08-10 11:00:00 15,872 ----a-w c:\windows\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\Setup\ocgen.dll
- 2004-08-10 11:00:00 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll
- 2004-08-10 11:00:00 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll
- 2004-08-10 11:00:00 33,792 ----a-w c:\windows\system32\Setup\tabletoc.dll
+ 2008-04-14 00:12:07 33,792 ----a-w c:\windows\system32\Setup\tabletoc.dll
- 2004-08-10 11:00:00 121,856 ----a-w c:\windows\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w c:\windows\system32\Setup\tsoc.dll
- 2004-08-10 11:00:00 983,552 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 10:42:06 985,088 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w c:\windows\system32\setupn.exe
- 2004-08-10 11:00:00 5,120 ----a-w c:\windows\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w c:\windows\system32\sfc.dll
- 2004-08-10 11:00:00 140,288 ----a-w c:\windows\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w c:\windows\system32\sfc_os.dll
- 2004-08-10 11:00:00 1,580,544 ----a-w c:\windows\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w c:\windows\system32\sfcfiles.dll
- 2004-08-10 11:00:00 549,376 ----a-w c:\windows\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w c:\windows\system32\shdoclc.dll
- 2008-10-16 10:20:48 1,499,136 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 ----a-w c:\windows\system32\shdocvw.dll
- 2008-07-03 13:03:29 8,460,800 ----a-w c:\windows\system32\shell32.dll
+ 2008-06-17 19:02:19 8,461,312 ----a-w c:\windows\system32\shell32.dll
- 2004-08-10 11:00:00 25,088 ----a-w c:\windows\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w c:\windows\system32\shfolder.dll
- 2004-08-10 11:00:00 68,096 ----a-w c:\windows\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w c:\windows\system32\shgina.dll
- 2004-08-10 11:00:00 65,536 ----a-w c:\windows\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w c:\windows\system32\shimeng.dll
- 2004-08-10 11:00:00 438,272 ----a-w c:\windows\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w c:\windows\system32\shimgvw.dll
- 2008-10-16 10:20:51 474,112 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w c:\windows\system32\shlwapi.dll
- 2004-08-10 11:00:00 151,552 ----a-w c:\windows\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w c:\windows\system32\shmedia.dll
- 2004-08-10 11:00:00 42,496 ----a-w c:\windows\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w c:\windows\system32\shmgrate.exe
- 2004-08-10 11:00:00 77,824 ----a-w c:\windows\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w c:\windows\system32\shrpubw.exe
- 2004-08-10 11:00:00 27,648 ----a-w c:\windows\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w c:\windows\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w c:\windows\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w c:\windows\system32\shsvcs.dll
- 2004-08-10 11:00:00 19,456 ----a-w c:\windows\system32\shutdown.exe
+ 2008-04-14 00:12:35 19,456 ----a-w c:\windows\system32\shutdown.exe
- 2004-08-10 11:00:00 13,312 ----a-w c:\windows\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w c:\windows\system32\sigtab.dll
- 2004-08-10 11:00:00 70,144 ----a-w c:\windows\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w c:\windows\system32\sigverif.exe
- 2004-08-10 11:00:00 26,112 ----a-w c:\windows\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w c:\windows\system32\skeys.exe
- 2004-08-10 11:00:00 25,088 ----a-w c:\windows\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w c:\windows\system32\slayerxp.dll
- 2004-08-10 11:00:00 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w c:\windows\system32\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w c:\windows\system32\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w c:\windows\system32\slgen.dll
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\system32\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w c:\windows\system32\slserv.exe
- 2004-08-10 11:00:00 8,192 ----a-w c:\windows\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ----a-w c:\windows\system32\smbinst.exe
- 2004-08-10 11:00:00 363,008 ----a-w c:\windows\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w c:\windows\system32\smlogcfg.dll
- 2004-08-10 11:00:00 89,600 ----a-w c:\windows\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w c:\windows\system32\smlogsvc.exe
- 2004-08-10 11:00:00 50,688 ----a-w c:\windows\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w c:\windows\system32\smss.exe
+ 2008-04-14 00:12:06 10,752 ------w c:\windows\system32\smtpapi.dll
- 2004-08-10 11:00:00 131,584 ----a-w c:\windows\system32\sndrec32.exe
+ 2008-04-14 00:12:36 131,584 ----a-w c:\windows\system32\sndrec32.exe
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w c:\windows\system32\snmpapi.dll
- 2004-08-10 11:00:00 182,272 ----a-w c:\windows\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w c:\windows\system32\snmpsnap.dll
- 2004-08-10 11:00:00 23,552 ----a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 24,576 ----a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 7,680 ----a-w c:\windows\system32\spdwnwxp.exe
- 2004-08-10 11:00:00 538,624 ----a-w c:\windows\system32\spider.exe
+ 2008-04-14 00:12:36 538,624 ----a-w c:\windows\system32\spider.exe
- 2004-08-10 11:00:00 12,800 ----a-w c:\windows\system32\spiisupd.exe
+ 2008-04-13 18:43:31 12,800 ----a-w c:\windows\system32\spiisupd.exe
- 2004-08-10 11:00:00 11,776 ----a-w c:\windows\system32\spnpinst.exe
+ 2008-04-14 10:42:38 11,264 ----a-w c:\windows\system32\spnpinst.exe
- 2004-08-10 11:00:00 452,096 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSAPI.DLL
+ 2008-04-14 00:11:53 451,584 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsapi.dll
- 2004-08-10 11:00:00 27,136 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSDRV.DLL
+ 2008-04-14 00:11:54 26,624 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsdrv.dll
- 2004-08-10 11:00:00 6,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSRES.DLL
+ 2008-04-14 00:09:33 6,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsres.dll
- 2004-08-10 11:00:00 397,312 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSTIFF.DLL
+ 2008-04-14 00:11:54 397,312 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxstiff.dll
- 2004-08-10 11:00:00 154,112 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSUI.DLL
+ 2008-04-14 00:11:54 154,112 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsui.dll
- 2004-08-10 11:00:00 192,512 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSWZRD.DLL
+ 2008-04-14 00:11:54 192,512 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxswzrd.dll
- 2004-08-04 05:56:46 44,544 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PLOTTER.DLL
+ 2008-04-14 00:12:02 44,544 ----a-w c:\windows\system32\spool\drivers\w32x86\3\plotter.dll
- 2004-08-04 05:56:46 52,736 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PLOTUI.DLL
+ 2008-04-14 00:12:02 52,736 ----a-w c:\windows\system32\spool\drivers\w32x86\3\plotui.dll
- 2004-08-04 17:26:48 264,704 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2008-04-14 00:12:07 373,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
- 2004-08-04 17:26:48 197,120 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2008-04-14 00:12:07 744,448 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
- 2004-08-04 17:26:36 619,520 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2007-05-15 08:08:53 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unires.dll
- 2004-08-10 11:00:00 74,752 ----a-w c:\windows\system32\spoolss.dll
+ 2008-04-14 00:12:06 75,264 ----a-w c:\windows\system32\spoolss.dll
- 2005-06-10 23:53:32 57,856 ----a-w c:\windows\system32\spoolsv.exe
+ 2008-04-14 00:12:36 57,856 ----a-w c:\windows\system32\spoolsv.exe
- 2007-07-27 14:41:38 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-08-11 01:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-04-14 00:12:36 20,992 ------w c:\windows\system32\spupdwxp.exe
- 2004-08-10 11:00:00 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
- 2004-08-10 11:00:00 180,800 ----a-w c:\windows\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w c:\windows\system32\sqlunirl.dll
- 2004-08-10 11:00:00 67,584 ----a-w c:\windows\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w c:\windows\system32\srclient.dll
- 2004-08-10 11:00:00 239,104 ----a-w c:\windows\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w c:\windows\system32\srrstr.dll
- 2004-08-10 11:00:00 170,496 ----a-w c:\windows\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w c:\windows\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w c:\windows\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w c:\windows\system32\srvsvc.dll
- 2004-08-10 11:00:00 704,512 ----a-w c:\windows\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w c:\windows\system32\ss3dfo.scr
- 2004-08-10 11:00:00 19,968 ----a-w c:\windows\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w c:\windows\system32\ssbezier.scr
- 2004-08-10 11:00:00 34,816 ----a-w c:\windows\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w c:\windows\system32\ssdpapi.dll
- 2004-08-10 11:00:00 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
- 2004-08-10 11:00:00 393,216 ----a-w c:\windows\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w c:\windows\system32\ssflwbox.scr
- 2004-08-10 11:00:00 20,992 ----a-w c:\windows\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w c:\windows\system32\ssmarque.scr
- 2004-08-10 11:00:00 47,104 ----a-w c:\windows\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w c:\windows\system32\ssmypics.scr
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w c:\windows\system32\ssmyst.scr
- 2004-08-10 11:00:00 610,304 ----a-w c:\windows\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w c:\windows\system32\sspipes.scr
- 2004-08-10 11:00:00 14,336 ----a-w c:\windows\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w c:\windows\system32\ssstars.scr
- 2004-08-10 11:00:00 679,936 ----a-w c:\windows\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w c:\windows\system32\sstext3d.scr
- 2004-08-10 11:00:00 54,272 ----a-w c:\windows\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w c:\windows\system32\stclient.dll
- 2004-08-10 11:00:00 67,584 ----a-w c:\windows\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w c:\windows\system32\sti.dll
- 2004-08-10 11:00:00 136,704 ----a-w c:\windows\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w c:\windows\system32\sti_ci.dll
- 2004-08-10 11:00:00 14,848 ----a-w c:\windows\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w c:\windows\system32\stimon.exe
- 2004-08-10 11:00:00 121,856 ----a-w c:\windows\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w c:\windows\system32\stobject.dll
- 2004-08-04 06:56:46 74,752 ----a-w c:\windows\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w c:\windows\system32\storprop.dll
- 2008-10-03 10:15:47 247,326 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2004-08-10 11:00:00 75,776 ----a-w c:\windows\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w c:\windows\system32\strmfilt.dll
- 2009-03-26 15:10:49 14,336 ----a-w c:\windows\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w c:\windows\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w c:\windows\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w c:\windows\system32\sxs.dll
- 2004-08-10 11:00:00 57,856 ----a-w c:\windows\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\synceng.dll
- 2004-08-10 11:00:00 191,488 ----a-w c:\windows\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w c:\windows\system32\syncui.dll
- 2004-08-10 11:00:00 105,984 ----a-w c:\windows\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w c:\windows\system32\sysocmgr.exe
- 2004-08-10 11:00:00 984,576 ----a-w c:\windows\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w c:\windows\system32\syssetup.dll
- 2004-08-10 11:00:00 68,096 ----a-w c:\windows\system32\systeminfo.exe
+ 2008-04-14 00:12:36 71,680 ----a-w c:\windows\system32\systeminfo.exe
- 2005-10-17 21:14:46 118,272 ----a-w c:\windows\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w c:\windows\system32\t2embed.dll
- 2004-08-10 11:00:00 858,624 ----a-w c:\windows\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w c:\windows\system32\tapi3.dll
- 2004-08-10 11:00:00 181,760 ----a-w c:\windows\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w c:\windows\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w c:\windows\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w c:\windows\system32\tapisrv.dll
- 2004-08-10 11:00:00 72,192 ----a-w c:\windows\system32\taskkill.exe
+ 2008-04-14 00:12:37 76,288 ----a-w c:\windows\system32\taskkill.exe
- 2004-08-10 11:00:00 72,192 ----a-w c:\windows\system32\tasklist.exe
+ 2008-04-14 00:12:37 77,824 ----a-w c:\windows\system32\tasklist.exe
- 2004-08-10 11:00:00 135,680 ----a-w c:\windows\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w c:\windows\system32\taskmgr.exe
- 2004-08-10 11:00:00 14,848 ----a-w c:\windows\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w c:\windows\system32\tcpmib.dll
- 2004-08-10 11:00:00 45,568 ----a-w c:\windows\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmon.dll
- 2004-08-10 11:00:00 45,568 ----a-w c:\windows\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 ----a-w c:\windows\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w c:\windows\system32\telnet.exe
- 2004-08-10 11:00:00 358,400 ----a-w c:\windows\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w c:\windows\system32\termmgr.dll
- 2005-03-10 01:49:52 295,424 ----a-w c:\windows\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w c:\windows\system32\termsrv.dll
- 2004-08-10 11:00:00 385,536 ----a-w c:\windows\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w c:\windows\system32\themeui.dll
- 2004-08-10 11:00:00 61,440 ----a-w c:\windows\system32\tlntadmn.exe
+ 2008-04-14 00:12:37 61,440 ----a-w c:\windows\system32\tlntadmn.exe
- 2004-08-10 11:00:00 78,336 ----a-w c:\windows\system32\tlntsess.exe
+ 2008-04-14 00:12:37 78,336 ----a-w c:\windows\system32\tlntsess.exe
- 2004-08-10 11:00:00 73,216 ----a-w c:\windows\system32\tlntsvr.exe
+ 2008-04-14 00:12:38 73,216 ----a-w c:\windows\system32\tlntsvr.exe
- 2004-08-10 11:00:00 7,168 ----a-w c:\windows\system32\tlntsvrp.dll
+ 2008-04-14 00:12:07 7,168 ----a-w c:\windows\system32\tlntsvrp.dll
- 2004-08-10 11:00:00 347,136 ----a-w c:\windows\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w c:\windows\system32\tourstart.exe
- 2004-08-10 11:00:00 259,584 ----a-w c:\windows\system32\tracerpt.exe
+ 2008-04-14 00:12:38 259,584 ----a-w c:\windows\system32\tracerpt.exe
- 2004-08-10 11:00:00 12,288 ----a-w c:\windows\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w c:\windows\system32\tracert.exe
- 2004-08-10 11:00:00 11,264 ----a-w c:\windows\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w c:\windows\system32\tree.com
- 2004-08-10 11:00:00 90,624 ----a-w c:\windows\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w c:\windows\system32\trkwks.dll
- 2004-08-10 11:00:00 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
- 2004-08-10 11:00:00 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w c:\windows\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\system32\tspkg.dll
- 2004-08-10 11:00:00 44,032 ----a-w c:\windows\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w c:\windows\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w c:\windows\system32\txflog.dll
- 2008-10-22 09:47:07 62,976 ------w c:\windows\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ------w c:\windows\system32\tzchange.exe
- 2004-08-10 11:00:00 25,600 ----a-w c:\windows\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w c:\windows\system32\udhisapi.dll
- 2004-08-10 11:00:00 275,456 ----a-w c:\windows\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w c:\windows\system32\ulib.dll
- 2004-08-10 11:00:00 35,840 ----a-w c:\windows\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w c:\windows\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
- 2004-08-10 11:00:00 76,288 ----a-w c:\windows\system32\uniime.dll
+ 2008-04-14 00:11:01 76,288 ----a-w c:\windows\system32\uniime.dll
- 2004-08-10 11:00:00 74,240 ----a-w c:\windows\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w c:\windows\system32\unimdmat.dll
- 2004-08-10 11:00:00 13,824 ----a-w c:\windows\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w c:\windows\system32\uniplat.dll
- 2004-08-10 11:00:00 316,416 ----a-w c:\windows\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w c:\windows\system32\untfs.dll
- 2004-08-10 11:00:00 132,608 ----a-w c:\windows\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w c:\windows\system32\upnp.dll
- 2004-08-10 11:00:00 16,896 ----a-w c:\windows\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w c:\windows\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w c:\windows\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w c:\windows\system32\upnphost.dll
- 2004-08-10 11:00:00 239,616 ----a-w c:\windows\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w c:\windows\system32\upnpui.dll
- 2004-08-10 11:00:00 18,432 ----a-w c:\windows\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w c:\windows\system32\ups.exe
- 2004-08-10 11:00:00 37,888 ----a-w c:\windows\system32\url.dll
+ 2008-12-20 23:15:39 105,984 ----a-w c:\windows\system32\url.dll
- 2008-10-16 10:20:53 619,008 ----a-w c:\windows\system32\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2004-08-10 11:00:00 16,896 ----a-w c:\windows\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w c:\windows\system32\usbmon.dll
- 2004-08-04 06:56:48 74,240 ----a-w c:\windows\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w c:\windows\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w c:\windows\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w c:\windows\system32\user32.dll
- 2004-08-10 11:00:00 723,456 ----a-w c:\windows\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w c:\windows\system32\userenv.dll
- 2004-08-10 11:00:00 24,576 ----a-w c:\windows\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w c:\windows\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\system32\usmt\cobramsg.dll
