Hijack Problem

[LogMan]

- 2004-08-04 20:00:00 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
- 2004-08-04 20:00:00 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdnepr.dll
- 2004-08-04 20:00:00 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdpash.dll
- 2004-08-04 20:00:00 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
- 2004-08-04 20:00:00 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
- 2004-08-04 20:00:00 7,168 ----a-w c:\windows\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdukx.dll
- 2004-08-04 20:00:00 7,424 ----a-w c:\windows\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w c:\windows\system32\kd1394.dll
- 2005-06-16 22:49:30 295,936 ----a-w c:\windows\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w c:\windows\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w c:\windows\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w c:\windows\system32\kernel32.dll
- 2004-08-04 20:00:00 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ------w c:\windows\system32\kmsvc.dll
- 2004-08-03 23:56:44 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w c:\windows\system32\l2gpstore.dll
- 2004-08-04 20:00:00 423,936 ----a-w c:\windows\system32\licdll.dll
+ 2008-04-14 04:41:58 423,936 ----a-w c:\windows\system32\licdll.dll
- 2004-08-04 20:00:00 58,880 ----a-w c:\windows\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w c:\windows\system32\licwmi.dll
- 2005-09-02 06:41:53 19,968 ----a-w c:\windows\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\linkinfo.dll
- 2004-08-04 20:00:00 13,824 ----a-w c:\windows\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w c:\windows\system32\lmhsvc.dll
- 2004-08-04 20:00:00 399,872 ----a-w c:\windows\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w c:\windows\system32\lmrt.dll
- 2004-08-04 20:00:00 97,280 ----a-w c:\windows\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w c:\windows\system32\loadperf.dll
- 2004-08-04 20:00:00 221,696 ----a-w c:\windows\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w c:\windows\system32\localsec.dll
- 2004-08-04 20:00:00 341,504 ----a-w c:\windows\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w c:\windows\system32\localspl.dll
- 2004-08-04 20:00:00 11,776 ----a-w c:\windows\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w c:\windows\system32\localui.dll
- 2004-08-04 20:00:00 75,264 ----a-w c:\windows\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w c:\windows\system32\locator.exe
- 2004-08-04 20:00:00 59,392 ----a-w c:\windows\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ----a-w c:\windows\system32\logman.exe
- 2004-08-04 20:00:00 220,672 ----a-w c:\windows\system32\logon.scr
+ 2008-04-14 00:12:43 220,672 ----a-w c:\windows\system32\logon.scr
- 2004-08-04 20:00:00 514,560 ----a-w c:\windows\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w c:\windows\system32\logonui.exe
- 2004-08-04 20:00:00 22,016 ----a-w c:\windows\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w c:\windows\system32\lpk.dll
- 2004-08-04 20:00:00 10,240 ----a-w c:\windows\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w c:\windows\system32\lprhelp.dll
- 2007-11-07 09:26:56 721,920 ----a-w c:\windows\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w c:\windows\system32\lsasrv.dll
- 2004-08-04 20:00:00 13,312 ----a-w c:\windows\system32\lsass.exe
+ 2008-04-14 00:12:24 13,312 ----a-w c:\windows\system32\lsass.exe
- 2004-08-04 20:00:00 72,704 ----a-w c:\windows\system32\magnify.exe
+ 2008-04-14 00:12:24 72,704 ----a-w c:\windows\system32\magnify.exe
- 2004-08-04 20:00:00 85,504 ----a-w c:\windows\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w c:\windows\system32\makecab.exe
- 2004-08-04 20:00:00 14,848 ----a-w c:\windows\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w c:\windows\system32\mcastmib.dll
- 2004-08-04 20:00:00 84,480 ----a-w c:\windows\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w c:\windows\system32\mciavi32.dll
- 2004-08-04 20:00:00 35,328 ----a-w c:\windows\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w c:\windows\system32\mciqtz32.dll
- 2004-08-04 20:00:00 23,040 ----a-w c:\windows\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w c:\windows\system32\mciseq.dll
- 2004-08-04 20:00:00 23,552 ----a-w c:\windows\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w c:\windows\system32\mciwave.dll
- 2004-08-04 20:00:00 118,272 ----a-w c:\windows\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w c:\windows\system32\mdminst.dll
- 2007-03-08 15:36:28 40,960 ----a-w c:\windows\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w c:\windows\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 ----a-w c:\windows\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w c:\windows\system32\mfc40u.dll
- 2004-08-04 20:00:00 1,028,096 ----a-w c:\windows\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w c:\windows\system32\mfc42.dll
- 2004-08-04 20:00:00 22,528 ----a-w c:\windows\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w c:\windows\system32\mfcsubs.dll
- 2004-08-04 20:00:00 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ------w c:\windows\system32\microsoft.managementconsole.dll
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w c:\windows\system32\midimap.dll
- 2004-08-04 20:00:00 60,928 ----a-w c:\windows\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w c:\windows\system32\miglibnt.dll
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w c:\windows\system32\mimefilt.dll
- 2004-08-04 20:00:00 586,240 ----a-w c:\windows\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w c:\windows\system32\mlang.dll
- 2004-08-04 20:00:00 815,104 ----a-w c:\windows\system32\mmc.exe
+ 2008-04-14 00:12:25 1,414,656 ----a-w c:\windows\system32\mmc.exe
- 2004-08-04 20:00:00 70,656 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w c:\windows\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ------w c:\windows\system32\mmcfxcommon.dll
- 2004-08-04 20:00:00 1,192,960 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w c:\windows\system32\mmcperf.exe
- 2004-08-04 20:00:00 50,688 ----a-w c:\windows\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w c:\windows\system32\mmcshext.dll
- 2004-08-04 20:00:00 17,408 ----a-w c:\windows\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w c:\windows\system32\mmfutil.dll
- 2004-08-04 20:00:00 34,560 ----a-w c:\windows\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w c:\windows\system32\mnmdd.dll
- 2004-08-04 20:00:00 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
- 2004-08-04 20:00:00 207,360 ----a-w c:\windows\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w c:\windows\system32\mobsync.dll
- 2004-08-04 20:00:00 143,360 ----a-w c:\windows\system32\mobsync.exe
+ 2008-04-14 00:12:26 143,360 ----a-w c:\windows\system32\mobsync.exe
- 2004-08-04 20:00:00 153,600 ----a-w c:\windows\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w c:\windows\system32\modemui.dll
- 2004-08-04 20:00:00 15,872 ----a-w c:\windows\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w c:\windows\system32\more.com
- 2004-08-04 20:00:00 216,064 ----a-w c:\windows\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w c:\windows\system32\moricons.dll
- 2004-08-04 20:00:00 123,392 ----a-w c:\windows\system32\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w c:\windows\system32\mplay32.exe
- 2004-08-04 20:00:00 59,904 ----a-w c:\windows\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w c:\windows\system32\mpr.dll
- 2004-08-04 20:00:00 87,040 ----a-w c:\windows\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w c:\windows\system32\mprapi.dll
- 2004-08-04 20:00:00 49,152 ----a-w c:\windows\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w c:\windows\system32\mprdim.dll
- 2004-08-04 20:00:00 71,680 ----a-w c:\windows\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w c:\windows\system32\msacm32.dll
- 2004-08-04 20:00:00 3,584 ----a-w c:\windows\system32\msafd.dll
+ 2008-04-14 00:10:06 3,584 ----a-w c:\windows\system32\msafd.dll
- 2004-08-04 20:00:00 86,016 ----a-w c:\windows\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w c:\windows\system32\msapsspc.dll
- 2004-08-04 20:00:00 57,344 ----a-w c:\windows\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w c:\windows\system32\msasn1.dll
- 2008-06-24 16:23:05 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\system32\mscms.dll
- 2004-08-04 20:00:00 69,632 ----a-w c:\windows\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w c:\windows\system32\msconf.dll
- 2004-08-04 20:00:00 12,288 ----a-w c:\windows\system32\mscpx32r.dLL
+ 2008-04-13 17:26:07 12,288 ----a-w c:\windows\system32\mscpx32r.dll
- 2004-08-04 20:00:00 36,864 ----a-w c:\windows\system32\mscpxl32.dLL
+ 2008-04-14 00:11:58 36,864 ----a-w c:\windows\system32\mscpxl32.dll
- 2008-02-26 11:59:50 294,912 ----a-w c:\windows\system32\msctf.dll
