virtumonde: help!

acasey · Nov 12, 2008

Hi there,

My PC got the virtumonde virus about 6 months ago and you guys helped me get it off, but I've got it again! I have no idea how this happened. I would really appreciate your help. Here is my hijack this log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:16:56 AM, on 13/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FIREPOD.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Qualcomm\Eudora\Eudora.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [FIREPOD] C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FIREPOD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: FirePod Control Panel.lnk = C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FirePod.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {CAFECAFE-0013-0001-0006-ABCDEFABCDEF} (JInitiator 1.3.1.6) -
O16 - DPF: {CAFECAFE-0013-0001-0025-ABCDEFABCDEF} (JInitiator 1.3.1.25) - http://apus.its.deakin.edu.au:8103/forms/jinitiator/jinit.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9AE95BCB-6F45-4E3F-B4A8-BF66FF367064}: NameServer = 85.255.112.101;85.255.112.8
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll kecxye.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M4iPodWPDService - Mediafour Corporation - C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd. - C:\WINDOWS\system32\PDFCreatorMessages.exe

--
End of file - 7077 bytes

cheers,

Adam

ken545 · Nov 13, 2008

Hello Adam

Welcome to Safer Networking.

Please read Before You Post
That said, All advice given by anyone volunteering here, is taken at your own risk.
While best efforts are made to assist in removing infections safely, unexpected stuff can happen.
It is advisable that you back up your personal data before starting any clean up procedure.

I am looking at one , possibly two infections on this computer, let do this.

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
"AppInit_DLLs"="avgrsstx.dll"

Copy the entire contents inside the Quote box and Paste it into Notepad ( this will only work with Notepad ) name the file Regfix.reg and in the drop down box, save it as All Files. Save it to your desktop. Then Rightclick on the Regfix.reg file and click on Merge, when it asks you to merge with the Registry, say yes.

If you saved the file correctly it should look like this

Please download ATF Cleaner by Atribune to your desktop.

This program is for XP and Windows 2000 only
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.<-- Don't forget this
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and Paste the entire report in your next reply along with a New Hijackthis log.

acasey · Nov 13, 2008

Okay, the malware program wouldn't update. Nothing is updating on my computer since I got this virus (my virus checker, adobe updater and other things just won't update). I ran a scan anyway and it found infections. Here is the log, followed by the hijack this log.

cheers,

Adam

Malwarebytes' Anti-Malware 1.30
Database version: 1306
Windows 5.1.2600 Service Pack 3

13/11/2008 5:04:47 PM
mbam-log-2008-11-13 (17-04-47).txt

Scan type: Quick Scan
Objects scanned: 46695
Time elapsed: 7 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b7f824fa-115a-444d-b5b3-94f4a34a72d2} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b7f824fa-115a-444d-b5b3-94f4a34a72d2} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9ae95bcb-6f45-4e3f-b4a8-bf66ff367064}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.101;85.255.112.8 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9ae95bcb-6f45-4e3f-b4a8-bf66ff367064}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.101;85.255.112.8 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{9ae95bcb-6f45-4e3f-b4a8-bf66ff367064}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.101;85.255.112.8 -> Quarantined and deleted successfully.

Folders Infected:
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\kecxye.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ekyekpne.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\BMd72c59d8.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

****

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:12:09 PM, on 13/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FIREPOD.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgupd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [FIREPOD] C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FIREPOD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: FirePod Control Panel.lnk = C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FirePod.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {CAFECAFE-0013-0001-0006-ABCDEFABCDEF} (JInitiator 1.3.1.6) -
O16 - DPF: {CAFECAFE-0013-0001-0025-ABCDEFABCDEF} (JInitiator 1.3.1.25) - http://apus.its.deakin.edu.au:8103/forms/jinitiator/jinit.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M4iPodWPDService - Mediafour Corporation - C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd. - C:\WINDOWS\system32\PDFCreatorMessages.exe

--
End of file - 7224 bytes

ken545 · Nov 13, 2008

Good Morning,

More to do.

This tool needs to be run from Safemode to be effective so download it to your desktop then boot to Safemode to run it

To Enter Safemode

Go to Start> Shut off your Computer> Restart

As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.

Use the Up and Down Arrow Keys to scroll up to Safemode

Then press the Enter Key on your Keyboard

Tutorial if you need it How to boot into Safemode

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :

Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

acasey · Nov 13, 2008

Okay, all done: here is the report.txt log, followed by a new hijack this log.

SDFix: Version 1.240
Run by Adam on Thu 13/11/2008 at 08:45 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\WINDOWS\system32\drivers\setup\cmd.txt - Deleted
C:\WINDOWS\system32\drivers\setup\hosts\server.txt - Deleted
C:\WINDOWS\system32\drivers\setup\irc\server.txt - Deleted
C:\WINDOWS\system32\drivers\setup\mswinsck.ocx - Deleted
C:\WINDOWS\system32\drivers\setup\servers.txt - Deleted
C:\WINDOWS\system32\drivers\setup\startup.reg - Deleted

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-13 20:55:55
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\DC++\\DCPlusPlus.exe"="C:\\Program Files\\DC++\\DCPlusPlus.exe:*:Enabled

C++"
"C:\\Program Files\\WS_FTP\\WS_FTP95.exe"="C:\\Program Files\\WS_FTP\\WS_FTP95.exe:*:Enabled:WS_FTP 95"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*

isabled:Firefox"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*

isabled

xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*

isabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*

isabled:Yahoo! Messenger"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE"="C:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE:*:Enabled:Microsoft Office FrontPage"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled

xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled

xpsp2res.dll,-22019"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled

xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled

xpsp3res.dll,-20000"

Remaining Files :

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Fri 20 Jun 2008 211 A.SH. --- "C:\BOOT.BAK"
Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
Thu 14 Aug 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Wed 30 Jul 2008 4,891,984 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Sun 19 Feb 2006 2,668 A..H. --- "C:\Program Files\SuperGOO\MetaImage.dll"
Sat 26 Jul 2008 76,800 ...H. --- "C:\Documents and Settings\Adam\Desktop\~WRL0001.tmp"
Fri 6 Jun 2008 1,294 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti11.tmp"
Fri 13 Jun 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Fri 7 Nov 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9508b4e5ba6851c2778692a72a1c6e54\BITB.tmp"
Fri 18 Jul 2008 422,400 ...H. --- "C:\Documents and Settings\Adam\My Documents\Jenny\RESUMES\~WRL0003.tmp"
Sat 19 Jul 2008 422,400 ...H. --- "C:\Documents and Settings\Adam\My Documents\Jenny\RESUMES\~WRL0004.tmp"
Tue 16 Aug 2005 23,040 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\exegesis\~WRL0809.tmp"
Tue 16 Aug 2005 20,992 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\exegesis\~WRL1042.tmp"
Tue 16 Aug 2005 19,456 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\exegesis\~WRL2222.tmp"
Tue 21 Sep 2004 115,712 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL0073.tmp"
Tue 5 Apr 2005 271,872 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL0179.tmp"
Tue 21 Sep 2004 114,176 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL0434.tmp"
Mon 4 Apr 2005 268,288 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL0868.tmp"
Tue 21 Sep 2004 112,640 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL0917.tmp"
Tue 21 Sep 2004 114,176 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1038.tmp"
Tue 21 Sep 2004 114,688 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1069.tmp"
Tue 21 Sep 2004 114,176 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1258.tmp"
Tue 21 Sep 2004 114,176 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1309.tmp"
Tue 21 Sep 2004 114,688 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1503.tmp"
Tue 21 Sep 2004 116,224 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1599.tmp"
Tue 21 Sep 2004 113,152 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1707.tmp"
Tue 21 Sep 2004 114,688 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1768.tmp"
Tue 21 Sep 2004 112,640 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1832.tmp"
Tue 21 Sep 2004 112,640 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL1872.tmp"
Tue 21 Sep 2004 114,176 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL2141.tmp"
Tue 21 Sep 2004 115,200 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL2249.tmp"
Tue 21 Sep 2004 115,712 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL2460.tmp"
Tue 21 Sep 2004 113,664 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL2474.tmp"
Tue 21 Sep 2004 114,176 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL2574.tmp"
Tue 21 Sep 2004 113,664 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL2877.tmp"
Tue 21 Sep 2004 111,104 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3057.tmp"
Tue 21 Sep 2004 113,152 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3231.tmp"
Tue 21 Sep 2004 115,712 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3355.tmp"
Tue 21 Sep 2004 115,712 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3391.tmp"
Tue 21 Sep 2004 114,688 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3511.tmp"
Tue 21 Sep 2004 114,688 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3576.tmp"
Tue 21 Sep 2004 115,200 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3582.tmp"
Tue 21 Sep 2004 114,176 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3599.tmp"
Tue 21 Sep 2004 115,200 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3604.tmp"
Tue 21 Sep 2004 115,712 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3608.tmp"
Tue 21 Sep 2004 112,128 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3655.tmp"
Tue 21 Sep 2004 113,152 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\fiction\~WRL3997.tmp"
Fri 14 Sep 2007 2,863,104 A..H. --- "C:\Documents and Settings\Adam\My Documents\PhD\Final submission\~WRL0303.tmp"

Finished!

***

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:07:14 PM, on 13/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FIREPOD.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [FIREPOD] C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FIREPOD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: FirePod Control Panel.lnk = C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FirePod.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {CAFECAFE-0013-0001-0006-ABCDEFABCDEF} (JInitiator 1.3.1.6) -
O16 - DPF: {CAFECAFE-0013-0001-0025-ABCDEFABCDEF} (JInitiator 1.3.1.25) - http://apus.its.deakin.edu.au:8103/forms/jinitiator/jinit.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M4iPodWPDService - Mediafour Corporation - C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd. - C:\WINDOWS\system32\PDFCreatorMessages.exe

--
End of file - 7204 bytes

ken545 · Nov 13, 2008

Hi,

C:\\Program Files\\uTorrent<---You may have had this installed at one time, I want to point out the dangers of using P2P (File Sharing Programs) as right now there the latest avenue of attack by Malware writers. Downloading that song from and unknown source is most likely illegal and with the threats out there its kind of like playing Russian Roulette.

We have noticed that many people seeking help from us are coming with infections contracted from the use of P2P programs.

Because of this, we changed our malware forum's policy on the use of P2P file sharing programs.

If your helper detects the presence of such programs on your computer he/she will ask you to remove them. Help will be withdrawn should you not agree to their removal.

If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programs, volunteer analysts will refuse their help.

We do not ask you to do this without reason.

P2P (File Sharing ) programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P program is not configured correctly you may be sharing more files than you realise. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.

This article from InfoWorld illustrates the dangers of a poorly configured P2P program.
http://www.infoworld.com/article/07/09/06/...ID-theft_1.html

When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.

You need to enable windows to show all files and folders, instructions Here

Go to VirusTotal and submit this file for analysis, just use the browse feature and then Send File, you will get a report back, post the report into this thread for me to see.

C:\\Program Files\DC++\DCPlusPlus.exe

With the infections you had on this system, there may be more that we can't see, please run this tool.

A word of warning: Neither this forum, I nor sUBs will be responsible for any damage you may cause your machine by running ComboFix on your own. This tool is not a toy and not for everyday use

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a New Hijackthis log.

*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.

acasey · Nov 13, 2008

Okay, please find pasted below the report from VirusTotal I will post the other logs in another post as they wouldn't all fit in here.

File DCPlusPlus.exe received on 08.29.2008 03:37:58 (CET)
Current status: finished
Result: 0/36 (0.00%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.8.29.0 2008.08.28 -
AntiVir 7.8.1.23 2008.08.28 -
Authentium 5.1.0.4 2008.08.29 -
Avast 4.8.1195.0 2008.08.28 -
AVG 8.0.0.161 2008.08.29 -
BitDefender 7.2 2008.08.29 -
CAT-QuickHeal 9.50 2008.08.26 -
ClamAV 0.93.1 2008.08.29 -
DrWeb 4.44.0.09170 2008.08.28 -
eSafe 7.0.17.0 2008.08.28 -
eTrust-Vet 31.6.6054 2008.08.28 -
Ewido 4.0 2008.08.28 -
F-Prot 4.4.4.56 2008.08.28 -
F-Secure 7.60.13501.0 2008.08.28 -
Fortinet 3.14.0.0 2008.08.29 -
GData 19 2008.08.29 -
Ikarus T3.1.1.34.0 2008.08.29 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.29 -
McAfee 5372 2008.08.28 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3397 2008.08.28 -
Norman 5.80.02 2008.08.28 -
Panda 9.0.0.4 2008.08.29 -
PCTools 4.4.2.0 2008.08.28 -
Prevx1 V2 2008.08.29 -
Rising 20.59.31.00 2008.08.28 -
Sophos 4.33.0 2008.08.29 -
Sunbelt 3.1.1582.1 2008.08.26 -
Symantec 10 2008.08.29 -
TheHacker 6.3.0.6.064 2008.08.27 -
TrendMicro 8.700.0.1004 2008.08.28 -
VBA32 3.12.8.4 2008.08.29 -
ViRobot 2008.8.28.1353 2008.08.28 -
VirusBuster 4.5.11.0 2008.08.28 -
Webwasher-Gateway 6.6.2 2008.08.28 -
Additional information
File size: 5571584 bytes
MD5...: 57db49071ff9eeb91e0072561691172f
SHA1..: 11f320b75e2c17d333dafe85ebd71635e304b799
SHA256: b168dede53b12bb7d38ab1f35627812ad3a66874bc42d691f422ab3c4e44c6af
SHA512: 42a66b1cdf4f065bc4693529f285752bc12aa7ce9bafb93386ec69a4fdad852d
4f04dd87d80fecdf8f580347b19c2af22ed0fe0f74cdc56d99eee36bfcb4e131
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (51.6%)
Windows Screen Saver (17.9%)
Win32 Executable Generic (11.6%)
Win32 Dynamic Link Library (generic) (10.3%)
Win16/32 Executable Delphi generic (2.8%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4012a0
timedatestamp.....: 0x485e12d6 (Sun Jun 22 08:52:38 2008)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x443674 0x443800 6.39 b2e831ae6e8d93c4218657b36073d17f
.data 0x445000 0xef70 0xf000 5.43 1538c7162a06313f7ea33bdbaff9fd34
.rdata 0x454000 0xd49dc 0xd4a00 5.59 b4fceed0b0a6aa1ec5718fc2f240ee47
.bss 0x529000 0xa810 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x534000 0x329c 0x3400 5.11 b187214894fb0e43928bf2e74b2730a2
.rsrc 0x538000 0x25848 0x25a00 5.44 672016fde9bfc93e445e51a0a21060ba

( 15 imports )
> ADVAPI32.DLL: DeregisterEventSource, RegCloseKey, RegCreateKeyExW, RegOpenKeyExA, RegOpenKeyExW, RegQueryValueExA, RegQueryValueExW, RegSetValueExW, RegisterEventSourceA, ReportEventA
> COMCTL32.DLL: ImageList_Add, ImageList_AddMasked, ImageList_Create, ImageList_Destroy, ImageList_GetBkColor, ImageList_GetIcon, ImageList_GetIconSize, ImageList_GetImageCount, ImageList_ReplaceIcon, ImageList_SetBkColor, ImageList_SetImageCount, InitCommonControlsEx
> COMDLG32.DLL: ChooseColorW, ChooseFontW, GetOpenFileNameW, GetSaveFileNameW
> GDI32.dll: BitBlt, CreateBitmap, CreateCompatibleBitmap, CreateCompatibleDC, CreateDCA, CreateFontIndirectW, CreatePen, CreatePolygonRgn, CreateSolidBrush, DeleteDC, DeleteObject, Ellipse, ExtFloodFill, ExtTextOutW, GetBitmapBits, GetBkColor, GetClipBox, GetDeviceCaps, GetObjectA, GetObjectW, GetPixel, GetROP2, GetStockObject, GetTextExtentPoint32W, GetTextMetricsW, InvertRgn, LineTo, MoveToEx, Polygon, Rectangle, SelectObject, SetBkColor, SetBkMode, SetPixel, SetROP2, SetTextAlign, SetTextColor, StretchBlt
> KERNEL32.dll: CloseHandle, CopyFileW, CreateDirectoryW, CreateEventW, CreateFileW, CreateMutexW, CreateSemaphoreA, CreateSemaphoreW, CreateThread, DeleteCriticalSection, DeleteFileW, EnterCriticalSection, ExitProcess, FindClose, FindFirstFileA, FindFirstFileW, FindNextFileA, FindNextFileW, FlushFileBuffers, FormatMessageA, FormatMessageW, FreeLibrary, GetCommandLineA, GetCommandLineW, GetCurrentDirectoryW, GetCurrentProcessId, GetCurrentThreadId, GetDiskFreeSpaceW, GetFileSize, GetFileTime, GetFileType, GetLastError, GetLocaleInfoW, GetModuleFileNameW, GetModuleHandleA, GetModuleHandleW, GetNumberFormatW, GetOverlappedResult, GetProcAddress, GetShortPathNameW, GetStartupInfoA, GetStdHandle, GetTempPathW, GetThreadLocale, GetTickCount, GetVersion, GetVersionExA, GetVersionExW, GlobalAddAtomW, GlobalAlloc, GlobalDeleteAtom, GlobalLock, GlobalMemoryStatus, GlobalUnlock, InitializeCriticalSection, InterlockedDecrement, InterlockedExchange, InterlockedIncrement, IsDBCSLeadByteEx, LeaveCriticalSection, LoadLibraryA, LoadLibraryW, LocalFree, MoveFileW, MultiByteToWideChar, QueryPerformanceCounter, ReadFile, ReleaseSemaphore, ResetEvent, SetCurrentDirectoryW, SetEndOfFile, SetErrorMode, SetEvent, SetFilePointer, SetLastError, SetThreadPriority, SetUnhandledExceptionFilter, Sleep, SystemTimeToFileTime, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, VirtualAlloc, VirtualFree, WaitForSingleObject, WideCharToMultiByte, WriteFile, lstrcmpW, lstrcmpiW
> mingwm10.dll: __mingwthr_key_dtor
> msvcrt.dll: _close, _fdopen, _fstat, _getch, _getcwd, _open, _putenv, _read, _setmode, _stat, _strdup, _write
> msvcrt.dll: __getmainargs, __lc_codepage, __mb_cur_max, __p__environ, __p__fmode, __set_app_type, _atoi64, _cexit, _errno, _iob, _isctype, _msize, _onexit, _pctype, _setmode, _snprintf, _snwprintf, _stricmp, _vsnprintf, _vsnwprintf, _wtoi, abort, atexit, atof, atoi, bsearch, calloc, ceil, exit, fclose, fflush, fgetc, fgets, fopen, fprintf, fputc, fputs, fputwc, fread, free, fseek, ftell, fwrite, getenv, gmtime, iswctype, localeconv, localtime, log, malloc, memchr, memcpy, memmove, memset, putc, qsort, realloc, setlocale, signal, sprintf, sscanf, strcat, strchr, strcmp, strcoll, strcpy, strerror, strftime, strlen, strncmp, strncpy, strrchr, strstr, strtod, strtol, strtoul, strxfrm, swscanf, time, tolower, towlower, towupper, ungetc, vfprintf, vfwprintf, vsprintf, wcschr, wcscoll, wcscpy, wcsftime, wcslen, wcsncmp, wcsncpy, wcsstr, wcsxfrm
> OLE32.dll: CLSIDFromString, CoCreateInstance, CoInitializeEx, CoTaskMemFree, CoUninitialize
> OLEAUT32.DLL: SysAllocString, SysFreeString
> SHELL32.DLL: DragFinish, DragQueryFileW, DragQueryPoint, SHBindToParent, SHBrowseForFolderW, SHGetDesktopFolder, SHGetFileInfoW, SHGetFolderPathW, SHGetMalloc, SHGetPathFromIDListW, SHGetSpecialFolderLocation, ShellExecuteW, Shell_NotifyIconW
> SHLWAPI.DLL: PathIsDirectoryW, SHDeleteKeyW
> USER32.dll: BeginPaint, CallWindowProcW, CharLowerW, CheckDlgButton, CheckMenuItem, CheckRadioButton, ClientToScreen, CloseClipboard, CreateDialogParamW, CreateMenu, CreatePopupMenu, CreateWindowExW, DefWindowProcW, DestroyIcon, DestroyMenu, DialogBoxIndirectParamW, DialogBoxParamW, DispatchMessageW, DrawFrameControl, DrawTextW, EmptyClipboard, EnableMenuItem, EnableWindow, EndDialog, EndPaint, EnumWindows, FillRect, FindWindowExW, GetClassInfoExW, GetClientRect, GetCursorPos, GetDC, GetDesktopWindow, GetDlgItem, GetDlgItemTextW, GetFocus, GetGUIThreadInfo, GetKeyState, GetMenu, GetMenuDefaultItem, GetMenuItemCount, GetMenuItemID, GetMenuItemInfoW, GetMenuState, GetMenuStringW, GetMessagePos, GetNextDlgTabItem, GetProcessWindowStation, GetPropW, GetScrollBarInfo, GetScrollInfo, GetSubMenu, GetSysColor, GetSysColorBrush, GetSystemMetrics, GetUserObjectInformationW, GetWindow, GetWindowContextHelpId, GetWindowLongW, GetWindowPlacement, GetWindowRect, HideCaret, InsertMenuItemW, IsChild, IsDialogMessageW, IsDlgButtonChecked, IsIconic, IsWindowVisible, IsZoomed, KillTimer, LoadAcceleratorsW, LoadCursorW, LoadIconW, LoadImageW, MapWindowPoints, MessageBeep, MessageBoxA, MessageBoxW, MoveWindow, MsgWaitForMultipleObjectsEx, OpenClipboard, PeekMessageW, PostMessageW, PostQuitMessage, PtInRect, RedrawWindow, RegisterClassExW, RegisterWindowMessageW, ReleaseCapture, ReleaseDC, RemoveMenu, ScreenToClient, ScrollWindow, SendMessageTimeoutW, SendMessageW, SetCapture, SetClipboardData, SetDlgItemInt, SetDlgItemTextW, SetFocus, SetForegroundWindow, SetMenu, SetMenuDefaultItem, SetMenuItemInfoW, SetProcessDefaultLayout, SetPropW, SetTimer, SetWindowContextHelpId, SetWindowLongW, SetWindowPos, ShowWindow, SystemParametersInfoW, TrackPopupMenu, TranslateAcceleratorW, TranslateMessage, UnregisterClassW
> WINMM.DLL: PlaySoundW
> WS2_32.DLL: WSAAsyncSelect, WSACleanup, WSAGetLastError, WSASetLastError, WSAStartup, __WSAFDIsSet, accept, bind, closesocket, connect, gethostbyname, gethostname, getsockname, getsockopt, htonl, htons, inet_addr, inet_ntoa, ioctlsocket, listen, ntohl, ntohs, recv, recvfrom, select, send, sendto, setsockopt, shutdown, socket

( 0 exports )

acasey · Nov 13, 2008

And here is the hijack this log. I'm having trouble getting the combofix log up: it's saying it's too long and I need to cut it down.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:27 AM, on 14/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\AVG\AVG8\avgupd.exe
C:\Program Files\Windows Defender\MpCmdRun.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [FIREPOD] C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FIREPOD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: FirePod Control Panel.lnk = C:\Program Files\PreSonus\1394AudioDriver_FIREPOD\FirePod.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {CAFECAFE-0013-0001-0006-ABCDEFABCDEF} (JInitiator 1.3.1.6) -
O16 - DPF: {CAFECAFE-0013-0001-0025-ABCDEFABCDEF} (JInitiator 1.3.1.25) - http://apus.its.deakin.edu.au:8103/forms/jinitiator/jinit.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M4iPodWPDService - Mediafour Corporation - C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd. - C:\WINDOWS\system32\PDFCreatorMessages.exe

--
End of file - 7041 bytes

acasey · Nov 13, 2008

...and part one of the combofix log (too long to all fit in here).

ComboFix 08-11-11.01 - Adam 2008-11-13 23:44:50.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.616 [GMT 11:00]
Running from: c:\documents and settings\Adam\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

M:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-10-13 to 2008-11-13 )))))))))))))))))))))))))))))))
.

2008-11-13 20:44 . 2008-11-13 20:44 578,560 --a--c--- c:\windows\system32\dllcache\user32.dll
2008-11-13 20:40 . 2008-11-13 20:40 <DIR> d-------- c:\windows\ERUNT
2008-11-13 20:38 . 2008-11-13 21:01 <DIR> d-------- C:\SDFix
2008-11-13 17:26 . 2008-09-05 04:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-13 17:26 . 2008-10-24 22:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-13 15:47 . 2008-11-13 15:47 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-13 15:47 . 2008-10-22 16:28 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-13 15:47 . 2008-10-22 16:28 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-13 15:23 . 2008-11-13 15:24 <DIR> d-------- c:\documents and settings\Adam\Application Data\Media Player Classic
2008-11-12 12:26 . 2008-11-12 12:26 120 --ahs---- c:\windows\system32\uibjuugd.ini
2008-11-07 18:56 . 2008-11-07 18:56 1,460 --a------ c:\windows\system32\dplmaspk.dll
2008-11-07 18:53 . 2008-11-07 18:53 1,460 --a------ c:\windows\system32\ndbxhtvb.dll
2008-11-07 18:47 . 2008-11-07 18:47 102,912 --a------ c:\windows\system32\qeeifywp.dll
2008-11-07 18:47 . 2008-11-07 18:47 102,912 --a------ c:\windows\system32\pbophh.dll
2008-11-07 18:42 . 2008-11-13 17:15 <DIR> d-------- c:\windows\system32\drivers\Avg
2008-11-07 18:42 . 2008-11-07 18:42 <DIR> d-------- c:\documents and settings\Adam\Application Data\AVGTOOLBAR
2008-11-07 18:42 . 2008-11-13 17:13 98,440 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-11-07 18:42 . 2008-11-13 17:13 90,632 --a------ c:\windows\system32\drivers\avgtdix.sys
2008-11-07 18:42 . 2008-11-13 17:13 50,968 --a------ c:\windows\system32\avgfwdx.dll
2008-11-07 18:42 . 2008-11-13 17:13 29,208 --a------ c:\windows\system32\drivers\avgfwdx.sys
2008-11-07 18:42 . 2008-11-07 18:42 12,936 --a------ c:\windows\system32\drivers\avgrkx86.sys
2008-11-07 18:42 . 2008-11-07 18:42 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-11-07 17:26 . 2008-11-07 17:26 <DIR> d-------- c:\program files\Microsoft.NET
2008-11-07 17:23 . 2008-11-07 17:23 <DIR> d-------- c:\windows\SHELLNEW
2008-10-30 20:12 . 2008-10-30 20:12 <DIR> d-------- c:\program files\TRELLIAN
2008-10-24 14:30 . 2008-10-24 14:31 <DIR> d-------- c:\program files\iTunes
2008-10-24 14:30 . 2008-10-24 14:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-24 06:40 . 2008-10-16 03:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-15 06:06 . 2008-08-14 21:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-15 06:06 . 2008-08-14 21:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-15 06:06 . 2008-08-14 20:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-15 06:06 . 2008-08-14 20:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-15 06:06 . 2008-09-15 23:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-10-15 06:06 . 2008-09-08 21:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-13 06:37 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-12 08:00 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-07 12:57 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-11-07 07:53 --------- d-----w c:\documents and settings\Adam\Application Data\uTorrent
2008-11-07 07:42 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-11-07 06:28 --------- d-----w c:\program files\Microsoft Works
2008-11-01 23:04 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-01 22:51 --------- d-----w c:\program files\Pivot Stickfigure Animator
2008-10-30 20:10 --------- d-----w c:\program files\DC++
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 03:30 --------- d-----w c:\program files\iPod
2008-10-10 10:19 --------- d-----w c:\program files\Java
2008-10-01 06:11 --------- d-----w c:\program files\Activision
2008-10-01 01:56 --------- d--h--w c:\program files\InstallShield Installation Information
2008-09-30 08:51 --------- d-----w c:\documents and settings\Adam\Application Data\Mediafour
2008-09-24 22:19 --------- d-----w c:\documents and settings\Adam\Application Data\Cakewalk
2008-09-24 22:17 118,784 ----a-w c:\windows\dsdxirmv.exe
2008-09-24 22:07 --------- d-----w c:\program files\Cakewalk
2008-09-24 21:44 --------- d-----w c:\program files\Bonjour
2008-09-24 21:43 --------- d-----w c:\program files\QuickTime
2008-08-24 05:19 23 ----a-w c:\documents and settings\Adam\jagex_runescape_preferences.dat
.

((((((((((((((((((((((((((((( snapshot@2008-06-19_11.51.52.79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:30:08 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:49 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:42:10 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-07-07 20:06:43 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:39:39 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 14:22:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:31 755,576 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-13 09:52:16 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-13 11:05:51 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-13 11:27:43 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2006-08-16 12:08:32 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2008-05-09 10:45:15 512,000 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-09 10:45:16 180,224 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:45:16 172,032 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:45:16 430,080 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:45:17 90,112 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wshext.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951978\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951978\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951978\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB951978\update\updspapi.dll
+ 2008-05-01 15:04:00 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:33:02 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:38:05 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:28:00 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:01:38 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 16:01:38 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:01:39 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 16:01:39 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 16:01:39 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 16:01:39 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 16:01:39 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 16:01:40 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 16:01:40 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 16:01:43 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 16:01:43 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 16:01:44 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 16:01:46 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 16:01:46 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 16:01:46 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 16:01:49 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 16:01:49 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 16:01:49 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 16:01:50 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 16:01:50 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 16:01:50 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 16:01:50 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 16:01:51 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 16:01:51 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 16:01:51 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2004-08-03 13:10:08 53,248 -c----w c:\windows\$NtServicePackUninstall$\1394bus.sys
+ 2006-08-16 11:58:05 100,352 -c----w c:\windows\$NtServicePackUninstall$\6to4svc.dll
+ 2006-10-04 14:05:26 39,424 -c----w c:\windows\$NtServicePackUninstall$\acadproc.dll
+ 2006-10-04 14:05:26 39,424 -c----w c:\windows\$NtServicePackUninstall$\acadproc.dll.000
+ 2004-08-04 12:00:00 183,808 -c----w c:\windows\$NtServicePackUninstall$\accwiz.exe
+ 2004-08-04 12:00:00 1,852,416 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll
+ 2004-08-04 12:00:00 1,852,416 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll.000
+ 2004-08-04 12:00:00 450,048 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll
+ 2004-08-04 12:00:00 450,048 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll.000
+ 2004-08-04 12:00:00 137,728 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll
+ 2004-08-04 12:00:00 137,728 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll.000
+ 2004-08-04 12:00:00 114,688 -c----w c:\windows\$NtServicePackUninstall$\aclui.dll
+ 2004-08-04 12:00:00 187,776 -c----w c:\windows\$NtServicePackUninstall$\acpi.sys
+ 2004-08-04 12:00:00 244,736 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll
+ 2004-08-04 12:00:00 244,736 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll.000
+ 2004-08-04 12:00:00 194,048 -c----w c:\windows\$NtServicePackUninstall$\activeds.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\actmovie.exe
+ 2004-08-04 12:00:00 101,888 -c----w c:\windows\$NtServicePackUninstall$\actxprxy.dll
+ 2004-08-04 12:00:00 116,224 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll
+ 2004-08-04 12:00:00 116,224 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll.000
+ 2003-03-24 05:52:04 20,540 -c----w c:\windows\$NtServicePackUninstall$\admin.dll
+ 2003-03-24 05:52:04 16,439 -c----w c:\windows\$NtServicePackUninstall$\admin.exe
+ 2004-08-04 12:00:00 175,616 -c----w c:\windows\$NtServicePackUninstall$\adsldp.dll
+ 2004-08-04 12:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\adsldpc.dll
+ 2004-08-04 12:00:00 68,096 -c----w c:\windows\$NtServicePackUninstall$\adsmsext.dll
+ 2004-08-04 12:00:00 263,680 -c----w c:\windows\$NtServicePackUninstall$\adsnt.dll
+ 2004-08-04 12:00:00 616,960 -c----w c:\windows\$NtServicePackUninstall$\advapi32.dll
+ 2006-02-15 00:22:26 142,464 -c----w c:\windows\$NtServicePackUninstall$\aec.sys
+ 2006-02-15 00:22:26 142,464 -c----w c:\windows\$NtServicePackUninstall$\aec.sys.000
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtServicePackUninstall$\afd.sys
+ 2004-08-04 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agentanm.dll
+ 2004-08-04 12:00:00 214,016 -c----w c:\windows\$NtServicePackUninstall$\agentctl.dll
+ 2006-10-12 14:02:52 42,496 -c----w c:\windows\$NtServicePackUninstall$\agentdp2.dll
+ 2007-03-09 13:46:24 57,344 -c----w c:\windows\$NtServicePackUninstall$\agentdpv.dll
+ 2004-08-04 12:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\agentmpx.dll
+ 2004-08-04 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agentpsh.dll
+ 2004-08-04 12:00:00 44,032 -c----w c:\windows\$NtServicePackUninstall$\agentsr.dll
+ 2006-10-12 11:09:53 256,512 -c----w c:\windows\$NtServicePackUninstall$\agentsvr.exe
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0401.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0404.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0405.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0406.dll
+ 2004-08-04 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agt0407.dll
+ 2004-08-04 12:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\agt0408.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0409.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt040b.dll
+ 2004-08-04 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agt040c.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt040d.dll
+ 2004-08-04 12:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\agt040e.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0410.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0411.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0412.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0413.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0414.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0415.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\agt0416.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0419.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt041d.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt041f.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0804.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0816.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\agt0c0a.dll
+ 2004-08-04 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agtintl.dll
+ 2004-08-04 12:00:00 98,304 -c----w c:\windows\$NtServicePackUninstall$\ahui.exe
+ 2004-08-04 12:00:00 44,544 -c----w c:\windows\$NtServicePackUninstall$\alg.exe
+ 2004-08-04 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\alrsvc.dll
+ 2004-08-04 12:00:00 36,992 -c----w c:\windows\$NtServicePackUninstall$\amdk6.sys
+ 2004-08-04 12:00:00 37,376 -c----w c:\windows\$NtServicePackUninstall$\amdk7.sys
+ 2004-08-04 12:00:00 70,656 -c----w c:\windows\$NtServicePackUninstall$\amstream.dll
+ 2004-08-04 12:00:00 126,976 -c----w c:\windows\$NtServicePackUninstall$\apphelp.dll
+ 2004-08-04 12:00:00 331,264 -c----w c:\windows\$NtServicePackUninstall$\aqueue.dll
+ 2004-08-04 12:00:00 60,800 -c----w c:\windows\$NtServicePackUninstall$\arp1394.sys
+ 1999-08-09 03:39:20 14,832 -c----w c:\windows\$NtServicePackUninstall$\asfsipc.dll
+ 2004-08-04 12:00:00 65,024 -c----w c:\windows\$NtServicePackUninstall$\asycfilt.dll
+ 2004-08-04 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\asyncmac.sys
+ 2004-08-04 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\at.exe
+ 2004-08-04 12:00:00 95,360 -c----w c:\windows\$NtServicePackUninstall$\atapi.sys
+ 2004-08-04 12:00:00 58,880 -c----w c:\windows\$NtServicePackUninstall$\atl.dll
+ 2004-08-04 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\atmadm.exe
+ 2004-08-04 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\atmarpc.sys
+ 2004-08-04 12:00:00 285,696 -c----w c:\windows\$NtServicePackUninstall$\atmfd.dll
+ 2004-08-04 12:00:00 55,936 -c----w c:\windows\$NtServicePackUninstall$\atmlane.sys
+ 2004-08-04 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\atmlib.dll
+ 2004-08-04 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\attrib.exe
+ 2004-08-04 12:00:00 42,496 -c----w c:\windows\$NtServicePackUninstall$\audiosrv.dll
+ 2004-08-04 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\auditusr.exe
+ 2003-03-24 05:52:04 20,540 -c----w c:\windows\$NtServicePackUninstall$\author.dll
+ 2003-03-24 05:52:04 16,439 -c----w c:\windows\$NtServicePackUninstall$\author.exe
+ 2005-03-02 18:09:29 56,832 -c----w c:\windows\$NtServicePackUninstall$\authz.dll
+ 2004-08-04 12:00:00 588,800 -c----w c:\windows\$NtServicePackUninstall$\autochk.exe
+ 2004-08-04 12:00:00 602,624 -c----w c:\windows\$NtServicePackUninstall$\autoconv.exe
+ 2004-08-04 12:00:00 580,608 -c----w c:\windows\$NtServicePackUninstall$\autofmt.exe
+ 2004-08-04 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\autolfn.exe
+ 2004-08-04 12:00:00 84,992 -c----w c:\windows\$NtServicePackUninstall$\avifil32.dll
+ 2004-08-04 12:00:00 52,736 -c----w c:\windows\$NtServicePackUninstall$\basesrv.dll
+ 2004-08-04 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\batmeter.dll
+ 2004-08-04 12:00:00 8,704 -c----w c:\windows\$NtServicePackUninstall$\batt.dll
+ 2004-08-04 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\bidispl.dll
+ 2004-08-04 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\bitsprx2.dll
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\bitsprx3.dll
+ 2004-08-04 12:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\blastcln.exe
+ 2004-08-04 12:00:00 71,552 -c----w c:\windows\$NtServicePackUninstall$\bridge.sys
+ 2004-08-04 12:00:00 63,488 -c----w c:\windows\$NtServicePackUninstall$\browselc.dll
+ 2004-08-04 12:00:00 77,312 -c----w c:\windows\$NtServicePackUninstall$\browser.dll
+ 2006-09-23 03:12:50 1,022,976 -c----w c:\windows\$NtServicePackUninstall$\browseui.dll
+ 2004-08-04 12:00:00 78,336 -c----w c:\windows\$NtServicePackUninstall$\browsewm.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\bthci.dll
+ 2008-06-13 13:10:50 272,128 -c----w c:\windows\$NtServicePackUninstall$\bthport.sys
+ 2008-06-13 13:10:50 272,128 -c----w c:\windows\$NtServicePackUninstall$\bthport.sys.000
+ 2004-08-04 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\bthserv.dll
+ 2004-08-04 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\btpanui.dll
+ 2004-08-04 12:00:00 218,112 -c----w c:\windows\$NtServicePackUninstall$\c_g18030.dll
+ 2004-08-04 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\cabinet.dll
+ 2004-08-04 12:00:00 84,480 -c----w c:\windows\$NtServicePackUninstall$\cabview.dll
+ 2004-08-04 12:00:00 18,432 -c----w c:\windows\$NtServicePackUninstall$\cacls.exe
+ 2004-08-04 12:00:00 385,024 -c----w c:\windows\$NtServicePackUninstall$\callcont.dll
+ 2004-08-04 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\camocx.dll
+ 2004-08-04 12:00:00 142,848 -c----w c:\windows\$NtServicePackUninstall$\capesnpn.dll
+ 2005-07-26 04:39:42 225,792 -c----w c:\windows\$NtServicePackUninstall$\catsrv.dll
+ 2004-08-04 12:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\catsrvps.dll
+ 2005-07-26 04:39:43 625,152 -c----w c:\windows\$NtServicePackUninstall$\catsrvut.dll
+ 2004-08-04 12:00:00 63,744 -c----w c:\windows\$NtServicePackUninstall$\cdfs.sys
+ 2005-10-21 03:39:26 151,040 -c----w c:\windows\$NtServicePackUninstall$\cdfview.dll
+ 2005-09-10 01:53:41 2,067,968 -c----w c:\windows\$NtServicePackUninstall$\cdosys.dll
+ 2004-08-04 12:00:00 49,536 -c----w c:\windows\$NtServicePackUninstall$\cdrom.sys
+ 2004-08-04 12:00:00 194,560 -c----w c:\windows\$NtServicePackUninstall$\certcli.dll
+ 2004-08-04 12:00:00 457,728 -c----w c:\windows\$NtServicePackUninstall$\certmgr.dll
+ 2004-08-04 12:00:00 38,912 -c----w c:\windows\$NtServicePackUninstall$\cfgbkend.dll
+ 2004-08-04 12:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\cfgmgr32.dll
+ 2003-03-24 05:52:04 188,480 -c----w c:\windows\$NtServicePackUninstall$\cfgwiz.exe
+ 2004-08-04 12:00:00 97,792 -c----w c:\windows\$NtServicePackUninstall$\chtmbx.dll
+ 2004-08-04 12:00:00 56,320 -c----w c:\windows\$NtServicePackUninstall$\chtskdic.dll
+ 2004-08-04 12:00:00 173,568 -c----w c:\windows\$NtServicePackUninstall$\chtskf.dll
+ 2004-08-04 12:00:00 109,568 -c----w c:\windows\$NtServicePackUninstall$\cic.dll
+ 2004-08-04 12:00:00 1,352,192 -c----w c:\windows\$NtServicePackUninstall$\cimwin32.dll
+ 2004-08-04 12:00:00 198,656 -c----w c:\windows\$NtServicePackUninstall$\cintime.dll
+ 2006-06-22 05:06:29 69,120 -c----w c:\windows\$NtServicePackUninstall$\ciodm.dll
+ 2004-08-04 12:00:00 5,632 -c----w c:\windows\$NtServicePackUninstall$\cisvc.exe
+ 2004-08-04 12:00:00 49,664 -c----w c:\windows\$NtServicePackUninstall$\classpnp.sys
+ 2005-07-26 04:39:43 110,080 -c----w c:\windows\$NtServicePackUninstall$\clbcatex.dll
+ 2005-07-26 04:39:43 498,688 -c----w c:\windows\$NtServicePackUninstall$\clbcatq.dll
+ 2004-08-04 12:00:00 64,000 -c----w c:\windows\$NtServicePackUninstall$\cleanmgr.exe
+ 2004-08-04 12:00:00 77,824 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.exe
+ 2004-08-04 12:00:00 102,912 -c----w c:\windows\$NtServicePackUninstall$\clipbrd.exe
+ 2004-08-04 12:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\clipsrv.exe
+ 2004-08-04 12:00:00 57,856 -c----w c:\windows\$NtServicePackUninstall$\clusapi.dll
+ 2004-08-04 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\cmcfg32.dll
+ 2004-08-04 12:00:00 388,608 -c----w c:\windows\$NtServicePackUninstall$\cmd.exe
+ 2004-08-04 12:00:00 343,040 -c----w c:\windows\$NtServicePackUninstall$\cmdial32.dll
+ 2004-08-04 12:00:00 47,104 -c----w c:\windows\$NtServicePackUninstall$\cmdl32.exe
+ 2004-08-04 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\cmmon32.exe
+ 2004-08-04 12:00:00 185,344 -c----w c:\windows\$NtServicePackUninstall$\cmprops.dll
+ 2004-08-04 12:00:00 13,824 -c----w c:\windows\$NtServicePackUninstall$\cmsetacl.dll
+ 2004-08-04 12:00:00 63,488 -c----w c:\windows\$NtServicePackUninstall$\cmstp.exe
+ 2004-08-04 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\cmutil.dll
+ 2004-08-04 12:00:00 47,104 -c----w c:\windows\$NtServicePackUninstall$\cnbjmon.dll
+ 2005-07-26 04:39:43 60,416 -c----w c:\windows\$NtServicePackUninstall$\colbact.dll
+ 2004-08-04 12:00:00 25,600 -c----w c:\windows\$NtServicePackUninstall$\comaddin.dll
+ 2005-07-26 04:39:44 195,072 -c----w c:\windows\$NtServicePackUninstall$\comadmin.dll
+ 2006-08-25 15:45:58 617,472 -c----w c:\windows\$NtServicePackUninstall$\comctl32.dll
+ 2004-08-04 12:00:00 276,992 -c----w c:\windows\$NtServicePackUninstall$\comdlg32.dll
+ 2004-08-04 12:00:00 252,928 -c----w c:\windows\$NtServicePackUninstall$\compatui.dll
+ 2004-08-04 12:00:00 229,376 -c----w c:\windows\$NtServicePackUninstall$\compstui.dll
+ 2005-07-26 04:39:44 97,792 -c----w c:\windows\$NtServicePackUninstall$\comrepl.dll
+ 2004-08-04 12:00:00 9,728 -c----w c:\windows\$NtServicePackUninstall$\comrepl.exe
+ 2004-08-04 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\comrereg.exe
+ 2004-08-04 12:00:00 792,064 -c----w c:\windows\$NtServicePackUninstall$\comres.dll
+ 2004-08-04 12:00:00 259,584 -c----w c:\windows\$NtServicePackUninstall$\comsetup.dll
+ 2004-08-04 12:00:00 147,456 -c----w c:\windows\$NtServicePackUninstall$\comsnap.dll
+ 2005-07-26 04:39:44 1,267,200 -c----w c:\windows\$NtServicePackUninstall$\comsvcs.dll

acasey · Nov 13, 2008

part two of combofix...

