Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

videos slow down/stop/skip. check up....


  • This topic is locked This topic is locked
13 replies to this topic

#1 Iron Smile

Iron Smile

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 04 April 2009 - 10:59 PM

ok, so mainly this is a check up to ake sure everything is ok, but when im watching videos on youtube, they kinda, stop at scenes, i can hear the audio, but the video stops/skips about 5 seconds. i know its nothing MAJOR, but its kinda irritating. also, it just started about 3 days ago

and also im wanting a check up, havnt had one in a while and wanted to make sure everything is ok:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:50 PM, on 4/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neopets.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080417
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe -m
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215129532826
O18 - Filter hijack: text/html - {1ef57748-a43a-4d60-9ab5-66876074c0de} - C:\WINDOWS\system32\mst120.dll
O19 - User stylesheet: C:\Documents and Settings\Christy\Desktop\neopets.css (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10457 bytes

Edited by Iron Smile, 04 April 2009 - 10:59 PM.


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:53 PM

Posted 11 April 2009 - 09:13 PM

Hello there,

Nope....not okay. You have some baddies going on there.

Disable Avast! before you run this tool. It gives ComboFix a really hard time. Also do yourself a favor and get rid of BearShare. That is one of the worst of the worst. :thumbup2:

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

1. Download this file - combofix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 Iron Smile

Iron Smile
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 11 April 2009 - 09:27 PM

Why does it always show up that i have bearshare? i dont have it. im nto sure why it shows up like that. i looked at the add or remove programs and i dont see i tthere. how would i go about deleting it since i dont see it?

and i have gone thru some folders and done a few virus scans since that log, so it might look different, not sure. but still having thr problems i told you about.

combofix:
-----------------------

ComboFix 09-04-04.01 - Christy 2009-04-11 22:16:33.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1982.1383 [GMT -4:00]
Running from: c:\documents and settings\Christy\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 090411-0] *On-access scanning disabled* (Updated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Christy\Favorites\Games.url
c:\program files\Common\helper.sig

.
((((((((((((((((((((((((( Files Created from 2009-03-12 to 2009-04-12 )))))))))))))))))))))))))))))))
.

2009-04-11 15:11 . 2009-04-11 15:11 <DIR> d-------- c:\documents and settings\Christy\Application Data\Uniblue
2009-04-11 15:10 . 2009-04-11 15:16 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\~0
2009-04-11 15:07 . 2009-04-11 15:08 <DIR> d-------- c:\documents and settings\Christy\Application Data\DriverCure
2009-04-11 15:07 . 2009-04-11 15:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\ParetoLogic
2009-04-11 15:07 . 2009-04-11 15:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\DriverCure
2009-04-11 09:45 . 2009-04-11 21:08 <DIR> d-------- c:\program files\gpotato
2009-04-11 09:44 . 2009-04-11 09:44 <DIR> d-------- C:\wyvern
2009-04-11 09:44 . 2009-04-11 09:44 <DIR> d-------- c:\windows\profiles
2009-04-11 09:44 . 2009-04-11 09:44 2,557 --a------ c:\windows\identitydb.obj
2009-04-10 22:58 . 2009-04-10 23:01 <DIR> d-------- c:\documents and settings\Christy\Application Data\LimeWire
2009-04-10 20:13 . 2009-04-10 20:13 <DIR> d-------- c:\program files\Skullbyte
2009-04-10 20:12 . 2009-04-10 21:28 <DIR> d-------- c:\program files\Ahriman's Prophecy
2009-04-10 20:12 . 2009-04-10 20:12 163,220 --a------ c:\windows\Ahriman's Prophecy Uninstaller.exe
2009-04-10 20:04 . 2009-04-10 20:04 <DIR> d-------- c:\program files\Tale of Tales
2009-04-10 16:59 . 2009-04-11 09:30 <DIR> d-------- c:\program files\Perfect World Entertainment
2009-04-10 16:58 . 2005-05-10 18:54 258,352 --a------ c:\windows\system32\unicows.dll
2009-04-10 16:29 . 2009-04-10 16:29 <DIR> d-------- c:\program files\Pando Networks
2009-04-10 16:29 . 2009-04-10 16:56 <DIR> d-------- c:\documents and settings\Christy\Application Data\GetRightToGo
2009-04-10 16:29 . 2009-04-10 16:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\PMB Files
2009-04-08 19:18 . 2009-04-08 19:18 <DIR> d-------- c:\documents and settings\Christy\Application Data\SpinTop Games
2009-04-08 18:29 . 2009-04-08 18:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\AdventureChronicles1
2009-04-07 20:42 . 2009-04-07 20:42 <DIR> d-------- c:\documents and settings\Christy\Application Data\Shape games
2009-04-07 20:32 . 2009-04-07 20:32 <DIR> d-------- c:\windows\Paranormal Agency
2009-04-07 20:31 . 2009-04-07 20:31 <DIR> d-------- c:\windows\Mystery P I The New York Fortune
2009-04-07 20:31 . 2009-04-07 20:31 <DIR> d-------- c:\windows\Adventure Chronicles The Search for Lost Treasure
2009-04-07 20:31 . 2009-04-07 20:31 <DIR> d-------- c:\program files\Mystery P I The New York Fortune
2009-03-27 17:36 . 2009-03-27 17:45 <DIR> d-------- c:\documents and settings\Christy\Application Data\Jetsetter
2009-03-26 22:18 . 2009-03-26 22:18 <DIR> d-------- c:\windows\Samantha Swift and the Hidden Roses of Athena
2009-03-26 22:16 . 2009-03-26 22:16 <DIR> d-------- c:\windows\Jetsetter
2009-03-26 22:14 . 2009-03-26 22:14 <DIR> d-------- c:\windows\Mortimer Beckett and the Time Paradox
2009-03-26 22:14 . 2009-04-10 13:58 <DIR> d-------- c:\program files\Mortimer Beckett and the Time Paradox
2009-03-26 22:12 . 2009-03-26 22:12 <DIR> d-------- c:\program files\Games
2009-03-20 20:57 . 2009-03-20 20:57 <DIR> d-------- c:\documents and settings\Christy\Application Data\EleFun Games
2009-03-20 20:51 . 2009-03-20 20:56 <DIR> d-------- c:\documents and settings\Christy\Application Data\FairyTale
2009-03-20 19:45 . 2009-03-20 19:45 <DIR> d-------- c:\documents and settings\Christy\Application Data\Skip-Bo
2009-03-20 19:45 . 2009-03-20 19:45 <DIR> d-------- c:\documents and settings\Christy\Application Data\Mushroom Age
2009-03-20 19:26 . 2009-03-20 19:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\NevoSoft Games
2009-03-20 17:27 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\system32\d3dx9_34.dll
2009-03-20 17:25 . 2009-03-20 17:25 <DIR> d-------- c:\windows\Build a lot 3 Passport to Europe
2009-03-20 17:25 . 2009-03-20 17:25 <DIR> d-------- c:\windows\Alice Greenfingers 2
2009-03-20 17:25 . 2009-03-28 11:04 <DIR> d-------- c:\program files\Alice Greenfingers 2
2009-03-20 17:24 . 2009-03-20 17:24 <DIR> d-------- c:\windows\Party Down
2009-03-20 17:23 . 2009-03-20 17:23 <DIR> d-------- c:\windows\A Fairy Tale
2009-03-20 17:23 . 2009-04-08 09:34 <DIR> d-------- c:\program files\A Fairy Tale
2009-03-20 17:22 . 2009-03-20 17:27 <DIR> d--h----- c:\windows\msdownld.tmp
2009-03-20 17:22 . 2009-03-20 17:22 <DIR> d-------- c:\windows\Logs
2009-03-20 11:35 . 2009-03-20 11:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Fugazo
2009-03-20 10:13 . 2009-03-20 11:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\FarmFrenzy-PizzaParty
2009-03-20 10:12 . 2009-03-20 10:12 <DIR> d-------- c:\documents and settings\Christy\Application Data\Sortasoft
2009-03-20 10:12 . 2009-03-20 10:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sortasoft
2009-03-20 10:09 . 2009-03-20 10:09 <DIR> d-------- c:\windows\SKIP BO Castaway Caper
2009-03-20 10:09 . 2009-03-20 10:10 <DIR> d-------- c:\program files\SKIP BO Castaway Caper
2009-03-20 10:07 . 2009-03-20 10:07 <DIR> d-------- c:\windows\Mushroom Age
2009-03-20 10:06 . 2009-03-20 10:06 <DIR> d-------- C:\games
2009-03-20 10:04 . 2009-03-20 10:04 <DIR> d-------- c:\windows\Funky Farm 2
2009-03-20 10:04 . 2009-03-20 10:04 <DIR> d-------- c:\windows\Farm Craft
2009-03-20 10:03 . 2009-03-20 10:03 <DIR> d-------- c:\windows\Farm Mania
2009-03-20 10:03 . 2009-03-20 10:03 <DIR> d-------- c:\windows\Cooking Academy 2 World Cuisine
2009-03-20 10:03 . 2009-04-07 20:25 <DIR> d-------- c:\program files\Farm Mania
2009-03-20 10:03 . 2009-04-11 09:32 <DIR> d-------- c:\program files\Cooking Academy 2 World Cuisine
2009-03-20 10:02 . 2009-03-20 10:02 <DIR> d-------- c:\windows\Farm Frenzy Pizza Party
2009-03-20 10:02 . 2009-03-20 10:02 <DIR> d-------- c:\program files\Farm Frenzy Pizza Party
2009-03-20 10:01 . 2009-03-20 10:01 <DIR> d-------- c:\windows\Farm Frenzy 2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-12 02:16 --------- d-----w c:\program files\Common
2009-04-11 20:44 --------- d-----w c:\documents and settings\Christy\Application Data\uTorrent
2009-04-11 00:20 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-10 17:56 --------- d-----w c:\program files\CLUE Classic
2009-04-07 02:31 --------- d-----w c:\program files\Virtual Villagers
2009-04-07 02:31 --------- d-----w c:\program files\Virtual Farm
2009-03-27 22:29 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
2009-03-21 03:13 --------- d--h--r c:\documents and settings\All Users\Application Data\yahoo!
2009-03-21 03:13 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-03-21 00:51 --------- d-----w c:\program files\GameTop.com
2009-03-03 01:09 --------- d-----w c:\program files\RealArcade
2009-03-03 00:35 --------- d-----w c:\program files\Chocolatier Decadence by Design
2009-03-03 00:30 --------- d-----w c:\program files\Greedy Words
2009-03-03 00:27 --------- d-----w c:\program files\Word Slinger
2009-02-19 16:33 --------- d-----w c:\program files\Yard Sale Junkie
2009-02-19 16:32 --------- d-----w c:\program files\Snapshot Adventures
2009-02-19 16:32 --------- d-----w c:\program files\Granny In Paradise
2009-02-19 16:29 --------- d-----w c:\program files\Common Files\Nullsoft
2009-02-19 16:29 --------- d-----w c:\program files\Common Files\AOL
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:13 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-17 02:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2008-12-16 23:48 512 ----a-w c:\documents and settings\Christy\Application Data\wklnhst.dat
2008-09-01 00:02 47,360 ----a-w c:\documents and settings\Christy\Application Data\pcouffin.sys
2008-07-14 14:55 308,600 ----a-w c:\documents and settings\All Users\Application Data\NortonProtectionMemo.exe
2008-01-09 00:37 300,400 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-01-12 13:54 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2009-01-12 13:54 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2009-01-12 13:54 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2009-01-12 13:54 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2009-01-12 13:54 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2008-11-04 18:37 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008110420081105\index.dat
.