+ 2008-04-14 00:11:58 297,984 ----a-w c:\windows\system32\msctf.dll
- 2004-08-04 20:00:00 69,120 ----a-w c:\windows\system32\MSCTFP.dll
+ 2008-04-14 00:11:58 68,608 ----a-w c:\windows\system32\msctfp.dll
- 2004-08-04 20:00:00 118,784 ----a-w c:\windows\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ----a-w c:\windows\system32\msdadiag.dll
- 2004-08-04 20:00:00 151,552 ----a-w c:\windows\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w c:\windows\system32\msdart.dll
- 2004-08-04 20:00:00 14,336 ----a-w c:\windows\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w c:\windows\system32\msdmo.dll
- 2004-08-04 20:00:00 6,144 ----a-w c:\windows\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w c:\windows\system32\msdtc.exe
- 2004-08-04 20:00:00 58,880 ----a-w c:\windows\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w c:\windows\system32\msdtclog.dll
- 2006-03-01 19:42:42 426,496 ----a-w c:\windows\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w c:\windows\system32\msdtcprx.dll
- 2006-03-01 19:42:42 956,416 ----a-w c:\windows\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w c:\windows\system32\msdtctm.dll
- 2006-03-01 19:42:42 161,280 ----a-w c:\windows\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w c:\windows\system32\msdtcuiu.dll
- 2004-08-04 20:00:00 4,126 ----a-w c:\windows\system32\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w c:\windows\system32\msdxmlc.dll
- 2006-11-27 14:54:06 539,136 ----a-w c:\windows\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w c:\windows\system32\msftedit.dll
- 2004-08-04 20:00:00 994,304 ----a-w c:\windows\system32\msgina.dll
+ 2008-04-14 00:11:59 997,376 ----a-w c:\windows\system32\msgina.dll
- 2004-08-04 20:00:00 33,792 ----a-w c:\windows\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w c:\windows\system32\msgsvc.dll
- 2004-08-04 20:00:00 188,416 ----a-w c:\windows\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w c:\windows\system32\msh261.drv
- 2004-08-03 23:56:58 294,912 ----a-w c:\windows\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w c:\windows\system32\msh263.drv
- 2007-04-18 16:12:23 2,854,400 ----a-w c:\windows\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w c:\windows\system32\msi.dll
- 2004-08-04 20:00:00 51,712 ----a-w c:\windows\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w c:\windows\system32\msident.dll
- 2004-08-04 20:00:00 6,656 ----a-w c:\windows\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w c:\windows\system32\msidle.dll
- 2004-08-04 20:00:00 248,832 ----a-w c:\windows\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w c:\windows\system32\msieftp.dll
- 2005-05-04 16:58:36 78,848 ----a-w c:\windows\system32\msiexec.exe
+ 2008-04-14 00:12:28 78,848 ----a-w c:\windows\system32\msiexec.exe
- 2005-05-04 16:58:36 271,360 ----a-w c:\windows\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w c:\windows\system32\msihnd.dll
- 2004-08-04 20:00:00 4,608 ----a-w c:\windows\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w c:\windows\system32\msimg32.dll
- 2005-05-04 16:58:36 884,736 ----a-w c:\windows\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w c:\windows\system32\msimsg.dll
- 2004-08-04 20:00:00 159,232 ----a-w c:\windows\system32\MSIMTF.dll
+ 2008-04-14 00:11:59 159,232 ----a-w c:\windows\system32\msimtf.dll
- 2005-05-04 16:58:36 15,360 ----a-w c:\windows\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\msisip.dll
- 2008-03-27 08:12:54 151,583 ----a-w c:\windows\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w c:\windows\system32\msjint40.dll
- 2004-08-04 20:00:00 25,088 ----a-w c:\windows\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w c:\windows\system32\mslbui.dll
- 2004-08-04 20:00:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
- 2004-08-04 20:00:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
- 2004-08-04 20:00:00 105,984 ----a-w c:\windows\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w c:\windows\system32\msoert2.dll
- 2004-08-04 20:00:00 20,480 ----a-w c:\windows\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w c:\windows\system32\msorc32r.dll
- 2004-08-04 20:00:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
- 2004-08-04 20:00:00 343,040 ----a-w c:\windows\system32\mspaint.exe
+ 2008-04-14 00:12:28 343,040 ----a-w c:\windows\system32\mspaint.exe
- 2004-08-04 20:00:00 30,208 ----a-w c:\windows\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w c:\windows\system32\mspatcha.dll
- 2004-08-04 20:00:00 48,128 ----a-w c:\windows\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w c:\windows\system32\msprivs.dll
- 2004-08-04 20:00:00 11,264 ----a-w c:\windows\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w c:\windows\system32\msrle32.dll
- 2004-08-04 20:00:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w c:\windows\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w c:\windows\system32\msshavmsg.dll
- 2004-08-04 20:00:00 274,944 ----a-w c:\windows\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w c:\windows\system32\mstask.dll
- 2004-08-04 20:00:00 12,288 ----a-w c:\windows\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w c:\windows\system32\mstinit.exe
- 2004-08-04 20:00:00 115,712 ----a-w c:\windows\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w c:\windows\system32\mstlsapi.dll
- 2004-08-04 20:00:00 407,552 ----a-w c:\windows\system32\mstsc.exe
+ 2008-04-14 00:12:23 677,888 ----a-w c:\windows\system32\mstsc.exe
- 2004-08-04 20:00:00 655,360 ----a-w c:\windows\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w c:\windows\system32\mstscax.dll
- 2004-08-04 20:00:00 195,072 ----a-w c:\windows\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w c:\windows\system32\msutb.dll
- 2004-08-04 20:00:00 129,536 ----a-w c:\windows\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w c:\windows\system32\msv1_0.dll
- 2004-08-04 20:00:00 1,392,671 ----a-w c:\windows\system32\msvbvm60.dll
+ 2008-04-14 00:12:00 1,384,479 ----a-w c:\windows\system32\msvbvm60.dll
- 2004-08-04 20:00:00 54,784 ----a-w c:\windows\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\msvcirt.dll
- 2004-08-04 20:00:00 413,696 ----a-w c:\windows\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w c:\windows\system32\msvcp60.dll
- 2004-08-04 20:00:00 343,040 ----a-w c:\windows\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w c:\windows\system32\msvcrt.dll
- 2004-08-04 20:00:00 61,440 ----a-w c:\windows\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w c:\windows\system32\msvcrt40.dll
- 2004-08-04 20:00:00 120,832 ----a-w c:\windows\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w c:\windows\system32\msvfw32.dll
- 2004-08-04 20:00:00 1,428,480 ----a-w c:\windows\system32\msvidctl.dll
+ 2008-04-14 00:12:01 1,428,992 ----a-w c:\windows\system32\msvidctl.dll
- 2004-08-04 20:00:00 72,704 ----a-w c:\windows\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w c:\windows\system32\msw3prt.dll
- 2004-08-04 20:00:00 204,288 ----a-w c:\windows\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w c:\windows\system32\mswebdvd.dll
- 2008-06-20 17:41:10 245,248 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\system32\mswsock.dll
- 2004-08-04 20:00:00 506,368 ----a-w c:\windows\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w c:\windows\system32\msxml.dll
- 2004-08-04 20:00:00 701,440 ----a-w c:\windows\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w c:\windows\system32\msxml2.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,104,896 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-15 14:43:10 1,320,800 ----a-w c:\windows\system32\msxml6.dll
+ 2008-04-14 00:12:01 1,306,624 ----a-w c:\windows\system32\msxml6.dll
- 2006-10-05 03:31:10 79,872 ----a-w c:\windows\system32\msxml6r.dll
+ 2008-04-13 17:27:18 79,872 ----a-w c:\windows\system32\msxml6r.dll
- 2004-08-03 23:56:46 17,408 ----a-w c:\windows\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w c:\windows\system32\msyuv.dll
- 2006-03-01 19:42:42 66,560 ----a-w c:\windows\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w c:\windows\system32\mtxclu.dll
- 2004-08-04 20:00:00 20,480 ----a-w c:\windows\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w c:\windows\system32\mtxdm.dll
- 2004-08-04 20:00:00 4,096 ----a-w c:\windows\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w c:\windows\system32\mtxex.dll
- 2004-08-04 20:00:00 25,088 ----a-w c:\windows\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w c:\windows\system32\mtxlegih.dll
- 2006-03-01 19:42:42 91,136 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w c:\windows\system32\mtxparhd.dll
- 2004-08-04 20:00:00 405,504 ----a-w c:\windows\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ----a-w c:\windows\system32\mui\041b\xpob2res.dll
- 2004-08-04 20:00:00 193,024 ----a-w c:\windows\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\041b\xpsp1res.dll