+ 2005-07-26 04:39:45 540,160 -c----w c:\windows\$NtServicePackUninstall$\comuid.dll
+ 2004-08-04 12:00:00 1,032,192 -c----w c:\windows\$NtServicePackUninstall$\conf.exe
+ 2004-08-04 12:00:00 45,056 -c----w c:\windows\$NtServicePackUninstall$\confmrsl.dll
+ 2004-08-04 12:00:00 345,600 -c----w c:\windows\$NtServicePackUninstall$\confmsp.dll
+ 2004-08-04 12:00:00 27,648 -c----w c:\windows\$NtServicePackUninstall$\conime.exe
+ 2007-08-13 08:42:54 17,408 -c----w c:\windows\$NtServicePackUninstall$\corpol.dll
+ 2004-08-04 12:00:00 163,840 -c----w c:\windows\$NtServicePackUninstall$\credui.dll
+ 2004-08-04 12:00:00 36,480 -c----w c:\windows\$NtServicePackUninstall$\crusoe.sys
+ 2004-08-04 12:00:00 597,504 -c----w c:\windows\$NtServicePackUninstall$\crypt32.dll
+ 2004-08-04 12:00:00 74,752 -c----w c:\windows\$NtServicePackUninstall$\cryptdlg.dll
+ 2004-08-04 12:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\cryptdll.dll
+ 2004-08-04 12:00:00 53,760 -c----w c:\windows\$NtServicePackUninstall$\cryptext.dll
+ 2004-08-04 12:00:00 63,488 -c----w c:\windows\$NtServicePackUninstall$\cryptnet.dll
+ 2004-08-04 12:00:00 60,416 -c----w c:\windows\$NtServicePackUninstall$\cryptsvc.dll
+ 2004-08-04 12:00:00 512,512 -c----w c:\windows\$NtServicePackUninstall$\cryptui.dll
+ 2004-08-04 12:00:00 101,888 -c----w c:\windows\$NtServicePackUninstall$\cscdll.dll
+ 2004-08-04 12:00:00 98,304 -c----w c:\windows\$NtServicePackUninstall$\cscript.exe
+ 2004-08-04 12:00:00 326,656 -c----w c:\windows\$NtServicePackUninstall$\cscui.dll
+ 2004-08-04 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\csrsrv.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\csrss.exe
+ 2004-08-04 12:00:00 15,360 -c----w c:\windows\$NtServicePackUninstall$\ctfmon.exe
+ 2004-08-04 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\custsat.dll
+ 2004-08-04 12:00:00 1,179,648 -c----w c:\windows\$NtServicePackUninstall$\d3d8.dll
+ 2004-08-04 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\d3d8thk.dll
+ 2004-08-04 12:00:00 1,689,088 -c----w c:\windows\$NtServicePackUninstall$\d3d9.dll
+ 2004-08-04 12:00:00 825,344 -c----w c:\windows\$NtServicePackUninstall$\d3dim700.dll
+ 2005-11-05 03:16:23 1,054,208 -c----w c:\windows\$NtServicePackUninstall$\danim.dll
+ 2004-08-04 12:00:00 54,272 -c----w c:\windows\$NtServicePackUninstall$\dataclen.dll
+ 2004-08-04 12:00:00 152,064 -c----w c:\windows\$NtServicePackUninstall$\datime.dll
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\davclnt.dll
+ 2004-08-04 12:00:00 640,000 -c----w c:\windows\$NtServicePackUninstall$\dbghelp.dll
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\dbmsrpcn.dll
+ 2004-08-04 12:00:00 110,592 -c----w c:\windows\$NtServicePackUninstall$\dbnetlib.dll
+ 2004-08-04 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dbnmpntw.dll
+ 2004-08-04 12:00:00 1,788 -c----w c:\windows\$NtServicePackUninstall$\dcache.bin
+ 2004-08-04 12:00:00 40,960 -c----w c:\windows\$NtServicePackUninstall$\dcap32.dll
+ 2004-08-04 12:00:00 8,704 -c----w c:\windows\$NtServicePackUninstall$\dciman32.dll
+ 2004-08-04 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\dcomcnfg.exe
+ 2004-08-04 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\ddeshare.exe
+ 2004-08-04 12:00:00 266,240 -c----w c:\windows\$NtServicePackUninstall$\ddraw.dll
+ 2004-08-04 12:00:00 27,136 -c----w c:\windows\$NtServicePackUninstall$\ddrawex.dll
+ 2004-08-04 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\defrag.exe
+ 2004-08-04 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\devenum.dll
+ 2004-08-04 12:00:00 282,624 -c----w c:\windows\$NtServicePackUninstall$\devmgr.dll
+ 2004-08-04 12:00:00 82,432 -c----w c:\windows\$NtServicePackUninstall$\dfrgfat.exe
+ 2004-08-04 12:00:00 104,960 -c----w c:\windows\$NtServicePackUninstall$\dfrgntfs.exe
+ 2004-08-04 12:00:00 38,912 -c----w c:\windows\$NtServicePackUninstall$\dfrgsnap.dll
+ 2004-08-04 12:00:00 123,904 -c----w c:\windows\$NtServicePackUninstall$\dfrgui.dll
+ 2004-08-04 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dfsshlex.dll
+ 2004-08-04 12:00:00 111,104 -c----w c:\windows\$NtServicePackUninstall$\dgnet.dll
+ 2006-05-19 12:59:41 111,616 -c----w c:\windows\$NtServicePackUninstall$\dhcpcsvc.dll
+ 2004-08-04 12:00:00 370,176 -c----w c:\windows\$NtServicePackUninstall$\dhcpmon.dll
+ 2004-08-04 12:00:00 539,136 -c----w c:\windows\$NtServicePackUninstall$\dialer.exe
+ 2004-08-04 12:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\diantz.exe
+ 2004-08-04 12:00:00 68,608 -c----w c:\windows\$NtServicePackUninstall$\digest.dll
+ 2004-08-04 12:00:00 159,232 -c----w c:\windows\$NtServicePackUninstall$\dinput.dll
+ 2004-08-04 12:00:00 181,760 -c----w c:\windows\$NtServicePackUninstall$\dinput8.dll
+ 2007-05-16 15:12:00 86,528 -c----w c:\windows\$NtServicePackUninstall$\directdb.dll
+ 2004-08-04 12:00:00 36,352 -c----w c:\windows\$NtServicePackUninstall$\disk.sys
+ 2004-08-04 12:00:00 1,501,696 -c----w c:\windows\$NtServicePackUninstall$\diskcopy.dll
+ 2004-08-04 12:00:00 14,208 -c----w c:\windows\$NtServicePackUninstall$\diskdump.sys
+ 2004-08-04 12:00:00 163,840 -c----w c:\windows\$NtServicePackUninstall$\diskpart.exe
+ 2004-08-04 12:00:00 45,083 -c----w c:\windows\$NtServicePackUninstall$\dispex.dll
+ 2004-08-04 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\dllhost.exe
+ 2004-08-04 12:00:00 224,768 -c----w c:\windows\$NtServicePackUninstall$\dmadmin.exe
+ 2004-08-04 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dmband.dll
+ 2004-08-04 12:00:00 799,744 -c----w c:\windows\$NtServicePackUninstall$\dmboot.sys
+ 2004-08-04 12:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\dmcompos.dll
+ 2004-08-04 12:00:00 273,920 -c----w c:\windows\$NtServicePackUninstall$\dmdlgs.dll
+ 2004-08-04 12:00:00 200,704 -c----w c:\windows\$NtServicePackUninstall$\dmdskmgr.dll
+ 2004-08-04 12:00:00 181,248 -c----w c:\windows\$NtServicePackUninstall$\dmime.dll
+ 2004-08-04 12:00:00 153,344 -c----w c:\windows\$NtServicePackUninstall$\dmio.sys
+ 2004-08-04 12:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\dmloader.dll
+ 2004-08-04 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\dmremote.exe
+ 2004-08-04 12:00:00 82,432 -c----w c:\windows\$NtServicePackUninstall$\dmscript.dll
+ 2004-08-04 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\dmserver.dll
+ 2004-08-04 12:00:00 105,984 -c----w c:\windows\$NtServicePackUninstall$\dmstyle.dll
+ 2004-08-04 12:00:00 103,424 -c----w c:\windows\$NtServicePackUninstall$\dmsynth.dll
+ 2004-08-04 12:00:00 104,448 -c----w c:\windows\$NtServicePackUninstall$\dmusic.dll
+ 2004-08-03 12:07:40 52,864 -c----w c:\windows\$NtServicePackUninstall$\dmusic.sys
+ 2004-08-04 12:00:00 52,224 -c----w c:\windows\$NtServicePackUninstall$\dmutil.dll
+ 2008-06-20 17:41:10 148,992 -c----w c:\windows\$NtServicePackUninstall$\dnsapi.dll
+ 2008-02-20 05:32:43 45,568 -c----w c:\windows\$NtServicePackUninstall$\dnsrslvr.dll
+ 2004-08-04 12:00:00 48,128 -c----w c:\windows\$NtServicePackUninstall$\docprop2.dll
+ 2004-08-04 12:00:00 97,280 -c----w c:\windows\$NtServicePackUninstall$\dpcdll.dll
+ 2004-08-04 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\dplaysvr.exe
+ 2004-08-04 12:00:00 229,888 -c----w c:\windows\$NtServicePackUninstall$\dplayx.dll
+ 2004-08-04 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\dpmodemx.dll
+ 2004-08-04 12:00:00 3,584 -c----w c:\windows\$NtServicePackUninstall$\dpnaddr.dll
+ 2004-08-04 12:00:00 375,296 -c----w c:\windows\$NtServicePackUninstall$\dpnet.dll
+ 2004-08-04 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\dpnhpast.dll
+ 2004-08-04 12:00:00 60,928 -c----w c:\windows\$NtServicePackUninstall$\dpnhupnp.dll
+ 2004-08-04 12:00:00 3,584 -c----w c:\windows\$NtServicePackUninstall$\dpnlobby.dll
+ 2004-08-04 12:00:00 18,432 -c----w c:\windows\$NtServicePackUninstall$\dpnsvr.exe
+ 2004-08-04 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\dpvacm.dll
+ 2004-08-04 12:00:00 212,480 -c----w c:\windows\$NtServicePackUninstall$\dpvoice.dll
+ 2004-08-04 12:00:00 83,456 -c----w c:\windows\$NtServicePackUninstall$\dpvsetup.exe
+ 2004-08-04 12:00:00 116,736 -c----w c:\windows\$NtServicePackUninstall$\dpvvox.dll
+ 2004-08-04 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\dpwsockx.dll
+ 2004-08-04 12:00:00 299,520 -c----w c:\windows\$NtServicePackUninstall$\drmclien.dll
+ 2004-08-03 13:08:00 60,288 -c----w c:\windows\$NtServicePackUninstall$\drmk.sys
+ 2004-08-03 12:07:58 2,944 -c----w c:\windows\$NtServicePackUninstall$\drmkaud.sys
+ 2004-08-04 12:00:00 87,040 -c----w c:\windows\$NtServicePackUninstall$\drmstor.dll
+ 2004-08-04 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\drprov.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\ds32gt.dll
+ 2004-08-04 12:00:00 181,760 -c----w c:\windows\$NtServicePackUninstall$\dsdmo.dll
+ 2004-08-04 12:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\dsdmoprp.dll
+ 2004-08-04 12:00:00 92,672 -c----w c:\windows\$NtServicePackUninstall$\dskquota.dll
+ 2004-08-04 12:00:00 144,384 -c----w c:\windows\$NtServicePackUninstall$\dskquoui.dll
+ 2004-08-04 12:00:00 367,616 -c----w c:\windows\$NtServicePackUninstall$\dsound.dll
+ 2004-08-04 12:00:00 1,294,336 -c----w c:\windows\$NtServicePackUninstall$\dsound3d.dll
+ 2004-08-04 12:00:00 142,336 -c----w c:\windows\$NtServicePackUninstall$\dsprop.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\dsprpres.dll
+ 2004-08-04 12:00:00 239,104 -c----w c:\windows\$NtServicePackUninstall$\dsquery.dll
+ 2004-08-04 12:00:00 51,200 -c----w c:\windows\$NtServicePackUninstall$\dssec.dll
+ 2004-08-04 12:00:00 137,216 -c----w c:\windows\$NtServicePackUninstall$\dssenh.dll
+ 2004-08-04 12:00:00 113,152 -c----w c:\windows\$NtServicePackUninstall$\dsuiext.dll
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\dswave.dll
+ 2004-08-04 12:00:00 10,752 -c----w c:\windows\$NtServicePackUninstall$\dumprep.exe
+ 2004-08-04 12:00:00 304,128 -c----w c:\windows\$NtServicePackUninstall$\duser.dll
+ 2004-08-04 12:00:00 17,920 -c----w c:\windows\$NtServicePackUninstall$\dvdupgrd.exe
+ 2004-08-04 12:00:00 180,224 -c----w c:\windows\$NtServicePackUninstall$\dwwin.exe
+ 2004-08-04 12:00:00 619,008 -c----w c:\windows\$NtServicePackUninstall$\dx7vb.dll
+ 2004-08-04 12:00:00 1,227,264 -c----w c:\windows\$NtServicePackUninstall$\dx8vb.dll
+ 2004-08-04 12:00:00 1,298,432 -c----w c:\windows\$NtServicePackUninstall$\dxdiag.exe
+ 2004-08-04 12:00:00 2,113,536 -c----w c:\windows\$NtServicePackUninstall$\dxdiagn.dll
+ 2004-08-04 12:00:00 71,040 -c----w c:\windows\$NtServicePackUninstall$\dxg.sys
+ 2006-08-21 18:05:26 498,742 -c----w c:\windows\$NtServicePackUninstall$\dxmasf.dll
+ 2004-08-04 12:00:00 183,296 -c----w c:\windows\$NtServicePackUninstall$\els.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\encapi.dll
+ 2004-08-04 12:00:00 186,368 -c----w c:\windows\$NtServicePackUninstall$\encdec.dll
+ 2004-08-04 12:00:00 23,040 -c----w c:\windows\$NtServicePackUninstall$\ersvc.dll
+ 2008-07-07 20:32:22 253,952 -c----w c:\windows\$NtServicePackUninstall$\es.dll
+ 2005-10-20 22:20:03 1,082,368 -c----w c:\windows\$NtServicePackUninstall$\esent.dll
+ 2004-08-04 12:00:00 247,808 -c----w c:\windows\$NtServicePackUninstall$\esscli.dll
+ 2004-08-04 12:00:00 193,024 -c----w c:\windows\$NtServicePackUninstall$\eudcedit.exe
+ 2004-08-04 12:00:00 55,808 -c----w c:\windows\$NtServicePackUninstall$\eventlog.dll
+ 2004-08-04 12:00:00 101,888 -c----w c:\windows\$NtServicePackUninstall$\evntagnt.dll
+ 2004-08-04 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\evntcmd.exe
+ 2004-08-04 12:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\evntrprv.dll
+ 2004-08-04 12:00:00 92,160 -c----w c:\windows\$NtServicePackUninstall$\evntwin.exe
+ 2007-06-13 10:23:07 1,033,216 -c----w c:\windows\$NtServicePackUninstall$\explorer.exe
+ 2004-08-04 12:00:00 380,957 -c----w c:\windows\$NtServicePackUninstall$\expsrv.dll
+ 2004-08-04 12:00:00 45,568 -c----w c:\windows\$NtServicePackUninstall$\extrac32.exe
+ 2004-08-04 12:00:00 121,856 -c----w c:\windows\$NtServicePackUninstall$\exts.dll
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\f3ahvoas.dll
+ 2004-08-04 12:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\fastfat.sys
+ 2004-08-04 12:00:00 472,064 -c----w c:\windows\$NtServicePackUninstall$\fastprox.dll
+ 2004-08-04 12:00:00 80,384 -c----w c:\windows\$NtServicePackUninstall$\faultrep.dll
+ 2004-08-04 12:00:00 27,392 -c----w c:\windows\$NtServicePackUninstall$\fdc.sys
+ 2004-08-04 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\feclient.dll
+ 2004-08-04 12:00:00 337,920 -c----w c:\windows\$NtServicePackUninstall$\filemgmt.dll
+ 2004-08-04 12:00:00 27,136 -c----w c:\windows\$NtServicePackUninstall$\findstr.exe
+ 2004-08-04 12:00:00 34,944 -c----w c:\windows\$NtServicePackUninstall$\fips.sys
+ 2004-08-04 12:00:00 87,552 -c----w c:\windows\$NtServicePackUninstall$\fldrclnr.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\flpydisk.sys
+ 2006-08-21 12:21:06 16,896 -c----w c:\windows\$NtServicePackUninstall$\fltlib.dll
+ 2006-08-21 09:14:58 23,040 -c----w c:\windows\$NtServicePackUninstall$\fltmc.exe
+ 2006-08-21 09:14:58 128,896 -c----w c:\windows\$NtServicePackUninstall$\fltmgr.sys
+ 2004-08-04 12:00:00 382,976 -c----w c:\windows\$NtServicePackUninstall$\fontext.dll
+ 2005-10-17 21:14:45 80,896 -c----w c:\windows\$NtServicePackUninstall$\fontsub.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\fontview.exe
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\forcedos.exe
+ 2004-08-04 12:00:00 25,600 -c----w c:\windows\$NtServicePackUninstall$\format.com
+ 2004-08-04 12:00:00 32,828 -c----w c:\windows\$NtServicePackUninstall$\fp40ext.dll
+ 2004-05-12 13:39:48 184,435 -c----w c:\windows\$NtServicePackUninstall$\fp4amsft.dll
+ 2003-03-24 05:52:04 82,035 -c----w c:\windows\$NtServicePackUninstall$\fp4anscp.dll
+ 2003-03-24 05:52:04 147,513 -c----w c:\windows\$NtServicePackUninstall$\fp4apws.dll
+ 2003-03-24 05:52:04 49,210 -c----w c:\windows\$NtServicePackUninstall$\fp4areg.dll
+ 2003-03-24 05:52:04 102,509 -c----w c:\windows\$NtServicePackUninstall$\fp4atxt.dll
+ 2003-03-24 05:52:04 618,605 -c----w c:\windows\$NtServicePackUninstall$\fp4autl.dll
+ 2003-03-24 05:52:04 41,020 -c----w c:\windows\$NtServicePackUninstall$\fp4avnb.dll
+ 2003-03-24 05:52:04 32,826 -c----w c:\windows\$NtServicePackUninstall$\fp4avss.dll
+ 2003-03-24 05:52:04 49,212 -c----w c:\windows\$NtServicePackUninstall$\fp4awebs.dll
+ 2004-05-12 13:39:48 876,653 -c----w c:\windows\$NtServicePackUninstall$\fp4awel.dll
+ 2003-03-24 05:52:04 14,608 -c----w c:\windows\$NtServicePackUninstall$\fp98sadm.exe
+ 2003-03-24 05:52:04 109,328 -c----w c:\windows\$NtServicePackUninstall$\fp98swin.exe
+ 2003-03-24 05:52:04 24,632 -c----w c:\windows\$NtServicePackUninstall$\fpadmcgi.exe
+ 2003-03-24 05:52:04 20,541 -c----w c:\windows\$NtServicePackUninstall$\fpadmdll.dll
+ 2003-03-24 05:52:04 188,494 -c----w c:\windows\$NtServicePackUninstall$\fpcount.exe
+ 2003-03-24 05:52:04 94,208 -c----w c:\windows\$NtServicePackUninstall$\fpencode.dll
+ 2003-03-24 05:52:04 20,541 -c----w c:\windows\$NtServicePackUninstall$\fpexedll.dll
+ 2004-05-12 13:39:48 598,071 -c----w c:\windows\$NtServicePackUninstall$\fpmmc.dll
+ 2003-03-24 05:52:06 208,896 -c----w c:\windows\$NtServicePackUninstall$\fpmmcsat.dll
+ 2003-03-24 05:52:04 20,538 -c----w c:\windows\$NtServicePackUninstall$\fpremadm.exe
+ 2004-08-04 12:00:00 9,344 -c----w c:\windows\$NtServicePackUninstall$\framebuf.dll
+ 2004-08-04 12:00:00 185,856 -c----w c:\windows\$NtServicePackUninstall$\framedyn.dll
+ 2004-08-04 12:00:00 193,024 -c----w c:\windows\$NtServicePackUninstall$\fsquirt.exe
+ 2004-08-04 12:00:00 42,496 -c----w c:\windows\$NtServicePackUninstall$\ftp.exe
+ 2004-08-04 12:00:00 60,416 -c----w c:\windows\$NtServicePackUninstall$\fwcfg.dll
+ 2004-08-04 12:00:00 452,096 -c----w c:\windows\$NtServicePackUninstall$\fxsapi.dll
+ 2004-08-04 12:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\fxsclnt.exe
+ 2004-08-04 12:00:00 72,192 -c----w c:\windows\$NtServicePackUninstall$\fxscom.dll
+ 2004-08-04 12:00:00 285,184 -c----w c:\windows\$NtServicePackUninstall$\fxscomex.dll
+ 2004-08-04 12:00:00 229,376 -c----w c:\windows\$NtServicePackUninstall$\fxscover.exe
+ 2004-08-04 12:00:00 27,136 -c----w c:\windows\$NtServicePackUninstall$\fxsdrv.dll
+ 2004-08-04 12:00:00 55,296 -c----w c:\windows\$NtServicePackUninstall$\fxsevent.dll
+ 2004-08-04 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\fxsext32.dll
+ 2004-08-04 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\fxsmon.dll
+ 2004-08-04 12:00:00 132,608 -c----w c:\windows\$NtServicePackUninstall$\fxsocm.dll
+ 2004-08-04 12:00:00 8,704 -c----w c:\windows\$NtServicePackUninstall$\fxsperf.dll
+ 2004-08-04 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\fxsres.dll
+ 2004-08-04 12:00:00 562,176 -c----w c:\windows\$NtServicePackUninstall$\fxsst.dll
+ 2004-08-04 12:00:00 267,776 -c----w c:\windows\$NtServicePackUninstall$\fxssvc.exe
+ 2004-08-04 12:00:00 246,272 -c----w c:\windows\$NtServicePackUninstall$\fxst30.dll
+ 2004-08-04 12:00:00 397,312 -c----w c:\windows\$NtServicePackUninstall$\fxstiff.dll
+ 2004-08-04 12:00:00 154,112 -c----w c:\windows\$NtServicePackUninstall$\fxsui.dll
+ 2004-08-04 12:00:00 192,512 -c----w c:\windows\$NtServicePackUninstall$\fxswzrd.dll
+ 2004-08-04 12:00:00 400,384 -c----w c:\windows\$NtServicePackUninstall$\fxsxp32.dll
+ 2008-02-20 06:51:05 282,624 -c----w c:\windows\$NtServicePackUninstall$\gdi32.dll
+ 2004-08-04 12:00:00 122,880 -c----w c:\windows\$NtServicePackUninstall$\glu32.dll
+ 2004-08-04 12:00:00 9,728 -c----w c:\windows\$NtServicePackUninstall$\gpkrsrc.dll
+ 2004-08-04 12:00:00 39,424 -c----w c:\windows\$NtServicePackUninstall$\grpconv.exe
+ 2004-08-04 12:00:00 123,904 -c----w c:\windows\$NtServicePackUninstall$\guitrn.dll
+ 2004-08-04 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\h323cc.dll
+ 2004-08-04 12:00:00 614,912 -c----w c:\windows\$NtServicePackUninstall$\h323msp.dll
+ 2004-08-04 12:00:00 131,968 -c----w c:\windows\$NtServicePackUninstall$\hal.dll
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\hccoin.dll
+ 2004-08-04 12:00:00 14,848 -c----w c:\windows\$NtServicePackUninstall$\help.exe
+ 2004-08-04 12:00:00 768,512 -c----w c:\windows\$NtServicePackUninstall$\helpctr.exe
+ 2004-08-04 12:00:00 743,936 -c----w c:\windows\$NtServicePackUninstall$\helpsvc.exe
+ 2005-05-26 23:22:01 10,752 -c----w c:\windows\$NtServicePackUninstall$\hh.exe
+ 2005-05-27 02:04:27 41,472 -c----w c:\windows\$NtServicePackUninstall$\hhsetup.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\hid.dll
+ 2004-08-04 12:00:00 36,224 -c----w c:\windows\$NtServicePackUninstall$\hidclass.sys
+ 2004-08-04 12:00:00 24,960 -c----w c:\windows\$NtServicePackUninstall$\hidparse.sys
+ 2006-07-21 08:24:43 72,704 -c----w c:\windows\$NtServicePackUninstall$\hlink.dll
+ 2004-08-04 12:00:00 344,064 -c----w c:\windows\$NtServicePackUninstall$\hnetcfg.dll
+ 2004-08-04 12:00:00 330,752 -c----w c:\windows\$NtServicePackUninstall$\hnetwiz.dll
+ 2004-08-04 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\hostmib.dll
+ 2004-08-04 12:00:00 144,896 -c----w c:\windows\$NtServicePackUninstall$\hotplug.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\hscupd.exe
+ 2006-03-17 00:33:10 262,784 -c----w c:\windows\$NtServicePackUninstall$\http.sys
+ 2006-03-17 00:33:10 262,784 -c----w c:\windows\$NtServicePackUninstall$\http.sys.000
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\httpapi.dll
+ 2004-08-04 12:00:00 41,984 -c----w c:\windows\$NtServicePackUninstall$\htui.dll
+ 2004-08-04 12:00:00 13,463,552 -c----w c:\windows\$NtServicePackUninstall$\hwxjpn.dll
+ 2004-11-17 17:41:24 347,136 -c----w c:\windows\$NtServicePackUninstall$\hypertrm.dll
+ 2004-08-04 12:00:00 52,736 -c----w c:\windows\$NtServicePackUninstall$\i8042prt.sys
+ 2004-08-04 12:00:00 119,808 -c----w c:\windows\$NtServicePackUninstall$\iasrad.dll
+ 2004-08-04 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\icaapi.dll
+ 2004-08-04 12:00:00 80,384 -c----w c:\windows\$NtServicePackUninstall$\iccvid.dll
+ 2005-06-29 01:46:00 254,976 -c----w c:\windows\$NtServicePackUninstall$\icm32.dll
+ 2004-08-04 12:00:00 3,584 -c----w c:\windows\$NtServicePackUninstall$\icmp.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\iconlib.dll
+ 2004-08-04 12:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\icwconn.dll
+ 2004-08-04 12:00:00 214,528 -c----w c:\windows\$NtServicePackUninstall$\icwconn1.exe
+ 2004-08-04 12:00:00 86,016 -c----w c:\windows\$NtServicePackUninstall$\icwconn2.exe
+ 2004-08-04 12:00:00 73,728 -c----w c:\windows\$NtServicePackUninstall$\icwdial.dll
+ 2004-08-04 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\icwdl.dll
+ 2004-08-04 12:00:00 172,032 -c----w c:\windows\$NtServicePackUninstall$\icwhelp.dll
+ 2004-08-04 12:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\icwphbk.dll
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\icwrmind.exe
+ 2004-08-04 12:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\icwutil.dll
+ 2004-08-04 12:00:00 120,832 -c----w c:\windows\$NtServicePackUninstall$\idq.dll
+ 2007-08-13 08:45:18 78,336 -c----w c:\windows\$NtServicePackUninstall$\ieencode.dll
+ 2004-08-04 12:00:00 114,688 -c----w c:\windows\$NtServicePackUninstall$\iexpress.exe
+ 2004-08-04 12:00:00 135,680 -c----w c:\windows\$NtServicePackUninstall$\ifmon.dll
+ 2004-08-04 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\igmpagnt.dll
+ 2004-08-04 12:00:00 505,344 -c----w c:\windows\$NtServicePackUninstall$\iis.dll
+ 2004-08-04 12:00:00 81,920 -c----w c:\windows\$NtServicePackUninstall$\ils.dll
+ 2004-08-04 12:00:00 144,384 -c----w c:\windows\$NtServicePackUninstall$\imagehlp.dll
+ 2004-08-04 12:00:00 150,016 -c----w c:\windows\$NtServicePackUninstall$\imapi.exe
+ 2004-08-04 12:00:00 41,856 -c----w c:\windows\$NtServicePackUninstall$\imapi.sys
+ 2004-08-04 12:00:00 106,496 -c----w c:\windows\$NtServicePackUninstall$\imekrcic.dll
+ 2004-08-04 12:00:00 86,016 -c----w c:\windows\$NtServicePackUninstall$\imekrmbx.dll
+ 2004-08-04 12:00:00 36,921 -c----w c:\windows\$NtServicePackUninstall$\imeshare.dll
+ 2004-08-04 12:00:00 811,064 -c----w c:\windows\$NtServicePackUninstall$\imjp81k.dll
+ 2004-08-04 12:00:00 368,696 -c----w c:\windows\$NtServicePackUninstall$\imjpcic.dll
+ 2004-08-04 12:00:00 716,856 -c----w c:\windows\$NtServicePackUninstall$\imjpcus.dll
+ 2004-08-04 12:00:00 81,976 -c----w c:\windows\$NtServicePackUninstall$\imjpdct.dll
+ 2004-08-04 12:00:00 274,489 -c----w c:\windows\$NtServicePackUninstall$\imjputyc.dll
+ 2004-08-04 12:00:00 102,456 -c----w c:\windows\$NtServicePackUninstall$\imlang.dll
+ 2004-08-04 12:00:00 110,080 -c----w c:\windows\$NtServicePackUninstall$\imm32.dll
+ 2004-08-04 12:00:00 115,712 -c----w c:\windows\$NtServicePackUninstall$\imsinsnt.dll
+ 2004-08-04 12:00:00 315,452 -c----w c:\windows\$NtServicePackUninstall$\imskf.dll
+ 2004-08-04 12:00:00 274,432 -c----w c:\windows\$NtServicePackUninstall$\inetcfg.dll
+ 2008-04-11 18:50:43 683,520 -c----w c:\windows\$NtServicePackUninstall$\inetcomm.dll
+ 2004-08-04 12:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\inetmib1.dll
+ 2004-08-04 12:00:00 75,264 -c----w c:\windows\$NtServicePackUninstall$\inetpp.dll
+ 2004-08-04 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\inetppui.dll
+ 2004-08-04 12:00:00 48,128 -c----w c:\windows\$NtServicePackUninstall$\inetres.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\inetwiz.exe
+ 2004-08-04 12:00:00 147,456 -c----w c:\windows\$NtServicePackUninstall$\initpki.dll
+ 2004-08-04 12:00:00 123,392 -c----w c:\windows\$NtServicePackUninstall$\input.dll
+ 2004-08-04 12:00:00 36,096 -c----w c:\windows\$NtServicePackUninstall$\intelppm.sys
+ 2004-08-04 12:00:00 29,056 -c----w c:\windows\$NtServicePackUninstall$\ip6fw.sys
+ 2004-08-04 12:00:00 55,808 -c----w c:\windows\$NtServicePackUninstall$\ipconfig.exe
+ 2006-05-19 12:59:41 94,720 -c----w c:\windows\$NtServicePackUninstall$\iphlpapi.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\ipinip.sys
+ 2004-08-04 12:00:00 154,112 -c----w c:\windows\$NtServicePackUninstall$\ipmontr.dll
+ 2004-09-29 22:28:37 134,912 -c----w c:\windows\$NtServicePackUninstall$\ipnat.sys
+ 2004-08-04 12:00:00 331,264 -c----w c:\windows\$NtServicePackUninstall$\ipnathlp.dll
+ 2004-08-04 12:00:00 330,752 -c----w c:\windows\$NtServicePackUninstall$\ippromon.dll
+ 2004-08-04 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\iprip.dll
+ 2004-08-04 12:00:00 169,984 -c----w c:\windows\$NtServicePackUninstall$\iprtrmgr.dll
+ 2004-08-04 12:00:00 74,752 -c----w c:\windows\$NtServicePackUninstall$\ipsec.sys
+ 2004-08-04 12:00:00 349,696 -c----w c:\windows\$NtServicePackUninstall$\ipsecsnp.dll
+ 2004-08-04 12:00:00 182,784 -c----w c:\windows\$NtServicePackUninstall$\ipsecsvc.dll
+ 2004-08-04 12:00:00 384,000 -c----w c:\windows\$NtServicePackUninstall$\ipsmsnap.dll
+ 2004-08-04 12:00:00 53,248 -c----w c:\windows\$NtServicePackUninstall$\ipv6.exe
+ 2004-08-04 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\ipv6mon.dll
+ 2004-08-04 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\ipxroute.exe
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\ipxwan.dll
+ 2004-08-04 12:00:00 120,320 -c----w c:\windows\$NtServicePackUninstall$\ir41_qc.dll
+ 2004-08-04 12:00:00 338,432 -c----w c:\windows\$NtServicePackUninstall$\ir41_qcx.dll
+ 2004-08-04 12:00:00 755,200 -c----w c:\windows\$NtServicePackUninstall$\ir50_32.dll
+ 2004-08-04 12:00:00 200,192 -c----w c:\windows\$NtServicePackUninstall$\ir50_qc.dll
+ 2004-08-04 12:00:00 183,808 -c----w c:\windows\$NtServicePackUninstall$\ir50_qcx.dll
+ 2004-08-04 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\irenum.sys
+ 2004-08-04 12:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\isapnp.sys
+ 2004-08-04 12:00:00 81,920 -c----w c:\windows\$NtServicePackUninstall$\isign32.dll
+ 2004-08-04 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\isrdbg32.dll
+ 2005-05-27 02:04:27 155,136 -c----w c:\windows\$NtServicePackUninstall$\itircl.dll
+ 2005-05-27 02:04:27 137,216 -c----w c:\windows\$NtServicePackUninstall$\itss.dll
+ 2004-08-04 12:00:00 54,272 -c----w c:\windows\$NtServicePackUninstall$\ixsso.dll
+ 2004-08-04 12:00:00 47,616 -c----w c:\windows\$NtServicePackUninstall$\iyuv_32.dll
+ 2006-06-01 18:47:07 163,840 -c----w c:\windows\$NtServicePackUninstall$\jgdw400.dll
+ 2006-06-01 18:47:07 27,648 -c----w c:\windows\$NtServicePackUninstall$\jgpl400.dll
+ 2007-08-13 08:38:04 491,520 -c----w c:\windows\$NtServicePackUninstall$\jscript.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\kbd101.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\kbd106n.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\kbdax2.dll
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\kbdclass.sys
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\kbdfi1.dll
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\kbdibm02.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\kbdinbe1.dll
+ 2004-08-04 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\kbdinben.dll
+ 2004-08-04 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\kbdinmal.dll
+ 2004-08-04 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\kbdlk41a.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\kbdlk41j.dll
+ 2004-08-04 12:00:00 5,632 -c----w c:\windows\$NtServicePackUninstall$\kbdmaori.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\kbdmlt47.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\kbdmlt48.dll
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\kbdnec.dll
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\kbdno1.dll
+ 2004-08-04 12:00:00 7,680 -c----w c:\windows\$NtServicePackUninstall$\kbdsmsfi.dll
+ 2004-08-04 12:00:00 7,680 -c----w c:\windows\$NtServicePackUninstall$\kbdsmsno.dll
+ 2004-08-04 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\kbdukx.dll
+ 2004-08-04 12:00:00 7,424 -c----w c:\windows\$NtServicePackUninstall$\kd1394.dll
+ 2005-06-15 17:49:30 295,936 -c----w c:\windows\$NtServicePackUninstall$\kerberos.dll
+ 2007-04-16 15:52:53 984,576 -c----w c:\windows\$NtServicePackUninstall$\kernel32.dll
+ 2004-08-04 12:00:00 150,528 -c----w c:\windows\$NtServicePackUninstall$\keymgr.dll
+ 2006-06-14 08:47:45 172,416 -c----w c:\windows\$NtServicePackUninstall$\kmixer.sys
+ 2006-06-14 08:47:45 172,416 -c----w c:\windows\$NtServicePackUninstall$\kmixer.sys.000
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\krnlprov.dll
+ 2004-08-03 13:15:22 140,928 -c----w c:\windows\$NtServicePackUninstall$\ks.sys
+ 2004-08-04 12:00:00 92,032 -c----w c:\windows\$NtServicePackUninstall$\ksecdd.sys
+ 2004-08-03 14:56:44 4,096 -c----w c:\windows\$NtServicePackUninstall$\ksuser.dll
+ 2004-08-04 12:00:00 423,936 -c----w c:\windows\$NtServicePackUninstall$\licdll.dll
+ 2004-08-04 12:00:00 58,880 -c----w c:\windows\$NtServicePackUninstall$\licwmi.dll
+ 2005-09-01 01:41:53 19,968 -c----w c:\windows\$NtServicePackUninstall$\linkinfo.dll
+ 2004-08-04 12:00:00 13,824 -c----w c:\windows\$NtServicePackUninstall$\lmhsvc.dll
+ 2004-08-04 12:00:00 33,792 -c----w c:\windows\$NtServicePackUninstall$\lmmib2.dll
+ 2004-08-04 12:00:00 399,872 -c----w c:\windows\$NtServicePackUninstall$\lmrt.dll
+ 2004-08-04 12:00:00 97,280 -c----w c:\windows\$NtServicePackUninstall$\loadperf.dll
+ 2004-08-04 12:00:00 221,696 -c----w c:\windows\$NtServicePackUninstall$\localsec.dll
+ 2004-08-04 12:00:00 341,504 -c----w c:\windows\$NtServicePackUninstall$\localspl.dll
+ 2004-08-04 12:00:00 11,776 -c----w c:\windows\$NtServicePackUninstall$\localui.dll
+ 2004-08-04 12:00:00 75,264 -c----w c:\windows\$NtServicePackUninstall$\locator.exe
+ 2004-08-04 12:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\log.dll
+ 2004-08-04 12:00:00 59,392 -c----w c:\windows\$NtServicePackUninstall$\logman.exe
+ 2004-08-04 12:00:00 220,672 -c----w c:\windows\$NtServicePackUninstall$\logon.scr
+ 2004-08-04 12:00:00 514,560 -c----w c:\windows\$NtServicePackUninstall$\logonui.exe
+ 2004-08-04 12:00:00 22,528 -c----w c:\windows\$NtServicePackUninstall$\lpdsvc.dll
+ 2004-08-04 12:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\lpk.dll
+ 2004-08-04 12:00:00 10,240 -c----w c:\windows\$NtServicePackUninstall$\lprhelp.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\lprmon.dll
+ 2007-11-07 09:26:56 721,920 -c----w c:\windows\$NtServicePackUninstall$\lsasrv.dll
+ 2004-08-04 12:00:00 13,312 -c----w c:\windows\$NtServicePackUninstall$\lsass.exe
+ 2004-08-04 12:00:00 72,704 -c----w c:\windows\$NtServicePackUninstall$\magnify.exe
+ 2004-08-04 12:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\makecab.exe
+ 2004-08-04 12:00:00 14,848 -c----w c:\windows\$NtServicePackUninstall$\mcastmib.dll
+ 2004-08-04 12:00:00 84,480 -c----w c:\windows\$NtServicePackUninstall$\mciavi32.dll
+ 2004-08-04 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\mciqtz32.dll
+ 2004-08-04 12:00:00 23,040 -c----w c:\windows\$NtServicePackUninstall$\mciseq.dll
+ 2004-08-04 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\mciwave.dll
+ 2004-08-04 12:00:00 118,272 -c----w c:\windows\$NtServicePackUninstall$\mdminst.dll
+ 2004-08-04 12:00:00 63,744 -c----w c:\windows\$NtServicePackUninstall$\mf.sys
+ 2007-03-08 15:36:28 40,960 -c----w c:\windows\$NtServicePackUninstall$\mf3216.dll
+ 2006-11-01 19:17:45 927,504 -c----w c:\windows\$NtServicePackUninstall$\mfc40u.dll
+ 2004-08-04 12:00:00 1,028,096 -c----w c:\windows\$NtServicePackUninstall$\mfc42.dll
+ 2004-08-04 12:00:00 22,528 -c----w c:\windows\$NtServicePackUninstall$\mfcsubs.dll
+ 2004-08-04 12:00:00 14,848 -c----w c:\windows\$NtServicePackUninstall$\mgmtapi.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\midimap.dll
+ 2004-08-04 12:00:00 201,216 -c----w c:\windows\$NtServicePackUninstall$\migism.dll
+ 2004-08-04 12:00:00 60,928 -c----w c:\windows\$NtServicePackUninstall$\miglibnt.dll
+ 2004-08-04 12:00:00 103,424 -c----w c:\windows\$NtServicePackUninstall$\migload.exe
+ 2005-07-25 23:46:57 7,680 -c----w c:\windows\$NtServicePackUninstall$\migregdb.exe
+ 2004-08-04 12:00:00 240,128 -c----w c:\windows\$NtServicePackUninstall$\migwiz.exe
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\mimefilt.dll
+ 2004-08-04 12:00:00 586,240 -c----w c:\windows\$NtServicePackUninstall$\mlang.dll
+ 2004-08-04 12:00:00 815,104 -c----w c:\windows\$NtServicePackUninstall$\mmc.exe
+ 2004-08-04 12:00:00 70,656 -c----w c:\windows\$NtServicePackUninstall$\mmcbase.dll
+ 2004-08-04 12:00:00 1,192,960 -c----w c:\windows\$NtServicePackUninstall$\mmcndmgr.dll
+ 2004-08-04 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\mmcshext.dll
+ 2004-08-04 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\mmfutil.dll
+ 2004-08-04 12:00:00 34,560 -c----w c:\windows\$NtServicePackUninstall$\mnmdd.dll
+ 2004-08-04 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\mnmsrvc.exe
+ 2004-08-04 12:00:00 207,360 -c----w c:\windows\$NtServicePackUninstall$\mobsync.dll
+ 2004-08-04 12:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\mobsync.exe
+ 2004-08-04 12:00:00 30,080 -c----w c:\windows\$NtServicePackUninstall$\modem.sys
+ 2004-08-04 12:00:00 153,600 -c----w c:\windows\$NtServicePackUninstall$\modemui.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\mofcomp.exe
+ 2004-08-04 12:00:00 123,904 -c----w c:\windows\$NtServicePackUninstall$\mofd.dll
+ 2004-08-04 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\more.com
+ 2004-08-04 12:00:00 216,064 -c----w c:\windows\$NtServicePackUninstall$\moricons.dll
+ 2004-08-04 12:00:00 23,040 -c----w c:\windows\$NtServicePackUninstall$\mouclass.sys
+ 2004-08-04 12:00:00 42,240 -c----w c:\windows\$NtServicePackUninstall$\mountmgr.sys
+ 2004-08-04 12:00:00 3,555,328 -c----w c:\windows\$NtServicePackUninstall$\moviemk.exe
+ 2004-08-04 12:00:00 123,392 -c----w c:\windows\$NtServicePackUninstall$\mplay32.exe
+ 2004-08-04 12:00:00 4,639 -c----w c:\windows\$NtServicePackUninstall$\mplayer2.exe
+ 2004-08-04 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\mpr.dll
+ 2004-08-04 12:00:00 87,040 -c----w c:\windows\$NtServicePackUninstall$\mprapi.dll
+ 2004-08-04 12:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\mprdim.dll
+ 2007-12-18 09:51:35 179,584 -c----w c:\windows\$NtServicePackUninstall$\mrxdav.sys
+ 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtServicePackUninstall$\mrxsmb.sys
+ 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtServicePackUninstall$\mrxsmb.sys.000
+ 2004-08-04 12:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\msacm32.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\msadcer.dll
+ 2004-08-04 12:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\msadcf.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\msadcfr.dll
+ 2006-03-23 05:44:21 143,360 -c----w c:\windows\$NtServicePackUninstall$\msadco.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\msadcor.dll
+ 2004-08-04 12:00:00 53,248 -c----w c:\windows\$NtServicePackUninstall$\msadcs.dll
+ 2004-08-04 12:00:00 155,648 -c----w c:\windows\$NtServicePackUninstall$\msadds.dll
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\msaddsr.dll
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\msader15.dll
+ 2006-12-26 13:07:23 536,576 -c----w c:\windows\$NtServicePackUninstall$\msado15.dll
+ 2006-12-26 13:07:23 180,224 -c----w c:\windows\$NtServicePackUninstall$\msadomd.dll
+ 2004-08-04 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\msador15.dll
+ 2006-12-26 13:07:23 200,704 -c----w c:\windows\$NtServicePackUninstall$\msadox.dll
+ 2004-08-04 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\msadrh15.dll
+ 2004-08-04 12:00:00 3,584 -c----w c:\windows\$NtServicePackUninstall$\msafd.dll
+ 2004-08-04 12:00:00 86,016 -c----w c:\windows\$NtServicePackUninstall$\msapsspc.dll
+ 2004-08-04 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\msasn1.dll
+ 2004-08-04 12:00:00 220,160 -c----w c:\windows\$NtServicePackUninstall$\mscandui.dll
+ 2008-06-24 16:23:05 74,240 -c----w c:\windows\$NtServicePackUninstall$\mscms.dll
+ 2004-08-04 12:00:00 69,632 -c----w c:\windows\$NtServicePackUninstall$\msconf.dll
+ 2004-08-04 12:00:00 158,208 -c----w c:\windows\$NtServicePackUninstall$\msconfig.exe
+ 2004-08-04 12:00:00 12,288 -c----w c:\windows\$NtServicePackUninstall$\mscpx32r.dll
+ 2004-08-04 12:00:00 36,864 -c----w c:\windows\$NtServicePackUninstall$\mscpxl32.dll
+ 2008-02-26 11:59:50 294,912 -c----w c:\windows\$NtServicePackUninstall$\msctf.dll
+ 2004-08-04 12:00:00 69,120 -c----w c:\windows\$NtServicePackUninstall$\msctfp.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\msdadc.dll
+ 2004-08-04 12:00:00 118,784 -c----w c:\windows\$NtServicePackUninstall$\msdadiag.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\msdaenum.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\msdaer.dll
+ 2004-08-04 12:00:00 233,472 -c----w c:\windows\$NtServicePackUninstall$\msdaora.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\msdaorar.dll
+ 2004-08-04 12:00:00 77,824 -c----w c:\windows\$NtServicePackUninstall$\msdaosp.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\msdaprsr.dll
+ 2004-08-04 12:00:00 200,704 -c----w c:\windows\$NtServicePackUninstall$\msdaprst.dll
+ 2004-08-04 12:00:00 204,800 -c----w c:\windows\$NtServicePackUninstall$\msdaps.dll
+ 2004-08-04 12:00:00 118,784 -c----w c:\windows\$NtServicePackUninstall$\msdarem.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\msdaremr.dll
+ 2004-08-04 12:00:00 151,552 -c----w c:\windows\$NtServicePackUninstall$\msdart.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\msdasc.dll
+ 2004-08-04 12:00:00 315,392 -c----w c:\windows\$NtServicePackUninstall$\msdasql.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\msdasqlr.dll
+ 2004-08-04 12:00:00 94,208 -c----w c:\windows\$NtServicePackUninstall$\msdatl3.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\msdatt.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\msdaurl.dll
+ 2004-08-04 12:00:00 36,864 -c----w c:\windows\$NtServicePackUninstall$\msdfmap.dll
+ 2004-08-04 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\msdmo.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\msdtc.exe
+ 2004-08-04 12:00:00 58,880 -c----w c:\windows\$NtServicePackUninstall$\msdtclog.dll
+ 2006-03-01 19:42:42 426,496 -c----w c:\windows\$NtServicePackUninstall$\msdtcprx.dll
+ 2004-08-04 12:00:00 82,432 -c----w c:\windows\$NtServicePackUninstall$\msdtcstp.dll
+ 2006-03-01 19:42:42 956,416 -c----w c:\windows\$NtServicePackUninstall$\msdtctm.dll
+ 2006-03-01 19:42:42 161,280 -c----w c:\windows\$NtServicePackUninstall$\msdtcuiu.dll
+ 2004-08-04 12:00:00 4,126 -c----w c:\windows\$NtServicePackUninstall$\msdxmlc.dll
+ 2004-08-04 12:00:00 19,072 -c----w c:\windows\$NtServicePackUninstall$\msfs.sys
+ 2006-11-27 14:54:06 539,136 -c----w c:\windows\$NtServicePackUninstall$\msftedit.dll
+ 2004-08-04 12:00:00 994,304 -c----w c:\windows\$NtServicePackUninstall$\msgina.dll
+ 2004-08-04 12:00:00 35,072 -c----w c:\windows\$NtServicePackUninstall$\msgpc.sys
+ 2004-08-04 12:00:00 3,166,208 -c----w c:\windows\$NtServicePackUninstall$\msgr3en.dll
+ 2004-08-04 12:00:00 15,360 -c----w c:\windows\$NtServicePackUninstall$\msgrocm.dll
+ 2004-08-03 14:06:34 180,224 -c----w c:\windows\$NtServicePackUninstall$\msgslang.dll
+ 2004-08-04 12:00:00 33,792 -c----w c:\windows\$NtServicePackUninstall$\msgsvc.dll
+ 2004-08-04 12:00:00 188,416 -c----w c:\windows\$NtServicePackUninstall$\msh261.drv
+ 2004-08-04 12:00:00 294,912 -c----w c:\windows\$NtServicePackUninstall$\msh263.drv
+ 2007-04-18 16:12:23 2,854,400 -c----w c:\windows\$NtServicePackUninstall$\msi.dll
+ 2004-08-04 12:00:00 51,712 -c----w c:\windows\$NtServicePackUninstall$\msident.dll
+ 2004-08-04 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\msidle.dll
+ 2004-08-04 12:00:00 248,832 -c----w c:\windows\$NtServicePackUninstall$\msieftp.dll
+ 2005-05-04 03:45:36 78,848 -c----w c:\windows\$NtServicePackUninstall$\msiexec.exe
+ 2005-05-04 03:45:36 271,360 -c----w c:\windows\$NtServicePackUninstall$\msihnd.dll
+ 2004-08-04 12:00:00 4,608 -c----w c:\windows\$NtServicePackUninstall$\msimg32.dll
+ 2004-08-04 12:00:00 60,416 -c----w c:\windows\$NtServicePackUninstall$\msimn.exe
+ 2005-05-04 03:45:36 884,736 -c----w c:\windows\$NtServicePackUninstall$\msimsg.dll
+ 2004-08-04 12:00:00 159,232 -c----w c:\windows\$NtServicePackUninstall$\msimtf.dll
+ 2004-08-04 12:00:00 376,320 -c----w c:\windows\$NtServicePackUninstall$\msinfo.dll
+ 2004-08-04 12:00:00 40,960 -c----w c:\windows\$NtServicePackUninstall$\msiregmv.exe
+ 2005-05-04 03:45:36 15,360 -c----w c:\windows\$NtServicePackUninstall$\msisip.dll
+ 2008-03-27 08:12:54 151,583 -c----w c:\windows\$NtServicePackUninstall$\msjint40.dll
+ 2006-12-26 13:07:23 102,400 -c----w c:\windows\$NtServicePackUninstall$\msjro.dll
+ 2004-08-03 11:58:42 7,552 -c----w c:\windows\$NtServicePackUninstall$\mskssrv.sys
+ 2004-08-04 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\mslbui.dll
+ 2004-08-04 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\mslwvtts.dll
+ 2004-10-13 16:24:37 1,694,208 -c----w c:\windows\$NtServicePackUninstall$\msmsgs.exe
+ 2004-08-04 12:00:00 290,816 -c----w c:\windows\$NtServicePackUninstall$\msnsspc.dll
+ 2004-08-04 12:00:00 122,368 -c----w c:\windows\$NtServicePackUninstall$\msobcomm.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\msobdl.dll
+ 2004-08-04 12:00:00 561,664 -c----w c:\windows\$NtServicePackUninstall$\msobmain.dll
+ 2004-08-04 12:00:00 30,720 -c----w c:\windows\$NtServicePackUninstall$\msobshel.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\msobweb.dll
+ 2007-05-16 15:12:08 1,314,816 -c----w c:\windows\$NtServicePackUninstall$\msoe.dll
+ 2004-08-04 12:00:00 252,928 -c----w c:\windows\$NtServicePackUninstall$\msoeacct.dll
+ 2004-08-04 12:00:00 2,479,616 -c----w c:\windows\$NtServicePackUninstall$\msoeres.dll
+ 2004-08-04 12:00:00 105,984 -c----w c:\windows\$NtServicePackUninstall$\msoert2.dll
+ 2004-08-04 12:00:00 28,160 -c----w c:\windows\$NtServicePackUninstall$\msoobe.exe
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\msorc32r.dll
+ 2004-08-04 12:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\msorcl32.dll
+ 2004-08-04 12:00:00 343,040 -c----w c:\windows\$NtServicePackUninstall$\mspaint.exe
+ 2004-08-04 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\mspatcha.dll
+ 2004-08-03 11:58:40 5,376 -c----w c:\windows\$NtServicePackUninstall$\mspclock.sys
+ 2004-08-03 11:58:42 4,992 -c----w c:\windows\$NtServicePackUninstall$\mspqm.sys
+ 2004-08-04 12:00:00 48,128 -c----w c:\windows\$NtServicePackUninstall$\msprivs.dll
+ 2004-08-04 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\msrle32.dll
+ 2004-08-04 12:00:00 134,656 -c----w c:\windows\$NtServicePackUninstall$\mssap.dll
+ 2004-08-04 12:00:00 15,488 -c----w c:\windows\$NtServicePackUninstall$\mssmbios.sys
+ 2004-08-04 12:00:00 274,432 -c----w c:\windows\$NtServicePackUninstall$\mst120.dll
+ 2004-08-04 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\mst123.dll
+ 2004-08-04 12:00:00 274,944 -c----w c:\windows\$NtServicePackUninstall$\mstask.dll
+ 2004-08-04 12:00:00 12,288 -c----w c:\windows\$NtServicePackUninstall$\mstinit.exe
+ 2004-08-04 12:00:00 115,712 -c----w c:\windows\$NtServicePackUninstall$\mstlsapi.dll
+ 2004-08-04 12:00:00 407,552 -c----w c:\windows\$NtServicePackUninstall$\mstsc.exe
+ 2004-08-04 12:00:00 655,360 -c----w c:\windows\$NtServicePackUninstall$\mstscax.dll
+ 2004-08-04 12:00:00 195,072 -c----w c:\windows\$NtServicePackUninstall$\msutb.dll
+ 2004-08-04 12:00:00 129,536 -c----w c:\windows\$NtServicePackUninstall$\msv1_0.dll
+ 2004-08-04 12:00:00 1,392,671 -c----w c:\windows\$NtServicePackUninstall$\msvbvm60.dll
+ 2004-08-04 12:00:00 54,784 -c----w c:\windows\$NtServicePackUninstall$\msvcirt.dll
+ 2004-08-04 12:00:00 413,696 -c----w c:\windows\$NtServicePackUninstall$\msvcp60.dll
+ 2004-08-04 12:00:00 343,040 -c----w c:\windows\$NtServicePackUninstall$\msvcrt.dll
+ 2004-08-04 12:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\msvcrt40.dll
+ 2004-08-04 12:00:00 120,832 -c----w c:\windows\$NtServicePackUninstall$\msvfw32.dll
+ 2004-08-04 12:00:00 1,428,480 -c----w c:\windows\$NtServicePackUninstall$\msvidctl.dll
+ 2004-08-04 12:00:00 72,704 -c----w c:\windows\$NtServicePackUninstall$\msw3prt.dll
+ 2004-08-04 12:00:00 204,288 -c----w c:\windows\$NtServicePackUninstall$\mswebdvd.dll
+ 2008-06-20 17:41:10 245,248 -c----w c:\windows\$NtServicePackUninstall$\mswsock.dll
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\msxactps.dll
+ 2004-08-04 12:00:00 506,368 -c----w c:\windows\$NtServicePackUninstall$\msxml.dll
+ 2004-08-04 12:00:00 701,440 -c----w c:\windows\$NtServicePackUninstall$\msxml2.dll
+ 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\$NtServicePackUninstall$\msxml3.dll
+ 2004-08-04 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\msyuv.dll
+ 2004-08-04 12:00:00 111,104 -c----w c:\windows\$NtServicePackUninstall$\mtstocom.exe
+ 2006-03-01 19:42:42 66,560 -c----w c:\windows\$NtServicePackUninstall$\mtxclu.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\mtxdm.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\mtxex.dll
+ 2004-08-04 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\mtxlegih.dll
+ 2006-03-01 19:42:42 91,136 -c----w c:\windows\$NtServicePackUninstall$\mtxoci.dll
+ 2004-08-04 12:00:00 107,904 -c----w c:\windows\$NtServicePackUninstall$\mup.sys
+ 2004-08-04 12:00:00 90,624 -c----w c:\windows\$NtServicePackUninstall$\mydocs.dll
+ 2004-08-04 12:00:00 221,184 -c----w c:\windows\$NtServicePackUninstall$\nac.dll
+ 2004-08-04 12:00:00 53,760 -c----w c:\windows\$NtServicePackUninstall$\narrator.exe
+ 2004-08-04 12:00:00 36,352 -c----w c:\windows\$NtServicePackUninstall$\ncobjapi.dll
+ 2004-08-04 12:00:00 47,104 -c----w c:\windows\$NtServicePackUninstall$\ncprov.dll
+ 2004-08-04 12:00:00 17,920 -c----w c:\windows\$NtServicePackUninstall$\nddeapi.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\nddeapir.exe
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\nddenb32.dll
+ 2004-08-04 12:00:00 182,912 -c----w c:\windows\$NtServicePackUninstall$\ndis.sys
+ 2004-08-04 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\ndisnpp.dll
+ 2004-08-04 12:00:00 9,600 -c----w c:\windows\$NtServicePackUninstall$\ndistapi.sys
+ 2004-08-04 12:00:00 12,928 -c----w c:\windows\$NtServicePackUninstall$\ndisuio.sys
+ 2004-08-04 12:00:00 91,776 -c----w c:\windows\$NtServicePackUninstall$\ndiswan.sys
+ 2004-08-04 12:00:00 38,016 -c----w c:\windows\$NtServicePackUninstall$\ndproxy.sys
+ 2004-08-04 12:00:00 42,496 -c----w c:\windows\$NtServicePackUninstall$\net.exe
+ 2004-08-04 12:00:00 124,928 -c----w c:\windows\$NtServicePackUninstall$\net1.exe
+ 2006-08-17 12:28:27 332,288 -c----w c:\windows\$NtServicePackUninstall$\netapi32.dll
+ 2004-08-04 12:00:00 34,560 -c----w c:\windows\$NtServicePackUninstall$\netbios.sys
+ 2004-08-04 12:00:00 162,816 -c----w c:\windows\$NtServicePackUninstall$\netbt.sys
+ 2004-08-04 12:00:00 622,080 -c----w c:\windows\$NtServicePackUninstall$\netcfgx.dll
+ 2004-08-04 12:00:00 111,104 -c----w c:\windows\$NtServicePackUninstall$\netdde.exe
+ 2004-08-04 12:00:00 139,264 -c----w c:\windows\$NtServicePackUninstall$\netid.dll
+ 2004-08-04 12:00:00 407,040 -c----w c:\windows\$NtServicePackUninstall$\netlogon.dll
+ 2005-08-22 18:29:46 197,632 -c----w c:\windows\$NtServicePackUninstall$\netman.dll
+ 2004-08-04 12:00:00 77,312 -c----w c:\windows\$NtServicePackUninstall$\netoc.dll
+ 2004-08-04 12:00:00 875,008 -c----w c:\windows\$NtServicePackUninstall$\netplwiz.dll
+ 2004-08-04 12:00:00 12,288 -c----w c:\windows\$NtServicePackUninstall$\netrap.dll
+ 2004-08-04 12:00:00 329,728 -c----w c:\windows\$NtServicePackUninstall$\netsetup.exe
+ 2004-08-04 12:00:00 86,016 -c----w c:\windows\$NtServicePackUninstall$\netsh.exe
+ 2004-08-04 12:00:00 1,708,032 -c----w c:\windows\$NtServicePackUninstall$\netshell.dll
+ 2004-08-04 12:00:00 36,864 -c----w c:\windows\$NtServicePackUninstall$\netstat.exe
+ 2004-08-04 12:00:00 80,896 -c----w c:\windows\$NtServicePackUninstall$\netui0.dll
+ 2004-08-04 12:00:00 245,760 -c----w c:\windows\$NtServicePackUninstall$\netui1.dll
+ 2004-08-04 12:00:00 248,832 -c----w c:\windows\$NtServicePackUninstall$\newdev.dll
+ 2004-08-04 12:00:00 61,824 -c----w c:\windows\$NtServicePackUninstall$\nic1394.sys
+ 2004-08-04 12:00:00 103,936 -c----w c:\windows\$NtServicePackUninstall$\nlhtml.dll
+ 2004-08-04 12:00:00 229,376 -c----w c:\windows\$NtServicePackUninstall$\nmas.dll
+ 2004-08-04 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\nmasnt.dll
+ 2004-08-04 12:00:00 81,920 -c----w c:\windows\$NtServicePackUninstall$\nmchat.dll
+ 2004-08-04 12:00:00 77,824 -c----w c:\windows\$NtServicePackUninstall$\nmcom.dll
+ 2004-08-04 12:00:00 151,552 -c----w c:\windows\$NtServicePackUninstall$\nmft.dll
+ 2004-08-04 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\nmmkcert.dll
+ 2004-08-04 12:00:00 40,320 -c----w c:\windows\$NtServicePackUninstall$\nmnt.sys
+ 2004-08-04 12:00:00 172,032 -c----w c:\windows\$NtServicePackUninstall$\nmoldwb.dll
+ 2004-08-04 12:00:00 188,416 -c----w c:\windows\$NtServicePackUninstall$\nmwb.dll
+ 2004-08-04 12:00:00 69,120 -c----w c:\windows\$NtServicePackUninstall$\notepad.exe
+ 2004-08-04 12:00:00 226,816 -c----w c:\windows\$NtServicePackUninstall$\npdrmv2.dll
+ 2005-11-29 06:27:06 364,544 -c----w c:\windows\$NtServicePackUninstall$\npdsplay.dll
+ 2004-08-04 12:00:00 30,848 -c----w c:\windows\$NtServicePackUninstall$\npfs.sys
+ 2004-08-04 12:00:00 15,360 -c----w c:\windows\$NtServicePackUninstall$\nppagent.exe
+ 2004-08-04 12:00:00 54,784 -c----w c:\windows\$NtServicePackUninstall$\npptools.dll
+ 2004-08-04 12:00:00 10,240 -c----w c:\windows\$NtServicePackUninstall$\npwmsdrm.dll
+ 2004-08-04 12:00:00 76,800 -c----w c:\windows\$NtServicePackUninstall$\nslookup.exe
+ 2004-08-04 12:00:00 708,096 -c----w c:\windows\$NtServicePackUninstall$\ntdll.dll
+ 2004-08-04 12:00:00 67,072 -c----w c:\windows\$NtServicePackUninstall$\ntdsapi.dll
+ 2004-08-04 12:00:00 212,992 -c----w c:\windows\$NtServicePackUninstall$\ntevt.dll
+ 2007-02-09 11:10:35 574,464 -c----w c:\windows\$NtServicePackUninstall$\ntfs.sys

acasey · Nov 13, 2008

part three...

