Windows BBS The Place for Microsoft Windows Support! Windows, Support, Help Site

Go Back   Windows BBS > Security > Malware and Virus Removal
Reload this Page

[InActive] Virtumonde.prx and Firewall bypass problem...

Register FAQDonate Mark Forums Read

Malware and Virus Removal Problems removing malware/viruses? Get help from our Malware removal experts.

Register your FREE account to unlock additional features at WindowsBBS.com
Register
Welcome to WindowsBBS.com
Microsoft Windows Support

Mission Statement

WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.

Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.

Discussion Forums
Operating Systems
Windows 7 Windows 7
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Windows 2000 Windows 2000
Windows 95/98/Me/NT Windows 95/98/Me/NT
Internet & Networking
Networking
Internet Explorer
Microsoft Mail
Firefox, Thunderbird
      & SeaMonkey
General Internet
Security
General Security
Malware and Virus
     Removal
Other
Other Software
Hardware
Test Posts
Community
Introductions
General Discussions
Comments
      & Suggestions
News @ WindowsBBS

Forum Sponsor
Image

Reply
Page 2 of 2 1 2
 
LinkBack Thread Tools
Old 30th November 2008   #16
Member
 
Profile:
Join Date: Oct 2008
Posts: 24
Computer Experience:
Intermediate
FLYNDAGGER Reputation Level
- 2004-08-04 05:58:45 15,104 ------w c:\windows\ServicePackFiles\i386\usbscan.sys
+ 2008-04-13 18:45:34 15,104 ----a-w c:\windows\ServicePackFiles\i386\usbscan.sys
- 2004-08-04 06:08:42 25,600 ------w c:\windows\ServicePackFiles\i386\usbser.sys
+ 2008-04-13 18:45:36 26,112 ----a-w c:\windows\ServicePackFiles\i386\usbser.sys
- 2004-08-04 06:08:46 26,496 ------w c:\windows\ServicePackFiles\i386\usbstor.sys
+ 2008-04-13 18:45:38 26,368 ----a-w c:\windows\ServicePackFiles\i386\usbstor.sys
- 2004-08-04 06:08:37 20,480 ------w c:\windows\ServicePackFiles\i386\usbuhci.sys
+ 2008-04-13 18:45:35 20,608 ----a-w c:\windows\ServicePackFiles\i386\usbuhci.sys
- 2004-08-04 07:56:46 74,240 ------w c:\windows\ServicePackFiles\i386\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w c:\windows\ServicePackFiles\i386\usbui.dll
- 2004-08-04 06:10:10 78,464 ------w c:\windows\ServicePackFiles\i386\usbvideo.sys
+ 2008-04-13 18:46:20 121,984 ----a-w c:\windows\ServicePackFiles\i386\usbvideo.sys
- 2004-08-04 07:56:46 577,024 ------w c:\windows\ServicePackFiles\i386\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w c:\windows\ServicePackFiles\i386\user32.dll
- 2004-08-04 07:56:46 723,456 ------w c:\windows\ServicePackFiles\i386\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w c:\windows\ServicePackFiles\i386\userenv.dll
- 2004-08-04 07:56:57 24,576 ------w c:\windows\ServicePackFiles\i386\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w c:\windows\ServicePackFiles\i386\userinit.exe
- 2004-08-04 07:56:46 406,528 ------w c:\windows\ServicePackFiles\i386\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w c:\windows\ServicePackFiles\i386\usp10.dll
- 2004-08-04 07:56:57 50,176 ------w c:\windows\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w c:\windows\ServicePackFiles\i386\utilman.exe
- 2004-08-04 07:56:46 218,624 ------w c:\windows\ServicePackFiles\i386\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w c:\windows\ServicePackFiles\i386\uxtheme.dll
- 2004-08-04 07:56:46 30,749 ------w c:\windows\ServicePackFiles\i386\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w c:\windows\ServicePackFiles\i386\vbajet32.dll
- 2004-08-04 07:56:46 417,792 ------w c:\windows\ServicePackFiles\i386\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ----a-w c:\windows\ServicePackFiles\i386\vbscript.dll
- 2004-08-04 07:56:46 11,325 ------w c:\windows\ServicePackFiles\i386\vchnt5.dll
+ 2008-04-14 00:12:08 11,325 ----a-w c:\windows\ServicePackFiles\i386\vchnt5.dll
- 2004-08-04 07:56:46 26,112 ------w c:\windows\ServicePackFiles\i386\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w c:\windows\ServicePackFiles\i386\vdmdbg.dll
- 2004-08-04 07:56:46 51,712 ------w c:\windows\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w c:\windows\ServicePackFiles\i386\vdmredir.dll
+ 2008-04-14 00:12:38 28,672 ------w c:\windows\ServicePackFiles\i386\verclsid.exe
+ 2008-04-14 00:12:08 26,624 ------w c:\windows\ServicePackFiles\i386\verifier.dll
- 2004-08-04 07:56:46 18,944 ------w c:\windows\ServicePackFiles\i386\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\ServicePackFiles\i386\version.dll
- 2004-08-04 07:56:46 53,760 ------w c:\windows\ServicePackFiles\i386\vfwwdm32.dll
+ 2008-04-14 00:12:08 53,760 ----a-w c:\windows\ServicePackFiles\i386\vfwwdm32.dll
- 2004-08-04 06:07:06 20,992 ------w c:\windows\ServicePackFiles\i386\vga.sys
+ 2008-04-13 18:44:40 20,992 ----a-w c:\windows\ServicePackFiles\i386\vga.sys
- 2004-08-04 07:56:46 848,384 ------w c:\windows\ServicePackFiles\i386\vgx.dll
+ 2008-04-14 00:12:08 851,968 ----a-w c:\windows\ServicePackFiles\i386\vgx.dll
- 2004-08-04 06:07:42 42,240 ------w c:\windows\ServicePackFiles\i386\viaagp.sys
+ 2008-04-13 18:36:40 42,240 ----a-w c:\windows\ServicePackFiles\i386\viaagp.sys
- 2004-08-04 05:59:42 5,376 ------w c:\windows\ServicePackFiles\i386\viaide.sys
+ 2008-04-13 18:40:31 5,376 ----a-w c:\windows\ServicePackFiles\i386\viaide.sys
- 2004-08-04 06:07:05 79,744 ------w c:\windows\ServicePackFiles\i386\videoprt.sys
+ 2008-04-13 18:44:40 81,664 ----a-w c:\windows\ServicePackFiles\i386\videoprt.sys
- 2004-08-04 07:56:46 131,584 ------w c:\windows\ServicePackFiles\i386\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w c:\windows\ServicePackFiles\i386\viewprov.dll
- 2004-08-04 06:00:16 52,352 ------w c:\windows\ServicePackFiles\i386\volsnap.sys