- 2004-08-04 20:00:00 757,248 ----a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ----a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ------w c:\windows\system32\mui\041b\xpsp3res.dll
- 2004-08-04 20:00:00 408,576 ----a-w c:\windows\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ----a-w c:\windows\system32\mui\0424\xpob2res.dll
- 2004-08-04 20:00:00 192,512 ----a-w c:\windows\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\0424\xpsp1res.dll
- 2004-08-04 20:00:00 732,160 ----a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ----a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ------w c:\windows\system32\mui\0424\xpsp3res.dll
- 2004-08-04 20:00:00 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 30,208 ------w c:\windows\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w c:\windows\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w c:\windows\system32\napstat.exe
- 2004-08-04 20:00:00 53,760 ----a-w c:\windows\system32\narrator.exe
+ 2008-04-14 00:12:29 53,760 ----a-w c:\windows\system32\narrator.exe
- 2004-08-04 20:00:00 36,352 ----a-w c:\windows\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w c:\windows\system32\ncobjapi.dll
- 2004-08-04 20:00:00 17,920 ----a-w c:\windows\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w c:\windows\system32\nddeapi.dll
- 2004-08-04 20:00:00 4,096 ----a-w c:\windows\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w c:\windows\system32\nddeapir.exe
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w c:\windows\system32\nddenb32.dll
- 2004-08-04 20:00:00 42,496 ----a-w c:\windows\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w c:\windows\system32\net.exe
- 2004-08-04 20:00:00 124,928 ----a-w c:\windows\system32\net1.exe
+ 2008-04-14 00:12:29 124,928 ----a-w c:\windows\system32\net1.exe
- 2006-08-17 12:28:27 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-04-14 00:12:01 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2004-08-04 20:00:00 622,080 ----a-w c:\windows\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w c:\windows\system32\netcfgx.dll
- 2004-08-04 20:00:00 111,104 ----a-w c:\windows\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w c:\windows\system32\netdde.exe
- 2004-08-04 20:00:00 139,264 ----a-w c:\windows\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w c:\windows\system32\netid.dll
- 2004-08-04 20:00:00 407,040 ----a-w c:\windows\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w c:\windows\system32\netlogon.dll
- 2005-08-23 23:29:46 197,632 ----a-w c:\windows\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w c:\windows\system32\netman.dll
- 2004-08-04 20:00:00 875,008 ----a-w c:\windows\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w c:\windows\system32\netplwiz.dll
- 2004-08-04 20:00:00 12,288 ----a-w c:\windows\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w c:\windows\system32\netrap.dll
- 2004-08-04 20:00:00 329,728 ----a-w c:\windows\system32\netsetup.exe
+ 2008-04-14 00:16:51 329,728 ----a-w c:\windows\system32\netsetup.exe
- 2004-08-04 20:00:00 86,016 ----a-w c:\windows\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w c:\windows\system32\netsh.exe
- 2004-08-04 20:00:00 1,708,032 ----a-w c:\windows\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w c:\windows\system32\netshell.dll
- 2004-08-04 20:00:00 36,864 ----a-w c:\windows\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w c:\windows\system32\netstat.exe
- 2004-08-04 20:00:00 80,896 ----a-w c:\windows\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w c:\windows\system32\netui0.dll
- 2004-08-04 20:00:00 245,760 ----a-w c:\windows\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w c:\windows\system32\netui1.dll
- 2004-08-04 20:00:00 248,832 ----a-w c:\windows\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w c:\windows\system32\newdev.dll
- 2004-08-04 20:00:00 103,936 ----a-w c:\windows\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w c:\windows\system32\nlhtml.dll
- 2004-08-04 20:00:00 28,672 ----a-w c:\windows\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w c:\windows\system32\nmmkcert.dll
- 2004-08-04 20:00:00 69,120 ----a-w c:\windows\system32\notepad.exe
+ 2008-04-14 00:12:29 69,120 ----a-w c:\windows\system32\notepad.exe
- 2004-08-04 20:00:00 57,344 ----a-w c:\windows\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\npp\ndisnpp.dll
- 2004-08-04 20:00:00 15,360 ----a-w c:\windows\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w c:\windows\system32\npp\nppagent.exe
- 2004-08-04 20:00:00 54,784 ----a-w c:\windows\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w c:\windows\system32\npptools.dll
- 2004-08-04 20:00:00 76,800 ----a-w c:\windows\system32\nslookup.exe
+ 2008-04-14 00:12:29 76,800 ----a-w c:\windows\system32\nslookup.exe
- 2004-08-04 20:00:00 708,096 ----a-w c:\windows\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w c:\windows\system32\ntdll.dll
- 2004-08-04 20:00:00 67,072 ----a-w c:\windows\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w c:\windows\system32\ntdsapi.dll
- 2007-02-28 08:38:57 2,015,744 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2004-08-04 20:00:00 43,520 ----a-w c:\windows\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w c:\windows\system32\ntlanman.dll
- 2004-08-04 20:00:00 8,192 ----a-w c:\windows\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w c:\windows\system32\ntlsapi.dll
- 2004-08-04 20:00:00 118,784 ----a-w c:\windows\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w c:\windows\system32\ntmarta.dll
- 2004-08-04 20:00:00 40,960 ----a-w c:\windows\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w c:\windows\system32\ntmsapi.dll
- 2004-08-04 20:00:00 179,712 ----a-w c:\windows\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w c:\windows\system32\ntmsdba.dll
- 2004-08-04 20:00:00 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
- 2004-08-04 20:00:00 435,200 ----a-w c:\windows\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w c:\windows\system32\ntmssvc.dll
- 2007-02-28 09:08:48 2,136,064 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-04-13 19:24:37 2,145,280 ----a-w c:\windows\system32\ntoskrnl.exe
- 2004-08-04 20:00:00 91,136 ----a-w c:\windows\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w c:\windows\system32\ntprint.dll
- 2004-08-04 20:00:00 143,872 ----a-w c:\windows\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w c:\windows\system32\ntshrui.dll
- 2004-08-04 20:00:00 419,840 ----a-w c:\windows\system32\ntvdm.exe
+ 2008-04-14 00:12:30 420,864 ----a-w c:\windows\system32\ntvdm.exe
- 2004-08-04 20:00:00 13,312 ----a-w c:\windows\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\ntvdmd.dll
- 2006-10-13 12:35:12 142,336 ----a-w c:\windows\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w c:\windows\system32\nwprovau.dll
- 2004-08-04 20:00:00 266,752 ----a-w c:\windows\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w c:\windows\system32\oakley.dll
- 2004-08-04 20:00:00 285,696 ----a-w c:\windows\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w c:\windows\system32\objsel.dll
- 2004-08-04 20:00:00 60,928 ----a-w c:\windows\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\ocmanage.dll
- 2004-08-04 20:00:00 249,856 ----a-w c:\windows\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w c:\windows\system32\odbc32.dll
- 2004-08-04 20:00:00 16,384 ----a-w c:\windows\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w c:\windows\system32\odbc32gt.dll
- 2004-08-04 20:00:00 32,768 ----a-w c:\windows\system32\odbcad32.exe
+ 2008-04-14 00:12:30 32,768 ----a-w c:\windows\system32\odbcad32.exe
- 2004-08-04 20:00:00 24,576 ----a-w c:\windows\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w c:\windows\system32\odbcbcp.dll
- 2004-08-04 20:00:00 135,168 ----a-w c:\windows\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w c:\windows\system32\odbcconf.dll
- 2004-08-04 20:00:00 69,632 ----a-w c:\windows\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w c:\windows\system32\odbcconf.exe
- 2004-08-04 20:00:00 106,496 ----a-w c:\windows\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w c:\windows\system32\odbccp32.dll
- 2004-08-04 20:00:00 65,536 ----a-w c:\windows\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccr32.dll
- 2004-08-04 20:00:00 65,536 ----a-w c:\windows\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccu32.dll
- 2004-08-04 20:00:00 94,208 ----a-w c:\windows\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w c:\windows\system32\odbcint.dll
- 2004-08-04 20:00:00 53,279 ----a-w c:\windows\system32\odbcji32.dll
+ 2008-04-14 00:10:31 53,279 ----a-w c:\windows\system32\odbcji32.dll
- 2004-08-04 20:00:00 278,559 ----a-w c:\windows\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w c:\windows\system32\odbcjt32.dll