- 2004-08-10 11:00:00 123,904 -c--a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w c:\windows\system32\usmt\guitrna.dll
- 2004-08-10 11:00:00 4,096 -c--a-w c:\windows\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w c:\windows\system32\usmt\iconlib.dll
- 2004-08-10 11:00:00 19,968 -c--a-w c:\windows\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\usmt\log.dll
- 2004-08-10 11:00:00 201,216 -c--a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w c:\windows\system32\usmt\migisma.dll
- 2004-08-10 11:00:00 103,424 -c--a-w c:\windows\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w c:\windows\system32\usmt\migload.exe
- 2004-08-10 11:00:00 240,128 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w c:\windows\system32\usmt\migwiza.exe
- 2004-08-10 11:00:00 202,752 -c--a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w c:\windows\system32\usmt\scripta.dll
- 2004-08-10 11:00:00 168,960 -c--a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w c:\windows\system32\usmt\sysmoda.dll
- 2004-08-10 11:00:00 406,528 ----a-w c:\windows\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w c:\windows\system32\usp10.dll
- 2004-08-10 11:00:00 50,176 ----a-w c:\windows\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w c:\windows\system32\utilman.exe
- 2004-08-10 11:00:00 218,624 ----a-w c:\windows\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w c:\windows\system32\uxtheme.dll
- 2004-08-10 11:00:00 30,749 ----a-w c:\windows\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w c:\windows\system32\vbajet32.dll
- 2007-12-18 14:40:58 417,792 ----a-w c:\windows\system32\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ----a-w c:\windows\system32\vbscript.dll
- 2004-08-10 11:00:00 26,112 ----a-w c:\windows\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w c:\windows\system32\vdmdbg.dll
- 2004-08-10 11:00:00 51,712 ----a-w c:\windows\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w c:\windows\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ------w c:\windows\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ------w c:\windows\system32\verclsid.exe
- 2004-08-10 11:00:00 13,312 ----a-w c:\windows\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w c:\windows\system32\verifier.dll
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\version.dll
- 2004-08-04 05:56:48 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
+ 2008-04-14 00:12:08 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
- 2004-08-10 11:00:00 430,592 ----a-w c:\windows\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w c:\windows\system32\vssapi.dll
- 2004-08-10 11:00:00 289,792 ----a-w c:\windows\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w c:\windows\system32\vssvc.exe
- 2004-08-10 11:00:00 174,592 ----a-w c:\windows\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w c:\windows\system32\w32time.dll
- 2004-08-10 11:00:00 15,872 ----a-w c:\windows\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w c:\windows\system32\w3ssl.dll
- 2004-08-10 11:00:00 17,664 ----a-w c:\windows\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w c:\windows\system32\watchdog.sys
- 2004-08-10 11:00:00 208,896 ----a-w c:\windows\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w c:\windows\system32\wavemsp.dll
- 2004-08-10 11:00:00 1,352,192 ----a-w c:\windows\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w c:\windows\system32\wbem\cimwin32.dll
- 2004-08-10 11:00:00 45,568 ----a-w c:\windows\system32\wbem\CmdEvTgProv.dll
+ 2008-04-14 00:11:53 45,056 ----a-w c:\windows\system32\wbem\cmdevtgprov.dll
- 2004-08-10 11:00:00 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
- 2004-08-10 11:00:00 22,016 ----a-w c:\windows\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\wbem\evntrprv.dll
- 2004-08-10 11:00:00 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
- 2004-08-10 11:00:00 185,856 ----a-w c:\windows\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w c:\windows\system32\wbem\framedyn.dll
- 2004-08-10 11:00:00 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
- 2004-08-10 11:00:00 16,384 -c--a-w c:\windows\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w c:\windows\system32\wbem\mofcomp.exe
- 2004-08-10 11:00:00 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
- 2004-08-10 11:00:00 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
- 2004-08-10 11:00:00 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
- 2004-08-10 11:00:00 92,672 ----a-w c:\windows\system32\wbem\policman.dll
+ 2008-04-14 00:12:02 92,672 ----a-w c:\windows\system32\wbem\policman.dll
- 2004-08-10 11:00:00 237,056 -c--a-w c:\windows\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\wbem\provthrd.dll
- 2004-08-10 11:00:00 177,152 ----a-w c:\windows\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w c:\windows\system32\wbem\repdrvfs.dll
- 2004-08-10 11:00:00 36,864 ----a-w c:\windows\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w c:\windows\system32\wbem\scrcons.exe
- 2004-08-10 11:00:00 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
- 2004-08-10 11:00:00 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
- 2004-08-10 11:00:00 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
- 2004-08-10 11:00:00 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
- 2004-08-10 11:00:00 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
- 2004-08-10 11:00:00 530,944 ----a-w c:\windows\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w c:\windows\system32\wbem\wbemcore.dll
- 2004-08-10 11:00:00 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
- 2004-08-10 11:00:00 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
- 2004-08-10 11:00:00 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
- 2004-08-10 11:00:00 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
- 2004-08-10 11:00:00 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
- 2004-08-10 11:00:00 116,224 -c--a-w c:\windows\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w c:\windows\system32\wbem\wbemtest.exe
- 2004-08-10 11:00:00 197,120 -c--a-w c:\windows\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w c:\windows\system32\wbem\wbemupgd.dll
- 2004-08-10 11:00:00 196,608 ----a-w c:\windows\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w c:\windows\system32\wbem\wmiadap.exe
- 2004-08-10 11:00:00 6,656 -c--a-w c:\windows\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll
- 2004-08-10 11:00:00 89,088 -c--a-w c:\windows\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w c:\windows\system32\wbem\wmiaprpl.dll
- 2004-08-10 11:00:00 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
- 2004-08-10 11:00:00 358,912 -c--a-w c:\windows\system32\wbem\wmic.exe
+ 2008-04-14 00:12:40 358,912 ----a-w c:\windows\system32\wbem\wmic.exe
- 2004-08-10 11:00:00 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
- 2004-08-10 11:00:00 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
- 2004-08-10 11:00:00 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
- 2004-08-10 11:00:00 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
- 2004-08-10 11:00:00 62,464 ----a-w c:\windows\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w c:\windows\system32\wbem\wmipiprt.dll
- 2004-08-10 11:00:00 62,976 ----a-w c:\windows\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w c:\windows\system32\wbem\wmipjobj.dll
- 2004-08-10 11:00:00 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
- 2004-08-10 11:00:00 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
- 2004-08-10 11:00:00 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
- 2004-08-10 11:00:00 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
- 2004-08-10 11:00:00 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
- 2004-08-10 11:00:00 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
- 2004-08-10 11:00:00 49,152 ----a-w c:\windows\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w c:\windows\system32\wdigest.dll
- 2004-08-10 11:00:00 23,552 ----a-w c:\windows\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w c:\windows\system32\wdmaud.drv
- 2004-08-10 11:00:00 276,480 ----a-w c:\windows\system32\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2006-01-04 03:35:05 68,096 ----a-w c:\windows\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w c:\windows\system32\webclnt.dll
- 2004-08-10 11:00:00 135,680 ----a-w c:\windows\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w c:\windows\system32\webvw.dll
- 2004-08-10 11:00:00 65,536 ----a-w c:\windows\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w c:\windows\system32\wextract.exe
- 2004-08-10 11:00:00 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
- 2004-08-10 11:00:00 463,360 ----a-w c:\windows\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w c:\windows\system32\wiadefui.dll
- 2004-08-10 11:00:00 124,416 ----a-w c:\windows\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w c:\windows\system32\wiadss.dll
- 2004-08-10 11:00:00 75,776 ----a-w c:\windows\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w c:\windows\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w c:\windows\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w c:\windows\system32\wiaservc.dll
- 2004-08-10 11:00:00 589,312 ----a-w c:\windows\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w c:\windows\system32\wiashext.dll
- 2004-08-10 11:00:00 111,104 ----a-w c:\windows\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w c:\windows\system32\wiavideo.dll
- 2004-08-10 11:00:00 101,888 ----a-w c:\windows\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w c:\windows\system32\win32spl.dll
- 2004-08-10 11:00:00 937,984 ----a-w c:\windows\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w c:\windows\system32\winbrand.dll
+ 2008-04-14 00:12:08 712,704 ------w c:\windows\system32\windowscodecs.dll
+ 2008-04-14 00:12:08 346,112 ------w c:\windows\system32\windowscodecsext.dll
+ 2007-08-13 23:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe
- 2004-08-10 11:00:00 351,232 ----a-w c:\windows\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w c:\windows\system32\winhttp.dll
- 2008-10-16 10:20:49 667,648 ----a-w c:\windows\system32\wininet.dll
+ 2008-12-20 23:15:41 826,368 ----a-w c:\windows\system32\wininet.dll
- 2004-08-10 11:00:00 32,768 ----a-w c:\windows\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w c:\windows\system32\winipsec.dll
- 2004-08-10 11:00:00 502,272 ----a-w c:\windows\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w c:\windows\system32\winlogon.exe
- 2004-08-10 11:00:00 176,128 ----a-w c:\windows\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w c:\windows\system32\winmm.dll
- 2004-08-10 11:00:00 764,928 ----a-w c:\windows\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w c:\windows\system32\winntbbu.dll
- 2004-08-10 11:00:00 16,896 ----a-w c:\windows\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w c:\windows\system32\winrnr.dll
- 2004-08-10 11:00:00 99,328 ----a-w c:\windows\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w c:\windows\system32\winscard.dll
- 2004-08-10 11:00:00 17,408 ----a-w c:\windows\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w c:\windows\system32\winshfhc.dll
- 2004-08-10 11:00:00 146,432 ----a-w c:\windows\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w c:\windows\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w c:\windows\system32\winsrv.dll
- 2004-08-10 11:00:00 53,760 ----a-w c:\windows\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w c:\windows\system32\winsta.dll
- 2004-08-10 11:00:00 176,640 ----a-w c:\windows\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w c:\windows\system32\wintrust.dll
- 2004-08-10 11:00:00 5,632 ----a-w c:\windows\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w c:\windows\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w c:\windows\system32\wlanapi.dll
- 2004-08-10 11:00:00 172,032 ----a-w c:\windows\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w c:\windows\system32\wldap32.dll
- 2004-08-10 11:00:00 92,672 ----a-w c:\windows\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w c:\windows\system32\wlnotify.dll
- 2004-08-10 11:00:00 5,632 ----a-w c:\windows\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w c:\windows\system32\wmi.dll
+ 2008-04-14 00:12:09 276,992 ------w c:\windows\system32\wmphoto.dll
- 2004-08-10 11:00:00 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
- 2004-08-10 11:00:00 303,616 ----a-w c:\windows\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w c:\windows\system32\wmstream.dll
- 2004-08-10 11:00:00 264,192 ----a-w c:\windows\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w c:\windows\system32\wow32.dll
- 2004-08-10 11:00:00 32,256 ----a-w c:\windows\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w c:\windows\system32\wpabaln.exe
- 2004-08-10 11:00:00 32,256 ----a-w c:\windows\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w c:\windows\system32\wpnpinst.exe
- 2004-08-10 11:00:00 82,944 ----a-w c:\windows\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w c:\windows\system32\ws2_32.dll
- 2004-08-10 11:00:00 19,968 ----a-w c:\windows\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w c:\windows\system32\ws2help.dll
- 2004-08-10 11:00:00 13,824 ----a-w c:\windows\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w c:\windows\system32\wscntfy.exe
- 2004-08-10 11:00:00 114,688 ----a-w c:\windows\system32\wscript.exe
+ 2008-04-14 00:12:41 155,648 ----a-w c:\windows\system32\wscript.exe
- 2004-08-10 11:00:00 81,408 ----a-w c:\windows\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w c:\windows\system32\wscsvc.dll
- 2004-08-10 11:00:00 596,992 ----a-w c:\windows\system32\wsecedit.dll
+ 2008-04-14 00:12:10 604,160 ----a-w c:\windows\system32\wsecedit.dll
- 2004-08-10 11:00:00 108,032 ----a-w c:\windows\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w c:\windows\system32\wshbth.dll
- 2004-08-10 11:00:00 28,672 ----a-w c:\windows\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w c:\windows\system32\wshcon.dll
- 2004-08-10 11:00:00 65,536 ----a-w c:\windows\system32\wshext.dll
+ 2008-04-14 00:12:10 90,112 ----a-w c:\windows\system32\wshext.dll
- 2004-08-10 11:00:00 14,336 ----a-w c:\windows\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w c:\windows\system32\wship6.dll
- 2004-08-10 11:00:00 11,776 ----a-w c:\windows\system32\WshRm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w c:\windows\system32\wshrm.dll
- 2004-08-10 11:00:00 19,968 ----a-w c:\windows\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w c:\windows\system32\wshtcpip.dll
- 2004-08-10 11:00:00 42,496 ----a-w c:\windows\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w c:\windows\system32\wsnmp32.dll
- 2004-08-10 11:00:00 22,528 ----a-w c:\windows\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w c:\windows\system32\wsock32.dll
- 2004-08-10 11:00:00 50,688 ----a-w c:\windows\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w c:\windows\system32\wstdecod.dll
- 2004-08-10 11:00:00 18,432 ----a-w c:\windows\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w c:\windows\system32\wtsapi32.dll
- 2004-08-10 11:00:00 6,656 ----a-w c:\windows\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w c:\windows\system32\wuauserv.dll
- 2005-06-21 16:00:18 383,488 ----a-w c:\windows\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w c:\windows\system32\wzcdlg.dll
- 2005-06-21 16:00:18 52,736 ----a-w c:\windows\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w c:\windows\system32\wzcsapi.dll
- 2005-06-21 16:00:18 474,624 ----a-w c:\windows\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w c:\windows\system32\wzcsvc.dll
- 2004-08-10 11:00:00 91,648 ----a-w c:\windows\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w c:\windows\system32\xactsrv.dll
- 2004-08-10 11:00:00 30,720 ----a-w c:\windows\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w c:\windows\system32\xcopy.exe
- 2006-07-14 15:51:51 121,856 ------w c:\windows\system32\xmllite.dll
+ 2008-04-14 00:12:11 121,856 ----a-w c:\windows\system32\xmllite.dll
- 2004-08-10 11:00:00 129,536 ----a-w c:\windows\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w c:\windows\system32\xmlprov.dll
- 2004-08-10 11:00:00 50,176 ----a-w c:\windows\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w c:\windows\system32\xmlprovi.dll
- 2006-03-01 19:42:42 11,776 ----a-w c:\windows\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w c:\windows\system32\xolehlp.dll
- 2004-08-10 11:00:00 438,784 ----a-w c:\windows\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w c:\windows\system32\xpob2res.dll
- 2004-08-10 11:00:00 187,392 ----a-w c:\windows\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w c:\windows\system32\xpsp1res.dll
- 2004-08-10 11:00:00 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
- 2008-10-15 14:00:41 351,744 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w c:\windows\system32\xpsp3res.dll
- 2004-08-10 11:00:00 337,920 ----a-w c:\windows\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w c:\windows\system32\zipfldr.dll
+ 2009-04-02 13:26:14 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_1e8.dat
- 2004-08-10 11:00:00 50,688 ----a-w c:\windows\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w c:\windows\twain_32.dll
- 2004-08-10 11:00:00 283,648 ----a-w c:\windows\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w c:\windows\winhlp32.exe
- 2007-01-19 20:15:24 74,802 -c--a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 -c--a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 -c--a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 -c--a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
+ 2008-04-15 17:47:33 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
- 2004-08-10 11:00:00 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2004-08-10 11:00:00 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2004-08-10 11:00:00 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
-c--a-w 344,064 2005-08-06 03:05:00 c:\program files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe

----a-w 50,760 2006-05-10 00:24:16 c:\program files\Common Files\AOL\1160619292\ee\bak\AOLSoftware.exe
----a-w 50,792 2006-04-13 20:36:53 c:\program files\Common Files\AOL\1160619292\ee\AOLSoftware.exe

-c--a-w 124,520 2006-02-17 16:59:46 c:\program files\Common Files\AOL\IPHSend\bak\IPHSend.exe
----a-w 128,616 2005-11-22 23:30:43 c:\program files\Common Files\AOL\IPHSend\IPHSend.exe

-c--a-w 81,920 2005-06-10 16:44:02 c:\program files\Common Files\InstallShield\UpdateService\bak\issch.exe
----a-w 81,920 2005-02-16 22:15:20 c:\program files\Common Files\InstallShield\UpdateService\issch.exe

----a-w 249,856 2005-06-10 16:44:02 c:\program files\Common Files\InstallShield\UpdateService\bak\isuspm.exe
----a-w 221,184 2004-07-27 22:50:42 c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

-c--a-w 284,184 2006-10-31 07:03:48 c:\program files\Common Files\Logitech\LComMgr\bak\Communications_Helper.exe

-c--a-w 244,512 2006-11-16 04:01:52 c:\program files\Common Files\Logitech\LComMgr\bak\LVComSX.exe
----a-w 244,512 2006-11-16 03:01:52 c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe

-c--a-w 48,752 2005-10-04 18:42:40 c:\program files\Common Files\Symantec Shared\bak\ccApp.exe

-c--a-w 106,496 2005-08-31 17:06:18 c:\program files\Corel\Corel Photo Album 6\bak\MediaDetect.exe

-c--a-w 94,208 2005-10-05 09:12:00 c:\program files\Dell\Media Experience\bak\DMXLauncher.exe