+ 2008-04-13 18:41:01 52,352 ----a-w c:\windows\ServicePackFiles\i386\volsnap.sys
- 2004-08-04 07:56:46 430,592 ------w c:\windows\ServicePackFiles\i386\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w c:\windows\ServicePackFiles\i386\vssapi.dll
- 2004-08-04 07:56:57 289,792 ------w c:\windows\ServicePackFiles\i386\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w c:\windows\ServicePackFiles\i386\vssvc.exe
- 2004-08-04 07:56:46 174,592 ------w c:\windows\ServicePackFiles\i386\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w c:\windows\ServicePackFiles\i386\w32time.dll
- 2004-08-04 07:56:46 15,872 ------w c:\windows\ServicePackFiles\i386\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w c:\windows\ServicePackFiles\i386\w3ssl.dll
- 2004-08-04 07:56:46 483,840 ------w c:\windows\ServicePackFiles\i386\w95upgnt.dll
+ 2008-04-14 00:12:08 483,840 ----a-w c:\windows\ServicePackFiles\i386\w95upgnt.dll
- 2004-08-04 07:56:57 46,080 ------w c:\windows\ServicePackFiles\i386\wab.exe
+ 2008-04-14 00:12:38 46,080 ----a-w c:\windows\ServicePackFiles\i386\wab.exe
- 2004-08-04 07:56:46 504,832 ------w c:\windows\ServicePackFiles\i386\wab32.dll
+ 2008-04-14 00:12:08 510,976 ----a-w c:\windows\ServicePackFiles\i386\wab32.dll
- 2004-08-04 07:56:34 249,856 ------w c:\windows\ServicePackFiles\i386\wab32res.dll
+ 2008-04-13 16:21:48 249,856 ----a-w c:\windows\ServicePackFiles\i386\wab32res.dll
- 2004-08-04 07:56:46 32,768 ------w c:\windows\ServicePackFiles\i386\wabfind.dll
+ 2008-04-14 00:12:08 32,768 ----a-w c:\windows\ServicePackFiles\i386\wabfind.dll
- 2004-08-04 07:56:46 84,992 ------w c:\windows\ServicePackFiles\i386\wabimp.dll
+ 2008-04-14 00:12:08 85,504 ----a-w c:\windows\ServicePackFiles\i386\wabimp.dll
- 2004-08-04 07:56:57 30,208 ------w c:\windows\ServicePackFiles\i386\wabmig.exe
+ 2008-04-14 00:12:39 30,208 ----a-w c:\windows\ServicePackFiles\i386\wabmig.exe
- 2004-08-04 06:04:52 13,568 ------w c:\windows\ServicePackFiles\i386\wacompen.sys
+ 2008-04-13 18:43:55 14,208 ----a-w c:\windows\ServicePackFiles\i386\wacompen.sys
- 2004-08-04 06:04:57 34,560 ------w c:\windows\ServicePackFiles\i386\wanarp.sys
+ 2008-04-13 18:57:21 34,560 ----a-w c:\windows\ServicePackFiles\i386\wanarp.sys
- 2004-08-04 06:07:32 17,664 ------w c:\windows\ServicePackFiles\i386\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w c:\windows\ServicePackFiles\i386\watchdog.sys
+ 2008-04-14 00:12:08 215,552 ------w c:\windows\ServicePackFiles\i386\wavemsp.dll
- 2004-08-04 07:56:46 196,608 ------w c:\windows\ServicePackFiles\i386\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w c:\windows\ServicePackFiles\i386\wbemcntl.dll
- 2004-08-04 07:56:46 214,528 ------w c:\windows\ServicePackFiles\i386\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w c:\windows\ServicePackFiles\i386\wbemcomn.dll
- 2004-08-04 07:56:46 71,680 ------w c:\windows\ServicePackFiles\i386\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w c:\windows\ServicePackFiles\i386\wbemcons.dll
- 2004-08-04 07:56:46 530,944 ------w c:\windows\ServicePackFiles\i386\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w c:\windows\ServicePackFiles\i386\wbemcore.dll
- 2004-08-04 07:56:46 178,176 ------w c:\windows\ServicePackFiles\i386\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w c:\windows\ServicePackFiles\i386\wbemdisp.dll
- 2004-08-04 07:56:46 273,920 ------w c:\windows\ServicePackFiles\i386\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w c:\windows\ServicePackFiles\i386\wbemess.dll
- 2004-08-04 07:56:46 43,008 ------w c:\windows\ServicePackFiles\i386\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w c:\windows\ServicePackFiles\i386\wbemperf.dll
- 2004-08-04 07:56:46 18,944 ------w c:\windows\ServicePackFiles\i386\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\ServicePackFiles\i386\wbemprox.dll
- 2004-08-04 07:56:46 43,520 ------w c:\windows\ServicePackFiles\i386\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w c:\windows\ServicePackFiles\i386\wbemsvc.dll
- 2004-08-04 07:56:57 116,224 ------w c:\windows\ServicePackFiles\i386\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w c:\windows\ServicePackFiles\i386\wbemtest.exe
- 2004-08-04 07:56:46 197,120 ------w c:\windows\ServicePackFiles\i386\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w c:\windows\ServicePackFiles\i386\wbemupgd.dll
- 2004-08-04 06:08:46 31,744 ------w c:\windows\ServicePackFiles\i386\wceusbsh.sys
+ 2008-04-13 18:45:38 31,744 ----a-w c:\windows\ServicePackFiles\i386\wceusbsh.sys
- 2004-08-04 07:56:46 49,152 ------w c:\windows\ServicePackFiles\i386\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w c:\windows\ServicePackFiles\i386\wdigest.dll
+ 2008-04-14 00:12:45 23,552 ----a-w c:\windows\ServicePackFiles\i386\wdmaud.drv
- 2004-08-04 06:15:04 82,944 ------w c:\windows\ServicePackFiles\i386\wdmaud.sys
+ 2008-04-13 19:17:18 83,072 ----a-w c:\windows\ServicePackFiles\i386\wdmaud.sys
- 2004-08-04 07:56:46 276,480 ------w c:\windows\ServicePackFiles\i386\webcheck.dll
+ 2008-04-14 00:12:08 276,480 ----a-w c:\windows\ServicePackFiles\i386\webcheck.dll
- 2004-08-04 07:56:46 67,584 ------w c:\windows\ServicePackFiles\i386\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w c:\windows\ServicePackFiles\i386\webclnt.dll
- 2004-08-04 07:56:46 135,680 ------w c:\windows\ServicePackFiles\i386\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w c:\windows\ServicePackFiles\i386\webvw.dll
- 2004-08-04 07:56:57 65,536 ------w c:\windows\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w c:\windows\ServicePackFiles\i386\wextract.exe