((((((((((((((((((((((((((((( snapshot_2008-11-04_15.27.33.61 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2008-05-09 10:45:15 512,000 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-09 10:45:16 180,224 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:45:16 172,032 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:45:16 430,080 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:45:17 90,112 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wshext.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951978\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951978\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951978\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB951978\update\updspapi.dll
+ 2008-09-10 01:10:56 1,379,840 ----a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954459\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954459\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll
+ 2008-10-03 09:49:31 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-09-04 17:12:27 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 18:08:38 382,840 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-10-23 12:43:42 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 13:02:04 755,576 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 13:02:12 382,840 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-10-16 20:24:09 124,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\advpack.dll
+ 2008-10-16 20:24:09 347,136 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtmsft.dll
+ 2008-10-16 20:24:09 214,528 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtrans.dll
+ 2008-10-16 20:24:09 132,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\extmgr.dll
+ 2008-10-16 20:24:09 63,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\icardie.dll
+ 2008-10-16 12:46:08 70,656 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe
+ 2008-10-16 20:24:09 153,088 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakeng.dll
+ 2008-10-16 20:24:09 230,400 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieaksie.dll
+ 2008-10-15 06:33:26 161,792 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dat
+ 2008-10-16 20:24:09 380,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dll
+ 2008-10-16 20:24:09 388,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-16 20:24:09 6,068,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
+ 2008-10-16 20:24:09 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iernonce.dll
+ 2008-10-16 20:24:09 267,776 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
+ 2008-10-16 12:46:08 13,824 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe
+ 2008-10-15 06:34:58 633,632 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
+ 2008-10-16 20:24:10 27,648 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\jsproxy.dll
+ 2008-10-16 20:24:10 459,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeeds.dll
+ 2008-10-16 20:24:10 52,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeedsbs.dll
+ 2008-10-16 20:24:10 3,595,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
+ 2008-10-16 20:24:10 477,696 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtmled.dll
+ 2008-10-16 20:24:10 193,024 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll
+ 2008-10-16 20:24:10 671,232 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mstime.dll
+ 2008-10-16 20:24:10 102,912 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\occache.dll
+ 2008-10-16 20:24:10 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\pngfilt.dll
+ 2008-10-16 20:24:10 105,984 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\url.dll
+ 2008-10-16 20:24:11 1,163,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\urlmon.dll
+ 2008-10-16 20:24:11 233,472 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\webcheck.dll
+ 2008-10-16 20:24:11 827,904 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\updspapi.dll
+ 2008-12-11 12:33:59 333,952 ----a-w c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB958687\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB958687\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB958687\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB958687\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB958687\update\updspapi.dll
+ 2009-02-09 11:08:53 1,847,552 ----a-w c:\windows\$hf_mig$\KB958690\SP3QFE\win32k.sys
+ 2008-07-09 07:38:24 17,272 ----a-w c:\windows\$hf_mig$\KB958690\spmsg.dll
+ 2008-07-09 07:38:25 231,288 ----a-w c:\windows\$hf_mig$\KB958690\spuninst.exe
+ 2008-07-09 07:38:24 26,488 ----a-w c:\windows\$hf_mig$\KB958690\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB958690\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB958690\update\updspapi.dll
+ 2008-12-05 06:58:08 144,896 ----a-w c:\windows\$hf_mig$\KB960225\SP3QFE\schannel.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB960225\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB960225\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB960225\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB960225\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB960225\update\updspapi.dll
+ 2008-12-13 06:26:56 3,594,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\updspapi.dll
+ 2008-07-09 07:38:24 17,272 ----a-w c:\windows\$hf_mig$\KB960715\spmsg.dll
+ 2008-07-09 07:38:25 231,288 ----a-w c:\windows\$hf_mig$\KB960715\spuninst.exe
+ 2008-07-09 07:38:24 26,488 ----a-w c:\windows\$hf_mig$\KB960715\update\spcustom.dll
+ 2008-11-15 17:18:04 755,576 ----a-w c:\windows\$hf_mig$\KB960715\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB960715\update\updspapi.dll
+ 2008-12-20 23:55:43 124,928 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\advpack.dll
+ 2008-12-20 23:55:44 347,136 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\dxtmsft.dll
+ 2008-12-20 23:55:44 214,528 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\dxtrans.dll
+ 2008-12-20 23:55:44 132,608 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\extmgr.dll
+ 2008-12-20 23:55:45 63,488 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\icardie.dll
+ 2008-12-19 09:41:51 70,656 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ie4uinit.exe
+ 2008-12-20 23:55:45 153,088 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieakeng.dll
+ 2008-12-20 23:55:45 230,400 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieaksie.dll
+ 2008-12-19 05:24:02 161,792 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieapfltr.dat
+ 2008-12-20 23:55:46 380,928 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieapfltr.dll
+ 2008-12-20 23:55:46 388,608 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iedkcs32.dll
+ 2008-12-20 23:55:50 6,068,736 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieframe.dll
+ 2008-12-20 23:55:50 44,544 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iernonce.dll
+ 2008-12-20 23:55:50 267,776 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iertutil.dll
+ 2008-12-19 09:41:52 13,824 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieudinit.exe
+ 2008-12-19 05:25:30 634,024 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
+ 2008-12-20 23:55:51 27,648 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\jsproxy.dll
+ 2008-12-20 23:55:51 459,264 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msfeeds.dll
+ 2008-12-20 23:55:51 52,224 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msfeedsbs.dll
+ 2009-01-16 16:24:38 3,596,288 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
+ 2008-12-20 23:55:56 477,696 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtmled.dll
+ 2008-12-20 23:55:56 193,024 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msrating.dll
+ 2008-12-20 23:55:57 671,232 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mstime.dll
+ 2008-12-20 23:55:57 102,912 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\occache.dll
+ 2008-12-20 23:55:57 44,544 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\pngfilt.dll
+ 2008-12-20 23:55:57 105,984 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\url.dll
+ 2008-12-20 23:55:59 1,163,264 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\urlmon.dll
+ 2008-12-20 23:55:59 233,472 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\webcheck.dll
+ 2008-12-20 23:56:00 827,904 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB961260-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB961260-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\updspapi.dll
+ 2008-06-17 19:04:34 8,461,824 ----a-w c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll
+ 2008-07-09 07:38:24 17,272 ----a-w c:\windows\$hf_mig$\KB967715\spmsg.dll
+ 2008-07-09 07:38:25 231,288 ----a-w c:\windows\$hf_mig$\KB967715\spuninst.exe
+ 2008-07-09 07:38:24 26,488 ----a-w c:\windows\$hf_mig$\KB967715\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB967715\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB967715\update\updspapi.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB938464-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB938464-v2$\spuninst\updspapi.dll
+ 2008-04-14 00:12:15 139,264 -c----w c:\windows\$NtUninstallKB951978$\cscript.exe
+ 2008-04-14 00:11:56 512,000 -c----w c:\windows\$NtUninstallKB951978$\jscript.dll
+ 2008-04-14 00:12:05 180,224 -c----w c:\windows\$NtUninstallKB951978$\scrobj.dll
+ 2008-04-14 00:12:05 172,032 -c----w c:\windows\$NtUninstallKB951978$\scrrun.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951978$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951978$\spuninst\updspapi.dll
+ 2008-04-14 00:12:08 434,176 -c----w c:\windows\$NtUninstallKB951978$\vbscript.dll
+ 2008-04-14 00:12:41 155,648 -c----w c:\windows\$NtUninstallKB951978$\wscript.exe
+ 2008-04-14 00:12:10 90,112 -c----w c:\windows\$NtUninstallKB951978$\wshext.dll
+ 2006-10-19 00:03:58 100,864 -c----w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 14:41:48 231,288 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 14:41:48 382,840 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-19 01:47:20 937,984 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-19 01:47:22 2,450,944 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2008-04-14 00:12:01 1,306,624 -c----w c:\windows\$NtUninstallKB954459$\msxml6.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB954459$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll
+ 2008-04-14 00:12:07 246,814 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2008-04-14 00:12:01 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe
+ 2008-07-09 18:08:38 382,840 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll
+ 2008-04-14 00:12:38 60,416 -c----w c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2008-04-14 00:11:54 285,184 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
+ 2008-04-13 19:17:01 456,576 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe
+ 2008-07-08 13:02:12 382,840 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll
+ 2008-09-08 10:41:42 333,824 -c----w c:\windows\$NtUninstallKB958687$\srv.sys
+ 2008-07-09 07:38:25 231,288 -c----w c:\windows\$NtUninstallKB958690$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB958690$\spuninst\updspapi.dll
+ 2008-09-15 12:12:56 1,846,400 -c----w c:\windows\$NtUninstallKB958690$\win32k.sys
+ 2007-07-27 13:41:48 231,288 -c----w c:\windows\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe
+ 2007-07-27 13:41:48 382,840 -c----w c:\windows\$NtUninstallKB959772_WM11$\spuninst\updspapi.dll
+ 2007-06-12 03:51:12 10,834,944 -c----w c:\windows\$NtUninstallKB959772_WM11$\wmp.dll
+ 2008-04-14 00:12:05 144,384 -c----w c:\windows\$NtUninstallKB960225$\schannel.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB960225$\spuninst\updspapi.dll
+ 2008-07-09 07:38:25 231,288 -c----w c:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB960715$\spuninst\updspapi.dll