[LogMan]

- 2004-08-04 20:00:00 12,288 ----a-w c:\windows\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w c:\windows\system32\odbcp32r.dll
- 2004-08-04 20:00:00 147,456 ----a-w c:\windows\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w c:\windows\system32\odbctrac.dll
- 2004-08-04 20:00:00 20,511 ----a-w c:\windows\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\oddbse32.dll
- 2004-08-04 20:00:00 20,510 ----a-w c:\windows\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odexl32.dll
- 2004-08-04 20:00:00 20,510 ----a-w c:\windows\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odfox32.dll
- 2004-08-04 20:00:00 20,510 ----a-w c:\windows\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odpdx32.dll
- 2004-08-04 20:00:00 20,511 ----a-w c:\windows\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\odtext32.dll
- 2004-08-04 20:00:00 120,832 ----a-w c:\windows\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w c:\windows\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w c:\windows\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w c:\windows\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w c:\windows\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w c:\windows\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w c:\windows\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w c:\windows\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w c:\windows\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w c:\windows\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 ----a-w c:\windows\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w c:\windows\system32\oledlg.dll
- 2004-08-04 20:00:00 107,008 ----a-w c:\windows\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w c:\windows\system32\oleprn.dll
- 2004-08-04 20:00:00 83,456 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w c:\windows\system32\onex.dll
- 2004-08-04 20:00:00 122,368 ----a-w c:\windows\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w c:\windows\system32\oobe\msobcomm.dll
- 2004-08-04 20:00:00 16,384 ----a-w c:\windows\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w c:\windows\system32\oobe\msobdl.dll
- 2004-08-04 20:00:00 561,664 ----a-w c:\windows\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w c:\windows\system32\oobe\msobmain.dll
- 2004-08-04 20:00:00 30,720 ----a-w c:\windows\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w c:\windows\system32\oobe\msobshel.dll
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w c:\windows\system32\oobe\msobweb.dll
- 2004-08-04 20:00:00 28,160 ----a-w c:\windows\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w c:\windows\system32\oobe\msoobe.exe
- 2004-08-04 20:00:00 51,200 ----a-w c:\windows\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w c:\windows\system32\oobe\oobebaln.exe
- 2004-08-04 20:00:00 713,728 ----a-w c:\windows\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w c:\windows\system32\opengl32.dll
- 2004-08-04 20:00:00 215,552 ----a-w c:\windows\system32\osk.exe
+ 2008-04-14 00:12:31 215,552 ----a-w c:\windows\system32\osk.exe
- 2004-08-04 20:00:00 67,584 ----a-w c:\windows\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\osuninst.dll
- 2004-08-04 20:00:00 116,224 ----a-w c:\windows\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ----a-w c:\windows\system32\p2p.dll
- 2004-08-04 20:00:00 86,016 ----a-w c:\windows\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\p2pgasvc.dll
- 2004-08-04 20:00:00 312,320 ----a-w c:\windows\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ----a-w c:\windows\system32\p2pgraph.dll
- 2004-08-04 20:00:00 88,064 ----a-w c:\windows\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ----a-w c:\windows\system32\p2pnetsh.dll
- 2004-08-04 20:00:00 526,848 ----a-w c:\windows\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ----a-w c:\windows\system32\p2psvc.dll
- 2004-08-04 20:00:00 58,368 ----a-w c:\windows\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w c:\windows\system32\packager.exe
- 2004-08-04 20:00:00 62,976 ----a-w c:\windows\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\pautoenr.dll
- 2004-08-04 20:00:00 283,648 ----a-w c:\windows\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w c:\windows\system32\pdh.dll
- 2008-10-26 18:44:02 65,166 ----a-w c:\windows\system32\perfc009.dat
+ 2008-11-29 19:07:43 65,166 ----a-w c:\windows\system32\perfc009.dat
- 2004-08-04 20:00:00 39,936 ----a-w c:\windows\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w c:\windows\system32\perfctrs.dll
- 2004-08-04 20:00:00 26,624 ----a-w c:\windows\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w c:\windows\system32\perfdisk.dll
- 2008-10-26 18:44:03 410,002 ----a-w c:\windows\system32\perfh009.dat
+ 2008-11-29 19:07:43 410,002 ----a-w c:\windows\system32\perfh009.dat
- 2004-08-04 20:00:00 15,872 ----a-w c:\windows\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w c:\windows\system32\perfmon.exe
- 2004-08-04 20:00:00 16,896 ----a-w c:\windows\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w c:\windows\system32\perfnet.dll
- 2004-08-04 20:00:00 25,088 ----a-w c:\windows\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w c:\windows\system32\perfos.dll
- 2004-08-04 20:00:00 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 412,160 ------w c:\windows\system32\photometadatahandler.dll
- 2004-08-04 20:00:00 176,128 ----a-w c:\windows\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w c:\windows\system32\photowiz.dll
- 2004-08-04 20:00:00 35,328 ----a-w c:\windows\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w c:\windows\system32\pid.dll
- 2004-08-04 20:00:00 24,064 ----a-w c:\windows\system32\pidgen.dll
+ 2008-04-13 18:35:22 24,064 ----a-w c:\windows\system32\pidgen.dll
- 2004-08-04 20:00:00 17,920 ----a-w c:\windows\system32\ping.exe
+ 2008-04-14 00:12:31 17,920 ----a-w c:\windows\system32\ping.exe
- 2004-08-04 20:00:00 15,360 ----a-w c:\windows\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\pjlmon.dll
- 2004-08-04 20:00:00 48,640 ----a-w c:\windows\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ----a-w c:\windows\system32\pnrpnsp.dll
- 2004-08-04 20:00:00 105,472 ----a-w c:\windows\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\polstore.dll
- 2004-08-04 20:00:00 49,152 ----a-w c:\windows\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ----a-w c:\windows\system32\powercfg.exe
- 2004-08-04 20:00:00 17,408 ----a-w c:\windows\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w c:\windows\system32\powrprof.dll
- 2004-08-04 20:00:00 560,640 ----a-w c:\windows\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w c:\windows\system32\printui.dll
- 2004-08-04 20:00:00 27,648 ----a-w c:\windows\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w c:\windows\system32\profmap.dll
- 2004-08-04 20:00:00 109,568 ----a-w c:\windows\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w c:\windows\system32\progman.exe
- 2004-08-04 20:00:00 50,176 ----a-w c:\windows\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\proquota.exe
- 2004-08-04 20:00:00 9,216 ----a-w c:\windows\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ----a-w c:\windows\system32\proxycfg.exe
- 2004-08-04 20:00:00 23,040 ----a-w c:\windows\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w c:\windows\system32\psapi.dll
- 2004-08-04 20:00:00 96,768 ----a-w c:\windows\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w c:\windows\system32\psbase.dll
- 2004-08-04 20:00:00 43,520 ----a-w c:\windows\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\pstorec.dll
- 2004-08-04 20:00:00 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 150,528 ------w c:\windows\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w c:\windows\system32\qagentrt.dll
- 2004-08-04 20:00:00 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w c:\windows\system32\qcliprov.dll
- 2004-08-04 20:00:00 279,040 ----a-w c:\windows\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w c:\windows\system32\qdv.dll
- 2004-08-04 20:00:00 385,024 ----a-w c:\windows\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w c:\windows\system32\qdvd.dll
- 2004-08-04 20:00:00 562,176 ----a-w c:\windows\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w c:\windows\system32\qedit.dll
- 2004-08-04 20:00:00 733,696 ----a-w c:\windows\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w c:\windows\system32\qedwipes.dll
- 2004-08-04 20:00:00 382,464 ----a-w c:\windows\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w c:\windows\system32\qmgr.dll
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
- 2004-08-04 20:00:00 20,480 ----a-w c:\windows\system32\qprocess.exe
+ 2008-04-14 00:12:32 19,968 ----a-w c:\windows\system32\qprocess.exe
- 2008-05-07 05:18:48 1,287,680 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w c:\windows\system32\quartz.dll
- 2006-06-22 05:06:30 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ------w c:\windows\system32\qutil.dll
- 2004-08-04 20:00:00 43,520 ----a-w c:\windows\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w c:\windows\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w c:\windows\system32\rasadhlp.dll
- 2004-08-04 20:00:00 236,544 ----a-w c:\windows\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\rasapi32.dll
- 2004-08-04 20:00:00 89,088 ----a-w c:\windows\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w c:\windows\system32\rasauto.dll
- 2004-08-04 20:00:00 69,632 ----a-w c:\windows\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w c:\windows\system32\raschap.dll
- 2004-08-04 20:00:00 657,920 ----a-w c:\windows\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w c:\windows\system32\rasdlg.dll
- 2004-08-04 20:00:00 61,440 ----a-w c:\windows\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w c:\windows\system32\rasman.dll
- 2006-06-22 10:47:18 181,248 ----a-w c:\windows\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w c:\windows\system32\rasmans.dll
- 2004-08-04 20:00:00 56,832 ----a-w c:\windows\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w c:\windows\system32\rasphone.exe
- 2004-08-04 20:00:00 206,336 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ------w c:\windows\system32\rasqec.dll
- 2004-08-04 20:00:00 16,896 ----a-w c:\windows\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w c:\windows\system32\rassapi.dll
- 2004-08-04 20:00:00 58,880 ----a-w c:\windows\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w c:\windows\system32\rastapi.dll
- 2004-08-04 20:00:00 112,128 ----a-w c:\windows\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w c:\windows\system32\rastls.dll
- 2004-08-04 20:00:00 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
- 2004-08-04 20:00:00 35,840 ----a-w c:\windows\system32\rcimlby.exe
+ 2008-04-14 00:12:32 35,840 ----a-w c:\windows\system32\rcimlby.exe
- 2004-08-04 20:00:00 21,504 ----a-w c:\windows\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w c:\windows\system32\rcp.exe
- 2004-08-04 20:00:00 147,968 ----a-w c:\windows\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w c:\windows\system32\rdchost.dll
- 2004-08-04 20:00:00 62,464 ----a-w c:\windows\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w c:\windows\system32\rdpclip.exe
- 2004-08-04 20:00:00 92,168 ----a-w c:\windows\system32\rdpdd.dll
+ 2008-04-14 00:13:22 92,424 ----a-w c:\windows\system32\rdpdd.dll
- 2004-08-04 20:00:00 19,968 ----a-w c:\windows\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w c:\windows\system32\rdpsnd.dll
- 2004-08-04 20:00:00 87,176 ----a-w c:\windows\system32\rdpwsx.dll
+ 2008-04-14 00:13:22 87,176 ----a-w c:\windows\system32\rdpwsx.dll
- 2004-08-04 20:00:00 13,824 ----a-w c:\windows\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w c:\windows\system32\rdsaddin.exe
- 2004-08-04 20:00:00 67,072 ----a-w c:\windows\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w c:\windows\system32\rdshost.exe
- 2004-08-04 20:00:00 50,176 ----a-w c:\windows\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\reg.exe
- 2004-08-04 20:00:00 49,664 ----a-w c:\windows\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w c:\windows\system32\regapi.dll
- 2004-08-04 20:00:00 59,904 ----a-w c:\windows\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w c:\windows\system32\regsvc.dll
- 2004-08-04 20:00:00 11,776 ----a-w c:\windows\system32\regsvr32.exe
+ 2008-04-14 00:12:32 11,776 ----a-w c:\windows\system32\regsvr32.exe
- 2004-08-04 20:00:00 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2004-08-05 03:10:40 17,024 ----a-w c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\bthenumsys
+ 2004-08-05 02:58:40 100,992 ----a-w c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\bthpan.sys
+ 2004-08-05 03:10:40 17,024 ----a-w c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\BthEnumsys
+ 2004-08-05 04:56:52 152,576 ----a-w c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\irftp.exe
+ 2004-08-05 04:56:44 27,136 ----a-w c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\irmon.dll
+ 2004-08-05 03:10:40 59,648 ----a-w c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\rfcomm.sys
+ 2004-08-04 20:00:00 108,032 ----a-w c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\wshBth.dll
+ 2004-08-05 04:56:48 8,192 ----a-w c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\wshirdadll
+ 2004-08-04 20:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0020\DriverFiles\i386\intelppm.sys