- 2004-08-04 07:56:57 433,664 ------w c:\windows\ServicePackFiles\i386\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w c:\windows\ServicePackFiles\i386\wiaacmgr.exe
- 2004-08-04 07:56:46 463,360 ------w c:\windows\ServicePackFiles\i386\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w c:\windows\ServicePackFiles\i386\wiadefui.dll
- 2004-08-04 07:56:46 124,416 ------w c:\windows\ServicePackFiles\i386\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w c:\windows\ServicePackFiles\i386\wiadss.dll
- 2004-08-04 07:56:46 75,776 ------w c:\windows\ServicePackFiles\i386\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w c:\windows\ServicePackFiles\i386\wiascr.dll
- 2004-08-04 07:56:46 333,312 ------w c:\windows\ServicePackFiles\i386\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w c:\windows\ServicePackFiles\i386\wiaservc.dll
- 2004-08-04 07:56:46 589,312 ------w c:\windows\ServicePackFiles\i386\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w c:\windows\ServicePackFiles\i386\wiashext.dll
- 2004-08-04 07:56:46 111,104 ------w c:\windows\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w c:\windows\ServicePackFiles\i386\wiavideo.dll
+ 2008-04-14 00:12:08 712,704 ------w c:\windows\ServicePackFiles\i386\wic.dll
+ 2008-04-14 00:12:08 346,112 ------w c:\windows\ServicePackFiles\i386\wicext.dll
- 2004-08-04 06:17:40 1,835,904 ------w c:\windows\ServicePackFiles\i386\win32k.sys
+ 2008-04-13 19:30:10 1,845,632 ----a-w c:\windows\ServicePackFiles\i386\win32k.sys
- 2004-08-04 07:56:46 101,888 ------w c:\windows\ServicePackFiles\i386\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w c:\windows\ServicePackFiles\i386\win32spl.dll
- 2004-08-04 07:56:35 937,984 ------w c:\windows\ServicePackFiles\i386\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w c:\windows\ServicePackFiles\i386\winbrand.dll
- 2004-08-04 07:56:57 283,648 ------w c:\windows\ServicePackFiles\i386\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w c:\windows\ServicePackFiles\i386\winhlp32.exe
- 2004-08-04 07:56:46 351,232 ------w c:\windows\ServicePackFiles\i386\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w c:\windows\ServicePackFiles\i386\winhttp.dll
- 2004-08-04 07:56:46 656,384 ------w c:\windows\ServicePackFiles\i386\wininet.dll
+ 2008-04-14 00:12:08 666,112 ----a-w c:\windows\ServicePackFiles\i386\wininet.dll
- 2004-08-04 07:56:46 32,768 ------w c:\windows\ServicePackFiles\i386\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w c:\windows\ServicePackFiles\i386\winipsec.dll
- 2004-08-04 07:56:57 502,272 ------w c:\windows\ServicePackFiles\i386\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w c:\windows\ServicePackFiles\i386\winlogon.exe
- 2004-08-04 07:56:46 176,128 ------w c:\windows\ServicePackFiles\i386\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w c:\windows\ServicePackFiles\i386\winmm.dll
- 2004-08-04 07:56:35 764,928 ------w c:\windows\ServicePackFiles\i386\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w c:\windows\ServicePackFiles\i386\winntbbu.dll
- 2004-08-04 07:56:46 16,896 ------w c:\windows\ServicePackFiles\i386\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w c:\windows\ServicePackFiles\i386\winrnr.dll
- 2004-08-04 07:56:46 99,328 ------w c:\windows\ServicePackFiles\i386\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w c:\windows\ServicePackFiles\i386\winscard.dll
- 2004-08-04 07:56:46 17,408 ------w c:\windows\ServicePackFiles\i386\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w c:\windows\ServicePackFiles\i386\winshfhc.dll
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\ServicePackFiles\i386\winspool.drv
- 2004-08-04 07:56:46 290,816 ------w c:\windows\ServicePackFiles\i386\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w c:\windows\ServicePackFiles\i386\winsrv.dll
- 2004-08-04 07:56:46 53,760 ------w c:\windows\ServicePackFiles\i386\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w c:\windows\ServicePackFiles\i386\winsta.dll
- 2004-08-04 07:56:46 176,640 ------w c:\windows\ServicePackFiles\i386\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w c:\windows\ServicePackFiles\i386\wintrust.dll
- 2004-08-04 07:56:57 5,632 ------w c:\windows\ServicePackFiles\i386\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w c:\windows\ServicePackFiles\i386\winver.exe
- 2004-08-04 07:56:46 132,096 ------w c:\windows\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\ServicePackFiles\i386\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w c:\windows\ServicePackFiles\i386\wlanapi.dll
- 2004-08-04 07:56:46 172,032 ------w c:\windows\ServicePackFiles\i386\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w c:\windows\ServicePackFiles\i386\wldap32.dll
- 2004-08-04 07:56:46 92,672 ------w c:\windows\ServicePackFiles\i386\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w c:\windows\ServicePackFiles\i386\wlnotify.dll
- 2004-08-04 07:56:35 5,632 ------w c:\windows\ServicePackFiles\i386\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w c:\windows\ServicePackFiles\i386\wmi.dll
- 2004-08-04 06:07:41 8,832 ------w c:\windows\ServicePackFiles\i386\wmiacpi.sys
+ 2008-04-13 18:36:38 8,832 ----a-w c:\windows\ServicePackFiles\i386\wmiacpi.sys
- 2004-08-04 07:56:57 196,608 ------w c:\windows\ServicePackFiles\i386\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w c:\windows\ServicePackFiles\i386\wmiadap.exe
- 2004-08-04 07:56:35 6,656 ------w c:\windows\ServicePackFiles\i386\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w c:\windows\ServicePackFiles\i386\wmiapres.dll
- 2004-08-04 07:56:46 89,088 ------w c:\windows\ServicePackFiles\i386\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w c:\windows\ServicePackFiles\i386\wmiaprpl.dll