+ 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\$NtServicePackUninstall$\ntkrnlmp.exe
+ 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\$NtServicePackUninstall$\ntkrnlmp.exe.000
+ 2007-02-28 08:38:55 2,057,600 -c----w c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
+ 2007-02-28 08:38:55 2,057,600 -c----w c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe.000
+ 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\$NtServicePackUninstall$\ntkrpamp.exe
+ 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\$NtServicePackUninstall$\ntkrpamp.exe.000
+ 2004-08-04 12:00:00 43,520 -c----w c:\windows\$NtServicePackUninstall$\ntlanman.dll
+ 2004-08-04 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\ntlsapi.dll
+ 2004-08-04 12:00:00 118,784 -c----w c:\windows\$NtServicePackUninstall$\ntmarta.dll
+ 2004-08-04 12:00:00 40,960 -c----w c:\windows\$NtServicePackUninstall$\ntmsapi.dll
+ 2004-08-04 12:00:00 179,712 -c----w c:\windows\$NtServicePackUninstall$\ntmsdba.dll
+ 2004-08-04 12:00:00 488,448 -c----w c:\windows\$NtServicePackUninstall$\ntmsmgr.dll
+ 2004-08-04 12:00:00 435,200 -c----w c:\windows\$NtServicePackUninstall$\ntmssvc.dll
+ 2004-08-04 12:00:00 62,976 -c----w c:\windows\$NtServicePackUninstall$\ntoc.dll
+ 2007-02-28 09:10:57 2,180,352 -c----w c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
+ 2007-02-28 09:10:57 2,180,352 -c----w c:\windows\$NtServicePackUninstall$\ntoskrnl.exe.000
+ 2004-08-04 12:00:00 91,136 -c----w c:\windows\$NtServicePackUninstall$\ntprint.dll
+ 2004-08-04 12:00:00 143,872 -c----w c:\windows\$NtServicePackUninstall$\ntshrui.dll
+ 2004-08-04 12:00:00 419,840 -c----w c:\windows\$NtServicePackUninstall$\ntvdm.exe
+ 2004-08-04 12:00:00 13,312 -c----w c:\windows\$NtServicePackUninstall$\ntvdmd.dll
+ 2004-08-04 12:00:00 88,448 -c----w c:\windows\$NtServicePackUninstall$\nwlnkipx.sys
+ 2006-10-13 12:35:12 142,336 -c----w c:\windows\$NtServicePackUninstall$\nwprovau.dll
+ 2004-08-04 12:00:00 266,752 -c----w c:\windows\$NtServicePackUninstall$\oakley.dll
+ 2004-08-04 12:00:00 285,696 -c----w c:\windows\$NtServicePackUninstall$\objsel.dll
+ 2004-08-04 12:00:00 405,504 -c----w c:\windows\$NtServicePackUninstall$\obrb041b.dll
+ 2004-08-04 12:00:00 408,576 -c----w c:\windows\$NtServicePackUninstall$\obrb0424.dll
+ 2004-08-04 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\ocgen.dll
+ 2004-08-04 12:00:00 60,928 -c----w c:\windows\$NtServicePackUninstall$\ocmanage.dll
+ 2004-08-04 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\ocmsn.dll
+ 2004-08-04 12:00:00 249,856 -c----w c:\windows\$NtServicePackUninstall$\odbc32.dll
+ 2004-08-04 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\odbc32gt.dll
+ 2004-08-04 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\odbcad32.exe
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\odbcbcp.dll
+ 2004-08-04 12:00:00 135,168 -c----w c:\windows\$NtServicePackUninstall$\odbcconf.dll
+ 2004-08-04 12:00:00 69,632 -c----w c:\windows\$NtServicePackUninstall$\odbcconf.exe
+ 2004-08-04 12:00:00 106,496 -c----w c:\windows\$NtServicePackUninstall$\odbccp32.dll
+ 2004-08-04 12:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\odbccr32.dll
+ 2004-08-04 12:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\odbccu32.dll
+ 2004-08-04 12:00:00 94,208 -c----w c:\windows\$NtServicePackUninstall$\odbcint.dll
+ 2004-08-04 12:00:00 53,279 -c----w c:\windows\$NtServicePackUninstall$\odbcji32.dll
+ 2004-08-04 12:00:00 278,559 -c----w c:\windows\$NtServicePackUninstall$\odbcjt32.dll
+ 2004-08-04 12:00:00 12,288 -c----w c:\windows\$NtServicePackUninstall$\odbcp32r.dll
+ 2004-08-04 12:00:00 147,456 -c----w c:\windows\$NtServicePackUninstall$\odbctrac.dll
+ 2004-08-04 12:00:00 20,511 -c----w c:\windows\$NtServicePackUninstall$\oddbse32.dll
+ 2004-08-04 12:00:00 20,510 -c----w c:\windows\$NtServicePackUninstall$\odexl32.dll
+ 2004-08-04 12:00:00 20,510 -c----w c:\windows\$NtServicePackUninstall$\odfox32.dll
+ 2004-08-04 12:00:00 20,510 -c----w c:\windows\$NtServicePackUninstall$\odpdx32.dll
+ 2004-08-04 12:00:00 20,511 -c----w c:\windows\$NtServicePackUninstall$\odtext32.dll
+ 2004-08-04 12:00:00 104,448 -c----w c:\windows\$NtServicePackUninstall$\oeimport.dll
+ 2004-08-04 12:00:00 60,416 -c----w c:\windows\$NtServicePackUninstall$\oemig50.exe
+ 2004-08-04 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\oemiglib.dll
+ 2004-08-04 12:00:00 120,832 -c----w c:\windows\$NtServicePackUninstall$\offfilt.dll
+ 2004-08-03 13:10:10 61,056 -c----w c:\windows\$NtServicePackUninstall$\ohci1394.sys
+ 2005-07-26 04:39:48 1,285,120 -c----w c:\windows\$NtServicePackUninstall$\ole32.dll
+ 2007-12-04 18:38:13 550,912 -c----w c:\windows\$NtServicePackUninstall$\oleaut32.dll
+ 2005-07-26 04:39:48 74,752 -c----w c:\windows\$NtServicePackUninstall$\olecli32.dll
+ 2005-07-26 04:39:49 37,888 -c----w c:\windows\$NtServicePackUninstall$\olecnv32.dll
+ 2004-08-04 12:00:00 487,424 -c----w c:\windows\$NtServicePackUninstall$\oledb32.dll
+ 2004-08-04 12:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\oledb32r.dll
+ 2006-10-16 16:15:00 122,880 -c----w c:\windows\$NtServicePackUninstall$\oledlg.dll
+ 2004-08-04 12:00:00 107,008 -c----w c:\windows\$NtServicePackUninstall$\oleprn.dll
+ 2004-08-04 12:00:00 83,456 -c----w c:\windows\$NtServicePackUninstall$\olepro32.dll
+ 2004-08-04 12:00:00 51,200 -c----w c:\windows\$NtServicePackUninstall$\oobebaln.exe
+ 2004-08-04 12:00:00 713,728 -c----w c:\windows\$NtServicePackUninstall$\opengl32.dll
+ 2004-08-04 12:00:00 215,552 -c----w c:\windows\$NtServicePackUninstall$\osk.exe
+ 2004-08-04 12:00:00 67,584 -c----w c:\windows\$NtServicePackUninstall$\osuninst.dll
+ 2004-08-04 12:00:00 116,224 -c----w c:\windows\$NtServicePackUninstall$\p2p.dll
+ 2004-08-04 12:00:00 86,016 -c----w c:\windows\$NtServicePackUninstall$\p2pgasvc.dll
+ 2004-08-04 12:00:00 312,320 -c----w c:\windows\$NtServicePackUninstall$\p2pgraph.dll
+ 2004-08-04 12:00:00 88,064 -c----w c:\windows\$NtServicePackUninstall$\p2pnetsh.dll
+ 2004-08-04 12:00:00 526,848 -c----w c:\windows\$NtServicePackUninstall$\p2psvc.dll
+ 2004-08-04 12:00:00 42,496 -c----w c:\windows\$NtServicePackUninstall$\p3.sys
+ 2004-08-04 12:00:00 58,368 -c----w c:\windows\$NtServicePackUninstall$\packager.exe
+ 2004-08-04 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\padrs404.dll
+ 2004-08-04 12:00:00 15,360 -c----w c:\windows\$NtServicePackUninstall$\padrs804.dll
+ 2004-08-04 12:00:00 80,128 -c----w c:\windows\$NtServicePackUninstall$\parport.sys
+ 2004-08-04 12:00:00 18,688 -c----w c:\windows\$NtServicePackUninstall$\partmgr.sys
+ 2004-08-04 12:00:00 62,976 -c----w c:\windows\$NtServicePackUninstall$\pautoenr.dll
+ 2004-08-04 12:00:00 102,400 -c----w c:\windows\$NtServicePackUninstall$\pchshell.dll
+ 2004-08-04 12:00:00 38,912 -c----w c:\windows\$NtServicePackUninstall$\pchsvc.dll
+ 2004-08-04 12:00:00 68,224 -c----w c:\windows\$NtServicePackUninstall$\pci.sys
+ 2004-08-04 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\pciidex.sys
+ 2004-08-04 12:00:00 119,936 -c----w c:\windows\$NtServicePackUninstall$\pcmcia.sys
+ 2004-08-04 12:00:00 283,648 -c----w c:\windows\$NtServicePackUninstall$\pdh.dll
+ 2004-08-04 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\perfctrs.dll
+ 2004-08-04 12:00:00 26,624 -c----w c:\windows\$NtServicePackUninstall$\perfdisk.dll
+ 2004-08-04 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\perfmon.exe
+ 2004-08-04 12:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\perfnet.dll
+ 2004-08-04 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\perfos.dll
+ 2004-08-04 12:00:00 34,816 -c----w c:\windows\$NtServicePackUninstall$\perfproc.dll
+ 2004-08-04 12:00:00 176,128 -c----w c:\windows\$NtServicePackUninstall$\photowiz.dll
+ 2004-08-04 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\pid.dll
+ 2004-08-04 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\pidgen.dll
+ 2004-08-04 12:00:00 281,088 -c----w c:\windows\$NtServicePackUninstall$\pinball.exe
+ 2004-08-04 12:00:00 17,920 -c----w c:\windows\$NtServicePackUninstall$\ping.exe
+ 2004-08-04 12:00:00 175,104 -c----w c:\windows\$NtServicePackUninstall$\pintlcsa.dll
+ 2004-08-04 12:00:00 53,760 -c----w c:\windows\$NtServicePackUninstall$\pintlcsd.dll
+ 2004-08-04 12:00:00 70,144 -c----w c:\windows\$NtServicePackUninstall$\pintlphr.exe
+ 2004-08-04 12:00:00 15,360 -c----w c:\windows\$NtServicePackUninstall$\pjlmon.dll
+ 2004-08-04 12:00:00 67,584 -c----w c:\windows\$NtServicePackUninstall$\pmigrate.dll
+ 2004-08-04 12:00:00 48,640 -c----w c:\windows\$NtServicePackUninstall$\pnrpnsp.dll
+ 2004-08-04 12:00:00 105,472 -c----w c:\windows\$NtServicePackUninstall$\polstore.dll
+ 2004-08-03 13:15:50 145,792 -c----w c:\windows\$NtServicePackUninstall$\portcls.sys
+ 2004-08-04 12:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\powercfg.exe
+ 2004-08-04 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\powrprof.dll
+ 2004-08-04 12:00:00 560,640 -c----w c:\windows\$NtServicePackUninstall$\printui.dll
+ 2004-08-04 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\processr.sys
+ 2004-08-04 12:00:00 27,648 -c----w c:\windows\$NtServicePackUninstall$\profmap.dll
+ 2004-08-04 12:00:00 109,568 -c----w c:\windows\$NtServicePackUninstall$\progman.exe
+ 2004-08-04 12:00:00 50,176 -c----w c:\windows\$NtServicePackUninstall$\proquota.exe
+ 2004-08-04 12:00:00 237,056 -c----w c:\windows\$NtServicePackUninstall$\provthrd.dll
+ 2004-08-04 12:00:00 9,216 -c----w c:\windows\$NtServicePackUninstall$\proxycfg.exe
+ 2005-03-20 21:47:18 129,024 -c----w c:\windows\$NtServicePackUninstall$\ps5ui.dll
+ 2004-08-04 12:00:00 23,040 -c----w c:\windows\$NtServicePackUninstall$\psapi.dll
+ 2004-08-04 12:00:00 96,768 -c----w c:\windows\$NtServicePackUninstall$\psbase.dll
+ 2004-08-04 12:00:00 69,120 -c----w c:\windows\$NtServicePackUninstall$\psched.sys
+ 2005-03-20 21:47:18 455,168 -c----w c:\windows\$NtServicePackUninstall$\pscript5.dll
+ 2004-08-04 12:00:00 43,520 -c----w c:\windows\$NtServicePackUninstall$\pstorec.dll
+ 2004-08-04 12:00:00 34,304 -c----w c:\windows\$NtServicePackUninstall$\pstorsvc.dll
+ 2004-08-04 12:00:00 192,512 -c----w c:\windows\$NtServicePackUninstall$\qcap.dll
+ 2004-08-04 12:00:00 279,040 -c----w c:\windows\$NtServicePackUninstall$\qdv.dll
+ 2004-08-04 12:00:00 385,024 -c----w c:\windows\$NtServicePackUninstall$\qdvd.dll
+ 2004-08-04 12:00:00 562,176 -c----w c:\windows\$NtServicePackUninstall$\qedit.dll
+ 2004-08-04 12:00:00 733,696 -c----w c:\windows\$NtServicePackUninstall$\qedwipes.dll
+ 2004-08-04 12:00:00 382,464 -c----w c:\windows\$NtServicePackUninstall$\qmgr.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\qmgrprxy.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\qprocess.exe
+ 2008-05-07 05:18:48 1,287,680 -c----w c:\windows\$NtServicePackUninstall$\quartz.dll
+ 2006-06-22 05:06:30 1,435,648 -c----w c:\windows\$NtServicePackUninstall$\query.dll
+ 2004-08-04 12:00:00 43,520 -c----w c:\windows\$NtServicePackUninstall$\racpldlg.dll
+ 2004-08-04 12:00:00 20,736 -c----w c:\windows\$NtServicePackUninstall$\ramdisk.sys
+ 2006-06-26 17:37:10 8,192 -c----w c:\windows\$NtServicePackUninstall$\rasadhlp.dll
+ 2004-08-04 12:00:00 236,544 -c----w c:\windows\$NtServicePackUninstall$\rasapi32.dll
+ 2004-08-04 12:00:00 89,088 -c----w c:\windows\$NtServicePackUninstall$\rasauto.dll
+ 2004-08-04 12:00:00 69,632 -c----w c:\windows\$NtServicePackUninstall$\raschap.dll
+ 2004-08-04 12:00:00 657,920 -c----w c:\windows\$NtServicePackUninstall$\rasdlg.dll
+ 2004-08-04 12:00:00 51,328 -c----w c:\windows\$NtServicePackUninstall$\rasl2tp.sys
+ 2004-08-04 12:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\rasman.dll
+ 2006-06-22 10:47:18 181,248 -c----w c:\windows\$NtServicePackUninstall$\rasmans.dll
+ 2004-08-04 12:00:00 56,832 -c----w c:\windows\$NtServicePackUninstall$\rasphone.exe
+ 2004-08-04 12:00:00 206,336 -c----w c:\windows\$NtServicePackUninstall$\rasppp.dll
+ 2004-08-04 12:00:00 41,472 -c----w c:\windows\$NtServicePackUninstall$\raspppoe.sys
+ 2004-08-04 12:00:00 48,384 -c----w c:\windows\$NtServicePackUninstall$\raspptp.sys
+ 2004-08-04 12:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\rassapi.dll
+ 2004-08-04 12:00:00 58,880 -c----w c:\windows\$NtServicePackUninstall$\rastapi.dll
+ 2004-08-04 12:00:00 112,128 -c----w c:\windows\$NtServicePackUninstall$\rastls.dll
+ 2004-08-04 12:00:00 102,400 -c----w c:\windows\$NtServicePackUninstall$\rcbdyctl.dll
+ 2004-08-04 12:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\rcimlby.exe
+ 2004-08-04 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\rcp.exe
+ 2006-05-05 09:47:57 174,592 -c----w c:\windows\$NtServicePackUninstall$\rdbss.sys
+ 2004-08-04 12:00:00 147,968 -c----w c:\windows\$NtServicePackUninstall$\rdchost.dll
+ 2004-08-04 12:00:00 62,464 -c----w c:\windows\$NtServicePackUninstall$\rdpclip.exe
+ 2004-08-04 12:00:00 92,168 -c----w c:\windows\$NtServicePackUninstall$\rdpdd.dll
+ 2004-08-03 12:01:16 196,864 -c----w c:\windows\$NtServicePackUninstall$\rdpdr.sys
+ 2004-08-04 12:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\rdpsnd.dll
+ 2005-06-10 04:09:46 139,528 -c----w c:\windows\$NtServicePackUninstall$\rdpwd.sys
+ 2004-08-04 12:00:00 87,176 -c----w c:\windows\$NtServicePackUninstall$\rdpwsx.dll
+ 2004-08-04 12:00:00 13,824 -c----w c:\windows\$NtServicePackUninstall$\rdsaddin.exe
+ 2004-08-04 12:00:00 67,072 -c----w c:\windows\$NtServicePackUninstall$\rdshost.exe
+ 2004-08-03 22:59:38 57,472 -c----w c:\windows\$NtServicePackUninstall$\redbook.sys
+ 2004-08-04 12:00:00 50,176 -c----w c:\windows\$NtServicePackUninstall$\reg.exe
+ 2004-08-04 12:00:00 49,664 -c----w c:\windows\$NtServicePackUninstall$\regapi.dll
+ 2004-08-04 12:00:00 146,432 -c----w c:\windows\$NtServicePackUninstall$\regedit.exe
+ 2004-08-04 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\regsvc.dll
+ 2004-08-04 12:00:00 11,776 -c----w c:\windows\$NtServicePackUninstall$\regsvr32.exe
+ 2004-08-04 12:00:00 397,824 -c----w c:\windows\$NtServicePackUninstall$\regwizc.dll
+ 2004-08-04 12:00:00 60,416 -c----w c:\windows\$NtServicePackUninstall$\remotepg.dll
+ 2004-08-04 12:00:00 177,152 -c----w c:\windows\$NtServicePackUninstall$\repdrvfs.dll
+ 2004-08-04 12:00:00 58,880 -c----w c:\windows\$NtServicePackUninstall$\resutils.dll
+ 2004-08-04 12:00:00 13,824 -c----w c:\windows\$NtServicePackUninstall$\rexec.exe
+ 2006-11-27 14:54:06 433,152 -c----w c:\windows\$NtServicePackUninstall$\riched20.dll
+ 2008-05-08 12:28:49 202,752 -c----w c:\windows\$NtServicePackUninstall$\rmcast.sys
+ 2004-08-04 12:00:00 30,080 -c----w c:\windows\$NtServicePackUninstall$\rndismp.sys
+ 2007-07-09 13:09:42 584,192 -c----w c:\windows\$NtServicePackUninstall$\rpcrt4.dll
+ 2005-07-26 04:39:49 397,824 -c----w c:\windows\$NtServicePackUninstall$\rpcss.dll
+ 2004-08-04 12:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\rrcm.dll
+ 2004-08-04 12:00:00 152,576 -c----w c:\windows\$NtServicePackUninstall$\rsaenh.dll
+ 2004-08-04 12:00:00 14,848 -c----w c:\windows\$NtServicePackUninstall$\rsh.exe
+ 2004-08-04 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\rshx32.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\rsmps.dll
+ 2004-08-04 12:00:00 380,416 -c----w c:\windows\$NtServicePackUninstall$\rstrui.exe
+ 2004-08-04 12:00:00 90,112 -c----w c:\windows\$NtServicePackUninstall$\rsvpsp.dll
+ 2004-08-04 12:00:00 77,312 -c----w c:\windows\$NtServicePackUninstall$\rtcshare.exe
+ 2004-08-04 12:00:00 31,744 -c----w c:\windows\$NtServicePackUninstall$\rtipxmib.dll
+ 2004-08-04 12:00:00 44,032 -c----w c:\windows\$NtServicePackUninstall$\rtutils.dll
+ 2004-08-04 12:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\rundll32.exe
+ 2004-08-04 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\runonce.exe
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\rw001ext.dll
+ 2004-08-04 12:00:00 26,624 -c----w c:\windows\$NtServicePackUninstall$\rw330ext.dll
+ 2004-08-04 12:00:00 43,520 -c----w c:\windows\$NtServicePackUninstall$\safrcdlg.dll
+ 2004-08-04 12:00:00 29,696 -c----w c:\windows\$NtServicePackUninstall$\safrdm.dll
+ 2004-08-04 12:00:00 45,568 -c----w c:\windows\$NtServicePackUninstall$\safrslv.dll
+ 2004-08-04 12:00:00 64,000 -c----w c:\windows\$NtServicePackUninstall$\samlib.dll
+ 2004-08-04 12:00:00 415,744 -c----w c:\windows\$NtServicePackUninstall$\samsrv.dll
+ 2004-08-04 12:00:00 741,376 -c----w c:\windows\$NtServicePackUninstall$\sapi.dll
+ 2004-08-04 12:00:00 13,312 -c----w c:\windows\$NtServicePackUninstall$\savedump.exe
+ 2004-08-04 12:00:00 270,848 -c----w c:\windows\$NtServicePackUninstall$\sbe.dll
+ 2004-08-04 12:00:00 159,232 -c----w c:\windows\$NtServicePackUninstall$\sbeio.dll
+ 2004-08-04 12:00:00 69,632 -c----w c:\windows\$NtServicePackUninstall$\scarddlg.dll
+ 2004-08-04 12:00:00 95,744 -c----w c:\windows\$NtServicePackUninstall$\scardsvr.exe
+ 2004-08-04 12:00:00 171,008 -c----w c:\windows\$NtServicePackUninstall$\sccsccp.dll
+ 2004-08-04 12:00:00 180,224 -c----w c:\windows\$NtServicePackUninstall$\scecli.dll
+ 2004-08-04 12:00:00 313,856 -c----w c:\windows\$NtServicePackUninstall$\scesrv.dll
+ 2007-04-25 14:21:15 144,896 -c----w c:\windows\$NtServicePackUninstall$\schannel.dll
+ 2004-08-04 12:00:00 190,976 -c----w c:\windows\$NtServicePackUninstall$\schedsvc.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\sclgntfy.dll
+ 2004-08-04 12:00:00 36,864 -c----w c:\windows\$NtServicePackUninstall$\scrcons.exe
+ 2004-08-04 12:00:00 202,752 -c----w c:\windows\$NtServicePackUninstall$\script.dll
+ 2004-08-04 12:00:00 9,216 -c----w c:\windows\$NtServicePackUninstall$\scrnsave.scr
+ 2004-08-04 12:00:00 159,744 -c----w c:\windows\$NtServicePackUninstall$\scrobj.dll
+ 2004-08-04 12:00:00 151,552 -c----w c:\windows\$NtServicePackUninstall$\scrrun.dll
+ 2004-08-04 12:00:00 96,256 -c----w c:\windows\$NtServicePackUninstall$\scsiport.sys
+ 2004-08-04 12:00:00 77,312 -c----w c:\windows\$NtServicePackUninstall$\sdbinst.exe
+ 2004-08-04 12:00:00 67,584 -c----w c:\windows\$NtServicePackUninstall$\sdbus.sys
+ 2004-08-04 12:00:00 29,184 -c----w c:\windows\$NtServicePackUninstall$\sdhcinst.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\seclogon.dll
+ 2004-08-04 12:00:00 55,808 -c----w c:\windows\$NtServicePackUninstall$\secur32.dll
+ 2004-08-04 12:00:00 5,632 -c----w c:\windows\$NtServicePackUninstall$\security.dll
+ 2004-08-04 12:00:00 29,184 -c----w c:\windows\$NtServicePackUninstall$\sendcmsg.dll
+ 2004-08-04 12:00:00 55,296 -c----w c:\windows\$NtServicePackUninstall$\sendmail.dll
+ 2004-08-04 12:00:00 38,912 -c----w c:\windows\$NtServicePackUninstall$\sens.dll
+ 2004-08-04 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\sensapi.dll
+ 2004-08-04 12:00:00 15,488 -c----w c:\windows\$NtServicePackUninstall$\serenum.sys
+ 2004-08-04 12:00:00 64,896 -c----w c:\windows\$NtServicePackUninstall$\serial.sys
+ 2004-08-04 12:00:00 56,320 -c----w c:\windows\$NtServicePackUninstall$\servdeps.dll
+ 2004-08-04 12:00:00 108,032 -c----w c:\windows\$NtServicePackUninstall$\services.exe
+ 2004-08-04 12:00:00 140,800 -c----w c:\windows\$NtServicePackUninstall$\sessmgr.exe
+ 2004-08-04 12:00:00 31,232 -c----w c:\windows\$NtServicePackUninstall$\sethc.exe
+ 2004-08-04 12:00:00 23,040 -c----w c:\windows\$NtServicePackUninstall$\setup.exe
+ 2004-08-04 12:00:00 73,216 -c----w c:\windows\$NtServicePackUninstall$\setup50.exe
+ 2004-08-04 12:00:00 983,552 -c----w c:\windows\$NtServicePackUninstall$\setupapi.dll
+ 2004-08-04 12:00:00 101,376 -c----w c:\windows\$NtServicePackUninstall$\setupqry.dll
+ 2004-08-04 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\sfc.dll
+ 2004-08-04 12:00:00 140,288 -c----w c:\windows\$NtServicePackUninstall$\sfc_os.dll
+ 2004-08-04 12:00:00 1,580,544 -c----w c:\windows\$NtServicePackUninstall$\sfcfiles.dll
+ 2004-08-04 12:00:00 11,136 -c----w c:\windows\$NtServicePackUninstall$\sffdisk.sys
+ 2004-08-04 12:00:00 10,240 -c----w c:\windows\$NtServicePackUninstall$\sffp_sd.sys
+ 2004-08-04 12:00:00 11,392 -c----w c:\windows\$NtServicePackUninstall$\sfloppy.sys
+ 2004-08-04 12:00:00 549,376 -c----w c:\windows\$NtServicePackUninstall$\shdoclc.dll
+ 2006-09-23 03:12:50 1,497,088 -c----w c:\windows\$NtServicePackUninstall$\shdocvw.dll
+ 2007-10-26 03:36:51 8,454,656 -c----w c:\windows\$NtServicePackUninstall$\shell32.dll
+ 2004-08-04 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\shfolder.dll
+ 2004-08-04 12:00:00 68,096 -c----w c:\windows\$NtServicePackUninstall$\shgina.dll
+ 2004-08-04 12:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\shimeng.dll
+ 2004-08-04 12:00:00 438,272 -c----w c:\windows\$NtServicePackUninstall$\shimgvw.dll
+ 2006-09-23 03:12:50 474,112 -c----w c:\windows\$NtServicePackUninstall$\shlwapi.dll
+ 2004-08-04 12:00:00 151,552 -c----w c:\windows\$NtServicePackUninstall$\shmedia.dll
+ 2004-08-04 12:00:00 42,496 -c----w c:\windows\$NtServicePackUninstall$\shmgrate.exe
+ 2004-08-04 12:00:00 77,824 -c----w c:\windows\$NtServicePackUninstall$\shrpubw.exe
+ 2004-08-04 12:00:00 27,648 -c----w c:\windows\$NtServicePackUninstall$\shscrap.dll
+ 2006-12-19 21:52:18 134,656 -c----w c:\windows\$NtServicePackUninstall$\shsvcs.dll
+ 2003-03-24 05:52:04 20,536 -c----w c:\windows\$NtServicePackUninstall$\shtml.dll
+ 2003-03-24 05:52:04 16,437 -c----w c:\windows\$NtServicePackUninstall$\shtml.exe
+ 2004-08-04 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\shutdown.exe
+ 2004-08-04 12:00:00 13,312 -c----w c:\windows\$NtServicePackUninstall$\sigtab.dll
+ 2004-08-04 12:00:00 70,144 -c----w c:\windows\$NtServicePackUninstall$\sigverif.exe
+ 2002-07-10 15:39:34 32,256 -c----w c:\windows\$NtServicePackUninstall$\sisnic.sys
+ 2004-08-04 12:00:00 26,112 -c----w c:\windows\$NtServicePackUninstall$\skeys.exe
+ 2004-08-04 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\slayerxp.dll
+ 2004-08-04 12:00:00 98,304 -c----w c:\windows\$NtServicePackUninstall$\slbiop.dll
+ 2004-08-04 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\smbinst.exe
+ 2004-08-04 12:00:00 236,544 -c----w c:\windows\$NtServicePackUninstall$\smi2smir.exe
+ 2004-08-04 12:00:00 363,008 -c----w c:\windows\$NtServicePackUninstall$\smlogcfg.dll
+ 2004-08-04 12:00:00 89,600 -c----w c:\windows\$NtServicePackUninstall$\smlogsvc.exe
+ 2004-08-04 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\smss.exe
+ 2004-08-04 12:00:00 456,704 -c----w c:\windows\$NtServicePackUninstall$\smtpsvc.dll
+ 2004-08-04 12:00:00 131,584 -c----w c:\windows\$NtServicePackUninstall$\sndrec32.exe
+ 2004-08-04 12:00:00 34,816 -c----w c:\windows\$NtServicePackUninstall$\sniffpol.dll
+ 2004-08-04 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\snmp.exe
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\snmpapi.dll
+ 2004-08-04 12:00:00 259,072 -c----w c:\windows\$NtServicePackUninstall$\snmpcl.dll
+ 2004-08-04 12:00:00 358,400 -c----w c:\windows\$NtServicePackUninstall$\snmpincl.dll
+ 2004-08-04 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\snmpmib.dll
+ 2004-08-04 12:00:00 188,416 -c----w c:\windows\$NtServicePackUninstall$\snmpsmir.dll
+ 2004-08-04 12:00:00 182,272 -c----w c:\windows\$NtServicePackUninstall$\snmpsnap.dll
+ 2004-08-04 12:00:00 40,448 -c----w c:\windows\$NtServicePackUninstall$\snmpthrd.dll
+ 2004-08-04 12:00:00 8,704 -c----w c:\windows\$NtServicePackUninstall$\snmptrap.exe
+ 2004-08-04 12:00:00 130,048 -c----w c:\windows\$NtServicePackUninstall$\softkbd.dll
+ 2004-08-04 12:00:00 25,472 -c----w c:\windows\$NtServicePackUninstall$\sonydcam.sys
+ 2004-08-04 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\sort.exe
+ 2004-08-04 12:00:00 62,976 -c----w c:\windows\$NtServicePackUninstall$\spgrmr.dll
+ 2004-08-04 12:00:00 538,624 -c----w c:\windows\$NtServicePackUninstall$\spider.exe
+ 2006-06-14 08:47:46 6,400 -c----w c:\windows\$NtServicePackUninstall$\splitter.sys
+ 2006-06-14 08:47:46 6,400 -c----w c:\windows\$NtServicePackUninstall$\splitter.sys.000
+ 2004-08-04 12:00:00 11,776 -c----w c:\windows\$NtServicePackUninstall$\spnpinst.exe
+ 2004-08-04 12:00:00 74,752 -c----w c:\windows\$NtServicePackUninstall$\spoolss.dll
+ 2005-06-10 23:53:32 57,856 -c----w c:\windows\$NtServicePackUninstall$\spoolsv.exe
+ 2004-08-04 12:00:00 193,024 -c----w c:\windows\$NtServicePackUninstall$\spra041b.dll
+ 2004-08-04 12:00:00 192,512 -c----w c:\windows\$NtServicePackUninstall$\spra0424.dll
+ 2004-08-04 12:00:00 757,248 -c----w c:\windows\$NtServicePackUninstall$\sprb041b.dll
+ 2004-08-04 12:00:00 732,160 -c----w c:\windows\$NtServicePackUninstall$\sprb0424.dll
+ 2004-08-04 12:00:00 250,880 -c----w c:\windows\$NtServicePackUninstall$\sptip.dll
+ 2008-04-13 19:42:08 438,272 -c----w c:\windows\$NtServicePackUninstall$\spuninst\spcompat.dll
+ 2007-08-10 10:46:18 231,288 -c----w c:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe
+ 2007-08-10 10:46:28 382,840 -c----w c:\windows\$NtServicePackUninstall$\spuninst\updspapi.dll
+ 2004-08-04 12:00:00 151,552 -c----w c:\windows\$NtServicePackUninstall$\sqldb20.dll
+ 2004-08-04 12:00:00 528,384 -c----w c:\windows\$NtServicePackUninstall$\sqloledb.dll
+ 2004-08-04 12:00:00 462,848 -c----w c:\windows\$NtServicePackUninstall$\sqlqp20.dll
+ 2004-08-04 12:00:00 110,592 -c----w c:\windows\$NtServicePackUninstall$\sqlse20.dll
+ 2004-08-04 12:00:00 442,368 -c----w c:\windows\$NtServicePackUninstall$\sqlsrv32.dll
+ 2004-08-04 12:00:00 180,800 -c----w c:\windows\$NtServicePackUninstall$\sqlunirl.dll
+ 2004-08-04 12:00:00 217,088 -c----w c:\windows\$NtServicePackUninstall$\sqlxmlx.dll
+ 2004-08-04 12:00:00 73,472 -c----w c:\windows\$NtServicePackUninstall$\sr.sys
+ 2004-08-04 12:00:00 58,434 -c----w c:\windows\$NtServicePackUninstall$\srchctls.dll
+ 2004-08-04 12:00:00 725,566 -c----w c:\windows\$NtServicePackUninstall$\srchui.dll
+ 2004-08-04 12:00:00 67,584 -c----w c:\windows\$NtServicePackUninstall$\srclient.dll
+ 2004-08-04 12:00:00 239,104 -c----w c:\windows\$NtServicePackUninstall$\srrstr.dll
+ 2004-08-04 12:00:00 170,496 -c----w c:\windows\$NtServicePackUninstall$\srsvc.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtServicePackUninstall$\srv.sys
+ 2004-12-07 19:32:34 96,768 -c----w c:\windows\$NtServicePackUninstall$\srvsvc.dll
+ 2004-08-04 12:00:00 704,512 -c----w c:\windows\$NtServicePackUninstall$\ss3dfo.scr
+ 2004-08-04 12:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\ssbezier.scr
+ 2004-08-04 12:00:00 34,816 -c----w c:\windows\$NtServicePackUninstall$\ssdpapi.dll
+ 2004-08-04 12:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
+ 2004-08-04 12:00:00 393,216 -c----w c:\windows\$NtServicePackUninstall$\ssflwbox.scr
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\ssmarque.scr
+ 2004-08-04 12:00:00 47,104 -c----w c:\windows\$NtServicePackUninstall$\ssmypics.scr
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\ssmyst.scr
+ 2004-08-04 12:00:00 610,304 -c----w c:\windows\$NtServicePackUninstall$\sspipes.scr
+ 2004-08-04 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\ssstars.scr
+ 2004-08-04 12:00:00 679,936 -c----w c:\windows\$NtServicePackUninstall$\sstext3d.scr
+ 2004-08-04 12:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\sstub.dll
+ 2004-08-04 12:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\startoc.dll
+ 2004-08-04 12:00:00 54,272 -c----w c:\windows\$NtServicePackUninstall$\stclient.dll
+ 2004-08-04 12:00:00 86,528 -c----w c:\windows\$NtServicePackUninstall$\stdprov.dll
+ 2004-08-04 12:00:00 67,584 -c----w c:\windows\$NtServicePackUninstall$\sti.dll
+ 2004-08-04 12:00:00 136,704 -c----w c:\windows\$NtServicePackUninstall$\sti_ci.dll
+ 2004-08-04 12:00:00 14,848 -c----w c:\windows\$NtServicePackUninstall$\stimon.exe
+ 2004-08-04 12:00:00 121,856 -c----w c:\windows\$NtServicePackUninstall$\stobject.dll
+ 2004-08-04 00:56:46 74,752 -c----w c:\windows\$NtServicePackUninstall$\storprop.dll
+ 2004-08-03 13:08:04 48,640 -c----w c:\windows\$NtServicePackUninstall$\stream.sys
+ 2006-08-20 23:52:08 246,814 -c----w c:\windows\$NtServicePackUninstall$\strmdll.dll
+ 2004-08-04 12:00:00 75,776 -c----w c:\windows\$NtServicePackUninstall$\strmfilt.dll
+ 2004-08-04 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\svchost.exe
+ 2004-08-04 12:00:00 4,352 -c----w c:\windows\$NtServicePackUninstall$\swenum.sys
+ 2001-08-17 03:00:52 54,272 -c----w c:\windows\$NtServicePackUninstall$\swmidi.sys
+ 2006-10-19 13:56:32 713,216 -c----w c:\windows\$NtServicePackUninstall$\sxs.dll
+ 2004-08-04 12:00:00 57,856 -c----w c:\windows\$NtServicePackUninstall$\synceng.dll
+ 2004-08-04 12:00:00 191,488 -c----w c:\windows\$NtServicePackUninstall$\syncui.dll
+ 2004-08-03 12:15:56 60,800 -c----w c:\windows\$NtServicePackUninstall$\sysaudio.sys
+ 2004-08-04 12:00:00 168,960 -c----w c:\windows\$NtServicePackUninstall$\sysmod.dll
+ 2004-08-04 12:00:00 105,984 -c----w c:\windows\$NtServicePackUninstall$\sysocmgr.exe
+ 2004-08-04 12:00:00 984,576 -c----w c:\windows\$NtServicePackUninstall$\syssetup.dll
+ 2005-10-17 21:14:46 118,272 -c----w c:\windows\$NtServicePackUninstall$\t2embed.dll
+ 2004-08-04 12:00:00 14,976 -c----w c:\windows\$NtServicePackUninstall$\tape.sys
+ 2004-08-04 12:00:00 858,624 -c----w c:\windows\$NtServicePackUninstall$\tapi3.dll
+ 2004-08-04 12:00:00 181,760 -c----w c:\windows\$NtServicePackUninstall$\tapi32.dll
+ 2005-07-08 16:27:56 249,344 -c----w c:\windows\$NtServicePackUninstall$\tapisrv.dll
+ 2004-08-04 12:00:00 135,680 -c----w c:\windows\$NtServicePackUninstall$\taskmgr.exe
+ 2008-06-20 10:45:13 360,320 -c----w c:\windows\$NtServicePackUninstall$\tcpip.sys
+ 2008-06-20 09:52:06 225,920 -c----w c:\windows\$NtServicePackUninstall$\tcpip6.sys
+ 2004-08-04 12:00:00 14,848 -c----w c:\windows\$NtServicePackUninstall$\tcpmib.dll
+ 2004-08-04 12:00:00 45,568 -c----w c:\windows\$NtServicePackUninstall$\tcpmon.dll
+ 2004-08-04 12:00:00 45,568 -c----w c:\windows\$NtServicePackUninstall$\tcpmonui.dll
+ 2003-03-24 05:52:04 32,827 -c----w c:\windows\$NtServicePackUninstall$\tcptest.exe
+ 2003-03-24 05:52:06 16,384 -c----w c:\windows\$NtServicePackUninstall$\tcptsat.dll
+ 2004-08-04 12:00:00 18,560 -c----w c:\windows\$NtServicePackUninstall$\tdi.sys
+ 2004-08-04 12:00:00 12,040 -c----w c:\windows\$NtServicePackUninstall$\tdpipe.sys
+ 2004-08-04 12:00:00 21,896 -c----w c:\windows\$NtServicePackUninstall$\tdtcp.sys
+ 2005-05-10 23:45:48 75,776 -c----w c:\windows\$NtServicePackUninstall$\telnet.exe
+ 2004-08-03 14:01:08 40,840 -c----w c:\windows\$NtServicePackUninstall$\termdd.sys
+ 2004-08-04 12:00:00 358,400 -c----w c:\windows\$NtServicePackUninstall$\termmgr.dll
+ 2004-08-04 12:00:00 295,424 -c----w c:\windows\$NtServicePackUninstall$\termsrv.dll
+ 2004-08-04 12:00:00 385,536 -c----w c:\windows\$NtServicePackUninstall$\themeui.dll
+ 2004-08-04 12:00:00 10,240 -c----w c:\windows\$NtServicePackUninstall$\tmigrate.dll
+ 2004-08-04 12:00:00 347,136 -c----w c:\windows\$NtServicePackUninstall$\tourstart.exe
+ 2004-08-04 12:00:00 347,136 -c----w c:\windows\$NtServicePackUninstall$\tourstrt.exe
+ 2004-08-04 12:00:00 12,288 -c----w c:\windows\$NtServicePackUninstall$\tracert.exe
+ 2004-08-04 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\tree.com
+ 2004-08-04 12:00:00 153,088 -c----w c:\windows\$NtServicePackUninstall$\triedit.dll
+ 2004-08-04 12:00:00 90,624 -c----w c:\windows\$NtServicePackUninstall$\trkwks.dll
+ 2004-08-04 12:00:00 93,696 -c----w c:\windows\$NtServicePackUninstall$\tscfgwmi.dll
+ 2004-08-04 12:00:00 12,168 -c----w c:\windows\$NtServicePackUninstall$\tsddd.dll
+ 2004-08-04 12:00:00 279,040 -c----w c:\windows\$NtServicePackUninstall$\tshoot.dll
+ 2004-08-04 12:00:00 121,856 -c----w c:\windows\$NtServicePackUninstall$\tsoc.dll
+ 2004-08-04 12:00:00 12,416 -c----w c:\windows\$NtServicePackUninstall$\tunmp.sys
+ 2004-08-04 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\twain_32.dll
+ 2004-08-04 12:00:00 44,032 -c----w c:\windows\$NtServicePackUninstall$\twext.dll
+ 2005-07-26 04:39:49 101,376 -c----w c:\windows\$NtServicePackUninstall$\txflog.dll
+ 2008-07-14 11:09:18 62,976 -c----w c:\windows\$NtServicePackUninstall$\tzchange.exe
+ 2004-08-03 23:07:44 44,672 -c----w c:\windows\$NtServicePackUninstall$\uagp35.sys
+ 2004-08-04 12:00:00 66,176 -c----w c:\windows\$NtServicePackUninstall$\udfs.sys
+ 2004-08-04 12:00:00 25,600 -c----w c:\windows\$NtServicePackUninstall$\udhisapi.dll
+ 2004-08-04 12:00:00 275,456 -c----w c:\windows\$NtServicePackUninstall$\ulib.dll
+ 2004-08-04 12:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\umandlg.dll
+ 2005-08-23 03:35:42 123,392 -c----w c:\windows\$NtServicePackUninstall$\umpnpmgr.dll
+ 2004-08-04 12:00:00 76,288 -c----w c:\windows\$NtServicePackUninstall$\uniime.dll
+ 2004-08-04 12:00:00 74,240 -c----w c:\windows\$NtServicePackUninstall$\unimdmat.dll
+ 2004-08-04 12:00:00 13,824 -c----w c:\windows\$NtServicePackUninstall$\uniplat.dll
+ 2004-08-04 12:00:00 316,416 -c----w c:\windows\$NtServicePackUninstall$\untfs.dll
+ 2007-04-23 10:32:54 364,160 -c----w c:\windows\$NtServicePackUninstall$\update.sys
+ 2004-08-04 12:00:00 150,528 -c----w c:\windows\$NtServicePackUninstall$\uploadm.exe
+ 2004-08-04 12:00:00 132,608 -c----w c:\windows\$NtServicePackUninstall$\upnp.dll
+ 2004-08-04 12:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\upnpcont.exe
+ 2007-02-05 20:17:02 185,344 -c----w c:\windows\$NtServicePackUninstall$\upnphost.dll
+ 2004-08-04 12:00:00 239,616 -c----w c:\windows\$NtServicePackUninstall$\upnpui.dll
+ 2004-08-04 12:00:00 18,432 -c----w c:\windows\$NtServicePackUninstall$\ups.exe
+ 2004-08-04 12:00:00 12,672 -c----w c:\windows\$NtServicePackUninstall$\usb8023.sys
+ 2004-08-03 13:07:56 59,264 -c----w c:\windows\$NtServicePackUninstall$\usbaudio.sys
+ 2004-08-04 12:00:00 23,808 -c----w c:\windows\$NtServicePackUninstall$\usbcamd.sys
+ 2004-08-04 12:00:00 23,936 -c----w c:\windows\$NtServicePackUninstall$\usbcamd2.sys
+ 2004-08-03 13:08:48 31,616 -c----w c:\windows\$NtServicePackUninstall$\usbccgp.sys
+ 2004-08-04 12:00:00 26,624 -c----w c:\windows\$NtServicePackUninstall$\usbehci.sys
+ 2004-08-04 12:00:00 57,600 -c----w c:\windows\$NtServicePackUninstall$\usbhub.sys
+ 2004-08-04 12:00:00 16,000 -c----w c:\windows\$NtServicePackUninstall$\usbintel.sys
+ 2004-08-04 12:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\usbmon.dll
+ 2004-08-04 12:00:00 17,024 -c----w c:\windows\$NtServicePackUninstall$\usbohci.sys
+ 2004-08-04 12:00:00 142,976 -c----w c:\windows\$NtServicePackUninstall$\usbport.sys
+ 2004-08-03 12:01:26 25,856 -c----w c:\windows\$NtServicePackUninstall$\usbprint.sys
+ 2004-08-03 11:58:46 15,104 -c----w c:\windows\$NtServicePackUninstall$\usbscan.sys
+ 2004-08-03 12:08:48 26,496 -c----w c:\windows\$NtServicePackUninstall$\usbstor.sys
+ 2004-08-03 13:08:38 20,480 -c----w c:\windows\$NtServicePackUninstall$\usbuhci.sys
+ 2004-08-04 00:56:48 74,240 -c----w c:\windows\$NtServicePackUninstall$\usbui.dll
+ 2007-03-08 15:36:28 577,536 -c----w c:\windows\$NtServicePackUninstall$\user32.dll
+ 2004-08-04 12:00:00 723,456 -c----w c:\windows\$NtServicePackUninstall$\userenv.dll
+ 2004-08-04 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\userinit.exe
+ 2004-08-04 12:00:00 406,528 -c----w c:\windows\$NtServicePackUninstall$\usp10.dll
+ 2004-08-04 12:00:00 50,176 -c----w c:\windows\$NtServicePackUninstall$\utilman.exe
+ 2004-08-04 12:00:00 218,624 -c----w c:\windows\$NtServicePackUninstall$\uxtheme.dll
+ 2004-08-04 12:00:00 30,749 -c----w c:\windows\$NtServicePackUninstall$\vbajet32.dll
+ 2007-08-13 08:54:10 413,696 -c----w c:\windows\$NtServicePackUninstall$\vbscript.dll
+ 2004-08-04 12:00:00 26,112 -c----w c:\windows\$NtServicePackUninstall$\vdmdbg.dll
+ 2004-08-04 12:00:00 51,712 -c----w c:\windows\$NtServicePackUninstall$\vdmredir.dll
+ 2006-03-17 00:38:01 28,672 -c----w c:\windows\$NtServicePackUninstall$\verclsid.exe
+ 2004-08-04 12:00:00 13,312 -c----w c:\windows\$NtServicePackUninstall$\verifier.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\version.dll
+ 2004-08-04 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\vga.sys
+ 2004-08-04 12:00:00 79,744 -c----w c:\windows\$NtServicePackUninstall$\videoprt.sys
+ 2004-08-04 12:00:00 131,584 -c----w c:\windows\$NtServicePackUninstall$\viewprov.dll
+ 2004-08-04 12:00:00 426,041 -c----w c:\windows\$NtServicePackUninstall$\voicepad.dll
+ 2004-08-04 12:00:00 86,073 -c----w c:\windows\$NtServicePackUninstall$\voicesub.dll
+ 2004-08-04 12:00:00 52,352 -c----w c:\windows\$NtServicePackUninstall$\volsnap.sys
+ 2004-08-04 12:00:00 430,592 -c----w c:\windows\$NtServicePackUninstall$\vssapi.dll
+ 2004-08-04 12:00:00 289,792 -c----w c:\windows\$NtServicePackUninstall$\vssvc.exe
+ 2004-08-04 12:00:00 174,592 -c----w c:\windows\$NtServicePackUninstall$\w32time.dll
+ 2004-08-04 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\w3ssl.dll
+ 2004-08-04 12:00:00 46,080 -c----w c:\windows\$NtServicePackUninstall$\wab.exe
+ 2007-05-16 15:12:12 510,976 -c----w c:\windows\$NtServicePackUninstall$\wab32.dll
+ 2004-08-04 12:00:00 249,856 -c----w c:\windows\$NtServicePackUninstall$\wab32res.dll
+ 2004-08-04 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\wabfind.dll
+ 2007-05-16 15:12:15 85,504 -c----w c:\windows\$NtServicePackUninstall$\wabimp.dll
+ 2004-08-04 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\wabmig.exe
+ 2004-08-04 12:00:00 34,560 -c----w c:\windows\$NtServicePackUninstall$\wanarp.sys
+ 2004-08-04 12:00:00 17,664 -c----w c:\windows\$NtServicePackUninstall$\watchdog.sys
+ 2004-08-04 12:00:00 208,896 -c----w c:\windows\$NtServicePackUninstall$\wavemsp.dll
+ 2004-08-04 12:00:00 196,608 -c----w c:\windows\$NtServicePackUninstall$\wbemcntl.dll
+ 2004-08-04 12:00:00 214,528 -c----w c:\windows\$NtServicePackUninstall$\wbemcomn.dll
+ 2004-08-04 12:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\wbemcons.dll
+ 2004-08-04 12:00:00 530,944 -c----w c:\windows\$NtServicePackUninstall$\wbemcore.dll
+ 2004-08-04 12:00:00 178,176 -c----w c:\windows\$NtServicePackUninstall$\wbemdisp.dll
+ 2004-08-04 12:00:00 273,920 -c----w c:\windows\$NtServicePackUninstall$\wbemess.dll
+ 2004-08-04 12:00:00 43,008 -c----w c:\windows\$NtServicePackUninstall$\wbemperf.dll
+ 2004-08-04 12:00:00 18,944 -c----w c:\windows\$NtServicePackUninstall$\wbemprox.dll
+ 2004-08-04 12:00:00 43,520 -c----w c:\windows\$NtServicePackUninstall$\wbemsvc.dll
+ 2004-08-04 12:00:00 116,224 -c----w c:\windows\$NtServicePackUninstall$\wbemtest.exe
+ 2004-08-04 12:00:00 197,120 -c----w c:\windows\$NtServicePackUninstall$\wbemupgd.dll
+ 2004-08-04 12:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\wdigest.dll
+ 2004-08-03 13:56:58 23,552 -c----w c:\windows\$NtServicePackUninstall$\wdmaud.drv
+ 2006-06-14 09:00:45 82,944 -c----w c:\windows\$NtServicePackUninstall$\wdmaud.sys
+ 2006-06-14 09:00:45 82,944 -c----w c:\windows\$NtServicePackUninstall$\wdmaud.sys.000
+ 2006-01-04 03:35:05 68,096 -c----w c:\windows\$NtServicePackUninstall$\webclnt.dll
+ 2004-08-04 12:00:00 135,680 -c----w c:\windows\$NtServicePackUninstall$\webvw.dll
+ 2004-08-04 12:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\wextract.exe
+ 2004-08-04 12:00:00 433,664 -c----w c:\windows\$NtServicePackUninstall$\wiaacmgr.exe
+ 2004-08-04 12:00:00 463,360 -c----w c:\windows\$NtServicePackUninstall$\wiadefui.dll
+ 2004-08-04 12:00:00 124,416 -c----w c:\windows\$NtServicePackUninstall$\wiadss.dll
+ 2004-08-04 12:00:00 75,776 -c----w c:\windows\$NtServicePackUninstall$\wiascr.dll
+ 2006-12-19 18:16:47 333,824 -c----w c:\windows\$NtServicePackUninstall$\wiaservc.dll
+ 2004-08-04 12:00:00 589,312 -c----w c:\windows\$NtServicePackUninstall$\wiashext.dll
+ 2004-08-04 12:00:00 111,104 -c----w c:\windows\$NtServicePackUninstall$\wiavideo.dll
+ 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\$NtServicePackUninstall$\win32k.sys
+ 2004-08-04 12:00:00 101,888 -c----w c:\windows\$NtServicePackUninstall$\win32spl.dll
+ 2004-08-04 12:00:00 937,984 -c----w c:\windows\$NtServicePackUninstall$\winbrand.dll
+ 2004-08-04 12:00:00 283,648 -c----w c:\windows\$NtServicePackUninstall$\winhlp32.exe
+ 2004-08-04 12:00:00 351,232 -c----w c:\windows\$NtServicePackUninstall$\winhttp.dll
+ 2004-08-04 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\winipsec.dll
+ 2004-08-04 12:00:00 502,272 -c----w c:\windows\$NtServicePackUninstall$\winlogon.exe
+ 2004-08-04 12:00:00 176,128 -c----w c:\windows\$NtServicePackUninstall$\winmm.dll
+ 2004-08-04 12:00:00 764,928 -c----w c:\windows\$NtServicePackUninstall$\winntbbu.dll
+ 2004-08-04 12:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\winrnr.dll
+ 2004-08-04 12:00:00 99,328 -c----w c:\windows\$NtServicePackUninstall$\winscard.dll
+ 2004-08-04 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\winshfhc.dll
+ 2004-08-04 12:00:00 146,432 -c----w c:\windows\$NtServicePackUninstall$\winspool.drv
+ 2007-03-17 13:43:01 292,864 -c----w c:\windows\$NtServicePackUninstall$\winsrv.dll
+ 2004-08-04 12:00:00 53,760 -c----w c:\windows\$NtServicePackUninstall$\winsta.dll
+ 2004-08-04 12:00:00 176,640 -c----w c:\windows\$NtServicePackUninstall$\wintrust.dll
+ 2004-08-04 12:00:00 5,632 -c----w c:\windows\$NtServicePackUninstall$\winver.exe
+ 2006-08-17 12:28:27 132,096 -c----w c:\windows\$NtServicePackUninstall$\wkssvc.dll
+ 2004-08-04 12:00:00 172,032 -c----w c:\windows\$NtServicePackUninstall$\wldap32.dll
+ 2004-08-04 12:00:00 92,672 -c----w c:\windows\$NtServicePackUninstall$\wlnotify.dll
+ 2004-08-04 12:00:00 5,632 -c----w c:\windows\$NtServicePackUninstall$\wmi.dll
+ 2004-08-04 12:00:00 196,608 -c----w c:\windows\$NtServicePackUninstall$\wmiadap.exe
+ 2004-08-04 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\wmiapres.dll
+ 2004-08-04 12:00:00 89,088 -c----w c:\windows\$NtServicePackUninstall$\wmiaprpl.dll
+ 2004-08-04 12:00:00 126,464 -c----w c:\windows\$NtServicePackUninstall$\wmiapsrv.exe
+ 2004-08-04 12:00:00 60,928 -c----w c:\windows\$NtServicePackUninstall$\wmicookr.dll
+ 2004-08-04 12:00:00 140,800 -c----w c:\windows\$NtServicePackUninstall$\wmidcprv.dll
+ 2004-08-04 12:00:00 156,672 -c----w c:\windows\$NtServicePackUninstall$\wmipcima.dll
+ 2004-08-04 12:00:00 132,096 -c----w c:\windows\$NtServicePackUninstall$\wmipdskq.dll
+ 2004-08-04 12:00:00 62,464 -c----w c:\windows\$NtServicePackUninstall$\wmipiprt.dll
+ 2004-08-04 12:00:00 62,976 -c----w c:\windows\$NtServicePackUninstall$\wmipjobj.dll
+ 2004-08-04 12:00:00 144,896 -c----w c:\windows\$NtServicePackUninstall$\wmiprov.dll
+ 2004-08-04 12:00:00 437,248 -c----w c:\windows\$NtServicePackUninstall$\wmiprvsd.dll
+ 2004-08-04 12:00:00 218,112 -c----w c:\windows\$NtServicePackUninstall$\wmiprvse.exe
+ 2004-08-04 12:00:00 41,472 -c----w c:\windows\$NtServicePackUninstall$\wmipsess.dll
+ 2004-08-04 12:00:00 144,896 -c----w c:\windows\$NtServicePackUninstall$\wmisvc.dll
+ 2004-08-04 12:00:00 95,232 -c----w c:\windows\$NtServicePackUninstall$\wmiutils.dll
+ 2004-08-04 12:00:00 167,936 -c----w c:\windows\$NtServicePackUninstall$\wmm2ae.dll
+ 2004-08-04 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\wmm2eres.dll
+ 2004-08-04 12:00:00 7,680 -c----w c:\windows\$NtServicePackUninstall$\wmm2ext.dll
+ 2004-08-04 12:00:00 402,432 -c----w c:\windows\$NtServicePackUninstall$\wmm2filt.dll
+ 2004-08-04 12:00:00 502,272 -c----w c:\windows\$NtServicePackUninstall$\wmm2fxa.dll
+ 2004-08-04 12:00:00 325,632 -c----w c:\windows\$NtServicePackUninstall$\wmm2fxb.dll
+ 2004-08-04 12:00:00 4,256,768 -c----w c:\windows\$NtServicePackUninstall$\wmm2res.dll
+ 2004-08-04 12:00:00 5,632 -c----w c:\windows\$NtServicePackUninstall$\wmm2res2.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\wmpcd.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\wmpcore.dll
+ 2004-08-04 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\wmpui.dll
+ 2004-08-04 12:00:00 115,200 -c----w c:\windows\$NtServicePackUninstall$\wmsdmoe.dll
+ 2004-08-04 12:00:00 303,616 -c----w c:\windows\$NtServicePackUninstall$\wmstream.dll
+ 2004-08-04 12:00:00 214,528 -c----w c:\windows\$NtServicePackUninstall$\wordpad.exe
+ 2004-08-04 12:00:00 264,192 -c----w c:\windows\$NtServicePackUninstall$\wow32.dll
+ 2004-08-04 12:00:00 32,256 -c----w c:\windows\$NtServicePackUninstall$\wpabaln.exe
+ 2004-08-04 12:00:00 32,256 -c----w c:\windows\$NtServicePackUninstall$\wpnpinst.exe
+ 2004-08-04 12:00:00 82,944 -c----w c:\windows\$NtServicePackUninstall$\ws2_32.dll
+ 2004-08-04 12:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\ws2help.dll
+ 2004-08-04 12:00:00 13,824 -c----w c:\windows\$NtServicePackUninstall$\wscntfy.exe
+ 2004-08-04 12:00:00 114,688 -c----w c:\windows\$NtServicePackUninstall$\wscript.exe
+ 2004-08-04 12:00:00 81,408 -c----w c:\windows\$NtServicePackUninstall$\wscsvc.dll
+ 2004-08-04 12:00:00 108,032 -c----w c:\windows\$NtServicePackUninstall$\wshbth.dll
+ 2004-08-04 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\wshcon.dll
+ 2004-08-04 12:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\wshext.dll
+ 2004-08-04 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\wship6.dll
+ 2004-08-04 12:00:00 11,776 -c----w c:\windows\$NtServicePackUninstall$\wshrm.dll
+ 2004-08-04 12:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\wshtcpip.dll
+ 2004-08-04 12:00:00 42,496 -c----w c:\windows\$NtServicePackUninstall$\wsnmp32.dll
+ 2004-08-04 12:00:00 22,528 -c----w c:\windows\$NtServicePackUninstall$\wsock32.dll
+ 2004-08-04 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\wstdecod.dll
+ 2004-08-04 12:00:00 18,432 -c----w c:\windows\$NtServicePackUninstall$\wtsapi32.dll
+ 2004-08-04 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\wuauserv.dll
+ 2004-08-04 12:00:00 378,368 -c----w c:\windows\$NtServicePackUninstall$\wzcdlg.dll
+ 2004-08-04 12:00:00 51,712 -c----w c:\windows\$NtServicePackUninstall$\wzcsapi.dll
+ 2004-08-04 12:00:00 359,936 -c----w c:\windows\$NtServicePackUninstall$\wzcsvc.dll
+ 2004-08-04 12:00:00 91,648 -c----w c:\windows\$NtServicePackUninstall$\xactsrv.dll
+ 2004-08-04 12:00:00 30,720 -c----w c:\windows\$NtServicePackUninstall$\xcopy.exe
+ 2006-07-14 15:51:52 121,856 -c----w c:\windows\$NtServicePackUninstall$\xmllite.dll
+ 2004-08-04 12:00:00 129,536 -c----w c:\windows\$NtServicePackUninstall$\xmlprov.dll
+ 2004-08-04 12:00:00 50,176 -c----w c:\windows\$NtServicePackUninstall$\xmlprovi.dll
+ 2006-03-01 19:42:42 11,776 -c----w c:\windows\$NtServicePackUninstall$\xolehlp.dll
+ 2004-08-04 12:00:00 438,784 -c----w c:\windows\$NtServicePackUninstall$\xpob2res.dll
+ 2004-08-04 12:00:00 187,392 -c----w c:\windows\$NtServicePackUninstall$\xpsp1res.dll
+ 2004-08-04 12:00:00 2,897,920 -c----w c:\windows\$NtServicePackUninstall$\xpsp2res.dll
+ 2007-10-29 10:26:53 115,712 -c----w c:\windows\$NtServicePackUninstall$\xpsp3res.dll
+ 2004-08-04 12:00:00 337,920 -c----w c:\windows\$NtServicePackUninstall$\zipfldr.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB938464_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB938464_0$\spuninst\updspapi.dll
+ 2008-04-14 00:11:59 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2004-08-03 14:06:34 82,944 -c----w c:\windows\$NtUninstallKB946648_0$\msgsc.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB946648_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB946648_0$\spuninst\updspapi.dll
- 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2008-04-13 18:55:08 202,624 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950762_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950762_0$\spuninst\updspapi.dll
+ 2008-04-14 00:11:53 246,272 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2005-07-26 04:39:45 243,200 -c----w c:\windows\$NtUninstallKB950974_0$\es.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950974_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB950974_0$\spuninst\updspapi.dll
+ 2008-04-14 00:11:54 691,712 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951066$\spuninst\updspapi.dll
+ 2007-08-21 06:15:44 683,520 -c----w c:\windows\$NtUninstallKB951066_0$\inetcomm.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951066_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951066_0$\spuninst\updspapi.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2008-03-27 09:24:20 60,416 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
+ 2008-04-14 12:30:49 272,128 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2008-04-14 11:01:02 272,128 -c----w c:\windows\$NtUninstallKB951376-v2_0$\bthport.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
+ 2008-04-13 18:46:32 273,024 -c----w c:\windows\$NtUninstallKB951376$\bthport.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376_0$\spuninst\updspapi.dll
- 2007-10-29 22:43:03 1,287,680 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2008-04-14 00:12:03 1,288,192 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 -c----w c:\windows\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951698_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951698_0$\spuninst\updspapi.dll
+ 2008-04-13 19:19:23 138,112 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
+ 2008-04-14 00:11:52 147,968 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
+ 2008-04-14 00:12:01 245,248 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2008-04-13 19:20:16 361,344 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
+ 2008-04-13 19:00:02 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-04 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748_0$\afd.sys
+ 2008-02-20 05:32:43 148,992 -c----w c:\windows\$NtUninstallKB951748_0$\dnsapi.dll
+ 2004-08-04 12:00:00 245,248 -c----w c:\windows\$NtUninstallKB951748_0$\mswsock.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951748_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951748_0$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748_0$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748_0$\tcpip6.sys
+ 2008-04-14 00:12:15 139,264 -c----w c:\windows\$NtUninstallKB951978$\cscript.exe
+ 2008-04-14 00:11:56 512,000 -c----w c:\windows\$NtUninstallKB951978$\jscript.dll
+ 2008-04-14 00:12:05 180,224 -c----w c:\windows\$NtUninstallKB951978$\scrobj.dll
+ 2008-04-14 00:12:05 172,032 -c----w c:\windows\$NtUninstallKB951978$\scrrun.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951978$\spuninst\spuninst.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951978$\spuninst\updspapi.dll
+ 2008-04-14 00:12:08 434,176 -c----w c:\windows\$NtUninstallKB951978$\vbscript.dll
+ 2008-04-14 00:12:41 155,648 -c----w c:\windows\$NtUninstallKB951978$\wscript.exe
+ 2008-04-14 00:12:10 90,112 -c----w c:\windows\$NtUninstallKB951978$\wshext.dll
+ 2008-05-01 14:30:33 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2004-08-04 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287_0$\msadce.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB952287_0$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB952287_0$\spuninst\updspapi.dll
+ 2008-04-14 00:11:58 73,728 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2005-06-29 01:46:00 74,240 -c----w c:\windows\$NtUninstallKB952954_0$\mscms.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB952954_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB952954_0$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB953839$\spuninst\updspapi.dll
+ 2007-07-27 00:41:48 231,288 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe
+ 2007-07-27 00:41:48 382,840 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\updspapi.dll
+ 2006-10-18 11:47:20 295,936 -c----w c:\windows\$NtUninstallKB954154_WM11$\wmpeffects.dll
+ 2008-07-17 09:39:03 315,392 ----a-w c:\windows\.file_store_32\runescape\browsercontrol.dll
+ 2008-07-26 02:40:53 315,392 ----a-w c:\windows\.file_store_32\runescape\jogl.dll
+ 2008-07-26 02:40:54 20,480 ----a-w c:\windows\.file_store_32\runescape\jogl_awt.dll
- 2006-10-04 14:05:26 39,424 ------w c:\windows\AppPatch\acadproc.dll
+ 2008-04-14 00:11:48 39,424 ----a-w c:\windows\AppPatch\acadproc.dll
- 2004-08-04 12:00:00 1,852,416 ----a-w c:\windows\AppPatch\AcGenral.dll
+ 2008-04-14 00:11:48 1,852,928 ----a-w c:\windows\AppPatch\acgenral.dll
- 2004-08-04 12:00:00 450,048 -c--a-w c:\windows\AppPatch\AcLayers.dll
+ 2008-04-14 00:11:48 451,072 ----a-w c:\windows\AppPatch\aclayers.dll
- 2004-08-04 12:00:00 137,728 -c--a-w c:\windows\AppPatch\AcLua.dll
+ 2008-04-14 00:11:48 141,312 ----a-w c:\windows\AppPatch\aclua.dll
- 2004-08-04 12:00:00 244,736 ----a-w c:\windows\AppPatch\AcSpecfc.dll
+ 2008-04-14 00:11:48 245,248 ----a-w c:\windows\AppPatch\acspecfc.dll
- 2004-08-04 12:00:00 116,224 -c--a-w c:\windows\AppPatch\AcXtrnal.dll
+ 2008-04-14 00:11:48 116,224 ----a-w c:\windows\AppPatch\acxtrnal.dll
+ 2008-11-07 06:28:03 110,592 ----a-w c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2008-11-07 06:28:08 4,608 ----a-w c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2008-11-07 06:28:02 8,007,680 ----a-w c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2008-11-07 06:26:50 80,696 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2008-11-07 06:27:20 1,276,720 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2008-11-07 06:27:21 150,320 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2008-11-13 06:30:46 250,928 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-11-07 06:27:21 20,280 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2008-11-07 06:27:21 781,104 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-11-07 06:27:58 13,312 ----a-w c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2008-11-07 06:27:20 371,496 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-11-07 06:27:21 64,288 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-11-07 06:27:57 229,376 ----a-w c:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2008-11-07 06:28:03 4,096 ----a-w c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2008-11-07 06:27:21 416,544 ----a-w c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-11-07 06:26:50 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2008-11-07 06:27:28 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2008-11-07 06:27:40 12,112 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2008-11-07 06:27:31 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2008-11-07 06:27:46 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2008-11-07 06:27:33 12,080 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2008-11-07 06:27:33 11,544 ----a-w c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2008-11-07 06:27:57 16,384 ----a-w c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
- 2008-04-14 11:01:02 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-06-13 11:05:51 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 09:08:48 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 10:09:26 2,145,280 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 08:38:55 2,057,600 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,066,048 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 08:38:57 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:33:16 2,023,936 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 09:10:57 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 10:11:02 2,189,184 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 10:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 09:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2005-10-20 10:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2005-10-20 09:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2008-08-07 04:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX\ERDNT.EXE
+ 2008-11-13 09:40:59 15,785,984 ----a-w c:\windows\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-11-13 09:40:59 176,128 ----a-w c:\windows\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-08-07 04:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-11-13 09:40:57 15,785,984 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-11-13 09:40:57 176,128 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
- 2007-06-13 10:23:07 1,033,216 ----a-w c:\windows\explorer.exe
+ 2008-04-14 00:12:19 1,033,728 ----a-w c:\windows\explorer.exe
- 2004-08-04 12:00:00 34,816 ----a-w c:\windows\Help\sniffpol.dll
+ 2008-04-14 00:12:06 34,816 ----a-w c:\windows\Help\sniffpol.dll
- 2004-08-04 12:00:00 33,280 ----a-w c:\windows\Help\sstub.dll
+ 2008-04-14 00:12:07 33,280 ----a-w c:\windows\Help\sstub.dll
- 2004-08-04 12:00:00 279,040 ----a-w c:\windows\Help\tshoot.dll
+ 2008-04-14 00:12:07 279,040 ----a-w c:\windows\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w c:\windows\hh.exe
+ 2008-04-14 00:12:21 10,752 ----a-w c:\windows\hh.exe
+ 2008-04-23 04:16:28 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:28 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:28 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:28 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:28 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:39:58 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:28 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:28 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:28 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:28 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:28 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll

acasey · Nov 13, 2008

part four...

+ 2008-04-23 04:16:28 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:28 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:40:18 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:28 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:28 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:28 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 12:16:30 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:28 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:28 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:28 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:28 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:28 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:28 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:29 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:29 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:29 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
+ 2008-06-23 16:57:27 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:57:27 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:57:27 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:57:27 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:57:28 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:20:25 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:57:29 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:57:29 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:57:29 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:57:29 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:57:33 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:57:33 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:57:34 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:20:52 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:57:35 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:57:36 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:57:36 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 00:57:40 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:57:39 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:57:39 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:57:40 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:57:40 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:57:40 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:57:40 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:57:40 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:57:41 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:57:41 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
- 2004-08-04 12:00:00 220,160 ----a-w c:\windows\ime\mscandui.dll
+ 2008-04-14 00:11:58 220,160 ----a-w c:\windows\ime\mscandui.dll
- 2004-08-04 12:00:00 130,048 ----a-w c:\windows\ime\SOFTKBD.DLL
+ 2008-04-14 00:12:06 130,048 ----a-w c:\windows\ime\softkbd.dll
- 2004-08-04 12:00:00 62,976 -c--a-w c:\windows\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w c:\windows\ime\spgrmr.dll
- 2004-08-04 12:00:00 250,880 ----a-w c:\windows\ime\SPTIP.dll
+ 2008-04-14 00:12:06 250,368 ----a-w c:\windows\ime\sptip.dll
+ 2006-10-26 10:12:56 396,592 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MOC.EXE
+ 2007-05-08 01:10:18 16,874,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MSO.DLL
+ 2007-03-21 08:56:50 8,425,856 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2006-10-27 05:18:34 1,658,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-05-09 23:04:28 846,248 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OICE.EXE
+ 2007-05-10 00:11:42 1,767,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2007-03-21 09:00:06 72,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2007-05-10 00:25:40 14,677,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2007-09-14 11:45:58 16,901,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 14:19:24 1,654,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-23 19:00:34 1,767,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-23 19:00:48 72,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2006-10-27 04:07:36 17,891,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2006-09-15 05:25:18 3,611,416 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
+ 2006-10-27 04:04:06 465,200 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 04:04:06 7,980,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2008-11-07 06:27:21 248,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-27 04:23:04 347,432 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-27 04:23:08 17,483,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-26 10:17:08 11,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2003-07-14 11:57:34 38,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-14 11:53:06 94,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-14 16:14:28 350,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL
+ 2003-07-14 16:18:12 47,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE
+ 2003-07-14 11:56:54 14,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-14 11:57:14 98,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2003-07-23 12:01:40 1,949,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL
+ 2003-07-14 12:34:10 320,056 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPDB.DLL
+ 2003-07-14 12:36:14 186,424 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL
+ 2003-07-28 02:04:22 6,600,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPEDITAX.DLL
+ 2003-07-25 08:00:16 1,157,696 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL
+ 2003-07-25 08:14:50 799,288 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL
+ 2003-07-23 12:00:34 694,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPWEL.DLL
+ 2003-07-23 12:00:38 4,425,272 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FRONTPG.EXE
+ 2003-07-14 12:29:42 117,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\HTMLCHKR.DLL
+ 2003-07-14 11:57:44 87,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL
+ 2003-05-29 23:51:36 417,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\LFCMP13N.DLL
+ 2003-07-14 12:29:24 51,808 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MICROSOFT_OFFICE_FP_WFCHOST.DLL
+ 2003-07-14 11:51:44 87,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-14 12:34:42 675,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSIMPORT.EXE
+ 2003-07-14 11:52:52 17,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-08-07 13:23:16 12,172,336 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSO.DLL
+ 2003-07-14 11:57:16 120,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-14 16:14:18 106,552 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL
+ 2003-07-23 11:35:26 127,032 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL
+ 2003-07-14 11:52:52 27,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-14 11:52:56 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2003-07-14 11:52:54 28,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-14 11:46:16 42,040 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-14 11:45:12 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-14 11:45:12 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-07-14 11:52:58 41,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2003-07-14 12:02:14 627,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSTORDB.EXE
+ 2003-07-14 11:56:24 124,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE
+ 2003-07-23 11:40:00 482,872 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSTORES.DLL
+ 2003-07-14 12:00:54 145,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
+ 2003-07-14 11:57:10 56,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-14 11:56:52 13,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2003-07-14 16:14:26 283,696 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OIS.EXE
+ 2003-07-14 16:14:26 828,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OISAPP.DLL
+ 2003-07-14 16:14:26 27,192 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL
+ 2003-07-14 16:14:26 242,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
+ 2003-07-14 12:05:24 1,054,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
+ 2003-08-04 02:19:34 7,330,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OWC10.DLL
+ 2003-08-01 04:09:04 8,086,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OWC11.DLL
+ 2003-05-08 10:54:00 77,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-14 11:57:08 40,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2003-07-14 11:57:08 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-14 12:36:16 307,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\VTIDB.EXE
+ 2003-07-14 12:34:38 587,832 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\VTIDISC.EXE
+ 2003-07-14 12:33:46 177,720 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\VTIFORM.EXE
+ 2003-07-14 12:37:18 736,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\VTIPRES.EXE
+ 2007-06-18 07:16:32 12,259,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.8173\MSO.DLL
+ 2007-05-09 07:19:48 2,585,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.8173\VBE6.DLL
+ 2008-08-15 07:48:27 27,136 ----a-r c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2008-11-13 06:29:03 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2008-07-15 11:07:50 65,536 ----a-r c:\windows\Installer\{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}\ARPPRODUCTICON.exe
+ 2008-09-24 21:44:03 86,016 ----a-r c:\windows\Installer\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}\PrntWzrdIco.exe
- 2007-09-26 08:42:52 38,240 ----a-r c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-11-13 06:31:14 38,240 ----a-r c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-11-13 06:37:32 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-11-13 06:37:33 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-11-13 06:37:33 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-11-13 06:37:33 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-11-13 06:37:33 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-11-13 06:37:33 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-11-13 06:37:34 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-11-13 06:37:33 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-11-13 06:37:33 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-11-13 06:37:33 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-11-13 06:37:34 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-11-13 06:37:33 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-11-07 06:23:01 217,864 ----a-r c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2006-01-25 11:37:42 12,288 -c--a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-11-13 06:30:13 12,288 ----a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-01-25 11:37:42 282,624 -c--a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\fpicon.exe
+ 2008-11-13 06:30:14 282,624 ----a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\fpicon.exe
- 2006-01-25 11:37:42 135,168 -c--a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-11-13 06:30:14 135,168 ----a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2006-01-25 11:37:42 27,136 -c--a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-11-13 06:30:14 27,136 ----a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-01-25 11:37:42 4,096 -c--a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-11-13 06:30:14 4,096 ----a-r c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-07-04 07:32:10 26,694 ----a-r c:\windows\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ARPPRODUCTICON.exe
+ 2008-07-04 07:32:10 26,694 ----a-r c:\windows\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-07-04 07:32:10 26,694 ----a-r c:\windows\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-07-04 07:32:10 26,694 ----a-r c:\windows\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-07-04 07:32:10 26,694 ----a-r c:\windows\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-07-04 07:32:10 26,694 ----a-r c:\windows\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
+ 2008-07-15 11:07:33 65,536 ----a-r c:\windows\Installer\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}\ARPPRODUCTICON.exe
+ 2008-10-24 03:31:17 102,400 ----a-r c:\windows\Installer\{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}\iTunesIco.exe
+ 2008-01-18 15:13:09 2,247 ------w c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w c:\windows\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w c:\windows\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w c:\windows\Installer\tsclientmsitrans\tscupdc.dll
- 2007-06-25 03:02:02 4,187 -c--a-w c:\windows\mozver.dat
+ 2008-07-15 07:03:42 4,887 -c--a-w c:\windows\mozver.dat
- 2004-08-04 12:00:00 24,064 -c--a-w c:\windows\msagent\agentanm.dll
+ 2008-04-14 00:11:48 24,064 ----a-w c:\windows\msagent\agentanm.dll
- 2004-08-04 12:00:00 214,016 ----a-w c:\windows\msagent\agentctl.dll
+ 2008-04-14 00:11:48 214,016 ----a-w c:\windows\msagent\agentctl.dll
- 2006-10-12 14:02:52 42,496 ----a-w c:\windows\msagent\agentdp2.dll
+ 2008-04-14 00:11:48 42,496 ----a-w c:\windows\msagent\agentdp2.dll
- 2007-03-09 13:46:24 57,344 ----a-w c:\windows\msagent\agentdpv.dll
+ 2008-04-14 00:11:48 57,344 ----a-w c:\windows\msagent\agentdpv.dll
- 2004-08-04 12:00:00 49,152 ----a-w c:\windows\msagent\agentmpx.dll
+ 2008-04-14 00:11:48 49,152 ----a-w c:\windows\msagent\agentmpx.dll
- 2004-08-04 12:00:00 24,064 ----a-w c:\windows\msagent\agentpsh.dll
+ 2008-04-14 00:11:48 24,064 ----a-w c:\windows\msagent\agentpsh.dll
- 2004-08-04 12:00:00 44,032 ----a-w c:\windows\msagent\agentsr.dll
+ 2008-04-14 00:11:48 44,032 ----a-w c:\windows\msagent\agentsr.dll
- 2006-10-12 11:09:53 256,512 ----a-w c:\windows\msagent\agentsvr.exe
+ 2008-04-14 00:12:12 256,512 ----a-w c:\windows\msagent\agentsvr.exe
- 2004-08-04 12:00:00 24,064 ----a-w c:\windows\msagent\agtintl.dll
+ 2008-04-14 00:11:49 24,064 ----a-w c:\windows\msagent\agtintl.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0405.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0406.dll
- 2004-08-04 12:00:00 21,504 -c--a-w c:\windows\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt0407.dll
- 2004-08-04 12:00:00 22,016 -c--a-w c:\windows\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w c:\windows\msagent\intl\agt0408.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w c:\windows\msagent\intl\agt0409.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt040b.dll
- 2004-08-04 12:00:00 21,504 -c--a-w c:\windows\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt040c.dll
- 2004-08-04 12:00:00 19,968 -c--a-w c:\windows\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w c:\windows\msagent\intl\agt040e.dll
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w c:\windows\msagent\intl\agt0410.dll
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w c:\windows\msagent\intl\agt0413.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0414.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0415.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w c:\windows\msagent\intl\agt0416.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0419.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041d.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041f.dll
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w c:\windows\msagent\intl\agt0816.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w c:\windows\msagent\intl\agt0c0a.dll
- 2004-08-04 12:00:00 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
+ 2008-04-14 00:12:00 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\network diagnostic\custsat.dll
+ 2008-04-13 18:53:32 558,080 ------w c:\windows\network diagnostic\xpnetdiag.exe
- 2000-08-30 22:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-30 21:00:00 28,672 ----a-w c:\windows\Nircmd.exe
- 2004-08-04 12:00:00 69,120 ----a-w c:\windows\NOTEPAD.EXE
+ 2008-04-14 00:12:29 69,120 ----a-w c:\windows\notepad.exe
- 2004-08-04 12:00:00 768,512 ----a-w c:\windows\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 00:12:21 769,024 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-04 12:00:00 743,936 ----a-w c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 00:12:21 744,448 ----a-w c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-04 12:00:00 18,944 -c--a-w c:\windows\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 00:12:21 18,432 ----a-w c:\windows\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-04 12:00:00 158,208 -c--a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 00:12:27 169,984 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-04 12:00:00 376,320 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 00:11:59 376,832 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-04 12:00:00 102,400 -c--a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 00:12:02 102,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-04 12:00:00 38,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 00:12:02 38,400 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
- 2006-01-25 08:00:56 76,487 -c--a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2008-09-22 23:59:58 76,487 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
- 2006-01-25 08:00:56 2,378 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-09-22 23:59:58 2,748 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-04 12:00:00 150,528 -c--a-w c:\windows\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 00:12:38 150,528 ----a-w c:\windows\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-04 12:00:00 151,552 -c--a-w c:\windows\PeerNet\sqldb20.dll
+ 2008-04-14 00:12:06 151,552 ----a-w c:\windows\PeerNet\sqldb20.dll
- 2004-08-04 12:00:00 462,848 -c--a-w c:\windows\PeerNet\sqlqp20.dll
+ 2008-04-14 00:12:06 462,848 ----a-w c:\windows\PeerNet\sqlqp20.dll
- 2004-08-04 12:00:00 110,592 -c--a-w c:\windows\PeerNet\sqlse20.dll
+ 2008-04-14 00:12:06 110,592 ----a-w c:\windows\PeerNet\sqlse20.dll
- 2004-08-04 12:00:00 146,432 -c--a-w c:\windows\regedit.exe
+ 2008-04-14 00:12:32 146,432 ----a-w c:\windows\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w c:\windows\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w c:\windows\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w c:\windows\ServicePackFiles\i386\61883.sys
+ 2008-04-14 00:11:48 100,352 ------w c:\windows\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w c:\windows\ServicePackFiles\i386\aaclient.dll
+ 2004-08-03 12:32:22 231,552 ------w c:\windows\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-03 12:32:32 84,480 ------w c:\windows\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 00:11:48 39,424 ------w c:\windows\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 00:12:11 184,320 ------w c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 00:11:48 1,852,928 ------w c:\windows\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 00:11:48 451,072 ------w c:\windows\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 00:11:48 141,312 ------w c:\windows\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 00:11:48 115,712 ------w c:\windows\ServicePackFiles\i386\aclui.dll
+ 2008-04-13 18:36:35 187,776 ------w c:\windows\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 00:11:48 245,248 ------w c:\windows\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 00:11:48 193,536 ------w c:\windows\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 00:12:12 4,096 ------w c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 00:11:48 98,304 ------w c:\windows\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 00:11:48 116,224 ------w c:\windows\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 00:11:48 20,540 ------w c:\windows\ServicePackFiles\i386\admin.dll
+ 2008-04-14 00:12:12 16,439 ------w c:\windows\ServicePackFiles\i386\admin.exe
+ 2004-08-03 12:32:24 10,880 ------w c:\windows\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 00:11:48 61,440 ------w c:\windows\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 00:11:48 175,616 ------w c:\windows\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 00:11:48 143,360 ------w c:\windows\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 00:11:48 68,096 ------w c:\windows\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 00:11:48 263,680 ------w c:\windows\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 00:11:48 4,255 ------w c:\windows\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w c:\windows\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w c:\windows\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w c:\windows\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w c:\windows\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w c:\windows\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w c:\windows\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 00:11:48 617,472 ------w c:\windows\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 00:11:48 99,840 ------w c:\windows\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w c:\windows\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w c:\windows\ServicePackFiles\i386\afd.sys
+ 2008-04-14 00:11:48 24,064 ------w c:\windows\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 00:11:48 214,016 ------w c:\windows\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 00:11:48 42,496 ------w c:\windows\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 00:11:48 57,344 ------w c:\windows\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 00:11:48 49,152 ------w c:\windows\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 00:11:48 24,064 ------w c:\windows\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 00:11:48 44,032 ------w c:\windows\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 00:12:12 256,512 ------w c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w c:\windows\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w c:\windows\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00 22,016 ------w c:\windows\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28 19,968 ------w c:\windows\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00 19,968 ------w c:\windows\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00 20,992 ------w c:\windows\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01 20,992 ------w c:\windows\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01 20,480 ------w c:\windows\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02 19,456 ------w c:\windows\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02 20,992 ------w c:\windows\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02 20,480 ------w c:\windows\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 00:11:49 24,064 ------w c:\windows\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 00:12:12 98,304 ------w c:\windows\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 00:12:12 44,544 ------w c:\windows\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38 42,752 ------w c:\windows\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 00:11:49 17,408 ------w c:\windows\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39 43,008 ------w c:\windows\ServicePackFiles\i386\amdagp.sys
+ 2008-04-13 18:31:32 37,376 ------w c:\windows\ServicePackFiles\i386\amdk6.sys
+ 2008-04-13 18:31:33 37,760 ------w c:\windows\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 00:11:49 70,656 ------w c:\windows\ServicePackFiles\i386\amstream.dll
+ 2004-08-03 12:31:20 36,224 ------w c:\windows\ServicePackFiles\i386\an983.sys
+ 2008-04-14 00:11:49 125,952 ------w c:\windows\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 00:11:49 331,264 ------w c:\windows\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25 60,800 ------w c:\windows\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 00:11:49 65,024 ------w c:\windows\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27 14,336 ------w c:\windows\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 00:12:12 25,088 ------w c:\windows\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30 96,512 ------w c:\windows\ServicePackFiles\i386\atapi.sys
+ 2004-08-03 12:29:30 56,623 ------w c:\windows\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-03 12:29:30 11,615 ------w c:\windows\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-03 12:29:30 12,047 ------w c:\windows\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-03 12:29:32 30,671 ------w c:\windows\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-03 12:29:32 63,663 ------w c:\windows\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-03 12:29:32 26,367 ------w c:\windows\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-03 12:29:32 21,343 ------w c:\windows\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-03 12:29:32 36,463 ------w c:\windows\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-03 12:29:32 29,455 ------w c:\windows\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-03 12:29:32 34,735 ------w c:\windows\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 00:11:49 229,376 ------w c:\windows\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 00:11:49 377,984 ------w c:\windows\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 00:11:49 201,728 ------w c:\windows\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-03 12:29:28 327,040 ------w c:\windows\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-03 12:29:28 701,440 ------w c:\windows\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 00:11:49 870,784 ------w c:\windows\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 00:11:49 1,057,760 ------w c:\windows\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 00:11:50 1,888,992 ------w c:\windows\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-03 12:29:28 57,856 ------w c:\windows\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-03 12:29:30 13,824 ------w c:\windows\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-03 12:29:30 14,336 ------w c:\windows\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-03 12:29:30 52,224 ------w c:\windows\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-03 12:29:32 104,960 ------w c:\windows\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-03 12:29:32 28,672 ------w c:\windows\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-03 12:29:32 13,824 ------w c:\windows\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-03 12:29:32 73,216 ------w c:\windows\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-03 12:29:32 31,744 ------w c:\windows\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-03 12:29:32 63,488 ------w c:\windows\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 00:11:50 32,768 ------w c:\windows\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 00:11:50 516,768 ------w c:\windows\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 00:11:50 58,880 ------w c:\windows\ServicePackFiles\i386\atl.dll
+ 2008-04-14 00:12:12 11,264 ------w c:\windows\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25 59,904 ------w c:\windows\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 00:09:01 285,696 ------w c:\windows\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30 55,808 ------w c:\windows\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 00:11:50 30,208 ------w c:\windows\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 00:12:12 12,288 ------w c:\windows\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 00:11:50 21,183 ------w c:\windows\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ------w c:\windows\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ------w c:\windows\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ------w c:\windows\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ------w c:\windows\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 00:11:50 42,496 ------w c:\windows\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 00:12:12 14,336 ------w c:\windows\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 00:11:50 20,540 ------w c:\windows\ServicePackFiles\i386\author.dll
+ 2008-04-14 00:12:12 16,439 ------w c:\windows\ServicePackFiles\i386\author.exe
+ 2008-04-14 00:11:50 62,464 ------w c:\windows\ServicePackFiles\i386\authz.dll
+ 2008-04-14 00:12:12 588,800 ------w c:\windows\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 00:12:12 602,624 ------w c:\windows\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 00:12:13 580,608 ------w c:\windows\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 00:12:13 11,264 ------w c:\windows\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20 38,912 ------w c:\windows\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07 13,696 ------w c:\windows\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 00:11:50 84,992 ------w c:\windows\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w c:\windows\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 00:11:50 52,736 ------w c:\windows\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 00:11:50 29,184 ------w c:\windows\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 00:11:50 8,704 ------w c:\windows\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32 14,208 ------w c:\windows\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21 11,776 ------w c:\windows\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 00:11:50 17,408 ------w c:\windows\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 00:11:50 8,192 ------w c:\windows\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 00:12:13 71,680 ------w c:\windows\ServicePackFiles\i386\blastcln.exe
+ 2008-04-13 18:53:23 71,552 ------w c:\windows\ServicePackFiles\i386\bridge.sys
+ 2008-04-13 17:03:24 63,488 ------w c:\windows\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 00:11:50 77,824 ------w c:\windows\ServicePackFiles\i386\browser.dll
+ 2008-04-14 00:11:50 1,025,024 ------w c:\windows\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 00:11:50 78,336 ------w c:\windows\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 00:11:50 20,992 ------w c:\windows\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33 17,024 ------w c:\windows\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w c:\windows\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w c:\windows\ServicePackFiles\i386\bthpan.sys
+ 2008-04-13 18:46:32 273,024 ------w c:\windows\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w c:\windows\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 00:11:50 30,208 ------w c:\windows\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29 18,944 ------w c:\windows\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 00:11:50 50,688 ------w c:\windows\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 00:11:50 218,112 ------w c:\windows\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 00:11:50 60,416 ------w c:\windows\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 00:11:50 84,480 ------w c:\windows\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 00:12:13 19,968 ------w c:\windows\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 00:11:50 385,024 ------w c:\windows\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 00:11:50 121,856 ------w c:\windows\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 00:11:50 50,688 ------w c:\windows\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 00:11:50 150,016 ------w c:\windows\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 00:11:50 226,304 ------w c:\windows\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 00:11:50 85,504 ------w c:\windows\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 00:11:50 625,664 ------w c:\windows\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23 17,024 ------w c:\windows\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21 63,744 ------w c:\windows\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 00:11:50 151,040 ------w c:\windows\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 00:11:50 66,560 ------w c:\windows\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 00:11:50 2,091,520 ------w c:\windows\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46 62,976 ------w c:\windows\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 00:11:50 194,560 ------w c:\windows\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 00:11:50 457,728 ------w c:\windows\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 00:11:50 38,912 ------w c:\windows\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 00:09:05 16,896 ------w c:\windows\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 00:12:14 188,480 ------w c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 00:11:50 15,423 ------w c:\windows\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58 8,192 ------w c:\windows\ServicePackFiles\i386\changer.sys
+ 2008-04-14 00:11:50 148,480 ------w c:\windows\ServicePackFiles\i386\cic.dll
+ 2008-04-14 00:11:50 1,358,848 ------w c:\windows\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 00:11:50 69,120 ------w c:\windows\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 00:12:14 5,632 ------w c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22 49,536 ------w c:\windows\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 00:11:50 110,592 ------w c:\windows\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 00:11:50 498,688 ------w c:\windows\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 00:12:14 64,000 ------w c:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 00:11:50 77,824 ------w c:\windows\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 00:12:14 20,480 ------w c:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 00:12:14 102,912 ------w c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 00:12:14 33,280 ------w c:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 00:11:50 58,368 ------w c:\windows\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37 13,952 ------w c:\windows\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 00:11:50 15,872 ------w c:\windows\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 00:12:14 389,120 ------w c:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 00:11:50 344,064 ------w c:\windows\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 00:12:14 25,600 ------w c:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 00:12:15 39,936 ------w c:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 00:11:50 185,344 ------w c:\windows\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 00:11:50 13,312 ------w c:\windows\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 00:12:15 63,488 ------w c:\windows\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 00:11:50 39,424 ------w c:\windows\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 00:11:50 47,104 ------w c:\windows\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 00:11:50 79,360 ------w c:\windows\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 00:11:51 60,416 ------w c:\windows\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 00:11:51 28,160 ------w c:\windows\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 00:11:51 195,072 ------w c:\windows\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 00:11:51 617,472 ------w c:\windows\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 00:11:51 276,992 ------w c:\windows\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 00:11:51 252,928 ------w c:\windows\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37 10,240 ------w c:\windows\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 00:11:51 229,376 ------w c:\windows\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 00:11:51 97,792 ------w c:\windows\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 00:12:15 9,728 ------w c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 00:12:15 6,144 ------w c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 00:11:51 792,064 ------w c:\windows\ServicePackFiles\i386\comres.dll
+ 2008-04-14 00:11:51 274,944 ------w c:\windows\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 00:11:51 167,424 ------w c:\windows\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 00:11:51 1,267,200 ------w c:\windows\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 00:11:51 539,648 ------w c:\windows\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 00:12:15 1,032,192 ------w c:\windows\ServicePackFiles\i386\conf.exe
+ 2008-04-14 00:11:51 45,056 ------w c:\windows\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 00:11:51 357,888 ------w c:\windows\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 00:12:15 27,648 ------w c:\windows\ServicePackFiles\i386\conime.exe
+ 2008-04-14 00:11:51 35,328 ------w c:\windows\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 00:11:51 12,800 ------w c:\windows\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 00:11:51 163,840 ------w c:\windows\ServicePackFiles\i386\credui.dll
+ 2008-04-13 18:31:32 36,736 ------w c:\windows\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 00:11:51 599,040 ------w c:\windows\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 00:11:51 74,752 ------w c:\windows\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 00:11:51 33,280 ------w c:\windows\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 00:11:51 53,760 ------w c:\windows\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 00:11:51 64,512 ------w c:\windows\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 00:11:51 62,464 ------w c:\windows\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 00:11:51 512,512 ------w c:\windows\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 00:11:51 101,888 ------w c:\windows\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 00:12:15 139,264 ------w c:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 00:11:51 326,656 ------w c:\windows\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 00:11:51 32,256 ------w c:\windows\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 00:12:15 6,144 ------w c:\windows\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 00:12:16 15,360 ------w c:\windows\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 00:11:51 249,856 ------w c:\windows\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\ServicePackFiles\i386\custsat.dll
+ 2004-08-03 12:32:26 48,640 ------w c:\windows\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 00:11:51 1,179,648 ------w c:\windows\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 00:11:51 8,192 ------w c:\windows\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 00:11:51 1,689,088 ------w c:\windows\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 00:11:51 824,320 ------w c:\windows\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 00:11:51 1,054,208 ------w c:\windows\ServicePackFiles\i386\danim.dll
+ 2008-03-25 04:50:25 554,008 ------w c:\windows\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 00:11:51 54,272 ------w c:\windows\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 00:11:51 165,376 ------w c:\windows\ServicePackFiles\i386\datime.dll
+ 2008-04-14 00:11:51 25,088 ------w c:\windows\ServicePackFiles\i386\davclnt.dll
+ 2008-04-14 00:11:51 640,000 ------w c:\windows\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 00:11:51 24,576 ------w c:\windows\ServicePackFiles\i386\dbmsrpcn.dll
+ 2008-04-14 00:11:51 110,592 ------w c:\windows\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 00:11:51 28,672 ------w c:\windows\ServicePackFiles\i386\dbnmpntw.dll
+ 2008-04-14 00:25:26 1,804 ------w c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:11:51 40,960 ------w c:\windows\ServicePackFiles\i386\dcap32.dll
+ 2008-04-14 00:11:51 8,704 ------w c:\windows\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 00:12:16 6,144 ------w c:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 00:12:16 30,208 ------w c:\windows\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 00:11:51 279,552 ------w c:\windows\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 00:11:51 27,136 ------w c:\windows\ServicePackFiles\i386\ddrawex.dll
+ 2008-04-14 00:12:16 25,088 ------w c:\windows\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 00:11:51 59,904 ------w c:\windows\ServicePackFiles\i386\devenum.dll
+ 2008-04-14 00:11:51 282,624 ------w c:\windows\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 00:12:16 82,944 ------w c:\windows\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 00:12:16 105,472 ------w c:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 00:11:51 39,424 ------w c:\windows\ServicePackFiles\i386\dfrgsnap.dll
+ 2008-04-14 00:11:51 124,416 ------w c:\windows\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 00:11:51 28,672 ------w c:\windows\ServicePackFiles\i386\dfsshlex.dll
+ 2008-04-14 00:11:51 111,104 ------w c:\windows\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 00:11:51 126,976 ------w c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 00:11:52 379,904 ------w c:\windows\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w c:\windows\ServicePackFiles\i386\dhcpqec.dll
+ 2008-04-14 00:12:17 539,136 ------w c:\windows\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 00:12:17 87,040 ------w c:\windows\ServicePackFiles\i386\diantz.exe
+ 2007-04-02 18:34:11 884,712 ------w c:\windows\ServicePackFiles\i386\digcore.exe
+ 2008-04-14 00:11:52 68,608 ------w c:\windows\ServicePackFiles\i386\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\ServicePackFiles\i386\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\ServicePackFiles\i386\dimsroam.dll
+ 2008-04-14 00:11:52 158,720 ------w c:\windows\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 00:11:52 181,760 ------w c:\windows\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 00:11:52 86,528 ------w c:\windows\ServicePackFiles\i386\directdb.dll
+ 2008-04-13 18:40:47 36,352 ------w c:\windows\ServicePackFiles\i386\disk.sys
+ 2008-04-14 00:11:52 1,504,256 ------w c:\windows\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-13 18:40:44 14,208 ------w c:\windows\ServicePackFiles\i386\diskdump.sys
+ 2008-04-14 00:12:17 163,840 ------w c:\windows\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 00:11:52 32,768 ------w c:\windows\ServicePackFiles\i386\dispex.dll
+ 2008-04-14 00:12:17 5,120 ------w c:\windows\ServicePackFiles\i386\dllhost.exe
+ 2008-04-13 18:40:51 8,320 ------w c:\windows\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 00:12:17 224,768 ------w c:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 00:11:52 28,672 ------w c:\windows\ServicePackFiles\i386\dmband.dll
+ 2008-04-13 18:44:48 799,744 ------w c:\windows\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 00:11:52 61,440 ------w c:\windows\ServicePackFiles\i386\dmcompos.dll
+ 2008-04-14 00:11:52 285,184 ------w c:\windows\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 00:11:52 200,704 ------w c:\windows\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 00:11:52 181,248 ------w c:\windows\ServicePackFiles\i386\dmime.dll
+ 2008-04-13 18:44:46 153,344 ------w c:\windows\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 00:11:52 35,840 ------w c:\windows\ServicePackFiles\i386\dmloader.dll
+ 2008-04-14 00:12:17 15,872 ------w c:\windows\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 00:11:52 82,432 ------w c:\windows\ServicePackFiles\i386\dmscript.dll
+ 2008-04-14 00:11:52 23,552 ------w c:\windows\ServicePackFiles\i386\dmserver.dll
+ 2008-04-14 00:11:52 105,984 ------w c:\windows\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 00:11:52 103,424 ------w c:\windows\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 00:11:52 104,448 ------w c:\windows\ServicePackFiles\i386\dmusic.dll
+ 2008-04-13 18:45:01 52,864 ------w c:\windows\ServicePackFiles\i386\dmusic.sys
+ 2008-04-14 00:11:52 52,224 ------w c:\windows\ServicePackFiles\i386\dmutil.dll
+ 2008-04-14 00:11:52 147,968 ------w c:\windows\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 00:11:52 45,568 ------w c:\windows\ServicePackFiles\i386\dnsrslvr.dll
+ 2008-04-14 00:11:52 48,128 ------w c:\windows\ServicePackFiles\i386\docprop2.dll
+ 2004-08-04 12:00:00 53,840 ------w c:\windows\ServicePackFiles\i386\dosx.exe
+ 2008-04-14 00:11:52 26,112 ------w c:\windows\ServicePackFiles\i386\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w c:\windows\ServicePackFiles\i386\dot3cfg.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\ServicePackFiles\i386\dot3clnt.dll
+ 2008-04-14 00:11:52 9,216 ------w c:\windows\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-14 00:11:52 56,320 ------w c:\windows\ServicePackFiles\i386\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w c:\windows\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w c:\windows\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-13 18:39:46 206,976 ------w c:\windows\ServicePackFiles\i386\dot4.sys
+ 2008-04-13 21:00:49 103,424 ------w c:\windows\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-14 00:12:17 29,696 ------w c:\windows\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 00:11:52 229,888 ------w c:\windows\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 00:11:52 23,552 ------w c:\windows\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 00:09:19 3,072 ------w c:\windows\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 00:11:52 375,296 ------w c:\windows\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 00:11:52 35,328 ------w c:\windows\ServicePackFiles\i386\dpnhpast.dll
+ 2008-04-14 00:11:52 60,928 ------w c:\windows\ServicePackFiles\i386\dpnhupnp.dll
+ 2008-04-14 00:09:20 3,072 ------w c:\windows\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 00:12:17 17,920 ------w c:\windows\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 00:11:52 21,504 ------w c:\windows\ServicePackFiles\i386\dpvacm.dll
+ 2008-04-14 00:11:52 212,480 ------w c:\windows\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 00:12:18 83,456 ------w c:\windows\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 00:11:52 116,736 ------w c:\windows\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 00:11:52 57,344 ------w c:\windows\ServicePackFiles\i386\dpwsockx.dll
+ 2008-04-13 18:45:14 60,160 ------w c:\windows\ServicePackFiles\i386\drmk.sys
+ 2008-04-13 18:45:13 2,944 ------w c:\windows\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 00:11:52 14,336 ------w c:\windows\ServicePackFiles\i386\drprov.dll
+ 2004-08-04 12:00:00 4,656 ------w c:\windows\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-14 00:11:52 16,384 ------w c:\windows\ServicePackFiles\i386\ds32gt.dll
+ 2008-04-14 00:11:52 181,248 ------w c:\windows\ServicePackFiles\i386\dsdmo.dll
+ 2008-04-14 00:11:52 71,680 ------w c:\windows\ServicePackFiles\i386\dsdmoprp.dll
+ 2008-04-14 00:11:52 92,672 ------w c:\windows\ServicePackFiles\i386\dskquota.dll
+ 2008-04-14 00:11:52 155,648 ------w c:\windows\ServicePackFiles\i386\dskquoui.dll
+ 2008-04-14 00:11:52 367,616 ------w c:\windows\ServicePackFiles\i386\dsound.dll
+ 2008-04-14 00:11:52 1,293,824 ------w c:\windows\ServicePackFiles\i386\dsound3d.dll
+ 2008-04-14 00:11:52 142,848 ------w c:\windows\ServicePackFiles\i386\dsprop.dll
+ 2008-04-13 17:09:30 4,096 ------w c:\windows\ServicePackFiles\i386\dsprpres.dll
+ 2008-04-14 00:11:52 239,104 ------w c:\windows\ServicePackFiles\i386\dsquery.dll
+ 2008-04-14 00:11:52 51,200 ------w c:\windows\ServicePackFiles\i386\dssec.dll
+ 2008-04-13 17:37:57 138,752 ------w c:\windows\ServicePackFiles\i386\dssenh.dll
+ 2008-04-14 00:11:52 113,152 ------w c:\windows\ServicePackFiles\i386\dsuiext.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\ServicePackFiles\i386\dswave.dll
+ 2008-04-14 00:12:18 10,752 ------w c:\windows\ServicePackFiles\i386\dumprep.exe
+ 2008-04-14 00:11:52 304,128 ------w c:\windows\ServicePackFiles\i386\duser.dll
+ 2008-04-14 00:12:18 17,920 ------w c:\windows\ServicePackFiles\i386\dvdupgrd.exe
+ 2008-04-14 00:12:18 180,224 ------w c:\windows\ServicePackFiles\i386\dwwin.exe
+ 2008-04-14 00:11:52 619,008 ------w c:\windows\ServicePackFiles\i386\dx7vb.dll
+ 2008-04-14 00:11:52 1,227,264 ------w c:\windows\ServicePackFiles\i386\dx8vb.dll
+ 2008-04-14 00:12:18 1,298,432 ------w c:\windows\ServicePackFiles\i386\dxdiag.exe
+ 2008-04-14 00:11:52 2,113,536 ------w c:\windows\ServicePackFiles\i386\dxdiagn.dll
+ 2008-04-13 18:38:29 71,168 ------w c:\windows\ServicePackFiles\i386\dxg.sys
+ 2008-04-14 00:11:52 357,888 ------w c:\windows\ServicePackFiles\i386\dxtmsft.dll
+ 2008-04-14 00:11:52 205,312 ------w c:\windows\ServicePackFiles\i386\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ------w c:\windows\ServicePackFiles\i386\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w c:\windows\ServicePackFiles\i386\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w c:\windows\ServicePackFiles\i386\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w c:\windows\ServicePackFiles\i386\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w c:\windows\ServicePackFiles\i386\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w c:\windows\ServicePackFiles\i386\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w c:\windows\ServicePackFiles\i386\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w c:\windows\ServicePackFiles\i386\eapsvc.dll
+ 2008-04-14 00:11:52 175,616 ------w c:\windows\ServicePackFiles\i386\ediskeer.dll
+ 2008-04-14 00:11:53 183,296 ------w c:\windows\ServicePackFiles\i386\els.dll
+ 2008-04-14 00:11:53 20,480 ------w c:\windows\ServicePackFiles\i386\encapi.dll
+ 2008-04-14 00:11:53 186,880 ------w c:\windows\ServicePackFiles\i386\encdec.dll
+ 2008-04-13 16:26:02 40,960 ------w c:\windows\ServicePackFiles\i386\ep9res.dll
+ 2004-07-17 01:39:36 120,320 ------w c:\windows\ServicePackFiles\i386\epcl5res.dll
+ 2008-04-14 00:11:53 23,040 ------w c:\windows\ServicePackFiles\i386\ersvc.dll
+ 2008-04-14 00:11:53 246,272 ------w c:\windows\ServicePackFiles\i386\es.dll
+ 2008-04-14 00:11:53 1,082,368 ------w c:\windows\ServicePackFiles\i386\esent.dll
+ 2008-04-14 00:11:53 247,808 ------w c:\windows\ServicePackFiles\i386\esscli.dll
+ 2004-08-03 12:32:28 137,088 ------w c:\windows\ServicePackFiles\i386\essm2e.sys
+ 2008-04-14 00:12:19 193,024 ------w c:\windows\ServicePackFiles\i386\eudcedit.exe
+ 2008-04-14 00:11:53 56,320 ------w c:\windows\ServicePackFiles\i386\eventlog.dll
+ 2008-04-14 00:11:53 101,888 ------w c:\windows\ServicePackFiles\i386\evntagnt.dll
+ 2008-04-14 00:12:19 24,064 ------w c:\windows\ServicePackFiles\i386\evntcmd.exe
+ 2008-04-14 00:11:53 21,504 ------w c:\windows\ServicePackFiles\i386\evntrprv.dll
+ 2008-04-14 00:12:19 92,160 ------w c:\windows\ServicePackFiles\i386\evntwin.exe
+ 2008-04-14 00:12:19 1,033,728 ------w c:\windows\ServicePackFiles\i386\explorer.exe
+ 2008-04-14 00:11:53 380,445 ------w c:\windows\ServicePackFiles\i386\expsrv.dll
+ 2008-04-14 00:11:53 55,808 ------w c:\windows\ServicePackFiles\i386\extmgr.dll
+ 2008-04-14 00:12:19 24,064 ------w c:\windows\ServicePackFiles\i386\extrac32.exe
+ 2008-04-14 00:11:53 125,952 ------w c:\windows\ServicePackFiles\i386\exts.dll
+ 2008-04-14 00:09:30 7,168 ------w c:\windows\ServicePackFiles\i386\f3ahvoas.dll
+ 2008-04-13 19:14:29 143,744 ------w c:\windows\ServicePackFiles\i386\fastfat.sys
+ 2008-04-14 00:11:53 472,064 ------w c:\windows\ServicePackFiles\i386\fastprox.dll
+ 2008-04-14 00:11:53 80,384 ------w c:\windows\ServicePackFiles\i386\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\ServicePackFiles\i386\faxpatch.exe
+ 2008-04-13 18:40:25 27,392 ------w c:\windows\ServicePackFiles\i386\fdc.sys
+ 2008-04-14 00:11:53 21,504 ------w c:\windows\ServicePackFiles\i386\feclient.dll
+ 2008-04-14 00:11:53 337,920 ------w c:\windows\ServicePackFiles\i386\filemgmt.dll
+ 2008-04-14 00:12:20 27,136 ------w c:\windows\ServicePackFiles\i386\findstr.exe
+ 2008-04-13 18:33:28 44,544 ------w c:\windows\ServicePackFiles\i386\fips.sys
+ 2008-04-14 00:11:53 87,552 ------w c:\windows\ServicePackFiles\i386\fldrclnr.dll
+ 2008-04-13 18:40:25 20,480 ------w c:\windows\ServicePackFiles\i386\flpydisk.sys
+ 2008-04-14 00:11:53 16,896 ------w c:\windows\ServicePackFiles\i386\fltlib.dll
+ 2008-04-14 00:12:20 23,040 ------w c:\windows\ServicePackFiles\i386\fltmc.exe
+ 2008-04-13 18:32:59 129,792 ------w c:\windows\ServicePackFiles\i386\fltmgr.sys
+ 2008-04-14 00:11:53 382,976 ------w c:\windows\ServicePackFiles\i386\fontext.dll
+ 2008-04-14 00:11:53 80,896 ------w c:\windows\ServicePackFiles\i386\fontsub.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\ServicePackFiles\i386\fontview.exe
+ 2008-04-14 00:12:20 7,680 ------w c:\windows\ServicePackFiles\i386\forcedos.exe
+ 2004-08-03 12:31:24 34,173 ------w c:\windows\ServicePackFiles\i386\forehe.sys
+ 2008-04-14 00:12:42 29,696 ------w c:\windows\ServicePackFiles\i386\format.com
+ 2008-04-14 00:11:53 32,828 ------w c:\windows\ServicePackFiles\i386\fp40ext.dll
+ 2008-04-14 00:11:53 184,435 ------w c:\windows\ServicePackFiles\i386\fp4amsft.dll
+ 2008-04-14 00:11:53 82,035 ------w c:\windows\ServicePackFiles\i386\fp4anscp.dll
+ 2008-04-14 00:11:53 147,513 ------w c:\windows\ServicePackFiles\i386\fp4apws.dll
+ 2008-04-14 00:11:53 49,210 ------w c:\windows\ServicePackFiles\i386\fp4areg.dll
+ 2008-04-14 00:11:53 102,509 ------w c:\windows\ServicePackFiles\i386\fp4atxt.dll
+ 2008-04-14 00:11:53 618,605 ------w c:\windows\ServicePackFiles\i386\fp4autl.dll
+ 2008-04-14 00:11:53 41,020 ------w c:\windows\ServicePackFiles\i386\fp4avnb.dll
+ 2008-04-14 00:11:53 32,826 ------w c:\windows\ServicePackFiles\i386\fp4avss.dll
+ 2008-04-14 00:11:53 49,212 ------w c:\windows\ServicePackFiles\i386\fp4awebs.dll

acasey · Nov 13, 2008

part five...