+ 2004-08-04 20:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0021\DriverFiles\i386\intelppm.sys
+ 2004-08-04 20:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\intelppm.sys
+ 2004-08-04 20:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0023\DriverFiles\i386\intelppm.sys
+ 2004-08-04 20:00:00 67,584 ----a-w c:\windows\system32\ReinstallBackups\0024\DriverFiles\i386\sdbus.sys
+ 2005-01-08 21:07:18 138,752 ----a-w c:\windows\system32\ReinstallBackups\0026\DriverFiles\hdaudbus.sys
- 2004-08-04 20:00:00 60,416 ----a-w c:\windows\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w c:\windows\system32\remotepg.dll
- 2004-08-04 20:00:00 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe
- 2004-08-04 20:00:00 58,880 ----a-w c:\windows\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w c:\windows\system32\resutils.dll
- 2004-08-04 20:00:00 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ------w c:\windows\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w c:\windows\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w c:\windows\system32\riched20.dll
- 2007-07-09 13:09:42 584,192 ----a-w c:\windows\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w c:\windows\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w c:\windows\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w c:\windows\system32\rpcss.dll
- 2004-08-04 20:00:00 152,576 ----a-w c:\windows\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w c:\windows\system32\rsaenh.dll
- 2004-08-04 20:00:00 14,848 ----a-w c:\windows\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w c:\windows\system32\rsh.exe
- 2004-08-04 20:00:00 39,936 ----a-w c:\windows\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w c:\windows\system32\rshx32.dll
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w c:\windows\system32\rsmps.dll
- 2004-08-04 20:00:00 90,112 ----a-w c:\windows\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w c:\windows\system32\rsvpsp.dll
- 2004-08-04 20:00:00 77,312 ----a-w c:\windows\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w c:\windows\system32\rtcshare.exe
- 2004-08-04 20:00:00 31,744 ----a-w c:\windows\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w c:\windows\system32\rtipxmib.dll
- 2004-08-04 20:00:00 44,032 ----a-w c:\windows\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w c:\windows\system32\rtutils.dll
- 2004-08-04 20:00:00 33,280 ----a-w c:\windows\system32\rundll32.exe
+ 2008-04-14 00:12:33 33,280 ----a-w c:\windows\system32\rundll32.exe
- 2004-08-04 20:00:00 14,336 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:33 14,336 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:04 397,056 ------w c:\windows\system32\s3gnb.dll
- 2004-08-04 20:00:00 43,520 ----a-w c:\windows\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w c:\windows\system32\safrcdlg.dll
- 2004-08-04 20:00:00 29,696 ----a-w c:\windows\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w c:\windows\system32\safrdm.dll
- 2004-08-04 20:00:00 45,568 ----a-w c:\windows\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w c:\windows\system32\safrslv.dll
- 2004-08-04 20:00:00 64,000 ----a-w c:\windows\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w c:\windows\system32\samlib.dll
- 2004-08-04 20:00:00 415,744 ----a-w c:\windows\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w c:\windows\system32\samsrv.dll
- 2004-08-04 20:00:00 13,312 ----a-w c:\windows\system32\savedump.exe
+ 2008-04-14 00:12:33 13,312 ----a-w c:\windows\system32\savedump.exe
- 2004-08-04 20:00:00 270,848 ----a-w c:\windows\system32\sbe.dll
+ 2008-04-14 00:12:04 270,848 ----a-w c:\windows\system32\sbe.dll
- 2004-08-04 20:00:00 159,232 ----a-w c:\windows\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w c:\windows\system32\sbeio.dll
- 2004-08-04 20:00:00 69,632 ----a-w c:\windows\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w c:\windows\system32\scarddlg.dll
- 2004-08-04 20:00:00 95,744 ----a-w c:\windows\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w c:\windows\system32\scardsvr.exe
- 2004-08-04 20:00:00 171,008 ----a-w c:\windows\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w c:\windows\system32\sccsccp.dll
- 2004-08-04 20:00:00 180,224 ----a-w c:\windows\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w c:\windows\system32\scecli.dll
- 2004-08-04 20:00:00 313,856 ----a-w c:\windows\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w c:\windows\system32\scesrv.dll
- 2007-04-25 14:21:15 144,896 ----a-w c:\windows\system32\schannel.dll
+ 2008-04-14 00:12:05 144,384 ----a-w c:\windows\system32\schannel.dll
- 2004-08-04 20:00:00 190,976 ----a-w c:\windows\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w c:\windows\system32\schedsvc.dll
- 2004-08-04 20:00:00 20,992 ----a-w c:\windows\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w c:\windows\system32\sclgntfy.dll
- 2004-08-04 20:00:00 9,216 ----a-w c:\windows\system32\scrnsave.scr
+ 2008-04-14 00:12:43 9,216 ----a-w c:\windows\system32\scrnsave.scr
- 2004-08-04 20:00:00 159,744 ----a-w c:\windows\system32\scrobj.dll
+ 2008-04-14 00:12:05 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2004-08-04 20:00:00 151,552 ----a-w c:\windows\system32\scrrun.dll
+ 2008-04-14 00:12:05 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2004-08-04 20:00:00 77,312 ----a-w c:\windows\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w c:\windows\system32\sdbinst.exe
- 2004-08-04 20:00:00 29,184 ----a-w c:\windows\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sdhcinst.dll
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w c:\windows\system32\seclogon.dll
- 2004-08-04 20:00:00 55,808 ----a-w c:\windows\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\secur32.dll
- 2004-08-04 20:00:00 5,632 ----a-w c:\windows\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w c:\windows\system32\security.dll
- 2004-08-04 20:00:00 29,184 ----a-w c:\windows\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sendcmsg.dll
- 2004-08-04 20:00:00 55,296 ----a-w c:\windows\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w c:\windows\system32\sendmail.dll
- 2004-08-04 20:00:00 38,912 ----a-w c:\windows\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w c:\windows\system32\sens.dll
- 2004-08-04 20:00:00 6,656 ----a-w c:\windows\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w c:\windows\system32\sensapi.dll
- 2004-08-04 20:00:00 56,320 ----a-w c:\windows\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\servdeps.dll
- 2004-08-04 20:00:00 108,032 ----a-w c:\windows\system32\services.exe
+ 2008-04-14 00:12:34 108,544 ----a-w c:\windows\system32\services.exe
- 2004-08-04 20:00:00 140,800 ----a-w c:\windows\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w c:\windows\system32\sessmgr.exe
- 2004-08-04 20:00:00 31,232 ----a-w c:\windows\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w c:\windows\system32\sethc.exe
- 2004-08-04 20:00:00 23,040 ----a-w c:\windows\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w c:\windows\system32\setup.exe
- 2004-08-04 20:00:00 259,584 ----a-w c:\windows\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w c:\windows\system32\Setup\comsetup.dll
- 2004-08-04 20:00:00 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll
- 2004-08-04 20:00:00 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
- 2004-08-04 20:00:00 505,344 ----a-w c:\windows\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w c:\windows\system32\Setup\iis.dll
- 2004-08-04 20:00:00 115,712 ----a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w c:\windows\system32\Setup\koc.dll
- 2004-08-04 20:00:00 82,432 ----a-w c:\windows\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w c:\windows\system32\Setup\msdtcstp.dll
- 2004-08-04 20:00:00 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll
- 2004-08-04 20:00:00 77,312 ----a-w c:\windows\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w c:\windows\system32\Setup\netoc.dll
- 2004-08-04 20:00:00 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll
- 2004-08-04 20:00:00 15,872 ----a-w c:\windows\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\Setup\ocgen.dll
- 2004-08-04 20:00:00 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll
- 2004-08-04 20:00:00 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll
- 2004-08-04 20:00:00 22,016 ----a-w c:\windows\system32\Setup\startoc.dll
+ 2008-04-14 00:12:07 26,624 ----a-w c:\windows\system32\Setup\startoc.dll
- 2004-08-04 20:00:00 121,856 ----a-w c:\windows\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w c:\windows\system32\Setup\tsoc.dll
- 2004-08-04 20:00:00 983,552 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 04:42:06 985,088 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w c:\windows\system32\setupn.exe
- 2004-08-04 20:00:00 5,120 ----a-w c:\windows\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w c:\windows\system32\sfc.dll
- 2004-08-04 20:00:00 140,288 ----a-w c:\windows\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w c:\windows\system32\sfc_os.dll
- 2004-08-04 20:00:00 1,580,544 ----a-w c:\windows\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w c:\windows\system32\sfcfiles.dll
- 2004-08-04 20:00:00 549,376 ----a-w c:\windows\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w c:\windows\system32\shdoclc.dll
- 2007-06-15 08:12:30 1,498,112 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 ----a-w c:\windows\system32\shdocvw.dll
- 2007-10-26 03:34:01 8,460,288 ----a-w c:\windows\system32\shell32.dll
+ 2008-04-14 00:12:05 8,461,312 ----a-w c:\windows\system32\shell32.dll
- 2004-08-04 20:00:00 25,088 ----a-w c:\windows\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w c:\windows\system32\shfolder.dll
- 2004-08-04 20:00:00 68,096 ----a-w c:\windows\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w c:\windows\system32\shgina.dll
- 2004-08-04 20:00:00 65,536 ----a-w c:\windows\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w c:\windows\system32\shimeng.dll
- 2004-08-04 20:00:00 438,272 ----a-w c:\windows\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w c:\windows\system32\shimgvw.dll
- 2007-06-15 08:12:30 474,112 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w c:\windows\system32\shlwapi.dll
- 2004-08-04 20:00:00 151,552 ----a-w c:\windows\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w c:\windows\system32\shmedia.dll
- 2004-08-04 20:00:00 42,496 ----a-w c:\windows\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w c:\windows\system32\shmgrate.exe
- 2004-08-04 20:00:00 77,824 ----a-w c:\windows\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w c:\windows\system32\shrpubw.exe
- 2004-08-04 20:00:00 27,648 ----a-w c:\windows\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w c:\windows\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w c:\windows\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w c:\windows\system32\shsvcs.dll
- 2004-08-04 20:00:00 19,456 ----a-w c:\windows\system32\shutdown.exe
+ 2008-04-14 00:12:35 19,456 ----a-w c:\windows\system32\shutdown.exe
- 2004-08-04 20:00:00 13,312 ----a-w c:\windows\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w c:\windows\system32\sigtab.dll
- 2004-08-04 20:00:00 70,144 ----a-w c:\windows\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w c:\windows\system32\sigverif.exe
- 2004-08-04 20:00:00 26,112 ----a-w c:\windows\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w c:\windows\system32\skeys.exe
- 2004-08-04 20:00:00 25,088 ----a-w c:\windows\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w c:\windows\system32\slayerxp.dll
- 2004-08-04 20:00:00 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w c:\windows\system32\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w c:\windows\system32\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w c:\windows\system32\slgen.dll
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\system32\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w c:\windows\system32\slserv.exe
- 2004-08-04 20:00:00 8,192 ----a-w c:\windows\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ----a-w c:\windows\system32\smbinst.exe
- 2004-08-04 20:00:00 363,008 ----a-w c:\windows\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w c:\windows\system32\smlogcfg.dll
- 2004-08-04 20:00:00 89,600 ----a-w c:\windows\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w c:\windows\system32\smlogsvc.exe
- 2004-08-04 20:00:00 50,688 ----a-w c:\windows\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w c:\windows\system32\smss.exe
- 2004-08-04 20:00:00 131,584 ----a-w c:\windows\system32\sndrec32.exe
+ 2008-04-14 00:12:36 131,584 ----a-w c:\windows\system32\sndrec32.exe
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w c:\windows\system32\snmpapi.dll
- 2004-08-04 20:00:00 182,272 ----a-w c:\windows\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w c:\windows\system32\snmpsnap.dll
- 2004-08-04 20:00:00 23,552 ----a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 24,576 ----a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 7,680 ----a-w c:\windows\system32\spdwnwxp.exe
- 2004-08-04 20:00:00 538,624 ----a-w c:\windows\system32\spider.exe
+ 2008-04-14 00:12:36 538,624 ----a-w c:\windows\system32\spider.exe
- 2004-08-04 20:00:00 11,776 ----a-w c:\windows\system32\spnpinst.exe
+ 2008-04-14 04:42:38 11,264 ----a-w c:\windows\system32\spnpinst.exe
- 2004-08-04 20:00:00 74,752 ----a-w c:\windows\system32\spoolss.dll