- 2004-08-04 07:56:57 126,464 ------w c:\windows\ServicePackFiles\i386\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w c:\windows\ServicePackFiles\i386\wmiapsrv.exe
- 2004-08-04 07:56:46 60,928 ------w c:\windows\ServicePackFiles\i386\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w c:\windows\ServicePackFiles\i386\wmicookr.dll
- 2004-08-04 07:56:46 140,800 ------w c:\windows\ServicePackFiles\i386\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w c:\windows\ServicePackFiles\i386\wmidcprv.dll
- 2004-08-04 07:56:46 156,672 ------w c:\windows\ServicePackFiles\i386\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w c:\windows\ServicePackFiles\i386\wmipcima.dll
- 2004-08-04 07:56:46 132,096 ------w c:\windows\ServicePackFiles\i386\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\ServicePackFiles\i386\wmipdskq.dll
- 2004-08-04 07:56:46 62,464 ------w c:\windows\ServicePackFiles\i386\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w c:\windows\ServicePackFiles\i386\wmipiprt.dll
- 2004-08-04 07:56:46 62,976 ------w c:\windows\ServicePackFiles\i386\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w c:\windows\ServicePackFiles\i386\wmipjobj.dll
- 2004-08-04 07:56:46 144,896 ------w c:\windows\ServicePackFiles\i386\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\ServicePackFiles\i386\wmiprov.dll
- 2004-08-04 07:56:46 437,248 ------w c:\windows\ServicePackFiles\i386\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w c:\windows\ServicePackFiles\i386\wmiprvsd.dll
- 2004-08-04 07:56:57 218,112 ------w c:\windows\ServicePackFiles\i386\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w c:\windows\ServicePackFiles\i386\wmiprvse.exe
- 2004-08-04 07:56:46 41,472 ------w c:\windows\ServicePackFiles\i386\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w c:\windows\ServicePackFiles\i386\wmipsess.dll
- 2004-08-04 07:56:46 144,896 ------w c:\windows\ServicePackFiles\i386\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\ServicePackFiles\i386\wmisvc.dll
- 2004-08-04 07:56:46 95,232 ------w c:\windows\ServicePackFiles\i386\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w c:\windows\ServicePackFiles\i386\wmiutils.dll
- 2004-08-04 07:56:46 167,936 ------w c:\windows\ServicePackFiles\i386\wmm2ae.dll
+ 2008-04-14 00:12:09 167,936 ----a-w c:\windows\ServicePackFiles\i386\wmm2ae.dll
- 2004-08-04 07:56:46 4,096 ------w c:\windows\ServicePackFiles\i386\wmm2eres.dll
+ 2008-04-14 00:12:09 4,096 ----a-w c:\windows\ServicePackFiles\i386\wmm2eres.dll
- 2004-08-04 07:56:46 7,680 ------w c:\windows\ServicePackFiles\i386\wmm2ext.dll
+ 2008-04-14 00:12:09 7,680 ----a-w c:\windows\ServicePackFiles\i386\wmm2ext.dll
- 2004-08-04 07:56:46 402,432 ------w c:\windows\ServicePackFiles\i386\wmm2filt.dll
+ 2008-04-14 00:12:09 402,432 ----a-w c:\windows\ServicePackFiles\i386\wmm2filt.dll
- 2004-08-04 07:56:46 502,272 ------w c:\windows\ServicePackFiles\i386\wmm2fxa.dll
+ 2008-04-14 00:12:09 502,272 ----a-w c:\windows\ServicePackFiles\i386\wmm2fxa.dll
- 2004-08-04 07:56:46 325,632 ------w c:\windows\ServicePackFiles\i386\wmm2fxb.dll
+ 2008-04-14 00:12:09 325,632 ----a-w c:\windows\ServicePackFiles\i386\wmm2fxb.dll
- 2004-08-04 07:56:46 4,256,768 ------w c:\windows\ServicePackFiles\i386\wmm2res.dll
+ 2008-04-14 00:12:09 4,256,768 ----a-w c:\windows\ServicePackFiles\i386\wmm2res.dll
- 2004-08-04 07:56:46 5,632 ------w c:\windows\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 5,632 ----a-w c:\windows\ServicePackFiles\i386\wmm2res2.dll
+ 2008-04-14 00:12:09 276,992 ------w c:\windows\ServicePackFiles\i386\wmphoto.dll
- 2004-08-04 07:56:57 214,528 ------w c:\windows\ServicePackFiles\i386\wordpad.exe
+ 2008-04-14 00:12:40 214,528 ----a-w c:\windows\ServicePackFiles\i386\wordpad.exe
- 2004-08-04 07:56:46 264,192 ------w c:\windows\ServicePackFiles\i386\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w c:\windows\ServicePackFiles\i386\wow32.dll
- 2004-08-04 07:56:57 32,256 ------w c:\windows\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w c:\windows\ServicePackFiles\i386\wpabaln.exe
- 2004-08-04 07:56:57 32,256 ------w c:\windows\ServicePackFiles\i386\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w c:\windows\ServicePackFiles\i386\wpnpinst.exe
- 2004-08-04 07:56:46 82,944 ------w c:\windows\ServicePackFiles\i386\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w c:\windows\ServicePackFiles\i386\ws2_32.dll
- 2004-08-04 07:56:46 19,968 ------w c:\windows\ServicePackFiles\i386\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w c:\windows\ServicePackFiles\i386\ws2help.dll
- 2004-08-04 07:56:57 13,824 ------w c:\windows\ServicePackFiles\i386\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w c:\windows\ServicePackFiles\i386\wscntfy.exe
- 2004-08-04 07:56:57 114,688 ------w c:\windows\ServicePackFiles\i386\wscript.exe
+ 2008-04-14 00:12:41 155,648 ----a-w c:\windows\ServicePackFiles\i386\wscript.exe
- 2004-08-04 07:56:46 81,408 ------w c:\windows\ServicePackFiles\i386\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w c:\windows\ServicePackFiles\i386\wscsvc.dll
- 2004-08-04 07:56:46 108,032 ------w c:\windows\ServicePackFiles\i386\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w c:\windows\ServicePackFiles\i386\wshbth.dll
- 2004-08-04 07:56:46 28,672 ------w c:\windows\ServicePackFiles\i386\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w c:\windows\ServicePackFiles\i386\wshcon.dll
- 2004-08-04 07:56:46 65,536 ------w c:\windows\ServicePackFiles\i386\wshext.dll
+ 2008-04-14 00:12:10 90,112 ----a-w c:\windows\ServicePackFiles\i386\wshext.dll
- 2004-08-04 07:56:46 14,336 ------w c:\windows\ServicePackFiles\i386\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w c:\windows\ServicePackFiles\i386\wship6.dll