+ 2008-04-14 00:11:53 876,653 ------w c:\windows\ServicePackFiles\i386\fp4awel.dll
+ 2008-04-14 00:12:20 15,120 ------w c:\windows\ServicePackFiles\i386\fp98sadm.exe
+ 2008-04-14 00:12:20 109,840 ------w c:\windows\ServicePackFiles\i386\fp98swin.exe
+ 2008-04-14 00:12:20 24,632 ------w c:\windows\ServicePackFiles\i386\fpadmcgi.exe
+ 2008-04-14 00:11:53 20,541 ------w c:\windows\ServicePackFiles\i386\fpadmdll.dll
+ 2008-04-14 00:12:20 188,494 ------w c:\windows\ServicePackFiles\i386\fpcount.exe
+ 2008-04-14 00:11:53 94,208 ------w c:\windows\ServicePackFiles\i386\fpencode.dll
+ 2008-04-14 00:11:53 20,541 ------w c:\windows\ServicePackFiles\i386\fpexedll.dll
+ 2008-04-14 00:11:53 598,071 ------w c:\windows\ServicePackFiles\i386\fpmmc.dll
+ 2007-04-02 16:36:04 208,896 ------w c:\windows\ServicePackFiles\i386\fpmmcsat.dll
+ 2008-04-14 00:12:20 20,538 ------w c:\windows\ServicePackFiles\i386\fpremadm.exe
+ 2008-04-14 00:12:20 28,728 ------w c:\windows\ServicePackFiles\i386\fpsrvadm.exe
+ 2008-04-14 00:09:33 9,344 ------w c:\windows\ServicePackFiles\i386\framebuf.dll
+ 2008-04-14 00:11:53 185,344 ------w c:\windows\ServicePackFiles\i386\framedyn.dll
+ 2008-04-14 00:12:20 193,024 ------w c:\windows\ServicePackFiles\i386\fsquirt.exe
+ 2008-04-14 00:12:20 42,496 ------w c:\windows\ServicePackFiles\i386\ftp.exe
+ 2008-04-14 00:11:53 60,416 ------w c:\windows\ServicePackFiles\i386\fwcfg.dll
+ 2008-04-14 00:11:53 451,584 ------w c:\windows\ServicePackFiles\i386\fxsapi.dll
+ 2008-04-14 00:12:21 142,848 ------w c:\windows\ServicePackFiles\i386\fxsclnt.exe
+ 2008-04-14 00:11:54 72,192 ------w c:\windows\ServicePackFiles\i386\fxscom.dll
+ 2008-04-14 00:11:54 285,184 ------w c:\windows\ServicePackFiles\i386\fxscomex.dll
+ 2008-04-14 00:12:21 229,376 ------w c:\windows\ServicePackFiles\i386\fxscover.exe
+ 2008-04-14 00:11:54 26,624 ------w c:\windows\ServicePackFiles\i386\fxsdrv.dll
+ 2008-04-14 00:11:54 55,296 ------w c:\windows\ServicePackFiles\i386\fxsevent.dll
+ 2008-04-14 00:11:54 23,552 ------w c:\windows\ServicePackFiles\i386\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ------w c:\windows\ServicePackFiles\i386\fxsmon.dll
+ 2008-04-14 00:11:54 132,608 ------w c:\windows\ServicePackFiles\i386\fxsocm.dll
+ 2008-04-14 00:11:54 8,704 ------w c:\windows\ServicePackFiles\i386\fxsperf.dll
+ 2008-04-14 00:09:33 6,656 ------w c:\windows\ServicePackFiles\i386\fxsres.dll
+ 2008-04-14 00:11:54 562,176 ------w c:\windows\ServicePackFiles\i386\fxsst.dll
+ 2008-04-14 00:12:21 267,776 ------w c:\windows\ServicePackFiles\i386\fxssvc.exe
+ 2008-04-14 00:11:54 246,272 ------w c:\windows\ServicePackFiles\i386\fxst30.dll
+ 2008-04-14 00:11:54 397,312 ------w c:\windows\ServicePackFiles\i386\fxstiff.dll
+ 2008-04-14 00:11:54 154,112 ------w c:\windows\ServicePackFiles\i386\fxsui.dll
+ 2008-04-14 00:11:54 192,512 ------w c:\windows\ServicePackFiles\i386\fxswzrd.dll
+ 2008-04-14 00:11:54 400,384 ------w c:\windows\ServicePackFiles\i386\fxsxp32.dll
+ 2008-04-13 18:36:40 46,464 ------w c:\windows\ServicePackFiles\i386\gagp30kx.sys
+ 2008-04-13 18:45:29 10,624 ------w c:\windows\ServicePackFiles\i386\gameenum.sys
+ 2008-04-13 18:45:32 59,136 ------w c:\windows\ServicePackFiles\i386\gckernel.sys
+ 2008-04-14 00:11:54 285,184 ------w c:\windows\ServicePackFiles\i386\gdi32.dll
+ 2008-04-14 00:11:54 122,880 ------w c:\windows\ServicePackFiles\i386\glu32.dll
+ 2004-08-04 12:00:00 101,888 ------w c:\windows\ServicePackFiles\i386\gpkcsp.dll
+ 2006-12-31 01:26:44 9,728 ------w c:\windows\ServicePackFiles\i386\gpkrsrc.dll
+ 2008-04-14 00:12:21 39,424 ------w c:\windows\ServicePackFiles\i386\grpconv.exe
+ 2008-04-13 18:40:21 28,288 ------w c:\windows\ServicePackFiles\i386\grserial.sys
+ 2008-04-14 00:11:54 133,120 ------w c:\windows\ServicePackFiles\i386\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w c:\windows\ServicePackFiles\i386\guitrna.dll
+ 2008-04-14 00:11:54 57,344 ------w c:\windows\ServicePackFiles\i386\h323cc.dll
+ 2008-04-14 00:11:54 614,912 ------w c:\windows\ServicePackFiles\i386\h323msp.dll
+ 2008-04-13 18:31:32 105,344 ------w c:\windows\ServicePackFiles\i386\hal.dll
+ 2008-04-13 18:31:28 131,840 ------w c:\windows\ServicePackFiles\i386\halaacpi.dll
+ 2008-04-13 18:31:27 81,152 ------w c:\windows\ServicePackFiles\i386\halacpi.dll
+ 2008-04-13 18:31:28 150,528 ------w c:\windows\ServicePackFiles\i386\halapic.dll
+ 2008-04-13 18:31:28 134,400 ------w c:\windows\ServicePackFiles\i386\halmacpi.dll
+ 2008-04-13 18:31:32 152,576 ------w c:\windows\ServicePackFiles\i386\halmps.dll
+ 2008-04-13 18:31:31 77,696 ------w c:\windows\ServicePackFiles\i386\halsp.dll
+ 2008-04-14 00:11:54 7,168 ------w c:\windows\ServicePackFiles\i386\hccoin.dll
+ 2008-04-13 16:36:05 144,384 ------w c:\windows\ServicePackFiles\i386\hdaudbus.sys
+ 2008-04-14 00:12:21 15,872 ------w c:\windows\ServicePackFiles\i386\help.exe
+ 2008-04-14 00:12:21 769,024 ------w c:\windows\ServicePackFiles\i386\helpctr.exe
+ 2008-04-14 00:12:21 744,448 ------w c:\windows\ServicePackFiles\i386\helpsvc.exe
+ 2008-04-14 00:12:21 10,752 ------w c:\windows\ServicePackFiles\i386\hh.exe
+ 2008-04-14 00:11:54 41,472 ------w c:\windows\ServicePackFiles\i386\hhsetup.dll
+ 2008-04-14 00:11:54 20,992 ------w c:\windows\ServicePackFiles\i386\hid.dll
+ 2008-04-13 18:36:38 20,352 ------w c:\windows\ServicePackFiles\i386\hidbatt.sys
+ 2008-04-13 18:46:30 25,600 ------w c:\windows\ServicePackFiles\i386\hidbth.sys
+ 2008-04-13 18:45:26 36,864 ------w c:\windows\ServicePackFiles\i386\hidclass.sys
+ 2008-04-13 18:45:26 19,200 ------w c:\windows\ServicePackFiles\i386\hidir.sys
+ 2008-04-13 18:45:22 24,960 ------w c:\windows\ServicePackFiles\i386\hidparse.sys
+ 2008-04-14 00:11:54 21,504 ------w c:\windows\ServicePackFiles\i386\hidserv.dll
+ 2008-04-13 18:45:27 10,368 ------w c:\windows\ServicePackFiles\i386\hidusb.sys
+ 2008-04-14 00:11:54 72,704 ------w c:\windows\ServicePackFiles\i386\hlink.dll
+ 2008-04-14 00:11:54 38,912 ------w c:\windows\ServicePackFiles\i386\hmmapi.dll
+ 2008-04-14 00:11:54 344,064 ------w c:\windows\ServicePackFiles\i386\hnetcfg.dll
+ 2008-04-14 00:11:54 330,752 ------w c:\windows\ServicePackFiles\i386\hnetwiz.dll
+ 2008-04-14 00:11:54 39,936 ------w c:\windows\ServicePackFiles\i386\hostmib.dll
+ 2008-04-14 00:11:54 144,896 ------w c:\windows\ServicePackFiles\i386\hotplug.dll
+ 2008-04-14 00:11:54 10,752 ------w c:\windows\ServicePackFiles\i386\hpcjrr.dll
+ 2008-04-14 00:11:54 10,240 ------w c:\windows\ServicePackFiles\i386\hpcjrrps.dll
+ 2008-04-14 00:11:54 87,552 ------w c:\windows\ServicePackFiles\i386\hpfud50.dll
+ 2008-04-14 00:12:21 18,432 ------w c:\windows\ServicePackFiles\i386\hscupd.exe
+ 2004-08-03 12:41:48 220,032 ------w c:\windows\ServicePackFiles\i386\hsfbs2s2.sys
+ 2008-04-14 00:11:54 32,285 ------w c:\windows\ServicePackFiles\i386\hsfcisp2.dll
+ 2004-08-03 12:41:50 685,056 ------w c:\windows\ServicePackFiles\i386\hsfcxts2.sys
+ 2004-08-03 12:41:56 1,041,536 ------w c:\windows\ServicePackFiles\i386\hsfdpsp2.sys
+ 2008-04-13 18:53:53 264,832 ------w c:\windows\ServicePackFiles\i386\http.sys
+ 2008-04-14 00:11:54 24,576 ------w c:\windows\ServicePackFiles\i386\httpapi.dll
+ 2008-04-14 00:11:54 41,984 ------w c:\windows\ServicePackFiles\i386\htui.dll
+ 2008-04-14 00:11:54 347,136 ------w c:\windows\ServicePackFiles\i386\hypertrm.dll
+ 2008-04-13 18:41:22 8,576 ------w c:\windows\ServicePackFiles\i386\i2omgmt.sys
+ 2008-04-13 18:41:22 18,560 ------w c:\windows\ServicePackFiles\i386\i2omp.sys
+ 2008-04-13 19:18:00 52,480 ------w c:\windows\ServicePackFiles\i386\i8042prt.sys
+ 2008-04-14 00:11:54 702,845 ------w c:\windows\ServicePackFiles\i386\i81xdnt5.dll
+ 2004-08-03 12:29:38 161,020 ------w c:\windows\ServicePackFiles\i386\i81xnt5.sys
+ 2008-04-14 00:11:54 119,808 ------w c:\windows\ServicePackFiles\i386\iasrad.dll
+ 2008-04-14 00:11:54 11,264 ------w c:\windows\ServicePackFiles\i386\icaapi.dll
+ 2008-04-14 00:11:54 80,384 ------w c:\windows\ServicePackFiles\i386\iccvid.dll
+ 2008-04-14 00:11:54 254,976 ------w c:\windows\ServicePackFiles\i386\icm32.dll
+ 2008-04-14 00:09:40 3,584 ------w c:\windows\ServicePackFiles\i386\icmp.dll
+ 2008-04-13 16:44:29 2,560 ------w c:\windows\ServicePackFiles\i386\iconlib.dll
+ 2008-04-14 00:11:54 61,440 ------w c:\windows\ServicePackFiles\i386\icwconn.dll
+ 2008-04-14 00:12:22 214,528 ------w c:\windows\ServicePackFiles\i386\icwconn1.exe
+ 2008-04-14 00:12:22 86,016 ------w c:\windows\ServicePackFiles\i386\icwconn2.exe
+ 2008-04-14 00:11:54 73,728 ------w c:\windows\ServicePackFiles\i386\icwdial.dll
+ 2008-04-14 00:11:54 32,768 ------w c:\windows\ServicePackFiles\i386\icwdl.dll
+ 2008-04-14 00:11:54 172,032 ------w c:\windows\ServicePackFiles\i386\icwhelp.dll
+ 2008-04-14 00:11:54 65,536 ------w c:\windows\ServicePackFiles\i386\icwphbk.dll
+ 2008-04-14 00:12:22 24,576 ------w c:\windows\ServicePackFiles\i386\icwrmind.exe
+ 2008-04-14 00:11:54 49,152 ------w c:\windows\ServicePackFiles\i386\icwutil.dll
+ 2008-04-14 00:11:54 120,832 ------w c:\windows\ServicePackFiles\i386\idq.dll
+ 2008-04-14 00:12:22 34,304 ------w c:\windows\ServicePackFiles\i386\ie4uinit.exe
+ 2008-04-14 00:11:54 143,360 ------w c:\windows\ServicePackFiles\i386\ieakeng.dll
+ 2008-04-14 00:11:54 216,576 ------w c:\windows\ServicePackFiles\i386\ieaksie.dll
+ 2008-04-14 00:11:54 323,584 ------w c:\windows\ServicePackFiles\i386\iedkcs32.dll
+ 2008-04-14 00:12:22 18,432 ------w c:\windows\ServicePackFiles\i386\iedw.exe
+ 2008-04-14 00:11:54 81,920 ------w c:\windows\ServicePackFiles\i386\ieencode.dll
+ 2008-04-14 00:11:54 251,904 ------w c:\windows\ServicePackFiles\i386\iepeers.dll
+ 2008-04-14 00:11:54 48,640 ------w c:\windows\ServicePackFiles\i386\iernonce.dll
+ 2008-04-14 00:11:54 62,976 ------w c:\windows\ServicePackFiles\i386\iesetup.dll
+ 2008-04-14 00:12:22 93,184 ------w c:\windows\ServicePackFiles\i386\iexplore.exe
+ 2008-04-14 00:12:22 114,688 ------w c:\windows\ServicePackFiles\i386\iexpress.exe
+ 2008-04-14 00:11:54 135,680 ------w c:\windows\ServicePackFiles\i386\ifmon.dll
+ 2008-04-14 00:11:54 8,192 ------w c:\windows\ServicePackFiles\i386\igmpagnt.dll
+ 2008-04-14 00:11:54 505,344 ------w c:\windows\ServicePackFiles\i386\iis.dll
+ 2008-04-14 00:11:54 81,920 ------w c:\windows\ServicePackFiles\i386\ils.dll
+ 2008-04-14 00:11:54 144,384 ------w c:\windows\ServicePackFiles\i386\imagehlp.dll
+ 2008-04-14 00:12:22 150,528 ------w c:\windows\ServicePackFiles\i386\imapi.exe
+ 2008-04-13 18:40:58 42,112 ------w c:\windows\ServicePackFiles\i386\imapi.sys
+ 2008-04-14 00:11:54 36,921 ------w c:\windows\ServicePackFiles\i386\imeshare.dll
+ 2008-04-14 00:11:54 35,840 ------w c:\windows\ServicePackFiles\i386\imgutil.dll
+ 2008-04-14 00:11:54 110,080 ------w c:\windows\ServicePackFiles\i386\imm32.dll
+ 2008-04-14 00:11:54 123,392 ------w c:\windows\ServicePackFiles\i386\imsinsnt.dll
+ 2008-04-14 00:11:54 274,432 ------w c:\windows\ServicePackFiles\i386\inetcfg.dll
+ 2008-04-14 00:11:54 691,712 ------w c:\windows\ServicePackFiles\i386\inetcomm.dll
+ 2008-04-14 00:11:55 32,768 ------w c:\windows\ServicePackFiles\i386\inetmib1.dll
+ 2008-04-14 00:11:55 75,264 ------w c:\windows\ServicePackFiles\i386\inetpp.dll
+ 2008-04-14 00:11:55 15,872 ------w c:\windows\ServicePackFiles\i386\inetppui.dll
+ 2008-04-13 16:22:12 48,128 ------w c:\windows\ServicePackFiles\i386\inetres.dll
+ 2008-04-14 00:12:22 20,480 ------w c:\windows\ServicePackFiles\i386\inetwiz.exe
+ 2008-04-14 00:11:55 147,456 ------w c:\windows\ServicePackFiles\i386\initpki.dll
+ 2008-04-14 00:11:55 123,392 ------w c:\windows\ServicePackFiles\i386\input.dll
+ 2008-04-14 00:11:55 96,256 ------w c:\windows\ServicePackFiles\i386\inseng.dll
+ 2008-04-13 18:40:29 5,504 ------w c:\windows\ServicePackFiles\i386\intelide.sys
+ 2008-04-13 18:31:32 36,352 ------w c:\windows\ServicePackFiles\i386\intelppm.sys
+ 2008-04-13 18:53:34 36,608 ------w c:\windows\ServicePackFiles\i386\ip6fw.sys
+ 2008-04-14 00:12:22 55,808 ------w c:\windows\ServicePackFiles\i386\ipconfig.exe
+ 2008-04-14 00:09:30 103,424 ------w c:\windows\ServicePackFiles\i386\ipevldpc.dll
+ 2008-04-14 00:09:23 24,064 ------w c:\windows\ServicePackFiles\i386\ipevlpid.dll
+ 2008-04-14 00:11:55 94,720 ------w c:\windows\ServicePackFiles\i386\iphlpapi.dll
+ 2008-04-13 18:57:07 20,864 ------w c:\windows\ServicePackFiles\i386\ipinip.sys
+ 2008-04-14 00:11:55 161,280 ------w c:\windows\ServicePackFiles\i386\ipmontr.dll
+ 2008-04-13 18:57:15 152,832 ------w c:\windows\ServicePackFiles\i386\ipnat.sys
+ 2008-04-14 00:11:55 331,264 ------w c:\windows\ServicePackFiles\i386\ipnathlp.dll
+ 2008-04-14 00:11:55 330,752 ------w c:\windows\ServicePackFiles\i386\ippromon.dll
+ 2008-04-14 00:11:55 35,328 ------w c:\windows\ServicePackFiles\i386\iprip.dll
+ 2008-04-14 00:11:55 177,152 ------w c:\windows\ServicePackFiles\i386\iprtrmgr.dll
+ 2008-04-13 19:19:42 75,264 ------w c:\windows\ServicePackFiles\i386\ipsec.sys
+ 2008-04-14 00:11:55 349,696 ------w c:\windows\ServicePackFiles\i386\ipsecsnp.dll
+ 2008-04-14 00:11:55 183,808 ------w c:\windows\ServicePackFiles\i386\ipsecsvc.dll
+ 2008-04-14 00:10:45 102,912 ------w c:\windows\ServicePackFiles\i386\ipseldpc.dll
+ 2008-04-14 00:09:24 24,064 ------w c:\windows\ServicePackFiles\i386\ipselpid.dll
+ 2008-04-14 00:11:55 384,000 ------w c:\windows\ServicePackFiles\i386\ipsmsnap.dll
+ 2008-04-14 00:12:23 53,248 ------w c:\windows\ServicePackFiles\i386\ipv6.exe
+ 2008-04-14 00:11:55 59,904 ------w c:\windows\ServicePackFiles\i386\ipv6mon.dll
+ 2008-04-14 00:12:23 23,552 ------w c:\windows\ServicePackFiles\i386\ipxroute.exe
+ 2008-04-14 00:11:55 22,016 ------w c:\windows\ServicePackFiles\i386\ipxwan.dll
+ 2008-04-14 00:11:55 120,320 ------w c:\windows\ServicePackFiles\i386\ir41_qc.dll
+ 2008-04-14 00:11:55 338,432 ------w c:\windows\ServicePackFiles\i386\ir41_qcx.dll
+ 2008-04-14 00:11:55 755,200 ------w c:\windows\ServicePackFiles\i386\ir50_32.dll
+ 2008-04-14 00:11:55 200,192 ------w c:\windows\ServicePackFiles\i386\ir50_qc.dll
+ 2008-04-14 00:11:55 183,808 ------w c:\windows\ServicePackFiles\i386\ir50_qcx.dll
+ 2008-04-13 18:54:36 88,192 ------w c:\windows\ServicePackFiles\i386\irda.sys
+ 2008-04-13 18:54:28 11,264 ------w c:\windows\ServicePackFiles\i386\irenum.sys
+ 2008-04-14 00:12:23 151,552 ------w c:\windows\ServicePackFiles\i386\irftp.exe
+ 2008-04-14 00:11:55 28,160 ------w c:\windows\ServicePackFiles\i386\irmon.dll
+ 2008-04-13 18:36:41 37,248 ------w c:\windows\ServicePackFiles\i386\isapnp.sys
+ 2008-04-14 00:10:32 105,984 ------w c:\windows\ServicePackFiles\i386\isdpc.dll
+ 2008-04-14 00:10:55 105,984 ------w c:\windows\ServicePackFiles\i386\isendpc.dll
+ 2008-04-14 00:10:55 24,064 ------w c:\windows\ServicePackFiles\i386\isenpid.dll
+ 2008-04-14 00:11:55 81,920 ------w c:\windows\ServicePackFiles\i386\isign32.dll
+ 2008-04-14 00:10:32 24,064 ------w c:\windows\ServicePackFiles\i386\ispid.dll
+ 2008-04-14 00:11:55 32,768 ------w c:\windows\ServicePackFiles\i386\isrdbg32.dll
+ 2008-04-14 00:11:55 155,136 ------w c:\windows\ServicePackFiles\i386\itircl.dll
+ 2008-04-14 00:11:55 138,240 ------w c:\windows\ServicePackFiles\i386\itss.dll
+ 2008-04-14 00:11:55 191,488 ------w c:\windows\ServicePackFiles\i386\iuengine.dll
+ 2008-04-14 00:11:55 54,272 ------w c:\windows\ServicePackFiles\i386\ixsso.dll
+ 2008-04-14 00:11:55 47,616 ------w c:\windows\ServicePackFiles\i386\iyuv_32.dll
+ 2008-04-14 00:11:55 163,840 ------w c:\windows\ServicePackFiles\i386\jgdw400.dll
+ 2008-04-14 00:11:55 27,648 ------w c:\windows\ServicePackFiles\i386\jgpl400.dll
+ 2008-04-14 00:11:56 512,000 ------w c:\windows\ServicePackFiles\i386\jscript.dll
+ 2008-04-14 00:11:56 15,872 ------w c:\windows\ServicePackFiles\i386\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd101.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbd106n.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdax2.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdbhc.dll
+ 2008-04-13 18:39:47 24,576 ------w c:\windows\ServicePackFiles\i386\kbdclass.sys
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdfi1.dll
+ 2008-04-13 18:39:48 14,592 ------w c:\windows\ServicePackFiles\i386\kbdhid.sys
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdibm02.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdinben.dll
+ 2008-04-14 00:09:55 6,656 ------w c:\windows\ServicePackFiles\i386\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdiultn.dll
+ 2008-04-14 00:09:55 6,656 ------w c:\windows\ServicePackFiles\i386\kbdlk41a.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdlk41j.dll
+ 2008-04-14 00:09:55 5,632 ------w c:\windows\ServicePackFiles\i386\kbdmaori.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdmlt48.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdnepr.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\ServicePackFiles\i386\kbdpash.dll
+ 2008-04-14 00:09:55 7,680 ------w c:\windows\ServicePackFiles\i386\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ------w c:\windows\ServicePackFiles\i386\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,168 ------w c:\windows\ServicePackFiles\i386\kbdukx.dll
+ 2008-04-13 18:31:35 7,424 ------w c:\windows\ServicePackFiles\i386\kd1394.dll
+ 2008-04-14 00:11:56 184,832 ------w c:\windows\ServicePackFiles\i386\kdcsvc.dll
+ 2008-04-14 00:11:56 48,640 ------w c:\windows\ServicePackFiles\i386\kdsui.dll
+ 2008-04-14 00:11:56 253,952 ------w c:\windows\ServicePackFiles\i386\kdsusd.dll
+ 2008-04-14 00:11:56 299,520 ------w c:\windows\ServicePackFiles\i386\kerberos.dll
+ 2008-04-14 00:11:56 989,696 ------w c:\windows\ServicePackFiles\i386\kernel32.dll
+ 2004-08-04 12:00:00 42,537 ------w c:\windows\ServicePackFiles\i386\keyboard.sys
+ 2008-04-14 00:11:56 150,528 ------w c:\windows\ServicePackFiles\i386\keymgr.dll
+ 2008-04-13 18:45:09 172,416 ------w c:\windows\ServicePackFiles\i386\kmixer.sys
+ 2008-04-14 00:11:56 61,440 ------w c:\windows\ServicePackFiles\i386\kmsvc.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\knperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w c:\windows\ServicePackFiles\i386\knperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\knprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w c:\windows\ServicePackFiles\i386\knpropid.dll
+ 2008-04-14 00:11:56 8,192 ------w c:\windows\ServicePackFiles\i386\koc.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\kperdpc.dll
+ 2008-04-14 00:09:56 24,064 ------w c:\windows\ServicePackFiles\i386\kperpid.dll
+ 2008-04-14 00:09:56 102,912 ------w c:\windows\ServicePackFiles\i386\kprodpc.dll
+ 2008-04-14 00:09:56 24,576 ------w c:\windows\ServicePackFiles\i386\kpropid.dll
+ 2004-08-04 12:00:00 92,224 ------w c:\windows\ServicePackFiles\i386\krnl386.exe
+ 2008-04-14 00:11:56 24,576 ------w c:\windows\ServicePackFiles\i386\krnlprov.dll
+ 2008-04-13 19:16:36 141,056 ------w c:\windows\ServicePackFiles\i386\ks.sys
+ 2008-04-13 18:31:43 92,288 ------w c:\windows\ServicePackFiles\i386\ksecdd.sys
+ 2008-04-14 00:11:56 4,096 ------w c:\windows\ServicePackFiles\i386\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w c:\windows\ServicePackFiles\i386\l2store.dll
+ 2008-04-14 00:09:05 97,792 ------w c:\windows\ServicePackFiles\i386\lang\chtmbx.dll
+ 2008-04-14 00:09:05 56,320 ------w c:\windows\ServicePackFiles\i386\lang\chtskdic.dll
+ 2008-04-14 00:09:05 173,568 ------w c:\windows\ServicePackFiles\i386\lang\chtskf.dll
+ 2008-04-14 00:09:06 198,656 ------w c:\windows\ServicePackFiles\i386\lang\cintime.dll
+ 2004-08-04 12:00:00 480,256 ------w c:\windows\ServicePackFiles\i386\lang\cintsetp.exe
+ 2004-08-04 12:00:00 57,399 ------w c:\windows\ServicePackFiles\i386\lang\cplexe.exe
+ 2008-04-14 00:09:39 13,463,552 ------w c:\windows\ServicePackFiles\i386\lang\hwxjpn.dll
+ 2008-04-14 00:09:43 106,496 ------w c:\windows\ServicePackFiles\i386\lang\imekrcic.dll
+ 2008-04-14 00:09:43 86,016 ------w c:\windows\ServicePackFiles\i386\lang\imekrmbx.dll
+ 2008-04-14 00:09:44 811,064 ------w c:\windows\ServicePackFiles\i386\lang\imjp81k.dll
+ 2008-04-14 00:09:45 368,696 ------w c:\windows\ServicePackFiles\i386\lang\imjpcic.dll
+ 2008-04-14 00:09:45 716,856 ------w c:\windows\ServicePackFiles\i386\lang\imjpcus.dll
+ 2008-04-14 00:09:45 81,976 ------w c:\windows\ServicePackFiles\i386\lang\imjpdct.dll
+ 2004-08-04 12:00:00 307,257 ------w c:\windows\ServicePackFiles\i386\lang\imjpdct.exe
+ 2004-08-04 12:00:00 155,705 ------w c:\windows\ServicePackFiles\i386\lang\imjpdsvr.exe
+ 2004-08-04 12:00:00 196,665 ------w c:\windows\ServicePackFiles\i386\lang\imjpinst.exe
+ 2004-08-04 12:00:00 208,952 ------w c:\windows\ServicePackFiles\i386\lang\imjpmig.exe
+ 2004-08-04 12:00:00 233,527 ------w c:\windows\ServicePackFiles\i386\lang\imjprw.exe
+ 2004-08-04 12:00:00 262,200 ------w c:\windows\ServicePackFiles\i386\lang\imjputy.exe
+ 2008-04-14 00:09:46 274,489 ------w c:\windows\ServicePackFiles\i386\lang\imjputyc.dll
+ 2008-04-14 00:09:46 102,456 ------w c:\windows\ServicePackFiles\i386\lang\imlang.dll
+ 2004-08-04 12:00:00 59,392 ------w c:\windows\ServicePackFiles\i386\lang\imscinst.exe
+ 2008-04-14 00:09:47 315,455 ------w c:\windows\ServicePackFiles\i386\lang\imskf.dll
+ 2008-04-14 00:10:33 15,872 ------w c:\windows\ServicePackFiles\i386\lang\padrs404.dll
+ 2008-04-14 00:10:33 15,360 ------w c:\windows\ServicePackFiles\i386\lang\padrs804.dll
+ 2008-04-14 00:10:34 175,104 ------w c:\windows\ServicePackFiles\i386\lang\pintlcsa.dll
+ 2008-04-14 00:10:34 53,760 ------w c:\windows\ServicePackFiles\i386\lang\pintlcsd.dll
+ 2008-04-13 16:43:36 70,144 ------w c:\windows\ServicePackFiles\i386\lang\pintlphr.exe
+ 2008-04-14 00:10:34 67,584 ------w c:\windows\ServicePackFiles\i386\lang\pmigrate.dll
+ 2004-08-04 12:00:00 44,032 ------w c:\windows\ServicePackFiles\i386\lang\tintlphr.exe
+ 2004-08-04 12:00:00 455,168 ------w c:\windows\ServicePackFiles\i386\lang\tintsetp.exe
+ 2008-04-14 00:10:59 10,240 ------w c:\windows\ServicePackFiles\i386\lang\tmigrate.dll
+ 2008-04-14 00:11:01 76,288 ------w c:\windows\ServicePackFiles\i386\lang\uniime.dll
+ 2008-04-14 00:11:04 426,041 ------w c:\windows\ServicePackFiles\i386\lang\voicepad.dll
+ 2008-04-14 00:11:04 86,073 ------w c:\windows\ServicePackFiles\i386\lang\voicesub.dll
+ 2008-04-13 18:40:26 34,688 ------w c:\windows\ServicePackFiles\i386\lbrtfdc.sys
+ 2008-04-14 00:12:23 677,888 ------w c:\windows\ServicePackFiles\i386\lhmstsc.exe
+ 2008-04-14 00:11:56 2,061,824 ------w c:\windows\ServicePackFiles\i386\lhmstscx.dll
+ 2008-04-13 19:41:58 423,936 ------w c:\windows\ServicePackFiles\i386\licdll.dll
+ 2008-04-14 00:11:56 22,016 ------w c:\windows\ServicePackFiles\i386\licmgr10.dll
+ 2008-04-14 00:11:56 58,880 ------w c:\windows\ServicePackFiles\i386\licwmi.dll
+ 2008-04-14 00:11:56 19,968 ------w c:\windows\ServicePackFiles\i386\linkinfo.dll
+ 2008-04-14 00:11:56 13,824 ------w c:\windows\ServicePackFiles\i386\lmhsvc.dll
+ 2008-04-14 00:11:56 33,792 ------w c:\windows\ServicePackFiles\i386\lmmib2.dll
+ 2008-04-14 00:11:56 399,872 ------w c:\windows\ServicePackFiles\i386\lmrt.dll
+ 2008-04-14 00:11:56 97,280 ------w c:\windows\ServicePackFiles\i386\loadperf.dll
+ 2008-04-14 00:11:56 221,696 ------w c:\windows\ServicePackFiles\i386\localsec.dll
+ 2008-04-14 00:11:56 343,040 ------w c:\windows\ServicePackFiles\i386\localspl.dll
+ 2008-04-14 00:11:56 11,776 ------w c:\windows\ServicePackFiles\i386\localui.dll
+ 2008-04-14 00:12:24 75,264 ------w c:\windows\ServicePackFiles\i386\locator.exe
+ 2008-04-14 00:11:56 19,968 ------w c:\windows\ServicePackFiles\i386\log.dll
+ 2008-04-14 00:12:24 59,392 ------w c:\windows\ServicePackFiles\i386\logman.exe
+ 2008-04-14 00:12:43 220,672 ------w c:\windows\ServicePackFiles\i386\logon.scr
+ 2008-04-14 00:12:24 514,560 ------w c:\windows\ServicePackFiles\i386\logonui.exe
+ 2008-04-14 00:11:56 22,528 ------w c:\windows\ServicePackFiles\i386\lpdsvc.dll
+ 2008-04-14 00:11:56 22,016 ------w c:\windows\ServicePackFiles\i386\lpk.dll
+ 2008-04-14 00:11:56 10,240 ------w c:\windows\ServicePackFiles\i386\lprhelp.dll
+ 2008-04-14 00:11:56 18,944 ------w c:\windows\ServicePackFiles\i386\lprmon.dll
+ 2008-04-14 00:11:56 728,064 ------w c:\windows\ServicePackFiles\i386\lsasrv.dll
+ 2008-04-14 00:12:24 13,312 ------w c:\windows\ServicePackFiles\i386\lsass.exe
+ 2004-08-03 12:41:36 606,684 ------w c:\windows\ServicePackFiles\i386\ltmdmnt.sys
+ 2004-08-03 12:41:38 420,992 ------w c:\windows\ServicePackFiles\i386\ltmdmntt.sys
+ 2008-04-13 18:40:52 7,040 ------w c:\windows\ServicePackFiles\i386\ltotape.sys
+ 2004-08-03 12:39:32 20,864 ------w c:\windows\ServicePackFiles\i386\lwadihid.sys
+ 2008-04-14 00:12:24 72,704 ------w c:\windows\ServicePackFiles\i386\magnify.exe
+ 2008-04-14 00:12:25 57,344 ------w c:\windows\ServicePackFiles\i386\makecab.exe
+ 2008-04-14 00:11:56 14,336 ------w c:\windows\ServicePackFiles\i386\mcastmib.dll
+ 2008-04-14 00:11:56 84,480 ------w c:\windows\ServicePackFiles\i386\mciavi32.dll
+ 2008-04-14 00:11:56 35,328 ------w c:\windows\ServicePackFiles\i386\mciqtz32.dll
+ 2008-04-14 00:11:56 23,040 ------w c:\windows\ServicePackFiles\i386\mciseq.dll
+ 2008-04-14 00:11:56 23,552 ------w c:\windows\ServicePackFiles\i386\mciwave.dll
+ 2008-04-14 00:11:56 118,272 ------w c:\windows\ServicePackFiles\i386\mdminst.dll
+ 2008-04-14 00:11:56 86,016 ------w c:\windows\ServicePackFiles\i386\mdmxsdk.dll
+ 2004-08-03 12:41:56 11,868 ------w c:\windows\ServicePackFiles\i386\mdmxsdk.sys
+ 2008-04-13 18:41:21 26,112 ------w c:\windows\ServicePackFiles\i386\memstpci.sys
+ 2008-04-13 18:36:41 63,744 ------w c:\windows\ServicePackFiles\i386\mf.sys
+ 2008-04-14 00:11:56 40,960 ------w c:\windows\ServicePackFiles\i386\mf3216.dll
+ 2008-04-14 00:11:56 927,504 ------w c:\windows\ServicePackFiles\i386\mfc40u.dll
+ 2008-04-14 00:11:56 1,028,096 ------w c:\windows\ServicePackFiles\i386\mfc42.dll
+ 2006-10-14 08:13:25 981,760 ------w c:\windows\ServicePackFiles\i386\mfc42u.dll
+ 2008-04-14 00:11:56 22,528 ------w c:\windows\ServicePackFiles\i386\mfcsubs.dll
+ 2008-04-14 00:11:56 14,848 ------w c:\windows\ServicePackFiles\i386\mgmtapi.dll
+ 2008-04-14 00:11:57 18,944 ------w c:\windows\ServicePackFiles\i386\midimap.dll
+ 2008-04-14 00:11:57 274,432 ------w c:\windows\ServicePackFiles\i386\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w c:\windows\ServicePackFiles\i386\migisma.dll
+ 2008-04-14 00:11:57 60,928 ------w c:\windows\ServicePackFiles\i386\miglibnt.dll
+ 2008-04-14 00:12:25 103,936 ------w c:\windows\ServicePackFiles\i386\migload.exe
+ 2008-04-14 00:12:25 7,680 ------w c:\windows\ServicePackFiles\i386\migregdb.exe
+ 2008-04-14 00:12:25 245,248 ------w c:\windows\ServicePackFiles\i386\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w c:\windows\ServicePackFiles\i386\migwiza.exe
+ 2008-04-14 00:11:57 29,696 ------w c:\windows\ServicePackFiles\i386\mimefilt.dll
+ 2008-04-14 00:11:57 586,240 ------w c:\windows\ServicePackFiles\i386\mlang.dll
+ 2008-04-14 00:12:25 1,414,656 ------w c:\windows\ServicePackFiles\i386\mmc.exe
+ 2008-04-14 00:11:57 184,320 ------w c:\windows\ServicePackFiles\i386\mmc30.dll
+ 2008-04-14 00:11:57 28,672 ------w c:\windows\ServicePackFiles\i386\mmc30r.dll
+ 2008-04-14 00:11:57 163,328 ------w c:\windows\ServicePackFiles\i386\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w c:\windows\ServicePackFiles\i386\mmcex.dll
+ 2008-04-14 00:11:57 40,960 ------w c:\windows\ServicePackFiles\i386\mmcexr.dll
+ 2008-04-14 00:11:57 106,496 ------w c:\windows\ServicePackFiles\i386\mmcfxc.dll
+ 2008-04-14 00:11:57 6,656 ------w c:\windows\ServicePackFiles\i386\mmcfxcr.dll
+ 2008-04-14 00:11:57 1,872,896 ------w c:\windows\ServicePackFiles\i386\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w c:\windows\ServicePackFiles\i386\mmcperf.exe
+ 2008-04-14 00:11:57 61,440 ------w c:\windows\ServicePackFiles\i386\mmcshext.dll
+ 2008-04-14 00:11:57 17,408 ------w c:\windows\ServicePackFiles\i386\mmfutil.dll
+ 2004-08-04 12:00:00 68,768 ------w c:\windows\ServicePackFiles\i386\mmsystem.dll
+ 2008-04-14 00:11:57 34,560 ------w c:\windows\ServicePackFiles\i386\mnmdd.dll
+ 2008-04-14 00:12:25 32,768 ------w c:\windows\ServicePackFiles\i386\mnmsrvc.exe
+ 2008-04-14 00:11:57 207,360 ------w c:\windows\ServicePackFiles\i386\mobsync.dll
+ 2008-04-14 00:12:26 143,360 ------w c:\windows\ServicePackFiles\i386\mobsync.exe
+ 2008-04-13 19:00:19 30,080 ------w c:\windows\ServicePackFiles\i386\modem.sys
+ 2008-04-14 00:11:57 153,600 ------w c:\windows\ServicePackFiles\i386\modemui.dll
+ 2008-04-14 00:12:26 16,384 ------w c:\windows\ServicePackFiles\i386\mofcomp.exe
+ 2008-04-14 00:11:57 123,904 ------w c:\windows\ServicePackFiles\i386\mofd.dll
+ 2008-04-14 00:12:42 16,896 ------w c:\windows\ServicePackFiles\i386\more.com
+ 2008-04-13 16:45:30 216,064 ------w c:\windows\ServicePackFiles\i386\moricons.dll
+ 2008-04-13 18:39:47 23,040 ------w c:\windows\ServicePackFiles\i386\mouclass.sys
+ 2008-04-13 18:39:46 42,368 ------w c:\windows\ServicePackFiles\i386\mountmgr.sys
+ 2008-04-14 00:12:27 3,558,912 ------w c:\windows\ServicePackFiles\i386\moviemk.exe
+ 2008-04-13 18:46:22 15,232 ------w c:\windows\ServicePackFiles\i386\mpe.sys
+ 2008-04-14 00:12:27 123,392 ------w c:\windows\ServicePackFiles\i386\mplay32.exe
+ 2008-04-14 00:11:57 59,904 ------w c:\windows\ServicePackFiles\i386\mpr.dll
+ 2008-04-14 00:11:57 87,040 ------w c:\windows\ServicePackFiles\i386\mprapi.dll
+ 2008-04-14 00:11:57 53,248 ------w c:\windows\ServicePackFiles\i386\mprdim.dll
+ 2008-04-13 18:32:44 180,608 ------w c:\windows\ServicePackFiles\i386\mrxdav.sys
+ 2008-04-13 19:17:01 456,576 ------w c:\windows\ServicePackFiles\i386\mrxsmb.sys
+ 2008-04-14 00:11:58 71,680 ------w c:\windows\ServicePackFiles\i386\msacm32.dll
+ 2008-04-14 00:11:58 331,776 ------w c:\windows\ServicePackFiles\i386\msadce.dll
+ 2008-04-13 17:25:57 20,480 ------w c:\windows\ServicePackFiles\i386\msadcer.dll
+ 2008-04-14 00:11:58 61,440 ------w c:\windows\ServicePackFiles\i386\msadcf.dll
+ 2008-04-13 17:25:57 16,384 ------w c:\windows\ServicePackFiles\i386\msadcfr.dll
+ 2008-04-14 00:11:58 143,360 ------w c:\windows\ServicePackFiles\i386\msadco.dll
+ 2008-04-13 17:25:57 16,384 ------w c:\windows\ServicePackFiles\i386\msadcor.dll
+ 2008-04-14 00:11:58 53,248 ------w c:\windows\ServicePackFiles\i386\msadcs.dll
+ 2008-04-14 00:11:58 155,648 ------w c:\windows\ServicePackFiles\i386\msadds.dll
+ 2008-04-13 17:25:58 24,576 ------w c:\windows\ServicePackFiles\i386\msaddsr.dll
+ 2008-04-13 17:26:17 24,576 ------w c:\windows\ServicePackFiles\i386\msader15.dll
+ 2008-04-14 00:11:58 536,576 ------w c:\windows\ServicePackFiles\i386\msado15.dll
+ 2008-04-14 00:11:58 180,224 ------w c:\windows\ServicePackFiles\i386\msadomd.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msador15.dll
+ 2008-04-14 00:11:58 200,704 ------w c:\windows\ServicePackFiles\i386\msadox.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msadrh15.dll
+ 2008-04-14 00:10:06 3,584 ------w c:\windows\ServicePackFiles\i386\msafd.dll
+ 2008-04-14 00:11:58 86,016 ------w c:\windows\ServicePackFiles\i386\msapsspc.dll
+ 2008-04-14 00:11:58 57,344 ------w c:\windows\ServicePackFiles\i386\msasn1.dll
+ 2008-04-14 00:11:58 220,160 ------w c:\windows\ServicePackFiles\i386\mscandui.dll
+ 2008-04-14 00:11:58 73,728 ------w c:\windows\ServicePackFiles\i386\mscms.dll
+ 2008-04-14 00:11:58 69,632 ------w c:\windows\ServicePackFiles\i386\msconf.dll
+ 2008-04-14 00:12:27 169,984 ------w c:\windows\ServicePackFiles\i386\msconfig.exe
+ 2007-04-02 20:01:06 116,288 ------w c:\windows\ServicePackFiles\i386\msconv97.dll
+ 2008-04-13 17:26:07 12,288 ------w c:\windows\ServicePackFiles\i386\mscpx32r.dll
+ 2008-04-14 00:11:58 36,864 ------w c:\windows\ServicePackFiles\i386\mscpxl32.dll
+ 2008-04-14 00:11:58 297,984 ------w c:\windows\ServicePackFiles\i386\msctf.dll
+ 2008-04-14 00:11:58 68,608 ------w c:\windows\ServicePackFiles\i386\msctfp.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdadc.dll
+ 2008-04-14 00:11:58 118,784 ------w c:\windows\ServicePackFiles\i386\msdadiag.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdaenum.dll
+ 2008-04-14 00:11:58 4,096 ------w c:\windows\ServicePackFiles\i386\msdaer.dll
+ 2008-04-14 00:11:58 532,480 ------w c:\windows\ServicePackFiles\i386\msdaipp.dll
+ 2008-04-14 00:11:58 233,472 ------w c:\windows\ServicePackFiles\i386\msdaora.dll
+ 2008-04-13 17:24:14 16,384 ------w c:\windows\ServicePackFiles\i386\msdaorar.dll
+ 2008-04-14 00:11:58 77,824 ------w c:\windows\ServicePackFiles\i386\msdaosp.dll
+ 2008-04-13 17:25:58 16,384 ------w c:\windows\ServicePackFiles\i386\msdaprsr.dll
+ 2008-04-14 00:11:58 200,704 ------w c:\windows\ServicePackFiles\i386\msdaprst.dll
+ 2008-04-14 00:11:59 204,800 ------w c:\windows\ServicePackFiles\i386\msdaps.dll
+ 2008-04-14 00:11:59 118,784 ------w c:\windows\ServicePackFiles\i386\msdarem.dll
+ 2008-04-13 17:25:58 16,384 ------w c:\windows\ServicePackFiles\i386\msdaremr.dll
+ 2008-04-14 00:11:59 151,552 ------w c:\windows\ServicePackFiles\i386\msdart.dll
+ 2008-04-14 00:11:59 4,096 ------w c:\windows\ServicePackFiles\i386\msdasc.dll
+ 2008-04-14 00:11:59 315,392 ------w c:\windows\ServicePackFiles\i386\msdasql.dll
+ 2008-04-13 17:26:07 16,384 ------w c:\windows\ServicePackFiles\i386\msdasqlr.dll
+ 2008-04-14 00:11:59 94,208 ------w c:\windows\ServicePackFiles\i386\msdatl3.dll
+ 2008-04-14 00:11:59 20,480 ------w c:\windows\ServicePackFiles\i386\msdatt.dll
+ 2008-04-14 00:11:59 4,096 ------w c:\windows\ServicePackFiles\i386\msdaurl.dll
+ 2008-04-14 00:11:59 36,864 ------w c:\windows\ServicePackFiles\i386\msdfmap.dll
+ 2008-04-14 00:11:59 14,336 ------w c:\windows\ServicePackFiles\i386\msdmo.dll
+ 2008-04-14 00:12:27 6,144 ------w c:\windows\ServicePackFiles\i386\msdtc.exe
+ 2008-04-14 00:11:59 58,880 ------w c:\windows\ServicePackFiles\i386\msdtclog.dll
+ 2008-04-14 00:11:59 427,008 ------w c:\windows\ServicePackFiles\i386\msdtcprx.dll
+ 2008-04-14 00:11:59 90,112 ------w c:\windows\ServicePackFiles\i386\msdtcstp.dll
+ 2008-04-14 00:11:59 956,928 ------w c:\windows\ServicePackFiles\i386\msdtctm.dll
+ 2008-04-14 00:11:59 161,792 ------w c:\windows\ServicePackFiles\i386\msdtcuiu.dll
+ 2008-04-13 18:46:09 51,200 ------w c:\windows\ServicePackFiles\i386\msdv.sys
+ 2008-03-25 04:50:28 518,944 ------w c:\windows\ServicePackFiles\i386\msexch40.dll
+ 2008-03-25 04:50:30 326,432 ------w c:\windows\ServicePackFiles\i386\msexcl40.dll
+ 2008-04-13 18:32:39 19,072 ------w c:\windows\ServicePackFiles\i386\msfs.sys
+ 2008-04-14 00:11:59 539,136 ------w c:\windows\ServicePackFiles\i386\msftedit.dll
+ 2008-04-14 00:11:59 997,376 ------w c:\windows\ServicePackFiles\i386\msgina.dll
+ 2008-04-13 18:56:32 35,072 ------w c:\windows\ServicePackFiles\i386\msgpc.sys
+ 2008-04-14 00:11:59 3,166,208 ------w c:\windows\ServicePackFiles\i386\msgr3en.dll
+ 2008-04-14 00:11:59 15,360 ------w c:\windows\ServicePackFiles\i386\msgrocm.dll
+ 2008-04-14 00:11:59 82,944 ------w c:\windows\ServicePackFiles\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w c:\windows\ServicePackFiles\i386\msgslang.dll
+ 2008-04-14 00:11:59 33,792 ------w c:\windows\ServicePackFiles\i386\msgsvc.dll
+ 2008-04-14 00:12:45 188,416 ------w c:\windows\ServicePackFiles\i386\msh261.drv
+ 2008-04-14 00:12:45 294,912 ------w c:\windows\ServicePackFiles\i386\msh263.drv
+ 2008-04-14 00:12:27 29,184 ------w c:\windows\ServicePackFiles\i386\mshta.exe
+ 2008-04-14 00:11:59 3,066,880 ------w c:\windows\ServicePackFiles\i386\mshtml.dll
+ 2008-04-14 00:11:59 449,024 ------w c:\windows\ServicePackFiles\i386\mshtmled.dll
+ 2008-04-13 16:26:26 56,832 ------w c:\windows\ServicePackFiles\i386\mshtmler.dll
+ 2008-04-14 00:11:59 2,843,136 ------w c:\windows\ServicePackFiles\i386\msi.dll
+ 2008-04-14 00:11:59 51,712 ------w c:\windows\ServicePackFiles\i386\msident.dll
+ 2008-04-14 00:11:59 6,656 ------w c:\windows\ServicePackFiles\i386\msidle.dll
+ 2008-04-14 00:11:59 248,832 ------w c:\windows\ServicePackFiles\i386\msieftp.dll
+ 2008-04-14 00:12:28 78,848 ------w c:\windows\ServicePackFiles\i386\msiexec.exe
+ 2008-04-14 00:11:59 271,360 ------w c:\windows\ServicePackFiles\i386\msihnd.dll
+ 2008-04-14 00:11:59 4,608 ------w c:\windows\ServicePackFiles\i386\msimg32.dll
+ 2008-04-14 00:12:28 60,416 ------w c:\windows\ServicePackFiles\i386\msimn.exe
+ 2008-04-13 15:39:43 884,736 ------w c:\windows\ServicePackFiles\i386\msimsg.dll
+ 2008-04-14 00:11:59 159,232 ------w c:\windows\ServicePackFiles\i386\msimtf.dll
+ 2008-04-14 00:11:59 376,832 ------w c:\windows\ServicePackFiles\i386\msinfo.dll
+ 2008-04-13 18:54:28 22,016 ------w c:\windows\ServicePackFiles\i386\msircomm.sys
+ 2008-04-14 00:12:28 40,960 ------w c:\windows\ServicePackFiles\i386\msiregmv.exe
+ 2008-04-14 00:11:59 15,360 ------w c:\windows\ServicePackFiles\i386\msisip.dll
+ 2008-03-25 04:50:34 1,516,568 ------w c:\windows\ServicePackFiles\i386\msjet40.dll
+ 2008-03-25 04:50:40 355,112 ------w c:\windows\ServicePackFiles\i386\msjetol1.dll
+ 2008-04-14 00:12:00 151,583 ------w c:\windows\ServicePackFiles\i386\msjint40.dll
+ 2008-04-14 00:12:00 102,400 ------w c:\windows\ServicePackFiles\i386\msjro.dll
+ 2008-03-25 04:50:42 60,192 ------w c:\windows\ServicePackFiles\i386\msjter40.dll
+ 2008-03-25 04:50:42 248,608 ------w c:\windows\ServicePackFiles\i386\msjtes40.dll
+ 2008-04-13 18:39:52 7,552 ------w c:\windows\ServicePackFiles\i386\mskssrv.sys
+ 2008-04-14 00:12:00 25,088 ------w c:\windows\ServicePackFiles\i386\mslbui.dll
+ 2008-03-25 04:50:44 219,936 ------w c:\windows\ServicePackFiles\i386\msltus40.dll
+ 2008-04-14 00:12:00 39,936 ------w c:\windows\ServicePackFiles\i386\mslwvtts.dll
+ 2008-04-14 00:12:28 1,695,232 ------w c:\windows\ServicePackFiles\i386\msmsgs.exe
+ 2007-04-02 18:39:43 11,053,008 ------w c:\windows\ServicePackFiles\i386\msncli.exe
+ 2008-04-14 00:12:00 290,816 ------w c:\windows\ServicePackFiles\i386\msnsspc.dll
+ 2007-04-02 18:42:37 1,327,320 ------w c:\windows\ServicePackFiles\i386\msnsusii.exe
+ 2008-04-14 00:12:00 122,368 ------w c:\windows\ServicePackFiles\i386\msobcomm.dll
+ 2008-04-14 00:12:00 16,384 ------w c:\windows\ServicePackFiles\i386\msobdl.dll
+ 2008-04-14 00:12:00 565,248 ------w c:\windows\ServicePackFiles\i386\msobmain.dll
+ 2008-04-14 00:12:00 30,720 ------w c:\windows\ServicePackFiles\i386\msobshel.dll
+ 2008-04-14 00:12:00 19,456 ------w c:\windows\ServicePackFiles\i386\msobweb.dll
+ 2008-04-14 00:12:00 1,314,816 ------w c:\windows\ServicePackFiles\i386\msoe.dll
+ 2008-04-14 00:12:00 252,928 ------w c:\windows\ServicePackFiles\i386\msoeacct.dll
+ 2008-04-13 16:23:54 2,479,616 ------w c:\windows\ServicePackFiles\i386\msoeres.dll
+ 2008-04-14 00:12:00 105,984 ------w c:\windows\ServicePackFiles\i386\msoert2.dll
+ 2008-04-14 00:12:28 29,184 ------w c:\windows\ServicePackFiles\i386\msoobe.exe
+ 2008-04-13 17:24:14 20,480 ------w c:\windows\ServicePackFiles\i386\msorc32r.dll
+ 2008-04-14 00:12:00 143,360 ------w c:\windows\ServicePackFiles\i386\msorcl32.dll
+ 2008-04-14 00:12:28 343,040 ------w c:\windows\ServicePackFiles\i386\mspaint.exe
+ 2008-04-14 00:12:00 29,696 ------w c:\windows\ServicePackFiles\i386\mspatcha.dll
+ 2008-03-25 04:50:45 355,104 ------w c:\windows\ServicePackFiles\i386\mspbde40.dll
+ 2008-04-13 18:39:50 5,376 ------w c:\windows\ServicePackFiles\i386\mspclock.sys
+ 2008-04-13 18:39:51 4,992 ------w c:\windows\ServicePackFiles\i386\mspqm.sys
+ 2008-04-13 16:23:31 48,128 ------w c:\windows\ServicePackFiles\i386\msprivs.dll
+ 2008-04-14 00:12:00 146,432 ------w c:\windows\ServicePackFiles\i386\msrating.dll
+ 2008-03-25 04:50:47 432,928 ------w c:\windows\ServicePackFiles\i386\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 ------w c:\windows\ServicePackFiles\i386\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 ------w c:\windows\ServicePackFiles\i386\msrepl40.dll
+ 2008-04-14 00:12:00 11,264 ------w c:\windows\ServicePackFiles\i386\msrle32.dll
+ 2008-04-14 00:12:00 134,656 ------w c:\windows\ServicePackFiles\i386\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w c:\windows\ServicePackFiles\i386\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w c:\windows\ServicePackFiles\i386\msshamsg.dll
+ 2008-04-13 18:36:46 15,488 ------w c:\windows\ServicePackFiles\i386\mssmbios.sys
+ 2008-04-14 00:12:00 274,432 ------w c:\windows\ServicePackFiles\i386\mst120.dll
+ 2008-04-14 00:12:00 57,344 ------w c:\windows\ServicePackFiles\i386\mst123.dll
+ 2008-04-13 18:46:08 49,024 ------w c:\windows\ServicePackFiles\i386\mstape.sys
+ 2008-04-14 00:12:00 274,944 ------w c:\windows\ServicePackFiles\i386\mstask.dll
+ 2008-04-13 18:39:50 5,504 ------w c:\windows\ServicePackFiles\i386\mstee.sys
+ 2008-03-25 04:50:55 264,992 ------w c:\windows\ServicePackFiles\i386\mstext40.dll
+ 2008-04-14 00:12:00 532,480 ------w c:\windows\ServicePackFiles\i386\mstime.dll
+ 2008-04-14 00:12:29 12,288 ------w c:\windows\ServicePackFiles\i386\mstinit.exe
+ 2008-04-14 00:12:00 116,224 ------w c:\windows\ServicePackFiles\i386\mstlsapi.dll
+ 2008-04-14 00:12:00 195,072 ------w c:\windows\ServicePackFiles\i386\msutb.dll
+ 2008-04-14 00:12:00 132,608 ------w c:\windows\ServicePackFiles\i386\msv1_0.dll
+ 2008-04-14 00:12:00 1,384,479 ------w c:\windows\ServicePackFiles\i386\msvbvm60.dll
+ 2008-04-14 00:12:01 57,344 ------w c:\windows\ServicePackFiles\i386\msvcirt.dll
+ 2008-04-14 00:12:01 413,696 ------w c:\windows\ServicePackFiles\i386\msvcp60.dll
+ 2008-04-14 00:12:01 343,040 ------w c:\windows\ServicePackFiles\i386\msvcrt.dll
+ 2008-04-13 18:30:46 61,440 ------w c:\windows\ServicePackFiles\i386\msvcrt40.dll
+ 2008-04-14 00:12:01 121,344 ------w c:\windows\ServicePackFiles\i386\msvfw32.dll
+ 2008-04-14 00:12:01 1,428,992 ------w c:\windows\ServicePackFiles\i386\msvidctl.dll
+ 2008-04-14 00:12:01 72,704 ------w c:\windows\ServicePackFiles\i386\msw3prt.dll
+ 2008-03-25 04:50:57 838,432 ------w c:\windows\ServicePackFiles\i386\mswdat10.dll
+ 2008-04-14 00:12:01 203,776 ------w c:\windows\ServicePackFiles\i386\mswebdvd.dll
+ 2008-04-14 00:12:01 245,248 ------w c:\windows\ServicePackFiles\i386\mswsock.dll
+ 2008-03-25 04:50:58 621,344 ------w c:\windows\ServicePackFiles\i386\mswstr10.dll
+ 2008-04-14 00:12:01 24,576 ------w c:\windows\ServicePackFiles\i386\msxactps.dll
+ 2008-03-25 04:50:58 355,104 ------w c:\windows\ServicePackFiles\i386\msxbde40.dll
+ 2008-04-14 00:12:01 506,368 ------w c:\windows\ServicePackFiles\i386\msxml.dll
+ 2008-04-14 00:12:01 701,440 ------w c:\windows\ServicePackFiles\i386\msxml2.dll
+ 2008-04-14 00:12:01 1,104,896 ------w c:\windows\ServicePackFiles\i386\msxml3.dll
+ 2008-04-14 00:12:01 16,896 ------w c:\windows\ServicePackFiles\i386\msyuv.dll
+ 2004-08-03 12:41:40 126,686 ------w c:\windows\ServicePackFiles\i386\mtlmnt5.sys
+ 2004-08-03 12:41:38 1,309,184 ------w c:\windows\ServicePackFiles\i386\mtlstrm.sys
+ 2008-04-14 00:12:29 119,808 ------w c:\windows\ServicePackFiles\i386\mtstocom.exe
+ 2008-04-14 00:12:01 66,560 ------w c:\windows\ServicePackFiles\i386\mtxclu.dll
+ 2008-04-14 00:12:01 30,720 ------w c:\windows\ServicePackFiles\i386\mtxdm.dll
+ 2008-04-14 00:12:01 4,096 ------w c:\windows\ServicePackFiles\i386\mtxex.dll
+ 2008-04-14 00:12:01 34,304 ------w c:\windows\ServicePackFiles\i386\mtxlegih.dll
+ 2008-04-14 00:12:01 91,648 ------w c:\windows\ServicePackFiles\i386\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w c:\windows\ServicePackFiles\i386\mtxparhd.dll
+ 2004-08-03 12:29:38 452,736 ------w c:\windows\ServicePackFiles\i386\mtxparhm.sys
+ 2008-04-14 00:12:29 90,624 ------w c:\windows\ServicePackFiles\i386\muisetup.exe
+ 2008-04-13 19:17:05 105,344 ------w c:\windows\ServicePackFiles\i386\mup.sys
+ 2008-04-13 18:43:55 12,672 ------w c:\windows\ServicePackFiles\i386\mutohpen.sys
+ 2008-04-14 00:12:01 90,624 ------w c:\windows\ServicePackFiles\i386\mydocs.dll
+ 2008-04-13 18:46:25 85,248 ------w c:\windows\ServicePackFiles\i386\nabtsfec.sys
+ 2008-04-14 00:12:01 221,184 ------w c:\windows\ServicePackFiles\i386\nac.dll
+ 2008-04-14 00:12:01 30,208 ------w c:\windows\ServicePackFiles\i386\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w c:\windows\ServicePackFiles\i386\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w c:\windows\ServicePackFiles\i386\napstat.exe
+ 2008-04-14 00:12:29 53,760 ------w c:\windows\ServicePackFiles\i386\narrator.exe
+ 2008-04-14 00:12:01 36,352 ------w c:\windows\ServicePackFiles\i386\ncobjapi.dll
+ 2008-04-14 00:12:01 47,104 ------w c:\windows\ServicePackFiles\i386\ncprov.dll
+ 2008-04-14 00:12:01 9,728 ------w c:\windows\ServicePackFiles\i386\ncpsres.dll
+ 2008-04-14 00:12:01 17,920 ------w c:\windows\ServicePackFiles\i386\nddeapi.dll
+ 2008-04-14 00:12:29 4,096 ------w c:\windows\ServicePackFiles\i386\nddeapir.exe
+ 2008-04-14 00:12:01 18,944 ------w c:\windows\ServicePackFiles\i386\nddenb32.dll
+ 2008-04-13 19:20:37 182,656 ------w c:\windows\ServicePackFiles\i386\ndis.sys
+ 2008-04-13 18:46:22 10,880 ------w c:\windows\ServicePackFiles\i386\ndisip.sys
+ 2008-04-14 00:12:01 57,344 ------w c:\windows\ServicePackFiles\i386\ndisnpp.dll
+ 2008-04-13 18:57:27 10,112 ------w c:\windows\ServicePackFiles\i386\ndistapi.sys
+ 2008-04-13 18:55:58 14,592 ------w c:\windows\ServicePackFiles\i386\ndisuio.sys
+ 2008-04-13 19:20:42 91,520 ------w c:\windows\ServicePackFiles\i386\ndiswan.sys
+ 2008-04-13 18:57:29 40,576 ------w c:\windows\ServicePackFiles\i386\ndproxy.sys
+ 2008-04-14 00:12:29 42,496 ------w c:\windows\ServicePackFiles\i386\net.exe
+ 2008-04-14 00:12:29 124,928 ------w c:\windows\ServicePackFiles\i386\net1.exe
+ 2008-04-14 00:12:01 337,408 ------w c:\windows\ServicePackFiles\i386\netapi32.dll
+ 2008-04-13 18:56:02 34,688 ------w c:\windows\ServicePackFiles\i386\netbios.sys
+ 2008-04-13 19:21:00 162,816 ------w c:\windows\ServicePackFiles\i386\netbt.sys
+ 2008-04-14 00:12:01 622,592 ------w c:\windows\ServicePackFiles\i386\netcfgx.dll
+ 2008-04-14 00:12:29 111,104 ------w c:\windows\ServicePackFiles\i386\netdde.exe
+ 2008-04-14 00:12:01 139,264 ------w c:\windows\ServicePackFiles\i386\netid.dll
+ 2008-04-14 00:12:01 407,040 ------w c:\windows\ServicePackFiles\i386\netlogon.dll
+ 2008-04-14 00:12:01 198,144 ------w c:\windows\ServicePackFiles\i386\netman.dll
+ 2008-04-14 00:12:01 77,312 ------w c:\windows\ServicePackFiles\i386\netoc.dll
+ 2008-04-14 00:12:01 875,008 ------w c:\windows\ServicePackFiles\i386\netplwiz.dll
+ 2008-04-14 00:12:01 11,776 ------w c:\windows\ServicePackFiles\i386\netrap.dll
+ 2008-04-14 00:16:51 329,728 ------w c:\windows\ServicePackFiles\i386\netsetup.exe
+ 2008-04-14 00:12:29 86,016 ------w c:\windows\ServicePackFiles\i386\netsh.exe
+ 2008-04-14 00:12:02 1,703,936 ------w c:\windows\ServicePackFiles\i386\netshell.dll
+ 2008-04-14 00:12:29 36,864 ------w c:\windows\ServicePackFiles\i386\netstat.exe
+ 2008-04-14 00:12:02 80,896 ------w c:\windows\ServicePackFiles\i386\netui0.dll
+ 2008-04-14 00:12:02 245,760 ------w c:\windows\ServicePackFiles\i386\netui1.dll
+ 2004-08-03 12:31:42 132,695 ------w c:\windows\ServicePackFiles\i386\netwlan5.sys
+ 2008-04-14 00:12:02 247,808 ------w c:\windows\ServicePackFiles\i386\newdev.dll
+ 2008-04-13 18:51:25 61,824 ------w c:\windows\ServicePackFiles\i386\nic1394.sys
+ 2008-04-14 00:12:02 98,304 ------w c:\windows\ServicePackFiles\i386\nlhtml.dll
+ 2008-04-14 00:12:02 229,376 ------w c:\windows\ServicePackFiles\i386\nmas.dll
+ 2008-04-14 00:12:02 28,672 ------w c:\windows\ServicePackFiles\i386\nmasnt.dll
+ 2008-04-14 00:12:02 81,920 ------w c:\windows\ServicePackFiles\i386\nmchat.dll
+ 2008-04-14 00:12:02 77,824 ------w c:\windows\ServicePackFiles\i386\nmcom.dll
+ 2008-04-14 00:12:02 151,552 ------w c:\windows\ServicePackFiles\i386\nmft.dll
+ 2008-04-14 00:12:02 28,672 ------w c:\windows\ServicePackFiles\i386\nmmkcert.dll
+ 2008-04-13 18:53:09 40,320 ------w c:\windows\ServicePackFiles\i386\nmnt.sys
+ 2008-04-14 00:12:02 172,032 ------w c:\windows\ServicePackFiles\i386\nmoldwb.dll
+ 2008-04-14 00:12:02 188,416 ------w c:\windows\ServicePackFiles\i386\nmwb.dll
+ 2008-04-14 00:12:29 69,120 ------w c:\windows\ServicePackFiles\i386\notepad.exe
+ 2008-04-13 18:32:39 30,848 ------w c:\windows\ServicePackFiles\i386\npfs.sys
+ 2008-04-14 00:12:29 15,360 ------w c:\windows\ServicePackFiles\i386\nppagent.exe
+ 2008-04-14 00:12:02 54,784 ------w c:\windows\ServicePackFiles\i386\npptools.dll
+ 2008-04-13 18:54:36 28,672 ------w c:\windows\ServicePackFiles\i386\nscirda.sys
+ 2008-04-14 00:12:29 76,800 ------w c:\windows\ServicePackFiles\i386\nslookup.exe
+ 2004-08-04 12:00:00 47,564 ------w c:\windows\ServicePackFiles\i386\ntdetect.com
+ 2008-04-14 00:11:24 706,048 ------w c:\windows\ServicePackFiles\i386\ntdll.dll
+ 2008-04-14 00:12:02 67,072 ------w c:\windows\ServicePackFiles\i386\ntdsapi.dll
+ 2008-04-14 00:12:02 212,992 ------w c:\windows\ServicePackFiles\i386\ntevt.dll
+ 2008-04-13 19:15:53 574,976 ------w c:\windows\ServicePackFiles\i386\ntfs.sys
+ 2004-08-04 12:00:00 33,840 ------w c:\windows\ServicePackFiles\i386\ntio.sys
+ 2004-08-04 12:00:00 34,560 ------w c:\windows\ServicePackFiles\i386\ntio404.sys
+ 2004-08-04 12:00:00 35,648 ------w c:\windows\ServicePackFiles\i386\ntio411.sys
+ 2004-08-04 12:00:00 35,424 ------w c:\windows\ServicePackFiles\i386\ntio412.sys
+ 2004-08-04 12:00:00 34,560 ------w c:\windows\ServicePackFiles\i386\ntio804.sys
+ 2008-04-13 19:24:37 2,145,280 ------w c:\windows\ServicePackFiles\i386\ntkrnlmp.exe
+ 2008-04-13 18:31:21 2,065,792 ------w c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ------w c:\windows\ServicePackFiles\i386\ntkrpamp.exe
+ 2008-04-14 00:12:02 44,032 ------w c:\windows\ServicePackFiles\i386\ntlanman.dll
+ 2008-04-14 00:12:02 8,192 ------w c:\windows\ServicePackFiles\i386\ntlsapi.dll
+ 2008-04-14 00:12:02 118,784 ------w c:\windows\ServicePackFiles\i386\ntmarta.dll
+ 2008-04-14 00:12:02 40,960 ------w c:\windows\ServicePackFiles\i386\ntmsapi.dll
+ 2008-04-14 00:12:02 179,200 ------w c:\windows\ServicePackFiles\i386\ntmsdba.dll
+ 2008-04-14 00:12:02 488,448 ------w c:\windows\ServicePackFiles\i386\ntmsmgr.dll
+ 2008-04-14 00:12:02 435,200 ------w c:\windows\ServicePackFiles\i386\ntmssvc.dll
+ 2004-08-03 12:41:40 180,360 ------w c:\windows\ServicePackFiles\i386\ntmtlfax.sys
+ 2008-04-14 00:12:02 62,976 ------w c:\windows\ServicePackFiles\i386\ntoc.dll
+ 2008-04-13 19:27:53 2,188,928 ------w c:\windows\ServicePackFiles\i386\ntoskrnl.exe
+ 2008-04-14 00:12:02 91,136 ------w c:\windows\ServicePackFiles\i386\ntprint.dll
+ 2008-04-14 00:12:02 143,360 ------w c:\windows\ServicePackFiles\i386\ntshrui.dll
+ 2008-04-14 00:12:30 420,864 ------w c:\windows\ServicePackFiles\i386\ntvdm.exe
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\ntvdmd.dll
+ 2008-04-14 00:12:02 4,274,816 ------w c:\windows\ServicePackFiles\i386\nv4_disp.dll
+ 2004-08-03 12:29:56 1,897,408 ------w c:\windows\ServicePackFiles\i386\nv4_mini.sys
+ 2008-04-13 18:56:06 88,320 ------w c:\windows\ServicePackFiles\i386\nwlnkipx.sys
+ 2008-04-14 00:12:02 142,336 ------w c:\windows\ServicePackFiles\i386\nwprovau.dll
+ 2008-04-14 00:12:02 270,336 ------w c:\windows\ServicePackFiles\i386\oakley.dll
+ 2008-04-14 00:10:30 229,376 ------w c:\windows\ServicePackFiles\i386\obelog.dll
+ 2008-04-14 00:10:30 966,656 ------w c:\windows\ServicePackFiles\i386\obemetal.dll
+ 2007-04-02 18:44:11 77,824 ------w c:\windows\ServicePackFiles\i386\obemtllc.dll
+ 2008-04-14 00:10:30 86,016 ------w c:\windows\ServicePackFiles\i386\obepopc.dll
+ 2008-04-14 00:12:02 286,208 ------w c:\windows\ServicePackFiles\i386\objsel.dll
+ 2008-04-13 18:40:52 405,504 ------w c:\windows\ServicePackFiles\i386\obrb041b.dll
+ 2008-04-13 18:40:56 408,576 ------w c:\windows\ServicePackFiles\i386\obrb0424.dll
+ 2008-04-14 00:12:02 96,256 ------w c:\windows\ServicePackFiles\i386\occache.dll
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\ocgen.dll
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\ocmanage.dll
+ 2008-04-14 00:12:02 17,408 ------w c:\windows\ServicePackFiles\i386\ocmsn.dll
+ 2004-08-04 12:00:00 26,224 ------w c:\windows\ServicePackFiles\i386\odbc16gt.dll
+ 2008-04-14 00:12:02 249,856 ------w c:\windows\ServicePackFiles\i386\odbc32.dll
+ 2008-04-14 00:12:02 16,384 ------w c:\windows\ServicePackFiles\i386\odbc32gt.dll
+ 2008-04-14 00:12:30 32,768 ------w c:\windows\ServicePackFiles\i386\odbcad32.exe
+ 2008-04-14 00:12:02 24,576 ------w c:\windows\ServicePackFiles\i386\odbcbcp.dll
+ 2008-04-14 00:12:02 135,168 ------w c:\windows\ServicePackFiles\i386\odbcconf.dll
+ 2008-04-14 00:12:30 69,632 ------w c:\windows\ServicePackFiles\i386\odbcconf.exe
+ 2008-04-14 00:12:02 106,496 ------w c:\windows\ServicePackFiles\i386\odbccp32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\odbccu32.dll
+ 2008-04-13 17:26:05 94,208 ------w c:\windows\ServicePackFiles\i386\odbcint.dll
+ 2008-04-14 00:10:31 53,279 ------w c:\windows\ServicePackFiles\i386\odbcji32.dll
+ 2008-04-14 00:12:02 278,559 ------w c:\windows\ServicePackFiles\i386\odbcjt32.dll
+ 2008-04-13 17:26:05 12,288 ------w c:\windows\ServicePackFiles\i386\odbcp32r.dll
+ 2008-04-14 00:12:02 147,456 ------w c:\windows\ServicePackFiles\i386\odbctrac.dll
+ 2008-04-14 00:12:02 20,511 ------w c:\windows\ServicePackFiles\i386\oddbse32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ------w c:\windows\ServicePackFiles\i386\odpdx32.dll
+ 2008-04-14 00:12:02 20,511 ------w c:\windows\ServicePackFiles\i386\odtext32.dll
+ 2008-04-14 00:12:02 104,448 ------w c:\windows\ServicePackFiles\i386\oeimport.dll
+ 2008-04-14 00:12:30 60,416 ------w c:\windows\ServicePackFiles\i386\oemig50.exe
+ 2008-04-14 00:12:02 35,328 ------w c:\windows\ServicePackFiles\i386\oemiglib.dll
+ 2008-04-14 00:12:02 192,000 ------w c:\windows\ServicePackFiles\i386\offfilt.dll
+ 2008-04-13 18:46:18 61,696 ------w c:\windows\ServicePackFiles\i386\ohci1394.sys
+ 2008-04-14 00:12:02 1,287,168 ------w c:\windows\ServicePackFiles\i386\ole32.dll
+ 2008-04-14 00:12:02 551,936 ------w c:\windows\ServicePackFiles\i386\oleaut32.dll
+ 2008-04-14 00:12:02 74,752 ------w c:\windows\ServicePackFiles\i386\olecli32.dll
+ 2008-04-14 00:12:02 37,376 ------w c:\windows\ServicePackFiles\i386\olecnv32.dll
+ 2008-04-14 00:12:02 487,424 ------w c:\windows\ServicePackFiles\i386\oledb32.dll
+ 2008-04-14 00:12:02 65,536 ------w c:\windows\ServicePackFiles\i386\oledb32r.dll
+ 2008-04-14 00:12:02 122,880 ------w c:\windows\ServicePackFiles\i386\oledlg.dll
+ 2008-04-14 00:12:02 107,008 ------w c:\windows\ServicePackFiles\i386\oleprn.dll
+ 2008-04-14 00:12:02 84,992 ------w c:\windows\ServicePackFiles\i386\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w c:\windows\ServicePackFiles\i386\onex.dll
+ 2008-04-14 00:12:31 51,200 ------w c:\windows\ServicePackFiles\i386\oobebaln.exe
+ 2008-04-14 00:12:02 713,728 ------w c:\windows\ServicePackFiles\i386\opengl32.dll
+ 2008-04-13 18:32:32 166,912 ------w c:\windows\ServicePackFiles\i386\oschoice.exe
+ 2008-04-14 00:12:31 215,552 ------w c:\windows\ServicePackFiles\i386\osk.exe
+ 2008-04-13 18:31:43 230,400 ------w c:\windows\ServicePackFiles\i386\osloader.exe
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\osuninst.dll
+ 2008-04-14 00:12:02 153,600 ------w c:\windows\ServicePackFiles\i386\p2p.dll
+ 2008-04-14 00:12:02 105,472 ------w c:\windows\ServicePackFiles\i386\p2pgasvc.dll
+ 2008-04-14 00:12:02 313,856 ------w c:\windows\ServicePackFiles\i386\p2pgraph.dll
+ 2008-04-14 00:12:02 115,712 ------w c:\windows\ServicePackFiles\i386\p2pnetsh.dll
+ 2008-04-14 00:12:02 554,496 ------w c:\windows\ServicePackFiles\i386\p2psvc.dll
+ 2008-04-13 18:31:31 42,752 ------w c:\windows\ServicePackFiles\i386\p3.sys
+ 2008-04-14 00:12:31 58,368 ------w c:\windows\ServicePackFiles\i386\packager.exe
+ 2008-04-13 18:40:10 80,128 ------w c:\windows\ServicePackFiles\i386\parport.sys
+ 2008-04-13 18:40:49 19,712 ------w c:\windows\ServicePackFiles\i386\partmgr.sys
+ 2008-04-14 00:12:02 67,584 ------w c:\windows\ServicePackFiles\i386\pautoenr.dll
+ 2004-08-03 12:31:24 29,502 ------w c:\windows\ServicePackFiles\i386\pca200e.sys
+ 2008-04-14 00:12:02 102,912 ------w c:\windows\ServicePackFiles\i386\pchshell.dll
+ 2008-04-14 00:12:02 38,400 ------w c:\windows\ServicePackFiles\i386\pchsvc.dll
+ 2008-04-13 18:36:44 68,224 ------w c:\windows\ServicePackFiles\i386\pci.sys
+ 2008-04-13 18:40:29 24,960 ------w c:\windows\ServicePackFiles\i386\pciidex.sys
+ 2007-05-15 08:08:11 288,768 ------w c:\windows\ServicePackFiles\i386\pcl4res.dll
+ 2007-05-15 08:08:13 1,058,816 ------w c:\windows\ServicePackFiles\i386\pcl5eres.dll
+ 2007-05-15 08:08:14 1,057,280 ------w c:\windows\ServicePackFiles\i386\pcl5ures.dll
+ 2007-05-15 08:08:14 207,872 ------w c:\windows\ServicePackFiles\i386\pclxl.dll
+ 2008-04-13 18:36:43 120,192 ------w c:\windows\ServicePackFiles\i386\pcmcia.sys
+ 2004-08-03 12:06:18 169,984 ------w c:\windows\ServicePackFiles\i386\pcx500.sys
+ 2008-04-14 00:12:02 284,160 ------w c:\windows\ServicePackFiles\i386\pdh.dll
+ 2008-04-14 00:12:02 39,936 ------w c:\windows\ServicePackFiles\i386\perfctrs.dll
+ 2008-04-14 00:12:02 26,624 ------w c:\windows\ServicePackFiles\i386\perfdisk.dll
+ 2008-04-14 00:12:31 15,872 ------w c:\windows\ServicePackFiles\i386\perfmon.exe
+ 2008-04-14 00:12:02 17,920 ------w c:\windows\ServicePackFiles\i386\perfnet.dll
+ 2008-04-14 00:12:02 25,088 ------w c:\windows\ServicePackFiles\i386\perfos.dll
+ 2008-04-14 00:12:02 34,816 ------w c:\windows\ServicePackFiles\i386\perfproc.dll
+ 2008-04-13 18:44:29 27,904 ------w c:\windows\ServicePackFiles\i386\perm2.sys
+ 2008-04-14 00:10:34 211,584 ------w c:\windows\ServicePackFiles\i386\perm2dll.dll
+ 2008-04-13 18:44:30 28,032 ------w c:\windows\ServicePackFiles\i386\perm3.sys
+ 2008-04-14 00:10:34 259,328 ------w c:\windows\ServicePackFiles\i386\perm3dd.dll
+ 2008-04-14 00:12:02 176,128 ------w c:\windows\ServicePackFiles\i386\photowiz.dll
+ 2008-04-14 00:12:02 35,328 ------w c:\windows\ServicePackFiles\i386\pid.dll
+ 2008-04-13 18:35:22 24,064 ------w c:\windows\ServicePackFiles\i386\pidgen.dll
+ 2008-04-14 00:12:31 281,088 ------w c:\windows\ServicePackFiles\i386\pinball.exe
+ 2008-04-14 00:12:31 17,920 ------w c:\windows\ServicePackFiles\i386\ping.exe
+ 2008-04-14 00:12:02 15,360 ------w c:\windows\ServicePackFiles\i386\pjlmon.dll
+ 2008-04-14 00:12:02 44,544 ------w c:\windows\ServicePackFiles\i386\plotter.dll
+ 2008-04-14 00:12:02 52,736 ------w c:\windows\ServicePackFiles\i386\plotui.dll
+ 2008-04-14 00:12:02 412,160 ------w c:\windows\ServicePackFiles\i386\pmh.dll
+ 2008-04-14 00:12:02 39,424 ------w c:\windows\ServicePackFiles\i386\pngfilt.dll
+ 2008-04-14 00:12:02 58,880 ------w c:\windows\ServicePackFiles\i386\pnrpnsp.dll
+ 2008-04-14 00:12:02 105,472 ------w c:\windows\ServicePackFiles\i386\polstore.dll
+ 2008-04-13 19:19:41 146,048 ------w c:\windows\ServicePackFiles\i386\portcls.sys
+ 2008-04-14 00:12:31 49,152 ------w c:\windows\ServicePackFiles\i386\powercfg.exe
+ 2008-04-13 18:40:56 8,832 ------w c:\windows\ServicePackFiles\i386\powerfil.sys
+ 2008-04-14 00:12:03 17,408 ------w c:\windows\ServicePackFiles\i386\powrprof.dll
+ 2008-04-13 18:41:00 17,664 ------w c:\windows\ServicePackFiles\i386\ppa3.sys
+ 2008-04-14 00:12:03 560,640 ------w c:\windows\ServicePackFiles\i386\printui.dll
+ 2008-04-13 18:31:30 35,840 ------w c:\windows\ServicePackFiles\i386\processr.sys
+ 2008-04-14 00:12:03 27,648 ------w c:\windows\ServicePackFiles\i386\profmap.dll
+ 2008-04-14 00:12:31 109,568 ------w c:\windows\ServicePackFiles\i386\progman.exe
+ 2008-04-14 00:12:32 50,176 ------w c:\windows\ServicePackFiles\i386\proquota.exe
+ 2008-04-14 00:12:03 237,056 ------w c:\windows\ServicePackFiles\i386\provthrd.dll
+ 2008-04-14 00:12:32 9,216 ------w c:\windows\ServicePackFiles\i386\proxycfg.exe
+ 2008-04-14 00:12:03 728,576 ------w c:\windows\ServicePackFiles\i386\ps5ui.dll