[LogMan]

+ 2008-04-14 00:12:06 75,264 ----a-w c:\windows\system32\spoolss.dll
- 2005-06-12 04:53:32 57,856 ----a-w c:\windows\system32\spoolsv.exe
+ 2008-04-14 00:12:36 57,856 ----a-w c:\windows\system32\spoolsv.exe
- 2006-10-08 20:51:14 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-08-10 19:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-04-14 00:12:36 20,992 ------w c:\windows\system32\spupdwxp.exe
- 2004-08-04 20:00:00 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
- 2004-08-04 20:00:00 180,800 ----a-w c:\windows\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w c:\windows\system32\sqlunirl.dll
- 2004-08-04 20:00:00 67,584 ----a-w c:\windows\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w c:\windows\system32\srclient.dll
- 2004-08-04 20:00:00 239,104 ----a-w c:\windows\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w c:\windows\system32\srrstr.dll
- 2004-08-04 20:00:00 170,496 ----a-w c:\windows\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w c:\windows\system32\srsvc.dll
- 2004-12-09 00:32:34 96,768 ----a-w c:\windows\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w c:\windows\system32\srvsvc.dll
- 2004-08-04 20:00:00 704,512 ----a-w c:\windows\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w c:\windows\system32\ss3dfo.scr
- 2004-08-04 20:00:00 19,968 ----a-w c:\windows\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w c:\windows\system32\ssbezier.scr
- 2004-08-04 20:00:00 34,816 ----a-w c:\windows\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w c:\windows\system32\ssdpapi.dll
- 2004-08-04 20:00:00 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
- 2004-08-04 20:00:00 393,216 ----a-w c:\windows\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w c:\windows\system32\ssflwbox.scr
- 2004-08-04 20:00:00 20,992 ----a-w c:\windows\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w c:\windows\system32\ssmarque.scr
- 2004-08-04 20:00:00 47,104 ----a-w c:\windows\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w c:\windows\system32\ssmypics.scr
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w c:\windows\system32\ssmyst.scr
- 2004-08-04 20:00:00 610,304 ----a-w c:\windows\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w c:\windows\system32\sspipes.scr
- 2004-08-04 20:00:00 14,336 ----a-w c:\windows\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w c:\windows\system32\ssstars.scr
- 2004-08-04 20:00:00 679,936 ----a-w c:\windows\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w c:\windows\system32\sstext3d.scr
- 2004-08-04 20:00:00 54,272 ----a-w c:\windows\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w c:\windows\system32\stclient.dll
- 2004-08-04 20:00:00 67,584 ----a-w c:\windows\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w c:\windows\system32\sti.dll
- 2004-08-04 20:00:00 136,704 ----a-w c:\windows\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w c:\windows\system32\sti_ci.dll
- 2004-08-04 20:00:00 14,848 ----a-w c:\windows\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w c:\windows\system32\stimon.exe
- 2004-08-04 20:00:00 121,856 ----a-w c:\windows\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w c:\windows\system32\stobject.dll
- 2004-08-04 07:56:46 74,752 ----a-w c:\windows\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w c:\windows\system32\storprop.dll
- 2006-08-21 08:52:08 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ----a-w c:\windows\system32\strmdll.dll
- 2004-08-04 20:00:00 75,776 ----a-w c:\windows\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w c:\windows\system32\strmfilt.dll
- 2004-08-04 20:00:00 14,336 ----a-w c:\windows\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w c:\windows\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w c:\windows\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w c:\windows\system32\sxs.dll
- 2004-08-04 20:00:00 57,856 ----a-w c:\windows\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\synceng.dll
- 2004-08-04 20:00:00 191,488 ----a-w c:\windows\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w c:\windows\system32\syncui.dll
- 2004-08-04 20:00:00 105,984 ----a-w c:\windows\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w c:\windows\system32\sysocmgr.exe
- 2004-08-04 20:00:00 984,576 ----a-w c:\windows\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w c:\windows\system32\syssetup.dll
- 2005-10-19 02:14:46 118,272 ----a-w c:\windows\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w c:\windows\system32\t2embed.dll
- 2004-08-04 20:00:00 858,624 ----a-w c:\windows\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w c:\windows\system32\tapi3.dll
- 2004-08-04 20:00:00 181,760 ----a-w c:\windows\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w c:\windows\system32\tapi32.dll
- 2005-07-09 21:27:56 249,344 ----a-w c:\windows\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w c:\windows\system32\tapisrv.dll
- 2004-08-04 20:00:00 135,680 ----a-w c:\windows\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w c:\windows\system32\taskmgr.exe
- 2004-08-04 20:00:00 14,848 ----a-w c:\windows\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w c:\windows\system32\tcpmib.dll
- 2004-08-04 20:00:00 45,568 ----a-w c:\windows\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmon.dll
- 2004-08-04 20:00:00 45,568 ----a-w c:\windows\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmonui.dll
- 2005-05-12 04:45:48 75,776 ----a-w c:\windows\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w c:\windows\system32\telnet.exe
- 2004-08-04 20:00:00 358,400 ----a-w c:\windows\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w c:\windows\system32\termmgr.dll
- 2004-08-04 20:00:00 295,424 ----a-w c:\windows\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w c:\windows\system32\termsrv.dll
- 2004-08-04 20:00:00 385,536 ----a-w c:\windows\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w c:\windows\system32\themeui.dll
- 2004-08-04 20:00:00 347,136 ----a-w c:\windows\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w c:\windows\system32\tourstart.exe
- 2004-08-04 20:00:00 12,288 ----a-w c:\windows\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w c:\windows\system32\tracert.exe
- 2004-08-04 20:00:00 11,264 ----a-w c:\windows\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w c:\windows\system32\tree.com
- 2004-08-04 20:00:00 90,624 ----a-w c:\windows\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w c:\windows\system32\trkwks.dll
- 2004-08-04 20:00:00 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
- 2004-08-04 20:00:00 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w c:\windows\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\system32\tspkg.dll
- 2004-08-04 20:00:00 44,032 ----a-w c:\windows\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w c:\windows\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w c:\windows\system32\txflog.dll
- 2008-07-14 11:09:18 62,976 ----a-w c:\windows\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ----a-w c:\windows\system32\tzchange.exe
- 2004-08-04 20:00:00 25,600 ----a-w c:\windows\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w c:\windows\system32\udhisapi.dll
- 2004-08-04 20:00:00 275,456 ----a-w c:\windows\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w c:\windows\system32\ulib.dll
- 2004-08-04 20:00:00 35,840 ----a-w c:\windows\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w c:\windows\system32\umandlg.dll
- 2005-08-24 08:35:42 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
- 2004-08-04 20:00:00 74,240 ----a-w c:\windows\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w c:\windows\system32\unimdmat.dll
- 2004-08-04 20:00:00 13,824 ----a-w c:\windows\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w c:\windows\system32\uniplat.dll
- 2004-08-04 20:00:00 316,416 ----a-w c:\windows\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w c:\windows\system32\untfs.dll
- 2004-08-04 20:00:00 132,608 ----a-w c:\windows\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w c:\windows\system32\upnp.dll
- 2004-08-04 20:00:00 16,896 ----a-w c:\windows\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w c:\windows\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w c:\windows\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w c:\windows\system32\upnphost.dll
- 2004-08-04 20:00:00 239,616 ----a-w c:\windows\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w c:\windows\system32\upnpui.dll
- 2004-08-04 20:00:00 18,432 ----a-w c:\windows\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w c:\windows\system32\ups.exe
- 2004-08-04 20:00:00 16,896 ----a-w c:\windows\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w c:\windows\system32\usbmon.dll
- 2004-08-04 08:56:48 74,240 ----a-w c:\windows\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w c:\windows\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w c:\windows\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w c:\windows\system32\user32.dll
- 2004-08-04 20:00:00 723,456 ----a-w c:\windows\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w c:\windows\system32\userenv.dll
- 2004-08-04 20:00:00 24,576 ----a-w c:\windows\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w c:\windows\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\system32\usmt\cobramsg.dll
- 2004-08-04 20:00:00 123,904 ----a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w c:\windows\system32\usmt\guitrna.dll
- 2004-08-04 20:00:00 4,096 ----a-w c:\windows\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w c:\windows\system32\usmt\iconlib.dll
- 2004-08-04 20:00:00 19,968 ----a-w c:\windows\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\usmt\log.dll
- 2004-08-04 20:00:00 201,216 ----a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w c:\windows\system32\usmt\migisma.dll
- 2004-08-04 20:00:00 103,424 ----a-w c:\windows\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w c:\windows\system32\usmt\migload.exe
- 2004-08-04 20:00:00 240,128 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w c:\windows\system32\usmt\migwiza.exe
- 2004-08-04 20:00:00 202,752 ----a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w c:\windows\system32\usmt\scripta.dll
- 2004-08-04 20:00:00 168,960 ----a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w c:\windows\system32\usmt\sysmoda.dll
- 2004-08-04 20:00:00 406,528 ----a-w c:\windows\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w c:\windows\system32\usp10.dll
- 2004-08-04 20:00:00 50,176 ----a-w c:\windows\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w c:\windows\system32\utilman.exe
- 2004-08-04 20:00:00 218,624 ----a-w c:\windows\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w c:\windows\system32\uxtheme.dll
- 2004-08-04 20:00:00 30,749 ----a-w c:\windows\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w c:\windows\system32\vbajet32.dll
- 2006-11-07 20:03:36 413,696 ----a-w c:\windows\system32\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ----a-w c:\windows\system32\vbscript.dll
- 2004-08-04 20:00:00 26,112 ----a-w c:\windows\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w c:\windows\system32\vdmdbg.dll
- 2004-08-04 20:00:00 51,712 ----a-w c:\windows\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w c:\windows\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ----a-w c:\windows\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ----a-w c:\windows\system32\verclsid.exe
- 2004-08-04 20:00:00 13,312 ----a-w c:\windows\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w c:\windows\system32\verifier.dll
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\version.dll
- 2004-08-03 23:56:48 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
+ 2008-04-14 00:12:08 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
- 2004-08-04 20:00:00 430,592 ----a-w c:\windows\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w c:\windows\system32\vssapi.dll
- 2004-08-04 20:00:00 289,792 ----a-w c:\windows\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w c:\windows\system32\vssvc.exe
- 2004-08-04 20:00:00 174,592 ----a-w c:\windows\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w c:\windows\system32\w32time.dll
- 2004-08-04 20:00:00 15,872 ----a-w c:\windows\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w c:\windows\system32\w3ssl.dll
- 2004-08-04 20:00:00 17,664 ----a-w c:\windows\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w c:\windows\system32\watchdog.sys
- 2004-08-04 20:00:00 208,896 ----a-w c:\windows\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w c:\windows\system32\wavemsp.dll
- 2004-08-04 20:00:00 1,352,192 ----a-w c:\windows\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w c:\windows\system32\wbem\cimwin32.dll