- 2004-08-04 07:56:46 8,192 ------w c:\windows\ServicePackFiles\i386\wshirda.dll
+ 2008-04-14 00:12:10 8,192 ----a-w c:\windows\ServicePackFiles\i386\wshirda.dll
- 2004-08-04 07:56:46 11,776 ------w c:\windows\ServicePackFiles\i386\wshrm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w c:\windows\ServicePackFiles\i386\wshrm.dll
- 2004-08-04 07:56:46 19,968 ------w c:\windows\ServicePackFiles\i386\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w c:\windows\ServicePackFiles\i386\wshtcpip.dll
- 2004-08-04 07:56:46 42,496 ------w c:\windows\ServicePackFiles\i386\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w c:\windows\ServicePackFiles\i386\wsnmp32.dll
- 2004-08-04 07:56:46 22,528 ------w c:\windows\ServicePackFiles\i386\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w c:\windows\ServicePackFiles\i386\wsock32.dll
- 2004-08-04 06:10:21 19,328 ------w c:\windows\ServicePackFiles\i386\wstcodec.sys
+ 2008-04-13 18:46:24 19,200 ----a-w c:\windows\ServicePackFiles\i386\wstcodec.sys
- 2004-08-04 07:56:46 50,688 ------w c:\windows\ServicePackFiles\i386\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w c:\windows\ServicePackFiles\i386\wstdecod.dll
- 2004-08-04 07:56:46 18,432 ------w c:\windows\ServicePackFiles\i386\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w c:\windows\ServicePackFiles\i386\wtsapi32.dll
- 2004-08-04 07:56:46 430,592 ------w c:\windows\ServicePackFiles\i386\wuapi.dll
+ 2008-04-14 00:12:10 430,592 ----a-w c:\windows\ServicePackFiles\i386\wuapi.dll
- 2004-08-04 07:56:57 111,104 ------w c:\windows\ServicePackFiles\i386\wuauclt.exe
+ 2008-04-14 00:12:41 111,104 ----a-w c:\windows\ServicePackFiles\i386\wuauclt.exe
- 2004-08-04 07:56:57 165,888 ------w c:\windows\ServicePackFiles\i386\wuauclt1.exe
+ 2008-04-14 00:12:41 165,888 ----a-w c:\windows\ServicePackFiles\i386\wuauclt1.exe
- 2004-08-04 07:56:46 1,134,592 ------w c:\windows\ServicePackFiles\i386\wuaueng.dll
+ 2008-04-14 00:12:11 1,135,616 ----a-w c:\windows\ServicePackFiles\i386\wuaueng.dll
- 2004-08-04 07:56:46 183,296 ------w c:\windows\ServicePackFiles\i386\wuaueng1.dll
+ 2008-04-14 00:12:11 183,296 ----a-w c:\windows\ServicePackFiles\i386\wuaueng1.dll
- 2004-08-04 07:56:46 6,656 ------w c:\windows\ServicePackFiles\i386\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w c:\windows\ServicePackFiles\i386\wuauserv.dll
- 2004-08-04 07:56:46 112,640 ------w c:\windows\ServicePackFiles\i386\wucltui.dll
+ 2008-04-14 00:12:11 112,640 ----a-w c:\windows\ServicePackFiles\i386\wucltui.dll
- 2004-08-04 07:56:46 36,864 ------w c:\windows\ServicePackFiles\i386\wups.dll
+ 2008-04-14 00:12:11 32,256 ----a-w c:\windows\ServicePackFiles\i386\wups.dll
- 2004-08-04 07:56:46 120,320 ------w c:\windows\ServicePackFiles\i386\wuweb.dll
+ 2008-04-14 00:12:11 120,320 ----a-w c:\windows\ServicePackFiles\i386\wuweb.dll
- 2004-08-04 07:56:46 378,368 ------w c:\windows\ServicePackFiles\i386\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w c:\windows\ServicePackFiles\i386\wzcdlg.dll
- 2004-08-04 07:56:46 51,712 ------w c:\windows\ServicePackFiles\i386\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w c:\windows\ServicePackFiles\i386\wzcsapi.dll
- 2004-08-04 07:56:46 359,936 ------w c:\windows\ServicePackFiles\i386\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w c:\windows\ServicePackFiles\i386\wzcsvc.dll
- 2004-08-04 07:56:46 91,648 ------w c:\windows\ServicePackFiles\i386\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w c:\windows\ServicePackFiles\i386\xactsrv.dll
- 2004-08-04 07:56:57 30,720 ------w c:\windows\ServicePackFiles\i386\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w c:\windows\ServicePackFiles\i386\xcopy.exe
+ 2008-04-14 00:12:11 121,856 ------w c:\windows\ServicePackFiles\i386\xmllite.dll
- 2004-08-04 07:56:46 129,536 ------w c:\windows\ServicePackFiles\i386\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w c:\windows\ServicePackFiles\i386\xmlprov.dll
- 2004-08-04 07:56:46 50,176 ------w c:\windows\ServicePackFiles\i386\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w c:\windows\ServicePackFiles\i386\xmlprovi.dll
- 2004-08-04 07:56:46 11,776 ------w c:\windows\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w c:\windows\ServicePackFiles\i386\xolehlp.dll
+ 2008-04-13 18:53:32 558,080 ------w c:\windows\ServicePackFiles\i386\xpnetdg.exe
- 2004-08-04 07:56:36 438,784 ------w c:\windows\ServicePackFiles\i386\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w c:\windows\ServicePackFiles\i386\xpob2res.dll
- 2004-08-04 07:56:36 187,392 ------w c:\windows\ServicePackFiles\i386\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w c:\windows\ServicePackFiles\i386\xpsp1res.dll
- 2004-08-04 07:56:36 2,897,920 ------w c:\windows\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w c:\windows\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-13 17:39:26 689,152 ------w c:\windows\ServicePackFiles\i386\xpsp3res.dll
+ 2008-04-14 00:12:11 18,944 ------w c:\windows\ServicePackFiles\i386\xrxscnui.dll
- 2004-08-04 07:56:46 116,224 ------w c:\windows\ServicePackFiles\i386\xrxwiadr.dll
+ 2008-04-14 00:12:11 116,224 ----a-w c:\windows\ServicePackFiles\i386\xrxwiadr.dll
- 2004-08-04 07:56:46 337,920 ------w c:\windows\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w c:\windows\ServicePackFiles\i386\zipfldr.dll
+ 2008-04-14 00:11:51 33,792 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\custsat.dll
+ 2008-04-14 00:11:59 82,944 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msgsc.dll
+ 2008-04-13 17:30:28 180,224 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msgslang.dll