+ 2008-04-14 00:12:05 8,461,312 -c----w c:\windows\$NtUninstallKB967715$\shell32.dll
+ 2008-07-09 07:38:25 231,288 -c----w c:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB967715$\spuninst\updspapi.dll
+ 2009-03-20 21:23:28 574,464 ----a-w c:\windows\A Fairy Tale\uninstall.exe
+ 2009-04-08 00:31:13 574,464 ----a-w c:\windows\Adventure Chronicles The Search for Lost Treasure\uninstall.exe
+ 2009-03-20 21:25:06 574,464 ----a-w c:\windows\Alice Greenfingers 2\uninstall.exe
+ 2009-03-20 21:27:51 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-03-20 21:27:51 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-03-20 21:27:52 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-03-20 21:27:40 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:41 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:42 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:42 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:43 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:44 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:44 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:44 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:45 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:52 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-20 21:27:52 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-03-20 21:27:52 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-03-20 21:27:53 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2009-03-20 21:27:53 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-03-20 21:27:50 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-01-23 02:40:36 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-01-23 02:40:40 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-01-23 02:40:50 4,546,560 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-01-23 02:40:49 486,400 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-01-23 02:40:51 2,933,248 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-01-23 02:40:49 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-01-23 02:40:49 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-01-23 02:40:43 261,632 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-01-23 02:40:31 5,238,784 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-01-23 02:40:35 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-01-23 02:40:32 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-01-23 02:40:35 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-01-23 02:40:36 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-01-23 02:40:37 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-01-23 02:40:38 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-01-23 02:40:44 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-01-23 02:40:45 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-01-23 02:40:48 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-01-23 02:40:48 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-01-23 02:40:41 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-01-23 02:40:40 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-01-23 02:40:39 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-01-23 02:40:42 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-01-23 02:40:39 659,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-01-23 02:40:50 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-01-23 02:40:42 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-01-23 02:40:39 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-01-23 02:40:37 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-01-23 02:40:49 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-01-23 02:40:49 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-01-23 02:40:51 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-01-23 02:40:47 745,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-01-23 02:40:44 970,752 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-01-23 02:40:35 5,062,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-01-23 02:40:42 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-01-23 02:40:43 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-01-23 02:40:34 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-01-23 02:40:52 626,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-01-23 02:40:48 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-01-23 02:40:45 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-01-23 02:40:45 303,104 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-01-23 02:40:43 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-01-23 02:40:53 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-01-23 02:40:52 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-01-23 02:40:33 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-01-23 02:40:32 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-01-23 02:40:33 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-01-23 02:40:34 5,025,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-01-23 02:40:52 2,048,000 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-01-23 02:40:41 3,149,824 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-01-23 09:57:46 25,600 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll
+ 2009-01-23 09:57:50 842,240 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c7ffd8c23e8de4018a88185b3b60631e\AspNetMMCExt.ni.dll
+ 2009-01-23 09:57:51 220,672 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e148983beeb0f30918b0564849a16456\CustomMarshalers.ni.dll
+ 2009-01-23 09:57:51 14,336 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a2865dcec9c5d3cc9c55f026cbad6fcc\dfsvc.ni.exe
+ 2009-01-23 09:57:53 838,656 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\daf5ff5e06c80eefa80c6fcc79aec963\Microsoft.Build.Engine.ni.dll
+ 2009-01-23 09:57:53 65,024 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\36dbc4689f7c51e393504230004c9dec\Microsoft.Build.Framework.ni.dll
+ 2009-01-23 09:57:56 1,620,480 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\152cf75db013f0523933ac45177b4217\Microsoft.Build.Tasks.ni.dll
+ 2009-01-23 09:57:57 144,384 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\43dceeb2d0601d79af40752fb20283c2\Microsoft.Build.Utilities.ni.dll
+ 2009-01-23 09:57:59 1,711,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll
+ 2009-01-23 02:43:33 11,485,184 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
+ 2009-01-23 09:58:01 970,752 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
+ 2009-01-23 02:43:52 6,614,016 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll
+ 2009-01-23 09:58:02 1,800,704 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\df1efcbac5973454c608890f72eb994d\System.Deployment.ni.dll
+ 2009-01-23 02:44:05 10,681,344 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\204db7071fb26343b0fd3f3d140c0bf8\System.Design.ni.dll
+ 2009-01-23 09:58:05 455,680 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\44de75caba2b9711b3d9030a30767f8b\System.DirectoryServices.Protocols.ni.dll
+ 2009-01-23 09:58:04 1,116,672 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6bcc481030a56c24d5990d199812c594\System.DirectoryServices.ni.dll
+ 2009-01-23 02:44:12 208,384 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\5f5d64dd0e7991aaaad2d98ee52afe42\System.Drawing.Design.ni.dll
+ 2009-01-23 02:44:09 1,587,200 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll
+ 2009-01-23 09:58:06 627,712 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll
+ 2009-01-23 09:58:06 280,064 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.Wrapper.dll
+ 2009-01-23 09:58:07 676,352 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll
+ 2009-01-23 09:58:08 212,992 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
+ 2009-01-23 09:58:09 627,200 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll
+ 2009-01-23 09:58:21 2,209,280 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\e5995a34d44ad5af7d9f335075bded4d\System.Web.Mobile.ni.dll
+ 2009-01-23 09:58:22 202,240 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\70764208219715962d310336b5959dfa\System.Web.RegularExpressions.ni.dll
+ 2009-01-23 09:58:24 1,840,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll
+ 2009-01-23 09:58:18 11,791,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll
+ 2009-01-23 02:44:23 12,428,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll
+ 2009-01-23 02:44:29 5,449,728 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll
+ 2009-01-23 02:43:45 7,867,392 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
+ 2009-03-20 21:25:22 574,464 ----a-w c:\windows\Build a lot 3 Passport to Europe\uninstall.exe
+ 2009-03-20 14:03:02 574,464 ----a-w c:\windows\Cooking Academy 2 World Cuisine\uninstall.exe
+ 2008-07-06 12:06:10 89,088 ------w c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-07-06 12:06:10 765,440 ------w c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2008-07-06 12:06:10 198,656 ------w c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2008-07-06 12:06:10 373,248 ------w c:\windows\Driver Cache\i386\unidrv.dll
+ 2008-07-06 12:06:10 744,960 ------w c:\windows\Driver Cache\i386\unidrvui.dll
+ 2008-03-13 04:52:36 761,344 ------w c:\windows\Driver Cache\i386\unires.dll
- 2005-10-21 01:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2009-03-20 14:04:50 574,464 ----a-w c:\windows\Farm Craft\uninstall.exe
+ 2009-03-20 14:01:17 451,072 ----a-w c:\windows\Farm Frenzy 2\uninstall.exe
+ 2009-03-20 14:02:31 574,464 ----a-w c:\windows\Farm Frenzy Pizza Party\uninstall.exe
+ 2009-03-20 14:03:42 574,464 ----a-w c:\windows\Farm Mania\uninstall.exe
+ 2009-03-20 14:04:17 574,464 ----a-w c:\windows\Funky Farm 2\uninstall.exe
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 07:24:28 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 07:24:28 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 07:24:28 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:37:59 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 07:24:28 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 07:24:28 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 07:24:29 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 07:24:29 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 07:24:30 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-27 08:24:32 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll
+ 2008-08-26 07:24:30 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 07:24:30 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 07:24:30 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 07:24:30 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-10-17 07:08:40 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
+ 2008-10-16 20:38:34 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll
+ 2008-10-16 20:38:34 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
+ 2008-10-16 20:38:34 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
+ 2008-10-16 20:38:35 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
+ 2008-10-16 20:38:35 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll
+ 2008-10-16 13:11:09 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
+ 2008-10-16 20:38:35 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
+ 2008-10-16 20:38:35 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
+ 2008-10-16 20:38:35 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
+ 2008-10-16 20:38:35 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
+ 2008-10-16 20:38:37 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
+ 2008-10-16 20:38:37 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
+ 2008-10-16 20:38:37 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
+ 2008-10-16 20:38:37 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
+ 2008-10-16 20:38:37 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