- 2004-08-04 20:00:00 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
- 2004-08-04 20:00:00 22,016 ----a-w c:\windows\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\wbem\evntrprv.dll
- 2004-08-04 20:00:00 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
- 2004-08-04 20:00:00 185,856 ----a-w c:\windows\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w c:\windows\system32\wbem\framedyn.dll
- 2004-08-04 20:00:00 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
- 2004-08-04 20:00:00 16,384 ----a-w c:\windows\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w c:\windows\system32\wbem\mofcomp.exe
- 2004-08-04 20:00:00 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
- 2004-08-04 20:00:00 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
- 2004-08-04 20:00:00 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
- 2004-08-04 20:00:00 237,056 ----a-w c:\windows\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\wbem\provthrd.dll
- 2004-08-04 20:00:00 177,152 ----a-w c:\windows\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w c:\windows\system32\wbem\repdrvfs.dll
- 2004-08-04 20:00:00 36,864 ----a-w c:\windows\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w c:\windows\system32\wbem\scrcons.exe
- 2004-08-04 20:00:00 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
- 2004-08-04 20:00:00 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
- 2004-08-04 20:00:00 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
- 2004-08-04 20:00:00 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
- 2004-08-04 20:00:00 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
- 2004-08-04 20:00:00 530,944 ----a-w c:\windows\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w c:\windows\system32\wbem\wbemcore.dll
- 2004-08-04 20:00:00 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
- 2004-08-04 20:00:00 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
- 2004-08-04 20:00:00 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
- 2004-08-04 20:00:00 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
- 2004-08-04 20:00:00 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
- 2004-08-04 20:00:00 116,224 ----a-w c:\windows\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w c:\windows\system32\wbem\wbemtest.exe
- 2004-08-04 20:00:00 197,120 ----a-w c:\windows\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w c:\windows\system32\wbem\wbemupgd.dll
- 2004-08-04 20:00:00 196,608 ----a-w c:\windows\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w c:\windows\system32\wbem\wmiadap.exe
- 2004-08-04 20:00:00 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll
- 2004-08-04 20:00:00 89,088 ----a-w c:\windows\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w c:\windows\system32\wbem\wmiaprpl.dll
- 2004-08-04 20:00:00 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
- 2004-08-04 20:00:00 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
- 2004-08-04 20:00:00 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
- 2004-08-04 20:00:00 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
- 2004-08-04 20:00:00 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
- 2004-08-04 20:00:00 62,464 ----a-w c:\windows\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w c:\windows\system32\wbem\wmipiprt.dll
- 2004-08-04 20:00:00 62,976 ----a-w c:\windows\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w c:\windows\system32\wbem\wmipjobj.dll
- 2004-08-04 20:00:00 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
- 2004-08-04 20:00:00 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
- 2004-08-04 20:00:00 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
- 2004-08-04 20:00:00 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
- 2004-08-04 20:00:00 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
- 2004-08-04 20:00:00 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
- 2006-03-24 04:37:50 49,152 ----a-w c:\windows\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w c:\windows\system32\wdigest.dll
- 2004-08-04 20:00:00 23,552 ----a-w c:\windows\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w c:\windows\system32\wdmaud.drv
- 2006-01-05 08:35:05 68,096 ----a-w c:\windows\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w c:\windows\system32\webclnt.dll
- 2004-08-04 20:00:00 135,680 ----a-w c:\windows\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w c:\windows\system32\webvw.dll
- 2004-08-04 20:00:00 65,536 ----a-w c:\windows\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w c:\windows\system32\wextract.exe
- 2004-08-04 20:00:00 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
- 2004-08-04 20:00:00 463,360 ----a-w c:\windows\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w c:\windows\system32\wiadefui.dll
- 2004-08-04 20:00:00 124,416 ----a-w c:\windows\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w c:\windows\system32\wiadss.dll
- 2004-08-04 20:00:00 75,776 ----a-w c:\windows\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w c:\windows\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w c:\windows\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w c:\windows\system32\wiaservc.dll
- 2004-08-04 20:00:00 589,312 ----a-w c:\windows\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w c:\windows\system32\wiashext.dll
- 2004-08-04 20:00:00 111,104 ----a-w c:\windows\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w c:\windows\system32\wiavideo.dll
- 2008-03-19 09:47:00 1,845,248 ----a-w c:\windows\system32\win32k.sys
+ 2008-04-13 19:30:10 1,845,632 ----a-w c:\windows\system32\win32k.sys
- 2004-08-04 20:00:00 101,888 ----a-w c:\windows\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w c:\windows\system32\win32spl.dll
- 2004-08-04 20:00:00 937,984 ----a-w c:\windows\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w c:\windows\system32\winbrand.dll
+ 2008-04-14 00:12:08 712,704 ------w c:\windows\system32\windowscodecs.dll
+ 2008-04-14 00:12:08 346,112 ------w c:\windows\system32\windowscodecsext.dll
- 2004-08-04 20:00:00 351,232 ----a-w c:\windows\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w c:\windows\system32\winhttp.dll
- 2004-08-04 20:00:00 32,768 ----a-w c:\windows\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w c:\windows\system32\winipsec.dll
- 2004-08-04 20:00:00 502,272 ----a-w c:\windows\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w c:\windows\system32\winlogon.exe
- 2004-08-04 20:00:00 176,128 ----a-w c:\windows\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w c:\windows\system32\winmm.dll
- 2004-08-04 20:00:00 764,928 ----a-w c:\windows\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w c:\windows\system32\winntbbu.dll
- 2004-08-04 20:00:00 16,896 ----a-w c:\windows\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w c:\windows\system32\winrnr.dll
- 2004-08-04 20:00:00 99,328 ----a-w c:\windows\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w c:\windows\system32\winscard.dll
- 2004-08-04 20:00:00 17,408 ----a-w c:\windows\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w c:\windows\system32\winshfhc.dll
- 2004-08-04 20:00:00 146,432 ----a-w c:\windows\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w c:\windows\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w c:\windows\system32\winsrv.dll
- 2004-08-04 20:00:00 53,760 ----a-w c:\windows\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w c:\windows\system32\winsta.dll
- 2004-08-04 20:00:00 176,640 ----a-w c:\windows\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w c:\windows\system32\wintrust.dll
- 2004-08-04 20:00:00 5,632 ----a-w c:\windows\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w c:\windows\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w c:\windows\system32\wlanapi.dll
- 2004-08-04 20:00:00 172,032 ----a-w c:\windows\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w c:\windows\system32\wldap32.dll
- 2004-08-04 20:00:00 92,672 ----a-w c:\windows\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w c:\windows\system32\wlnotify.dll
- 2004-08-04 20:00:00 5,632 ----a-w c:\windows\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w c:\windows\system32\wmi.dll
- 2004-08-04 20:00:00 20,480 ----a-w c:\windows\system32\wmpcd.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpcd.dll
- 2004-08-04 20:00:00 20,480 ----a-w c:\windows\system32\wmpcore.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpcore.dll
+ 2008-04-14 00:12:09 276,992 ------w c:\windows\system32\wmphoto.dll
- 2004-08-04 20:00:00 20,480 ----a-w c:\windows\system32\wmpui.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpui.dll
- 2004-08-04 20:00:00 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
- 2004-08-04 20:00:00 303,616 ----a-w c:\windows\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w c:\windows\system32\wmstream.dll
- 2004-08-04 20:00:00 264,192 ----a-w c:\windows\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w c:\windows\system32\wow32.dll
- 2004-08-04 20:00:00 32,256 ----a-w c:\windows\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w c:\windows\system32\wpabaln.exe
- 2004-08-04 20:00:00 32,256 ----a-w c:\windows\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w c:\windows\system32\wpnpinst.exe
- 2004-08-04 20:00:00 82,944 ----a-w c:\windows\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w c:\windows\system32\ws2_32.dll
- 2004-08-04 20:00:00 19,968 ----a-w c:\windows\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w c:\windows\system32\ws2help.dll
- 2004-08-04 20:00:00 13,824 ----a-w c:\windows\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w c:\windows\system32\wscntfy.exe
- 2004-08-04 20:00:00 114,688 ----a-w c:\windows\system32\wscript.exe
+ 2008-04-14 00:12:41 155,648 ----a-w c:\windows\system32\wscript.exe
- 2004-08-04 20:00:00 81,408 ----a-w c:\windows\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w c:\windows\system32\wscsvc.dll
- 2004-08-04 20:00:00 108,032 ----a-w c:\windows\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w c:\windows\system32\wshbth.dll
- 2004-08-04 20:00:00 28,672 ----a-w c:\windows\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w c:\windows\system32\wshcon.dll
- 2004-08-04 20:00:00 65,536 ----a-w c:\windows\system32\wshext.dll
+ 2008-04-14 00:12:10 90,112 ----a-w c:\windows\system32\wshext.dll
- 2004-08-04 20:00:00 14,336 ----a-w c:\windows\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w c:\windows\system32\wship6.dll
- 2004-08-05 04:56:48 8,192 ----a-w c:\windows\system32\wshirda.dll
+ 2008-04-14 00:12:10 8,192 ----a-w c:\windows\system32\wshirda.dll
- 2004-08-04 20:00:00 11,776 ----a-w c:\windows\system32\WshRm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w c:\windows\system32\wshrm.dll
- 2004-08-04 20:00:00 19,968 ----a-w c:\windows\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w c:\windows\system32\wshtcpip.dll
- 2004-08-04 20:00:00 42,496 ----a-w c:\windows\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w c:\windows\system32\wsnmp32.dll
- 2004-08-04 20:00:00 22,528 ----a-w c:\windows\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w c:\windows\system32\wsock32.dll
- 2004-08-04 20:00:00 50,688 ----a-w c:\windows\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w c:\windows\system32\wstdecod.dll
- 2004-08-04 20:00:00 18,432 ----a-w c:\windows\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w c:\windows\system32\wtsapi32.dll
- 2004-08-04 20:00:00 6,656 ----a-w c:\windows\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w c:\windows\system32\wuauserv.dll
- 2004-08-04 20:00:00 378,368 ----a-w c:\windows\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w c:\windows\system32\wzcdlg.dll
- 2004-08-04 20:00:00 51,712 ----a-w c:\windows\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w c:\windows\system32\wzcsapi.dll
- 2004-08-04 20:00:00 359,936 ----a-w c:\windows\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w c:\windows\system32\wzcsvc.dll
- 2004-08-04 20:00:00 91,648 ----a-w c:\windows\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w c:\windows\system32\xactsrv.dll
- 2004-08-04 20:00:00 30,720 ----a-w c:\windows\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w c:\windows\system32\xcopy.exe
- 2006-07-14 15:51:51 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2008-04-14 00:12:11 121,856 ----a-w c:\windows\system32\xmllite.dll
- 2004-08-04 20:00:00 129,536 ----a-w c:\windows\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w c:\windows\system32\xmlprov.dll
- 2004-08-04 20:00:00 50,176 ----a-w c:\windows\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w c:\windows\system32\xmlprovi.dll