-c--a-w 332,800 2005-05-15 08:04:12 c:\program files\Dell Support\bak\DSAgnt.exe

-c--a-w 169,472 2006-03-03 00:32:43 c:\program files\Google\Google Desktop Search\bak\GoogleDesktop.exe

-c--a-w 69,632 2002-04-11 10:19:34 c:\program files\Hewlett-Packard\HP Share-to-Web\bak\hpgs2wnd.exe
----a-w 69,632 2002-04-11 09:19:34 c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

-c--a-w 256,576 2006-10-30 15:36:36 c:\program files\iTunes\bak\iTunesHelper.exe
----a-w 290,088 2008-11-20 19:20:54 c:\program files\iTunes\iTunesHelper.exe

-c--a-w 36,975 2005-04-13 08:48:52 c:\program files\Java\jre1.5.0_03\bin\bak\jusched.exe

-c--a-w 746,520 2006-11-16 03:58:40 c:\program files\Logitech\QuickCam10\bak\QuickCam10.exe

-c--a-w 1,121,792 2005-08-12 22:16:44 c:\program files\McAfee\SpamKiller\bak\MSKDetct.exe

-c--a-w 8,192 2005-09-09 01:20:46 c:\program files\MUSICMATCH\Musicmatch Jukebox\bak\mimboot.exe

-c--a-w 110,592 2005-09-09 01:20:46 c:\program files\MUSICMATCH\Musicmatch Jukebox\bak\mm_tray.exe

-c--a-w 282,624 2006-10-26 00:58:18 c:\program files\QuickTime\bak\qttask.exe
----a-w 413,696 2008-11-04 16:30:50 c:\program files\QuickTime\QTTask.exe

-c--a-w 1,261 2007-05-20 23:16:26 c:\program files\Real\RealPlayer\bak\channels.xml

-c--a-w 26,112 2006-03-03 00:22:54 c:\program files\Real\RealPlayer\bak\RealPlay.exe

-c--a-w 85,744 2005-11-15 19:28:04 c:\program files\Symantec AntiVirus\bak\VPTray.exe

-c--a-w 67,584 2005-09-29 20:01:14 c:\windows\ehome\bak\ehtray.exe

-c--a-w 335,872 2002-04-04 20:01:42 c:\windows\system32\bak\hphmon04.exe
----a-w 335,872 2002-04-04 20:01:42 c:\windows\system32\hphmon04.exe

-c--a-w 188,416 2002-04-04 20:03:00 c:\windows\system32\spool\drivers\w32x86\3\bak\hpztsb05.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-02 39408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"Aim6"="c:\program files\AIM6\aim6.exe" [2006-11-07 50736]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2009-03-26 492808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\bak\isuspm.exe" [2005-06-10 249856]
"HostManager"="c:\program files\Common Files\AOL\1160619292\ee\AOLSoftware.exe" [2006-04-13 50792]
"IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2005-11-22 128616]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-02 148888]
"HPHmon04"="c:\windows\system32\hphmon04.exe" [2002-04-04 335872]
"HPHUPD04"="c:\program files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" [2002-04-04 49152]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-11 69632]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-08-10 221184]
"DMXLauncher"="c:\program files\Roxio\Media Experience\DMXLauncher.exe" [2006-08-14 102400]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-07-31 1116920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-09 515416]
"Thaped"="c:\windows\oqiriqowaqifihu.dll" [N/A]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-03-26 995528]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 c:\windows\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2009-03-26 492808]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
WinCinema Manager.lnk - c:\program files\Sandisk\Common\Bin\WinCinemaMgr.exe [2008-01-10 303104]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-04-08 113664]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-03-02 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"vidc.MJPG"= m3jpeg32.dll
"vidc.dmb1"= m3jpeg32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\1160619292\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1160619292\\ee\\aim6.exe"=
"c:\\Program Files\\Common Files\\AOL\\1160619292\\ee\\aexplore.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"53:TCP"= 53:TCP:TINYPROXY

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-24 64160]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-03-26 50192]
R2 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security\TmPfw.exe [2009-03-26 497008]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-03-26 36368]
R2 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2009-03-26 677128]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2009-03-26 335376]
S1 ce4ac9e4;ce4ac9e4;c:\windows\system32\drivers\ce4ac9e4.sys --> c:\windows\system32\drivers\ce4ac9e4.sys [?]
S2 Network Location Awareness (NLA) (Nla);Network Location Awareness (NLA) (Nla);c:\program files\ProtectService\ProtectService.exe --> c:\program files\ProtectService\ProtectService.exe [?]
S3 JL2004A;JL2004A Photo Viewer;c:\windows\system32\drivers\pv_wdm.sys [2008-03-03 63289]
S3 mr97310c;CIF Dual-Mode Camera;c:\windows\system32\drivers\mr97310c.sys [2008-07-28 107904]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
.
Contents of the 'Scheduled Tasks' folder

2009-03-25 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 14:06]

2009-03-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-03-29 c:\windows\Tasks\Disk Cleanup.job
- c:\windows\system32\cleanmgr.exe [2008-04-13 19:12]

2009-03-11 c:\windows\Tasks\EasyShare Registration Task.job
- c:\docume~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.5.20.2.sxt _RegistrationOffer@16 []

2009-04-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 18:39]

2009-03-27 c:\windows\Tasks\McAfee.com Scan for Viruses - My Computer (D9C7YK91-Darryl Posch).job
- c:\program files\mcafee.com\vso\mcmnhdlr.exe []

2009-04-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

2009-04-01 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe [2008-01-09 04:08]
.
- - - - ORPHANS REMOVED - - - -

Notify-NavLogon - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Darryl Posch\Start Menu\Programs\IMVU\Run IMVU.lnk
Trusted Zone: imageservr.com\locator.cdn
Trusted Zone: musicmatch.com\online
TCP: {765B3347-AA0D-4BCB-BC58-2A160C730946} = 66.37.238.30,66.37.238.26
FF - ProfilePath - c:\documents and settings\Darryl Posch\Application Data\Mozilla\Firefox\Profiles\8x5aqpg0.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 09:26:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-04-02 9:31:09
ComboFix-quarantined-files.txt 2009-04-02 14:31:05
ComboFix2.txt 2009-04-01 20:53:51

Pre-Run: 30,092,627,968 bytes free
Post-Run: 30,074,798,080 bytes free

5837 --- E O F --- 2009-04-02 13:01:48

#11 kansas

kansas
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 02 April 2009 - 10:47 AM

Here is the RSIT log:
Logfile of random's system information tool 1.06 (written by random/random)
Microsoft Windows XP Professional Service Pack 3
System drive C: has 29 GB (40%) free of 71 GB
Total RAM: 1022 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:30:15 AM, on 4/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Digital Images manager\Photags AutoDetect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Darryl Posch\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Darryl Posch.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe" -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Documents and Settings\Darryl Posch\Application Data\IMVUClient\IMVUClient.exe
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files\Digital Images manager\Photags AutoDetect.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Darryl Posch\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{765B3347-AA0D-4BCB-BC58-2A160C730946}: NameServer = 66.37.238.30,66.37.238.26
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Program Files\ProtectService\ProtectService.exe (file missing)
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 14644 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Disk Cleanup.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (D9C7YK91-Darryl Posch).job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Norton Security Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-01-08 878352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar Launcher - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll [2007-01-26 976432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar5.dll [2008-10-02 2549368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-22 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - c:\Program Files\GoogleAFE\GoogleAE.dll [2006-01-25 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-02 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-02 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-01-08 878352]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll [2007-01-26 976432]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar5.dll [2008-10-02 2549368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-03-23 339968]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe [2005-06-10 249856]
"HostManager"=C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe [2006-04-13 50792]
"IPHSend"=C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [2005-11-22 128616]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-02 148888]
"HPHmon04"=C:\WINDOWS\system32\hphmon04.exe [2002-04-04 335872]
"HPHUPD04"=C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe [2002-04-04 49152]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-11 69632]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-08-10 221184]
"DMXLauncher"=C:\Program Files\Roxio\Media Experience\DMXLauncher.exe [2006-08-14 102400]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-07-31 1116920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-03-09 515416]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2009-03-26 995528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-02 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2006-11-07 50736]
"OE"=C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe [2009-03-26 492808]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
WinCinema Manager.lnk - C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
HotSync Manager.lnk - C:\Program Files\Palm\Hotsync.exe -logon
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
Photags AutoDetect.lnk - C:\Program Files\Digital Images manager\Photags AutoDetect.exe

C:\Documents and Settings\Darryl Posch\Start Menu\Programs\Startup
IMVU.lnk - C:\Documents and Settings\Darryl Posch\Application Data\IMVUClient\IMVUClient.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Common Files\AOL\1160619292\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1160619292\ee\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\1160619292\ee\aim6.exe"="C:\Program Files\Common Files\AOL\1160619292\ee\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Common Files\AOL\1160619292\ee\aexplore.exe"="C:\Program Files\Common Files\AOL\1160619292\ee\aexplore.exe:*:Disabled:AOL Explorer"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
shell\AutoRun\command - E:\setup.exe