+ 2008-04-14 00:12:28 1,695,232 ------w c:\windows\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
- 2004-08-04 07:56:56 32,866 ------w c:\windows\slrundll.exe
+ 2008-04-14 00:12:35 32,866 ----a-w c:\windows\slrundll.exe
- 2004-08-04 07:56:43 3,166,208 ----a-w c:\windows\srchasst\msgr3en.dll
+ 2008-04-14 00:11:59 3,166,208 ----a-w c:\windows\srchasst\msgr3en.dll
- 2004-08-04 07:56:45 58,434 ----a-w c:\windows\srchasst\srchctls.dll
+ 2008-04-14 00:12:06 58,434 ----a-w c:\windows\srchasst\srchctls.dll
- 2004-08-04 07:56:45 725,566 ----a-w c:\windows\srchasst\srchui.dll
+ 2008-04-14 00:12:07 726,078 ----a-w c:\windows\srchasst\srchui.dll
+ 2000-08-31 14:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 14:00:00 136,704 ----a-w c:\windows\SWSC.exe
+ 2000-08-31 14:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe
+ 2002-09-03 16:39:10 2,000 ----a-w c:\windows\system\KEYBOARD.DRV
+ 2002-09-03 16:40:09 73,376 ----a-w c:\windows\system\MCIAVI.DRV
+ 2002-09-03 16:40:12 25,264 ----a-w c:\windows\system\MCISEQ.DRV
+ 2002-09-03 16:40:13 28,160 ----a-w c:\windows\system\MCIWAVE.DRV
+ 2002-09-03 16:42:26 2,032 ----a-w c:\windows\system\MOUSE.DRV
+ 2002-09-03 17:03:29 1,744 ----a-w c:\windows\system\SOUND.DRV
+ 2002-09-03 17:06:04 3,360 ----a-w c:\windows\system\SYSTEM.DRV
+ 2002-09-03 17:06:48 4,048 ----a-w c:\windows\system\TIMER.DRV
+ 2002-09-03 17:09:27 2,176 ----a-w c:\windows\system\VGA.DRV
+ 2002-09-03 17:11:44 13,600 ----a-w c:\windows\system\WFWNET.DRV
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system\winspool.drv
- 2006-08-16 11:58:05 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2008-04-14 00:11:48 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2008-04-14 00:11:48 136,192 ------w c:\windows\system32\aaclient.dll
- 2004-06-15 16:34:34 65,536 ----a-w c:\windows\system32\acauth.dll
+ 2004-06-15 15:34:34 65,536 ----a-w c:\windows\system32\acauth.dll
- 2004-06-15 16:34:34 126,976 ----a-w c:\windows\system32\acbsi20.dll
+ 2004-06-15 15:34:34 126,976 ----a-w c:\windows\system32\acbsi20.dll
- 2003-09-26 17:46:20 102,400 ----a-w c:\windows\system32\acbsi21.dll
+ 2003-09-26 16:46:20 102,400 ----a-w c:\windows\system32\acbsi21.dll
- 2004-06-15 16:34:34 86,016 ----a-w c:\windows\system32\acbsij.dll
+ 2004-06-15 15:34:34 86,016 ----a-w c:\windows\system32\acbsij.dll
- 2004-06-15 16:34:34 135,168 ----a-w c:\windows\system32\acbsiprov.dll
+ 2004-06-15 15:34:34 135,168 ----a-w c:\windows\system32\acbsiprov.dll
- 2004-06-15 16:34:34 249,856 ----a-w c:\windows\system32\accsp.dll
+ 2004-06-15 15:34:34 249,856 ----a-w c:\windows\system32\accsp.dll
- 2004-08-04 07:56:47 183,808 ----a-w c:\windows\system32\accwiz.exe
+ 2008-04-14 00:12:11 184,320 ----a-w c:\windows\system32\accwiz.exe
- 2004-06-15 16:34:34 61,440 ----a-w c:\windows\system32\acdbilog.dll
+ 2004-06-15 15:34:34 61,440 ----a-w c:\windows\system32\acdbilog.dll
- 2004-06-15 16:34:34 36,864 ----a-w c:\windows\system32\acdiag.dll
+ 2004-06-15 15:34:34 36,864 ----a-w c:\windows\system32\acdiag.dll
- 2004-06-15 16:34:34 90,112 ----a-w c:\windows\system32\acDiagno.dll
+ 2004-06-15 15:34:34 90,112 ----a-w c:\windows\system32\acDiagno.dll
- 2004-06-15 16:34:34 36,864 ----a-w c:\windows\system32\acerrmes.dll
+ 2004-06-15 15:34:34 36,864 ----a-w c:\windows\system32\acerrmes.dll
- 2004-06-15 16:34:34 196,608 ----a-w c:\windows\system32\acexchex.dll
+ 2004-06-15 15:34:34 196,608 ----a-w c:\windows\system32\acexchex.dll
- 2004-06-15 16:34:34 405,504 ----a-w c:\windows\system32\acjavasc.dll
+ 2004-06-15 15:34:34 405,504 ----a-w c:\windows\system32\acjavasc.dll
- 2004-06-15 16:34:36 684,032 ----a-w c:\windows\system32\aclibeay.dll
+ 2004-06-15 15:34:36 684,032 ----a-w c:\windows\system32\aclibeay.dll
- 2004-08-04 07:56:41 114,688 ----a-w c:\windows\system32\aclui.dll
+ 2008-04-14 00:11:48 115,712 ----a-w c:\windows\system32\aclui.dll
- 2004-06-15 16:34:36 110,592 ----a-w c:\windows\system32\acomx.dll
+ 2004-06-15 15:34:36 110,592 ----a-w c:\windows\system32\acomx.dll
- 2003-10-06 16:58:56 28,672 ----a-w c:\windows\system32\ACOutCom.dll
+ 2003-10-06 15:58:56 28,672 ----a-w c:\windows\system32\ACOutCom.dll
- 2004-06-15 16:34:36 176,205 ----a-w c:\windows\system32\acpicom.dll
+ 2004-06-15 15:34:36 176,205 ----a-w c:\windows\system32\acpicom.dll
- 2004-06-15 16:34:36 155,727 ----a-w c:\windows\system32\acpimeta.dll
+ 2004-06-15 15:34:36 155,727 ----a-w c:\windows\system32\acpimeta.dll
- 2004-06-15 16:34:36 81,920 ----a-w c:\windows\system32\acpipint.dll
+ 2004-06-15 15:34:36 81,920 ----a-w c:\windows\system32\acpipint.dll
- 2004-06-15 16:34:36 294,912 ----a-w c:\windows\system32\acpkcs.dll
+ 2004-06-15 15:34:36 294,912 ----a-w c:\windows\system32\acpkcs.dll
- 2004-06-15 16:34:36 294,912 ----a-w c:\windows\system32\acpkcs201.dll
+ 2004-06-15 15:34:36 294,912 ----a-w c:\windows\system32\acpkcs201.dll
- 2004-06-15 16:34:36 294,912 ----a-w c:\windows\system32\acpkcs211.dll
+ 2004-06-15 15:34:36 294,912 ----a-w c:\windows\system32\acpkcs211.dll
- 2004-08-04 07:56:41 194,048 ----a-w c:\windows\system32\activeds.dll
+ 2008-04-14 00:11:48 193,536 ----a-w c:\windows\system32\activeds.dll
- 2004-08-04 07:56:47 4,096 ----a-w c:\windows\system32\actmovie.exe
+ 2008-04-14 00:12:12 4,096 ----a-w c:\windows\system32\actmovie.exe
- 2004-08-04 07:56:41 101,888 ----a-w c:\windows\system32\actxprxy.dll
+ 2008-04-14 00:11:48 98,304 ----a-w c:\windows\system32\actxprxy.dll
- 2004-06-15 16:34:36 28,672 ----a-w c:\windows\system32\acWMIPrv.dll
+ 2004-06-15 15:34:36 28,672 ----a-w c:\windows\system32\acWMIPrv.dll
- 2004-06-15 16:34:36 49,152 ----a-w c:\windows\system32\acwpipint.dll
+ 2004-06-15 15:34:36 49,152 ----a-w c:\windows\system32\acwpipint.dll