[LogMan]

- 2006-03-01 19:42:42 11,776 ----a-w c:\windows\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w c:\windows\system32\xolehlp.dll
- 2004-08-04 20:00:00 438,784 ----a-w c:\windows\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w c:\windows\system32\xpob2res.dll
- 2004-08-04 20:00:00 187,392 ----a-w c:\windows\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w c:\windows\system32\xpsp1res.dll
- 2004-08-04 20:00:00 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
- 2007-10-29 10:04:03 350,720 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w c:\windows\system32\xpsp3res.dll
- 2004-08-04 20:00:00 337,920 ----a-w c:\windows\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w c:\windows\system32\zipfldr.dll
- 2004-08-04 20:00:00 50,688 ----a-w c:\windows\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w c:\windows\twain_32.dll
- 2004-08-04 20:00:00 283,648 ----a-w c:\windows\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w c:\windows\winhlp32.exe
- 2007-01-19 20:15:24 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.26005512_x-ww_dfb54e0c\GdiPlus.dll
- 2004-08-04 20:00:00 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2004-08-04 20:00:00 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2004-08-04 20:00:00 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll

-- Snapshot reset to current date --

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
2008-04-02 13:24 266240 --a------ c:\program files\Epson Software\Easy Photo Print\EPTBL.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"= "c:\program files\Epson Software\Easy Photo Print\EPTBL.dll" [2008-04-02 266240]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"EPSON Stylus Photo PX700W(Network)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE" [2008-04-07 188928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BisonTrayIcon"="c:\windows\BisonCam\BisonTrayIcon.exe" [2005-09-06 45056]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-29 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-29 602182]
"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2005-12-29 569413]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-18 7585792]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-08-11 786521]
"RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" [2005-09-22 1695744]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-07-18 116072]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-08 c:\windows\system32\HdAShCut.exe]
"CHotkey"="mHotkey.exe" [2001-12-27 c:\windows\mHotkey.exe]
"nwiz"="nwiz.exe" [2007-06-18 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-18 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 1232896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 c:\windows\system32\narrator.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [7/16/2006 4:33:36 PM 626176]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [4/6/2003 12:17:18 AM 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [4/6/2003 12:06:58 AM 28672]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2/13/2001 12:01:04 AM 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat"=
"c:\\Program Files\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\patchget.dat"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=

S3 EraserUtilDrvI7;EraserUtilDrvI7;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI7.sys []
S3 Ktp;Elantech Touchpad;c:\windows\system32\DRIVERS\Ktp.sys [5/26/2006 1:52:18 PM 27520]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32a0d2e2-14f3-11dc-a602-806d6172696f}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3ee31c0-a62e-11db-88a6-806d6172696f}]
\Shell\AutoRun\command - D:\Info.exe folder.htt 480 480

*Newly Created Service* - COMHOST

Contents of the 'Scheduled Tasks' folder

2008-10-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2007-10-09 c:\windows\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1183315902.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 23:52]


**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-29 19:27:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-11-29 19:28:51
ComboFix-quarantined-files.txt 2008-11-29 19:27:50
ComboFix2.txt 2008-11-29 17:42:38

Pre-Run: 60,697,444,352 bytes free
Post-Run: 60,731,465,728 bytes free

4543 --- E O F --- 2008-09-25 21:56:38

[pskelley]

Thanks for returning your information, let's wrapup like this.

Remove combofix from the computer like this:

Click START then RUN
Now type or copy Combofix /u in the runbox and click OK.
Note the space between the X and the U, it needs to be there.



Clean the System Restore files like this:

Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Reboot

Turn ON System Restore,
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

Update MBAM and scan to be sure we missed none of the junk, there is no need to post a clean scan result.

Update the antivirus and scan the system, to be sure it is running right and scanning clean. If you have problems with the program, contact tech support for instructions.
http://www.symantec.com/enterprise/support/index.jsp

If all is well at this point, let me know and I will close the topic.

Some good information for you:
http://users.telenet.be/bluepatchy/m...wcomputer.html
http://www.microsoft.com/windowsxp/u...s/mcgill1.mspx

Here is some great information from experts in this field that will help you stay clean and safe online.
http://users.telenet.be/bluepatchy/m...revention.html
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

http://www.malwarecomplaints.info/

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.

http://users.telenet.be/bluepatchy/m...oes/Links.html

[LogMan]

All fixed now - thanks very much for all your help!