======List of files/folders created in the last 1 months======

65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\zolujiwa.exe
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\wobehubo.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\weyalomi.exe
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\sibipupu.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\sehejova.exe
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\runilowu.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\roniviha.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\nuvebode.exe
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\niveyaha.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\motufoyo.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\lovuwufe.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\lehazuta.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\kalaweru.exe
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\hitejewe.exe
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\hevolofo.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\gilimugi.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\gikatuma.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\fewefupe.exe
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\fawudipo.dll
65535-65535-31889 379:31889:443 ----ASH---- C:\WINDOWS\system32\dukevife.dll
2009-04-02 09:42:31 ----D---- C:\Documents and Settings\Darryl Posch\Application Data\Malwarebytes
2009-04-02 09:42:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-02 09:42:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-04-02 09:31:11 ----A---- C:\ComboFix.txt
2009-04-02 08:13:49 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-02 08:13:49 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-02 08:13:49 ----A---- C:\WINDOWS\system32\java.exe
2009-04-02 08:13:49 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-04-02 08:01:35 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-04-02 03:09:56 ----D---- C:\WINDOWS\Prefetch
2009-04-01 18:16:51 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-04-01 18:16:30 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-04-01 18:16:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-04-01 18:15:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-04-01 18:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-04-01 18:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-04-01 18:15:04 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-04-01 18:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-04-01 18:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-04-01 18:14:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-04-01 18:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-04-01 18:13:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-04-01 18:13:15 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-04-01 18:12:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-04-01 18:12:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-04-01 18:12:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-04-01 18:12:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-04-01 18:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-04-01 18:11:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2009-04-01 18:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-04-01 18:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-04-01 18:10:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-04-01 18:10:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-04-01 18:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-04-01 18:05:41 ----A---- C:\WINDOWS\setuplog.txt
2009-04-01 18:03:04 ----D---- C:\WINDOWS\system32\scripting
2009-04-01 18:03:03 ----D---- C:\WINDOWS\l2schemas
2009-04-01 18:03:01 ----D---- C:\WINDOWS\system32\en
2009-04-01 18:03:00 ----D---- C:\WINDOWS\system32\bits
2009-04-01 17:55:44 ----D---- C:\WINDOWS\ServicePackFiles
2009-04-01 17:39:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-04-01 17:15:52 ----D---- C:\WINDOWS\ie7updates
2009-04-01 17:12:23 ----D---- C:\WINDOWS\WBEM
2009-04-01 17:12:18 ----D---- C:\WINDOWS\system32\en-US
2009-04-01 17:08:54 ----HDC---- C:\WINDOWS\ie7
2009-04-01 17:08:34 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-04-01 17:07:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-04-01 17:03:50 ----D---- C:\WINDOWS\network diagnostic
2009-04-01 17:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-04-01 17:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-04-01 16:44:35 ----A---- C:\WINDOWS\system32\MRT.exe
2009-04-01 16:32:25 ----A---- C:\combofixlog.txt
2009-04-01 14:27:56 ----A---- C:\Boot.bak
2009-04-01 14:27:25 ----RASHD---- C:\cmdcons
2009-04-01 14:24:30 ----A---- C:\WINDOWS\zip.exe
2009-04-01 14:24:30 ----A---- C:\WINDOWS\VFIND.exe
2009-04-01 14:24:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-04-01 14:24:30 ----A---- C:\WINDOWS\SWSC.exe
2009-04-01 14:24:30 ----A---- C:\WINDOWS\SWREG.exe
2009-04-01 14:24:30 ----A---- C:\WINDOWS\sed.exe
2009-04-01 14:24:30 ----A---- C:\WINDOWS\NIRCMD.exe
2009-04-01 14:24:30 ----A---- C:\WINDOWS\grep.exe
2009-04-01 14:24:30 ----A---- C:\WINDOWS\fdsv.exe
2009-04-01 14:24:10 ----D---- C:\WINDOWS\ERDNT
2009-04-01 14:19:37 ----D---- C:\Qoobox
2009-04-01 08:25:37 ----D---- C:\rsit
2009-03-30 08:18:20 ----D---- C:\WINDOWS\system32\Service
2009-03-27 10:36:26 ----D---- C:\Program Files\CCleaner
2009-03-26 14:13:38 ----D---- C:\Documents and Settings\All Users\Application Data\Trend Micro
2009-03-26 14:12:21 ----D---- C:\Program Files\Trend Micro
2009-03-26 13:36:26 ----D---- C:\Documents and Settings\Darryl Posch\Application Data\HouseCall 6.6
2009-03-26 13:31:44 ----D---- C:\Program Files\Mozilla Firefox
2009-03-26 11:01:41 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-03-26 08:12:56 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-03-24 20:00:48 ----HDC---- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-24 20:00:25 ----D---- C:\Program Files\Lavasoft
2009-03-24 20:00:25 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-03-24 19:39:20 ----D---- C:\Documents and Settings\Darryl Posch\Application Data\Uniblue
2009-03-12 03:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2009-03-12 03:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958690_0$
2009-03-12 03:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$

======List of files/folders modified in the last 1 months======

2009-04-02 10:22:35 ----D---- C:\WINDOWS\Temp
2009-04-02 10:21:35 ----SD---- C:\WINDOWS\Tasks
2009-04-02 10:20:56 ----D---- C:\WINDOWS
2009-04-02 10:18:47 ----A---- C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt
2009-04-02 10:18:07 ----D---- C:\WINDOWS\system32\drivers
2009-04-02 10:17:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-02 10:16:45 ----D---- C:\WINDOWS\system32
2009-04-02 09:42:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-02 09:42:24 ----D---- C:\Program Files
2009-04-02 09:26:54 ----A---- C:\WINDOWS\system.ini
2009-04-02 09:24:09 ----D---- C:\WINDOWS\AppPatch
2009-04-02 09:23:59 ----D---- C:\Program Files\Common Files
2009-04-02 08:25:49 ----SHD---- C:\Config.Msi
2009-04-02 08:23:37 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-04-02 08:23:35 ----SHD---- C:\WINDOWS\Installer
2009-04-02 08:23:35 ----D---- C:\Program Files\Symantec
2009-04-02 08:23:32 ----D---- C:\Program Files\Symantec AntiVirus
2009-04-02 08:23:32 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-04-02 08:13:20 ----D---- C:\Program Files\Java
2009-04-02 08:01:46 ----HD---- C:\WINDOWS\inf
2009-04-02 08:01:35 ----D---- C:\WINDOWS\WinSxS
2009-04-02 07:55:32 ----AC---- C:\WINDOWS\OEWABLog.txt
2009-04-02 03:14:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-02 03:09:08 ----D---- C:\WINDOWS\system32\Setup
2009-04-02 03:09:07 ----D---- C:\Program Files\Outlook Express
2009-04-02 03:09:06 ----D---- C:\WINDOWS\system32\wbem
2009-04-02 03:09:03 ----RSD---- C:\WINDOWS\Fonts
2009-04-02 03:08:02 ----D---- C:\WINDOWS\security
2009-04-02 03:02:17 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-01 18:17:02 ----A---- C:\WINDOWS\imsins.BAK
2009-04-01 18:16:54 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-04-01 18:10:18 ----D---- C:\Program Files\Messenger
2009-04-01 18:03:41 ----D---- C:\WINDOWS\system32\inetsrv
2009-04-01 18:03:41 ----D---- C:\WINDOWS\Help
2009-04-01 18:03:40 ----D---- C:\WINDOWS\ime
2009-04-01 18:03:07 ----D---- C:\WINDOWS\system32\usmt
2009-04-01 18:03:00 ----D---- C:\WINDOWS\PeerNet
2009-04-01 18:03:00 ----D---- C:\Program Files\Movie Maker
2009-04-01 17:55:14 ----D---- C:\WINDOWS\system32\Restore
2009-04-01 17:55:13 ----D---- C:\WINDOWS\system32\npp
2009-04-01 17:55:12 ----D---- C:\WINDOWS\mui
2009-04-01 17:55:08 ----D---- C:\WINDOWS\msagent
2009-04-01 17:55:04 ----D---- C:\WINDOWS\srchasst
2009-04-01 17:54:57 ----D---- C:\Program Files\NetMeeting
2009-04-01 17:54:53 ----D---- C:\WINDOWS\system32\Com
2009-04-01 17:54:44 ----D---- C:\Program Files\Windows NT
2009-04-01 17:54:34 ----D---- C:\Program Files\Common Files\System
2009-04-01 17:53:26 ----D---- C:\WINDOWS\system32\oobe
2009-04-01 17:53:19 ----D---- C:\WINDOWS\system
2009-04-01 17:43:41 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-04-01 17:39:03 ----D---- C:\WINDOWS\ehome
2009-04-01 17:23:55 ----D---- C:\WINDOWS\Registration
2009-04-01 17:22:42 ----D---- C:\Program Files\Internet Explorer
2009-04-01 17:17:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-01 17:11:53 ----D---- C:\WINDOWS\Media
2009-04-01 14:58:51 ----D---- C:\WINDOWS\system32\config
2009-04-01 14:27:57 ----RASH---- C:\boot.ini
2009-04-01 14:07:30 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-04-01 08:07:13 ----ASH---- C:\WINDOWS\system32\popukalu.dll
2009-04-01 08:07:13 ----ASH---- C:\WINDOWS\system32\ponimero.exe
2009-03-29 07:05:58 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2009-03-26 14:03:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-26 14:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-26 13:32:03 ----D---- C:\Documents and Settings\Darryl Posch\Application Data\Mozilla
2009-03-26 12:31:28 ----D---- C:\WINDOWS\Minidump
2009-03-26 09:27:12 ----D---- C:\Program Files\Norton Security Scan
2009-03-26 09:04:06 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-24 20:03:32 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-24 18:35:09 ----A---- C:\WINDOWS\wininit.ini
2009-03-12 03:00:53 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-05 16:03:34 ----D---- C:\WINDOWS\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-01 12952]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-01 28216]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2009-03-26 80400]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-08 35128]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-08 32504]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-08 9432]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-08 104504]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-08 26136]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-08 14552]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-08 97880]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-08 94680]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-01 51800]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []
R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2009-03-26 36368]
R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2009-03-26 205328]
R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2009-03-26 1195512]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-14 155648]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-17 1042432]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-17 212224]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2005-09-20 10368]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 SAMFILT;SAMFILT; C:\WINDOWS\SYSTEM32\drivers\samfilt.sys [2004-03-20 34688]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-16 1047816]
R3 tmcfw;Trend Micro Common Firewall Service; C:\WINDOWS\system32\DRIVERS\TM_CFW.sys [2009-03-26 335376]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-17 680704]
S1 ce4ac9e4;ce4ac9e4; C:\WINDOWS\System32\drivers\ce4ac9e4.sys []
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\DARRYL~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Dot4 HPH11;Dot4 HPH11; C:\WINDOWS\system32\DRIVERS\hphid411.sys [2002-04-04 50800]
S3 Dot4Print HPH11;Print Class Driver for IEEE-1284.4 HPH11; C:\WINDOWS\system32\DRIVERS\hphipr11.sys [2002-04-04 16112]
S3 Dot4Storage HPH11;Storage Class Driver for IEEE-1284.4 (HPH11); C:\WINDOWS\System32\Drivers\hphs2k11.sys [2002-04-04 49956]
S3 Dot4Usb HPH11;Dot4Usb HPH11; C:\WINDOWS\System32\drivers\hphius11.sys [2002-04-04 18928]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
S3 JL2004A;JL2004A Photo Viewer; C:\WINDOWS\System32\Drivers\pv_wdm.sys [2007-02-13 63289]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-05 39424]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mr97310c;CIF Dual-Mode Camera; C:\WINDOWS\system32\DRIVERS\mr97310c.sys [2007-10-26 107904]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2008-07-31 16694]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-12-05 287360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\sscdserd.sys [2005-08-17 73696]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2006-08-09 50688]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-02 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-08-10 159744]
R2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2009-03-26 711248]
R2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-03-26 341256]
R2 TmPfw;Trend Micro Personal Firewall; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [2009-03-26 497008]
R2 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-03-26 677128]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-08-10 880640]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 183280]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S2 Network Location Awareness (NLA) (Nla);Network Location Awareness (NLA) (Nla); C:\Program Files\ProtectService\ProtectService.exe []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe [2006-08-10 294912]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2006-08-10 303104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2004-11-19 147456]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPH11;Pml Driver HPH11; C:\WINDOWS\system32\HPHipm11.exe [2002-04-04 77824]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe [2006-08-10 57344]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-07-20 73728]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------


Here is the MBAM log:
Malwarebytes' Anti-Malware 1.35
Database version: 1933
Windows 5.1.2600 Service Pack 3

4/2/2009 10:16:45 AM
mbam-log-2009-04-02 (10-16-45).txt

Scan type: Quick Scan
Objects scanned: 109376
Time elapsed: 27 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\WINDOWS\system32\846888 (Trojan.BHO) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\kidamore.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlg77.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yobijowu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hohokaza.dll (Trojan.Vundo) -> Quarantined and deleted successfully.






Overall things are MUCH better. The only problem that I can still see is that in Internet Explorer, the pictures are not displaying correctly. I'm not sure if that is an IE problem or a result of the viruses. Any insight/help on that issue is greatly appreciated. I am also wondering what anti-virus/anti-malware/anti-spyware products that you recommend that she run on this PC.

Thank you so much for your help. I wouldn't have been able to do this without your help.

Thanks!