acasey · Nov 13, 2008

part 6...

+ 2008-04-14 00:12:03 96,768 ------w c:\windows\ServicePackFiles\i386\psbase.dll
+ 2008-04-13 18:56:38 69,120 ------w c:\windows\ServicePackFiles\i386\psched.sys
+ 2008-04-14 00:12:03 543,232 ------w c:\windows\ServicePackFiles\i386\pscript5.dll
+ 2008-04-14 00:12:03 363,520 ------w c:\windows\ServicePackFiles\i386\psisdecd.dll
+ 2008-04-14 00:12:03 43,520 ------w c:\windows\ServicePackFiles\i386\pstorec.dll
+ 2008-04-14 00:12:03 34,304 ------w c:\windows\ServicePackFiles\i386\pstorsvc.dll
+ 2008-04-14 00:12:03 159,232 ------w c:\windows\ServicePackFiles\i386\ptpusd.dll
+ 2008-04-14 00:12:03 150,528 ------w c:\windows\ServicePackFiles\i386\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w c:\windows\ServicePackFiles\i386\qagentrt.dll
+ 2008-04-14 00:12:03 237,568 ------w c:\windows\ServicePackFiles\i386\qasf.dll
+ 2008-04-14 00:12:03 192,512 ------w c:\windows\ServicePackFiles\i386\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w c:\windows\ServicePackFiles\i386\qcliprov.dll
+ 2008-04-14 00:12:03 279,040 ------w c:\windows\ServicePackFiles\i386\qdv.dll
+ 2008-04-14 00:12:03 386,048 ------w c:\windows\ServicePackFiles\i386\qdvd.dll
+ 2008-04-14 00:12:03 562,176 ------w c:\windows\ServicePackFiles\i386\qedit.dll
+ 2008-04-13 17:21:32 733,696 ------w c:\windows\ServicePackFiles\i386\qedwipes.dll
+ 2008-04-13 18:40:52 6,016 ------w c:\windows\ServicePackFiles\i386\qic157.sys
+ 2008-04-14 00:12:03 409,088 ------w c:\windows\ServicePackFiles\i386\qmgr.dll
+ 2008-04-14 00:12:03 18,944 ------w c:\windows\ServicePackFiles\i386\qmgrprxy.dll
+ 2008-04-14 00:12:32 19,968 ------w c:\windows\ServicePackFiles\i386\qprocess.exe
+ 2008-04-14 00:12:03 1,288,192 ------w c:\windows\ServicePackFiles\i386\quartz.dll
+ 2008-04-14 00:12:03 1,435,648 ------w c:\windows\ServicePackFiles\i386\query.dll
+ 2008-04-14 00:12:03 76,800 ------w c:\windows\ServicePackFiles\i386\qutil.dll
+ 2008-04-14 00:12:03 43,520 ------w c:\windows\ServicePackFiles\i386\racpldlg.dll
+ 2008-04-13 18:41:23 20,736 ------w c:\windows\ServicePackFiles\i386\ramdisk.sys
+ 2008-04-14 00:12:03 7,680 ------w c:\windows\ServicePackFiles\i386\rasadhlp.dll
+ 2008-04-14 00:12:03 237,056 ------w c:\windows\ServicePackFiles\i386\rasapi32.dll
+ 2008-04-14 00:12:03 88,576 ------w c:\windows\ServicePackFiles\i386\rasauto.dll
+ 2008-04-14 00:12:03 79,872 ------w c:\windows\ServicePackFiles\i386\raschap.dll
+ 2008-04-14 00:12:03 658,432 ------w c:\windows\ServicePackFiles\i386\rasdlg.dll
+ 2008-04-13 19:19:43 51,328 ------w c:\windows\ServicePackFiles\i386\rasl2tp.sys
+ 2008-04-14 00:12:03 61,440 ------w c:\windows\ServicePackFiles\i386\rasman.dll
+ 2008-04-14 00:12:03 186,368 ------w c:\windows\ServicePackFiles\i386\rasmans.dll
+ 2008-04-14 00:12:32 56,832 ------w c:\windows\ServicePackFiles\i386\rasphone.exe
+ 2008-04-14 00:12:03 210,944 ------w c:\windows\ServicePackFiles\i386\rasppp.dll
+ 2008-04-13 18:57:32 41,472 ------w c:\windows\ServicePackFiles\i386\raspppoe.sys
+ 2008-04-13 19:19:48 48,384 ------w c:\windows\ServicePackFiles\i386\raspptp.sys
+ 2008-04-14 00:12:03 61,952 ------w c:\windows\ServicePackFiles\i386\rasqec.dll
+ 2008-04-14 00:12:03 16,384 ------w c:\windows\ServicePackFiles\i386\rassapi.dll
+ 2008-04-14 00:12:03 58,368 ------w c:\windows\ServicePackFiles\i386\rastapi.dll
+ 2008-04-14 00:12:03 150,016 ------w c:\windows\ServicePackFiles\i386\rastls.dll
+ 2008-04-14 00:12:03 102,400 ------w c:\windows\ServicePackFiles\i386\rcbdyctl.dll
+ 2008-04-14 00:12:32 35,840 ------w c:\windows\ServicePackFiles\i386\rcimlby.exe
+ 2008-04-14 00:12:32 21,504 ------w c:\windows\ServicePackFiles\i386\rcp.exe
+ 2008-04-13 19:28:39 175,744 ------w c:\windows\ServicePackFiles\i386\rdbss.sys
+ 2008-04-14 00:12:03 147,968 ------w c:\windows\ServicePackFiles\i386\rdchost.dll
+ 2008-04-14 00:12:32 62,976 ------w c:\windows\ServicePackFiles\i386\rdpclip.exe
+ 2008-04-14 00:13:22 92,424 ------w c:\windows\ServicePackFiles\i386\rdpdd.dll
+ 2008-04-13 18:32:51 196,224 ------w c:\windows\ServicePackFiles\i386\rdpdr.sys
+ 2008-04-14 00:12:04 19,968 ------w c:\windows\ServicePackFiles\i386\rdpsnd.dll
+ 2008-04-14 00:13:22 139,656 ------w c:\windows\ServicePackFiles\i386\rdpwd.sys
+ 2008-04-14 00:13:22 87,176 ------w c:\windows\ServicePackFiles\i386\rdpwsx.dll
+ 2008-04-14 00:12:32 13,824 ------w c:\windows\ServicePackFiles\i386\rdsaddin.exe
+ 2008-04-14 00:12:32 67,072 ------w c:\windows\ServicePackFiles\i386\rdshost.exe
+ 2004-08-03 12:41:40 13,776 ------w c:\windows\ServicePackFiles\i386\recagent.sys
+ 2008-04-13 18:40:27 57,600 ------w c:\windows\ServicePackFiles\i386\redbook.sys
+ 2004-08-04 12:00:00 3,338 ------w c:\windows\ServicePackFiles\i386\redir.exe
+ 2008-04-14 00:12:32 50,176 ------w c:\windows\ServicePackFiles\i386\reg.exe
+ 2008-04-14 00:12:04 49,664 ------w c:\windows\ServicePackFiles\i386\regapi.dll
+ 2008-04-14 00:12:32 146,432 ------w c:\windows\ServicePackFiles\i386\regedit.exe
+ 2008-04-14 00:12:04 59,904 ------w c:\windows\ServicePackFiles\i386\regsvc.dll
+ 2008-04-14 00:12:32 11,776 ------w c:\windows\ServicePackFiles\i386\regsvr32.exe
+ 2008-04-14 00:12:04 397,824 ------w c:\windows\ServicePackFiles\i386\regwizc.dll
+ 2008-04-14 00:12:04 60,416 ------w c:\windows\ServicePackFiles\i386\remotepg.dll
+ 2008-04-14 00:12:04 178,176 ------w c:\windows\ServicePackFiles\i386\repdrvfs.dll
+ 2008-04-14 00:12:04 58,880 ------w c:\windows\ServicePackFiles\i386\resutils.dll
+ 2008-04-14 00:12:33 13,824 ------w c:\windows\ServicePackFiles\i386\rexec.exe
+ 2008-04-13 18:46:32 59,136 ------w c:\windows\ServicePackFiles\i386\rfcomm.sys
+ 2008-04-14 00:12:04 290,304 ------w c:\windows\ServicePackFiles\i386\rhttpaa.dll
+ 2008-04-14 00:12:04 123,392 ------w c:\windows\ServicePackFiles\i386\riafres.dll
+ 2008-04-14 00:12:04 11,776 ------w c:\windows\ServicePackFiles\i386\riafui1.dll
+ 2008-04-14 00:12:04 11,776 ------w c:\windows\ServicePackFiles\i386\riafui2.dll
+ 2008-04-14 00:12:04 433,664 ------w c:\windows\ServicePackFiles\i386\riched20.dll
+ 2008-04-13 18:55:08 202,624 ------w c:\windows\ServicePackFiles\i386\rmcast.sys
+ 2008-04-13 18:56:49 30,592 ------w c:\windows\ServicePackFiles\i386\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ------w c:\windows\ServicePackFiles\i386\rndismpx.sys
+ 2008-04-13 18:40:14 79,104 ------w c:\windows\ServicePackFiles\i386\rocket.sys
+ 2008-04-14 00:12:04 584,704 ------w c:\windows\ServicePackFiles\i386\rpcrt4.dll
+ 2008-04-14 00:12:04 399,360 ------w c:\windows\ServicePackFiles\i386\rpcss.dll
+ 2008-04-14 00:12:04 61,440 ------w c:\windows\ServicePackFiles\i386\rrcm.dll
+ 2008-04-13 17:37:57 208,384 ------w c:\windows\ServicePackFiles\i386\rsaenh.dll
+ 2008-04-14 00:12:33 14,848 ------w c:\windows\ServicePackFiles\i386\rsh.exe
+ 2008-04-14 00:12:04 39,936 ------w c:\windows\ServicePackFiles\i386\rshx32.dll
+ 2008-04-14 00:12:04 18,944 ------w c:\windows\ServicePackFiles\i386\rsmps.dll
+ 2008-04-14 00:12:33 380,416 ------w c:\windows\ServicePackFiles\i386\rstrui.exe
+ 2008-04-14 00:12:04 92,672 ------w c:\windows\ServicePackFiles\i386\rsvpsp.dll
+ 2008-04-14 00:12:33 77,312 ------w c:\windows\ServicePackFiles\i386\rtcshare.exe
+ 2008-04-14 00:12:04 31,744 ------w c:\windows\ServicePackFiles\i386\rtipxmib.dll
+ 2004-08-03 12:31:34 20,992 ------w c:\windows\ServicePackFiles\i386\rtl8139.sys
+ 2008-04-14 00:12:04 44,032 ------w c:\windows\ServicePackFiles\i386\rtutils.dll
+ 2008-04-14 00:12:33 33,280 ------w c:\windows\ServicePackFiles\i386\rundll32.exe
+ 2008-04-14 00:12:33 14,336 ------w c:\windows\ServicePackFiles\i386\runonce.exe
+ 2008-04-14 00:12:04 27,648 ------w c:\windows\ServicePackFiles\i386\rw001ext.dll
+ 2008-04-14 00:12:04 29,184 ------w c:\windows\ServicePackFiles\i386\rw330ext.dll
+ 2008-04-14 00:12:04 27,648 ------w c:\windows\ServicePackFiles\i386\rw430ext.dll
+ 2008-04-14 00:12:04 29,696 ------w c:\windows\ServicePackFiles\i386\rw450ext.dll
+ 2008-04-14 00:12:04 397,056 ------w c:\windows\ServicePackFiles\i386\s3gnb.dll
+ 2004-08-03 12:29:52 166,912 ------w c:\windows\ServicePackFiles\i386\s3gnbm.sys
+ 2008-04-14 00:12:04 43,520 ------w c:\windows\ServicePackFiles\i386\safrcdlg.dll
+ 2008-04-14 00:12:04 29,696 ------w c:\windows\ServicePackFiles\i386\safrdm.dll
+ 2008-04-14 00:12:04 45,568 ------w c:\windows\ServicePackFiles\i386\safrslv.dll
+ 2008-04-14 00:12:04 64,000 ------w c:\windows\ServicePackFiles\i386\samlib.dll
+ 2008-04-14 00:12:04 415,744 ------w c:\windows\ServicePackFiles\i386\samsrv.dll
+ 2008-04-14 00:12:04 741,376 ------w c:\windows\ServicePackFiles\i386\sapi.dll
+ 2008-04-14 00:12:33 13,312 ------w c:\windows\ServicePackFiles\i386\savedump.exe
+ 2008-04-14 00:12:04 270,848 ------w c:\windows\ServicePackFiles\i386\sbe.dll
+ 2008-04-14 00:12:04 159,232 ------w c:\windows\ServicePackFiles\i386\sbeio.dll
+ 2008-04-13 18:40:48 43,904 ------w c:\windows\ServicePackFiles\i386\sbp2port.sys
+ 2008-04-14 00:12:04 69,632 ------w c:\windows\ServicePackFiles\i386\scarddlg.dll
+ 2008-04-14 00:12:33 95,744 ------w c:\windows\ServicePackFiles\i386\scardsvr.exe
+ 2004-08-04 12:00:00 169,984 ------w c:\windows\ServicePackFiles\i386\sccbase.dll
+ 2008-04-14 00:12:05 171,008 ------w c:\windows\ServicePackFiles\i386\sccsccp.dll
+ 2008-04-14 00:12:05 181,248 ------w c:\windows\ServicePackFiles\i386\scecli.dll
+ 2008-04-14 00:12:05 314,880 ------w c:\windows\ServicePackFiles\i386\scesrv.dll
+ 2008-04-14 00:12:05 144,384 ------w c:\windows\ServicePackFiles\i386\schannel.dll
+ 2008-04-14 00:12:05 192,512 ------w c:\windows\ServicePackFiles\i386\schedsvc.dll
+ 2008-04-14 00:12:05 20,480 ------w c:\windows\ServicePackFiles\i386\sclgntfy.dll
+ 2008-04-14 00:12:34 36,352 ------w c:\windows\ServicePackFiles\i386\scrcons.exe
+ 2008-04-14 00:12:05 215,552 ------w c:\windows\ServicePackFiles\i386\script.dll
+ 2008-04-14 00:12:05 199,680 ------w c:\windows\ServicePackFiles\i386\scripta.dll
+ 2008-04-14 00:12:43 9,216 ------w c:\windows\ServicePackFiles\i386\scrnsave.scr
+ 2008-04-14 00:12:05 180,224 ------w c:\windows\ServicePackFiles\i386\scrobj.dll
+ 2008-04-14 00:12:05 172,032 ------w c:\windows\ServicePackFiles\i386\scrrun.dll
+ 2008-04-13 18:40:30 96,384 ------w c:\windows\ServicePackFiles\i386\scsiport.sys
+ 2008-04-13 18:45:33 11,520 ------w c:\windows\ServicePackFiles\i386\scsiscan.sys
+ 2008-04-14 00:12:34 77,312 ------w c:\windows\ServicePackFiles\i386\sdbinst.exe
+ 2008-04-13 18:36:44 79,232 ------w c:\windows\ServicePackFiles\i386\sdbus.sys
+ 2008-04-14 00:12:05 29,184 ------w c:\windows\ServicePackFiles\i386\sdhcinst.dll
+ 2007-11-13 10:25:53 20,480 ------w c:\windows\ServicePackFiles\i386\secdrv.sys
+ 2008-04-14 00:12:05 18,944 ------w c:\windows\ServicePackFiles\i386\seclogon.dll
+ 2006-12-30 21:57:08 4,569 ------w c:\windows\ServicePackFiles\i386\secupd.dat
+ 2008-04-14 00:12:05 56,320 ------w c:\windows\ServicePackFiles\i386\secur32.dll
+ 2008-04-14 00:12:05 5,632 ------w c:\windows\ServicePackFiles\i386\security.dll
+ 2008-04-14 00:12:05 29,184 ------w c:\windows\ServicePackFiles\i386\sendcmsg.dll
+ 2008-04-14 00:12:05 54,784 ------w c:\windows\ServicePackFiles\i386\sendmail.dll
+ 2008-04-14 00:12:05 39,424 ------w c:\windows\ServicePackFiles\i386\sens.dll
+ 2008-04-14 00:12:05 7,168 ------w c:\windows\ServicePackFiles\i386\sensapi.dll
+ 2008-04-13 18:40:12 15,744 ------w c:\windows\ServicePackFiles\i386\serenum.sys
+ 2008-04-13 19:15:45 64,512 ------w c:\windows\ServicePackFiles\i386\serial.sys
+ 2008-04-14 00:12:05 56,320 ------w c:\windows\ServicePackFiles\i386\servdeps.dll
+ 2008-04-14 00:12:34 108,544 ------w c:\windows\ServicePackFiles\i386\services.exe
+ 2008-04-14 00:12:34 141,312 ------w c:\windows\ServicePackFiles\i386\sessmgr.exe
+ 2008-04-14 00:12:34 31,232 ------w c:\windows\ServicePackFiles\i386\sethc.exe
+ 2008-04-14 00:12:34 23,040 ------w c:\windows\ServicePackFiles\i386\setup.exe
+ 2008-04-14 00:12:34 73,216 ------w c:\windows\ServicePackFiles\i386\setup50.exe
+ 2008-04-13 19:42:06 985,088 ------w c:\windows\ServicePackFiles\i386\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w c:\windows\ServicePackFiles\i386\setupn.exe
+ 2008-04-14 00:12:05 101,376 ------w c:\windows\ServicePackFiles\i386\setupqry.dll
+ 2008-04-14 00:12:05 5,120 ------w c:\windows\ServicePackFiles\i386\sfc.dll
+ 2008-04-14 00:12:05 140,288 ------w c:\windows\ServicePackFiles\i386\sfc_os.dll
+ 2008-04-14 00:12:05 1,614,848 ------w c:\windows\ServicePackFiles\i386\sfcfiles.dll
+ 2008-04-13 18:40:47 11,904 ------w c:\windows\ServicePackFiles\i386\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ------w c:\windows\ServicePackFiles\i386\sffp_mmc.sys
+ 2008-04-13 18:40:47 11,008 ------w c:\windows\ServicePackFiles\i386\sffp_sd.sys
+ 2008-04-13 18:40:48 11,392 ------w c:\windows\ServicePackFiles\i386\sfloppy.sys
+ 2008-04-13 17:03:19 549,376 ------w c:\windows\ServicePackFiles\i386\shdoclc.dll
+ 2008-04-14 00:12:05 1,499,136 ------w c:\windows\ServicePackFiles\i386\shdocvw.dll
+ 2008-04-14 00:12:05 8,461,312 ------w c:\windows\ServicePackFiles\i386\shell32.dll
+ 2008-04-14 00:12:05 25,088 ------w c:\windows\ServicePackFiles\i386\shfolder.dll
+ 2008-04-14 00:12:05 68,096 ------w c:\windows\ServicePackFiles\i386\shgina.dll
+ 2008-04-14 00:12:05 65,024 ------w c:\windows\ServicePackFiles\i386\shimeng.dll
+ 2008-04-14 00:12:05 438,272 ------w c:\windows\ServicePackFiles\i386\shimgvw.dll
+ 2008-04-14 00:12:05 474,112 ------w c:\windows\ServicePackFiles\i386\shlwapi.dll
+ 2008-04-14 00:12:35 45,056 ------w c:\windows\ServicePackFiles\i386\shmgrate.exe
+ 2008-04-14 00:12:35 77,824 ------w c:\windows\ServicePackFiles\i386\shrpubw.exe
+ 2008-04-14 00:12:05 27,648 ------w c:\windows\ServicePackFiles\i386\shscrap.dll
+ 2008-04-14 00:12:05 135,168 ------w c:\windows\ServicePackFiles\i386\shsvcs.dll
+ 2008-04-14 00:12:05 20,536 ------w c:\windows\ServicePackFiles\i386\shtml.dll
+ 2008-04-14 00:12:35 16,437 ------w c:\windows\ServicePackFiles\i386\shtml.exe
+ 2008-04-14 00:12:35 19,456 ------w c:\windows\ServicePackFiles\i386\shutdown.exe
+ 2008-04-14 00:12:05 13,312 ------w c:\windows\ServicePackFiles\i386\sigtab.dll
+ 2008-04-14 00:12:35 70,144 ------w c:\windows\ServicePackFiles\i386\sigverif.exe
+ 2008-04-14 00:12:05 3,901 ------w c:\windows\ServicePackFiles\i386\siint5.dll
+ 2008-04-13 18:36:39 40,960 ------w c:\windows\ServicePackFiles\i386\sisagp.sys
+ 2004-08-03 12:31:36 32,768 ------w c:\windows\ServicePackFiles\i386\sisnic.sys
+ 2008-04-14 00:12:35 26,112 ------w c:\windows\ServicePackFiles\i386\skeys.exe
+ 2004-08-03 12:31:42 63,547 ------w c:\windows\ServicePackFiles\i386\sla30nd5.sys
+ 2008-04-14 00:12:06 25,088 ------w c:\windows\ServicePackFiles\i386\slayerxp.dll
+ 2004-08-04 12:00:00 306,176 ------w c:\windows\ServicePackFiles\i386\slbcsp.dll
+ 2008-04-14 00:12:06 98,304 ------w c:\windows\ServicePackFiles\i386\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w c:\windows\ServicePackFiles\i386\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w c:\windows\ServicePackFiles\i386\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w c:\windows\ServicePackFiles\i386\slgen.dll
+ 2008-04-13 18:46:23 11,136 ------w c:\windows\ServicePackFiles\i386\slip.sys
+ 2004-08-03 12:41:42 129,535 ------w c:\windows\ServicePackFiles\i386\slnt7554.sys
+ 2004-08-03 12:41:44 404,990 ------w c:\windows\ServicePackFiles\i386\slntamr.sys
+ 2004-08-03 12:41:46 95,424 ------w c:\windows\ServicePackFiles\i386\slnthal.sys
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\ServicePackFiles\i386\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w c:\windows\ServicePackFiles\i386\slserv.exe
+ 2004-08-03 12:41:46 13,240 ------w c:\windows\ServicePackFiles\i386\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ------w c:\windows\ServicePackFiles\i386\smbali.sys
+ 2008-04-13 18:36:33 16,000 ------w c:\windows\ServicePackFiles\i386\smbbatt.sys
+ 2008-04-13 18:36:33 6,912 ------w c:\windows\ServicePackFiles\i386\smbclass.sys
+ 2008-04-14 00:12:35 8,192 ------w c:\windows\ServicePackFiles\i386\smbinst.exe
+ 2008-04-14 00:12:35 236,544 ------w c:\windows\ServicePackFiles\i386\smi2smir.exe
+ 2008-04-14 00:12:06 362,496 ------w c:\windows\ServicePackFiles\i386\smlogcfg.dll
+ 2008-04-14 00:12:35 89,600 ------w c:\windows\ServicePackFiles\i386\smlogsvc.exe
+ 2008-04-14 00:12:36 50,688 ------w c:\windows\ServicePackFiles\i386\smss.exe
+ 2008-04-14 00:12:06 456,192 ------w c:\windows\ServicePackFiles\i386\smtpsvc.dll
+ 2008-04-14 00:12:36 131,584 ------w c:\windows\ServicePackFiles\i386\sndrec32.exe
+ 2008-04-14 00:12:06 34,816 ------w c:\windows\ServicePackFiles\i386\sniffpol.dll
+ 2008-04-14 00:12:36 33,280 ------w c:\windows\ServicePackFiles\i386\snmp.exe
+ 2008-04-14 00:12:06 18,944 ------w c:\windows\ServicePackFiles\i386\snmpapi.dll
+ 2008-04-14 00:12:06 259,072 ------w c:\windows\ServicePackFiles\i386\snmpcl.dll
+ 2008-04-14 00:12:06 358,400 ------w c:\windows\ServicePackFiles\i386\snmpincl.dll
+ 2008-04-14 00:12:06 6,144 ------w c:\windows\ServicePackFiles\i386\snmpmib.dll
+ 2008-04-14 00:12:06 188,416 ------w c:\windows\ServicePackFiles\i386\snmpsmir.dll
+ 2008-04-14 00:12:06 182,272 ------w c:\windows\ServicePackFiles\i386\snmpsnap.dll
+ 2008-04-14 00:12:06 39,936 ------w c:\windows\ServicePackFiles\i386\snmpthrd.dll
+ 2008-04-14 00:12:36 8,704 ------w c:\windows\ServicePackFiles\i386\snmptrap.exe
+ 2008-04-14 00:12:06 130,048 ------w c:\windows\ServicePackFiles\i386\softkbd.dll
+ 2008-04-13 18:40:52 7,552 ------w c:\windows\ServicePackFiles\i386\sonyait.sys
+ 2008-04-13 18:46:07 25,344 ------w c:\windows\ServicePackFiles\i386\sonydcam.sys
+ 2008-04-14 00:12:36 24,576 ------w c:\windows\ServicePackFiles\i386\sort.exe
+ 2008-04-14 00:12:36 7,680 ------w c:\windows\ServicePackFiles\i386\spdwnwxp.exe
+ 2008-04-13 16:43:18 62,976 ------w c:\windows\ServicePackFiles\i386\spgrmr.dll
+ 2008-04-14 00:12:36 538,624 ------w c:\windows\ServicePackFiles\i386\spider.exe
+ 2008-04-13 18:45:07 6,272 ------w c:\windows\ServicePackFiles\i386\splitter.sys
+ 2008-04-13 19:42:38 11,264 ------w c:\windows\ServicePackFiles\i386\spnpinst.exe
+ 2008-04-14 00:12:06 75,264 ------w c:\windows\ServicePackFiles\i386\spoolss.dll
+ 2008-04-14 00:12:36 57,856 ------w c:\windows\ServicePackFiles\i386\spoolsv.exe
+ 2008-04-13 18:35:28 192,512 ------w c:\windows\ServicePackFiles\i386\spra041b.dll
+ 2008-04-13 18:35:28 192,512 ------w c:\windows\ServicePackFiles\i386\spra0424.dll
+ 2008-04-13 18:38:37 757,248 ------w c:\windows\ServicePackFiles\i386\sprb041b.dll
+ 2008-04-13 18:38:36 732,160 ------w c:\windows\ServicePackFiles\i386\sprb0424.dll
+ 2008-04-13 18:40:04 577,536 ------w c:\windows\ServicePackFiles\i386\sprc041b.dll
+ 2008-04-13 18:40:05 576,512 ------w c:\windows\ServicePackFiles\i386\sprc0424.dll
+ 2008-04-14 00:12:06 250,368 ------w c:\windows\ServicePackFiles\i386\sptip.dll
+ 2008-04-14 00:12:36 20,992 ------w c:\windows\ServicePackFiles\i386\spupdwxp.exe
+ 2008-04-14 00:12:06 151,552 ------w c:\windows\ServicePackFiles\i386\sqldb20.dll
+ 2008-04-14 00:12:06 528,384 ------w c:\windows\ServicePackFiles\i386\sqloledb.dll
+ 2008-04-14 00:12:06 462,848 ------w c:\windows\ServicePackFiles\i386\sqlqp20.dll
+ 2008-04-14 00:12:06 110,592 ------w c:\windows\ServicePackFiles\i386\sqlse20.dll
+ 2008-04-14 00:12:06 442,368 ------w c:\windows\ServicePackFiles\i386\sqlsrv32.dll
+ 2008-04-14 00:12:06 180,800 ------w c:\windows\ServicePackFiles\i386\sqlunirl.dll
+ 2008-04-14 00:12:06 217,088 ------w c:\windows\ServicePackFiles\i386\sqlxmlx.dll
+ 2008-04-13 18:36:52 73,472 ------w c:\windows\ServicePackFiles\i386\sr.sys
+ 2008-04-14 00:12:06 58,434 ------w c:\windows\ServicePackFiles\i386\srchctls.dll
+ 2008-04-14 00:12:07 726,078 ------w c:\windows\ServicePackFiles\i386\srchui.dll
+ 2008-04-14 00:12:07 67,584 ------w c:\windows\ServicePackFiles\i386\srclient.dll
+ 2008-04-14 00:12:07 239,104 ------w c:\windows\ServicePackFiles\i386\srrstr.dll
+ 2008-04-14 00:12:07 171,008 ------w c:\windows\ServicePackFiles\i386\srsvc.dll
+ 2008-04-13 19:15:11 334,848 ------w c:\windows\ServicePackFiles\i386\srv.sys
+ 2008-04-14 00:12:07 96,768 ------w c:\windows\ServicePackFiles\i386\srvsvc.dll
+ 2008-04-14 00:12:43 704,512 ------w c:\windows\ServicePackFiles\i386\ss3dfo.scr
+ 2008-04-14 00:12:43 19,968 ------w c:\windows\ServicePackFiles\i386\ssbezier.scr
+ 2008-04-14 00:12:07 34,816 ------w c:\windows\ServicePackFiles\i386\ssdpapi.dll
+ 2008-04-14 00:12:07 71,680 ------w c:\windows\ServicePackFiles\i386\ssdpsrv.dll
+ 2008-04-14 00:12:43 393,216 ------w c:\windows\ServicePackFiles\i386\ssflwbox.scr
+ 2008-04-14 00:12:44 20,992 ------w c:\windows\ServicePackFiles\i386\ssmarque.scr
+ 2008-04-14 00:12:44 47,104 ------w c:\windows\ServicePackFiles\i386\ssmypics.scr
+ 2008-04-14 00:12:44 18,944 ------w c:\windows\ServicePackFiles\i386\ssmyst.scr
+ 2008-04-14 00:12:44 610,304 ------w c:\windows\ServicePackFiles\i386\sspipes.scr
+ 2008-04-14 00:12:44 14,336 ------w c:\windows\ServicePackFiles\i386\ssstars.scr
+ 2008-04-14 00:12:44 679,936 ------w c:\windows\ServicePackFiles\i386\sstext3d.scr
+ 2008-04-14 00:12:07 33,280 ------w c:\windows\ServicePackFiles\i386\sstub.dll
+ 2008-04-14 00:12:07 26,624 ------w c:\windows\ServicePackFiles\i386\startoc.dll
+ 2008-04-14 00:12:07 59,392 ------w c:\windows\ServicePackFiles\i386\stclient.dll
+ 2008-04-14 00:12:07 86,528 ------w c:\windows\ServicePackFiles\i386\stdprov.dll
+ 2008-04-14 00:12:07 68,096 ------w c:\windows\ServicePackFiles\i386\sti.dll
+ 2008-04-14 00:12:07 136,704 ------w c:\windows\ServicePackFiles\i386\sti_ci.dll
+ 2008-04-14 00:12:36 14,848 ------w c:\windows\ServicePackFiles\i386\stimon.exe
+ 2008-04-14 00:12:07 121,856 ------w c:\windows\ServicePackFiles\i386\stobject.dll
+ 2008-04-14 00:12:07 74,752 ------w c:\windows\ServicePackFiles\i386\storprop.dll
+ 2008-04-13 18:45:15 49,408 ------w c:\windows\ServicePackFiles\i386\stream.sys
+ 2008-04-13 18:46:21 15,232 ------w c:\windows\ServicePackFiles\i386\streamip.sys
+ 2008-04-14 00:12:07 75,776 ------w c:\windows\ServicePackFiles\i386\strmfilt.dll
+ 2008-04-14 00:12:36 16,449 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe
+ 2008-04-14 00:12:36 65,601 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe
+ 2008-04-14 00:12:36 14,336 ------w c:\windows\ServicePackFiles\i386\svchost.exe
+ 2008-04-13 18:39:53 4,352 ------w c:\windows\ServicePackFiles\i386\swenum.sys
+ 2008-04-13 18:45:09 56,576 ------w c:\windows\ServicePackFiles\i386\swmidi.sys
+ 2008-04-14 00:12:07 713,216 ------w c:\windows\ServicePackFiles\i386\sxs.dll
+ 2008-04-14 00:12:07 57,856 ------w c:\windows\ServicePackFiles\i386\synceng.dll
+ 2008-04-14 00:12:07 191,488 ------w c:\windows\ServicePackFiles\i386\syncui.dll
+ 2008-04-13 19:15:55 60,800 ------w c:\windows\ServicePackFiles\i386\sysaudio.sys
+ 2008-04-14 00:12:07 193,024 ------w c:\windows\ServicePackFiles\i386\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w c:\windows\ServicePackFiles\i386\sysmoda.dll
+ 2008-04-14 00:12:37 106,496 ------w c:\windows\ServicePackFiles\i386\sysocmgr.exe
+ 2008-04-14 00:12:07 990,208 ------w c:\windows\ServicePackFiles\i386\syssetup.dll
+ 2008-04-14 00:12:07 117,760 ------w c:\windows\ServicePackFiles\i386\t2embed.dll
+ 2008-04-13 18:40:50 14,976 ------w c:\windows\ServicePackFiles\i386\tape.sys
+ 2008-04-14 00:12:07 858,624 ------w c:\windows\ServicePackFiles\i386\tapi3.dll
+ 2008-04-14 00:12:07 181,760 ------w c:\windows\ServicePackFiles\i386\tapi32.dll
+ 2008-04-14 00:12:07 249,856 ------w c:\windows\ServicePackFiles\i386\tapisrv.dll
+ 2008-04-14 00:12:37 135,680 ------w c:\windows\ServicePackFiles\i386\taskmgr.exe
+ 2008-04-13 19:20:16 361,344 ------w c:\windows\ServicePackFiles\i386\tcpip.sys
+ 2008-04-13 19:00:02 225,664 ------w c:\windows\ServicePackFiles\i386\tcpip6.sys
+ 2008-04-14 00:12:07 14,848 ------w c:\windows\ServicePackFiles\i386\tcpmib.dll
+ 2008-04-14 00:12:07 45,568 ------w c:\windows\ServicePackFiles\i386\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ------w c:\windows\ServicePackFiles\i386\tcpmonui.dll
+ 2008-04-14 00:12:37 32,827 ------w c:\windows\ServicePackFiles\i386\tcptest.exe
+ 2007-04-02 16:36:07 16,384 ------w c:\windows\ServicePackFiles\i386\tcptsat.dll
+ 2008-04-13 19:00:05 19,072 ------w c:\windows\ServicePackFiles\i386\tdi.sys
+ 2008-04-14 00:13:20 12,040 ------w c:\windows\ServicePackFiles\i386\tdpipe.sys
+ 2008-04-14 00:13:21 21,896 ------w c:\windows\ServicePackFiles\i386\tdtcp.sys
+ 2008-04-14 00:12:37 75,776 ------w c:\windows\ServicePackFiles\i386\telnet.exe
+ 2008-04-14 00:13:20 40,840 ------w c:\windows\ServicePackFiles\i386\termdd.sys
+ 2008-04-14 00:12:07 358,400 ------w c:\windows\ServicePackFiles\i386\termmgr.dll
+ 2008-04-14 00:12:07 295,424 ------w c:\windows\ServicePackFiles\i386\termsrv.dll
+ 2008-04-13 18:40:50 149,376 ------w c:\windows\ServicePackFiles\i386\tffsport.sys
+ 2008-04-14 00:12:07 385,536 ------w c:\windows\ServicePackFiles\i386\themeui.dll
+ 2008-04-14 00:12:38 347,136 ------w c:\windows\ServicePackFiles\i386\tourstrt.exe
+ 2008-04-14 00:12:38 82,944 ------w c:\windows\ServicePackFiles\i386\tp4mon.exe
+ 2008-04-14 00:12:38 12,288 ------w c:\windows\ServicePackFiles\i386\tracert.exe
+ 2008-04-14 00:12:42 12,800 ------w c:\windows\ServicePackFiles\i386\tree.com
+ 2008-04-14 00:12:07 153,088 ------w c:\windows\ServicePackFiles\i386\triedit.dll
+ 2008-04-14 00:12:07 90,112 ------w c:\windows\ServicePackFiles\i386\trkwks.dll
+ 2008-01-18 15:13:09 2,247 ------w c:\windows\ServicePackFiles\i386\tscdsbl.bat
+ 2008-04-14 00:12:07 93,696 ------w c:\windows\ServicePackFiles\i386\tscfgwmi.dll
+ 2007-12-12 10:33:51 18,917 ------w c:\windows\ServicePackFiles\i386\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w c:\windows\ServicePackFiles\i386\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w c:\windows\ServicePackFiles\i386\tscupdc.dll
+ 2008-04-14 00:13:21 12,168 ------w c:\windows\ServicePackFiles\i386\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w c:\windows\ServicePackFiles\i386\tsgqec.dll
+ 2008-04-14 00:12:07 279,040 ------w c:\windows\ServicePackFiles\i386\tshoot.dll
+ 2008-04-14 00:12:07 130,048 ------w c:\windows\ServicePackFiles\i386\tsoc.dll
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\ServicePackFiles\i386\tspkg.dll
+ 2008-04-14 00:12:07 8,704 ------w c:\windows\ServicePackFiles\i386\tty.dll
+ 2007-04-02 15:31:00 39,936 ------w c:\windows\ServicePackFiles\i386\ttyres.dll
+ 2008-04-14 00:12:07 16,384 ------w c:\windows\ServicePackFiles\i386\ttyui.dll
+ 2008-04-13 18:56:01 12,288 ------w c:\windows\ServicePackFiles\i386\tunmp.sys
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\ServicePackFiles\i386\twain_32.dll
+ 2008-04-14 00:12:07 57,856 ------w c:\windows\ServicePackFiles\i386\twext.dll
+ 2008-04-14 00:12:07 101,376 ------w c:\windows\ServicePackFiles\i386\txflog.dll
+ 2008-04-14 00:12:38 60,416 ------w c:\windows\ServicePackFiles\i386\tzchange.exe
+ 2008-04-13 18:36:40 44,672 ------w c:\windows\ServicePackFiles\i386\uagp35.sys
+ 2008-04-13 18:32:36 66,048 ------w c:\windows\ServicePackFiles\i386\udfs.sys
+ 2008-04-14 00:12:07 26,624 ------w c:\windows\ServicePackFiles\i386\udhisapi.dll
+ 2008-04-14 00:12:07 275,456 ------w c:\windows\ServicePackFiles\i386\ulib.dll
+ 2008-04-14 00:12:07 35,840 ------w c:\windows\ServicePackFiles\i386\umandlg.dll
+ 2008-04-14 00:12:07 123,392 ------w c:\windows\ServicePackFiles\i386\umpnpmgr.dll
+ 2008-04-14 00:12:07 373,248 ------w c:\windows\ServicePackFiles\i386\unidrv.dll
+ 2008-04-14 00:12:07 744,448 ------w c:\windows\ServicePackFiles\i386\unidrvui.dll
+ 2008-04-14 00:12:07 74,240 ------w c:\windows\ServicePackFiles\i386\unimdmat.dll
+ 2008-04-14 00:12:07 13,824 ------w c:\windows\ServicePackFiles\i386\uniplat.dll
+ 2007-05-15 08:08:53 761,344 ------w c:\windows\ServicePackFiles\i386\unires.dll
+ 2008-04-14 00:12:07 316,416 ------w c:\windows\ServicePackFiles\i386\untfs.dll
+ 2008-04-13 18:39:46 384,768 ------w c:\windows\ServicePackFiles\i386\update.sys
+ 2008-04-14 00:12:38 150,528 ------w c:\windows\ServicePackFiles\i386\uploadm.exe
+ 2008-04-14 00:12:08 133,632 ------w c:\windows\ServicePackFiles\i386\upnp.dll
+ 2008-04-14 00:12:38 16,896 ------w c:\windows\ServicePackFiles\i386\upnpcont.exe
+ 2008-04-14 00:12:08 185,856 ------w c:\windows\ServicePackFiles\i386\upnphost.dll
+ 2008-04-14 00:12:08 239,616 ------w c:\windows\ServicePackFiles\i386\upnpui.dll
+ 2008-04-14 00:12:38 18,432 ------w c:\windows\ServicePackFiles\i386\ups.exe
+ 2008-04-14 00:12:08 37,888 ------w c:\windows\ServicePackFiles\i386\url.dll
+ 2008-04-14 00:12:08 619,520 ------w c:\windows\ServicePackFiles\i386\urlmon.dll
+ 2004-08-03 12:31:26 32,384 ------w c:\windows\ServicePackFiles\i386\usb101et.sys
+ 2008-04-13 18:56:49 12,800 ------w c:\windows\ServicePackFiles\i386\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w c:\windows\ServicePackFiles\i386\usb8023x.sys
+ 2008-04-13 18:45:12 60,032 ------w c:\windows\ServicePackFiles\i386\usbaudio.sys
+ 2008-04-13 18:45:40 25,600 ------w c:\windows\ServicePackFiles\i386\usbcamd.sys
+ 2008-04-13 18:45:41 25,728 ------w c:\windows\ServicePackFiles\i386\usbcamd2.sys
+ 2008-04-13 18:45:39 32,128 ------w c:\windows\ServicePackFiles\i386\usbccgp.sys
+ 2008-04-13 18:45:35 30,208 ------w c:\windows\ServicePackFiles\i386\usbehci.sys
+ 2008-04-13 18:45:37 59,520 ------w c:\windows\ServicePackFiles\i386\usbhub.sys
+ 2008-04-13 18:45:43 15,872 ------w c:\windows\ServicePackFiles\i386\usbintel.sys
+ 2008-04-14 00:12:08 16,896 ------w c:\windows\ServicePackFiles\i386\usbmon.dll
+ 2008-04-13 18:45:35 17,152 ------w c:\windows\ServicePackFiles\i386\usbohci.sys
+ 2008-04-13 18:45:36 143,872 ------w c:\windows\ServicePackFiles\i386\usbport.sys
+ 2008-04-13 18:47:37 25,856 ------w c:\windows\ServicePackFiles\i386\usbprint.sys
+ 2008-04-13 18:45:34 15,104 ------w c:\windows\ServicePackFiles\i386\usbscan.sys
+ 2008-04-13 18:45:36 26,112 ------w c:\windows\ServicePackFiles\i386\usbser.sys
+ 2008-04-13 18:45:38 26,368 ------w c:\windows\ServicePackFiles\i386\usbstor.sys
+ 2008-04-13 18:45:35 20,608 ------w c:\windows\ServicePackFiles\i386\usbuhci.sys
+ 2008-04-14 00:12:08 74,240 ------w c:\windows\ServicePackFiles\i386\usbui.dll
+ 2008-04-13 18:46:20 121,984 ------w c:\windows\ServicePackFiles\i386\usbvideo.sys
+ 2008-04-14 00:12:08 578,560 ------w c:\windows\ServicePackFiles\i386\user32.dll
+ 2008-04-14 00:12:08 727,040 ------w c:\windows\ServicePackFiles\i386\userenv.dll
+ 2008-04-14 00:12:38 26,112 ------w c:\windows\ServicePackFiles\i386\userinit.exe
+ 2008-04-14 00:12:08 406,016 ------w c:\windows\ServicePackFiles\i386\usp10.dll
+ 2008-04-14 00:12:38 50,176 ------w c:\windows\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 00:12:08 218,624 ------w c:\windows\ServicePackFiles\i386\uxtheme.dll
+ 2008-04-14 00:12:08 30,749 ------w c:\windows\ServicePackFiles\i386\vbajet32.dll
+ 2008-04-14 00:12:08 434,176 ------w c:\windows\ServicePackFiles\i386\vbscript.dll
+ 2008-04-14 00:12:08 11,325 ------w c:\windows\ServicePackFiles\i386\vchnt5.dll
+ 2008-04-14 00:12:08 26,112 ------w c:\windows\ServicePackFiles\i386\vdmdbg.dll
+ 2008-04-14 00:12:08 51,712 ------w c:\windows\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:38 28,672 ------w c:\windows\ServicePackFiles\i386\verclsid.exe
+ 2008-04-14 00:12:08 26,624 ------w c:\windows\ServicePackFiles\i386\verifier.dll
+ 2008-04-14 00:12:08 18,944 ------w c:\windows\ServicePackFiles\i386\version.dll
+ 2008-04-14 00:12:08 53,760 ------w c:\windows\ServicePackFiles\i386\vfwwdm32.dll
+ 2008-04-13 18:44:40 20,992 ------w c:\windows\ServicePackFiles\i386\vga.sys
+ 2008-04-14 00:12:08 851,968 ------w c:\windows\ServicePackFiles\i386\vgx.dll
+ 2008-04-13 18:36:40 42,240 ------w c:\windows\ServicePackFiles\i386\viaagp.sys
+ 2008-04-13 18:40:31 5,376 ------w c:\windows\ServicePackFiles\i386\viaide.sys
+ 2008-04-13 18:44:40 81,664 ------w c:\windows\ServicePackFiles\i386\videoprt.sys
+ 2008-04-14 00:12:08 131,584 ------w c:\windows\ServicePackFiles\i386\viewprov.dll
+ 2008-04-13 18:41:01 52,352 ------w c:\windows\ServicePackFiles\i386\volsnap.sys
+ 2008-04-14 00:12:08 430,592 ------w c:\windows\ServicePackFiles\i386\vssapi.dll
+ 2008-04-14 00:12:38 289,792 ------w c:\windows\ServicePackFiles\i386\vssvc.exe
+ 2008-04-14 00:12:08 175,104 ------w c:\windows\ServicePackFiles\i386\w32time.dll
+ 2008-04-14 00:12:08 15,872 ------w c:\windows\ServicePackFiles\i386\w3ssl.dll
+ 2008-04-14 00:12:08 483,840 ------w c:\windows\ServicePackFiles\i386\w95upgnt.dll
+ 2008-04-14 00:12:38 46,080 ------w c:\windows\ServicePackFiles\i386\wab.exe
+ 2008-04-14 00:12:08 510,976 ------w c:\windows\ServicePackFiles\i386\wab32.dll
+ 2008-04-13 16:21:48 249,856 ------w c:\windows\ServicePackFiles\i386\wab32res.dll
+ 2008-04-14 00:12:08 32,768 ------w c:\windows\ServicePackFiles\i386\wabfind.dll
+ 2008-04-14 00:12:08 85,504 ------w c:\windows\ServicePackFiles\i386\wabimp.dll
+ 2008-04-14 00:12:39 30,208 ------w c:\windows\ServicePackFiles\i386\wabmig.exe
+ 2008-04-13 18:43:55 14,208 ------w c:\windows\ServicePackFiles\i386\wacompen.sys
+ 2004-08-03 12:29:38 12,415 ------w c:\windows\ServicePackFiles\i386\wadv01nt.sys
+ 2004-08-03 12:29:38 12,127 ------w c:\windows\ServicePackFiles\i386\wadv02nt.sys
+ 2004-08-03 12:29:38 11,775 ------w c:\windows\ServicePackFiles\i386\wadv05nt.sys
+ 2004-08-03 12:29:40 11,807 ------w c:\windows\ServicePackFiles\i386\wadv07nt.sys
+ 2004-08-03 12:29:40 11,295 ------w c:\windows\ServicePackFiles\i386\wadv08nt.sys
+ 2004-08-03 12:29:42 11,871 ------w c:\windows\ServicePackFiles\i386\wadv09nt.sys
+ 2004-08-03 12:29:42 11,935 ------w c:\windows\ServicePackFiles\i386\wadv11nt.sys
+ 2008-04-13 18:57:21 34,560 ------w c:\windows\ServicePackFiles\i386\wanarp.sys
+ 2008-04-13 18:44:59 17,664 ------w c:\windows\ServicePackFiles\i386\watchdog.sys
+ 2004-08-03 12:29:42 29,311 ------w c:\windows\ServicePackFiles\i386\watv01nt.sys
+ 2004-08-03 12:29:44 19,551 ------w c:\windows\ServicePackFiles\i386\watv02nt.sys
+ 2004-08-03 12:29:44 33,599 ------w c:\windows\ServicePackFiles\i386\watv04nt.sys
+ 2004-08-03 12:29:46 22,271 ------w c:\windows\ServicePackFiles\i386\watv06nt.sys
+ 2004-08-03 12:29:46 25,471 ------w c:\windows\ServicePackFiles\i386\watv10nt.sys
+ 2008-04-14 00:12:08 215,552 ------w c:\windows\ServicePackFiles\i386\wavemsp.dll
+ 2008-04-14 00:12:08 196,608 ------w c:\windows\ServicePackFiles\i386\wbemcntl.dll
+ 2008-04-14 00:12:08 214,528 ------w c:\windows\ServicePackFiles\i386\wbemcomn.dll
+ 2008-04-14 00:12:08 71,680 ------w c:\windows\ServicePackFiles\i386\wbemcons.dll
+ 2008-04-14 00:12:08 531,456 ------w c:\windows\ServicePackFiles\i386\wbemcore.dll
+ 2008-04-14 00:12:08 178,176 ------w c:\windows\ServicePackFiles\i386\wbemdisp.dll
+ 2008-04-14 00:12:08 273,920 ------w c:\windows\ServicePackFiles\i386\wbemess.dll
+ 2008-04-14 00:12:08 43,008 ------w c:\windows\ServicePackFiles\i386\wbemperf.dll
+ 2008-04-14 00:12:08 18,944 ------w c:\windows\ServicePackFiles\i386\wbemprox.dll
+ 2008-04-14 00:12:08 43,520 ------w c:\windows\ServicePackFiles\i386\wbemsvc.dll
+ 2008-04-14 00:12:39 116,224 ------w c:\windows\ServicePackFiles\i386\wbemtest.exe
+ 2008-04-14 00:12:08 197,120 ------w c:\windows\ServicePackFiles\i386\wbemupgd.dll
+ 2008-04-13 18:45:38 31,744 ------w c:\windows\ServicePackFiles\i386\wceusbsh.sys
+ 2004-08-03 12:29:46 23,615 ------w c:\windows\ServicePackFiles\i386\wch7xxnt.sys
+ 2008-04-14 00:12:08 49,152 ------w c:\windows\ServicePackFiles\i386\wdigest.dll
+ 2008-04-14 00:12:45 23,552 ------w c:\windows\ServicePackFiles\i386\wdmaud.drv
+ 2008-04-13 19:17:18 83,072 ------w c:\windows\ServicePackFiles\i386\wdmaud.sys
+ 2008-04-14 00:12:08 276,480 ------w c:\windows\ServicePackFiles\i386\webcheck.dll
+ 2008-04-14 00:12:08 68,096 ------w c:\windows\ServicePackFiles\i386\webclnt.dll
+ 2008-04-14 00:12:08 135,680 ------w c:\windows\ServicePackFiles\i386\webvw.dll
+ 2008-04-14 00:12:39 65,024 ------w c:\windows\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 00:12:39 433,664 ------w c:\windows\ServicePackFiles\i386\wiaacmgr.exe
+ 2008-04-14 00:12:08 463,360 ------w c:\windows\ServicePackFiles\i386\wiadefui.dll
+ 2008-04-14 00:12:08 124,416 ------w c:\windows\ServicePackFiles\i386\wiadss.dll
+ 2008-04-14 00:12:08 75,776 ------w c:\windows\ServicePackFiles\i386\wiascr.dll
+ 2008-04-14 00:12:08 333,824 ------w c:\windows\ServicePackFiles\i386\wiaservc.dll
+ 2008-04-14 00:12:08 589,312 ------w c:\windows\ServicePackFiles\i386\wiashext.dll
+ 2008-04-14 00:12:08 111,104 ------w c:\windows\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 712,704 ------w c:\windows\ServicePackFiles\i386\wic.dll
+ 2008-04-14 00:12:08 346,112 ------w c:\windows\ServicePackFiles\i386\wicext.dll
+ 2008-04-13 19:30:10 1,845,632 ------w c:\windows\ServicePackFiles\i386\win32k.sys
+ 2008-04-14 00:12:08 102,400 ------w c:\windows\ServicePackFiles\i386\win32spl.dll
+ 2008-04-13 16:48:53 1,647,616 ------w c:\windows\ServicePackFiles\i386\winbrand.dll
+ 2008-04-14 00:12:39 283,648 ------w c:\windows\ServicePackFiles\i386\winhlp32.exe
+ 2008-04-14 00:12:08 354,304 ------w c:\windows\ServicePackFiles\i386\winhttp.dll
+ 2008-04-14 00:12:08 666,112 ------w c:\windows\ServicePackFiles\i386\wininet.dll
+ 2008-04-14 00:12:09 32,256 ------w c:\windows\ServicePackFiles\i386\winipsec.dll
+ 2008-04-14 00:12:39 507,904 ------w c:\windows\ServicePackFiles\i386\winlogon.exe
+ 2008-04-14 00:12:09 176,128 ------w c:\windows\ServicePackFiles\i386\winmm.dll
+ 2004-08-04 12:00:00 5,120 ------w c:\windows\ServicePackFiles\i386\winnls.dll
+ 2008-04-14 00:11:11 756,224 ------w c:\windows\ServicePackFiles\i386\winntbbu.dll
+ 2008-04-14 00:12:09 16,896 ------w c:\windows\ServicePackFiles\i386\winrnr.dll
+ 2008-04-14 00:12:09 99,328 ------w c:\windows\ServicePackFiles\i386\winscard.dll
+ 2008-04-14 00:12:09 17,408 ------w c:\windows\ServicePackFiles\i386\winshfhc.dll
+ 2008-04-14 00:12:45 146,432 ------w c:\windows\ServicePackFiles\i386\winspool.drv
+ 2008-04-14 00:12:09 293,376 ------w c:\windows\ServicePackFiles\i386\winsrv.dll
+ 2008-04-14 00:12:09 53,760 ------w c:\windows\ServicePackFiles\i386\winsta.dll
+ 2008-04-14 00:12:09 176,640 ------w c:\windows\ServicePackFiles\i386\wintrust.dll
+ 2008-04-14 00:12:40 5,632 ------w c:\windows\ServicePackFiles\i386\winver.exe
+ 2008-04-14 00:12:09 132,096 ------w c:\windows\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w c:\windows\ServicePackFiles\i386\wlanapi.dll
+ 2008-04-14 00:12:09 172,032 ------w c:\windows\ServicePackFiles\i386\wldap32.dll
+ 2004-08-03 12:31:28 154,624 ------w c:\windows\ServicePackFiles\i386\wlluc48.sys
+ 2008-04-14 00:12:09 92,672 ------w c:\windows\ServicePackFiles\i386\wlnotify.dll
+ 2008-04-14 00:11:15 5,632 ------w c:\windows\ServicePackFiles\i386\wmi.dll
+ 2008-04-13 18:36:38 8,832 ------w c:\windows\ServicePackFiles\i386\wmiacpi.sys
+ 2008-04-14 00:12:40 196,608 ------w c:\windows\ServicePackFiles\i386\wmiadap.exe
+ 2008-04-13 17:10:20 6,656 ------w c:\windows\ServicePackFiles\i386\wmiapres.dll
+ 2008-04-14 00:12:09 88,576 ------w c:\windows\ServicePackFiles\i386\wmiaprpl.dll
+ 2008-04-14 00:12:40 126,464 ------w c:\windows\ServicePackFiles\i386\wmiapsrv.exe
+ 2008-04-14 00:12:09 60,928 ------w c:\windows\ServicePackFiles\i386\wmicookr.dll
+ 2008-04-14 00:12:09 140,800 ------w c:\windows\ServicePackFiles\i386\wmidcprv.dll
+ 2008-04-14 00:12:09 156,672 ------w c:\windows\ServicePackFiles\i386\wmipcima.dll
+ 2008-04-14 00:12:09 132,096 ------w c:\windows\ServicePackFiles\i386\wmipdskq.dll
+ 2008-04-14 00:12:09 61,952 ------w c:\windows\ServicePackFiles\i386\wmipiprt.dll
+ 2008-04-14 00:12:09 62,464 ------w c:\windows\ServicePackFiles\i386\wmipjobj.dll
+ 2008-04-14 00:12:09 144,896 ------w c:\windows\ServicePackFiles\i386\wmiprov.dll
+ 2008-04-14 00:12:09 437,248 ------w c:\windows\ServicePackFiles\i386\wmiprvsd.dll
+ 2008-04-14 00:12:40 218,112 ------w c:\windows\ServicePackFiles\i386\wmiprvse.exe
+ 2008-04-14 00:12:09 41,472 ------w c:\windows\ServicePackFiles\i386\wmipsess.dll
+ 2008-04-14 00:12:09 144,896 ------w c:\windows\ServicePackFiles\i386\wmisvc.dll
+ 2008-04-14 00:12:09 95,232 ------w c:\windows\ServicePackFiles\i386\wmiutils.dll
+ 2008-04-14 00:12:09 167,936 ------w c:\windows\ServicePackFiles\i386\wmm2ae.dll
+ 2008-04-14 00:12:09 4,096 ------w c:\windows\ServicePackFiles\i386\wmm2eres.dll
+ 2008-04-14 00:12:09 7,680 ------w c:\windows\ServicePackFiles\i386\wmm2ext.dll
+ 2008-04-14 00:12:09 402,432 ------w c:\windows\ServicePackFiles\i386\wmm2filt.dll
+ 2008-04-14 00:12:09 502,272 ------w c:\windows\ServicePackFiles\i386\wmm2fxa.dll
+ 2008-04-14 00:12:09 325,632 ------w c:\windows\ServicePackFiles\i386\wmm2fxb.dll
+ 2008-04-14 00:12:09 4,256,768 ------w c:\windows\ServicePackFiles\i386\wmm2res.dll
+ 2008-04-14 00:12:09 5,632 ------w c:\windows\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 276,992 ------w c:\windows\ServicePackFiles\i386\wmphoto.dll
+ 2008-04-14 00:12:40 214,528 ------w c:\windows\ServicePackFiles\i386\wordpad.exe
+ 2008-04-14 00:12:10 264,192 ------w c:\windows\ServicePackFiles\i386\wow32.dll
+ 2008-04-14 00:12:40 32,256 ------w c:\windows\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 00:12:41 11,264 ------w c:\windows\ServicePackFiles\i386\wpnpinst.exe
+ 2008-04-14 00:12:10 82,432 ------w c:\windows\ServicePackFiles\i386\ws2_32.dll
+ 2008-04-14 00:12:10 19,968 ------w c:\windows\ServicePackFiles\i386\ws2help.dll
+ 2008-04-14 00:12:41 13,824 ------w c:\windows\ServicePackFiles\i386\wscntfy.exe
+ 2008-04-14 00:12:41 155,648 ------w c:\windows\ServicePackFiles\i386\wscript.exe
+ 2008-04-14 00:12:10 80,896 ------w c:\windows\ServicePackFiles\i386\wscsvc.dll
+ 2008-04-14 00:12:10 108,032 ------w c:\windows\ServicePackFiles\i386\wshbth.dll
+ 2008-04-14 00:12:10 36,864 ------w c:\windows\ServicePackFiles\i386\wshcon.dll
+ 2008-04-14 00:12:10 90,112 ------w c:\windows\ServicePackFiles\i386\wshext.dll
+ 2008-04-14 00:12:10 14,336 ------w c:\windows\ServicePackFiles\i386\wship6.dll
+ 2008-04-14 00:12:10 8,192 ------w c:\windows\ServicePackFiles\i386\wshirda.dll
+ 2008-04-14 00:12:10 11,264 ------w c:\windows\ServicePackFiles\i386\wshrm.dll
+ 2008-04-14 00:12:10 19,456 ------w c:\windows\ServicePackFiles\i386\wshtcpip.dll
+ 2004-08-03 12:29:48 12,063 ------w c:\windows\ServicePackFiles\i386\wsiintxx.sys
+ 2008-04-14 00:12:10 41,984 ------w c:\windows\ServicePackFiles\i386\wsnmp32.dll
+ 2008-04-14 00:12:10 22,528 ------w c:\windows\ServicePackFiles\i386\wsock32.dll
+ 2008-04-13 18:46:24 19,200 ------w c:\windows\ServicePackFiles\i386\wstcodec.sys
+ 2008-04-14 00:12:10 50,688 ------w c:\windows\ServicePackFiles\i386\wstdecod.dll
+ 2008-04-14 00:12:10 18,432 ------w c:\windows\ServicePackFiles\i386\wtsapi32.dll
+ 2008-04-14 00:12:10 430,592 ------w c:\windows\ServicePackFiles\i386\wuapi.dll
+ 2008-04-14 00:12:41 111,104 ------w c:\windows\ServicePackFiles\i386\wuauclt.exe
+ 2008-04-14 00:12:41 165,888 ------w c:\windows\ServicePackFiles\i386\wuauclt1.exe
+ 2008-04-14 00:12:11 1,135,616 ------w c:\windows\ServicePackFiles\i386\wuaueng.dll
+ 2008-04-14 00:12:11 183,296 ------w c:\windows\ServicePackFiles\i386\wuaueng1.dll
+ 2008-04-14 00:12:11 6,656 ------w c:\windows\ServicePackFiles\i386\wuauserv.dll
+ 2008-04-14 00:12:11 112,640 ------w c:\windows\ServicePackFiles\i386\wucltui.dll
+ 2008-04-14 00:12:11 32,256 ------w c:\windows\ServicePackFiles\i386\wups.dll
+ 2008-04-14 00:12:11 120,320 ------w c:\windows\ServicePackFiles\i386\wuweb.dll
+ 2004-08-03 12:29:50 19,455 ------w c:\windows\ServicePackFiles\i386\wvchntxx.sys
+ 2008-04-14 00:12:11 383,488 ------w c:\windows\ServicePackFiles\i386\wzcdlg.dll
+ 2008-04-14 00:12:11 52,736 ------w c:\windows\ServicePackFiles\i386\wzcsapi.dll
+ 2008-04-14 00:12:11 483,840 ------w c:\windows\ServicePackFiles\i386\wzcsvc.dll
+ 2008-04-14 00:12:11 91,648 ------w c:\windows\ServicePackFiles\i386\xactsrv.dll
+ 2008-04-14 00:12:41 30,720 ------w c:\windows\ServicePackFiles\i386\xcopy.exe
+ 2004-08-04 12:00:00 174,200 ------w c:\windows\ServicePackFiles\i386\xenroll.dll
+ 2008-04-14 00:12:11 121,856 ------w c:\windows\ServicePackFiles\i386\xmllite.dll
+ 2008-04-14 00:12:11 129,024 ------w c:\windows\ServicePackFiles\i386\xmlprov.dll
+ 2008-04-14 00:12:11 50,176 ------w c:\windows\ServicePackFiles\i386\xmlprovi.dll
+ 2008-04-14 00:12:11 11,776 ------w c:\windows\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-13 18:53:32 558,080 ------w c:\windows\ServicePackFiles\i386\xpnetdg.exe
+ 2008-04-13 17:39:29 438,784 ------w c:\windows\ServicePackFiles\i386\xpob2res.dll
+ 2008-04-13 17:39:22 187,392 ------w c:\windows\ServicePackFiles\i386\xpsp1res.dll
+ 2008-04-13 17:39:24 2,897,920 ------w c:\windows\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:26 689,152 ------w c:\windows\ServicePackFiles\i386\xpsp3res.dll
+ 2008-04-14 00:12:11 18,944 ------w c:\windows\ServicePackFiles\i386\xrxscnui.dll
+ 2008-04-14 00:12:11 116,224 ------w c:\windows\ServicePackFiles\i386\xrxwiadr.dll
+ 2008-04-14 00:12:11 338,432 ------w c:\windows\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\custsat.dll
+ 2008-04-14 00:11:59 82,944 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msgslang.dll
+ 2008-04-14 00:12:28 1,695,232 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
+ 2001-07-14 07:32:24 69,632 ----a-w c:\windows\setupupd\temp\wsdueng.dll
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\slrundll.exe
- 2004-08-04 12:00:00 3,166,208 ----a-w c:\windows\srchasst\msgr3en.dll
+ 2008-04-14 00:11:59 3,166,208 ----a-w c:\windows\srchasst\msgr3en.dll
- 2004-08-04 12:00:00 58,434 ----a-w c:\windows\srchasst\srchctls.dll
+ 2008-04-14 00:12:06 58,434 ----a-w c:\windows\srchasst\srchctls.dll
- 2004-08-04 12:00:00 725,566 ----a-w c:\windows\srchasst\srchui.dll
+ 2008-04-14 00:12:07 726,078 ----a-w c:\windows\srchasst\srchui.dll
- 2000-08-30 22:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-30 21:00:00 161,792 ----a-w c:\windows\swreg.exe
- 2004-08-04 12:00:00 146,432 -c--a-w c:\windows\system\WINSPOOL.DRV
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system\winspool.drv
- 2006-08-16 11:58:05 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2008-04-14 00:11:48 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ----a-w c:\windows\system32\aaclient.dll
- 2004-08-04 12:00:00 183,808 ----a-w c:\windows\system32\accwiz.exe
+ 2008-04-14 00:12:11 184,320 ----a-w c:\windows\system32\accwiz.exe
- 2004-08-04 12:00:00 114,688 ----a-w c:\windows\system32\aclui.dll
+ 2008-04-14 00:11:48 115,712 ----a-w c:\windows\system32\aclui.dll
- 2004-08-04 12:00:00 194,048 ----a-w c:\windows\system32\activeds.dll
+ 2008-04-14 00:11:48 193,536 ----a-w c:\windows\system32\activeds.dll
- 2004-08-04 12:00:00 4,096 -c--a-w c:\windows\system32\actmovie.exe
+ 2008-04-14 00:12:12 4,096 ----a-w c:\windows\system32\actmovie.exe
- 2004-08-04 12:00:00 101,888 ----a-w c:\windows\system32\actxprxy.dll
+ 2008-04-14 00:11:48 98,304 ----a-w c:\windows\system32\actxprxy.dll
- 2004-08-04 12:00:00 175,616 ----a-w c:\windows\system32\adsldp.dll
+ 2008-04-14 00:11:48 175,616 ----a-w c:\windows\system32\adsldp.dll
- 2004-08-04 12:00:00 143,360 ----a-w c:\windows\system32\adsldpc.dll
+ 2008-04-14 00:11:48 143,360 ----a-w c:\windows\system32\adsldpc.dll
- 2004-08-04 12:00:00 68,096 ----a-w c:\windows\system32\adsmsext.dll
+ 2008-04-14 00:11:48 68,096 ----a-w c:\windows\system32\adsmsext.dll
- 2004-08-04 12:00:00 263,680 ----a-w c:\windows\system32\adsnt.dll
+ 2008-04-14 00:11:48 263,680 ----a-w c:\windows\system32\adsnt.dll
- 2004-08-04 12:00:00 616,960 ----a-w c:\windows\system32\advapi32.dll
+ 2008-04-14 00:11:48 617,472 ----a-w c:\windows\system32\advapi32.dll
- 2008-04-23 04:16:28 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll
- 2004-08-04 12:00:00 98,304 -c--a-w c:\windows\system32\ahui.exe
+ 2008-04-14 00:12:12 98,304 ----a-w c:\windows\system32\ahui.exe
- 2004-08-04 12:00:00 44,544 ----a-w c:\windows\system32\alg.exe
+ 2008-04-14 00:12:12 44,544 ----a-w c:\windows\system32\alg.exe
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\alrsvc.dll
+ 2008-04-14 00:11:49 17,408 ----a-w c:\windows\system32\alrsvc.dll
- 2004-08-04 12:00:00 70,656 ----a-w c:\windows\system32\amstream.dll
+ 2008-04-14 00:11:49 70,656 ----a-w c:\windows\system32\amstream.dll
- 2004-08-04 12:00:00 126,976 ----a-w c:\windows\system32\apphelp.dll
+ 2008-04-14 00:11:49 125,952 ----a-w c:\windows\system32\apphelp.dll
- 2004-08-04 12:00:00 65,024 ----a-w c:\windows\system32\asycfilt.dll
+ 2008-04-14 00:11:49 65,024 ----a-w c:\windows\system32\asycfilt.dll
- 2004-08-04 12:00:00 25,088 -c--a-w c:\windows\system32\at.exe
+ 2008-04-14 00:12:12 25,088 ----a-w c:\windows\system32\at.exe
+ 2008-04-14 00:11:49 229,376 ----a-w c:\windows\system32\ati2cqag.dll
+ 2008-04-14 00:11:49 377,984 ----a-w c:\windows\system32\ati2dvaa.dll
+ 2008-04-14 00:11:49 201,728 ----a-w c:\windows\system32\ati2dvag.dll
+ 2008-04-14 00:11:49 870,784 ----a-w c:\windows\system32\ati3d1ag.dll
+ 2008-04-14 00:11:50 1,888,992 ----a-w c:\windows\system32\ati3duag.dll
+ 2008-04-14 00:11:50 32,768 ----a-w c:\windows\system32\ativtmxx.dll
+ 2008-04-14 00:11:50 516,768 ----a-w c:\windows\system32\ativvaxx.dll
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\atl.dll
+ 2008-04-14 00:11:50 58,880 ----a-w c:\windows\system32\atl.dll
- 2004-08-04 12:00:00 11,264 -c--a-w c:\windows\system32\atmadm.exe
+ 2008-04-14 00:12:12 11,264 ----a-w c:\windows\system32\atmadm.exe
- 2004-08-04 12:00:00 285,696 ----a-w c:\windows\system32\atmfd.dll
+ 2008-04-14 00:09:01 285,696 ----a-w c:\windows\system32\atmfd.dll
- 2004-08-04 12:00:00 30,208 ----a-w c:\windows\system32\atmlib.dll
+ 2008-04-14 00:11:50 30,208 ----a-w c:\windows\system32\atmlib.dll
- 2004-08-04 12:00:00 11,264 -c--a-w c:\windows\system32\attrib.exe
+ 2008-04-14 00:12:12 12,288 ----a-w c:\windows\system32\attrib.exe
- 2004-08-04 12:00:00 42,496 ----a-w c:\windows\system32\audiosrv.dll
+ 2008-04-14 00:11:50 42,496 ----a-w c:\windows\system32\audiosrv.dll
- 2004-08-04 12:00:00 14,336 -c--a-w c:\windows\system32\auditusr.exe
+ 2008-04-14 00:12:12 14,336 ----a-w c:\windows\system32\auditusr.exe
- 2005-03-02 18:09:29 56,832 ----a-w c:\windows\system32\authz.dll
+ 2008-04-14 00:11:50 62,464 ----a-w c:\windows\system32\authz.dll
- 2004-08-04 12:00:00 588,800 ----a-w c:\windows\system32\autochk.exe
+ 2008-04-14 00:12:12 588,800 ----a-w c:\windows\system32\autochk.exe
- 2004-08-04 12:00:00 602,624 -c--a-w c:\windows\system32\autoconv.exe
+ 2008-04-14 00:12:12 602,624 ----a-w c:\windows\system32\autoconv.exe
- 2004-08-04 12:00:00 580,608 -c--a-w c:\windows\system32\autofmt.exe
+ 2008-04-14 00:12:13 580,608 ----a-w c:\windows\system32\autofmt.exe
- 2004-08-04 12:00:00 11,264 -c--a-w c:\windows\system32\autolfn.exe
+ 2008-04-14 00:12:13 11,264 ----a-w c:\windows\system32\autolfn.exe
- 2004-08-04 12:00:00 84,992 ----a-w c:\windows\system32\avifil32.dll
+ 2008-04-14 00:11:50 84,992 ----a-w c:\windows\system32\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ----a-w c:\windows\system32\azroles.dll
- 2004-08-04 12:00:00 52,736 ----a-w c:\windows\system32\basesrv.dll
+ 2008-04-14 00:11:50 52,736 ----a-w c:\windows\system32\basesrv.dll
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\batmeter.dll
+ 2008-04-14 00:11:50 29,184 ----a-w c:\windows\system32\batmeter.dll
- 2004-08-04 12:00:00 8,704 -c--a-w c:\windows\system32\batt.dll
+ 2008-04-14 00:11:50 8,704 ----a-w c:\windows\system32\batt.dll
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\bidispl.dll
+ 2008-04-14 00:11:50 17,408 ----a-w c:\windows\system32\bidispl.dll
+ 2008-04-14 00:12:03 409,088 ----a-w c:\windows\system32\bits\qmgr.dll
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\bitsprx2.dll
+ 2008-04-14 00:11:50 8,192 ----a-w c:\windows\system32\bitsprx2.dll
- 2004-08-04 12:00:00 7,168 ----a-w c:\windows\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ----a-w c:\windows\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ----a-w c:\windows\system32\bitsprx4.dll
- 2004-08-04 12:00:00 71,680 -c--a-w c:\windows\system32\blastcln.exe
+ 2008-04-14 00:12:13 71,680 ----a-w c:\windows\system32\blastcln.exe
- 2004-08-04 12:00:00 63,488 ----a-w c:\windows\system32\browselc.dll
+ 2008-04-13 17:03:24 63,488 ----a-w c:\windows\system32\browselc.dll
- 2004-08-04 12:00:00 77,312 ----a-w c:\windows\system32\browser.dll
+ 2008-04-14 00:11:50 77,824 ----a-w c:\windows\system32\browser.dll
- 2006-09-23 03:12:50 1,022,976 ----a-w c:\windows\system32\browseui.dll
+ 2008-04-14 00:11:50 1,025,024 ----a-w c:\windows\system32\browseui.dll
- 2004-08-04 12:00:00 78,336 ----a-w c:\windows\system32\browsewm.dll
+ 2008-04-14 00:11:50 78,336 ----a-w c:\windows\system32\browsewm.dll
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\system32\bthci.dll
+ 2008-04-14 00:11:50 20,992 ----a-w c:\windows\system32\bthci.dll
- 2004-08-04 12:00:00 30,208 -c--a-w c:\windows\system32\bthserv.dll
+ 2008-04-14 00:11:50 30,208 ----a-w c:\windows\system32\bthserv.dll
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\btpanui.dll
+ 2008-04-14 00:11:50 50,688 ----a-w c:\windows\system32\btpanui.dll
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\cabinet.dll
+ 2008-04-14 00:11:50 60,416 ----a-w c:\windows\system32\cabinet.dll
- 2004-08-04 12:00:00 84,480 ----a-w c:\windows\system32\cabview.dll
+ 2008-04-14 00:11:50 84,480 ----a-w c:\windows\system32\cabview.dll
- 2004-08-04 12:00:00 18,432 -c--a-w c:\windows\system32\cacls.exe
+ 2008-04-14 00:12:13 19,968 ----a-w c:\windows\system32\cacls.exe
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\camocx.dll
+ 2008-04-14 00:11:50 50,688 ----a-w c:\windows\system32\camocx.dll
- 2004-08-04 12:00:00 142,848 ----a-w c:\windows\system32\capesnpn.dll
+ 2008-04-14 00:11:50 150,016 ----a-w c:\windows\system32\capesnpn.dll
- 2005-07-26 04:39:42 225,792 ----a-w c:\windows\system32\catsrv.dll
+ 2008-04-14 00:11:50 226,304 ----a-w c:\windows\system32\catsrv.dll
- 2004-08-04 12:00:00 85,504 ----a-w c:\windows\system32\catsrvps.dll
+ 2008-04-14 00:11:50 85,504 ----a-w c:\windows\system32\catsrvps.dll
- 2005-07-26 04:39:43 625,152 ----a-w c:\windows\system32\catsrvut.dll
+ 2008-04-14 00:11:50 625,664 ----a-w c:\windows\system32\catsrvut.dll
- 2005-10-21 03:39:26 151,040 ----a-w c:\windows\system32\cdfview.dll
+ 2008-04-14 00:11:50 151,040 ----a-w c:\windows\system32\cdfview.dll
- 2007-07-30 09:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-07-18 12:10:48 94,920 ----a-w c:\windows\system32\cdm.dll
- 2005-09-10 01:53:41 2,067,968 ----a-w c:\windows\system32\cdosys.dll
+ 2008-04-14 00:11:50 2,091,520 ----a-w c:\windows\system32\cdosys.dll
- 2004-08-04 12:00:00 194,560 ----a-w c:\windows\system32\certcli.dll
+ 2008-04-14 00:11:50 194,560 ----a-w c:\windows\system32\certcli.dll
- 2004-08-04 12:00:00 457,728 ----a-w c:\windows\system32\certmgr.dll
+ 2008-04-14 00:11:50 457,728 ----a-w c:\windows\system32\certmgr.dll
- 2004-08-04 12:00:00 38,912 ----a-w c:\windows\system32\cfgbkend.dll
+ 2008-04-14 00:11:50 38,912 ----a-w c:\windows\system32\cfgbkend.dll
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\cfgmgr32.dll
+ 2008-04-14 00:09:05 16,896 ----a-w c:\windows\system32\cfgmgr32.dll
- 2004-08-04 12:00:00 109,568 ----a-w c:\windows\system32\cic.dll
+ 2008-04-14 00:11:50 148,480 ----a-w c:\windows\system32\cic.dll
- 2006-06-22 05:06:29 69,120 ----a-w c:\windows\system32\ciodm.dll
+ 2008-04-14 00:11:50 69,120 ----a-w c:\windows\system32\ciodm.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\cisvc.exe
+ 2008-04-14 00:12:14 5,632 ----a-w c:\windows\system32\cisvc.exe
- 2005-07-26 04:39:43 110,080 ----a-w c:\windows\system32\clbcatex.dll
+ 2008-04-14 00:11:50 110,592 ----a-w c:\windows\system32\clbcatex.dll
- 2005-07-26 04:39:43 498,688 ----a-w c:\windows\system32\clbcatq.dll
+ 2008-04-14 00:11:50 498,688 ----a-w c:\windows\system32\clbcatq.dll
- 2004-08-04 12:00:00 64,000 ----a-w c:\windows\system32\cleanmgr.exe
+ 2008-04-14 00:12:14 64,000 ----a-w c:\windows\system32\cleanmgr.exe
- 2004-08-04 12:00:00 77,824 -c--a-w c:\windows\system32\cliconfg.dll
+ 2008-04-14 00:11:50 77,824 ----a-w c:\windows\system32\cliconfg.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\cliconfg.exe
+ 2008-04-14 00:12:14 20,480 ----a-w c:\windows\system32\cliconfg.exe
- 2004-08-04 12:00:00 102,912 -c--a-w c:\windows\system32\clipbrd.exe
+ 2008-04-14 00:12:14 102,912 ----a-w c:\windows\system32\clipbrd.exe
- 2004-08-04 12:00:00 33,280 ----a-w c:\windows\system32\clipsrv.exe
+ 2008-04-14 00:12:14 33,280 ----a-w c:\windows\system32\clipsrv.exe
- 2004-08-04 12:00:00 57,856 ----a-w c:\windows\system32\clusapi.dll
+ 2008-04-14 00:11:50 58,368 ----a-w c:\windows\system32\clusapi.dll
- 2004-08-04 12:00:00 15,872 -c--a-w c:\windows\system32\cmcfg32.dll
+ 2008-04-14 00:11:50 15,872 ----a-w c:\windows\system32\cmcfg32.dll
- 2004-08-04 12:00:00 388,608 -c--a-w c:\windows\system32\cmd.exe
+ 2008-04-14 00:12:14 389,120 ----a-w c:\windows\system32\cmd.exe
- 2004-08-04 12:00:00 343,040 -c--a-w c:\windows\system32\cmdial32.dll
+ 2008-04-14 00:11:50 344,064 ----a-w c:\windows\system32\cmdial32.dll
- 2004-08-04 12:00:00 47,104 -c--a-w c:\windows\system32\cmdl32.exe
+ 2008-04-14 00:12:14 25,600 ----a-w c:\windows\system32\cmdl32.exe
- 2004-08-04 12:00:00 39,936 -c--a-w c:\windows\system32\cmmon32.exe
+ 2008-04-14 00:12:15 39,936 ----a-w c:\windows\system32\cmmon32.exe
- 2004-08-04 12:00:00 185,344 ----a-w c:\windows\system32\cmprops.dll
+ 2008-04-14 00:11:50 185,344 ----a-w c:\windows\system32\cmprops.dll
- 2004-08-04 12:00:00 13,824 -c--a-w c:\windows\system32\cmsetACL.dll
+ 2008-04-14 00:11:50 13,312 ----a-w c:\windows\system32\cmsetacl.dll
- 2004-08-04 12:00:00 63,488 -c--a-w c:\windows\system32\cmstp.exe
+ 2008-04-14 00:12:15 63,488 ----a-w c:\windows\system32\cmstp.exe
- 2004-08-04 12:00:00 39,936 -c--a-w c:\windows\system32\cmutil.dll
+ 2008-04-14 00:11:50 39,424 ----a-w c:\windows\system32\cmutil.dll
- 2004-08-04 12:00:00 47,104 ----a-w c:\windows\system32\cnbjmon.dll
+ 2008-04-14 00:11:50 47,104 ----a-w c:\windows\system32\cnbjmon.dll
- 2005-07-26 04:39:43 60,416 ----a-w c:\windows\system32\colbact.dll
+ 2008-04-14 00:11:51 60,416 ----a-w c:\windows\system32\colbact.dll
- 2005-07-26 04:39:44 195,072 ----a-w c:\windows\system32\Com\comadmin.dll
+ 2008-04-14 00:11:51 195,072 ----a-w c:\windows\system32\Com\comadmin.dll
- 2004-08-04 12:00:00 9,728 -c--a-w c:\windows\system32\Com\comrepl.exe
+ 2008-04-14 00:12:15 9,728 ----a-w c:\windows\system32\Com\comrepl.exe
- 2004-08-04 12:00:00 5,120 -c--a-w c:\windows\system32\Com\comrereg.exe
+ 2008-04-14 00:12:15 6,144 ----a-w c:\windows\system32\Com\comrereg.exe
- 2004-08-04 12:00:00 25,600 ----a-w c:\windows\system32\comaddin.dll
+ 2008-04-14 00:11:51 28,160 ----a-w c:\windows\system32\comaddin.dll
- 2006-08-25 15:45:58 617,472 ----a-w c:\windows\system32\comctl32.dll
+ 2008-04-14 00:11:51 617,472 ----a-w c:\windows\system32\comctl32.dll
- 2004-08-04 12:00:00 276,992 ----a-w c:\windows\system32\comdlg32.dll
+ 2008-04-14 00:11:51 276,992 ----a-w c:\windows\system32\comdlg32.dll
- 2004-08-04 12:00:00 252,928 ----a-w c:\windows\system32\compatUI.dll
+ 2008-04-14 00:11:51 252,928 ----a-w c:\windows\system32\compatui.dll
- 2004-08-04 12:00:00 229,376 ----a-w c:\windows\system32\compstui.dll
+ 2008-04-14 00:11:51 229,376 ----a-w c:\windows\system32\compstui.dll
- 2005-07-26 04:39:44 97,792 ----a-w c:\windows\system32\comrepl.dll
+ 2008-04-14 00:11:51 97,792 ----a-w c:\windows\system32\comrepl.dll
- 2004-08-04 12:00:00 792,064 ----a-w c:\windows\system32\comres.dll
+ 2008-04-14 00:11:51 792,064 ----a-w c:\windows\system32\comres.dll
- 2004-08-04 12:00:00 147,456 ----a-w c:\windows\system32\comsnap.dll
+ 2008-04-14 00:11:51 167,424 ----a-w c:\windows\system32\comsnap.dll
- 2005-07-26 04:39:44 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
+ 2008-04-14 00:11:51 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
- 2005-07-26 04:39:45 540,160 ----a-w c:\windows\system32\comuid.dll
+ 2008-04-14 00:11:51 539,648 ----a-w c:\windows\system32\comuid.dll
- 2006-01-24 01:29:11 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-09-23 00:06:36 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2006-01-24 01:29:11 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-09-23 00:06:36 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-09-23 00:06:11 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008092320080924\index.dat
- 2006-01-24 01:29:11 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-23 00:06:36 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2004-08-04 12:00:00 345,600 ----a-w c:\windows\system32\confmsp.dll
+ 2008-04-14 00:11:51 357,888 ----a-w c:\windows\system32\confmsp.dll
- 2004-08-04 12:00:00 27,648 ----a-w c:\windows\system32\conime.exe
+ 2008-04-14 00:12:15 27,648 ----a-w c:\windows\system32\conime.exe
- 2007-08-13 08:42:54 17,408 ----a-w c:\windows\system32\corpol.dll
+ 2008-04-14 00:11:51 35,328 ----a-w c:\windows\system32\corpol.dll
+ 2008-04-14 00:11:51 12,800 ----a-w c:\windows\system32\credssp.dll
- 2004-08-04 12:00:00 163,840 ----a-w c:\windows\system32\credui.dll
+ 2008-04-14 00:11:51 163,840 ----a-w c:\windows\system32\credui.dll
- 2004-08-04 12:00:00 597,504 ----a-w c:\windows\system32\crypt32.dll
+ 2008-04-14 00:11:51 599,040 ----a-w c:\windows\system32\crypt32.dll
- 2004-08-04 12:00:00 74,752 -c--a-w c:\windows\system32\cryptdlg.dll
+ 2008-04-14 00:11:51 74,752 ----a-w c:\windows\system32\cryptdlg.dll