+ 2008-10-16 20:38:37 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
+ 2008-12-13 06:40:02 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
+ 2008-10-16 20:38:38 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
+ 2008-10-16 20:38:38 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll
+ 2008-10-16 20:38:39 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll
+ 2008-10-16 20:38:39 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll
+ 2008-10-16 20:38:39 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
+ 2008-10-16 20:38:39 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll
+ 2008-10-16 20:38:39 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
+ 2008-10-16 20:38:39 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
+ 2008-10-16 20:38:40 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll
+ 2008-04-14 00:10:34 175,104 ----a-w c:\windows\ime\chsime\applets\PINTLCSA.DLL
+ 2008-04-14 00:10:34 53,760 ----a-w c:\windows\ime\chsime\applets\PINTLCSD.DLL
+ 2008-04-14 00:09:05 97,792 ----a-w c:\windows\ime\CHTIME\Applets\CHTMBX.DLL
+ 2008-04-14 00:09:05 56,320 ----a-w c:\windows\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2008-04-14 00:09:05 173,568 ----a-w c:\windows\ime\CHTIME\Applets\CHTSKF.DLL
+ 2004-08-04 10:00:00 10,096,640 ----a-w c:\windows\ime\CHTIME\Applets\HWXCHT.DLL
+ 2008-04-14 00:09:39 13,463,552 ----a-w c:\windows\ime\imjp8_1\applets\hwxjpn.dll
+ 2004-08-04 10:00:00 471,102 ----a-w c:\windows\ime\imjp8_1\applets\imskdic.dll
+ 2008-04-14 00:09:47 315,455 ----a-w c:\windows\ime\imjp8_1\applets\imskf.dll
+ 2004-08-04 10:00:00 229,439 ----a-w c:\windows\ime\imjp8_1\applets\multibox.dll
+ 2004-08-04 10:00:00 143,422 ----a-w c:\windows\ime\imjp8_1\applets\softkey.dll
+ 2008-04-14 00:11:04 426,041 ----a-w c:\windows\ime\imjp8_1\applets\voicepad.dll
+ 2008-04-14 00:11:04 86,073 ----a-w c:\windows\ime\imjp8_1\applets\voicesub.dll
+ 2004-08-04 02:31:40 57,399 ----a-w c:\windows\ime\imjp8_1\cplexe.exe
+ 2008-04-14 00:09:45 368,696 ----a-w c:\windows\ime\imjp8_1\imjpcic.dll
+ 2008-04-14 00:09:45 716,856 ----a-w c:\windows\ime\imjp8_1\imjpcus.dll
+ 2004-08-04 10:00:00 57,398 ----a-w c:\windows\ime\imjp8_1\imjpdadm.exe
+ 2008-04-14 00:09:45 81,976 ----a-w c:\windows\ime\imjp8_1\imjpdct.dll
+ 2004-08-04 02:31:54 307,257 ----a-w c:\windows\ime\imjp8_1\imjpdct.exe
+ 2004-08-04 02:31:56 155,705 ----a-w c:\windows\ime\imjp8_1\imjpdsvr.exe
+ 2004-08-04 02:31:58 196,665 ----a-w c:\windows\ime\imjp8_1\imjpinst.exe
+ 2004-08-04 02:32:00 208,952 ----a-w c:\windows\ime\imjp8_1\imjpmig.exe
+ 2004-08-04 02:32:12 233,527 ----a-w c:\windows\ime\imjp8_1\imjprw.exe
+ 2004-08-04 10:00:00 45,109 ----a-w c:\windows\ime\imjp8_1\imjpuex.exe
+ 2004-08-04 02:32:16 262,200 ----a-w c:\windows\ime\imjp8_1\imjputy.exe
+ 2008-04-14 00:09:46 274,489 ----a-w c:\windows\ime\imjp8_1\imjputyc.dll
+ 2004-08-04 10:00:00 10,129,408 ----a-w c:\windows\ime\imkr6_1\applets\hwxkor.dll
+ 2008-04-14 00:09:43 86,016 ----a-w c:\windows\ime\imkr6_1\applets\imekrmbx.dll
+ 2004-08-04 10:00:00 36,864 ----a-w c:\windows\ime\imkr6_1\dicts\hanjadic.dll
+ 2008-04-14 00:09:43 106,496 ----a-w c:\windows\ime\imkr6_1\imekrcic.dll
+ 2004-08-04 10:00:00 44,032 ----a-w c:\windows\ime\imkr6_1\imekrmig.exe
+ 2004-08-04 10:00:00 59,904 ----a-w c:\windows\ime\imkr6_1\imkrinst.exe
+ 2004-08-04 10:00:00 102,463 ----a-w c:\windows\ime\shared\imepadsm.dll
+ 2004-08-04 10:00:00 311,359 ----a-w c:\windows\ime\shared\imepadsv.exe
+ 2008-04-14 00:09:46 102,456 ----a-w c:\windows\ime\shared\imlang.dll
+ 2008-04-14 00:10:33 15,872 ----a-w c:\windows\ime\shared\res\PADRS404.DLL
+ 2004-08-04 10:00:00 36,927 ----a-w c:\windows\ime\shared\res\padrs411.dll
+ 2004-08-04 10:00:00 14,336 ----a-w c:\windows\ime\shared\res\padrs412.dll
+ 2008-04-14 00:10:33 15,360 ----a-w c:\windows\ime\shared\res\padrs804.dll
+ 2008-11-12 05:27:39 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2008-12-02 04:48:54 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
+ 2009-03-27 02:16:27 574,464 ----a-w c:\windows\Jetsetter\uninstall.exe
+ 2005-03-18 20:23:10 53,248 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2005-03-18 20:23:10 12,800 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2005-03-18 20:23:14 473,600 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2004-09-29 16:38:58 2,676,224 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-03-18 20:23:10 145,920 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2005-03-18 20:23:10 159,232 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2005-03-18 20:23:14 364,544 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2005-03-18 20:23:12 178,176 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2005-03-18 20:23:14 223,232 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2004-12-01 19:53:06 2,846,720 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-02-05 23:32:54 563,712 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-03-18 21:23:14 567,296 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-05-26 19:15:56 576,000 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-07-22 21:21:34 577,024 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-09-28 18:11:52 577,536 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-12-05 21:20:50 577,536 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-02-03 11:40:48 578,560 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-03-31 15:27:50 578,560 ----a-w c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
- 2003-02-21 00:09:46 57,344 ----a-w c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-25 16:16:58 82,944 ----a-w c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
- 2003-02-21 00:09:32 5,120 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 16:16:58 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 16:17:02 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 16:17:02 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 16:17:02 16,896 ----a-w c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2003-02-20 23:43:50 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 16:16:58 96,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 16:16:42 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 16:16:48 145,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 16:16:50 13,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 16:17:10 193,016 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 16:16:36 218,112 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 16:17:00 10,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 16:17:02 147,968 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 16:16:44 98,808 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 16:17:02 58,880 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 16:16:40 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 16:16:40 22,024 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 16:16:40 17,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 16:16:40 33,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 16:16:38 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 16:16:40 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 16:16:40 33,288 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 16:16:40 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 16:16:40 34,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 16:16:40 33,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 16:16:40 507,904 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 16:17:00 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 16:17:00 89,608 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-07-25 16:16:50 80,376 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 16:16:50 1,163,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2008-07-25 16:16:50 13,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 16:17:02 27,136 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 16:17:00 69,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 16:16:50 35,320 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 16:16:46 62,968 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 16:16:46 5,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-07-25 16:17:16 575,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 16:17:00 798,224 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 16:16:58 18,936 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 16:17:00 9,728 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 16:17:02 8,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 16:17:00 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 16:17:00 6,656 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 16:17:00 230,904 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 16:17:00 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 16:17:00 65,032 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 16:17:00 72,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 16:16:54 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 16:16:56 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 16:16:56 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 16:16:56 655,360 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 16:16:56 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 16:16:54 749,568 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 16:17:14 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 16:17:14 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 16:17:12 659,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 16:16:38 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 16:17:16 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 16:16:38 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 16:16:38 12,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 16:16:38 7,168 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 16:16:40 97,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 16:16:56 69,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 16:17:02 998,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 16:17:00 83,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 16:17:00 308,224 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-07-25 16:17:00 46,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 16:17:00 367,104 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 16:17:00 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 16:17:00 4,546,560 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 16:17:00 114,176 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-07-25 16:17:04 345,600 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 16:17:00 77,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 16:16:58 18,944 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 16:17:02 230,912 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 16:17:02 69,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 16:17:02 19,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 16:16:58 5,815,296 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-07-25 16:17:04 31,744 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 16:17:02 100,856 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 16:17:02 24,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 16:17:02 88,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 16:16:58 143,360 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 16:17:00 53,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 16:17:00 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 16:17:06 61,952 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 16:17:02 16,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 16:17:00 118,784 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 16:17:04 95,232 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 16:17:02 392,184 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 16:17:02 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 