- 2004-06-15 16:34:36 86,016 ----a-w c:\windows\system32\acxsi20.dll
+ 2004-06-15 15:34:36 86,016 ----a-w c:\windows\system32\acxsi20.dll
- 2004-08-04 07:56:41 61,440 ----a-w c:\windows\system32\admparse.dll
+ 2007-08-13 23:39:20 71,680 ----a-w c:\windows\system32\admparse.dll
- 2004-08-04 07:56:41 175,616 ----a-w c:\windows\system32\adsldp.dll
+ 2008-04-14 00:11:48 175,616 ----a-w c:\windows\system32\adsldp.dll
- 2004-08-04 07:56:41 143,360 ----a-w c:\windows\system32\adsldpc.dll
+ 2008-04-14 00:11:48 143,360 ----a-w c:\windows\system32\adsldpc.dll
- 2004-08-04 07:56:41 68,096 ----a-w c:\windows\system32\adsmsext.dll
+ 2008-04-14 00:11:48 68,096 ----a-w c:\windows\system32\adsmsext.dll
- 2004-08-04 07:56:41 263,680 ----a-w c:\windows\system32\adsnt.dll
+ 2008-04-14 00:11:48 263,680 ----a-w c:\windows\system32\adsnt.dll
- 2004-08-04 07:56:41 616,960 ----a-w c:\windows\system32\advapi32.dll
+ 2008-04-14 00:11:48 617,472 ----a-w c:\windows\system32\advapi32.dll
- 2004-08-04 07:56:41 99,840 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll
- 2004-08-04 07:56:47 98,304 ----a-w c:\windows\system32\ahui.exe
+ 2008-04-14 00:12:12 98,304 ----a-w c:\windows\system32\ahui.exe
- 2004-08-04 07:56:47 44,544 ----a-w c:\windows\system32\alg.exe
+ 2008-04-14 00:12:12 44,544 ----a-w c:\windows\system32\alg.exe
- 2004-08-04 07:56:41 17,408 ----a-w c:\windows\system32\alrsvc.dll
+ 2008-04-14 00:11:49 17,408 ----a-w c:\windows\system32\alrsvc.dll
- 2004-08-04 07:56:41 70,656 ----a-w c:\windows\system32\amstream.dll
+ 2008-04-14 00:11:49 70,656 ----a-w c:\windows\system32\amstream.dll
- 2004-08-04 07:56:41 126,976 ----a-w c:\windows\system32\apphelp.dll
+ 2008-04-14 00:11:49 125,952 ----a-w c:\windows\system32\apphelp.dll
- 2001-03-03 01:52:40 15,360 ----a-w c:\windows\system32\asfsipc.dll
+ 1999-12-20 18:16:40 15,360 ----a-w c:\windows\system32\asfsipc.dll
- 2004-06-15 16:34:36 86,016 ----a-w c:\windows\system32\aspcom.dll
+ 2004-06-15 15:34:36 86,016 ----a-w c:\windows\system32\aspcom.dll
- 2004-06-15 16:34:38 348,160 ----a-w c:\windows\system32\asphat32.dll
+ 2004-06-15 15:34:38 348,160 ----a-w c:\windows\system32\asphat32.dll
- 2004-08-04 07:56:41 65,024 ----a-w c:\windows\system32\asycfilt.dll
+ 2008-04-14 00:11:49 65,024 ----a-w c:\windows\system32\asycfilt.dll
- 2004-08-04 07:56:47 25,088 ----a-w c:\windows\system32\at.exe
+ 2008-04-14 00:12:12 25,088 ----a-w c:\windows\system32\at.exe
- 2004-08-04 07:56:41 229,376 ----a-w c:\windows\system32\ati2cqag.dll
+ 2008-04-14 00:11:49 229,376 ----a-w c:\windows\system32\ati2cqag.dll
- 2004-08-04 07:56:41 377,984 ----a-w c:\windows\system32\ati2dvaa.dll
+ 2008-04-14 00:11:49 377,984 ----a-w c:\windows\system32\ati2dvaa.dll
- 2004-08-04 07:56:41 201,728 ----a-w c:\windows\system32\ati2dvag.dll
+ 2008-04-14 00:11:49 201,728 ----a-w c:\windows\system32\ati2dvag.dll
- 2004-08-04 07:56:41 870,784 ----a-w c:\windows\system32\ati3d1ag.dll
+ 2008-04-14 00:11:49 870,784 ----a-w c:\windows\system32\ati3d1ag.dll
- 2004-08-04 07:56:41 1,888,992 ----a-w c:\windows\system32\ati3duag.dll
+ 2008-04-14 00:11:50 1,888,992 ----a-w c:\windows\system32\ati3duag.dll
- 2004-08-04 07:56:41 32,768 ----a-w c:\windows\system32\ativtmxx.dll
+ 2008-04-14 00:11:50 32,768 ----a-w c:\windows\system32\ativtmxx.dll
- 2004-08-04 07:56:41 516,768 ----a-w c:\windows\system32\ativvaxx.dll
+ 2008-04-14 00:11:50 516,768 ----a-w c:\windows\system32\ativvaxx.dll
- 2004-08-04 07:56:41 58,880 ----a-w c:\windows\system32\atl.dll
+ 2008-04-14 00:11:50 58,880 ----a-w c:\windows\system32\atl.dll
- 2004-08-04 07:56:47 11,264 ----a-w c:\windows\system32\atmadm.exe
+ 2008-04-14 00:12:12 11,264 ----a-w c:\windows\system32\atmadm.exe
- 2004-08-04 07:55:59 285,696 ----a-w c:\windows\system32\atmfd.dll
+ 2008-04-14 00:09:01 285,696 ----a-w c:\windows\system32\atmfd.dll
- 2004-08-04 07:56:41 30,208 ----a-w c:\windows\system32\atmlib.dll
+ 2008-04-14 00:11:50 30,208 ----a-w c:\windows\system32\atmlib.dll
+ 2004-08-10 06:50:22 77,889 ----a-w c:\windows\system32\atrc.dll
- 2002-09-03 16:27:42 11,264 ----a-w c:\windows\system32\attrib.exe
+ 2008-04-14 00:12:12 12,288 ----a-w c:\windows\system32\attrib.exe
- 2004-08-04 07:56:41 42,496 ----a-w c:\windows\system32\audiosrv.dll
+ 2008-04-14 00:11:50 42,496 ----a-w c:\windows\system32\audiosrv.dll
- 2004-08-04 07:56:47 14,336 ----a-w c:\windows\system32\auditusr.exe
+ 2008-04-14 00:12:12 14,336 ----a-w c:\windows\system32\auditusr.exe
- 2005-03-02 18:09:29 56,832 ----a-w c:\windows\system32\authz.dll
+ 2008-04-14 00:11:50 62,464 ----a-w c:\windows\system32\authz.dll
- 2004-08-04 07:56:47 588,800 ----a-w c:\windows\system32\autochk.exe
+ 2008-04-14 00:12:12 588,800 ----a-w c:\windows\system32\autochk.exe
- 2004-08-04 07:56:47 602,624 ----a-w c:\windows\system32\autoconv.exe
+ 2008-04-14 00:12:12 602,624 ----a-w c:\windows\system32\autoconv.exe
- 2004-08-04 07:56:47 580,608 ----a-w c:\windows\system32\autofmt.exe
+ 2008-04-14 00:12:13 580,608 ----a-w c:\windows\system32\autofmt.exe
- 2004-08-04 07:56:47 11,264 ----a-w c:\windows\system32\autolfn.exe
+ 2008-04-14 00:12:13 11,264 ----a-w c:\windows\system32\autolfn.exe
- 2004-08-04 07:56:41 84,992 ----a-w c:\windows\system32\avifil32.dll
+ 2008-04-14 00:11:50 84,992 ----a-w c:\windows\system32\avifil32.dll
+ 2008-04-14 00:11:50 233,472 ------w c:\windows\system32\azroles.dll
- 2004-08-04 07:56:41 52,736 ----a-w c:\windows\system32\basesrv.dll
+ 2008-04-14 00:11:50 52,736 ----a-w c:\windows\system32\basesrv.dll
- 2004-08-04 07:56:41 28,672 ----a-w c:\windows\system32\batmeter.dll
+ 2008-04-14 00:11:50 29,184 ----a-w c:\windows\system32\batmeter.dll
- 2004-08-04 07:56:41 8,704 ----a-w c:\windows\system32\batt.dll