acasey · Nov 13, 2008

part 7...

- 2004-08-04 12:00:00 33,280 ----a-w c:\windows\system32\cryptdll.dll
+ 2008-04-14 00:11:51 33,280 ----a-w c:\windows\system32\cryptdll.dll
- 2004-08-04 12:00:00 53,760 ----a-w c:\windows\system32\cryptext.dll
+ 2008-04-14 00:11:51 53,760 ----a-w c:\windows\system32\cryptext.dll
- 2004-08-04 12:00:00 63,488 ----a-w c:\windows\system32\cryptnet.dll
+ 2008-04-14 00:11:51 64,512 ----a-w c:\windows\system32\cryptnet.dll
- 2004-08-04 12:00:00 60,416 ----a-w c:\windows\system32\cryptsvc.dll
+ 2008-04-14 00:11:51 62,464 ----a-w c:\windows\system32\cryptsvc.dll
- 2004-08-04 12:00:00 512,512 ----a-w c:\windows\system32\cryptui.dll
+ 2008-04-14 00:11:51 512,512 ----a-w c:\windows\system32\cryptui.dll
- 2004-08-04 12:00:00 101,888 ----a-w c:\windows\system32\cscdll.dll
+ 2008-04-14 00:11:51 101,888 ----a-w c:\windows\system32\cscdll.dll
- 2004-08-04 12:00:00 98,304 -c--a-w c:\windows\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\system32\cscript.exe
- 2004-08-04 12:00:00 326,656 ----a-w c:\windows\system32\cscui.dll
+ 2008-04-14 00:11:51 326,656 ----a-w c:\windows\system32\cscui.dll
- 2004-08-04 12:00:00 32,768 ----a-w c:\windows\system32\csrsrv.dll
+ 2008-04-14 00:11:51 32,256 ----a-w c:\windows\system32\csrsrv.dll
- 2004-08-04 12:00:00 6,144 ----a-w c:\windows\system32\csrss.exe
+ 2008-04-14 00:12:15 6,144 ----a-w c:\windows\system32\csrss.exe
- 2004-08-04 12:00:00 15,360 ----a-w c:\windows\system32\ctfmon.exe
+ 2008-04-14 00:12:16 15,360 ----a-w c:\windows\system32\ctfmon.exe
- 2004-08-04 12:00:00 1,179,648 ----a-w c:\windows\system32\d3d8.dll
+ 2008-04-14 00:11:51 1,179,648 ----a-w c:\windows\system32\d3d8.dll
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\d3d8thk.dll
+ 2008-04-14 00:11:51 8,192 ----a-w c:\windows\system32\d3d8thk.dll
- 2004-08-04 12:00:00 1,689,088 ----a-w c:\windows\system32\d3d9.dll
+ 2008-04-14 00:11:51 1,689,088 ----a-w c:\windows\system32\d3d9.dll
- 2004-08-04 12:00:00 825,344 ----a-w c:\windows\system32\d3dim700.dll
+ 2008-04-14 00:11:51 824,320 ----a-w c:\windows\system32\d3dim700.dll
- 2005-11-05 03:16:23 1,054,208 ----a-w c:\windows\system32\danim.dll
+ 2008-04-14 00:11:51 1,054,208 ----a-w c:\windows\system32\danim.dll
- 2004-08-04 12:00:00 54,272 ----a-w c:\windows\system32\dataclen.dll
+ 2008-04-14 00:11:51 54,272 ----a-w c:\windows\system32\dataclen.dll
- 2004-08-04 12:00:00 152,064 ----a-w c:\windows\system32\datime.dll
+ 2008-04-14 00:11:51 165,376 ----a-w c:\windows\system32\datime.dll
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\davclnt.dll
+ 2008-04-14 00:11:51 25,088 ----a-w c:\windows\system32\davclnt.dll
- 2004-08-04 12:00:00 640,000 ----a-w c:\windows\system32\dbghelp.dll
+ 2008-04-14 00:11:51 640,000 ----a-w c:\windows\system32\dbghelp.dll
- 2004-08-04 12:00:00 24,576 -c--a-w c:\windows\system32\dbmsrpcn.dll
+ 2008-04-14 00:11:51 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll
- 2004-08-04 12:00:00 110,592 -c--a-w c:\windows\system32\dbnetlib.dll
+ 2008-04-14 00:11:51 110,592 ----a-w c:\windows\system32\dbnetlib.dll
- 2004-08-04 12:00:00 28,672 -c--a-w c:\windows\system32\dbnmpntw.dll
+ 2008-04-14 00:11:51 28,672 ----a-w c:\windows\system32\dbnmpntw.dll
- 2004-08-04 12:00:00 1,788 -c--a-w c:\windows\system32\Dcache.bin
+ 2008-04-14 00:25:26 1,804 ----a-w c:\windows\system32\dcache.bin
- 2004-08-04 12:00:00 8,704 ----a-w c:\windows\system32\dciman32.dll
+ 2008-04-14 00:11:51 8,704 ----a-w c:\windows\system32\dciman32.dll
- 2004-08-04 12:00:00 5,120 -c--a-w c:\windows\system32\dcomcnfg.exe
+ 2008-04-14 00:12:16 6,144 ----a-w c:\windows\system32\dcomcnfg.exe
- 2004-08-04 12:00:00 30,208 -c--a-w c:\windows\system32\ddeshare.exe
+ 2008-04-14 00:12:16 30,208 ----a-w c:\windows\system32\ddeshare.exe
- 2004-08-04 12:00:00 266,240 ----a-w c:\windows\system32\ddraw.dll
+ 2008-04-14 00:11:51 279,552 ----a-w c:\windows\system32\ddraw.dll
- 2004-08-04 12:00:00 27,136 ----a-w c:\windows\system32\ddrawex.dll
+ 2008-04-14 00:11:51 27,136 ----a-w c:\windows\system32\ddrawex.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\defrag.exe
+ 2008-04-14 00:12:16 25,088 ----a-w c:\windows\system32\defrag.exe
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\devenum.dll
+ 2008-04-14 00:11:51 59,904 ----a-w c:\windows\system32\devenum.dll
- 2004-08-04 12:00:00 282,624 ----a-w c:\windows\system32\devmgr.dll
+ 2008-04-14 00:11:51 282,624 ----a-w c:\windows\system32\devmgr.dll
- 2004-08-04 12:00:00 82,432 ----a-w c:\windows\system32\dfrgfat.exe
+ 2008-04-14 00:12:16 82,944 ----a-w c:\windows\system32\dfrgfat.exe
- 2004-08-04 12:00:00 104,960 ----a-w c:\windows\system32\dfrgntfs.exe
+ 2008-04-14 00:12:16 105,472 ----a-w c:\windows\system32\dfrgntfs.exe
- 2004-08-04 12:00:00 38,912 ----a-w c:\windows\system32\dfrgsnap.dll
+ 2008-04-14 00:11:51 39,424 ----a-w c:\windows\system32\dfrgsnap.dll
- 2004-08-04 12:00:00 123,904 ----a-w c:\windows\system32\dfrgui.dll
+ 2008-04-14 00:11:51 124,416 ----a-w c:\windows\system32\dfrgui.dll
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\dfsshlex.dll
+ 2008-04-14 00:11:51 28,672 ----a-w c:\windows\system32\dfsshlex.dll
- 2004-08-04 12:00:00 111,104 ----a-w c:\windows\system32\dgnet.dll
+ 2008-04-14 00:11:51 111,104 ----a-w c:\windows\system32\dgnet.dll
- 2006-05-19 12:59:41 111,616 ----a-w c:\windows\system32\dhcpcsvc.dll
+ 2008-04-14 00:11:51 126,976 ----a-w c:\windows\system32\dhcpcsvc.dll
- 2004-08-04 12:00:00 370,176 -c--a-w c:\windows\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 379,904 ----a-w c:\windows\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ----a-w c:\windows\system32\dhcpqec.dll
- 2004-08-04 12:00:00 85,504 -c--a-w c:\windows\system32\diantz.exe
+ 2008-04-14 00:12:17 87,040 ----a-w c:\windows\system32\diantz.exe
- 2004-08-04 12:00:00 68,608 -c--a-w c:\windows\system32\digest.dll
+ 2008-04-14 00:11:52 68,608 ----a-w c:\windows\system32\digest.dll
+ 2008-04-14 00:11:52 19,456 ----a-w c:\windows\system32\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ----a-w c:\windows\system32\dimsroam.dll
- 2004-08-04 12:00:00 159,232 ----a-w c:\windows\system32\dinput.dll
+ 2008-04-14 00:11:52 158,720 ----a-w c:\windows\system32\dinput.dll
- 2004-08-04 12:00:00 181,760 ----a-w c:\windows\system32\dinput8.dll
+ 2008-04-14 00:11:52 181,760 ----a-w c:\windows\system32\dinput8.dll
- 2004-08-04 12:00:00 1,501,696 ----a-w c:\windows\system32\diskcopy.dll
+ 2008-04-14 00:11:52 1,504,256 ----a-w c:\windows\system32\diskcopy.dll
- 2004-08-04 12:00:00 163,840 -c--a-w c:\windows\system32\diskpart.exe
+ 2008-04-14 00:12:17 163,840 ----a-w c:\windows\system32\diskpart.exe
- 2004-08-04 12:00:00 45,083 ----a-w c:\windows\system32\dispex.dll
+ 2008-04-14 00:11:52 32,768 ----a-w c:\windows\system32\dispex.dll
+ 2008-07-25 08:34:36 683,520 ----a-w c:\windows\system32\DivX.dll
+ 2008-07-25 08:34:42 823,296 ----a-w c:\windows\system32\divx_xx07.dll
+ 2008-07-25 08:34:40 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
+ 2008-07-25 08:34:40 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
+ 2008-07-25 08:34:40 802,816 ----a-w c:\windows\system32\divx_xx11.dll
+ 2008-07-25 08:34:30 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
+ 2008-07-25 08:36:00 524,288 ----a-w c:\windows\system32\DivXsm.exe
+ 2008-07-23 16:46:38 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
+ 2008-04-13 18:46:20 48,128 -c--a-w c:\windows\system32\dllcache\61883.sys
- 2008-04-23 04:16:28 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 07:24:28 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
- 2004-08-04 12:00:00 138,496 -c--a-w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 10:04:36 138,496 -c----w c:\windows\system32\dllcache\afd.sys
+ 2008-04-13 18:46:20 38,912 -c--a-w c:\windows\system32\dllcache\avc.sys
- 2008-04-14 11:01:02 272,128 -c----w c:\windows\system32\dllcache\bthport.sys
+ 2008-06-13 11:05:51 272,128 -c----w c:\windows\system32\dllcache\bthport.sys
- 2007-07-30 09:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-07-18 12:10:48 94,920 -c--a-w c:\windows\system32\dllcache\cdm.dll
- 2004-08-04 12:00:00 97,792 -c--a-w c:\windows\system32\dllcache\chtmbx.dll
+ 2008-04-14 00:09:05 97,792 -c--a-w c:\windows\system32\dllcache\chtmbx.dll
- 2004-08-04 12:00:00 56,320 -c--a-w c:\windows\system32\dllcache\chtskdic.dll
+ 2008-04-14 00:09:05 56,320 -c--a-w c:\windows\system32\dllcache\chtskdic.dll
- 2004-08-04 12:00:00 173,568 -c--a-w c:\windows\system32\dllcache\chtskf.dll
+ 2008-04-14 00:09:05 173,568 -c--a-w c:\windows\system32\dllcache\chtskf.dll
- 2004-08-04 12:00:00 198,656 -c--a-w c:\windows\system32\dllcache\cintime.dll
+ 2008-04-14 00:09:06 198,656 -c--a-w c:\windows\system32\dllcache\cintime.dll
- 2004-08-04 12:00:00 98,304 -c--a-w c:\windows\system32\dllcache\cscript.exe
+ 2008-05-07 09:07:23 135,168 -c----w c:\windows\system32\dllcache\cscript.exe
- 2008-02-20 05:32:43 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 -c----w c:\windows\system32\dllcache\dnsapi.dll
- 2004-08-04 12:00:00 299,520 -c--a-w c:\windows\system32\dllcache\drmclien.dll
+ 2008-04-14 00:13:00 299,520 -c--a-w c:\windows\system32\dllcache\drmclien.dll
- 2004-08-03 13:08:00 60,288 -c--a-w c:\windows\system32\dllcache\drmk.sys
+ 2008-04-13 18:45:14 60,160 -c--a-w c:\windows\system32\dllcache\drmk.sys
- 2004-08-04 12:00:00 87,040 -c--a-w c:\windows\system32\dllcache\drmstor.dll
+ 2008-04-14 00:11:52 87,040 -c--a-w c:\windows\system32\dllcache\drmstor.dll
- 2006-08-21 18:05:26 498,742 -c--a-w c:\windows\system32\dllcache\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 -c--a-w c:\windows\system32\dllcache\dxmasf.dll
- 2008-04-23 04:16:28 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-04-23 04:16:28 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:45 243,200 -c--a-w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:26:58 253,952 -c----w c:\windows\system32\dllcache\es.dll
- 2008-04-23 04:16:28 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-26 07:24:28 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
- 2004-08-04 12:00:00 13,463,552 -c--a-w c:\windows\system32\dllcache\hwxjpn.dll
+ 2008-04-14 00:09:39 13,463,552 -c--a-w c:\windows\system32\dllcache\hwxjpn.dll
- 2008-04-23 04:16:28 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-04-22 07:39:58 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-23 04:16:28 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-04-23 04:16:28 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-04-20 05:07:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2008-04-23 04:16:28 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-04-23 04:16:28 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-04-23 04:16:28 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-04-23 04:16:28 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-26 07:24:29 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-04-23 04:16:28 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-04-22 07:39:58 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-04-22 07:40:18 625,664 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15 635,848 -c--a-w c:\windows\system32\dllcache\iexplore.exe
- 2004-08-04 12:00:00 106,496 -c--a-w c:\windows\system32\dllcache\imekrcic.dll
+ 2008-04-14 00:09:43 106,496 -c--a-w c:\windows\system32\dllcache\imekrcic.dll
- 2004-08-04 12:00:00 86,016 -c--a-w c:\windows\system32\dllcache\imekrmbx.dll
+ 2008-04-14 00:09:43 86,016 -c--a-w c:\windows\system32\dllcache\imekrmbx.dll
- 2004-08-04 12:00:00 811,064 -c--a-w c:\windows\system32\dllcache\imjp81k.dll
+ 2008-04-14 00:09:44 811,064 -c--a-w c:\windows\system32\dllcache\imjp81k.dll
- 2004-08-04 12:00:00 368,696 -c--a-w c:\windows\system32\dllcache\imjpcic.dll
+ 2008-04-14 00:09:45 368,696 -c--a-w c:\windows\system32\dllcache\imjpcic.dll
- 2004-08-04 12:00:00 716,856 -c--a-w c:\windows\system32\dllcache\imjpcus.dll
+ 2008-04-14 00:09:45 716,856 -c--a-w c:\windows\system32\dllcache\imjpcus.dll
- 2004-08-04 12:00:00 81,976 -c--a-w c:\windows\system32\dllcache\imjpdct.dll
+ 2008-04-14 00:09:45 81,976 -c--a-w c:\windows\system32\dllcache\imjpdct.dll
- 2004-08-04 12:00:00 274,489 -c--a-w c:\windows\system32\dllcache\imjputyc.dll
+ 2008-04-14 00:09:46 274,489 -c--a-w c:\windows\system32\dllcache\imjputyc.dll
- 2004-08-04 12:00:00 102,456 -c--a-w c:\windows\system32\dllcache\imlang.dll
+ 2008-04-14 00:09:46 102,456 -c--a-w c:\windows\system32\dllcache\imlang.dll
- 2004-08-04 12:00:00 315,452 -c--a-w c:\windows\system32\dllcache\imskf.dll
+ 2008-04-14 00:09:47 315,455 -c--a-w c:\windows\system32\dllcache\imskf.dll
- 2007-08-21 06:15:44 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 -c----w c:\windows\system32\dllcache\inetcomm.dll
- 2007-08-13 08:38:04 491,520 -c--a-w c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:53:39 512,000 -c----w c:\windows\system32\dllcache\jscript.dll
- 2008-04-23 04:16:28 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-03 13:15:22 140,928 -c--a-w c:\windows\system32\dllcache\ks.sys
+ 2008-04-13 19:16:36 141,056 -c--a-w c:\windows\system32\dllcache\ks.sys
- 2004-08-03 14:56:44 4,096 -c--a-w c:\windows\system32\dllcache\ksuser.dll
+ 2008-04-14 00:11:56 4,096 -c--a-w c:\windows\system32\dllcache\ksuser.dll
- 2004-08-04 12:00:00 123,392 -c--a-w c:\windows\system32\dllcache\mplay32.exe
+ 2008-04-14 00:12:27 123,392 -c--a-w c:\windows\system32\dllcache\mplay32.exe
- 2004-08-04 12:00:00 4,639 -c--a-w c:\windows\system32\dllcache\mplayer2.exe
+ 2008-04-14 00:12:27 4,639 -c--a-w c:\windows\system32\dllcache\mplayer2.exe
- 2004-08-04 12:00:00 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:33:02 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
- 2005-06-29 01:46:00 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:43:16 74,240 -c----w c:\windows\system32\dllcache\mscms.dll
- 2004-08-04 12:00:00 4,126 -c--a-w c:\windows\system32\dllcache\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 -c--a-w c:\windows\system32\dllcache\msdxmlc.dll
- 2008-04-23 04:16:28 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-04-23 04:16:28 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-23 12:16:30 3,591,680 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-27 08:24:32 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-04-23 04:16:28 478,208 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-04-23 04:16:28 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-26 07:24:30 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2008-04-23 04:16:28 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-26 07:24:30 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2004-08-04 12:00:00 245,248 -c--a-w c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:46:57 245,248 -c----w c:\windows\system32\dllcache\mswsock.dll
+ 2008-09-10 01:14:56 1,307,648 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-13 17:27:18 79,872 -c----w c:\windows\system32\dllcache\msxml6r.dll
- 2004-08-04 12:00:00 226,816 -c--a-w c:\windows\system32\dllcache\npdrmv2.dll
+ 2008-04-14 00:12:56 226,816 -c--a-w c:\windows\system32\dllcache\npdrmv2.dll
- 2005-11-29 06:27:06 364,544 -c--a-w c:\windows\system32\dllcache\npdsplay.dll
+ 2008-04-14 00:12:02 364,544 -c--a-w c:\windows\system32\dllcache\npdsplay.dll
- 2004-08-04 12:00:00 10,240 -c--a-w c:\windows\system32\dllcache\npwmsdrm.dll
+ 2008-04-14 00:12:02 10,240 -c--a-w c:\windows\system32\dllcache\npwmsdrm.dll
- 2008-04-23 04:16:28 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2008-08-26 07:24:30 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
- 2004-08-04 12:00:00 15,872 -c--a-w c:\windows\system32\dllcache\padrs404.dll
+ 2008-04-14 00:10:33 15,872 -c--a-w c:\windows\system32\dllcache\padrs404.dll
- 2004-08-04 12:00:00 15,360 -c--a-w c:\windows\system32\dllcache\padrs804.dll
+ 2008-04-14 00:10:33 15,360 -c--a-w c:\windows\system32\dllcache\padrs804.dll
- 2004-08-04 12:00:00 175,104 -c--a-w c:\windows\system32\dllcache\pintlcsa.dll
+ 2008-04-14 00:10:34 175,104 -c--a-w c:\windows\system32\dllcache\pintlcsa.dll
- 2004-08-04 12:00:00 53,760 -c--a-w c:\windows\system32\dllcache\pintlcsd.dll
+ 2008-04-14 00:10:34 53,760 -c--a-w c:\windows\system32\dllcache\pintlcsd.dll
- 2004-08-04 12:00:00 70,144 -c--a-w c:\windows\system32\dllcache\pintlphr.exe
+ 2008-04-13 16:43:36 70,144 -c--a-w c:\windows\system32\dllcache\pintlphr.exe
- 2004-08-04 12:00:00 67,584 -c--a-w c:\windows\system32\dllcache\pmigrate.dll
+ 2008-04-14 00:10:34 67,584 -c--a-w c:\windows\system32\dllcache\pmigrate.dll
- 2008-04-23 04:16:28 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2004-08-03 13:15:50 145,792 -c--a-w c:\windows\system32\dllcache\portcls.sys
+ 2008-04-13 19:19:42 146,048 -c--a-w c:\windows\system32\dllcache\portcls.sys
- 2008-05-07 05:18:48 1,287,680 -c--a-w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 -c----w c:\windows\system32\dllcache\quartz.dll
- 2008-05-08 12:28:49 202,752 -c--a-w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 14:02:52 203,136 -c----w c:\windows\system32\dllcache\rmcast.sys
- 2004-08-04 12:00:00 159,744 -c--a-w c:\windows\system32\dllcache\scrobj.dll
+ 2008-05-09 10:53:39 180,224 -c----w c:\windows\system32\dllcache\scrobj.dll
- 2004-08-04 12:00:00 151,552 -c--a-w c:\windows\system32\dllcache\scrrun.dll
+ 2008-05-09 10:53:40 172,032 -c----w c:\windows\system32\dllcache\scrrun.dll
- 2004-08-04 12:00:00 151,552 -c--a-w c:\windows\system32\dllcache\shmedia.dll
+ 2008-04-14 00:12:05 152,064 -c--a-w c:\windows\system32\dllcache\shmedia.dll
- 2004-08-03 13:08:04 48,640 -c--a-w c:\windows\system32\dllcache\stream.sys
+ 2008-04-13 18:45:16 49,408 -c--a-w c:\windows\system32\dllcache\stream.sys
- 2006-08-20 23:52:08 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-04-14 00:12:07 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
- 2007-10-30 17:20:55 360,064 -c--a-w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 11:51:12 361,600 -c----w c:\windows\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 -c----w c:\windows\system32\dllcache\tcpip6.sys
- 2004-08-04 12:00:00 10,240 -c--a-w c:\windows\system32\dllcache\tmigrate.dll
+ 2008-04-14 00:10:59 10,240 -c--a-w c:\windows\system32\dllcache\tmigrate.dll
- 2004-08-04 12:00:00 76,288 -c--a-w c:\windows\system32\dllcache\uniime.dll
+ 2008-04-14 00:11:01 76,288 -c--a-w c:\windows\system32\dllcache\uniime.dll
- 2008-04-23 04:16:28 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2008-08-26 07:24:30 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
- 2008-04-23 04:16:29 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2007-08-13 08:54:10 413,696 -c--a-w c:\windows\system32\dllcache\vbscript.dll
+ 2008-05-09 10:53:40 430,080 -c----w c:\windows\system32\dllcache\vbscript.dll
- 2004-08-04 12:00:00 426,041 -c--a-w c:\windows\system32\dllcache\voicepad.dll
+ 2008-04-14 00:11:04 426,041 -c--a-w c:\windows\system32\dllcache\voicepad.dll
- 2004-08-04 12:00:00 86,073 -c--a-w c:\windows\system32\dllcache\voicesub.dll
+ 2008-04-14 00:11:04 86,073 -c--a-w c:\windows\system32\dllcache\voicesub.dll
- 2004-08-03 13:56:58 23,552 -c--a-w c:\windows\system32\dllcache\wdmaud.drv
+ 2008-04-14 00:12:46 23,552 -c--a-w c:\windows\system32\dllcache\wdmaud.drv
- 2008-04-23 04:16:29 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-26 07:24:31 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-04-23 04:16:29 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-26 07:24:31 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\dllcache\wmpcd.dll
+ 2008-04-14 00:12:09 20,480 -c--a-w c:\windows\system32\dllcache\wmpcd.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\dllcache\wmpcore.dll
+ 2008-04-14 00:12:09 20,480 -c--a-w c:\windows\system32\dllcache\wmpcore.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\dllcache\wmpui.dll
+ 2008-04-14 00:12:09 20,480 -c--a-w c:\windows\system32\dllcache\wmpui.dll
- 2004-08-04 12:00:00 115,200 -c--a-w c:\windows\system32\dllcache\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 -c--a-w c:\windows\system32\dllcache\wmsdmoe.dll
- 2004-08-04 12:00:00 303,616 -c--a-w c:\windows\system32\dllcache\wmstream.dll
+ 2008-04-14 00:12:10 303,616 -c--a-w c:\windows\system32\dllcache\wmstream.dll
- 2004-08-04 12:00:00 114,688 -c--a-w c:\windows\system32\dllcache\wscript.exe
+ 2008-05-08 11:24:44 155,648 -c----w c:\windows\system32\dllcache\wscript.exe
- 2004-08-04 12:00:00 65,536 -c--a-w c:\windows\system32\dllcache\wshext.dll
+ 2008-05-09 10:53:40 90,112 -c----w c:\windows\system32\dllcache\wshext.dll
- 2007-07-30 09:19:36 549,720 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-07-18 12:09:44 563,912 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2007-07-30 09:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-07-18 12:10:42 53,448 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2007-07-30 09:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-07-18 12:09:42 1,811,656 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2007-07-30 09:19:32 325,976 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-07-18 12:09:46 325,832 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2007-07-30 09:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-07-18 12:10:20 36,552 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2007-07-30 09:19:28 203,096 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-07-18 12:09:44 205,000 -c--a-w c:\windows\system32\dllcache\wuweb.dll
- 2004-08-04 12:00:00 5,120 ----a-w c:\windows\system32\dllhost.exe
+ 2008-04-14 00:12:17 5,120 ----a-w c:\windows\system32\dllhost.exe
- 2004-08-04 12:00:00 224,768 ----a-w c:\windows\system32\dmadmin.exe
+ 2008-04-14 00:12:17 224,768 ----a-w c:\windows\system32\dmadmin.exe
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\dmband.dll
+ 2008-04-14 00:11:52 28,672 ----a-w c:\windows\system32\dmband.dll
- 2004-08-04 12:00:00 61,440 ----a-w c:\windows\system32\dmcompos.dll
+ 2008-04-14 00:11:52 61,440 ----a-w c:\windows\system32\dmcompos.dll
- 2004-08-04 12:00:00 273,920 ----a-w c:\windows\system32\dmdlgs.dll
+ 2008-04-14 00:11:52 285,184 ----a-w c:\windows\system32\dmdlgs.dll
- 2004-08-04 12:00:00 200,704 ----a-w c:\windows\system32\dmdskmgr.dll
+ 2008-04-14 00:11:52 200,704 ----a-w c:\windows\system32\dmdskmgr.dll
- 2004-08-04 12:00:00 181,248 ----a-w c:\windows\system32\dmime.dll
+ 2008-04-14 00:11:52 181,248 ----a-w c:\windows\system32\dmime.dll
- 2004-08-04 12:00:00 35,840 ----a-w c:\windows\system32\dmloader.dll
+ 2008-04-14 00:11:52 35,840 ----a-w c:\windows\system32\dmloader.dll
- 2004-08-04 12:00:00 15,872 ----a-w c:\windows\system32\dmremote.exe
+ 2008-04-14 00:12:17 15,872 ----a-w c:\windows\system32\dmremote.exe
- 2004-08-04 12:00:00 82,432 ----a-w c:\windows\system32\dmscript.dll
+ 2008-04-14 00:11:52 82,432 ----a-w c:\windows\system32\dmscript.dll
- 2004-08-04 12:00:00 23,552 ----a-w c:\windows\system32\dmserver.dll
+ 2008-04-14 00:11:52 23,552 ----a-w c:\windows\system32\dmserver.dll
- 2004-08-04 12:00:00 105,984 ----a-w c:\windows\system32\dmstyle.dll
+ 2008-04-14 00:11:52 105,984 ----a-w c:\windows\system32\dmstyle.dll
- 2004-08-04 12:00:00 103,424 ----a-w c:\windows\system32\dmsynth.dll
+ 2008-04-14 00:11:52 103,424 ----a-w c:\windows\system32\dmsynth.dll
- 2004-08-04 12:00:00 104,448 ----a-w c:\windows\system32\dmusic.dll
+ 2008-04-14 00:11:52 104,448 ----a-w c:\windows\system32\dmusic.dll
- 2004-08-04 12:00:00 52,224 -c--a-w c:\windows\system32\dmutil.dll
+ 2008-04-14 00:11:52 52,224 ----a-w c:\windows\system32\dmutil.dll
- 2007-07-24 04:17:08 81,920 ----a-w c:\windows\system32\dns-sd.exe
+ 2008-08-29 00:18:58 87,336 ----a-w c:\windows\system32\dns-sd.exe
- 2008-02-20 05:32:43 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 ----a-w c:\windows\system32\dnsapi.dll
- 2008-02-20 05:32:43 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
+ 2008-04-14 00:11:52 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
- 2007-07-24 04:17:08 61,440 ----a-w c:\windows\system32\dnssd.dll
+ 2008-08-28 23:53:50 61,440 ----a-w c:\windows\system32\dnssd.dll
- 2004-08-04 12:00:00 48,128 ----a-w c:\windows\system32\docprop2.dll
+ 2008-04-14 00:11:52 48,128 ----a-w c:\windows\system32\docprop2.dll
+ 2008-04-14 00:11:52 26,112 ----a-w c:\windows\system32\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ----a-w c:\windows\system32\dot3cfg.dll
+ 2008-04-14 00:11:52 9,216 ----a-w c:\windows\system32\dot3dlg.dll
+ 2008-04-14 00:11:52 39,936 ----a-w c:\windows\system32\dot3gpclnt.dll
+ 2008-04-14 00:11:52 56,320 ----a-w c:\windows\system32\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ----a-w c:\windows\system32\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ----a-w c:\windows\system32\dot3ui.dll
- 2004-08-04 12:00:00 97,280 ----a-w c:\windows\system32\dpcdll.dll
+ 2008-04-13 21:00:49 103,424 ----a-w c:\windows\system32\dpcdll.dll
+ 2008-07-25 08:34:54 81,920 ----a-w c:\windows\system32\dpl100.dll
- 2004-08-04 12:00:00 30,208 -c--a-w c:\windows\system32\dplaysvr.exe
+ 2008-04-14 00:12:17 29,696 ----a-w c:\windows\system32\dplaysvr.exe
- 2004-08-04 12:00:00 229,888 ----a-w c:\windows\system32\dplayx.dll
+ 2008-04-14 00:11:52 229,888 ----a-w c:\windows\system32\dplayx.dll
- 2004-08-04 12:00:00 23,552 -c--a-w c:\windows\system32\dpmodemx.dll
+ 2008-04-14 00:11:52 23,552 ----a-w c:\windows\system32\dpmodemx.dll
- 2004-08-04 12:00:00 3,584 -c--a-w c:\windows\system32\dpnaddr.dll
+ 2008-04-14 00:09:19 3,072 ----a-w c:\windows\system32\dpnaddr.dll
- 2004-08-04 12:00:00 375,296 ----a-w c:\windows\system32\dpnet.dll
+ 2008-04-14 00:11:52 375,296 ----a-w c:\windows\system32\dpnet.dll
- 2004-08-04 12:00:00 35,328 ----a-w c:\windows\system32\dpnhpast.dll
+ 2008-04-14 00:11:52 35,328 ----a-w c:\windows\system32\dpnhpast.dll
- 2004-08-04 12:00:00 60,928 ----a-w c:\windows\system32\dpnhupnp.dll
+ 2008-04-14 00:11:52 60,928 ----a-w c:\windows\system32\dpnhupnp.dll
- 2004-08-04 12:00:00 3,584 -c--a-w c:\windows\system32\dpnlobby.dll
+ 2008-04-14 00:09:20 3,072 ----a-w c:\windows\system32\dpnlobby.dll
- 2004-08-04 12:00:00 18,432 -c--a-w c:\windows\system32\dpnsvr.exe
+ 2008-04-14 00:12:17 17,920 ----a-w c:\windows\system32\dpnsvr.exe
+ 2008-07-25 08:34:46 294,912 ----a-w c:\windows\system32\dpu10.dll
+ 2008-07-25 08:34:46 294,912 ----a-w c:\windows\system32\dpu11.dll
+ 2008-07-25 08:34:50 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
+ 2008-07-25 08:34:46 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
+ 2008-07-25 08:34:46 344,064 ----a-w c:\windows\system32\dpus11.dll
+ 2008-07-25 08:34:46 57,344 ----a-w c:\windows\system32\dpv11.dll
- 2004-08-04 12:00:00 21,504 ----a-w c:\windows\system32\dpvacm.dll
+ 2008-04-14 00:11:52 21,504 ----a-w c:\windows\system32\dpvacm.dll
- 2004-08-04 12:00:00 212,480 ----a-w c:\windows\system32\dpvoice.dll
+ 2008-04-14 00:11:52 212,480 ----a-w c:\windows\system32\dpvoice.dll
- 2004-08-04 12:00:00 83,456 -c--a-w c:\windows\system32\dpvsetup.exe
+ 2008-04-14 00:12:18 83,456 ----a-w c:\windows\system32\dpvsetup.exe
- 2004-08-04 12:00:00 116,736 ----a-w c:\windows\system32\dpvvox.dll
+ 2008-04-14 00:11:52 116,736 ----a-w c:\windows\system32\dpvvox.dll
- 2004-08-04 12:00:00 57,344 -c--a-w c:\windows\system32\dpwsockx.dll
+ 2008-04-14 00:11:52 57,344 ----a-w c:\windows\system32\dpwsockx.dll
- 2004-08-03 13:10:08 53,248 ----a-w c:\windows\system32\drivers\1394bus.sys
+ 2008-04-13 18:46:18 53,376 ----a-w c:\windows\system32\drivers\1394bus.sys
+ 2008-04-13 18:46:20 48,128 ----a-w c:\windows\system32\drivers\61883.sys
- 2004-08-04 12:00:00 187,776 ----a-w c:\windows\system32\drivers\acpi.sys
+ 2008-04-13 18:36:35 187,776 ----a-w c:\windows\system32\drivers\acpi.sys
+ 2008-04-14 00:11:48 4,255 ----a-w c:\windows\system32\drivers\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ----a-w c:\windows\system32\drivers\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ----a-w c:\windows\system32\drivers\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ----a-w c:\windows\system32\drivers\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ----a-w c:\windows\system32\drivers\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ----a-w c:\windows\system32\drivers\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ----a-w c:\windows\system32\drivers\adv11nt5.dll
- 2006-02-15 00:22:26 142,464 ----a-w c:\windows\system32\drivers\aec.sys
+ 2008-04-13 16:39:23 142,592 ----a-w c:\windows\system32\drivers\aec.sys
- 2004-08-04 12:00:00 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-04-13 18:36:38 42,368 ----a-w c:\windows\system32\drivers\agp440.sys
+ 2008-04-13 18:36:39 44,928 ----a-w c:\windows\system32\drivers\agpcpq.sys
+ 2008-04-13 18:36:38 42,752 ----a-w c:\windows\system32\drivers\alim1541.sys
+ 2008-04-13 18:36:39 43,008 ----a-w c:\windows\system32\drivers\amdagp.sys
- 2004-08-04 12:00:00 36,992 -c--a-w c:\windows\system32\drivers\amdk6.sys
+ 2008-04-13 18:31:32 37,376 ----a-w c:\windows\system32\drivers\amdk6.sys
- 2004-08-04 12:00:00 37,376 -c--a-w c:\windows\system32\drivers\amdk7.sys
+ 2008-04-13 18:31:33 37,760 ----a-w c:\windows\system32\drivers\amdk7.sys
- 2004-08-04 12:00:00 60,800 -c--a-w c:\windows\system32\drivers\arp1394.sys
+ 2008-04-13 18:51:25 60,800 ----a-w c:\windows\system32\drivers\arp1394.sys
+ 2008-05-06 06:01:28 16,512 ----a-w c:\windows\system32\drivers\ASPI32.SYS
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\drivers\asyncmac.sys
+ 2008-04-13 18:57:27 14,336 ----a-w c:\windows\system32\drivers\asyncmac.sys
- 2004-08-04 12:00:00 95,360 ----a-w c:\windows\system32\drivers\atapi.sys
+ 2008-04-13 18:40:30 96,512 ----a-w c:\windows\system32\drivers\atapi.sys
+ 2004-08-03 12:29:30 56,623 ----a-w c:\windows\system32\drivers\ati1btxx.sys
+ 2004-08-03 12:29:30 11,615 ----a-w c:\windows\system32\drivers\ati1mdxx.sys
+ 2004-08-03 12:29:30 12,047 ----a-w c:\windows\system32\drivers\ati1pdxx.sys
+ 2004-08-03 12:29:32 30,671 ----a-w c:\windows\system32\drivers\ati1raxx.sys
+ 2004-08-03 12:29:32 63,663 ----a-w c:\windows\system32\drivers\ati1rvxx.sys
+ 2004-08-03 12:29:32 26,367 ----a-w c:\windows\system32\drivers\ati1snxx.sys
+ 2004-08-03 12:29:32 21,343 ----a-w c:\windows\system32\drivers\ati1ttxx.sys
+ 2004-08-03 12:29:32 36,463 ----a-w c:\windows\system32\drivers\ati1tuxx.sys
+ 2004-08-03 12:29:32 29,455 ----a-w c:\windows\system32\drivers\ati1xbxx.sys
+ 2004-08-03 12:29:32 34,735 ----a-w c:\windows\system32\drivers\ati1xsxx.sys
+ 2004-08-03 12:29:28 327,040 ----a-w c:\windows\system32\drivers\ati2mtaa.sys
+ 2004-08-03 12:29:28 701,440 ----a-w c:\windows\system32\drivers\ati2mtag.sys
+ 2004-08-03 12:29:28 57,856 ----a-w c:\windows\system32\drivers\atinbtxx.sys
+ 2004-08-03 12:29:30 13,824 ----a-w c:\windows\system32\drivers\atinmdxx.sys
+ 2004-08-03 12:29:30 14,336 ----a-w c:\windows\system32\drivers\atinpdxx.sys
+ 2004-08-03 12:29:30 52,224 ----a-w c:\windows\system32\drivers\atinraxx.sys
+ 2004-08-03 12:29:32 104,960 ----a-w c:\windows\system32\drivers\atinrvxx.sys
+ 2004-08-03 12:29:32 28,672 ----a-w c:\windows\system32\drivers\atinsnxx.sys
+ 2004-08-03 12:29:32 13,824 ----a-w c:\windows\system32\drivers\atinttxx.sys
+ 2004-08-03 12:29:32 73,216 ----a-w c:\windows\system32\drivers\atintuxx.sys
+ 2004-08-03 12:29:32 31,744 ----a-w c:\windows\system32\drivers\atinxbxx.sys
+ 2004-08-03 12:29:32 63,488 ----a-w c:\windows\system32\drivers\atinxsxx.sys
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\drivers\atmarpc.sys
+ 2008-04-13 18:51:25 59,904 ----a-w c:\windows\system32\drivers\atmarpc.sys
- 2004-08-04 12:00:00 55,936 -c--a-w c:\windows\system32\drivers\atmlane.sys
+ 2008-04-13 18:51:30 55,808 ----a-w c:\windows\system32\drivers\atmlane.sys
+ 2008-04-14 00:11:50 21,183 ----a-w c:\windows\system32\drivers\atv01nt5.dll
+ 2008-04-14 00:11:50 11,359 ----a-w c:\windows\system32\drivers\atv02nt5.dll
+ 2008-04-14 00:11:50 25,471 ----a-w c:\windows\system32\drivers\atv04nt5.dll
+ 2008-04-14 00:11:50 14,143 ----a-w c:\windows\system32\drivers\atv06nt5.dll
+ 2008-04-14 00:11:50 17,279 ----a-w c:\windows\system32\drivers\atv10nt5.dll
+ 2008-04-13 18:46:20 38,912 ----a-w c:\windows\system32\drivers\avc.sys
- 2008-06-17 13:34:07 26,184 ----a-w c:\windows\system32\drivers\avgmfx86.sys
+ 2008-11-07 07:42:44 26,824 ----a-w c:\windows\system32\drivers\avgmfx86.sys
- 2004-08-04 12:00:00 71,552 -c--a-w c:\windows\system32\drivers\bridge.sys
+ 2008-04-13 18:53:23 71,552 ----a-w c:\windows\system32\drivers\bridge.sys
+ 2008-04-13 18:46:33 17,024 ----a-w c:\windows\system32\drivers\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ----a-w c:\windows\system32\drivers\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ----a-w c:\windows\system32\drivers\bthpan.sys
- 2008-04-14 11:01:02 272,128 ----a-w c:\windows\system32\drivers\bthport.sys
+ 2008-06-13 11:05:51 272,128 ----a-w c:\windows\system32\drivers\bthport.sys
+ 2008-04-13 18:46:31 36,480 ----a-w c:\windows\system32\drivers\bthprint.sys
+ 2008-04-13 18:46:29 18,944 ----a-w c:\windows\system32\drivers\bthusb.sys
- 2004-08-04 12:00:00 63,744 ----a-w c:\windows\system32\drivers\cdfs.sys
+ 2008-04-13 19:14:21 63,744 ----a-w c:\windows\system32\drivers\cdfs.sys
+ 2008-07-23 16:50:48 9,336 ----a-w c:\windows\system32\drivers\cdr4_xp.sys
+ 2008-07-23 16:50:48 9,464 ----a-w c:\windows\system32\drivers\cdralw2k.sys
- 2004-08-04 12:00:00 49,536 ----a-w c:\windows\system32\drivers\cdrom.sys
+ 2008-04-13 18:40:46 62,976 ----a-w c:\windows\system32\drivers\cdrom.sys
+ 2008-04-14 00:11:50 15,423 ----a-w c:\windows\system32\drivers\ch7xxnt5.dll
- 2004-08-04 12:00:00 49,664 -c--a-w c:\windows\system32\drivers\classpnp.sys
+ 2008-04-13 19:16:22 49,536 ----a-w c:\windows\system32\drivers\classpnp.sys
- 2004-08-04 12:00:00 36,480 -c--a-w c:\windows\system32\drivers\crusoe.sys
+ 2008-04-13 18:31:32 36,736 ----a-w c:\windows\system32\drivers\crusoe.sys
- 2004-08-04 12:00:00 36,352 ----a-w c:\windows\system32\drivers\disk.sys
+ 2008-04-13 18:40:47 36,352 ----a-w c:\windows\system32\drivers\disk.sys
- 2004-08-04 12:00:00 14,208 ----a-w c:\windows\system32\drivers\diskdump.sys
+ 2008-04-13 18:40:44 14,208 ----a-w c:\windows\system32\drivers\diskdump.sys
- 2004-08-04 12:00:00 799,744 ----a-w c:\windows\system32\drivers\dmboot.sys
+ 2008-04-13 18:44:48 799,744 ----a-w c:\windows\system32\drivers\dmboot.sys
- 2004-08-04 12:00:00 153,344 ----a-w c:\windows\system32\drivers\dmio.sys
+ 2008-04-13 18:44:46 153,344 ----a-w c:\windows\system32\drivers\dmio.sys
- 2004-08-03 12:07:40 52,864 ----a-w c:\windows\system32\drivers\DMusic.sys
+ 2008-04-13 18:45:01 52,864 ----a-w c:\windows\system32\drivers\dmusic.sys
- 2004-08-03 13:08:00 60,288 ----a-w c:\windows\system32\drivers\drmk.sys
+ 2008-04-13 18:45:14 60,160 ----a-w c:\windows\system32\drivers\drmk.sys
- 2004-08-03 12:07:58 2,944 ----a-w c:\windows\system32\drivers\drmkaud.sys
+ 2008-04-13 18:45:13 2,944 ----a-w c:\windows\system32\drivers\drmkaud.sys
- 2004-08-04 12:00:00 71,040 ----a-w c:\windows\system32\drivers\dxg.sys
+ 2008-04-13 18:38:29 71,168 ----a-w c:\windows\system32\drivers\dxg.sys
- 2004-08-04 12:00:00 143,360 ----a-w c:\windows\system32\drivers\fastfat.sys
+ 2008-04-13 19:14:29 143,744 ----a-w c:\windows\system32\drivers\fastfat.sys
- 2004-08-04 12:00:00 27,392 ----a-w c:\windows\system32\drivers\fdc.sys
+ 2008-04-13 18:40:25 27,392 ----a-w c:\windows\system32\drivers\fdc.sys
- 2004-08-04 12:00:00 34,944 ----a-w c:\windows\system32\drivers\fips.sys
+ 2008-04-13 18:33:28 44,544 ----a-w c:\windows\system32\drivers\fips.sys
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\drivers\flpydisk.sys
+ 2008-04-13 18:40:25 20,480 ----a-w c:\windows\system32\drivers\flpydisk.sys
- 2006-08-21 09:14:58 128,896 ----a-w c:\windows\system32\drivers\fltmgr.sys
+ 2008-04-13 18:32:59 129,792 ----a-w c:\windows\system32\drivers\fltmgr.sys
+ 2008-04-13 18:36:40 46,464 ----a-w c:\windows\system32\drivers\gagp30kx.sys
- 2008-01-29 02:01:28 16,168 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2008-04-17 03:12:54 15,464 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2008-04-13 16:36:05 144,384 ----a-w c:\windows\system32\drivers\hdaudbus.sys
+ 2008-04-13 18:46:30 25,600 ----a-w c:\windows\system32\drivers\hidbth.sys
- 2004-08-04 12:00:00 36,224 -c--a-w c:\windows\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 36,864 ----a-w c:\windows\system32\drivers\hidclass.sys
+ 2008-04-13 18:45:26 19,200 ----a-w c:\windows\system32\drivers\hidir.sys
- 2004-08-04 12:00:00 24,960 -c--a-w c:\windows\system32\drivers\hidparse.sys
+ 2008-04-13 18:45:22 24,960 ----a-w c:\windows\system32\drivers\hidparse.sys
+ 2004-08-03 12:41:48 220,032 ----a-w c:\windows\system32\drivers\hsfbs2s2.sys
+ 2004-08-03 12:41:50 685,056 ----a-w c:\windows\system32\drivers\hsfcxts2.sys
+ 2004-08-03 12:41:56 1,041,536 ----a-w c:\windows\system32\drivers\hsfdpsp2.sys
- 2006-03-17 00:33:10 262,784 ----a-w c:\windows\system32\drivers\http.sys
+ 2008-04-13 18:53:53 264,832 ----a-w c:\windows\system32\drivers\http.sys
- 2004-08-04 12:00:00 52,736 ----a-w c:\windows\system32\drivers\i8042prt.sys
+ 2008-04-13 19:18:00 52,480 ----a-w c:\windows\system32\drivers\i8042prt.sys
- 2004-08-04 12:00:00 41,856 ----a-w c:\windows\system32\drivers\imapi.sys
+ 2008-04-13 18:40:58 42,112 ----a-w c:\windows\system32\drivers\imapi.sys
- 2004-08-04 12:00:00 36,096 ----a-w c:\windows\system32\drivers\intelppm.sys
+ 2008-04-13 18:31:32 36,352 ----a-w c:\windows\system32\drivers\intelppm.sys
- 2004-08-04 12:00:00 29,056 ----a-w c:\windows\system32\drivers\ip6fw.sys
+ 2008-04-13 18:53:34 36,608 ----a-w c:\windows\system32\drivers\ip6fw.sys
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\drivers\ipinip.sys
+ 2008-04-13 18:57:07 20,864 ----a-w c:\windows\system32\drivers\ipinip.sys
- 2004-09-29 22:28:37 134,912 ----a-w c:\windows\system32\drivers\ipnat.sys
+ 2008-04-13 18:57:15 152,832 ----a-w c:\windows\system32\drivers\ipnat.sys
- 2004-08-04 12:00:00 74,752 ----a-w c:\windows\system32\drivers\ipsec.sys
+ 2008-04-13 19:19:42 75,264 ----a-w c:\windows\system32\drivers\ipsec.sys
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\drivers\irenum.sys
+ 2008-04-13 18:54:28 11,264 ----a-w c:\windows\system32\drivers\irenum.sys
- 2004-08-04 12:00:00 35,840 ----a-w c:\windows\system32\drivers\isapnp.sys
+ 2008-04-13 18:36:41 37,248 ----a-w c:\windows\system32\drivers\isapnp.sys
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-13 18:39:47 24,576 ----a-w c:\windows\system32\drivers\kbdclass.sys
- 2006-06-14 08:47:45 172,416 ----a-w c:\windows\system32\drivers\kmixer.sys
+ 2008-04-13 18:45:09 172,416 ----a-w c:\windows\system32\drivers\kmixer.sys
- 2004-08-03 13:15:22 140,928 ----a-w c:\windows\system32\drivers\ks.sys
+ 2008-04-13 19:16:36 141,056 ----a-w c:\windows\system32\drivers\ks.sys
- 2004-08-04 12:00:00 92,032 ----a-w c:\windows\system32\drivers\ksecdd.sys
+ 2008-04-13 18:31:43 92,288 ----a-w c:\windows\system32\drivers\ksecdd.sys
+ 2004-08-03 12:41:56 11,868 ----a-w c:\windows\system32\drivers\mdmxsdk.sys
- 2004-08-04 12:00:00 63,744 -c--a-w c:\windows\system32\drivers\mf.sys
+ 2008-04-13 18:36:41 63,744 ----a-w c:\windows\system32\drivers\mf.sys
- 2004-08-04 12:00:00 30,080 ----a-w c:\windows\system32\drivers\modem.sys
+ 2008-04-13 19:00:19 30,080 ----a-w c:\windows\system32\drivers\modem.sys
- 2004-08-04 12:00:00 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
+ 2008-04-13 18:39:47 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
- 2004-08-04 12:00:00 42,240 ----a-w c:\windows\system32\drivers\mountmgr.sys
+ 2008-04-13 18:39:46 42,368 ----a-w c:\windows\system32\drivers\mountmgr.sys
- 2007-12-18 09:51:35 179,584 ----a-w c:\windows\system32\drivers\mrxdav.sys
+ 2008-04-13 18:32:44 180,608 ----a-w c:\windows\system32\drivers\mrxdav.sys
- 2004-08-04 12:00:00 19,072 ----a-w c:\windows\system32\drivers\msfs.sys
+ 2008-04-13 18:32:39 19,072 ----a-w c:\windows\system32\drivers\msfs.sys
- 2004-08-04 12:00:00 35,072 ----a-w c:\windows\system32\drivers\msgpc.sys
+ 2008-04-13 18:56:32 35,072 ----a-w c:\windows\system32\drivers\msgpc.sys
- 2004-08-03 11:58:42 7,552 ----a-w c:\windows\system32\drivers\MSKSSRV.sys
+ 2008-04-13 18:39:52 7,552 ----a-w c:\windows\system32\drivers\mskssrv.sys
- 2004-08-03 11:58:40 5,376 ----a-w c:\windows\system32\drivers\MSPCLOCK.sys
+ 2008-04-13 18:39:50 5,376 ----a-w c:\windows\system32\drivers\mspclock.sys
- 2004-08-03 11:58:42 4,992 ----a-w c:\windows\system32\drivers\MSPQM.sys
+ 2008-04-13 18:39:51 4,992 ----a-w c:\windows\system32\drivers\mspqm.sys
- 2004-08-04 12:00:00 15,488 ----a-w c:\windows\system32\drivers\mssmbios.sys
+ 2008-04-13 18:36:46 15,488 ----a-w c:\windows\system32\drivers\mssmbios.sys
+ 2004-08-03 12:41:40 126,686 ----a-w c:\windows\system32\drivers\mtlmnt5.sys
+ 2004-08-03 12:41:38 1,309,184 ----a-w c:\windows\system32\drivers\mtlstrm.sys
+ 2004-08-03 12:29:38 452,736 ----a-w c:\windows\system32\drivers\mtxparhm.sys
- 2004-08-04 12:00:00 107,904 ----a-w c:\windows\system32\drivers\mup.sys
+ 2008-04-13 19:17:05 105,344 ----a-w c:\windows\system32\drivers\mup.sys
+ 2008-04-13 18:43:55 12,672 ----a-w c:\windows\system32\drivers\mutohpen.sys
- 2004-08-04 12:00:00 182,912 ----a-w c:\windows\system32\drivers\ndis.sys
+ 2008-04-13 19:20:37 182,656 ----a-w c:\windows\system32\drivers\ndis.sys
- 2004-08-04 12:00:00 9,600 ----a-w c:\windows\system32\drivers\ndistapi.sys
+ 2008-04-13 18:57:27 10,112 ----a-w c:\windows\system32\drivers\ndistapi.sys
- 2004-08-04 12:00:00 12,928 ----a-w c:\windows\system32\drivers\ndisuio.sys
+ 2008-04-13 18:55:58 14,592 ----a-w c:\windows\system32\drivers\ndisuio.sys
- 2004-08-04 12:00:00 91,776 ----a-w c:\windows\system32\drivers\ndiswan.sys
+ 2008-04-13 19:20:42 91,520 ----a-w c:\windows\system32\drivers\ndiswan.sys
- 2004-08-04 12:00:00 38,016 ----a-w c:\windows\system32\drivers\ndproxy.sys
+ 2008-04-13 18:57:29 40,576 ----a-w c:\windows\system32\drivers\ndproxy.sys
- 2004-08-04 12:00:00 34,560 ----a-w c:\windows\system32\drivers\netbios.sys
+ 2008-04-13 18:56:02 34,688 ----a-w c:\windows\system32\drivers\netbios.sys
- 2004-08-04 12:00:00 162,816 ----a-w c:\windows\system32\drivers\netbt.sys
+ 2008-04-13 19:21:00 162,816 ----a-w c:\windows\system32\drivers\netbt.sys
- 2004-08-04 12:00:00 61,824 -c--a-w c:\windows\system32\drivers\nic1394.sys
+ 2008-04-13 18:51:25 61,824 ----a-w c:\windows\system32\drivers\nic1394.sys
- 2004-08-04 12:00:00 40,320 -c--a-w c:\windows\system32\drivers\nmnt.sys
+ 2008-04-13 18:53:09 40,320 ----a-w c:\windows\system32\drivers\nmnt.sys
- 2004-08-04 12:00:00 30,848 ----a-w c:\windows\system32\drivers\npfs.sys
+ 2008-04-13 18:32:39 30,848 ----a-w c:\windows\system32\drivers\npfs.sys
- 2007-02-09 11:10:35 574,464 ----a-w c:\windows\system32\drivers\ntfs.sys
+ 2008-04-13 19:15:53 574,976 ----a-w c:\windows\system32\drivers\ntfs.sys
+ 2004-08-03 12:41:40 180,360 ----a-w c:\windows\system32\drivers\ntmtlfax.sys
+ 2004-08-03 12:29:56 1,897,408 ----a-w c:\windows\system32\drivers\nv4_mini.sys
- 2004-08-04 12:00:00 88,448 -c--a-w c:\windows\system32\drivers\nwlnkipx.sys
+ 2008-04-13 18:56:06 88,320 ----a-w c:\windows\system32\drivers\nwlnkipx.sys
- 2004-08-03 13:10:10 61,056 ----a-w c:\windows\system32\drivers\ohci1394.sys
+ 2008-04-13 18:46:18 61,696 ----a-w c:\windows\system32\drivers\ohci1394.sys
- 2004-08-04 12:00:00 42,496 -c--a-w c:\windows\system32\drivers\p3.sys
+ 2008-04-13 18:31:31 42,752 ----a-w c:\windows\system32\drivers\p3.sys
- 2004-08-04 12:00:00 80,128 ----a-w c:\windows\system32\drivers\parport.sys
+ 2008-04-13 18:40:10 80,128 ----a-w c:\windows\system32\drivers\parport.sys
- 2004-08-04 12:00:00 18,688 ----a-w c:\windows\system32\drivers\partmgr.sys
+ 2008-04-13 18:40:49 19,712 ----a-w c:\windows\system32\drivers\partmgr.sys
- 2004-08-04 12:00:00 68,224 ----a-w c:\windows\system32\drivers\pci.sys
+ 2008-04-13 18:36:44 68,224 ----a-w c:\windows\system32\drivers\pci.sys
- 2004-08-04 12:00:00 25,088 -c--a-w c:\windows\system32\drivers\pciidex.sys
+ 2008-04-13 18:40:29 24,960 ----a-w c:\windows\system32\drivers\pciidex.sys
- 2004-08-04 12:00:00 119,936 ----a-w c:\windows\system32\drivers\pcmcia.sys
+ 2008-04-13 18:36:43 120,192 ----a-w c:\windows\system32\drivers\pcmcia.sys
- 2004-08-03 13:15:50 145,792 ----a-w c:\windows\system32\drivers\portcls.sys
+ 2008-04-13 19:19:42 146,048 ----a-w c:\windows\system32\drivers\portcls.sys
- 2004-08-04 12:00:00 35,328 -c--a-w c:\windows\system32\drivers\processr.sys
+ 2008-04-13 18:31:30 35,840 ----a-w c:\windows\system32\drivers\processr.sys
- 2004-08-04 12:00:00 69,120 ----a-w c:\windows\system32\drivers\psched.sys
+ 2008-04-13 18:56:38 69,120 ----a-w c:\windows\system32\drivers\psched.sys
- 2005-03-11 22:28:13 20,640 ----a-w c:\windows\system32\drivers\PxHelp20.sys
+ 2008-07-23 16:50:48 43,528 ----a-w c:\windows\system32\drivers\PxHelp20.sys
- 2004-08-04 12:00:00 51,328 ----a-w c:\windows\system32\drivers\rasl2tp.sys
+ 2008-04-13 19:19:43 51,328 ----a-w c:\windows\system32\drivers\rasl2tp.sys
- 2004-08-04 12:00:00 41,472 ----a-w c:\windows\system32\drivers\raspppoe.sys
+ 2008-04-13 18:57:32 41,472 ----a-w c:\windows\system32\drivers\raspppoe.sys
- 2004-08-04 12:00:00 48,384 ----a-w c:\windows\system32\drivers\raspptp.sys
+ 2008-04-13 19:19:48 48,384 ----a-w c:\windows\system32\drivers\raspptp.sys
- 2006-05-05 09:47:57 174,592 ----a-w c:\windows\system32\drivers\rdbss.sys
+ 2008-04-13 19:28:39 175,744 ----a-w c:\windows\system32\drivers\rdbss.sys
- 2004-08-03 12:01:16 196,864 -c--a-w c:\windows\system32\drivers\rdpdr.sys
+ 2008-04-13 18:32:51 196,224 ----a-w c:\windows\system32\drivers\rdpdr.sys
- 2005-06-10 04:09:46 139,528 ----a-w c:\windows\system32\drivers\rdpwd.sys
+ 2008-04-14 00:13:22 139,656 ----a-w c:\windows\system32\drivers\rdpwd.sys
+ 2004-08-03 12:41:40 13,776 ----a-w c:\windows\system32\drivers\recagent.sys
- 2004-08-03 22:59:38 57,472 ----a-w c:\windows\system32\drivers\redbook.sys
+ 2008-04-13 18:40:27 57,600 ----a-w c:\windows\system32\drivers\redbook.sys
+ 2008-04-13 18:46:32 59,136 ----a-w c:\windows\system32\drivers\rfcomm.sys
- 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2004-08-04 12:00:00 30,080 -c--a-w c:\windows\system32\drivers\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ----a-w c:\windows\system32\drivers\rndismp.sys
+ 2008-04-13 18:56:49 30,592 ----a-w c:\windows\system32\drivers\rndismpx.sys
+ 2004-08-03 12:29:52 166,912 ----a-w c:\windows\system32\drivers\s3gnbm.sys
- 2004-08-04 12:00:00 96,256 -c--a-w c:\windows\system32\drivers\scsiport.sys
+ 2008-04-13 18:40:30 96,384 ----a-w c:\windows\system32\drivers\scsiport.sys
- 2004-08-04 12:00:00 67,584 -c--a-w c:\windows\system32\drivers\sdbus.sys
+ 2008-04-13 18:36:44 79,232 ----a-w c:\windows\system32\drivers\sdbus.sys
- 2004-08-04 12:00:00 15,488 ----a-w c:\windows\system32\drivers\serenum.sys
+ 2008-04-13 18:40:12 15,744 ----a-w c:\windows\system32\drivers\serenum.sys
- 2004-08-04 12:00:00 64,896 ----a-w c:\windows\system32\drivers\serial.sys
+ 2008-04-13 19:15:45 64,512 ----a-w c:\windows\system32\drivers\serial.sys