16:17:02 425,984 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 16:17:00 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 16:17:00 2,933,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-07-25 16:17:02 486,400 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 16:17:02 745,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-07-25 16:16:46 970,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 16:17:00 5,062,656 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 16:17:00 401,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 16:17:02 188,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 16:17:00 3,149,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 16:17:00 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 16:17:00 626,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 16:17:02 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 16:17:02 57,392 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 16:17:02 113,664 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 16:17:00 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 16:17:00 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 16:17:00 303,104 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 16:17:00 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 16:17:00 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 16:17:00 114,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 16:17:02 261,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 16:17:00 5,238,784 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 16:17:02 835,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 16:17:02 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 16:17:00 839,680 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 16:17:00 5,025,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-07-25 16:17:00 2,048,000 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 16:17:02 81,400 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 16:17:10 1,172,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-25 16:16:38 1,344,000 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 16:16:40 438,272 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 16:17:02 37,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2009-03-27 02:14:04 574,464 ----a-w c:\windows\Mortimer Beckett and the Time Paradox\uninstall.exe
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0404.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt0412.dll
+ 2007-04-02 18:26:02 19,456 ----a-w c:\windows\msagent\intl\agt0804.dll
+ 2009-03-20 14:07:50 574,464 ----a-w c:\windows\Mushroom Age\uninstall.exe
+ 2009-04-08 00:31:48 574,464 ----a-w c:\windows\Mystery P I The New York Fortune\uninstall.exe
- 2000-08-31 13:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 12:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
+ 2009-04-08 00:32:08 574,464 ----a-w c:\windows\Paranormal Agency\uninstall.exe
+ 2009-03-20 21:24:10 574,464 ----a-w c:\windows\Party Down\uninstall.exe
+ 2009-03-27 02:18:42 574,464 ----a-w c:\windows\Samantha Swift and the Hidden Roses of Athena\uninstall.exe
+ 2009-03-20 14:09:57 574,464 ----a-w c:\windows\SKIP BO Castaway Caper\uninstall.exe
- 2000-08-31 13:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 12:00:00 161,792 ----a-w c:\windows\SWREG.exe
- 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-12-20 23:15:11 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2007-07-03 16:48:28 36,864 ----a-w c:\windows\system32\ascbalon.dll
+ 2008-04-14 00:11:50 218,112 ----a-w c:\windows\system32\c_g18030.dll
+ 2004-08-04 10:00:00 6,656 ----a-w c:\windows\system32\c_is2022.dll
- 2008-07-19 02:10:48 94,920 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 19:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
+ 2004-08-04 10:00:00 1,677,824 ----a-w c:\windows\system32\chsbrkr.dll
+ 2004-08-04 10:00:00 838,144 ----a-w c:\windows\system32\chtbrkr.dll
+ 2008-08-20 22:44:32 45,056 ----a-w c:\windows\system32\CreateLog.dll
- 2008-04-14 00:12:15 139,264 ----a-w c:\windows\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\system32\cscript.exe
+ 2007-03-12 20:42:30 1,123,696 ----a-w c:\windows\system32\D3DCompiler_33.dll
+ 2007-05-16 20:45:16 1,124,720 ----a-w c:\windows\system32\D3DCompiler_34.dll
+ 2007-07-19 22:14:42 1,358,192 ----a-w c:\windows\system32\D3DCompiler_35.dll
+ 2007-10-12 19:14:00 1,374,232 ----a-w c:\windows\system32\D3DCompiler_36.dll
+ 2008-03-05 19:56:58 1,420,824 ----a-w c:\windows\system32\D3DCompiler_37.dll
+ 2008-05-30 18:11:46 1,491,992 ----a-w c:\windows\system32\D3DCompiler_38.dll
+ 2008-07-10 15:00:58 1,493,528 ----a-w c:\windows\system32\D3DCompiler_39.dll
+ 2008-10-10 08:52:38 2,036,576 ----a-w c:\windows\system32\D3DCompiler_40.dll
+ 2007-03-15 20:57:58 443,752 ----a-w c:\windows\system32\d3dx10_33.dll
+ 2007-05-16 20:45:16 443,752 ----a-w c:\windows\system32\d3dx10_34.dll
+ 2007-07-19 22:14:42 444,776 ----a-w c:\windows\system32\d3dx10_35.dll
+ 2007-10-02 13:56:34 444,776 ----a-w c:\windows\system32\d3dx10_36.dll
+ 2008-02-06 03:07:36 462,864 ----a-w c:\windows\system32\d3dx10_37.dll
+ 2008-05-30 18:11:46 467,984 ----a-w c:\windows\system32\d3dx10_38.dll
+ 2008-07-10 15:01:00 467,984 ----a-w c:\windows\system32\d3dx10_39.dll
+ 2008-10-10 08:52:38 452,440 ----a-w c:\windows\system32\d3dx10_40.dll
+ 2005-02-05 23:45:26 2,222,800 ----a-w c:\windows\system32\d3dx9_24.dll
+ 2005-03-18 21:19:58 2,337,488 ----a-w c:\windows\system32\d3dx9_25.dll
+ 2005-05-26 19:34:52 2,297,552 ----a-w c:\windows\system32\d3dx9_26.dll
+ 2005-07-22 23:59:04 2,319,568 ----a-w c:\windows\system32\d3dx9_27.dll
+ 2005-12-05 22:09:18 2,323,664 ----a-w c:\windows\system32\d3dx9_28.dll
+ 2006-02-03 12:43:16 2,332,368 ----a-w c:\windows\system32\d3dx9_29.dll
+ 2006-03-31 16:40:58 2,388,176 ----a-w c:\windows\system32\d3dx9_30.dll
+ 2006-09-28 21:05:20 2,414,360 ----a-w c:\windows\system32\d3dx9_31.dll
+ 2006-11-29 17:06:18 3,426,072 ----a-w c:\windows\system32\d3dx9_32.dll
+ 2007-03-12 20:42:30 3,495,784 ----a-w c:\windows\system32\d3dx9_33.dll
+ 2007-07-19 23:14:42 3,727,720 ----a-w c:\windows\system32\d3dx9_35.dll
+ 2007-10-12 19:14:00 3,734,536 ----a-w c:\windows\system32\d3dx9_36.dll
+ 2008-03-05 19:56:58 3,786,760 ----a-w c:\windows\system32\D3DX9_37.dll
+ 2008-05-30 18:11:46 3,850,760 ----a-w c:\windows\system32\D3DX9_38.dll
+ 2008-07-10 15:00:58 3,851,784 ----a-w c:\windows\system32\D3DX9_39.dll
+ 2008-10-10 08:52:38 4,379,984 ----a-w c:\windows\system32\D3DX9_40.dll
+ 2008-11-07 03:47:41 410,976 ----a-w c:\windows\system32\deploytk.dll
+ 2008-07-25 16:16:46 96,760 ----a-w c:\windows\system32\dfshim.dll
- 2008-08-26 07:24:28 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-12-20 23:15:11 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\system32\dllcache\agt0404.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\system32\dllcache\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\system32\dllcache\agt0412.dll
+ 2007-04-02 18:26:02 19,456 ----a-w c:\windows\system32\dllcache\agt0804.dll
+ 2008-04-14 00:11:50 218,112 ----a-w c:\windows\system32\dllcache\c_g18030.dll
+ 2004-08-04 10:00:00 6,656 ----a-w c:\windows\system32\dllcache\c_is2022.dll
- 2008-07-19 02:10:48 94,920 ----a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 19:09:44 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
+ 2004-08-04 10:00:00 1,677,824 ----a-w c:\windows\system32\dllcache\chsbrkr.dll
+ 2004-08-04 10:00:00 838,144 ----a-w c:\windows\system32\dllcache\chtbrkr.dll
+ 2008-04-14 00:09:05 97,792 ----a-w c:\windows\system32\dllcache\chtmbx.dll
+ 2008-04-14 00:09:05 56,320 ----a-w c:\windows\system32\dllcache\chtskdic.dll
+ 2008-04-14 00:09:05 173,568 ----a-w c:\windows\system32\dllcache\chtskf.dll
+ 2008-04-14 00:09:06 198,656 ----a-w c:\windows\system32\dllcache\cintime.dll
+ 2004-08-04 02:31:56 480,256 ----a-w c:\windows\system32\dllcache\cintsetp.exe
+ 2004-08-04 02:31:40 57,399 ----a-w c:\windows\system32\dllcache\cplexe.exe
+ 2008-05-07 09:07:23 135,168 ------w c:\windows\system32\dllcache\cscript.exe
- 2008-08-26 07:24:28 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 07:24:28 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 07:24:28 133,120 ------w c:\windows\system32\dllcache\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ------w c:\windows\system32\dllcache\extmgr.dll
+ 2008-04-14 00:09:30 7,168 ----a-w c:\windows\system32\dllcache\f3ahvoas.dll
+ 2008-07-06 12:06:10 89,088 ------w c:\windows\system32\dllcache\filterpipelineprintproc.dll
+ 2008-10-23 12:36:14 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
+ 2004-08-04 10:00:00 36,864 ----a-w c:\windows\system32\dllcache\hanjadic.dll
+ 2004-08-04 10:00:00 10,096,640 ----a-w c:\windows\system32\dllcache\hwxcht.dll
+ 2008-04-14 00:09:39 13,463,552 ----a-w c:\windows\system32\dllcache\hwxjpn.dll
+ 2004-08-04 10:00:00 10,129,408 ----a-w c:\windows\system32\dllcache\hwxkor.dll
- 2008-08-26 07:24:28 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-12-20 23:15:13 63,488 ------w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:37:59 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 07:24:28 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:24:28 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
- 2008-08-26 07:24:28 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-12-20 23:15:15 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 07:24:29 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 17:41:15 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-12-20 23:15:21 6,066,688 ------w c:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 07:24:29 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
+ 2008-12-20 23:15:21 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:24:29 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-12-20 23:15:22 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
- 2008-08-25 08:38:00 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
- 2008-08-23 05:56:15 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
+ 2008-12-19 05:25:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
+ 2008-04-14 00:09:43 106,496 ----a-w c:\windows\system32\dllcache\imekrcic.dll
+ 2008-04-14 00:09:43 86,016 ----a-w c:\windows\system32\dllcache\imekrmbx.dll
+ 2004-08-04 10:00:00 44,032 ----a-w c:\windows\system32\dllcache\imekrmig.exe
+ 2004-08-04 10:00:00 102,463 ----a-w c:\windows\system32\dllcache\imepadsm.dll
+ 2004-08-04 10:00:00 311,359 ----a-w c:\windows\system32\dllcache\imepadsv.exe
+ 2008-04-14 00:09:44 811,064 ----a-w c:\windows\system32\dllcache\imjp81k.dll
+ 2008-04-14 00:09:45 368,696 ----a-w c:\windows\system32\dllcache\imjpcic.dll
+ 2008-04-14 00:09:45 716,856 ----a-w c:\windows\system32\dllcache\imjpcus.dll
+ 2004-08-04 10:00:00 57,398 ----a-w c:\windows\system32\dllcache\imjpdadm.exe
+ 2008-04-14 00:09:45 81,976 ----a-w c:\windows\system32\dllcache\imjpdct.dll
+ 2004-08-04 02:31:54 307,257 ----a-w c:\windows\system32\dllcache\imjpdct.exe
+ 2004-08-04 02:31:56 155,705 ----a-w c:\windows\system32\dllcache\imjpdsvr.exe
+ 2004-08-04 02:31:58 196,665 ----a-w c:\windows\system32\dllcache\imjpinst.exe
+ 2004-08-04 02:32:00 208,952 ----a-w c:\windows\system32\dllcache\imjpmig.exe
+ 2004-08-04 02:32:12 233,527 ----a-w c:\windows\system32\dllcache\imjprw.exe
+ 2004-08-04 10:00:00 45,109 ----a-w c:\windows\system32\dllcache\imjpuex.exe
+ 2004-08-04 02:32:16 262,200 ----a-w c:\windows\system32\dllcache\imjputy.exe
+ 2008-04-14 00:09:46 274,489 ----a-w c:\windows\system32\dllcache\imjputyc.dll
+ 2004-08-04 10:00:00 59,904 ----a-w c:\windows\system32\dllcache\imkrinst.exe
+ 2008-04-14 00:09:46 102,456 ----a-w c:\windows\system32\dllcache\imlang.dll
+ 2004-08-04 02:31:50 59,392 ----a-w c:\windows\system32\dllcache\imscinst.exe
+ 2004-08-04 10:00:00 471,102 ----a-w c:\windows\system32\dllcache\imskdic.dll
+ 2008-04-14 00:09:47 315,455 ----a-w c:\windows\system32\dllcache\imskf.dll