#12 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:01:45 PM

Posted 03 April 2009 - 10:14 AM

Hello, kansas.
Glad to be of help :thumbup2:
Let's continue with the fix, we've got a bit more to do:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

Driver::
ce4ac9e4

file::
c:\windows\system32\popukalu.dll
c:\windows\system32\hohokaza.dll
c:\windows\system32\ponimero.exe
c:\windows\system32\motufoyo.dll
c:\windows\system32\lehazuta.dll
c:\windows\system32\weyalomi.exe
c:\windows\system32\kidamore.exe
c:\windows\system32\niveyaha.dll
c:\windows\system32\dukevife.dll
c:\windows\system32\hitejewe.exe
c:\windows\system32\roniviha.dll
c:\windows\system32\lovuwufe.dll
c:\windows\system32\sehejova.exe
c:\windows\system32\sibipupu.dll
c:\windows\system32\runilowu.dll
c:\windows\system32\kalaweru.exe
c:\windows\system32\yobijowu.dll
c:\windows\system32\fawudipo.dll
c:\windows\system32\nuvebode.exe
c:\windows\system32\gilimugi.dll
c:\windows\system32\gikatuma.dll
c:\windows\system32\fewefupe.exe
c:\windows\system32\wobehubo.dll
c:\windows\system32\hevolofo.dll
c:\windows\system32\zolujiwa.exe
c:\windows\system32\00C4CCBDBC.sys
c:\windows\system32\drivers\ce4ac9e4.sys 

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Thaped"=-

Save this as CFScript.txt, in the same location as ComboFix.exe

Now, drag and drop CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

NEXT:

I notice that you still have traces of a number of antivirus programs on your system. While they don't seem to be installed, please make sure that you only have one antivirus program running and constantly updated.

Once you've made sure of that, pleae enable the real-time scanning feature on your program. Then, run an antivirus scan. If a virus is detected, please send me the log.

In your next reply, please include the following:
  • ComboFix.txt
  • Fresh HijackThis Log
  • Antivirus log (only if an infection is found)

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#13 kansas

kansas
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 03 April 2009 - 11:46 AM

Here is the ComboFix log:

ComboFix 09-04-01.01 - 2009-04-03 11:08:33.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.431 [GMT -5:00]
Running from: c:\documents and settings\Darryl\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Darryl\Desktop\CFScript.txt
AV: Trend Micro Internet Security *On-access scanning disabled* (Updated)
FW: Trend Micro Personal Firewall *disabled*
* Created a new restore point

FILE ::
c:\windows\system32\00C4CCBDBC.sys
c:\windows\system32\drivers\ce4ac9e4.sys
c:\windows\system32\dukevife.dll
c:\windows\system32\fawudipo.dll
c:\windows\system32\fewefupe.exe
c:\windows\system32\gikatuma.dll
c:\windows\system32\gilimugi.dll
c:\windows\system32\hevolofo.dll
c:\windows\system32\hitejewe.exe
c:\windows\system32\hohokaza.dll
c:\windows\system32\kalaweru.exe
c:\windows\system32\kidamore.exe
c:\windows\system32\lehazuta.dll
c:\windows\system32\lovuwufe.dll
c:\windows\system32\motufoyo.dll
c:\windows\system32\niveyaha.dll
c:\windows\system32\nuvebode.exe
c:\windows\system32\ponimero.exe
c:\windows\system32\popukalu.dll
c:\windows\system32\roniviha.dll
c:\windows\system32\runilowu.dll
c:\windows\system32\sehejova.exe
c:\windows\system32\sibipupu.dll
c:\windows\system32\weyalomi.exe
c:\windows\system32\wobehubo.dll
c:\windows\system32\yobijowu.dll
c:\windows\system32\zolujiwa.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\00C4CCBDBC.sys
c:\windows\system32\dukevife.dll
c:\windows\system32\fawudipo.dll
c:\windows\system32\fewefupe.exe
c:\windows\system32\gikatuma.dll
c:\windows\system32\gilimugi.dll
c:\windows\system32\hevolofo.dll
c:\windows\system32\hitejewe.exe
c:\windows\system32\kalaweru.exe
c:\windows\system32\lehazuta.dll
c:\windows\system32\lovuwufe.dll
c:\windows\system32\motufoyo.dll
c:\windows\system32\niveyaha.dll
c:\windows\system32\nuvebode.exe
c:\windows\system32\ponimero.exe
c:\windows\system32\popukalu.dll
c:\windows\system32\roniviha.dll
c:\windows\system32\runilowu.dll
c:\windows\system32\sehejova.exe
c:\windows\system32\sibipupu.dll
c:\windows\system32\weyalomi.exe
c:\windows\system32\wobehubo.dll
c:\windows\system32\zolujiwa.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ce4ac9e4


((((((((((((((((((((((((( Files Created from 2009-03-03 to 2009-04-03 )))))))))))))))))))))))))))))))
.

2009-04-03 11:05 . 2006-03-03 00:42 73,728 --a------ C:\pv.exe
2009-04-02 09:42 . 2009-04-02 09:42 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-02 09:42 . 2009-04-02 09:42 <DIR> d-------- c:\documents and settings\Darryl Posch\Application Data\Malwarebytes
2009-04-02 09:42 . 2009-04-02 09:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-02 09:42 . 2009-03-26 16:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-02 09:42 . 2009-03-26 16:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-02 08:13 . 2009-04-02 08:13 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-02 08:13 . 2009-04-02 08:13 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\scripting
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\en
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\bits
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\l2schemas
2009-04-01 17:55 . 2009-04-01 18:04 <DIR> d-------- c:\windows\ServicePackFiles
2009-04-01 17:14 . 2008-12-20 18:15 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2009-04-01 17:14 . 2008-12-20 18:15 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-04-01 17:13 . 2008-12-20 18:15 6,066,688 --------- c:\windows\system32\dllcache\ieframe.dll
2009-04-01 17:13 . 2007-04-17 04:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2009-04-01 17:13 . 2007-03-08 00:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-04-01 17:13 . 2008-12-20 18:15 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2009-04-01 17:13 . 2008-12-20 18:15 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2009-04-01 17:13 . 2008-12-20 18:15 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2009-04-01 17:13 . 2008-12-19 04:10 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2009-04-01 17:03 . 2007-08-13 18:54 33,792 --a------ c:\windows\system32\dllcache\custsat.dll
2009-04-01 08:25 . 2009-04-01 08:28 <DIR> d-------- C:\rsit
2009-03-31 11:52 . 2009-03-31 11:52 <DIR> d-------- c:\documents and settings\LocalService\Application Data\alot
2009-03-30 08:18 . 2009-03-30 08:18 <DIR> d-------- c:\windows\system32\Service
2009-03-27 10:36 . 2009-03-27 10:36 <DIR> d-------- c:\program files\CCleaner
2009-03-26 14:15 . 2009-03-26 13:48 50,192 --a------ c:\windows\system32\drivers\tmevtmgr.sys
2009-03-26 14:15 . 2009-03-26 13:48 50,192 --a------ c:\windows\system32\drivers\tmactmon.sys
2009-03-26 14:13 . 2009-03-27 09:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\Trend Micro
2009-03-26 14:12 . 2009-03-30 15:11 <DIR> d-------- c:\program files\Trend Micro
2009-03-26 13:48 . 2009-03-26 13:48 1,195,512 --a------ c:\windows\system32\drivers\vsapint.sys
2009-03-26 13:48 . 2009-03-26 13:48 661,808 --a------ c:\windows\system32\UfWSC.cpl
2009-03-26 13:48 . 2009-03-26 13:48 335,376 --a------ c:\windows\system32\drivers\TM_CFW.sys
2009-03-26 13:48 . 2009-03-26 13:48 205,328 --a------ c:\windows\system32\drivers\tmxpflt.sys
2009-03-26 13:48 . 2009-03-26 13:48 80,400 --a------ c:\windows\system32\drivers\tmtdi.sys
2009-03-26 13:48 . 2009-03-26 13:48 36,368 --a------ c:\windows\system32\drivers\tmpreflt.sys
2009-03-26 13:37 . 2009-03-26 13:48 150,032 --a------ c:\windows\system32\drivers\tmcomm.sys
2009-03-26 13:36 . 2009-03-26 13:54 <DIR> d-------- c:\documents and settings\Darryl Posch\Application Data\HouseCall 6.6
2009-03-26 11:01 . 2009-03-09 14:06 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-03-26 08:12 . 2008-04-13 19:11 21,504 --a------ c:\windows\system32\hidserv.dll
2009-03-24 20:03 . 2009-03-09 14:06 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d-------- c:\program files\Lavasoft
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-24 19:39 . 2009-03-24 19:39 <DIR> d-------- c:\documents and settings\Darryl Posch\Application Data\Uniblue
2009-03-24 16:36 . 2009-03-24 16:36 <DIR> d-------- c:\documents and settings\Kelsey Meadows\Application Data\Logs
2009-03-24 07:20 . 2009-03-24 07:20 <DIR> d-------- c:\documents and settings\Ashley\Application Data\Logs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-03 15:51 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-02 13:23 --------- d-----w c:\program files\Symantec AntiVirus
2009-04-02 13:23 --------- d-----w c:\program files\Symantec
2009-04-02 13:23 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-04-02 13:23 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-04-02 13:13 --------- d-----w c:\program files\Java
2009-03-29 12:05 --------- d-----w c:\documents and settings\All Users\Application Data\HP
2009-03-26 19:03 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-26 19:03 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-26 14:27 --------- d-----w c:\program files\Norton Security Scan
2009-03-16 20:17 --------- d-----w c:\documents and settings\Ashley\Application Data\Move Networks
2009-03-12 08:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-07-09 20:58 335 -c-ha-w c:\documents and settings\Darryl Posch\hpothb07.dat
2008-03-11 03:02 350 -c-ha-w c:\documents and settings\Kelsey Meadows\hpothb07.dat
2008-03-11 03:02 339 -c-ha-w c:\documents and settings\Ashley Meadows\hpothb07.dat
2008-03-11 03:02 0 -c-ha-w c:\documents and settings\Default User\hpothb07.dat
2008-03-11 03:02 0 -c-ha-w c:\documents and settings\Ashley\hpothb07.dat
2008-03-11 02:39 164 -c-ha-w c:\documents and settings\All Users\hpothb07.dat
2006-11-21 03:03 183 -c-ha-w c:\documents and settings\Ashley Meadows\Application Data\hpothb07.dat
2006-11-12 09:08 1,315,701 -csh--w c:\windows\addins\pcac.bak1
2007-02-05 01:44 975,149 -csh--w c:\windows\Config\mcokb.bak1
2007-02-05 02:04 974,567 -csh--w c:\windows\Config\mcokb.bak2
2007-02-05 03:21 975,412 -csh--w c:\windows\Config\mcokb.ini2
2006-11-11 22:17 1,315,975 -csh--w c:\windows\system32\Macromed\Shockwave 8\DswMedia\drhakba.bak1
.