acasey · Nov 13, 2008

part 8...

- 2004-08-04 12:00:00 11,136 -c--a-w c:\windows\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:47 11,904 ----a-w c:\windows\system32\drivers\sffdisk.sys
+ 2008-04-13 18:40:48 10,240 ----a-w c:\windows\system32\drivers\sffp_mmc.sys
- 2004-08-04 12:00:00 10,240 -c--a-w c:\windows\system32\drivers\sffp_sd.sys
+ 2008-04-13 18:40:47 11,008 ----a-w c:\windows\system32\drivers\sffp_sd.sys
- 2004-08-04 12:00:00 11,392 ----a-w c:\windows\system32\drivers\sfloppy.sys
+ 2008-04-13 18:40:48 11,392 ----a-w c:\windows\system32\drivers\sfloppy.sys
+ 2008-04-14 00:12:05 3,901 ----a-w c:\windows\system32\drivers\siint5.dll
+ 2008-04-13 18:36:39 40,960 ----a-w c:\windows\system32\drivers\sisagp.sys
- 2002-07-10 15:39:34 32,256 ----a-r c:\windows\system32\drivers\sisnic.sys
+ 2004-08-03 12:31:36 32,768 ----a-r c:\windows\system32\drivers\sisnic.sys
+ 2004-08-03 12:41:42 129,535 ----a-w c:\windows\system32\drivers\slnt7554.sys
+ 2004-08-03 12:41:44 404,990 ----a-w c:\windows\system32\drivers\slntamr.sys
+ 2004-08-03 12:41:46 95,424 ----a-w c:\windows\system32\drivers\slnthal.sys
+ 2004-08-03 12:41:46 13,240 ----a-w c:\windows\system32\drivers\slwdmsup.sys
+ 2008-04-13 18:36:34 5,888 ----a-w c:\windows\system32\drivers\smbali.sys
- 2004-08-04 12:00:00 25,472 -c--a-w c:\windows\system32\drivers\sonydcam.sys
+ 2008-04-13 18:46:07 25,344 ----a-w c:\windows\system32\drivers\sonydcam.sys
- 2006-06-14 08:47:46 6,400 ----a-w c:\windows\system32\drivers\splitter.sys
+ 2008-04-13 18:45:07 6,272 ----a-w c:\windows\system32\drivers\splitter.sys
- 2004-08-04 12:00:00 73,472 ----a-w c:\windows\system32\drivers\sr.sys
+ 2008-04-13 18:36:52 73,472 ----a-w c:\windows\system32\drivers\sr.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\system32\drivers\srv.sys
- 2004-08-03 13:08:04 48,640 ----a-w c:\windows\system32\drivers\stream.sys
+ 2008-04-13 18:45:16 49,408 ----a-w c:\windows\system32\drivers\stream.sys
- 2004-08-04 12:00:00 4,352 ----a-w c:\windows\system32\drivers\swenum.sys
+ 2008-04-13 18:39:53 4,352 ----a-w c:\windows\system32\drivers\swenum.sys
- 2001-08-17 03:00:52 54,272 ----a-w c:\windows\system32\drivers\swmidi.sys
+ 2008-04-13 18:45:09 56,576 ----a-w c:\windows\system32\drivers\swmidi.sys
- 2004-08-03 12:15:56 60,800 ----a-w c:\windows\system32\drivers\sysaudio.sys
+ 2008-04-13 19:15:55 60,800 ----a-w c:\windows\system32\drivers\sysaudio.sys
- 2004-08-04 12:00:00 14,976 -c--a-w c:\windows\system32\drivers\tape.sys
+ 2008-04-13 18:40:50 14,976 ----a-w c:\windows\system32\drivers\tape.sys
- 2007-10-30 17:20:55 360,064 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2004-08-04 12:00:00 18,560 ----a-w c:\windows\system32\drivers\tdi.sys
+ 2008-04-13 19:00:05 19,072 ----a-w c:\windows\system32\drivers\tdi.sys
- 2004-08-04 12:00:00 12,040 ----a-w c:\windows\system32\drivers\tdpipe.sys
+ 2008-04-14 00:13:20 12,040 ----a-w c:\windows\system32\drivers\tdpipe.sys
- 2004-08-04 12:00:00 21,896 ----a-w c:\windows\system32\drivers\tdtcp.sys
+ 2008-04-14 00:13:21 21,896 ----a-w c:\windows\system32\drivers\tdtcp.sys
- 2004-08-03 14:01:08 40,840 ----a-w c:\windows\system32\drivers\termdd.sys
+ 2008-04-14 00:13:20 40,840 ----a-w c:\windows\system32\drivers\termdd.sys
- 2004-08-04 12:00:00 12,416 -c--a-w c:\windows\system32\drivers\tunmp.sys
+ 2008-04-13 18:56:01 12,288 ----a-w c:\windows\system32\drivers\tunmp.sys
- 2004-08-03 23:07:44 44,672 ----a-w c:\windows\system32\drivers\UAGP35.SYS
+ 2008-04-13 18:36:40 44,672 ----a-w c:\windows\system32\drivers\uagp35.sys
- 2004-08-04 12:00:00 66,176 ----a-w c:\windows\system32\drivers\udfs.sys
+ 2008-04-13 18:32:36 66,048 ----a-w c:\windows\system32\drivers\udfs.sys
- 2007-04-23 10:32:54 364,160 ----a-w c:\windows\system32\drivers\update.sys
+ 2008-04-13 18:39:46 384,768 ----a-w c:\windows\system32\drivers\update.sys
- 2004-08-04 12:00:00 12,672 -c--a-w c:\windows\system32\drivers\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ----a-w c:\windows\system32\drivers\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ----a-w c:\windows\system32\drivers\usb8023x.sys
- 2007-10-31 03:09:14 30,464 ----a-w c:\windows\system32\drivers\usbaapl.sys
+ 2008-07-09 23:35:22 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
- 2004-08-03 13:07:56 59,264 ----a-w c:\windows\system32\drivers\USBAUDIO.sys
+ 2008-04-13 18:45:12 60,032 ----a-w c:\windows\system32\drivers\usbaudio.sys
- 2004-08-04 12:00:00 23,808 -c--a-w c:\windows\system32\drivers\usbcamd.sys
+ 2008-04-13 18:45:40 25,600 ----a-w c:\windows\system32\drivers\usbcamd.sys
- 2004-08-04 12:00:00 23,936 -c--a-w c:\windows\system32\drivers\usbcamd2.sys
+ 2008-04-13 18:45:41 25,728 ----a-w c:\windows\system32\drivers\usbcamd2.sys
- 2004-08-03 13:08:48 31,616 ----a-w c:\windows\system32\drivers\usbccgp.sys
+ 2008-04-13 18:45:39 32,128 ----a-w c:\windows\system32\drivers\usbccgp.sys
- 2004-08-04 12:00:00 26,624 ----a-w c:\windows\system32\drivers\usbehci.sys
+ 2008-04-13 18:45:35 30,208 ----a-w c:\windows\system32\drivers\usbehci.sys
- 2004-08-04 12:00:00 57,600 ----a-w c:\windows\system32\drivers\usbhub.sys
+ 2008-04-13 18:45:37 59,520 ----a-w c:\windows\system32\drivers\usbhub.sys
- 2004-08-04 12:00:00 16,000 -c--a-w c:\windows\system32\drivers\usbintel.sys
+ 2008-04-13 18:45:43 15,872 ----a-w c:\windows\system32\drivers\usbintel.sys
- 2004-08-04 12:00:00 17,024 ----a-w c:\windows\system32\drivers\usbohci.sys
+ 2008-04-13 18:45:35 17,152 ----a-w c:\windows\system32\drivers\usbohci.sys
- 2004-08-04 12:00:00 142,976 ----a-w c:\windows\system32\drivers\usbport.sys
+ 2008-04-13 18:45:36 143,872 ----a-w c:\windows\system32\drivers\usbport.sys
- 2004-08-03 12:01:26 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
+ 2008-04-13 18:47:37 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
- 2004-08-03 11:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
+ 2008-04-13 18:45:34 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
- 2004-08-03 12:08:48 26,496 ----a-w c:\windows\system32\drivers\USBSTOR.SYS
+ 2008-04-13 18:45:38 26,368 ----a-w c:\windows\system32\drivers\usbstor.sys
- 2004-08-03 13:08:38 20,480 ----a-w c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 18:45:35 20,608 ----a-w c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-13 18:46:20 121,984 ----a-w c:\windows\system32\drivers\usbvideo.sys
+ 2008-04-14 00:12:08 11,325 ----a-w c:\windows\system32\drivers\vchnt5.dll
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\drivers\vga.sys
+ 2008-04-13 18:44:40 20,992 ----a-w c:\windows\system32\drivers\vga.sys
+ 2008-04-13 18:36:40 42,240 ----a-w c:\windows\system32\drivers\viaagp.sys
- 2004-08-04 12:00:00 79,744 ----a-w c:\windows\system32\drivers\videoprt.sys
+ 2008-04-13 18:44:40 81,664 ----a-w c:\windows\system32\drivers\videoprt.sys
- 2004-08-04 12:00:00 52,352 ----a-w c:\windows\system32\drivers\volsnap.sys
+ 2008-04-13 18:41:01 52,352 ----a-w c:\windows\system32\drivers\volsnap.sys
+ 2008-04-13 18:43:55 14,208 ----a-w c:\windows\system32\drivers\wacompen.sys
+ 2004-08-03 12:29:40 11,807 ----a-w c:\windows\system32\drivers\wadv07nt.sys
+ 2004-08-03 12:29:40 11,295 ----a-w c:\windows\system32\drivers\wadv08nt.sys
+ 2004-08-03 12:29:42 11,871 ----a-w c:\windows\system32\drivers\wadv09nt.sys
+ 2004-08-03 12:29:42 11,935 ----a-w c:\windows\system32\drivers\wadv11nt.sys
- 2004-08-04 12:00:00 34,560 ----a-w c:\windows\system32\drivers\wanarp.sys
+ 2008-04-13 18:57:21 34,560 ----a-w c:\windows\system32\drivers\wanarp.sys
+ 2004-08-03 12:29:46 22,271 ----a-w c:\windows\system32\drivers\watv06nt.sys
+ 2004-08-03 12:29:46 25,471 ----a-w c:\windows\system32\drivers\watv10nt.sys
- 2006-06-14 09:00:45 82,944 ----a-w c:\windows\system32\drivers\wdmaud.sys
+ 2008-04-13 19:17:18 83,072 ----a-w c:\windows\system32\drivers\wdmaud.sys
- 2004-08-04 12:00:00 299,520 ----a-w c:\windows\system32\drmclien.dll
+ 2008-04-14 00:13:00 299,520 ----a-w c:\windows\system32\drmclien.dll
- 2004-08-04 12:00:00 87,040 ----a-w c:\windows\system32\drmstor.dll
+ 2008-04-14 00:11:52 87,040 ----a-w c:\windows\system32\drmstor.dll
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\drprov.dll
+ 2008-04-14 00:11:52 14,336 ----a-w c:\windows\system32\drprov.dll
+ 2008-04-17 03:12:54 107,368 -c--a-w c:\windows\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspi.dll
+ 2008-04-17 03:12:54 15,464 -c--a-w c:\windows\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys
+ 2008-10-01 02:01:28 32,000 -c--a-w c:\windows\system32\DRVSTORE\usbaapl_246F92BBD6449C86FC3F3F28C40D59AC1F69C558\usbaapl.sys
- 2004-08-04 12:00:00 16,384 -c--a-w c:\windows\system32\ds32gt.dll
+ 2008-04-14 00:11:52 16,384 ----a-w c:\windows\system32\ds32gt.dll
- 2004-08-04 12:00:00 181,760 ----a-w c:\windows\system32\dsdmo.dll
+ 2008-04-14 00:11:52 181,248 ----a-w c:\windows\system32\dsdmo.dll
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\dsdmoprp.dll
+ 2008-04-14 00:11:52 71,680 ----a-w c:\windows\system32\dsdmoprp.dll
- 2004-08-04 12:00:00 92,672 ----a-w c:\windows\system32\dskquota.dll
+ 2008-04-14 00:11:52 92,672 ----a-w c:\windows\system32\dskquota.dll
- 2004-08-04 12:00:00 144,384 ----a-w c:\windows\system32\dskquoui.dll
+ 2008-04-14 00:11:52 155,648 ----a-w c:\windows\system32\dskquoui.dll
- 2004-08-04 12:00:00 367,616 ----a-w c:\windows\system32\dsound.dll
+ 2008-04-14 00:11:52 367,616 ----a-w c:\windows\system32\dsound.dll
- 2004-08-04 12:00:00 1,294,336 -c--a-w c:\windows\system32\dsound3d.dll
+ 2008-04-14 00:11:52 1,293,824 ----a-w c:\windows\system32\dsound3d.dll
- 2004-08-04 12:00:00 142,336 ----a-w c:\windows\system32\dsprop.dll
+ 2008-04-14 00:11:52 142,848 ----a-w c:\windows\system32\dsprop.dll
- 2004-08-04 12:00:00 4,096 -c--a-w c:\windows\system32\dsprpres.dll
+ 2008-04-13 17:09:30 4,096 ----a-w c:\windows\system32\dsprpres.dll
- 2004-08-04 12:00:00 239,104 ----a-w c:\windows\system32\dsquery.dll
+ 2008-04-14 00:11:52 239,104 ----a-w c:\windows\system32\dsquery.dll
- 2004-08-04 12:00:00 51,200 ----a-w c:\windows\system32\dssec.dll
+ 2008-04-14 00:11:52 51,200 ----a-w c:\windows\system32\dssec.dll
- 2004-08-04 12:00:00 137,216 ----a-w c:\windows\system32\dssenh.dll
+ 2008-04-13 17:37:57 138,752 ----a-w c:\windows\system32\dssenh.dll
- 2004-08-04 12:00:00 113,152 ----a-w c:\windows\system32\dsuiext.dll
+ 2008-04-14 00:11:52 113,152 ----a-w c:\windows\system32\dsuiext.dll
- 2004-08-04 12:00:00 19,456 ----a-w c:\windows\system32\dswave.dll
+ 2008-04-14 00:11:52 19,456 ----a-w c:\windows\system32\dswave.dll
+ 2008-07-25 08:34:52 196,608 ----a-w c:\windows\system32\dtu100.dll
- 2004-08-04 12:00:00 10,752 ----a-w c:\windows\system32\dumprep.exe
+ 2008-04-14 00:12:18 10,752 ----a-w c:\windows\system32\dumprep.exe
- 2004-08-04 12:00:00 304,128 ----a-w c:\windows\system32\duser.dll
+ 2008-04-14 00:11:52 304,128 ----a-w c:\windows\system32\duser.dll
- 2004-08-04 12:00:00 17,920 -c--a-w c:\windows\system32\dvdupgrd.exe
+ 2008-04-14 00:12:18 17,920 ----a-w c:\windows\system32\dvdupgrd.exe
- 2004-08-04 12:00:00 180,224 ----a-w c:\windows\system32\dwwin.exe
+ 2008-04-14 00:12:18 180,224 ----a-w c:\windows\system32\dwwin.exe
- 2004-08-04 12:00:00 619,008 ----a-w c:\windows\system32\dx7vb.dll
+ 2008-04-14 00:11:52 619,008 ----a-w c:\windows\system32\dx7vb.dll
- 2004-08-04 12:00:00 1,227,264 ----a-w c:\windows\system32\dx8vb.dll
+ 2008-04-14 00:11:52 1,227,264 ----a-w c:\windows\system32\dx8vb.dll
- 2004-08-04 12:00:00 1,298,432 -c--a-w c:\windows\system32\dxdiag.exe
+ 2008-04-14 00:12:18 1,298,432 ----a-w c:\windows\system32\dxdiag.exe
- 2004-08-04 12:00:00 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll
+ 2008-04-14 00:11:52 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll
- 2006-08-21 18:05:26 498,742 ----a-w c:\windows\system32\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ----a-w c:\windows\system32\dxmasf.dll
- 2008-04-23 04:16:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-04-23 04:16:28 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ----a-w c:\windows\system32\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ----a-w c:\windows\system32\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ----a-w c:\windows\system32\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ----a-w c:\windows\system32\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ----a-w c:\windows\system32\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ----a-w c:\windows\system32\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ----a-w c:\windows\system32\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ----a-w c:\windows\system32\eapsvc.dll
- 2004-08-04 12:00:00 183,296 ----a-w c:\windows\system32\els.dll
+ 2008-04-14 00:11:53 183,296 ----a-w c:\windows\system32\els.dll
+ 2008-04-14 00:11:57 28,672 ----a-w c:\windows\system32\en\microsoft.managementconsole.resources.dll
+ 2008-04-14 00:11:57 40,960 ----a-w c:\windows\system32\en\mmcex.resources.dll
+ 2008-04-14 00:11:57 6,656 ----a-w c:\windows\system32\en\mmcfxcommon.resources.dll
- 2004-08-04 12:00:00 20,480 ----a-w c:\windows\system32\encapi.dll
+ 2008-04-14 00:11:53 20,480 ----a-w c:\windows\system32\encapi.dll
- 2004-08-04 12:00:00 186,368 ----a-w c:\windows\system32\encdec.dll
+ 2008-04-14 00:11:53 186,880 ----a-w c:\windows\system32\encdec.dll
- 2004-08-04 12:00:00 23,040 ----a-w c:\windows\system32\ersvc.dll
+ 2008-04-14 00:11:53 23,040 ----a-w c:\windows\system32\ersvc.dll
- 2005-07-26 04:39:45 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\system32\es.dll
- 2005-10-20 22:20:03 1,082,368 ----a-w c:\windows\system32\esent.dll
+ 2008-04-14 00:11:53 1,082,368 ----a-w c:\windows\system32\esent.dll
- 2004-08-04 12:00:00 193,024 -c--a-w c:\windows\system32\eudcedit.exe
+ 2008-04-14 00:12:19 193,024 ----a-w c:\windows\system32\eudcedit.exe
- 2004-08-04 12:00:00 55,808 ----a-w c:\windows\system32\eventlog.dll
+ 2008-04-14 00:11:53 56,320 ----a-w c:\windows\system32\eventlog.dll
- 2004-08-04 12:00:00 380,957 -c--a-w c:\windows\system32\expsrv.dll
+ 2008-04-14 00:11:53 380,445 ----a-w c:\windows\system32\expsrv.dll
- 2008-04-23 04:16:28 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-08-26 07:24:28 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2004-08-04 12:00:00 45,568 -c--a-w c:\windows\system32\extrac32.exe
+ 2008-04-14 00:12:19 24,064 ----a-w c:\windows\system32\extrac32.exe
- 2004-08-04 12:00:00 121,856 ----a-w c:\windows\system32\exts.dll
+ 2008-04-14 00:11:53 125,952 ----a-w c:\windows\system32\exts.dll
- 2004-08-04 12:00:00 80,384 ----a-w c:\windows\system32\faultrep.dll
+ 2008-04-14 00:11:53 80,384 ----a-w c:\windows\system32\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ----a-w c:\windows\system32\faxpatch.exe
- 2004-08-04 12:00:00 21,504 -c--a-w c:\windows\system32\feclient.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\feclient.dll
- 2004-08-04 12:00:00 337,920 ----a-w c:\windows\system32\filemgmt.dll
+ 2008-04-14 00:11:53 337,920 ----a-w c:\windows\system32\filemgmt.dll
- 2004-08-04 12:00:00 27,136 -c--a-w c:\windows\system32\findstr.exe
+ 2008-04-14 00:12:20 27,136 ----a-w c:\windows\system32\findstr.exe
- 2004-08-04 12:00:00 87,552 ----a-w c:\windows\system32\fldrclnr.dll
+ 2008-04-14 00:11:53 87,552 ----a-w c:\windows\system32\fldrclnr.dll
- 2006-08-21 12:21:06 16,896 ----a-w c:\windows\system32\fltlib.dll
+ 2008-04-14 00:11:53 16,896 ----a-w c:\windows\system32\fltlib.dll
- 2006-08-21 09:14:58 23,040 ----a-w c:\windows\system32\fltmc.exe
+ 2008-04-14 00:12:20 23,040 ----a-w c:\windows\system32\fltmc.exe
- 2003-08-02 23:56:16 1,146,184 ----a-w c:\windows\system32\FM20.DLL
+ 2007-08-22 15:03:38 1,195,888 ----a-w c:\windows\system32\FM20.DLL
- 2003-07-14 11:57:04 32,584 ----a-w c:\windows\system32\FM20ENU.DLL
+ 2006-10-26 04:10:06 33,088 ----a-w c:\windows\system32\FM20ENU.DLL
- 2008-06-15 22:41:36 224,816 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-07 07:34:00 286,112 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2004-08-04 12:00:00 382,976 ----a-w c:\windows\system32\fontext.dll
+ 2008-04-14 00:11:53 382,976 ----a-w c:\windows\system32\fontext.dll
- 2005-10-17 21:14:45 80,896 -c--a-w c:\windows\system32\fontsub.dll
+ 2008-04-14 00:11:53 80,896 ----a-w c:\windows\system32\fontsub.dll
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\system32\fontview.exe
+ 2008-04-14 00:12:20 20,992 ----a-w c:\windows\system32\fontview.exe
- 2004-08-04 12:00:00 7,168 -c--a-w c:\windows\system32\forcedos.exe
+ 2008-04-14 00:12:20 7,680 ----a-w c:\windows\system32\forcedos.exe
- 2004-08-04 12:00:00 25,600 -c--a-w c:\windows\system32\format.com
+ 2008-04-14 00:12:42 29,696 ----a-w c:\windows\system32\format.com
- 2004-08-04 12:00:00 9,344 -c--a-w c:\windows\system32\framebuf.dll
+ 2008-04-14 00:09:33 9,344 ----a-w c:\windows\system32\framebuf.dll
- 2004-08-04 12:00:00 193,024 -c--a-w c:\windows\system32\fsquirt.exe
+ 2008-04-14 00:12:20 193,024 ----a-w c:\windows\system32\fsquirt.exe
- 2004-08-04 12:00:00 42,496 -c--a-w c:\windows\system32\ftp.exe
+ 2008-04-14 00:12:20 42,496 ----a-w c:\windows\system32\ftp.exe
- 2004-08-04 12:00:00 60,416 -c--a-w c:\windows\system32\fwcfg.dll
+ 2008-04-14 00:11:53 60,416 ----a-w c:\windows\system32\fwcfg.dll
- 2008-02-20 06:51:05 282,624 ----a-w c:\windows\system32\gdi32.dll
+ 2008-04-14 00:11:54 285,184 ----a-w c:\windows\system32\gdi32.dll
- 2008-01-29 02:02:30 107,368 ----a-w c:\windows\system32\GEARAspi.dll
+ 2008-04-17 03:12:54 107,368 ----a-w c:\windows\system32\GEARAspi.dll
- 2004-08-04 12:00:00 122,880 ----a-w c:\windows\system32\glu32.dll
+ 2008-04-14 00:11:54 122,880 ----a-w c:\windows\system32\glu32.dll
- 2004-08-04 12:00:00 9,728 -c--a-w c:\windows\system32\gpkrsrc.dll
+ 2006-12-31 01:26:44 9,728 ----a-w c:\windows\system32\gpkrsrc.dll
- 2004-08-04 12:00:00 39,424 -c--a-w c:\windows\system32\grpconv.exe
+ 2008-04-14 00:12:21 39,424 ----a-w c:\windows\system32\grpconv.exe
- 2004-08-04 12:00:00 614,912 ----a-w c:\windows\system32\h323msp.dll
+ 2008-04-14 00:11:54 614,912 ----a-w c:\windows\system32\h323msp.dll
- 2004-08-04 12:00:00 131,968 -c--a-w c:\windows\system32\hal.dll
+ 2008-04-13 18:31:28 131,840 ----a-w c:\windows\system32\HAL.DLL
- 2004-08-04 12:00:00 7,168 -c--a-w c:\windows\system32\hccoin.dll
+ 2008-04-14 00:11:54 7,168 ----a-w c:\windows\system32\hccoin.dll
- 2004-08-04 12:00:00 14,848 -c--a-w c:\windows\system32\help.exe
+ 2008-04-14 00:12:21 15,872 ----a-w c:\windows\system32\help.exe
- 2005-05-27 02:04:27 41,472 ----a-w c:\windows\system32\hhsetup.dll
+ 2008-04-14 00:11:54 41,472 ----a-w c:\windows\system32\hhsetup.dll
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\hid.dll
+ 2008-04-14 00:11:54 20,992 ----a-w c:\windows\system32\hid.dll
- 2006-07-21 08:24:43 72,704 ----a-w c:\windows\system32\hlink.dll
+ 2008-04-14 00:11:54 72,704 ----a-w c:\windows\system32\hlink.dll
- 2004-08-04 12:00:00 344,064 ----a-w c:\windows\system32\hnetcfg.dll
+ 2008-04-14 00:11:54 344,064 ----a-w c:\windows\system32\hnetcfg.dll
- 2004-08-04 12:00:00 330,752 ----a-w c:\windows\system32\hnetwiz.dll
+ 2008-04-14 00:11:54 330,752 ----a-w c:\windows\system32\hnetwiz.dll
- 2004-08-04 12:00:00 144,896 ----a-w c:\windows\system32\hotplug.dll
+ 2008-04-14 00:11:54 144,896 ----a-w c:\windows\system32\hotplug.dll
+ 2008-04-14 00:11:54 32,285 ----a-w c:\windows\system32\hsfcisp2.dll
- 2004-08-04 12:00:00 24,576 -c--a-w c:\windows\system32\httpapi.dll
+ 2008-04-14 00:11:54 24,576 ----a-w c:\windows\system32\httpapi.dll
- 2004-08-04 12:00:00 41,984 -c--a-w c:\windows\system32\htui.dll
+ 2008-04-14 00:11:54 41,984 ----a-w c:\windows\system32\htui.dll
- 2004-11-17 17:41:24 347,136 ----a-w c:\windows\system32\hypertrm.dll
+ 2008-04-14 00:11:54 347,136 ----a-w c:\windows\system32\hypertrm.dll
- 2004-08-04 12:00:00 119,808 ----a-w c:\windows\system32\iasrad.dll
+ 2008-04-14 00:11:54 119,808 ----a-w c:\windows\system32\iasrad.dll
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\icaapi.dll
+ 2008-04-14 00:11:54 11,264 ----a-w c:\windows\system32\icaapi.dll
- 2008-04-23 04:16:28 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-08-26 07:24:28 63,488 ----a-w c:\windows\system32\icardie.dll
- 2004-08-04 12:00:00 80,384 ----a-w c:\windows\system32\iccvid.dll
+ 2008-04-14 00:11:54 80,384 ----a-w c:\windows\system32\iccvid.dll
- 2005-06-29 01:46:00 254,976 ----a-w c:\windows\system32\icm32.dll
+ 2008-04-14 00:11:54 254,976 ----a-w c:\windows\system32\icm32.dll
- 2004-08-04 12:00:00 3,584 ----a-w c:\windows\system32\icmp.dll
+ 2008-04-14 00:09:40 3,584 ----a-w c:\windows\system32\icmp.dll
- 2004-08-04 12:00:00 73,728 -c--a-w c:\windows\system32\icwdial.dll
+ 2008-04-14 00:11:54 73,728 ----a-w c:\windows\system32\icwdial.dll
- 2004-08-04 12:00:00 65,536 -c--a-w c:\windows\system32\icwphbk.dll
+ 2008-04-14 00:11:54 65,536 ----a-w c:\windows\system32\icwphbk.dll
- 2004-08-04 12:00:00 120,832 -c--a-w c:\windows\system32\idq.dll
+ 2008-04-14 00:11:54 120,832 ----a-w c:\windows\system32\idq.dll
- 2008-04-22 07:39:58 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-04-23 04:16:28 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-04-23 04:16:28 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-04-20 05:07:51 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-04-23 04:16:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-04-23 04:16:28 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2007-08-13 08:45:18 78,336 ----a-w c:\windows\system32\ieencode.dll
+ 2008-04-14 00:11:54 81,920 ----a-w c:\windows\system32\ieencode.dll
- 2008-04-23 04:16:28 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-04-23 04:16:28 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-08-26 07:24:29 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-04-23 04:16:28 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-08-26 07:24:29 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-04-22 07:39:58 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2004-08-04 12:00:00 114,688 -c--a-w c:\windows\system32\iexpress.exe
+ 2008-04-14 00:12:22 114,688 ----a-w c:\windows\system32\iexpress.exe
- 2004-08-04 12:00:00 135,680 -c--a-w c:\windows\system32\ifmon.dll
+ 2008-04-14 00:11:54 135,680 ----a-w c:\windows\system32\ifmon.dll
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\igmpagnt.dll
+ 2008-04-14 00:11:54 8,192 ----a-w c:\windows\system32\igmpagnt.dll
- 2004-08-04 12:00:00 81,920 ----a-w c:\windows\system32\ils.dll
+ 2008-04-14 00:11:54 81,920 ----a-w c:\windows\system32\ils.dll
- 2004-08-04 12:00:00 144,384 ----a-w c:\windows\system32\imagehlp.dll
+ 2008-04-14 00:11:54 144,384 ----a-w c:\windows\system32\imagehlp.dll
- 2004-08-04 12:00:00 150,016 ----a-w c:\windows\system32\imapi.exe
+ 2008-04-14 00:12:22 150,528 ----a-w c:\windows\system32\imapi.exe
- 2004-08-04 12:00:00 36,921 -c--a-w c:\windows\system32\imeshare.dll
+ 2008-04-14 00:11:54 36,921 ----a-w c:\windows\system32\imeshare.dll
- 2004-08-04 12:00:00 110,080 ----a-w c:\windows\system32\imm32.dll
+ 2008-04-14 00:11:54 110,080 ----a-w c:\windows\system32\imm32.dll
- 2004-08-04 12:00:00 274,432 ----a-w c:\windows\system32\inetcfg.dll
+ 2008-04-14 00:11:54 274,432 ----a-w c:\windows\system32\inetcfg.dll
- 2007-08-21 06:15:44 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w c:\windows\system32\inetcomm.dll
- 2004-08-04 12:00:00 33,280 -c--a-w c:\windows\system32\inetmib1.dll
+ 2008-04-14 00:11:55 32,768 ----a-w c:\windows\system32\inetmib1.dll
- 2004-08-04 12:00:00 75,264 ----a-w c:\windows\system32\inetpp.dll
+ 2008-04-14 00:11:55 75,264 ----a-w c:\windows\system32\inetpp.dll
- 2004-08-04 12:00:00 15,872 -c--a-w c:\windows\system32\inetppui.dll
+ 2008-04-14 00:11:55 15,872 ----a-w c:\windows\system32\inetppui.dll
- 2004-08-04 12:00:00 48,128 -c--a-w c:\windows\system32\inetres.dll
+ 2008-04-13 16:22:12 48,128 ----a-w c:\windows\system32\inetres.dll
- 2004-08-04 12:00:00 147,456 -c--a-w c:\windows\system32\initpki.dll
+ 2008-04-14 00:11:55 147,456 ----a-w c:\windows\system32\initpki.dll
- 2002-08-20 18:10:16 204,800 ----a-w c:\windows\system32\INKED.DLL
+ 2006-10-26 03:45:04 207,360 ----a-w c:\windows\system32\INKED.DLL
- 2004-08-04 12:00:00 123,392 -c--a-w c:\windows\system32\input.dll
+ 2008-04-14 00:11:55 123,392 ----a-w c:\windows\system32\input.dll
- 2004-08-04 12:00:00 55,808 -c--a-w c:\windows\system32\ipconfig.exe
+ 2008-04-14 00:12:22 55,808 ----a-w c:\windows\system32\ipconfig.exe
- 2006-05-19 12:59:41 94,720 ----a-w c:\windows\system32\iphlpapi.dll
+ 2008-04-14 00:11:55 94,720 ----a-w c:\windows\system32\iphlpapi.dll
- 2004-08-04 12:00:00 154,112 -c--a-w c:\windows\system32\ipmontr.dll
+ 2008-04-14 00:11:55 161,280 ----a-w c:\windows\system32\ipmontr.dll
- 2004-08-04 12:00:00 331,264 ----a-w c:\windows\system32\ipnathlp.dll
+ 2008-04-14 00:11:55 331,264 ----a-w c:\windows\system32\ipnathlp.dll
- 2004-08-04 12:00:00 330,752 -c--a-w c:\windows\system32\ippromon.dll
+ 2008-04-14 00:11:55 330,752 ----a-w c:\windows\system32\ippromon.dll
- 2004-08-04 12:00:00 169,984 -c--a-w c:\windows\system32\iprtrmgr.dll
+ 2008-04-14 00:11:55 177,152 ----a-w c:\windows\system32\iprtrmgr.dll
- 2004-08-04 12:00:00 349,696 ----a-w c:\windows\system32\ipsecsnp.dll
+ 2008-04-14 00:11:55 349,696 ----a-w c:\windows\system32\ipsecsnp.dll
- 2004-08-04 12:00:00 182,784 ----a-w c:\windows\system32\ipsecsvc.dll
+ 2008-04-14 00:11:55 183,808 ----a-w c:\windows\system32\ipsecsvc.dll
- 2004-08-04 12:00:00 384,000 ----a-w c:\windows\system32\ipsmsnap.dll
+ 2008-04-14 00:11:55 384,000 ----a-w c:\windows\system32\ipsmsnap.dll
- 2004-08-04 12:00:00 53,248 -c--a-w c:\windows\system32\ipv6.exe
+ 2008-04-14 00:12:23 53,248 ----a-w c:\windows\system32\ipv6.exe
- 2004-08-04 12:00:00 59,904 -c--a-w c:\windows\system32\ipv6mon.dll
+ 2008-04-14 00:11:55 59,904 ----a-w c:\windows\system32\ipv6mon.dll
- 2004-08-04 12:00:00 23,552 -c--a-w c:\windows\system32\ipxroute.exe
+ 2008-04-14 00:12:23 23,552 ----a-w c:\windows\system32\ipxroute.exe
- 2004-08-04 12:00:00 20,992 -c--a-w c:\windows\system32\ipxwan.dll
+ 2008-04-14 00:11:55 22,016 ----a-w c:\windows\system32\ipxwan.dll
- 2004-08-04 12:00:00 120,320 -c--a-w c:\windows\system32\ir41_qc.dll
+ 2008-04-14 00:11:55 120,320 ----a-w c:\windows\system32\ir41_qc.dll
- 2004-08-04 12:00:00 338,432 -c--a-w c:\windows\system32\ir41_qcx.dll
+ 2008-04-14 00:11:55 338,432 ----a-w c:\windows\system32\ir41_qcx.dll
- 2004-08-04 12:00:00 755,200 ----a-w c:\windows\system32\ir50_32.dll
+ 2008-04-14 00:11:55 755,200 ----a-w c:\windows\system32\ir50_32.dll
- 2004-08-04 12:00:00 200,192 -c--a-w c:\windows\system32\ir50_qc.dll
+ 2008-04-14 00:11:55 200,192 ----a-w c:\windows\system32\ir50_qc.dll
- 2004-08-04 12:00:00 183,808 -c--a-w c:\windows\system32\ir50_qcx.dll
+ 2008-04-14 00:11:55 183,808 ----a-w c:\windows\system32\ir50_qcx.dll
- 2004-08-04 12:00:00 81,920 -c--a-w c:\windows\system32\isign32.dll
+ 2008-04-14 00:11:55 81,920 ----a-w c:\windows\system32\isign32.dll
- 2004-08-04 12:00:00 32,768 -c--a-w c:\windows\system32\isrdbg32.dll
+ 2008-04-14 00:11:55 32,768 ----a-w c:\windows\system32\isrdbg32.dll
- 2005-05-27 02:04:27 155,136 ----a-w c:\windows\system32\itircl.dll
+ 2008-04-14 00:11:55 155,136 ----a-w c:\windows\system32\itircl.dll
- 2005-05-27 02:04:27 137,216 ----a-w c:\windows\system32\itss.dll
+ 2008-04-14 00:11:55 138,240 ----a-w c:\windows\system32\itss.dll
- 2004-08-04 12:00:00 54,272 ----a-w c:\windows\system32\ixsso.dll
+ 2008-04-14 00:11:55 54,272 ----a-w c:\windows\system32\ixsso.dll
- 2004-08-04 12:00:00 47,616 ----a-w c:\windows\system32\iyuv_32.dll
+ 2008-04-14 00:11:55 47,616 ----a-w c:\windows\system32\iyuv_32.dll
- 2008-02-21 15:23:35 135,168 ----a-w c:\windows\system32\java.exe
+ 2008-06-09 14:21:01 135,168 ----a-w c:\windows\system32\java.exe
- 2008-02-21 15:23:39 135,168 ----a-w c:\windows\system32\javaw.exe
+ 2008-06-09 14:21:04 135,168 ----a-w c:\windows\system32\javaw.exe
- 2008-02-21 16:33:32 139,264 ----a-w c:\windows\system32\javaws.exe
+ 2008-06-09 15:32:34 139,264 ----a-w c:\windows\system32\javaws.exe
- 2006-06-01 18:47:07 163,840 ----a-w c:\windows\system32\jgdw400.dll
+ 2008-04-14 00:11:55 163,840 ----a-w c:\windows\system32\jgdw400.dll
- 2006-06-01 18:47:07 27,648 ----a-w c:\windows\system32\jgpl400.dll
+ 2008-04-14 00:11:55 27,648 ----a-w c:\windows\system32\jgpl400.dll
- 2007-08-13 08:38:04 491,520 ----a-w c:\windows\system32\jscript.dll
+ 2008-05-09 10:53:39 512,000 ----a-w c:\windows\system32\jscript.dll
- 2008-04-23 04:16:28 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdbhc.dll
- 2004-08-04 12:00:00 7,168 -c--a-w c:\windows\system32\kbdfi1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdfi1.dll
- 2004-08-04 12:00:00 6,144 -c--a-w c:\windows\system32\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdinbe1.dll
- 2004-08-04 12:00:00 6,656 -c--a-w c:\windows\system32\kbdinben.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdinben.dll
- 2004-08-04 12:00:00 6,656 -c--a-w c:\windows\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,656 ----a-w c:\windows\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdiultn.dll
- 2004-08-04 12:00:00 5,632 -c--a-w c:\windows\system32\kbdmaori.dll
+ 2008-04-14 00:09:55 5,632 ----a-w c:\windows\system32\kbdmaori.dll
- 2004-08-04 12:00:00 6,144 -c--a-w c:\windows\system32\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt47.dll
- 2004-08-04 12:00:00 6,144 -c--a-w c:\windows\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
- 2004-08-04 12:00:00 7,168 -c--a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdnepr.dll
- 2004-08-04 12:00:00 7,168 -c--a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdpash.dll
- 2004-08-04 12:00:00 7,680 -c--a-w c:\windows\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
- 2004-08-04 12:00:00 7,680 -c--a-w c:\windows\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
- 2004-08-04 12:00:00 7,168 -c--a-w c:\windows\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdukx.dll
- 2004-08-04 12:00:00 7,424 -c--a-w c:\windows\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w c:\windows\system32\kd1394.dll
- 2005-06-15 17:49:30 295,936 ----a-w c:\windows\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w c:\windows\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w c:\windows\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w c:\windows\system32\kernel32.dll
- 2004-08-04 12:00:00 150,528 -c--a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ----a-w c:\windows\system32\kmsvc.dll
- 2004-08-03 14:56:44 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ----a-w c:\windows\system32\l2gpstore.dll
+ 2008-07-23 16:48:40 1,044,480 ----a-w c:\windows\system32\libdivx.dll
- 2004-08-04 12:00:00 423,936 ----a-w c:\windows\system32\licdll.dll
+ 2008-04-13 19:41:58 423,936 ----a-w c:\windows\system32\licdll.dll
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w c:\windows\system32\licwmi.dll
- 2005-09-01 01:41:53 19,968 ----a-w c:\windows\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\linkinfo.dll
- 2004-08-04 12:00:00 13,824 ----a-w c:\windows\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w c:\windows\system32\lmhsvc.dll
- 2004-08-04 12:00:00 399,872 ----a-w c:\windows\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w c:\windows\system32\lmrt.dll
- 2004-08-04 12:00:00 97,280 ----a-w c:\windows\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w c:\windows\system32\loadperf.dll
- 2004-08-04 12:00:00 221,696 ----a-w c:\windows\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w c:\windows\system32\localsec.dll
- 2004-08-04 12:00:00 341,504 ----a-w c:\windows\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w c:\windows\system32\localspl.dll
- 2004-08-04 12:00:00 11,776 -c--a-w c:\windows\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w c:\windows\system32\localui.dll
- 2004-08-04 12:00:00 75,264 ----a-w c:\windows\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w c:\windows\system32\locator.exe
- 2004-08-04 12:00:00 59,392 -c--a-w c:\windows\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ----a-w c:\windows\system32\logman.exe
- 2004-08-04 12:00:00 220,672 ----a-w c:\windows\system32\logon.scr
+ 2008-04-14 00:12:43 220,672 ----a-w c:\windows\system32\logon.scr
- 2004-08-04 12:00:00 514,560 ----a-w c:\windows\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w c:\windows\system32\logonui.exe
- 2004-08-04 12:00:00 22,016 -c--a-w c:\windows\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w c:\windows\system32\lpk.dll
- 2004-08-04 12:00:00 10,240 -c--a-w c:\windows\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w c:\windows\system32\lprhelp.dll
- 2007-11-07 09:26:56 721,920 ----a-w c:\windows\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w c:\windows\system32\lsasrv.dll
- 2004-08-04 12:00:00 13,312 ----a-w c:\windows\system32\lsass.exe
+ 2008-04-14 00:12:24 13,312 ----a-w c:\windows\system32\lsass.exe
+ 2007-02-20 05:34:06 190,696 ----a-w c:\windows\system32\Macromed\Flash\FlashUtil9c.exe
- 2007-06-11 20:34:34 2,115,816 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2007-02-20 06:04:02 2,463,976 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2007-06-11 20:34:40 190,696 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2007-02-20 06:04:04 190,696 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2004-08-04 12:00:00 72,704 -c--a-w c:\windows\system32\magnify.exe
+ 2008-04-14 00:12:24 72,704 ----a-w c:\windows\system32\magnify.exe
- 2004-08-04 12:00:00 85,504 -c--a-w c:\windows\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w c:\windows\system32\makecab.exe
- 2004-08-04 12:00:00 14,848 -c--a-w c:\windows\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w c:\windows\system32\mcastmib.dll
- 2004-08-04 12:00:00 84,480 -c--a-w c:\windows\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w c:\windows\system32\mciavi32.dll
- 2004-08-04 12:00:00 35,328 -c--a-w c:\windows\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w c:\windows\system32\mciqtz32.dll
- 2004-08-04 12:00:00 23,040 -c--a-w c:\windows\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w c:\windows\system32\mciseq.dll
- 2004-08-04 12:00:00 23,552 -c--a-w c:\windows\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w c:\windows\system32\mciwave.dll
- 2004-08-04 12:00:00 118,272 ----a-w c:\windows\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w c:\windows\system32\mdminst.dll
+ 2008-04-14 00:11:56 86,016 ----a-w c:\windows\system32\mdmxsdk.dll
- 2007-03-08 15:36:28 40,960 ----a-w c:\windows\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w c:\windows\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 ----a-w c:\windows\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w c:\windows\system32\mfc40u.dll
- 2004-08-04 12:00:00 1,028,096 ----a-w c:\windows\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w c:\windows\system32\mfc42.dll
- 2004-08-04 12:00:00 22,528 ----a-w c:\windows\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w c:\windows\system32\mfcsubs.dll
- 2004-08-04 12:00:00 14,848 -c--a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ----a-w c:\windows\system32\microsoft.managementconsole.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w c:\windows\system32\midimap.dll
- 2004-08-04 12:00:00 60,928 -c--a-w c:\windows\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w c:\windows\system32\miglibnt.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w c:\windows\system32\mimefilt.dll
- 2004-08-04 12:00:00 586,240 ----a-w c:\windows\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w c:\windows\system32\mlang.dll
- 2004-08-04 12:00:00 815,104 ----a-w c:\windows\system32\mmc.exe
+ 2008-04-14 00:12:25 1,414,656 ----a-w c:\windows\system32\mmc.exe
- 2004-08-04 12:00:00 70,656 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ----a-w c:\windows\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ----a-w c:\windows\system32\mmcfxcommon.dll
- 2004-08-04 12:00:00 1,192,960 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ----a-w c:\windows\system32\mmcperf.exe
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w c:\windows\system32\mmcshext.dll
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w c:\windows\system32\mmfutil.dll
- 2004-08-04 12:00:00 34,560 -c--a-w c:\windows\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w c:\windows\system32\mnmdd.dll
- 2004-08-04 12:00:00 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
- 2004-08-04 12:00:00 207,360 ----a-w c:\windows\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w c:\windows\system32\mobsync.dll
- 2004-08-04 12:00:00 143,360 ----a-w c:\windows\system32\mobsync.exe
+ 2008-04-14 00:12:26 143,360 ----a-w c:\windows\system32\mobsync.exe
- 2004-08-04 12:00:00 153,600 ----a-w c:\windows\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w c:\windows\system32\modemui.dll
- 2004-08-04 12:00:00 15,872 -c--a-w c:\windows\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w c:\windows\system32\more.com
- 2004-08-04 12:00:00 216,064 -c--a-w c:\windows\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w c:\windows\system32\moricons.dll
- 2004-08-04 12:00:00 123,392 ----a-w c:\windows\system32\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w c:\windows\system32\mplay32.exe
- 2004-08-04 12:00:00 59,904 ----a-w c:\windows\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w c:\windows\system32\mpr.dll
- 2004-08-04 12:00:00 87,040 ----a-w c:\windows\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w c:\windows\system32\mprapi.dll
- 2004-08-04 12:00:00 49,152 ----a-w c:\windows\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w c:\windows\system32\mprdim.dll
- 2008-05-29 23:35:11 17,486,968 -c--a-w c:\windows\system32\MRT.exe
+ 2008-11-04 00:10:26 17,318,336 -c--a-w c:\windows\system32\MRT.exe
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w c:\windows\system32\msacm32.dll
- 2004-08-04 12:00:00 3,584 -c--a-w c:\windows\system32\msafd.dll
+ 2008-04-14 00:10:06 3,584 ----a-w c:\windows\system32\msafd.dll
- 2004-08-04 12:00:00 86,016 -c--a-w c:\windows\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w c:\windows\system32\msapsspc.dll
- 2004-08-04 12:00:00 57,344 ----a-w c:\windows\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w c:\windows\system32\msasn1.dll
- 2005-06-29 01:46:00 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\system32\mscms.dll
- 2004-08-04 12:00:00 69,632 ----a-w c:\windows\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w c:\windows\system32\msconf.dll
- 2004-08-04 12:00:00 12,288 -c--a-w c:\windows\system32\mscpx32r.dLL
+ 2008-04-13 17:26:07 12,288 ----a-w c:\windows\system32\mscpx32r.dll
- 2004-08-04 12:00:00 36,864 -c--a-w c:\windows\system32\mscpxl32.dLL
+ 2008-04-14 00:11:58 36,864 ----a-w c:\windows\system32\mscpxl32.dll
- 2008-02-26 11:59:50 294,912 ----a-w c:\windows\system32\msctf.dll
+ 2008-04-14 00:11:58 297,984 ----a-w c:\windows\system32\msctf.dll
- 2004-08-04 12:00:00 69,120 ----a-w c:\windows\system32\MSCTFP.dll
+ 2008-04-14 00:11:58 68,608 ----a-w c:\windows\system32\msctfp.dll
- 2004-08-04 12:00:00 118,784 -c--a-w c:\windows\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ----a-w c:\windows\system32\msdadiag.dll
- 2004-08-04 12:00:00 151,552 -c--a-w c:\windows\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w c:\windows\system32\msdart.dll
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w c:\windows\system32\msdmo.dll
- 2004-08-04 12:00:00 6,144 ----a-w c:\windows\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w c:\windows\system32\msdtc.exe
- 2004-08-04 12:00:00 58,880 -c--a-w c:\windows\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w c:\windows\system32\msdtclog.dll
- 2006-03-01 19:42:42 426,496 ----a-w c:\windows\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w c:\windows\system32\msdtcprx.dll
- 2006-03-01 19:42:42 956,416 ----a-w c:\windows\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w c:\windows\system32\msdtctm.dll
- 2006-03-01 19:42:42 161,280 ----a-w c:\windows\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w c:\windows\system32\msdtcuiu.dll
- 2004-08-04 12:00:00 4,126 -c--a-w c:\windows\system32\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w c:\windows\system32\msdxmlc.dll
- 2008-04-23 04:16:28 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-04-23 04:16:28 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2006-11-27 14:54:06 539,136 ----a-w c:\windows\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w c:\windows\system32\msftedit.dll
- 2004-08-04 12:00:00 994,304 ----a-w c:\windows\system32\msgina.dll
+ 2008-04-14 00:11:59 997,376 ----a-w c:\windows\system32\msgina.dll
- 2004-08-04 12:00:00 33,792 ----a-w c:\windows\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w c:\windows\system32\msgsvc.dll
- 2004-08-04 12:00:00 188,416 ----a-w c:\windows\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w c:\windows\system32\msh261.drv
- 2004-08-04 12:00:00 294,912 ----a-w c:\windows\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w c:\windows\system32\msh263.drv
- 2008-04-23 12:16:30 3,591,680 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-27 08:24:32 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-04-23 04:16:28 478,208 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2007-04-18 16:12:23 2,854,400 ----a-w c:\windows\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w c:\windows\system32\msi.dll
- 2004-08-04 12:00:00 51,712 ----a-w c:\windows\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w c:\windows\system32\msident.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w c:\windows\system32\msidle.dll
- 2004-08-04 12:00:00 248,832 ----a-w c:\windows\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w c:\windows\system32\msieftp.dll
- 2005-05-04 03:45:36 78,848 ----a-w c:\windows\system32\msiexec.exe
+ 2008-04-14 00:12:28 78,848 ----a-w c:\windows\system32\msiexec.exe
- 2005-05-04 03:45:36 271,360 ----a-w c:\windows\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w c:\windows\system32\msihnd.dll
- 2004-08-04 12:00:00 4,608 ----a-w c:\windows\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w c:\windows\system32\msimg32.dll
- 2005-05-04 03:45:36 884,736 -c--a-w c:\windows\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w c:\windows\system32\msimsg.dll
- 2004-08-04 12:00:00 159,232 ----a-w c:\windows\system32\MSIMTF.dll
+ 2008-04-14 00:11:59 159,232 ----a-w c:\windows\system32\msimtf.dll
- 2005-05-04 03:45:36 15,360 ----a-w c:\windows\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\msisip.dll
- 2008-03-27 08:12:54 151,583 ----a-w c:\windows\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w c:\windows\system32\msjint40.dll
- 2004-08-04 12:00:00 25,088 -c--a-w c:\windows\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w c:\windows\system32\mslbui.dll
- 2004-08-04 12:00:00 290,816 -c--a-w c:\windows\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
- 2004-08-04 12:00:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
- 2004-08-04 12:00:00 105,984 -c--a-w c:\windows\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w c:\windows\system32\msoert2.dll
+ 2006-10-26 09:56:10 32,592 ----a-w c:\windows\system32\msonpmon.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w c:\windows\system32\msorc32r.dll
- 2004-08-04 12:00:00 143,360 -c--a-w c:\windows\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
- 2004-08-04 12:00:00 343,040 ----a-w c:\windows\system32\mspaint.exe
+ 2008-04-14 00:12:28 343,040 ----a-w c:\windows\system32\mspaint.exe
- 2004-08-04 12:00:00 30,208 ----a-w c:\windows\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w c:\windows\system32\mspatcha.dll
- 2004-08-04 12:00:00 48,128 ----a-w c:\windows\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w c:\windows\system32\msprivs.dll
- 2008-04-23 04:16:28 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-08-26 07:24:30 193,024 ----a-w c:\windows\system32\msrating.dll
- 2004-08-04 12:00:00 11,264 ----a-w c:\windows\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w c:\windows\system32\msrle32.dll
- 2004-08-04 12:00:00 134,656 -c--a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ----a-w c:\windows\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ----a-w c:\windows\system32\msshavmsg.dll
- 2004-08-04 12:00:00 274,944 ----a-w c:\windows\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w c:\windows\system32\mstask.dll
- 2008-04-23 04:16:28 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-08-26 07:24:30 671,232 ----a-w c:\windows\system32\mstime.dll
- 2004-08-04 12:00:00 12,288 -c--a-w c:\windows\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w c:\windows\system32\mstinit.exe
- 2004-08-04 12:00:00 115,712 ----a-w c:\windows\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w c:\windows\system32\mstlsapi.dll
- 2004-08-04 12:00:00 407,552 ----a-w c:\windows\system32\mstsc.exe
+ 2008-04-14 00:12:23 677,888 ----a-w c:\windows\system32\mstsc.exe
- 2004-08-04 12:00:00 655,360 ----a-w c:\windows\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w c:\windows\system32\mstscax.dll
- 2004-08-04 12:00:00 195,072 ----a-w c:\windows\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w c:\windows\system32\msutb.dll
- 2004-08-04 12:00:00 129,536 ----a-w c:\windows\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w c:\windows\system32\msv1_0.dll
- 2004-08-04 12:00:00 1,392,671 ----a-w c:\windows\system32\msvbvm60.dll
+ 2008-04-14 00:12:00 1,384,479 ----a-w c:\windows\system32\msvbvm60.dll
- 2004-08-04 12:00:00 54,784 ----a-w c:\windows\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\msvcirt.dll
- 2004-08-04 12:00:00 413,696 ----a-w c:\windows\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w c:\windows\system32\msvcp60.dll
+ 2006-02-24 00:00:00 487,424 ----a-w c:\windows\system32\msvcp70.dll
- 2004-08-04 12:00:00 343,040 ----a-w c:\windows\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w c:\windows\system32\msvcrt.dll
- 2004-08-04 12:00:00 61,440 -c--a-w c:\windows\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w c:\windows\system32\msvcrt40.dll
- 2004-08-04 12:00:00 120,832 ----a-w c:\windows\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w c:\windows\system32\msvfw32.dll
- 2004-08-04 12:00:00 1,428,480 ----a-w c:\windows\system32\msvidctl.dll
+ 2008-04-14 00:12:01 1,428,992 ----a-w c:\windows\system32\msvidctl.dll
- 2004-08-04 12:00:00 72,704 -c--a-w c:\windows\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w c:\windows\system32\msw3prt.dll
- 2004-08-04 12:00:00 204,288 ----a-w c:\windows\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w c:\windows\system32\mswebdvd.dll
- 2004-08-04 12:00:00 245,248 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\system32\mswsock.dll
- 2004-08-04 12:00:00 506,368 ----a-w c:\windows\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w c:\windows\system32\msxml.dll
- 2004-08-04 12:00:00 701,440 ----a-w c:\windows\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w c:\windows\system32\msxml2.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 05:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 05:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-10 01:14:56 1,307,648 ----a-w c:\windows\system32\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ----a-w c:\windows\system32\msxml6r.dll
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w c:\windows\system32\msyuv.dll
- 2006-03-01 19:42:42 66,560 ----a-w c:\windows\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w c:\windows\system32\mtxclu.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w c:\windows\system32\mtxdm.dll
- 2004-08-04 12:00:00 4,096 -c--a-w c:\windows\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w c:\windows\system32\mtxex.dll
- 2004-08-04 12:00:00 25,088 -c--a-w c:\windows\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w c:\windows\system32\mtxlegih.dll
- 2006-03-01 19:42:42 91,136 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ----a-w c:\windows\system32\mtxparhd.dll
+ 2008-07-18 12:07:34 270,880 ----a-w c:\windows\system32\mucltui.dll
- 2004-08-04 12:00:00 405,504 -c--a-w c:\windows\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ----a-w c:\windows\system32\mui\041b\xpob2res.dll
- 2004-08-04 12:00:00 193,024 -c--a-w c:\windows\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\041b\xpsp1res.dll
- 2004-08-04 12:00:00 757,248 -c--a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ----a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ----a-w c:\windows\system32\mui\041b\xpsp3res.dll
- 2004-08-04 12:00:00 408,576 -c--a-w c:\windows\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ----a-w c:\windows\system32\mui\0424\xpob2res.dll
- 2004-08-04 12:00:00 192,512 -c--a-w c:\windows\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\0424\xpsp1res.dll
- 2004-08-04 12:00:00 732,160 -c--a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ----a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ----a-w c:\windows\system32\mui\0424\xpsp3res.dll
+ 2008-07-18 12:07:32 210,976 ----a-w c:\windows\system32\muweb.dll
- 2004-08-04 12:00:00 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 30,208 ----a-w c:\windows\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ----a-w c:\windows\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ----a-w c:\windows\system32\napstat.exe
- 2004-08-04 12:00:00 53,760 ----a-w c:\windows\system32\narrator.exe
+ 2008-04-14 00:12:29 53,760 ----a-w c:\windows\system32\narrator.exe
- 2004-08-04 12:00:00 36,352 ----a-w c:\windows\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w c:\windows\system32\ncobjapi.dll
- 2004-08-04 12:00:00 17,920 ----a-w c:\windows\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w c:\windows\system32\nddeapi.dll
- 2004-08-04 12:00:00 4,096 -c--a-w c:\windows\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w c:\windows\system32\nddeapir.exe
- 2004-08-04 12:00:00 18,944 -c--a-w c:\windows\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w c:\windows\system32\nddenb32.dll
- 2004-08-04 12:00:00 42,496 -c--a-w c:\windows\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w c:\windows\system32\net.exe
- 2004-08-04 12:00:00 124,928 -c--a-w c:\windows\system32\net1.exe
+ 2008-04-14 00:12:29 124,928 ----a-w c:\windows\system32\net1.exe
- 2006-08-17 12:28:27 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2004-08-04 12:00:00 622,080 ----a-w c:\windows\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w c:\windows\system32\netcfgx.dll
- 2004-08-04 12:00:00 111,104 ----a-w c:\windows\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w c:\windows\system32\netdde.exe
- 2004-08-04 12:00:00 139,264 -c--a-w c:\windows\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w c:\windows\system32\netid.dll
- 2004-08-04 12:00:00 407,040 ----a-w c:\windows\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w c:\windows\system32\netlogon.dll
- 2005-08-22 18:29:46 197,632 ----a-w c:\windows\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w c:\windows\system32\netman.dll
- 2004-08-04 12:00:00 875,008 ----a-w c:\windows\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w c:\windows\system32\netplwiz.dll
- 2004-08-04 12:00:00 12,288 ----a-w c:\windows\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w c:\windows\system32\netrap.dll
- 2004-08-04 12:00:00 329,728 -c--a-w c:\windows\system32\netsetup.exe
+ 2008-04-14 00:16:51 329,728 ----a-w c:\windows\system32\netsetup.exe
- 2004-08-04 12:00:00 86,016 -c--a-w c:\windows\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w c:\windows\system32\netsh.exe
- 2004-08-04 12:00:00 1,708,032 ----a-w c:\windows\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w c:\windows\system32\netshell.dll
- 2004-08-04 12:00:00 36,864 -c--a-w c:\windows\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w c:\windows\system32\netstat.exe
- 2004-08-04 12:00:00 80,896 ----a-w c:\windows\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w c:\windows\system32\netui0.dll
- 2004-08-04 12:00:00 245,760 ----a-w c:\windows\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w c:\windows\system32\netui1.dll
- 2004-08-04 12:00:00 248,832 ----a-w c:\windows\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w c:\windows\system32\newdev.dll
- 2004-08-04 12:00:00 103,936 ----a-w c:\windows\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w c:\windows\system32\nlhtml.dll
- 2004-08-04 12:00:00 28,672 -c--a-w c:\windows\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w c:\windows\system32\nmmkcert.dll
- 2004-08-04 12:00:00 69,120 ----a-w c:\windows\system32\notepad.exe
+ 2008-04-14 00:12:29 69,120 ----a-w c:\windows\system32\notepad.exe
- 2004-08-04 12:00:00 57,344 -c--a-w c:\windows\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\npp\ndisnpp.dll
- 2004-08-04 12:00:00 15,360 -c--a-w c:\windows\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w c:\windows\system32\npp\nppagent.exe
- 2004-08-04 12:00:00 54,784 -c--a-w c:\windows\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w c:\windows\system32\npptools.dll
+ 2007-02-20 06:04:02 2,463,976 ----a-w c:\windows\system32\NPSWF32.dll
+ 2007-02-20 06:04:04 190,696 ----a-w c:\windows\system32\NPSWF32_FlashUtil.exe
- 2004-08-04 12:00:00 76,800 -c--a-w c:\windows\system32\nslookup.exe
+ 2008-04-14 00:12:29 76,800 ----a-w c:\windows\system32\nslookup.exe
- 2004-08-04 12:00:00 708,096 ----a-w c:\windows\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w c:\windows\system32\ntdll.dll
- 2004-08-04 12:00:00 67,072 ----a-w c:\windows\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w c:\windows\system32\ntdsapi.dll
- 2007-02-28 08:38:55 2,057,600 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,066,048 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w c:\windows\system32\ntlanman.dll
- 2004-08-04 12:00:00 8,192 ----a-w c:\windows\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w c:\windows\system32\ntlsapi.dll
- 2004-08-04 12:00:00 118,784 ----a-w c:\windows\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w c:\windows\system32\ntmarta.dll
- 2004-08-04 12:00:00 40,960 -c--a-w c:\windows\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w c:\windows\system32\ntmsapi.dll
- 2004-08-04 12:00:00 179,712 -c--a-w c:\windows\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w c:\windows\system32\ntmsdba.dll
- 2004-08-04 12:00:00 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
- 2004-08-04 12:00:00 435,200 ----a-w c:\windows\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w c:\windows\system32\ntmssvc.dll
- 2007-02-28 09:10:57 2,180,352 ----a-w c:\windows\system32\ntoskrnl.exe