+ 2008-05-09 10:53:39 512,000 ------w c:\windows\system32\dllcache\jscript.dll
- 2008-08-26 07:24:30 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\dllcache\kbd101.dll
+ 2004-08-04 10:00:00 6,144 ----a-w c:\windows\system32\dllcache\kbd101a.dll
+ 2001-08-17 18:55:56 6,144 ----a-w c:\windows\system32\dllcache\kbd101b.dll
+ 2001-08-17 18:55:56 6,144 ----a-w c:\windows\system32\dllcache\kbd101c.dll
+ 2001-08-17 18:55:56 5,632 ----a-w c:\windows\system32\dllcache\kbd103.dll
+ 2008-04-13 23:09:56 6,144 ----a-w c:\windows\system32\dllcache\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\dllcache\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\dllcache\kbdax2.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\dllcache\kbdibm02.dll
+ 2001-08-18 02:36:18 8,704 ----a-w c:\windows\system32\dllcache\kbdjpn.dll
+ 2001-08-18 02:36:18 8,192 ----a-w c:\windows\system32\dllcache\kbdkor.dll
+ 2008-04-14 00:09:55 6,656 ----a-w c:\windows\system32\dllcache\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\dllcache\kbdlk41j.dll
+ 2004-08-04 10:00:00 7,168 ----a-w c:\windows\system32\dllcache\kbdnec95.dll
+ 2004-08-04 10:00:00 9,216 ----a-w c:\windows\system32\dllcache\kbdnecat.dll
+ 2004-08-04 10:00:00 7,680 ----a-w c:\windows\system32\dllcache\kbdnecnt.dll
+ 2004-08-04 10:00:00 70,656 ----a-w c:\windows\system32\dllcache\korwbrkr.dll
+ 2008-06-18 06:09:22 100,864 ------w c:\windows\system32\dllcache\logagent.exe
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
- 2008-08-26 07:24:30 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-20 23:15:23 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 07:24:30 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-26 07:24:30 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 10:00:00 98,304 ----a-w c:\windows\system32\dllcache\msir3jp.dll
- 2008-08-26 07:24:30 193,024 ------w c:\windows\system32\dllcache\msrating.dll
+ 2008-12-20 23:15:31 193,024 ------w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 07:24:30 671,232 ------w c:\windows\system32\dllcache\mstime.dll
+ 2008-12-20 23:15:32 671,232 ------w c:\windows\system32\dllcache\mstime.dll
+ 2008-09-04 17:15:04 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
- 2008-04-14 00:12:01 1,306,624 ------w c:\windows\system32\dllcache\msxml6.dll
+ 2008-09-10 01:14:56 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll
+ 2004-08-04 10:00:00 229,439 ----a-w c:\windows\system32\dllcache\multibox.dll
- 2008-08-26 07:24:30 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-12-20 23:15:38 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 00:10:33 15,872 ----a-w c:\windows\system32\dllcache\padrs404.dll
+ 2004-08-04 10:00:00 36,927 ----a-w c:\windows\system32\dllcache\padrs411.dll
+ 2004-08-04 10:00:00 14,336 ----a-w c:\windows\system32\dllcache\padrs412.dll
+ 2008-04-14 00:10:33 15,360 ----a-w c:\windows\system32\dllcache\padrs804.dll
+ 2008-04-14 00:10:34 175,104 ----a-w c:\windows\system32\dllcache\pintlcsa.dll
+ 2008-04-14 00:10:34 53,760 ----a-w c:\windows\system32\dllcache\pintlcsd.dll
+ 2008-04-13 16:43:36 70,144 ----a-w c:\windows\system32\dllcache\pintlphr.exe
+ 2008-04-14 00:10:34 67,584 ----a-w c:\windows\system32\dllcache\pmigrate.dll
- 2008-08-26 07:24:30 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-07-06 10:50:03 597,504 ------w c:\windows\system32\dllcache\printfilterpipelinesvc.exe
+ 2008-12-05 06:54:55 144,896 ------w c:\windows\system32\dllcache\schannel.dll
+ 2008-05-09 10:53:39 180,224 ------w c:\windows\system32\dllcache\scrobj.dll
+ 2008-05-09 10:53:40 172,032 ------w c:\windows\system32\dllcache\scrrun.dll
+ 2008-06-17 19:02:19 8,461,312 ------w c:\windows\system32\dllcache\shell32.dll
+ 2004-08-04 10:00:00 143,422 ----a-w c:\windows\system32\dllcache\softkey.dll
- 2008-09-08 10:41:42 333,824 ------w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 10:57:09 333,952 ------w c:\windows\system32\dllcache\srv.sys
- 2008-04-14 00:12:07 246,814 ------w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ------w c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-04 02:32:16 44,032 ----a-w c:\windows\system32\dllcache\tintlphr.exe
+ 2004-08-04 02:32:16 455,168 ----a-w c:\windows\system32\dllcache\tintsetp.exe
+ 2008-04-14 00:10:59 10,240 ----a-w c:\windows\system32\dllcache\tmigrate.dll
+ 2008-04-14 00:11:01 76,288 ----a-w c:\windows\system32\dllcache\uniime.dll
- 2008-08-26 07:24:30 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-12-20 23:15:39 105,984 ------w c:\windows\system32\dllcache\url.dll
- 2008-08-26 07:24:31 1,159,680 ------w c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
+ 2008-05-09 10:53:40 430,080 ------w c:\windows\system32\dllcache\vbscript.dll
+ 2008-04-14 00:11:04 426,041 ----a-w c:\windows\system32\dllcache\voicepad.dll
+ 2008-04-14 00:11:04 86,073 ----a-w c:\windows\system32\dllcache\voicesub.dll
- 2008-08-26 07:24:31 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:24:31 826,368 ------w c:\windows\system32\dllcache\wininet.dll
+ 2008-12-20 23:15:41 826,368 ------w c:\windows\system32\dllcache\wininet.dll
+ 2008-06-18 10:03:08 938,496 ------w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-19 01:47:22 2,450,944 ----a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 10:03:14 2,458,112 ----a-w c:\windows\system32\dllcache\WMVCore.dll
+ 2008-05-08 11:24:44 155,648 ------w c:\windows\system32\dllcache\wscript.exe
+ 2008-05-09 10:53:40 90,112 ------w c:\windows\system32\dllcache\wshext.dll
- 2008-07-19 02:09:44 563,912 ----a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 19:12:20 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
- 2008-07-19 02:10:42 53,448 ----a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 19:09:44 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-19 02:09:42 1,811,656 ----a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 19:13:40 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-19 02:09:46 325,832 ----a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 19:12:22 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
- 2008-07-19 02:10:20 36,552 ----a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 19:08:58 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
- 2008-07-19 02:09:44 205,000 ----a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 19:13:40 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-07-06 12:06:10 575,488 ------w c:\windows\system32\dllcache\xpsshhdr.dll
+ 2008-07-06 12:06:10 1,676,288 ------w c:\windows\system32\dllcache\xpssvcs.dll
+ 2008-04-13 18:46:24 17,024 ----a-w c:\windows\system32\drivers\CCDECODE.sys
- 2008-04-13 19:17:01 456,576 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-04-13 18:46:26 85,248 ----a-w c:\windows\system32\drivers\NABTSFEC.sys
+ 2008-04-13 18:46:24 11,136 ----a-w c:\windows\system32\drivers\SLIP.sys
- 2008-09-08 10:41:42 333,824 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-04-13 18:46:24 19,200 ----a-w c:\windows\system32\drivers\WSTCODEC.SYS
- 2008-08-26 07:24:28 347,136 ------w c:\windows\system32\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ------w c:\windows\system32\dxtmsft.dll
- 2008-08-26 07:24:28 214,528 ------w c:\windows\system32\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ------w c:\windows\system32\dxtrans.dll
- 2008-08-26 07:24:28 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-04-14 00:09:30 7,168 ----a-w c:\windows\system32\f3ahvoas.dll
- 2008-11-04 18:37:42 1,517,904 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-04-10 21:30:41 1,570,472 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-04-14 00:11:54 285,184 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\system32\gdi32.dll
- 2008-08-26 07:24:28 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-12-20 23:15:13 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-08-25 08:37:59 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-08-26 07:24:28 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-08-26 07:24:28 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll
- 2008-08-26 07:24:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-12-20 23:15:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 07:24:29 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2008-10-03 17:41:15 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-12-20 23:15:21 6,066,688 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-26 07:24:29 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-12-20 23:15:21 44,544 ------w c:\windows\system32\iernonce.dll
- 2008-08-26 07:24:29 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-12-20 23:15:22 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-04-14 00:09:06 198,656 ----a-w c:\windows\system32\IME\CINTLGNT\CINTIME.DLL
+ 2004-08-04 02:31:56 480,256 ----a-w c:\windows\system32\IME\CINTLGNT\CINTSETP.EXE
+ 2004-08-04 02:31:50 59,392 ----a-w c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
+ 2008-04-13 16:43:36 70,144 ----a-w c:\windows\system32\IME\PINTLGNT\PINTLPHR.EXE
+ 2008-04-14 00:10:34 67,584 ----a-w c:\windows\system32\IME\PINTLGNT\PMIGRATE.DLL
+ 2004-08-04 02:32:16 44,032 ----a-w c:\windows\system32\IME\TINTLGNT\TINTLPHR.EXE
+ 2004-08-04 02:32:16 455,168 ----a-w c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
+ 2008-04-14 00:10:59 10,240 ----a-w c:\windows\system32\IME\TINTLGNT\TMIGRATE.DLL
+ 2008-04-14 00:09:44 811,064 ----a-w c:\windows\system32\imjp81k.dll
- 2008-04-14 00:11:55 47,616 ----a-w c:\windows\system32\iyuv_32.dll
+ 2008-04-14 00:11:56 47,616 ----a-w c:\windows\system32\iyuv_32.dll
- 2005-11-10 16:27:06 49,248 ----a-w c:\windows\system32\java.exe
+ 2008-11-07 03:47:42 144,792 ----a-w c:\windows\system32\java.exe
- 2005-11-10 16:27:16 49,250 ----a-w c:\windows\system32\javaw.exe
+ 2008-11-07 03:47:42 144,792 ----a-w c:\windows\system32\javaw.exe
- 2005-11-10 18:03:54 127,078 ----a-w c:\windows\system32\javaws.exe
+ 2008-11-07 03:47:42 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-04-14 00:11:56 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-05-09 10:53:39 512,000 ----a-w c:\windows\system32\jscript.dll
- 2008-08-26 07:24:30 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbd101.dll
+ 2004-08-04 10:00:00 6,144 ----a-w c:\windows\system32\kbd101a.dll
+ 2001-08-17 18:55:56 6,144 ----a-w c:\windows\system32\kbd101b.dll
+ 2001-08-17 18:55:56 6,144 ----a-w c:\windows\system32\kbd101c.dll
+ 2001-08-17 18:55:56 5,632 ----a-w c:\windows\system32\kbd103.dll
+ 2008-04-13 23:09:56 6,144 ----a-w c:\windows\system32\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdax2.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdibm02.dll
+ 2001-08-18 02:36:18 8,704 ----a-w c:\windows\system32\kbdjpn.dll
+ 2001-08-18 02:36:18 8,192 ----a-w c:\windows\system32\kbdkor.dll
+ 2008-04-14 00:09:55 6,656 ----a-w c:\windows\system32\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdlk41j.dll
+ 2004-08-04 10:00:00 7,168 ----a-w c:\windows\system32\kbdnec95.dll
+ 2004-08-04 10:00:00 9,216 ----a-w c:\windows\system32\kbdnecAT.dll
+ 2004-08-04 10:00:00 7,680 ----a-w c:\windows\system32\kbdnecNT.dll
+ 2004-08-04 10:00:00 70,656 ----a-w c:\windows\system32\korwbrkr.dll
- 2006-10-19 00:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 06:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2009-02-03 02:07:18 240,544 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10b.exe
- 2008-03-25 00:21:00 2,889,088 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2008-03-25 00:21:00 218,496 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-07-05 03:13:51 74,137 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-03-21 03:14:01 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-12-04 04:04:48 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2008-10-07 19:19:40 16,721,856 ----a-w c:\windows\system32\MRT.exe
+ 2009-02-25 16:55:00 24,768,960 ----a-w c:\windows\system32\MRT.exe