((((((((((((((((((((((((((((( SnapShot_2009-04-02_ 9.29.26.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-03 16:20:14 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_248.dat
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
-c--a-w 344,064 2005-08-06 03:05:00 c:\program files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe

----a-w 50,760 2006-05-10 00:24:16 c:\program files\Common Files\AOL\1160619292\ee\bak\AOLSoftware.exe
----a-w 50,792 2006-04-13 20:36:53 c:\program files\Common Files\AOL\1160619292\ee\AOLSoftware.exe

-c--a-w 124,520 2006-02-17 16:59:46 c:\program files\Common Files\AOL\IPHSend\bak\IPHSend.exe
----a-w 128,616 2005-11-22 23:30:43 c:\program files\Common Files\AOL\IPHSend\IPHSend.exe

-c--a-w 81,920 2005-06-10 16:44:02 c:\program files\Common Files\InstallShield\UpdateService\bak\issch.exe
----a-w 81,920 2005-02-16 22:15:20 c:\program files\Common Files\InstallShield\UpdateService\issch.exe

----a-w 249,856 2005-06-10 16:44:02 c:\program files\Common Files\InstallShield\UpdateService\bak\isuspm.exe
----a-w 221,184 2004-07-27 22:50:42 c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

-c--a-w 284,184 2006-10-31 07:03:48 c:\program files\Common Files\Logitech\LComMgr\bak\Communications_Helper.exe

-c--a-w 244,512 2006-11-16 04:01:52 c:\program files\Common Files\Logitech\LComMgr\bak\LVComSX.exe
----a-w 244,512 2006-11-16 03:01:52 c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe

-c--a-w 48,752 2005-10-04 18:42:40 c:\program files\Common Files\Symantec Shared\bak\ccApp.exe

-c--a-w 106,496 2005-08-31 17:06:18 c:\program files\Corel\Corel Photo Album 6\bak\MediaDetect.exe

-c--a-w 94,208 2005-10-05 09:12:00 c:\program files\Dell\Media Experience\bak\DMXLauncher.exe

-c--a-w 332,800 2005-05-15 08:04:12 c:\program files\Dell Support\bak\DSAgnt.exe

-c--a-w 169,472 2006-03-03 00:32:43 c:\program files\Google\Google Desktop Search\bak\GoogleDesktop.exe

-c--a-w 69,632 2002-04-11 10:19:34 c:\program files\Hewlett-Packard\HP Share-to-Web\bak\hpgs2wnd.exe
----a-w 69,632 2002-04-11 09:19:34 c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

-c--a-w 256,576 2006-10-30 15:36:36 c:\program files\iTunes\bak\iTunesHelper.exe
----a-w 290,088 2008-11-20 19:20:54 c:\program files\iTunes\iTunesHelper.exe

-c--a-w 36,975 2005-04-13 08:48:52 c:\program files\Java\jre1.5.0_03\bin\bak\jusched.exe

-c--a-w 746,520 2006-11-16 03:58:40 c:\program files\Logitech\QuickCam10\bak\QuickCam10.exe

-c--a-w 1,121,792 2005-08-12 22:16:44 c:\program files\McAfee\SpamKiller\bak\MSKDetct.exe

-c--a-w 8,192 2005-09-09 01:20:46 c:\program files\MUSICMATCH\Musicmatch Jukebox\bak\mimboot.exe

-c--a-w 110,592 2005-09-09 01:20:46 c:\program files\MUSICMATCH\Musicmatch Jukebox\bak\mm_tray.exe

-c--a-w 282,624 2006-10-26 00:58:18 c:\program files\QuickTime\bak\qttask.exe
----a-w 413,696 2008-11-04 16:30:50 c:\program files\QuickTime\QTTask.exe

-c--a-w 1,261 2007-05-20 23:16:26 c:\program files\Real\RealPlayer\bak\channels.xml

-c--a-w 26,112 2006-03-03 00:22:54 c:\program files\Real\RealPlayer\bak\RealPlay.exe

-c--a-w 85,744 2005-11-15 19:28:04 c:\program files\Symantec AntiVirus\bak\VPTray.exe

-c--a-w 67,584 2005-09-29 20:01:14 c:\windows\ehome\bak\ehtray.exe

-c--a-w 335,872 2002-04-04 20:01:42 c:\windows\system32\bak\hphmon04.exe
----a-w 335,872 2002-04-04 20:01:42 c:\windows\system32\hphmon04.exe

-c--a-w 188,416 2002-04-04 20:03:00 c:\windows\system32\spool\drivers\w32x86\3\bak\hpztsb05.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-02 39408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"Aim6"="c:\program files\AIM6\aim6.exe" [2006-11-07 50736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\bak\isuspm.exe" [2005-06-10 249856]
"HostManager"="c:\program files\Common Files\AOL\1160619292\ee\AOLSoftware.exe" [2006-04-13 50792]
"IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2005-11-22 128616]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-02 148888]
"HPHmon04"="c:\windows\system32\hphmon04.exe" [2002-04-04 335872]
"HPHUPD04"="c:\program files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" [2002-04-04 49152]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-11 69632]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-08-10 221184]
"DMXLauncher"="c:\program files\Roxio\Media Experience\DMXLauncher.exe" [2006-08-14 102400]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-07-31 1116920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-09 515416]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-03-26 995528]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 c:\windows\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2009-03-26 492808]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
WinCinema Manager.lnk - c:\program files\Sandisk\Common\Bin\WinCinemaMgr.exe [2008-01-10 303104]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-04-08 113664]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-03-02 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"vidc.MJPG"= m3jpeg32.dll
"vidc.dmb1"= m3jpeg32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\1160619292\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1160619292\\ee\\aim6.exe"=
"c:\\Program Files\\Common Files\\AOL\\1160619292\\ee\\aexplore.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"53:TCP"= 53:TCP:TINYPROXY

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-24 64160]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-03-26 50192]
R2 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security\TmPfw.exe [2009-03-26 497008]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-03-26 36368]
R2 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2009-03-26 677128]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2009-03-26 335376]
S2 Network Location Awareness (NLA) (Nla);Network Location Awareness (NLA) (Nla);c:\program files\ProtectService\ProtectService.exe --> c:\program files\ProtectService\ProtectService.exe [?]
S3 JL2004A;JL2004A Photo Viewer;c:\windows\system32\drivers\pv_wdm.sys [2008-03-03 63289]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
S3 mr97310c;CIF Dual-Mode Camera;c:\windows\system32\drivers\mr97310c.sys [2008-07-28 107904]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
.
Contents of the 'Scheduled Tasks' folder

2009-03-25 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 14:06]

2009-03-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-03-29 c:\windows\Tasks\Disk Cleanup.job
- c:\windows\system32\cleanmgr.exe [2008-04-13 19:12]

2009-03-11 c:\windows\Tasks\EasyShare Registration Task.job
- c:\docume~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.5.20.2.sxt _RegistrationOffer@16 []

2009-04-03 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 18:39]

2009-03-27 c:\windows\Tasks\McAfee.com Scan for Viruses - My Computer (D9C7YK91-Darryl Posch).job
- c:\program files\mcafee.com\vso\mcmnhdlr.exe []

2009-04-03 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

2009-04-01 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe [2008-01-09 04:08]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Darryl Posch\Start Menu\Programs\IMVU\Run IMVU.lnk
Trusted Zone: imageservr.com\locator.cdn
Trusted Zone: musicmatch.com\online
TCP: {765B3347-AA0D-4BCB-BC58-2A160C730946} = 66.37.238.30,66.37.238.26
FF - ProfilePath - c:\documents and settings\Darryl Posch\Application Data\Mozilla\Firefox\Profiles\8x5aqpg0.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-03 11:21:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Trend Micro\BM\TMBMSRV.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Trend Micro\Internet Security\SfCtlCom.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wscntfy.exe
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
c:\program files\AIM6\aolsoftware.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
c:\program files\Digital Images manager\Photags AutoDetect.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
c:\program files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Completion time: 2009-04-03 11:30:33 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-03 16:30:28
ComboFix2.txt 2009-04-02 14:31:11
ComboFix3.txt 2009-04-01 20:53:51

Pre-Run: 29,920,985,088 bytes free
Post-Run: 29,905,608,704 bytes free

363 --- E O F --- 2009-04-03 16:03:05

Here is the Hijack This log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:15 AM, on 4/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Digital Images manager\Photags AutoDetect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe" -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Documents and Settings\Darryl Posch\Application Data\IMVUClient\IMVUClient.exe
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files\Digital Images manager\Photags AutoDetect.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Darryl Posch\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{765B3347-AA0D-4BCB-BC58-2A160C730946}: NameServer = 66.37.238.30,66.37.238.26
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Program Files\ProtectService\ProtectService.exe (file missing)
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 14387 bytes


The antivirus program found two cookies and deleted them but no infections.

Thank you!

#14 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:01:45 PM

Posted 04 April 2009 - 01:45 AM

Hello, kansas.
Glad to be of help! :thumbup2:

We have a bit more to get done, so let's waste no time!

Your logs indicate that you do not have real-time scanning enabled on your antivirus program. Please enable this feature as it helps keep your computer safe from infections.




1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

file::
c:\windows\addins\pcac.bak1
c:\windows\Config\mcokb.bak1
c:\windows\Config\mcokb.bak2
c:\windows\Config\mcokb.ini2
c:\windows\system32\Macromed\Shockwave 8\DswMedia\drhakba.bak1

Save this as CFScript.txt, in the same location as ComboFix.exe

Now, drag and drop CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

NEXT:

Please download ATF Cleaner by Atribune. (This program is for XP and Windows 2000 only)Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

NEXT:

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Java Runtime Environment (JRE)" JRE 6 Update 13.
  • Click the Download button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u13-windows-i586-p.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

In your next reply, please include the following:
  • ComboFix.txt
  • Fresh HijackThis Log
  • Description of any remaining problems

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#15 kansas

kansas
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 06 April 2009 - 09:48 AM

Sorry about the delay in getting back to you, I was away from the computer this weekend.

Here is the latest Hijack This Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:40:31 AM, on 4/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Digital Images manager\Photags AutoDetect.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\bak\isuspm.exe" -startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1160619292\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Documents and Settings\Darryl Posch\Application Data\IMVUClient\IMVUClient.exe
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files\Digital Images manager\Photags AutoDetect.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Darryl Posch\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{765B3347-AA0D-4BCB-BC58-2A160C730946}: NameServer = 66.37.238.30,66.37.238.26
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Program Files\ProtectService\ProtectService.exe (file missing)
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 14592 bytes



Here is the Combo Fix log:
ComboFix 09-04-01.01 - Darryl 2009-04-06 9:00:07.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.391 [GMT -5:00]
Running from: c:\documents and settings\Darryl \Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Darryl \Desktop\CFScript.txt
AV: Trend Micro Internet Security *On-access scanning disabled* (Updated)
FW: Trend Micro Personal Firewall *disabled*
* Created a new restore point

FILE ::
c:\windows\addins\pcac.bak1
c:\windows\Config\mcokb.bak1
c:\windows\Config\mcokb.bak2
c:\windows\Config\mcokb.ini2
c:\windows\system32\Macromed\Shockwave 8\DswMedia\drhakba.bak1
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\addins\pcac.bak1
c:\windows\Config\mcokb.bak1
c:\windows\Config\mcokb.bak2
c:\windows\Config\mcokb.ini2
c:\windows\system32\Macromed\Shockwave 8\DswMedia\drhakba.bak1

.
((((((((((((((((((((((((( Files Created from 2009-03-06 to 2009-04-06 )))))))))))))))))))))))))))))))
.