acasey · Nov 13, 2008

part 9...

+ 2008-08-14 10:11:02 2,189,184 ----a-w c:\windows\system32\ntoskrnl.exe
- 2004-08-04 12:00:00 91,136 -c--a-w c:\windows\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w c:\windows\system32\ntprint.dll
- 2004-08-04 12:00:00 143,872 ----a-w c:\windows\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w c:\windows\system32\ntshrui.dll
- 2004-08-04 12:00:00 419,840 ----a-w c:\windows\system32\ntvdm.exe
+ 2008-04-14 00:12:30 420,864 ----a-w c:\windows\system32\ntvdm.exe
- 2004-08-04 12:00:00 13,312 -c--a-w c:\windows\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 4,274,816 ----a-w c:\windows\system32\nv4_disp.dll
- 2006-10-13 12:35:12 142,336 ----a-w c:\windows\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w c:\windows\system32\nwprovau.dll
- 2004-08-04 12:00:00 266,752 ----a-w c:\windows\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w c:\windows\system32\oakley.dll
- 2004-08-04 12:00:00 285,696 ----a-w c:\windows\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w c:\windows\system32\objsel.dll
- 2008-04-23 04:16:28 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-08-26 07:24:30 102,912 ----a-w c:\windows\system32\occache.dll
- 2004-08-04 12:00:00 60,928 -c--a-w c:\windows\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\ocmanage.dll
- 2004-08-04 12:00:00 249,856 ----a-w c:\windows\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w c:\windows\system32\odbc32.dll
- 2004-08-04 12:00:00 16,384 -c--a-w c:\windows\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w c:\windows\system32\odbc32gt.dll
- 2004-08-04 12:00:00 32,768 -c--a-w c:\windows\system32\odbcad32.exe
+ 2008-04-14 00:12:30 32,768 ----a-w c:\windows\system32\odbcad32.exe
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w c:\windows\system32\odbcbcp.dll
- 2004-08-04 12:00:00 135,168 ----a-w c:\windows\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w c:\windows\system32\odbcconf.dll
- 2004-08-04 12:00:00 69,632 -c--a-w c:\windows\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w c:\windows\system32\odbcconf.exe
- 2004-08-04 12:00:00 106,496 -c--a-w c:\windows\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w c:\windows\system32\odbccp32.dll
- 2004-08-04 12:00:00 65,536 -c--a-w c:\windows\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccr32.dll
- 2004-08-04 12:00:00 65,536 -c--a-w c:\windows\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccu32.dll
- 2004-08-04 12:00:00 94,208 ----a-w c:\windows\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w c:\windows\system32\odbcint.dll
- 2004-08-04 12:00:00 53,279 -c--a-w c:\windows\system32\odbcji32.dll
+ 2008-04-14 00:10:31 53,279 ----a-w c:\windows\system32\odbcji32.dll
- 2004-08-04 12:00:00 278,559 -c--a-w c:\windows\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w c:\windows\system32\odbcjt32.dll
- 2004-08-04 12:00:00 12,288 -c--a-w c:\windows\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w c:\windows\system32\odbcp32r.dll
- 2004-08-04 12:00:00 147,456 -c--a-w c:\windows\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w c:\windows\system32\odbctrac.dll
- 2004-08-04 12:00:00 20,511 -c--a-w c:\windows\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\oddbse32.dll
- 2004-08-04 12:00:00 20,510 -c--a-w c:\windows\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odexl32.dll
- 2004-08-04 12:00:00 20,510 -c--a-w c:\windows\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odfox32.dll
- 2004-08-04 12:00:00 20,510 -c--a-w c:\windows\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odpdx32.dll
- 2004-08-04 12:00:00 20,511 -c--a-w c:\windows\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\odtext32.dll
- 2004-08-04 12:00:00 120,832 ----a-w c:\windows\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w c:\windows\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w c:\windows\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w c:\windows\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w c:\windows\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w c:\windows\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w c:\windows\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w c:\windows\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w c:\windows\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w c:\windows\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 ----a-w c:\windows\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w c:\windows\system32\oledlg.dll
- 2004-08-04 12:00:00 107,008 ----a-w c:\windows\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w c:\windows\system32\oleprn.dll
- 2004-08-04 12:00:00 83,456 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ----a-w c:\windows\system32\onex.dll
- 2004-08-04 12:00:00 122,368 -c--a-w c:\windows\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w c:\windows\system32\oobe\msobcomm.dll
- 2004-08-04 12:00:00 16,384 -c--a-w c:\windows\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w c:\windows\system32\oobe\msobdl.dll
- 2004-08-04 12:00:00 561,664 -c--a-w c:\windows\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w c:\windows\system32\oobe\msobmain.dll
- 2004-08-04 12:00:00 30,720 -c--a-w c:\windows\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w c:\windows\system32\oobe\msobshel.dll
- 2004-08-04 12:00:00 18,944 -c--a-w c:\windows\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w c:\windows\system32\oobe\msobweb.dll
- 2004-08-04 12:00:00 28,160 ----a-w c:\windows\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w c:\windows\system32\oobe\msoobe.exe
- 2004-08-04 12:00:00 51,200 -c--a-w c:\windows\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w c:\windows\system32\oobe\oobebaln.exe
- 2004-08-04 12:00:00 713,728 ----a-w c:\windows\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w c:\windows\system32\opengl32.dll
- 2004-08-04 12:00:00 215,552 -c--a-w c:\windows\system32\osk.exe
+ 2008-04-14 00:12:31 215,552 ----a-w c:\windows\system32\osk.exe
- 2004-08-04 12:00:00 67,584 ----a-w c:\windows\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\osuninst.dll
- 2004-08-04 12:00:00 116,224 -c--a-w c:\windows\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ----a-w c:\windows\system32\p2p.dll
- 2004-08-04 12:00:00 86,016 -c--a-w c:\windows\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\p2pgasvc.dll
- 2004-08-04 12:00:00 312,320 -c--a-w c:\windows\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ----a-w c:\windows\system32\p2pgraph.dll
- 2004-08-04 12:00:00 88,064 -c--a-w c:\windows\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ----a-w c:\windows\system32\p2pnetsh.dll
- 2004-08-04 12:00:00 526,848 -c--a-w c:\windows\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ----a-w c:\windows\system32\p2psvc.dll
- 2004-08-04 12:00:00 58,368 -c--a-w c:\windows\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w c:\windows\system32\packager.exe
- 2004-08-04 12:00:00 62,976 -c--a-w c:\windows\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\pautoenr.dll
- 2004-08-04 12:00:00 283,648 ----a-w c:\windows\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w c:\windows\system32\pdh.dll
+ 2008-08-28 22:46:30 265,797 ----a-w c:\windows\system32\pdvcodec.dll
- 2008-06-18 06:09:26 53,608 ----a-w c:\windows\system32\perfc009.dat
+ 2008-10-06 05:46:58 53,608 ----a-w c:\windows\system32\perfc009.dat
- 2004-08-04 12:00:00 39,936 ----a-w c:\windows\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w c:\windows\system32\perfctrs.dll
- 2004-08-04 12:00:00 26,624 ----a-w c:\windows\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w c:\windows\system32\perfdisk.dll
- 2008-06-18 06:09:26 383,254 ----a-w c:\windows\system32\perfh009.dat
+ 2008-10-06 05:46:58 383,254 ----a-w c:\windows\system32\perfh009.dat
- 2004-08-04 12:00:00 15,872 -c--a-w c:\windows\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w c:\windows\system32\perfmon.exe
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w c:\windows\system32\perfnet.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w c:\windows\system32\perfos.dll
- 2004-08-04 12:00:00 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 412,160 ----a-w c:\windows\system32\photometadatahandler.dll
- 2004-08-04 12:00:00 176,128 ----a-w c:\windows\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w c:\windows\system32\photowiz.dll
- 2004-08-04 12:00:00 35,328 ----a-w c:\windows\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w c:\windows\system32\pid.dll
- 2004-08-04 12:00:00 24,064 -c--a-w c:\windows\system32\pidgen.dll
+ 2008-04-13 18:35:22 24,064 ----a-w c:\windows\system32\pidgen.dll
- 2004-08-04 12:00:00 17,920 -c--a-w c:\windows\system32\ping.exe
+ 2008-04-14 00:12:31 17,920 ----a-w c:\windows\system32\ping.exe
- 2004-08-04 12:00:00 15,360 ----a-w c:\windows\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\pjlmon.dll
- 2008-04-23 04:16:28 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2004-08-04 12:00:00 48,640 -c--a-w c:\windows\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ----a-w c:\windows\system32\pnrpnsp.dll
- 2004-08-04 12:00:00 105,472 -c--a-w c:\windows\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\polstore.dll
- 2004-08-04 12:00:00 49,152 -c--a-w c:\windows\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ----a-w c:\windows\system32\powercfg.exe
- 2004-08-04 12:00:00 17,408 ----a-w c:\windows\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w c:\windows\system32\powrprof.dll
- 2004-08-04 12:00:00 560,640 ----a-w c:\windows\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w c:\windows\system32\printui.dll
- 2004-08-04 12:00:00 27,648 ----a-w c:\windows\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w c:\windows\system32\profmap.dll
- 2004-08-04 12:00:00 109,568 -c--a-w c:\windows\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w c:\windows\system32\progman.exe
- 2004-08-04 12:00:00 50,176 -c--a-w c:\windows\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\proquota.exe
- 2004-08-04 12:00:00 9,216 -c--a-w c:\windows\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ----a-w c:\windows\system32\proxycfg.exe
- 2004-08-04 12:00:00 23,040 ----a-w c:\windows\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w c:\windows\system32\psapi.dll
- 2004-08-04 12:00:00 96,768 ----a-w c:\windows\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w c:\windows\system32\psbase.dll
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\pstorec.dll
- 2004-08-04 12:00:00 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w c:\windows\system32\pstorsvc.dll
- 2005-03-11 22:28:12 339,968 ----a-w c:\windows\system32\px.dll
+ 2008-07-23 16:50:46 551,672 ----a-w c:\windows\system32\px.dll
+ 2008-07-23 16:50:46 129,784 ----a-w c:\windows\system32\pxafs.dll
- 2005-03-11 22:48:14 56,832 ----a-w c:\windows\system32\pxcpya64.exe
+ 2008-07-23 16:50:46 66,296 ----a-w c:\windows\system32\pxcpya64.exe
- 2005-03-11 22:48:14 108,544 ----a-w c:\windows\system32\pxcpyi64.exe
+ 2008-07-23 16:50:48 120,056 ----a-w c:\windows\system32\pxcpyi64.exe
- 2005-03-11 22:28:13 405,504 ----a-w c:\windows\system32\pxdrv.dll
+ 2008-07-23 16:50:48 518,904 ----a-w c:\windows\system32\pxdrv.dll
- 2005-03-11 22:48:14 61,440 ----a-w c:\windows\system32\pxhpinst.exe
+ 2008-07-23 16:50:48 72,440 ----a-w c:\windows\system32\pxhpinst.exe
- 2005-03-11 22:48:14 56,320 ----a-w c:\windows\system32\pxinsa64.exe
+ 2008-07-23 16:50:46 64,760 ----a-w c:\windows\system32\pxinsa64.exe
- 2005-03-11 22:48:14 109,568 ----a-w c:\windows\system32\pxinsi64.exe
+ 2008-07-23 16:50:46 118,520 ----a-w c:\windows\system32\pxinsi64.exe
- 2005-03-11 22:28:13 172,032 ----a-w c:\windows\system32\pxmas.dll
+ 2008-07-23 16:50:50 187,128 ----a-w c:\windows\system32\pxmas.dll
+ 2008-07-23 16:50:48 1,628,920 ----a-w c:\windows\system32\pxsfs.dll
- 2005-03-11 22:28:33 339,968 ----a-w c:\windows\system32\pxwave.dll
+ 2008-07-23 16:50:48 379,640 ----a-w c:\windows\system32\pxwave.dll
+ 2008-04-14 00:12:03 150,528 ----a-w c:\windows\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ----a-w c:\windows\system32\qagentrt.dll
- 2004-08-04 12:00:00 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ----a-w c:\windows\system32\qcliprov.dll
- 2004-08-04 12:00:00 279,040 ----a-w c:\windows\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w c:\windows\system32\qdv.dll
- 2004-08-04 12:00:00 385,024 ----a-w c:\windows\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w c:\windows\system32\qdvd.dll
- 2004-08-04 12:00:00 562,176 ----a-w c:\windows\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w c:\windows\system32\qedit.dll
- 2004-08-04 12:00:00 733,696 -c--a-w c:\windows\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w c:\windows\system32\qedwipes.dll
- 2004-08-04 12:00:00 382,464 ----a-w c:\windows\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w c:\windows\system32\qmgr.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\qprocess.exe
+ 2008-04-14 00:12:32 19,968 ----a-w c:\windows\system32\qprocess.exe
+ 2008-07-23 16:50:52 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
- 2008-05-07 05:18:48 1,287,680 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w c:\windows\system32\quartz.dll
- 2006-06-22 05:06:30 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ----a-w c:\windows\system32\qutil.dll
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w c:\windows\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w c:\windows\system32\rasadhlp.dll
- 2004-08-04 12:00:00 236,544 ----a-w c:\windows\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\rasapi32.dll
- 2004-08-04 12:00:00 89,088 ----a-w c:\windows\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w c:\windows\system32\rasauto.dll
- 2004-08-04 12:00:00 69,632 ----a-w c:\windows\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w c:\windows\system32\raschap.dll
- 2004-08-04 12:00:00 657,920 ----a-w c:\windows\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w c:\windows\system32\rasdlg.dll
- 2004-08-04 12:00:00 61,440 ----a-w c:\windows\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w c:\windows\system32\rasman.dll
- 2006-06-22 10:47:18 181,248 ----a-w c:\windows\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w c:\windows\system32\rasmans.dll
- 2004-08-04 12:00:00 56,832 -c--a-w c:\windows\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w c:\windows\system32\rasphone.exe
- 2004-08-04 12:00:00 206,336 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ----a-w c:\windows\system32\rasqec.dll
- 2004-08-04 12:00:00 16,896 -c--a-w c:\windows\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w c:\windows\system32\rassapi.dll
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w c:\windows\system32\rastapi.dll
- 2004-08-04 12:00:00 112,128 ----a-w c:\windows\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w c:\windows\system32\rastls.dll
- 2004-08-04 12:00:00 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
- 2004-08-04 12:00:00 35,840 -c--a-w c:\windows\system32\rcimlby.exe
+ 2008-04-14 00:12:32 35,840 ----a-w c:\windows\system32\rcimlby.exe
- 2004-08-04 12:00:00 21,504 -c--a-w c:\windows\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w c:\windows\system32\rcp.exe
- 2004-08-04 12:00:00 147,968 ----a-w c:\windows\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w c:\windows\system32\rdchost.dll
- 2004-08-04 12:00:00 62,464 -c--a-w c:\windows\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w c:\windows\system32\rdpclip.exe
- 2004-08-04 12:00:00 92,168 -c--a-w c:\windows\system32\rdpdd.dll
+ 2008-04-14 00:13:22 92,424 ----a-w c:\windows\system32\rdpdd.dll
- 2004-08-04 12:00:00 19,968 -c--a-w c:\windows\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w c:\windows\system32\rdpsnd.dll
- 2004-08-04 12:00:00 87,176 -c--a-w c:\windows\system32\rdpwsx.dll
+ 2008-04-14 00:13:22 87,176 ----a-w c:\windows\system32\rdpwsx.dll
- 2004-08-04 12:00:00 13,824 -c--a-w c:\windows\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w c:\windows\system32\rdsaddin.exe
- 2004-08-04 12:00:00 67,072 ----a-w c:\windows\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w c:\windows\system32\rdshost.exe
- 2004-08-04 12:00:00 50,176 -c--a-w c:\windows\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\reg.exe
- 2004-08-04 12:00:00 49,664 ----a-w c:\windows\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w c:\windows\system32\regapi.dll
- 2004-08-04 12:00:00 59,904 -c--a-w c:\windows\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w c:\windows\system32\regsvc.dll
- 2004-08-04 12:00:00 11,776 ----a-w c:\windows\system32\regsvr32.exe
+ 2008-04-14 00:12:32 11,776 ----a-w c:\windows\system32\regsvr32.exe
- 2004-08-04 12:00:00 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2004-08-04 12:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\intelppm.sys
- 2004-08-04 12:00:00 60,416 ----a-w c:\windows\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w c:\windows\system32\remotepg.dll
- 2004-08-04 12:00:00 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe
- 2004-08-04 12:00:00 58,880 ----a-w c:\windows\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w c:\windows\system32\resutils.dll
- 2004-08-04 12:00:00 13,824 -c--a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ----a-w c:\windows\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w c:\windows\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w c:\windows\system32\riched20.dll
- 2007-07-09 13:09:42 584,192 ----a-w c:\windows\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w c:\windows\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w c:\windows\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w c:\windows\system32\rpcss.dll
- 2004-08-04 12:00:00 152,576 ----a-w c:\windows\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w c:\windows\system32\rsaenh.dll
- 2004-08-04 12:00:00 14,848 -c--a-w c:\windows\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w c:\windows\system32\rsh.exe
- 2004-08-04 12:00:00 39,936 ----a-w c:\windows\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w c:\windows\system32\rshx32.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w c:\windows\system32\rsmps.dll
- 2004-08-04 12:00:00 90,112 ----a-w c:\windows\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w c:\windows\system32\rsvpsp.dll
- 2004-08-04 12:00:00 77,312 ----a-w c:\windows\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w c:\windows\system32\rtcshare.exe
- 2004-08-04 12:00:00 31,744 -c--a-w c:\windows\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w c:\windows\system32\rtipxmib.dll
- 2004-08-04 12:00:00 44,032 ----a-w c:\windows\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w c:\windows\system32\rtutils.dll
- 2004-08-04 12:00:00 33,280 ----a-w c:\windows\system32\rundll32.exe
+ 2008-04-14 00:12:33 33,280 ----a-w c:\windows\system32\rundll32.exe
- 2004-08-04 12:00:00 14,336 -c--a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:33 14,336 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:04 397,056 ----a-w c:\windows\system32\s3gnb.dll
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w c:\windows\system32\safrcdlg.dll
- 2004-08-04 12:00:00 29,696 ----a-w c:\windows\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w c:\windows\system32\safrdm.dll
- 2004-08-04 12:00:00 45,568 ----a-w c:\windows\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w c:\windows\system32\safrslv.dll
- 2004-08-04 12:00:00 64,000 ----a-w c:\windows\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w c:\windows\system32\samlib.dll
- 2004-08-04 12:00:00 415,744 ----a-w c:\windows\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w c:\windows\system32\samsrv.dll
- 2004-08-04 12:00:00 13,312 -c--a-w c:\windows\system32\savedump.exe
+ 2008-04-14 00:12:33 13,312 ----a-w c:\windows\system32\savedump.exe
- 2004-08-04 12:00:00 270,848 ----a-w c:\windows\system32\sbe.dll
+ 2008-04-14 00:12:04 270,848 ----a-w c:\windows\system32\sbe.dll
- 2004-08-04 12:00:00 159,232 -c--a-w c:\windows\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w c:\windows\system32\sbeio.dll
- 2004-08-04 12:00:00 69,632 -c--a-w c:\windows\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w c:\windows\system32\scarddlg.dll
- 2004-08-04 12:00:00 95,744 ----a-w c:\windows\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w c:\windows\system32\scardsvr.exe
- 2004-08-04 12:00:00 171,008 -c--a-w c:\windows\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w c:\windows\system32\sccsccp.dll
- 2004-08-04 12:00:00 180,224 ----a-w c:\windows\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w c:\windows\system32\scecli.dll
- 2004-08-04 12:00:00 313,856 ----a-w c:\windows\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w c:\windows\system32\scesrv.dll
- 2007-04-25 14:21:15 144,896 ----a-w c:\windows\system32\schannel.dll
+ 2008-04-14 00:12:05 144,384 ----a-w c:\windows\system32\schannel.dll
- 2004-08-04 12:00:00 190,976 ----a-w c:\windows\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w c:\windows\system32\schedsvc.dll
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w c:\windows\system32\sclgntfy.dll
- 2004-08-04 12:00:00 9,216 ----a-w c:\windows\system32\scrnsave.scr
+ 2008-04-14 00:12:43 9,216 ----a-w c:\windows\system32\scrnsave.scr
- 2004-08-04 12:00:00 159,744 ----a-w c:\windows\system32\scrobj.dll
+ 2008-05-09 10:53:39 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2004-08-04 12:00:00 151,552 ----a-w c:\windows\system32\scrrun.dll
+ 2008-05-09 10:53:40 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2004-08-04 12:00:00 77,312 -c--a-w c:\windows\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w c:\windows\system32\sdbinst.exe
- 2004-08-04 12:00:00 29,184 -c--a-w c:\windows\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sdhcinst.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w c:\windows\system32\seclogon.dll
- 2004-08-04 12:00:00 55,808 ----a-w c:\windows\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\secur32.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w c:\windows\system32\security.dll
- 2004-08-04 12:00:00 29,184 ----a-w c:\windows\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sendcmsg.dll
- 2004-08-04 12:00:00 55,296 ----a-w c:\windows\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w c:\windows\system32\sendmail.dll
- 2004-08-04 12:00:00 38,912 ----a-w c:\windows\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w c:\windows\system32\sens.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w c:\windows\system32\sensapi.dll
- 2004-08-04 12:00:00 56,320 ----a-w c:\windows\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\servdeps.dll
- 2004-08-04 12:00:00 108,032 ----a-w c:\windows\system32\services.exe
+ 2008-04-14 00:12:34 108,544 ----a-w c:\windows\system32\services.exe
- 2004-08-04 12:00:00 140,800 ----a-w c:\windows\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w c:\windows\system32\sessmgr.exe
- 2004-08-04 12:00:00 31,232 -c--a-w c:\windows\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w c:\windows\system32\sethc.exe
- 2004-08-04 12:00:00 23,040 -c--a-w c:\windows\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w c:\windows\system32\setup.exe
- 2004-08-04 12:00:00 259,584 -c--a-w c:\windows\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w c:\windows\system32\Setup\comsetup.dll
- 2004-08-04 12:00:00 32,828 -c--a-w c:\windows\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll
- 2004-08-04 12:00:00 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
- 2004-08-04 12:00:00 505,344 -c----w c:\windows\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w c:\windows\system32\Setup\iis.dll
- 2004-08-04 12:00:00 115,712 -c--a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w c:\windows\system32\Setup\koc.dll
- 2004-08-04 12:00:00 82,432 -c--a-w c:\windows\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w c:\windows\system32\Setup\msdtcstp.dll
- 2004-08-04 12:00:00 15,360 -c--a-w c:\windows\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll
- 2004-08-04 12:00:00 77,312 -c--a-w c:\windows\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w c:\windows\system32\Setup\netoc.dll
- 2004-08-04 12:00:00 62,976 -c--a-w c:\windows\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll
- 2004-08-04 12:00:00 15,872 -c--a-w c:\windows\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\Setup\ocgen.dll
- 2004-08-04 12:00:00 17,408 -c--a-w c:\windows\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll
- 2004-08-04 12:00:00 101,376 -c--a-w c:\windows\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll
- 2004-08-04 12:00:00 22,016 -c--a-w c:\windows\system32\Setup\startoc.dll
+ 2008-04-14 00:12:07 26,624 ----a-w c:\windows\system32\Setup\startoc.dll
- 2004-08-04 12:00:00 121,856 -c--a-w c:\windows\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w c:\windows\system32\Setup\tsoc.dll
- 2004-08-04 12:00:00 983,552 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-13 19:42:06 985,088 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ----a-w c:\windows\system32\setupn.exe
- 2004-08-04 12:00:00 5,120 ----a-w c:\windows\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w c:\windows\system32\sfc.dll
- 2004-08-04 12:00:00 140,288 ----a-w c:\windows\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w c:\windows\system32\sfc_os.dll
- 2004-08-04 12:00:00 1,580,544 ----a-w c:\windows\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w c:\windows\system32\sfcfiles.dll
- 2004-08-04 12:00:00 549,376 ----a-w c:\windows\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w c:\windows\system32\shdoclc.dll
- 2006-09-23 03:12:50 1,497,088 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 ----a-w c:\windows\system32\shdocvw.dll
- 2007-10-26 03:36:51 8,454,656 ----a-w c:\windows\system32\shell32.dll
+ 2008-04-14 00:12:05 8,461,312 ----a-w c:\windows\system32\shell32.dll
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w c:\windows\system32\shfolder.dll
- 2004-08-04 12:00:00 68,096 ----a-w c:\windows\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w c:\windows\system32\shgina.dll
- 2004-08-04 12:00:00 65,536 ----a-w c:\windows\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w c:\windows\system32\shimeng.dll
- 2004-08-04 12:00:00 438,272 ----a-w c:\windows\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w c:\windows\system32\shimgvw.dll
- 2006-09-23 03:12:50 474,112 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w c:\windows\system32\shlwapi.dll
- 2004-08-04 12:00:00 151,552 ----a-w c:\windows\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w c:\windows\system32\shmedia.dll
- 2004-08-04 12:00:00 42,496 -c--a-w c:\windows\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w c:\windows\system32\shmgrate.exe
- 2004-08-04 12:00:00 77,824 -c--a-w c:\windows\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w c:\windows\system32\shrpubw.exe
- 2004-08-04 12:00:00 27,648 ----a-w c:\windows\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w c:\windows\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w c:\windows\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w c:\windows\system32\shsvcs.dll
- 2004-08-04 12:00:00 19,456 -c--a-w c:\windows\system32\shutdown.exe
+ 2008-04-14 00:12:35 19,456 ----a-w c:\windows\system32\shutdown.exe
- 2004-08-04 12:00:00 13,312 -c--a-w c:\windows\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w c:\windows\system32\sigtab.dll
- 2004-08-04 12:00:00 70,144 -c--a-w c:\windows\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w c:\windows\system32\sigverif.exe
- 2004-08-04 12:00:00 26,112 -c--a-w c:\windows\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w c:\windows\system32\skeys.exe
- 2004-08-04 12:00:00 25,088 ----a-w c:\windows\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w c:\windows\system32\slayerxp.dll
- 2004-08-04 12:00:00 98,304 -c--a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ----a-w c:\windows\system32\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ----a-w c:\windows\system32\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ----a-w c:\windows\system32\slgen.dll
+ 2008-04-14 00:12:35 32,866 ----a-w c:\windows\system32\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ----a-w c:\windows\system32\slserv.exe
- 2004-08-04 12:00:00 8,192 -c--a-w c:\windows\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ----a-w c:\windows\system32\smbinst.exe
- 2004-08-04 12:00:00 363,008 ----a-w c:\windows\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w c:\windows\system32\smlogcfg.dll
- 2004-08-04 12:00:00 89,600 ----a-w c:\windows\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w c:\windows\system32\smlogsvc.exe
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w c:\windows\system32\smss.exe
- 2004-08-04 12:00:00 131,584 ----a-w c:\windows\system32\sndrec32.exe
+ 2008-04-14 00:12:36 131,584 ----a-w c:\windows\system32\sndrec32.exe
- 2004-08-04 12:00:00 18,944 -c--a-w c:\windows\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w c:\windows\system32\snmpapi.dll
- 2004-08-04 12:00:00 182,272 ----a-w c:\windows\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w c:\windows\system32\snmpsnap.dll
+ 2008-07-18 12:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-07-18 12:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
- 2004-08-04 12:00:00 23,552 -c--a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 24,576 ----a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 7,680 ----a-w c:\windows\system32\spdwnwxp.exe
- 2004-08-04 12:00:00 538,624 ----a-w c:\windows\system32\spider.exe
+ 2008-04-14 00:12:36 538,624 ----a-w c:\windows\system32\spider.exe
- 2006-09-25 07:58:48 14,640 ----a-w c:\windows\system32\spmsg.dll
+ 2008-07-08 13:02:01 17,272 ------w c:\windows\system32\spmsg.dll
- 2004-08-04 12:00:00 11,776 -c--a-w c:\windows\system32\spnpinst.exe
+ 2008-04-13 19:42:38 11,264 ----a-w c:\windows\system32\spnpinst.exe
- 2005-03-20 21:47:18 129,024 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ps5ui.dll
+ 2008-04-14 00:12:03 728,576 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ps5ui.dll
- 2005-03-20 21:47:18 455,168 ----a-w c:\windows\system32\spool\drivers\w32x86\3\pscript5.dll
+ 2008-04-14 00:12:03 543,232 ----a-w c:\windows\system32\spool\drivers\w32x86\3\pscript5.dll
+ 2006-10-26 09:56:12 33,104 ----a-w c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
- 2004-08-04 12:00:00 74,752 ----a-w c:\windows\system32\spoolss.dll
+ 2008-04-14 00:12:06 75,264 ----a-w c:\windows\system32\spoolss.dll
- 2005-06-10 23:53:32 57,856 ----a-w c:\windows\system32\spoolsv.exe
+ 2008-04-14 00:12:36 57,856 ----a-w c:\windows\system32\spoolsv.exe
- 2006-09-25 07:58:48 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-08-10 10:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-04-14 00:12:36 20,992 ----a-w c:\windows\system32\spupdwxp.exe
- 2004-08-04 12:00:00 442,368 -c--a-w c:\windows\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
- 2004-08-04 12:00:00 180,800 -c--a-w c:\windows\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w c:\windows\system32\sqlunirl.dll
- 2004-08-04 12:00:00 67,584 ----a-w c:\windows\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w c:\windows\system32\srclient.dll
- 2004-08-04 12:00:00 239,104 -c--a-w c:\windows\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w c:\windows\system32\srrstr.dll
- 2004-08-04 12:00:00 170,496 ----a-w c:\windows\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w c:\windows\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w c:\windows\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w c:\windows\system32\srvsvc.dll
- 2004-08-04 12:00:00 704,512 ----a-w c:\windows\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w c:\windows\system32\ss3dfo.scr
- 2004-08-04 12:00:00 19,968 ----a-w c:\windows\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w c:\windows\system32\ssbezier.scr
- 2004-08-04 12:00:00 34,816 ----a-w c:\windows\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w c:\windows\system32\ssdpapi.dll
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
- 2004-08-04 12:00:00 393,216 ----a-w c:\windows\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w c:\windows\system32\ssflwbox.scr
+ 2008-07-23 16:48:40 200,704 ----a-w c:\windows\system32\ssldivx.dll
- 2004-08-04 12:00:00 20,992 ----a-w c:\windows\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w c:\windows\system32\ssmarque.scr
- 2004-08-04 12:00:00 47,104 ----a-w c:\windows\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w c:\windows\system32\ssmypics.scr
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w c:\windows\system32\ssmyst.scr
- 2004-08-04 12:00:00 610,304 ----a-w c:\windows\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w c:\windows\system32\sspipes.scr
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w c:\windows\system32\ssstars.scr
- 2004-08-04 12:00:00 679,936 ----a-w c:\windows\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w c:\windows\system32\sstext3d.scr
- 2004-08-04 12:00:00 54,272 ----a-w c:\windows\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w c:\windows\system32\stclient.dll
- 2004-08-04 12:00:00 67,584 ----a-w c:\windows\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w c:\windows\system32\sti.dll
- 2004-08-04 12:00:00 136,704 ----a-w c:\windows\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w c:\windows\system32\sti_ci.dll
- 2004-08-04 12:00:00 14,848 -c--a-w c:\windows\system32\stimon.exe

acasey · Nov 13, 2008

and finally, part 10

+ 2008-04-14 00:12:36 14,848 ----a-w c:\windows\system32\stimon.exe
- 2004-08-04 12:00:00 121,856 ----a-w c:\windows\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w c:\windows\system32\stobject.dll
- 2004-08-04 00:56:46 74,752 ----a-w c:\windows\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w c:\windows\system32\storprop.dll
- 2006-08-20 23:52:08 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ----a-w c:\windows\system32\strmdll.dll
- 2004-08-04 12:00:00 75,776 -c--a-w c:\windows\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w c:\windows\system32\strmfilt.dll
- 2004-08-04 12:00:00 14,336 ----a-w c:\windows\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w c:\windows\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w c:\windows\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w c:\windows\system32\sxs.dll
- 2004-08-04 12:00:00 57,856 -c--a-w c:\windows\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\synceng.dll
- 2004-08-04 12:00:00 191,488 ----a-w c:\windows\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w c:\windows\system32\syncui.dll
- 2004-08-04 12:00:00 105,984 -c--a-w c:\windows\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w c:\windows\system32\sysocmgr.exe
- 2004-08-04 12:00:00 984,576 ----a-w c:\windows\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w c:\windows\system32\syssetup.dll
- 2005-10-17 21:14:46 118,272 -c--a-w c:\windows\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w c:\windows\system32\t2embed.dll
- 2004-08-04 12:00:00 858,624 ----a-w c:\windows\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w c:\windows\system32\tapi3.dll
- 2004-08-04 12:00:00 181,760 ----a-w c:\windows\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w c:\windows\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w c:\windows\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w c:\windows\system32\tapisrv.dll
- 2004-08-04 12:00:00 135,680 ----a-w c:\windows\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w c:\windows\system32\taskmgr.exe
- 2004-08-04 12:00:00 14,848 -c--a-w c:\windows\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w c:\windows\system32\tcpmib.dll
- 2004-08-04 12:00:00 45,568 ----a-w c:\windows\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmon.dll
- 2004-08-04 12:00:00 45,568 -c--a-w c:\windows\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 -c--a-w c:\windows\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w c:\windows\system32\telnet.exe
- 2004-08-04 12:00:00 358,400 ----a-w c:\windows\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w c:\windows\system32\termmgr.dll
- 2004-08-04 12:00:00 295,424 ----a-w c:\windows\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w c:\windows\system32\termsrv.dll
- 2004-08-04 12:00:00 385,536 ----a-w c:\windows\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w c:\windows\system32\themeui.dll
- 2004-08-04 12:00:00 347,136 ----a-w c:\windows\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w c:\windows\system32\tourstart.exe
- 2004-08-04 12:00:00 12,288 -c--a-w c:\windows\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w c:\windows\system32\tracert.exe
- 2004-08-04 12:00:00 11,264 -c--a-w c:\windows\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w c:\windows\system32\tree.com
- 2004-08-04 12:00:00 90,624 ----a-w c:\windows\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w c:\windows\system32\trkwks.dll
- 2004-08-04 12:00:00 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
- 2004-08-04 12:00:00 12,168 -c--a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ----a-w c:\windows\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ----a-w c:\windows\system32\tspkg.dll
- 2004-08-04 12:00:00 44,032 ----a-w c:\windows\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w c:\windows\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w c:\windows\system32\txflog.dll
- 2008-03-27 09:24:20 60,416 ----a-w c:\windows\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ----a-w c:\windows\system32\tzchange.exe
- 2004-08-04 12:00:00 25,600 -c--a-w c:\windows\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w c:\windows\system32\udhisapi.dll
- 2004-08-04 12:00:00 275,456 -c--a-w c:\windows\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w c:\windows\system32\ulib.dll
- 2004-08-04 12:00:00 35,840 -c--a-w c:\windows\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w c:\windows\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
- 2004-08-04 12:00:00 74,240 ----a-w c:\windows\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w c:\windows\system32\unimdmat.dll
- 2004-08-04 12:00:00 13,824 ----a-w c:\windows\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w c:\windows\system32\uniplat.dll
- 2004-08-04 12:00:00 316,416 -c--a-w c:\windows\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w c:\windows\system32\untfs.dll
- 2004-08-04 12:00:00 132,608 ----a-w c:\windows\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w c:\windows\system32\upnp.dll
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w c:\windows\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w c:\windows\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w c:\windows\system32\upnphost.dll
- 2004-08-04 12:00:00 239,616 -c--a-w c:\windows\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w c:\windows\system32\upnpui.dll
- 2004-08-04 12:00:00 18,432 ----a-w c:\windows\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w c:\windows\system32\ups.exe
- 2008-04-23 04:16:28 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-08-26 07:24:30 105,984 ----a-w c:\windows\system32\url.dll
- 2008-04-23 04:16:29 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 ----a-w c:\windows\system32\urlmon.dll
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w c:\windows\system32\usbmon.dll
- 2004-08-04 00:56:48 74,240 ----a-w c:\windows\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w c:\windows\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w c:\windows\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w c:\windows\system32\user32.dll
- 2004-08-04 12:00:00 723,456 ----a-w c:\windows\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w c:\windows\system32\userenv.dll
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w c:\windows\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ----a-w c:\windows\system32\usmt\cobramsg.dll
- 2004-08-04 12:00:00 123,904 -c--a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ----a-w c:\windows\system32\usmt\guitrna.dll
- 2004-08-04 12:00:00 4,096 -c--a-w c:\windows\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w c:\windows\system32\usmt\iconlib.dll
- 2004-08-04 12:00:00 19,968 -c--a-w c:\windows\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\usmt\log.dll
- 2004-08-04 12:00:00 201,216 -c--a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ----a-w c:\windows\system32\usmt\migisma.dll
- 2004-08-04 12:00:00 103,424 -c--a-w c:\windows\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w c:\windows\system32\usmt\migload.exe
- 2004-08-04 12:00:00 240,128 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ----a-w c:\windows\system32\usmt\migwiza.exe
- 2004-08-04 12:00:00 202,752 -c--a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ----a-w c:\windows\system32\usmt\scripta.dll
- 2004-08-04 12:00:00 168,960 -c--a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ----a-w c:\windows\system32\usmt\sysmoda.dll
- 2004-08-04 12:00:00 406,528 -c--a-w c:\windows\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w c:\windows\system32\usp10.dll
- 2004-08-04 12:00:00 50,176 -c--a-w c:\windows\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w c:\windows\system32\utilman.exe
- 2004-08-04 12:00:00 218,624 ----a-w c:\windows\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w c:\windows\system32\uxtheme.dll
- 2004-08-04 12:00:00 30,749 -c--a-w c:\windows\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w c:\windows\system32\vbajet32.dll
- 2007-08-13 08:54:10 413,696 ----a-w c:\windows\system32\vbscript.dll
+ 2008-05-09 10:53:40 430,080 ----a-w c:\windows\system32\vbscript.dll
- 2004-08-04 12:00:00 26,112 ----a-w c:\windows\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w c:\windows\system32\vdmdbg.dll
- 2004-08-04 12:00:00 51,712 -c--a-w c:\windows\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w c:\windows\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ----a-w c:\windows\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ----a-w c:\windows\system32\verclsid.exe
- 2004-08-04 12:00:00 13,312 -c--a-w c:\windows\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w c:\windows\system32\verifier.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\version.dll
- 2004-08-04 12:00:00 430,592 ----a-w c:\windows\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w c:\windows\system32\vssapi.dll
- 2004-08-04 12:00:00 289,792 ----a-w c:\windows\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w c:\windows\system32\vssvc.exe
- 2005-03-11 22:28:33 28,672 ----a-w c:\windows\system32\vxblock.dll
+ 2008-07-23 16:50:46 88,824 ----a-w c:\windows\system32\vxblock.dll
- 2004-08-04 12:00:00 174,592 ----a-w c:\windows\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w c:\windows\system32\w32time.dll
- 2004-08-04 12:00:00 15,872 ----a-w c:\windows\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w c:\windows\system32\w3ssl.dll
- 2004-08-04 12:00:00 17,664 ----a-w c:\windows\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w c:\windows\system32\watchdog.sys
- 2004-08-04 12:00:00 208,896 ----a-w c:\windows\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w c:\windows\system32\wavemsp.dll
- 2004-08-04 12:00:00 1,352,192 ----a-w c:\windows\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w c:\windows\system32\wbem\cimwin32.dll
- 2004-08-04 12:00:00 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
- 2004-08-04 12:00:00 22,016 ----a-w c:\windows\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\wbem\evntrprv.dll
- 2004-08-04 12:00:00 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
- 2004-08-04 12:00:00 185,856 ----a-w c:\windows\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w c:\windows\system32\wbem\framedyn.dll
- 2004-08-04 12:00:00 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
- 2004-08-04 12:00:00 16,384 -c--a-w c:\windows\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w c:\windows\system32\wbem\mofcomp.exe
- 2004-08-04 12:00:00 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
- 2004-08-04 12:00:00 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
- 2004-08-04 12:00:00 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
- 2004-08-04 12:00:00 237,056 -c--a-w c:\windows\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\wbem\provthrd.dll
- 2004-08-04 12:00:00 177,152 ----a-w c:\windows\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w c:\windows\system32\wbem\repdrvfs.dll
- 2004-08-04 12:00:00 36,864 ----a-w c:\windows\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w c:\windows\system32\wbem\scrcons.exe
- 2004-08-04 12:00:00 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
- 2004-08-04 12:00:00 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
- 2004-08-04 12:00:00 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
- 2004-08-04 12:00:00 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
- 2004-08-04 12:00:00 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
- 2004-08-04 12:00:00 530,944 ----a-w c:\windows\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w c:\windows\system32\wbem\wbemcore.dll
- 2004-08-04 12:00:00 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
- 2004-08-04 12:00:00 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
- 2004-08-04 12:00:00 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
- 2004-08-04 12:00:00 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
- 2004-08-04 12:00:00 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
- 2004-08-04 12:00:00 116,224 -c--a-w c:\windows\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w c:\windows\system32\wbem\wbemtest.exe
- 2004-08-04 12:00:00 197,120 -c--a-w c:\windows\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w c:\windows\system32\wbem\wbemupgd.dll
- 2004-08-04 12:00:00 196,608 -c--a-w c:\windows\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w c:\windows\system32\wbem\wmiadap.exe
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll
- 2004-08-04 12:00:00 89,088 ----a-w c:\windows\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w c:\windows\system32\wbem\wmiaprpl.dll
- 2004-08-04 12:00:00 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
- 2004-08-04 12:00:00 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
- 2004-08-04 12:00:00 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
- 2004-08-04 12:00:00 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
- 2004-08-04 12:00:00 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
- 2004-08-04 12:00:00 62,464 ----a-w c:\windows\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w c:\windows\system32\wbem\wmipiprt.dll
- 2004-08-04 12:00:00 62,976 ----a-w c:\windows\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w c:\windows\system32\wbem\wmipjobj.dll
- 2004-08-04 12:00:00 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
- 2004-08-04 12:00:00 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
- 2004-08-04 12:00:00 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
- 2004-08-04 12:00:00 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
- 2004-08-04 12:00:00 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
- 2004-08-04 12:00:00 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
- 2004-08-04 12:00:00 49,152 ----a-w c:\windows\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w c:\windows\system32\wdigest.dll
- 2004-08-03 13:56:58 23,552 ----a-w c:\windows\system32\wdmaud.drv
+ 2008-04-14 00:12:46 23,552 ----a-w c:\windows\system32\wdmaud.drv
- 2008-04-23 04:16:29 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-26 07:24:31 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2006-01-04 03:35:05 68,096 ----a-w c:\windows\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w c:\windows\system32\webclnt.dll
- 2004-08-04 12:00:00 135,680 ----a-w c:\windows\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w c:\windows\system32\webvw.dll
- 2004-08-04 12:00:00 65,536 -c--a-w c:\windows\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w c:\windows\system32\wextract.exe
- 2004-08-04 12:00:00 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
- 2004-08-04 12:00:00 463,360 ----a-w c:\windows\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w c:\windows\system32\wiadefui.dll
- 2004-08-04 12:00:00 124,416 ----a-w c:\windows\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w c:\windows\system32\wiadss.dll
- 2004-08-04 12:00:00 75,776 ----a-w c:\windows\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w c:\windows\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w c:\windows\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w c:\windows\system32\wiaservc.dll
- 2004-08-04 12:00:00 589,312 ----a-w c:\windows\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w c:\windows\system32\wiashext.dll
- 2004-08-04 12:00:00 111,104 ----a-w c:\windows\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w c:\windows\system32\wiavideo.dll
- 2008-03-19 09:47:00 1,845,248 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 12:12:56 1,846,400 ----a-w c:\windows\system32\win32k.sys
- 2004-08-04 12:00:00 101,888 ----a-w c:\windows\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w c:\windows\system32\win32spl.dll
- 2004-08-04 12:00:00 937,984 -c--a-w c:\windows\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w c:\windows\system32\winbrand.dll
+ 2008-04-14 00:12:08 712,704 ----a-w c:\windows\system32\windowscodecs.dll
+ 2008-04-14 00:12:08 346,112 ----a-w c:\windows\system32\windowscodecsext.dll
- 2004-08-04 12:00:00 351,232 ----a-w c:\windows\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w c:\windows\system32\winhttp.dll
- 2008-04-23 04:16:29 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-26 07:24:31 826,368 ----a-w c:\windows\system32\wininet.dll
- 2004-08-04 12:00:00 32,768 ----a-w c:\windows\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w c:\windows\system32\winipsec.dll
- 2004-08-04 12:00:00 502,272 ----a-w c:\windows\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w c:\windows\system32\winlogon.exe
- 2004-08-04 12:00:00 176,128 ----a-w c:\windows\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w c:\windows\system32\winmm.dll
- 2004-08-04 12:00:00 764,928 -c--a-w c:\windows\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w c:\windows\system32\winntbbu.dll
- 2004-08-04 12:00:00 16,896 ----a-w c:\windows\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w c:\windows\system32\winrnr.dll
- 2004-08-04 12:00:00 99,328 ----a-w c:\windows\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w c:\windows\system32\winscard.dll
- 2004-08-04 12:00:00 17,408 -c--a-w c:\windows\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w c:\windows\system32\winshfhc.dll
- 2004-08-04 12:00:00 146,432 ----a-w c:\windows\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w c:\windows\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w c:\windows\system32\winsrv.dll
- 2004-08-04 12:00:00 53,760 ----a-w c:\windows\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w c:\windows\system32\winsta.dll
- 2004-08-04 12:00:00 176,640 ----a-w c:\windows\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w c:\windows\system32\wintrust.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w c:\windows\system32\winver.exe
- 2002-08-20 18:13:12 189,952 ----a-w c:\windows\system32\WISPTIS.EXE
+ 2006-10-26 03:45:04 293,376 ----a-w c:\windows\system32\WISPTIS.EXE
- 2006-08-17 12:28:27 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ----a-w c:\windows\system32\wlanapi.dll
- 2004-08-04 12:00:00 172,032 ----a-w c:\windows\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w c:\windows\system32\wldap32.dll
- 2004-08-04 12:00:00 92,672 ----a-w c:\windows\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w c:\windows\system32\wlnotify.dll
- 2004-08-04 12:00:00 5,632 ----a-w c:\windows\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w c:\windows\system32\wmi.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\wmpcd.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpcd.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\wmpcore.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpcore.dll
- 2006-10-18 11:47:20 295,936 ----a-w c:\windows\system32\wmpeffects.dll
+ 2008-06-24 08:12:58 295,936 ----a-w c:\windows\system32\wmpeffects.dll
+ 2008-04-14 00:12:09 276,992 ----a-w c:\windows\system32\wmphoto.dll
- 2004-08-04 12:00:00 20,480 -c--a-w c:\windows\system32\wmpui.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpui.dll
- 2004-08-04 12:00:00 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
- 2004-08-04 12:00:00 303,616 ----a-w c:\windows\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w c:\windows\system32\wmstream.dll
+ 2008-05-06 06:01:28 45,056 ----a-w c:\windows\system32\WNASPI32.DLL
- 2004-08-04 12:00:00 264,192 ----a-w c:\windows\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w c:\windows\system32\wow32.dll
- 2004-08-04 12:00:00 32,256 -c--a-w c:\windows\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w c:\windows\system32\wpabaln.exe
- 2004-08-04 12:00:00 32,256 -c--a-w c:\windows\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w c:\windows\system32\wpnpinst.exe
- 2004-08-04 12:00:00 82,944 ----a-w c:\windows\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w c:\windows\system32\ws2_32.dll
- 2004-08-04 12:00:00 19,968 ----a-w c:\windows\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w c:\windows\system32\ws2help.dll
- 2004-08-04 12:00:00 13,824 -c--a-w c:\windows\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w c:\windows\system32\wscntfy.exe
- 2004-08-04 12:00:00 114,688 -c--a-w c:\windows\system32\wscript.exe
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\system32\wscript.exe
- 2004-08-04 12:00:00 81,408 ----a-w c:\windows\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w c:\windows\system32\wscsvc.dll
- 2004-08-04 12:00:00 108,032 -c--a-w c:\windows\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w c:\windows\system32\wshbth.dll
- 2004-08-04 12:00:00 28,672 ----a-w c:\windows\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w c:\windows\system32\wshcon.dll
- 2004-08-04 12:00:00 65,536 ----a-w c:\windows\system32\wshext.dll
+ 2008-05-09 10:53:40 90,112 ----a-w c:\windows\system32\wshext.dll
- 2004-08-04 12:00:00 14,336 -c--a-w c:\windows\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w c:\windows\system32\wship6.dll
- 2004-08-04 12:00:00 11,776 -c--a-w c:\windows\system32\WshRm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w c:\windows\system32\wshrm.dll
- 2004-08-04 12:00:00 19,968 ----a-w c:\windows\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w c:\windows\system32\wshtcpip.dll
- 2004-08-04 12:00:00 42,496 -c--a-w c:\windows\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w c:\windows\system32\wsnmp32.dll
- 2004-08-04 12:00:00 22,528 ----a-w c:\windows\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w c:\windows\system32\wsock32.dll
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w c:\windows\system32\wstdecod.dll
- 2004-08-04 12:00:00 18,432 ----a-w c:\windows\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w c:\windows\system32\wtsapi32.dll
- 2007-07-30 09:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
+ 2008-07-18 12:09:44 563,912 ----a-w c:\windows\system32\wuapi.dll
- 2007-07-30 09:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-07-18 12:10:42 53,448 ----a-w c:\windows\system32\wuauclt.exe
- 2007-07-30 09:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-07-18 12:09:42 1,811,656 ----a-w c:\windows\system32\wuaueng.dll
- 2004-08-04 12:00:00 6,656 ----a-w c:\windows\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w c:\windows\system32\wuauserv.dll
- 2007-07-30 09:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
+ 2008-07-18 12:09:46 325,832 ----a-w c:\windows\system32\wucltui.dll
- 2007-07-30 09:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2008-07-18 12:10:20 36,552 ----a-w c:\windows\system32\wups.dll
- 2007-07-30 09:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
+ 2008-07-18 12:10:40 45,768 ----a-w c:\windows\system32\wups2.dll
- 2007-07-30 09:19:28 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2008-07-18 12:09:44 205,000 ----a-w c:\windows\system32\wuweb.dll
- 2004-08-04 12:00:00 378,368 ----a-w c:\windows\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w c:\windows\system32\wzcdlg.dll
- 2004-08-04 12:00:00 51,712 ----a-w c:\windows\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w c:\windows\system32\wzcsapi.dll
- 2004-08-04 12:00:00 359,936 ----a-w c:\windows\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w c:\windows\system32\wzcsvc.dll
- 2004-08-04 12:00:00 91,648 -c--a-w c:\windows\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w c:\windows\system32\xactsrv.dll
- 2004-08-04 12:00:00 30,720 -c--a-w c:\windows\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w c:\windows\system32\xcopy.exe
- 2006-07-14 15:51:52 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2008-04-14 00:12:11 121,856 ----a-w c:\windows\system32\xmllite.dll
- 2004-08-04 12:00:00 129,536 ----a-w c:\windows\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w c:\windows\system32\xmlprov.dll
- 2004-08-04 12:00:00 50,176 ----a-w c:\windows\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w c:\windows\system32\xmlprovi.dll
- 2006-03-01 19:42:42 11,776 ----a-w c:\windows\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w c:\windows\system32\xolehlp.dll
- 2004-08-04 12:00:00 438,784 -c--a-w c:\windows\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w c:\windows\system32\xpob2res.dll
- 2004-08-04 12:00:00 187,392 ----a-w c:\windows\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w c:\windows\system32\xpsp1res.dll
- 2004-08-04 12:00:00 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
- 2007-10-29 10:26:53 115,712 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w c:\windows\system32\xpsp3res.dll
- 2004-08-04 12:00:00 337,920 ----a-w c:\windows\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w c:\windows\system32\zipfldr.dll
- 2004-08-04 12:00:00 50,688 ----a-w c:\windows\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w c:\windows\twain_32.dll
- 2004-08-04 12:00:00 283,648 ----a-w c:\windows\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w c:\windows\winhlp32.exe
+ 2008-09-30 05:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 05:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
- 2007-01-19 20:15:24 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-10-26 03:40:34 95,744 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-06-05 04:14:28 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2006-06-05 04:14:28 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 04:14:28 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
+ 2006-10-26 03:40:36 1,093,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-10-26 03:40:36 1,079,808 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 03:40:36 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 03:40:36 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 03:40:36 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 03:40:36 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 03:40:36 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 03:40:36 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 03:40:36 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 03:40:36 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 03:40:36 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 03:40:36 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 03:40:36 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2005-09-22 15:35:10 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-15 17:54:19 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2004-08-04 12:00:00 853,504 -c--a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2004-08-04 12:00:00 991,232 -c--a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2004-08-04 12:00:00 132,096 -c--a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FIREPOD"="c:\program files\PreSonus\1394AudioDriver_FIREPOD\FIREPOD.EXE" [2007-10-10 1126400]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-13 1235736]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-18 9117696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 c:\windows\system32\narrator.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
FirePod Control Panel.lnk - c:\program files\PreSonus\1394AudioDriver_FIREPOD\FirePod.exe [2008-05-02 1126400]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\progra~1\Qualcomm\Eudora\EuShlExt.dll" [2006-01-09 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.dvsd"= pdvcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Adam^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Adam\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Utility Tray.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Utility Tray.lnk
backup=c:\windows\pss\Utility Tray.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDTray]
--------- 2004-09-03 19:58 65536 c:\program files\Ahead\ODD Toolkit\dvdtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 289576 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFCreatorClient]
--a------ 2005-03-21 09:19 450560 c:\program files\JawsSystems\Jaws PDF Creator\PDFClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSUSBRG]
--a------ 2002-07-12 21:15 106496 c:\windows\SiSUSBrg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{914C5BF8-EEDD-4F3A-A8BE-34EE71CF1B29}]
--a------ 2008-03-06 22:36 286208 c:\program files\Mediafour\XPlay 3\XPlay.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\WS_FTP\\WS_FTP95.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys [2008-11-07 12936]
R0 MDFSYSNT;MacDrive file system driver;c:\windows\system32\drivers\MDFSYSNT.sys [2008-02-12 279808]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-11-13 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-11-13 90632]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-11-13 874776]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-11-07 231704]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [2008-11-13 1212184]
R2 M4iPodWPDService;M4iPodWPDService;c:\program files\Common Files\Mediafour\iPod\M4iPodWPDService.exe [2008-01-23 114688]
R2 ScFBPNT;CanoScan FBP Port Driver;c:\windows\system32\drivers\ScFBPNT.SYS [2000-02-08 16288]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys [2008-11-13 29208]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys [2008-11-13 29208]
S3 pae_1394;pae_1394;c:\windows\system32\Drivers\pae_1394.sys [2007-10-09 123440]
S3 pae_avs;pae_avs;c:\windows\system32\Drivers\pae_avs.sys [2007-10-09 51248]
S3 ps_1394;ps_1394;c:\windows\system32\Drivers\ps_1394.sys [2004-10-15 97152]
S3 ps_avs;ps_avs;c:\windows\system32\Drivers\ps_avs.sys [2004-10-15 24576]
.
Contents of the 'Scheduled Tasks' folder

2008-11-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]

2008-11-13 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
- - - - ORPHANS REMOVED - - - -

ShellIconOverlayIdentifiers-MacDrive Volume Icons - (no file)
MSConfigStartUp-CTFMON - (no file)
MSConfigStartUp-SMSERIAL - sm56hlpr.exe

.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Adam\Application Data\Mozilla\Firefox\Profiles\ma1zwgue.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJinit13125.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJinit1316.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-13 23:53:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Windows Defender\MsMpEng.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PDFCreatorMessages.exe
c:\windows\system32\tcpsvcs.exe
c:\progra~1\AVG\AVG8\avgam.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-11-14 0:01:03 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-13 13:00:23

Pre-Run: 10,801,078,272 bytes free
Post-Run: 10,758,447,104 bytes free

6556 --- E O F --- 2008-11-13 06:37:39

ken545 · Nov 13, 2008

Wow, that was a mouthful

Delete these files, let me know if they will not delete. Leave them in your Recycle Bin for a day or two, there all bad but just in case.
c:\windows\system32\uibjuugd.ini
c:\windows\system32\dplmaspk.dll
c:\windows\system32\ndbxhtvb.dll
c:\windows\system32\qeeifywp.dll
c:\windows\system32\pbophh.dll

Your log looks fine :bigthumb: How are things running now??

acasey · Nov 13, 2008

Things are looking a little better. My virus checker is autoupdating as is the operating system, which is a relief! I'm not getting all the annoying popups anymore either. I still can't seem to connect via my VPN though, which was a problem that began when I got this virus. I checked on my other PC and it connects fine, but this computer won't connect. Any ideas why this might be?

cheers,

Adam

virtumonde: help!

New member

Emeritus-Security Expert

New member

Emeritus-Security Expert

New member

Emeritus-Security Expert

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

Emeritus-Security Expert

New member