- 2006-12-22 16:28:14 271,360 ----a-w c:\windows\system32\mscoree.dll
+ 2008-07-25 16:16:58 282,112 ----a-w c:\windows\system32\mscoree.dll
- 2004-07-15 04:34:06 16,896 ----a-w c:\windows\system32\mscorier.dll
+ 2008-07-25 16:16:58 158,720 ----a-w c:\windows\system32\mscorier.dll
- 2003-02-21 00:09:14 106,496 ----a-w c:\windows\system32\mscories.dll
+ 2008-07-25 16:16:58 83,968 ----a-w c:\windows\system32\mscories.dll
- 2008-08-26 07:24:30 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-12-20 23:15:23 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 07:24:30 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-04-14 00:12:45 294,912 ----a-w c:\windows\system32\msh263.drv
+ 2008-04-14 00:12:46 294,912 ----a-w c:\windows\system32\msh263.drv
- 2008-08-27 08:24:32 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-17 02:35:14 3,594,752 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 07:24:30 477,696 ------w c:\windows\system32\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ------w c:\windows\system32\mshtmled.dll
+ 2004-08-04 10:00:00 98,304 ----a-w c:\windows\system32\msir3jp.dll
- 2008-08-26 07:24:30 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-12-20 23:15:31 193,024 ------w c:\windows\system32\msrating.dll
- 2008-08-26 07:24:30 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-12-20 23:15:32 671,232 ------w c:\windows\system32\mstime.dll
- 2008-04-14 00:12:01 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 19:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 21:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2008-04-14 00:12:01 1,306,624 ----a-w c:\windows\system32\msxml6.dll
+ 2008-09-10 01:14:56 1,307,648 ----a-w c:\windows\system32\msxml6.dll
- 2008-04-14 00:12:01 16,896 ----a-w c:\windows\system32\msyuv.dll
+ 2008-04-14 00:12:02 16,896 ----a-w c:\windows\system32\msyuv.dll
- 2006-12-22 17:02:36 6,144 ----a-w c:\windows\system32\mui\0409\mscorees.dll
+ 2008-07-25 16:17:04 15,360 ----a-w c:\windows\system32\mui\0409\mscorees.dll
- 2008-08-26 07:24:30 102,912 ------w c:\windows\system32\occache.dll
+ 2008-12-20 23:15:38 102,912 ------w c:\windows\system32\occache.dll
- 2008-11-04 19:21:17 53,436 ----a-w c:\windows\system32\perfc009.dat
+ 2009-03-08 11:06:20 63,952 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-04 19:21:17 381,692 ----a-w c:\windows\system32\perfh009.dat
+ 2009-03-08 11:06:20 407,170 ----a-w c:\windows\system32\perfh009.dat
- 2008-08-26 07:24:30 44,544 ------w c:\windows\system32\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ------w c:\windows\system32\pngfilt.dll
+ 2008-07-06 12:06:10 117,760 ------w c:\windows\system32\prntvpt.dll
+ 2006-08-24 21:15:06 150,808 ----a-w c:\windows\system32\rgb9rast_2.dll
- 2008-04-14 00:12:05 144,384 ----a-w c:\windows\system32\schannel.dll
+ 2008-12-05 06:54:55 144,896 ----a-w c:\windows\system32\schannel.dll
- 2008-04-14 00:12:05 180,224 ----a-w c:\windows\system32\scrobj.dll
+ 2008-05-09 10:53:39 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2008-04-14 00:12:05 172,032 ----a-w c:\windows\system32\scrrun.dll
+ 2008-05-09 10:53:40 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2008-04-14 00:12:05 8,461,312 ----a-w c:\windows\system32\shell32.dll
+ 2008-06-17 19:02:19 8,461,312 ----a-w c:\windows\system32\shell32.dll
+ 2008-10-16 19:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 19:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
+ 2008-07-06 12:06:10 765,440 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2008-07-06 12:06:10 198,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2008-07-06 12:06:10 373,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2008-07-06 12:06:10 744,960 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2008-03-13 04:52:36 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2008-07-06 12:06:10 1,676,288 ----a-w c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2008-07-06 12:06:10 89,088 ----a-w c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2008-07-06 10:50:03 597,504 ------w c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2008-07-06 12:06:10 147,456 ----a-w c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2008-07-06 12:06:10 748,032 ----a-w c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2008-07-06 22:36:12 2,936,832 ----a-w c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2008-07-06 12:06:10 748,032 ----a-w c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2008-07-06 22:36:12 2,936,832 ----a-w c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2008-07-06 12:06:10 765,440 ----a-w c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2008-07-06 12:06:10 1,676,288 ----a-w c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2008-07-06 12:06:10 765,440 ----a-w c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2008-07-06 12:06:10 1,676,288 ----a-w c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
- 2007-08-11 00:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-07-27 13:41:38 26,488 ----a-w c:\windows\system32\spupdsvc.exe
- 2008-04-14 00:12:07 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2004-08-04 10:00:00 8,192 ----a-w c:\windows\system32\tsbyuv.dll
+ 2001-08-18 03:36:34 8,192 ----a-w c:\windows\system32\tsbyuv.dll
- 2008-04-14 00:12:38 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ------w c:\windows\system32\tzchange.exe
+ 2008-04-14 00:11:01 76,288 ----a-w c:\windows\system32\uniime.dll
- 2008-08-26 07:24:30 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-12-20 23:15:39 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 07:24:31 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-04-14 00:12:08 434,176 ----a-w c:\windows\system32\vbscript.dll
+ 2008-05-09 10:53:40 430,080 ----a-w c:\windows\system32\vbscript.dll
+ 2008-04-14 00:12:08 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
- 2008-08-26 07:24:31 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-08-26 07:24:31 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-12-20 23:15:41 826,368 ----a-w c:\windows\system32\wininet.dll
- 2006-10-19 01:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 10:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2007-06-12 03:51:12 10,834,944 ----a-w c:\windows\system32\wmp.dll
+ 2008-11-11 22:34:42 10,838,016 ----a-w c:\windows\system32\wmp.dll
- 2006-10-19 01:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 10:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
- 2008-04-14 00:12:41 155,648 ----a-w c:\windows\system32\wscript.exe
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\system32\wscript.exe
- 2008-04-14 00:12:10 90,112 ----a-w c:\windows\system32\wshext.dll
+ 2008-05-09 10:53:40 90,112 ----a-w c:\windows\system32\wshext.dll
- 2008-07-19 02:09:44 563,912 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 19:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2008-07-19 02:10:42 53,448 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 19:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2008-07-19 02:09:42 1,811,656 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 19:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2008-07-19 02:09:46 325,832 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 19:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2008-07-19 02:10:20 36,552 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 19:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2008-07-19 02:10:40 45,768 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 19:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2008-07-19 02:09:44 205,000 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 19:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2006-02-03 12:41:26 14,032 ----a-w c:\windows\system32\x3daudio1_0.dll
+ 2007-03-05 16:42:18 15,128 ----a-w c:\windows\system32\x3daudio1_1.dll
+ 2007-10-22 07:37:16 17,928 ----a-w c:\windows\system32\X3DAudio1_2.dll
+ 2008-03-05 20:00:06 25,608 ----a-w c:\windows\system32\X3DAudio1_3.dll
+ 2008-05-30 18:17:00 25,608 ----a-w c:\windows\system32\X3DAudio1_4.dll
+ 2008-10-27 14:04:16 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
+ 2006-02-03 12:42:06 230,096 ----a-w c:\windows\system32\xactengine2_0.dll
+ 2006-03-31 16:39:48 229,584 ----a-w c:\windows\system32\xactengine2_1.dll
+ 2007-10-22 07:39:54 267,272 ----a-w c:\windows\system32\xactengine2_10.dll
+ 2006-05-31 11:24:16 230,168 ----a-w c:\windows\system32\xactengine2_2.dll
+ 2006-07-28 13:30:32 236,824 ----a-w c:\windows\system32\xactengine2_3.dll
+ 2006-09-28 20:05:56 237,848 ----a-w c:\windows\system32\xactengine2_4.dll
+ 2006-12-08 16:02:00 251,672 ----a-w c:\windows\system32\xactengine2_5.dll
+ 2007-01-24 19:27:30 255,848 ----a-w c:\windows\system32\xactengine2_6.dll
+ 2007-04-04 22:55:00 261,480 ----a-w c:\windows\system32\xactengine2_7.dll
+ 2007-06-21 00:46:04 266,088 ----a-w c:\windows\system32\xactengine2_8.dll
+ 2007-07-20 04:57:12 267,112 ----a-w c:\windows\system32\xactengine2_9.dll
+ 2008-03-05 20:03:20 238,088 ----a-w c:\windows\system32\xactengine3_0.dll
+ 2008-05-30 18:18:52 238,088 ----a-w c:\windows\system32\xactengine3_1.dll
+ 2008-07-30 10:20:54 238,088 ----a-w c:\windows\system32\xactengine3_2.dll
+ 2008-10-27 14:04:16 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
+ 2008-05-30 18:17:30 65,032 ----a-w c:\windows\system32\XAPOFX1_0.dll
+ 2008-07-30 10:20:56 68,616 ----a-w c:\windows\system32\XAPOFX1_1.dll
+ 2008-10-27 14:04:14 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
+ 2008-03-05 20:03:54 479,752 ----a-w c:\windows\system32\XAudio2_0.dll
+ 2008-05-30 18:19:18 507,400 ----a-w c:\windows\system32\XAudio2_1.dll
+ 2008-07-30 10:20:56 509,448 ----a-w c:\windows\system32\XAudio2_2.dll
+ 2008-10-27 14:04:18 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
+ 2006-03-31 16:39:24 62,672 ----a-w c:\windows\system32\xinput1_1.dll
+ 2006-07-28 13:30:14 62,744 ----a-w c:\windows\system32\xinput1_2.dll
+ 2007-04-04 22:53:42 81,768 ----a-w c:\windows\system32\xinput1_3.dll
+ 2005-12-05 22:07:30 61,136 ----a-w c:\windows\system32\xinput9_1_0.dll
+ 2008-07-06 12:06:10 575,488 ------w c:\windows\system32\xpsshhdr.dll
+ 2008-07-06 12:06:10 1,676,288 ------w c:\windows\system32\xpssvcs.dll
+ 2009-03-31 09:33:20 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_114.dat
+ 2009-04-11 10:33:21 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_618.dat
+ 2009-01-23 02:40:36 8,192 ----a-w c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-09-30 21:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 21:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-07-25 16:17:20 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-25 16:17:20 558,080 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 16:17:20 635,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-04-15 17:47:33 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
+ 2009-01-23 02:40:49 258,048 ----a-w c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-01-23 02:40:49 113,664 ----a-w c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2007-08-29 1347584]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-02-20 4363504]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-06 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-06 81920]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-09-17 124200]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-28 17920]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-06-02 267048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-08-05 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-06 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"BearShare"="c:\program files\BearShare\BearShare.exe" [BU]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"nwiz"="nwiz.exe" [2008-04-06 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-06 c:\windows\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-17 68856]