2009-04-03 11:05 . 2006-03-03 00:42 73,728 --a------ C:\pv.exe
2009-04-02 09:42 . 2009-04-02 09:42 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-02 09:42 . 2009-04-02 09:42 <DIR> d-------- c:\documents and settings\Darryl Posch\Application Data\Malwarebytes
2009-04-02 09:42 . 2009-04-02 09:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-02 09:42 . 2009-03-26 16:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-02 09:42 . 2009-03-26 16:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-02 08:13 . 2009-04-02 08:13 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-02 08:13 . 2009-04-02 08:13 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\scripting
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\en
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\system32\bits
2009-04-01 18:03 . 2009-04-01 18:03 <DIR> d-------- c:\windows\l2schemas
2009-04-01 17:55 . 2009-04-01 18:04 <DIR> d-------- c:\windows\ServicePackFiles
2009-04-01 17:14 . 2008-12-20 18:15 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2009-04-01 17:14 . 2008-12-20 18:15 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-04-01 17:13 . 2008-12-20 18:15 6,066,688 --------- c:\windows\system32\dllcache\ieframe.dll
2009-04-01 17:13 . 2007-04-17 04:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2009-04-01 17:13 . 2007-03-08 00:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-04-01 17:13 . 2008-12-20 18:15 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2009-04-01 17:13 . 2008-12-20 18:15 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2009-04-01 17:13 . 2008-12-20 18:15 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2009-04-01 17:13 . 2008-12-19 04:10 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2009-04-01 17:03 . 2007-08-13 18:54 33,792 --a------ c:\windows\system32\dllcache\custsat.dll
2009-04-01 08:25 . 2009-04-01 08:28 <DIR> d-------- C:\rsit
2009-03-31 11:52 . 2009-03-31 11:52 <DIR> d-------- c:\documents and settings\LocalService\Application Data\alot
2009-03-30 08:18 . 2009-03-30 08:18 <DIR> d-------- c:\windows\system32\Service
2009-03-27 10:36 . 2009-03-27 10:36 <DIR> d-------- c:\program files\CCleaner
2009-03-26 14:15 . 2009-03-26 13:48 50,192 --a------ c:\windows\system32\drivers\tmevtmgr.sys
2009-03-26 14:15 . 2009-03-26 13:48 50,192 --a------ c:\windows\system32\drivers\tmactmon.sys
2009-03-26 14:13 . 2009-03-27 09:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\Trend Micro
2009-03-26 14:12 . 2009-03-30 15:11 <DIR> d-------- c:\program files\Trend Micro
2009-03-26 13:48 . 2009-03-26 13:48 1,195,512 --a------ c:\windows\system32\drivers\vsapint.sys
2009-03-26 13:48 . 2009-03-26 13:48 661,808 --a------ c:\windows\system32\UfWSC.cpl
2009-03-26 13:48 . 2009-03-26 13:48 335,376 --a------ c:\windows\system32\drivers\TM_CFW.sys
2009-03-26 13:48 . 2009-03-26 13:48 205,328 --a------ c:\windows\system32\drivers\tmxpflt.sys
2009-03-26 13:48 . 2009-03-26 13:48 80,400 --a------ c:\windows\system32\drivers\tmtdi.sys
2009-03-26 13:48 . 2009-03-26 13:48 36,368 --a------ c:\windows\system32\drivers\tmpreflt.sys
2009-03-26 13:37 . 2009-03-26 13:48 150,032 --a------ c:\windows\system32\drivers\tmcomm.sys
2009-03-26 13:36 . 2009-03-26 13:54 <DIR> d-------- c:\documents and settings\Darryl Posch\Application Data\HouseCall 6.6
2009-03-26 11:01 . 2009-03-09 14:06 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-03-26 08:12 . 2008-04-13 19:11 21,504 --a------ c:\windows\system32\hidserv.dll
2009-03-24 20:03 . 2009-03-09 14:06 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d-------- c:\program files\Lavasoft
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-24 20:00 . 2009-03-24 20:00 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-24 19:39 . 2009-03-24 19:39 <DIR> d-------- c:\documents and settings\Darryl Posch\Application Data\Uniblue
2009-03-24 16:36 . 2009-03-24 16:36 <DIR> d-------- c:\documents and settings\Kelsey Meadows\Application Data\Logs
2009-03-24 07:20 . 2009-03-24 07:20 <DIR> d-------- c:\documents and settings\Ashley\Application Data\Logs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-06 13:26 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-03 16:48 --------- d-----w c:\program files\Google
2009-04-02 13:23 --------- d-----w c:\program files\Symantec AntiVirus
2009-04-02 13:23 --------- d-----w c:\program files\Symantec
2009-04-02 13:23 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-04-02 13:23 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-04-02 13:13 --------- d-----w c:\program files\Java
2009-03-29 12:05 --------- d-----w c:\documents and settings\All Users\Application Data\HP
2009-03-26 19:03 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-26 19:03 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-26 14:27 --------- d-----w c:\program files\Norton Security Scan
2009-03-16 20:17 --------- d-----w c:\documents and settings\Ashley\Application Data\Move Networks
2009-03-12 08:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:13 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-17 02:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2008-07-09 20:58 335 -c-ha-w c:\documents and settings\Darryl Posch\hpothb07.dat
2008-03-11 03:02 350 -c-ha-w c:\documents and settings\Kelsey Meadows\hpothb07.dat
2008-03-11 03:02 339 -c-ha-w c:\documents and settings\Ashley Meadows\hpothb07.dat
2008-03-11 03:02 0 -c-ha-w c:\documents and settings\Default User\hpothb07.dat
2008-03-11 03:02 0 -c-ha-w c:\documents and settings\Ashley\hpothb07.dat
2008-03-11 02:39 164 -c-ha-w c:\documents and settings\All Users\hpothb07.dat
2006-11-21 03:03 183 -c-ha-w c:\documents and settings\Ashley Meadows\Application Data\hpothb07.dat
.

((((((((((((((((((((((((((((( SnapShot_2009-04-02_ 9.29.26.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB938127-v2-IE7\spuninst\updspapi.dll
+ 2007-08-13 23:54:10 765,952 -c----w c:\windows\ie7updates\KB938127-v2-IE7\vgx.dll
- 2008-04-14 00:12:15 139,264 ----a-w c:\windows\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ------w c:\windows\system32\dllcache\cscript.exe
+ 2008-05-09 10:53:39 512,000 ------w c:\windows\system32\dllcache\jscript.dll
- 2008-04-14 00:12:01 1,306,624 ------w c:\windows\system32\dllcache\msxml6.dll
+ 2008-09-10 01:14:56 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll
+ 2008-05-09 10:53:39 180,224 ------w c:\windows\system32\dllcache\scrobj.dll
+ 2008-05-09 10:53:40 172,032 ------w c:\windows\system32\dllcache\scrrun.dll
+ 2008-05-09 10:53:40 430,080 ------w c:\windows\system32\dllcache\vbscript.dll
- 2007-08-13 23:54:10 765,952 ----a-w c:\windows\system32\dllcache\VGX.dll
+ 2008-05-27 17:23:58 765,952 ----a-w c:\windows\system32\dllcache\vgx.dll
+ 2008-05-08 11:24:44 155,648 ------w c:\windows\system32\dllcache\wscript.exe
+ 2008-05-09 10:53:40 90,112 ------w c:\windows\system32\dllcache\wshext.dll
- 2008-04-14 00:11:56 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-05-09 10:53:39 512,000 ----a-w c:\windows\system32\jscript.dll
- 2008-04-14 00:12:01 1,306,624 ------w c:\windows\system32\msxml6.dll
+ 2008-09-10 01:14:56 1,307,648 ------w c:\windows\system32\msxml6.dll
- 2008-04-14 00:12:05 180,224 ----a-w c:\windows\system32\scrobj.dll
+ 2008-05-09 10:53:39 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2008-04-14 00:12:05 172,032 ----a-w c:\windows\system32\scrrun.dll
+ 2008-05-09 10:53:40 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2007-11-30 11:18:51 17,272 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll
- 2008-04-14 00:12:08 434,176 ----a-w c:\windows\system32\vbscript.dll
+ 2008-05-09 10:53:40 430,080 ----a-w c:\windows\system32\vbscript.dll
- 2008-04-14 00:12:41 155,648 ----a-w c:\windows\system32\wscript.exe
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\system32\wscript.exe
- 2008-04-14 00:12:10 90,112 ----a-w c:\windows\system32\wshext.dll
+ 2008-05-09 10:53:40 90,112 ----a-w c:\windows\system32\wshext.dll
+ 2009-04-06 13:25:41 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_178.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
-c--a-w 344,064 2005-08-06 03:05:00 c:\program files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe

----a-w 50,760 2006-05-10 00:24:16 c:\program files\Common Files\AOL\1160619292\ee\bak\AOLSoftware.exe
----a-w 50,792 2006-04-13 20:36:53 c:\program files\Common Files\AOL\1160619292\ee\AOLSoftware.exe

-c--a-w 124,520 2006-02-17 16:59:46 c:\program files\Common Files\AOL\IPHSend\bak\IPHSend.exe
----a-w 128,616 2005-11-22 23:30:43 c:\program files\Common Files\AOL\IPHSend\IPHSend.exe

-c--a-w 81,920 2005-06-10 16:44:02 c:\program files\Common Files\InstallShield\UpdateService\bak\issch.exe
----a-w 81,920 2005-02-16 22:15:20 c:\program files\Common Files\InstallShield\UpdateService\issch.exe

----a-w 249,856 2005-06-10 16:44:02 c:\program files\Common Files\InstallShield\UpdateService\bak\isuspm.exe
----a-w 221,184 2004-07-27 22:50:42 c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

-c--a-w 284,184 2006-10-31 07:03:48 c:\program files\Common Files\Logitech\LComMgr\bak\Communications_Helper.exe

-c--a-w 244,512 2006-11-16 04:01:52 c:\program files\Common Files\Logitech\LComMgr\bak\LVComSX.exe
----a-w 244,512 2006-11-16 03:01:52 c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe

-c--a-w 48,752 2005-10-04 18:42:40 c:\program files\Common Files\Symantec Shared\bak\ccApp.exe

-c--a-w 106,496 2005-08-31 17:06:18 c:\program files\Corel\Corel Photo Album 6\bak\MediaDetect.exe

-c--a-w 94,208 2005-10-05 09:12:00 c:\program files\Dell\Media Experience\bak\DMXLauncher.exe

-c--a-w 332,800 2005-05-15 08:04:12 c:\program files\Dell Support\bak\DSAgnt.exe

-c--a-w 169,472 2006-03-03 00:32:43 c:\program files\Google\Google Desktop Search\bak\GoogleDesktop.exe

-c--a-w 69,632 2002-04-11 10:19:34 c:\program files\Hewlett-Packard\HP Share-to-Web\bak\hpgs2wnd.exe
----a-w 69,632 2002-04-11 09:19:34 c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

-c--a-w 256,576 2006-10-30 15:36:36 c:\program files\iTunes\bak\iTunesHelper.exe
----a-w 290,088 2008-11-20 19:20:54 c:\program files\iTunes\iTunesHelper.exe

-c--a-w 36,975 2005-04-13 08:48:52 c:\program files\Java\jre1.5.0_03\bin\bak\jusched.exe

-c--a-w 746,520 2006-11-16 03:58:40 c:\program files\Logitech\QuickCam10\bak\QuickCam10.exe

-c--a-w 1,121,792 2005-08-12 22:16:44 c:\program files\McAfee\SpamKiller\bak\MSKDetct.exe

-c--a-w 8,192 2005-09-09 01:20:46 c:\program files\MUSICMATCH\Musicmatch Jukebox\bak\mimboot.exe

-c--a-w 110,592 2005-09-09 01:20:46 c:\program files\MUSICMATCH\Musicmatch Jukebox\bak\mm_tray.exe

-c--a-w 282,624 2006-10-