c:\documents and settings\Christy\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-07-22 151552]
Kodak software updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 16423]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\Christy\\Desktop\\My Games\\pwoClient\\pwoClient\\PokemonWorldOnline\\Pokemon Game.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57594:TCP"= 57594:TCP:Pando Media Booster
"57594:UDP"= 57594:UDP:Pando Media Booster

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-03 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-07-03 20560]
.
Contents of the 'Scheduled Tasks' folder

2009-04-07 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Christy.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []

2009-04-11 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll []

2009-04-11 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe []
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://neopets.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
FF - ProfilePath - c:\documents and settings\Christy\Application Data\Mozilla\Firefox\Profiles\1f6uhcnl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://gaiaonline.com/
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?o=101447&l=dis&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-11 22:20:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-04-11 22:22:12
ComboFix-quarantined-files.txt 2009-04-12 02:21:34
ComboFix2.txt 2008-11-04 21:15:04
ComboFix3.txt 2008-11-04 20:41:10
ComboFix4.txt 2008-11-04 20:28:12
ComboFix5.txt 2008-11-04 21:34:38

Pre-Run: 107,282,190,336 bytes free
Post-Run: 108,847,198,208 bytes free

1283 --- E O F --- 2009-03-13 04:13:00


HijackThis:
------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:55 PM, on 4/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neopets.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080417
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215129532826
O19 - User stylesheet: C:\Documents and Settings\Christy\Desktop\neopets.css (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10314 bytes


thanks for helping me!

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:53 PM

Posted 11 April 2009 - 09:44 PM

I see lots of entries for Norton in there....have you tried to remove it? It uninstalls dirty every time. Use this tool...it may even help your problem a bit. :thumbup2:

The Norton uninstall tool uninstalls ALL Norton 2004/2005/2006/2007/2008/2009 products from your computer. It also uninstalls Norton Ghost 10.0/9.0/2003. http://service1.symantec.com/SUPPORT/tsgen...005033108162039

Please run HijackThis! and click "Scan." Place checks next to the following entries, if present:

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe


Close all browsers and other windows except for HijackThis!, and click "Fix checked".

Navigate to and delete the following folder(s) (if they exist):

C:\Program Files\BearShare

Reboot your computer.

Is this a folder for one of your games? ----- C:\wyvern


Please download Malwarebytes' Anti-Malware from one of these places:
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
http://www.besttechie.net/mbam/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply along with a fresh HijackThis log.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Let me know how it's running. :)

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#5 Iron Smile

Iron Smile
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 11 April 2009 - 10:08 PM

how do i see which Norton i have? because i remember using it when i got my computer last year, but when it asked to pay i had to stop using it and i got avast.

and i didnt do anything to the Weather bug one on hujackthis, because my mom uses Weather bug all the time, and i didnt know if it would delete the program. if it wouldnt delete the program then i will go back and do that, just tell me :thumbup2:

Yes that is one of my old games, i thought i deleted it.

i already have that walwarebytes anti-malware downloaded but i did go to the updates tab and updated it



Malwarebytes' Anti-Malware 1.36
Database version: 1970
Windows 5.1.2600 Service Pack 3

4/11/2009 11:00:01 PM
mbam-log-2009-04-11 (23-00-01).txt

Scan type: Quick Scan
Objects scanned: 66585
Time elapsed: 2 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\MSINET.oca (Rogue.Trace) -> Quarantined and deleted successfully.




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:04:47 PM, on 4/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neopets.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080417
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215129532826
O19 - User stylesheet: C:\Documents and Settings\Christy\Desktop\neopets.css (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8630 bytes



had to go watch a video, haha. and i got one skip that was about 3 seconds, and the audio was still playing, just like before. its weird tho, cause its only for online videos. videos that i have on my computer arent like that.

Edited by Iron Smile, 11 April 2009 - 10:09 PM.


#6 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:53 PM

Posted 11 April 2009 - 10:21 PM

No, doing this will not delete the program (Weatherbug). It just keeps it from starting up when the computer boots up. It can be opened and started at any time. :thumbup2:

Try the one for 2008 then.....if not that, then 2007. :)

Have you checked your video drivers lately? Also, look in Device Manager and see if there are any yellow triangles with exclamation points in them to indicate problems. That's not my forte, but it usually turns out to be something basic like that. :step4:

tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#7 Iron Smile

Iron Smile
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 11 April 2009 - 10:27 PM

how do i check my video drivers? and i dont see any yellow trianles. i just now installed the newest version of flash player, someone told me to try that, and it still does the same thing :thumbup2:

#8 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:53 PM

Posted 11 April 2009 - 10:42 PM

Are you getting help from someone else?
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#9 Iron Smile

Iron Smile
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 11 April 2009 - 10:53 PM

no. i was talking to a friedn about it and she told me that if i download the newest version of flash player it might help. but it didnt :thumbup2:

Edited by Iron Smile, 11 April 2009 - 10:53 PM.


#10 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:53 PM

Posted 11 April 2009 - 10:56 PM

ave you run the Norton removal tool ? :thumbup2:
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#11 Iron Smile

Iron Smile
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 11 April 2009 - 11:04 PM

yes i have

#12 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:53 PM

Posted 11 April 2009 - 11:11 PM

Please delete ComboFix and its accompanying folder C:\Qoobox. Empty your Recycle bin and reboot your computer.

I don't see anything left related to malware, so I'll have to send you to another place in this forum to see about your video skipping still.
http://www.bleepingcomputer.com/forums/f/7/internal-hardware/

Regards,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#13 Iron Smile

Iron Smile
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 11 April 2009 - 11:12 PM

ok thanks

#14 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:53 PM

Posted 20 April 2009 - 07:46 AM

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Edited by teacup61, 20 April 2009 - 09:36 AM.

Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users