+ 2008-04-14 00:11:50 8,704 ----a-w c:\windows\system32\batt.dll
- 2004-08-04 07:56:41 17,408 ----a-w c:\windows\system32\bidispl.dll
+ 2008-04-14 00:11:50 17,408 ----a-w c:\windows\system32\bidispl.dll
- 2004-07-01 22:08:18 361,984 ----a-w c:\windows\system32\bits\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w c:\windows\system32\bits\qmgr.dll
- 2004-08-04 07:56:41 8,192 ----a-w c:\windows\system32\bitsprx2.dll
+ 2008-04-14 00:11:50 8,192 ----a-w c:\windows\system32\bitsprx2.dll
- 2004-08-04 07:56:41 7,168 ----a-w c:\windows\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ----a-w c:\windows\system32\bitsprx3.dll
+ 2008-04-14 00:11:50 7,168 ------w c:\windows\system32\bitsprx4.dll
- 2004-08-04 07:56:47 71,680 ----a-w c:\windows\system32\blastcln.exe
+ 2008-04-14 00:12:13 71,680 ----a-w c:\windows\system32\blastcln.exe
- 2004-08-04 07:55:59 63,488 ----a-w c:\windows\system32\browselc.dll
+ 2008-04-13 17:03:24 63,488 ----a-w c:\windows\system32\browselc.dll
- 2004-08-04 07:56:41 77,312 ----a-w c:\windows\system32\browser.dll
+ 2008-04-14 00:11:50 77,824 ----a-w c:\windows\system32\browser.dll
- 2007-06-15 08:12:28 1,022,976 ----a-w c:\windows\system32\browseui.dll
+ 2008-04-14 00:11:50 1,025,024 ----a-w c:\windows\system32\browseui.dll
- 2004-08-04 07:56:41 78,336 ----a-w c:\windows\system32\browsewm.dll
+ 2008-04-14 00:11:50 78,336 ----a-w c:\windows\system32\browsewm.dll
- 2004-08-04 07:56:41 20,992 ----a-w c:\windows\system32\bthci.dll
+ 2008-04-14 00:11:50 20,992 ----a-w c:\windows\system32\bthci.dll
- 2004-08-04 07:56:41 30,208 ----a-w c:\windows\system32\bthserv.dll
+ 2008-04-14 00:11:50 30,208 ----a-w c:\windows\system32\bthserv.dll
- 2004-08-04 07:56:41 50,688 ----a-w c:\windows\system32\btpanui.dll
+ 2008-04-14 00:11:50 50,688 ----a-w c:\windows\system32\btpanui.dll
- 2004-08-04 07:56:41 59,904 ----a-w c:\windows\system32\cabinet.dll
+ 2008-04-14 00:11:50 60,416 ----a-w c:\windows\system32\cabinet.dll
- 2004-08-04 07:56:41 84,480 ----a-w c:\windows\system32\cabview.dll
+ 2008-04-14 00:11:50 84,480 ----a-w c:\windows\system32\cabview.dll
- 2002-09-03 16:28:17 18,432 ----a-w c:\windows\system32\cacls.exe
+ 2008-04-14 00:12:13 19,968 ----a-w c:\windows\system32\cacls.exe
- 2004-08-04 07:56:41 50,688 ----a-w c:\windows\system32\camocx.dll
+ 2008-04-14 00:11:50 50,688 ----a-w c:\windows\system32\camocx.dll
- 2002-09-03 16:28:21 142,848 ----a-w c:\windows\system32\capesnpn.dll
+ 2008-04-14 00:11:50 150,016 ----a-w c:\windows\system32\capesnpn.dll
- 2005-07-26 04:39:42 225,792 ----a-w c:\windows\system32\catsrv.dll
+ 2008-04-14 00:11:50 226,304 ----a-w c:\windows\system32\catsrv.dll
- 2004-08-04 07:56:41 85,504 ----a-w c:\windows\system32\catsrvps.dll
+ 2008-04-14 00:11:50 85,504 ----a-w c:\windows\system32\catsrvps.dll
- 2005-07-26 04:39:43 625,152 ----a-w c:\windows\system32\catsrvut.dll
+ 2008-04-14 00:11:50 625,664 ----a-w c:\windows\system32\catsrvut.dll
- 2007-06-15 08:12:28 151,040 ----a-w c:\windows\system32\cdfview.dll
+ 2008-04-14 00:11:50 151,040 ----a-w c:\windows\system32\cdfview.dll
- 2007-07-31 00:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 20:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2005-09-10 01:53:41 2,067,968 ----a-w c:\windows\system32\cdosys.dll
+ 2008-04-14 00:11:50 2,091,520 ----a-w c:\windows\system32\cdosys.dll
- 2004-08-04 07:56:41 194,560 ----a-w c:\windows\system32\certcli.dll
+ 2008-04-14 00:11:50 194,560 ----a-w c:\windows\system32\certcli.dll
- 2004-08-04 07:56:41 457,728 ----a-w c:\windows\system32\certmgr.dll
+ 2008-04-14 00:11:50 457,728 ----a-w c:\windows\system32\certmgr.dll
- 2003-03-26 23:28:36 53,325 ----a-w c:\windows\system32\CEUTIL.DLL
+ 2006-06-21 03:34:38 20,264 ----a-w c:\windows\system32\ceutil.dll
- 2004-08-04 07:56:41 38,912 ----a-w c:\windows\system32\cfgbkend.dll
+ 2008-04-14 00:11:50 38,912 ----a-w c:\windows\system32\cfgbkend.dll
- 2004-08-04 07:56:00 16,896 ----a-w c:\windows\system32\cfgmgr32.dll
+ 2008-04-14 00:09:05 16,896 ----a-w c:\windows\system32\cfgmgr32.dll
- 2002-09-03 16:28:48 109,568 ----a-w c:\windows\system32\cic.dll
+ 2008-04-14 00:11:50 148,480 ----a-w c:\windows\system32\cic.dll
- 2006-06-22 05:06:29 69,120 ----a-w c:\windows\system32\ciodm.dll
+ 2008-04-14 00:11:50 69,120 ----a-w c:\windows\system32\ciodm.dll
- 2004-08-04 07:56:47 5,632 ----a-w c:\windows\system32\cisvc.exe
+ 2008-04-14 00:12:14 5,632 ----a-w c:\windows\system32\cisvc.exe
- 2005-07-26 04:39:43 110,080 ----a-w c:\windows\system32\clbcatex.dll
+ 2008-04-14 00:11:50 110,592 ----a-w c:\windows\system32\clbcatex.dll
- 2005-07-26 04:39:43 498,688 ----a-w c:\windows\system32\clbcatq.dll
+ 2008-04-14 00:11:50 498,688 ----a-w c:\windows\system32\clbcatq.dll
- 2004-08-04 07:56:47 64,000 ----a-w c:\windows\system32\cleanmgr.exe
+ 2008-04-14 00:12:14 64,000 ----a-w c:\windows\system32\cleanmgr.exe
- 2004-08-04 07:56:41 77,824 ----a-w c:\windows\system32\cliconfg.dll
+ 2008-04-14 00:11:50 77,824 ----a-w c:\windows\system32\cliconfg.dll
- 2004-08-04 07:56:47 20,480 ----a-w c:\windows\system32\cliconfg.exe
+ 2008-04-14 00:12:14 20,480 ----a-w c:\windows\system32\cliconfg.exe
- 2004-08-04 07:56:47 102,912 ----a-w c:\windows\system32\clipbrd.exe
+ 2008-04-14 00:12:14 102,912 ----a-w c:\windows\system32\clipbrd.exe
- 2004-08-04 07:56:47 33,280 ----a-w c:\windows\system32\clipsrv.exe
+ 2008-04-14 00:12:14 33,280 ----a-w c:\windows\system32\clipsrv.exe
- 2004-08-04 07:56:41 57,856 ----a-w c:\windows\system32\clusapi.dll
+ 2008-04-14 00:11:50 58,368 ----a-w c:\windows\system32\clusapi.dll
- 2004-08-04 07:56:41 15,872 ----a-w c:\windows\system32\cmcfg32.dll
+ 2008-04-14 00:11:50 15,872 ----a-w c:\windows\system32\cmcfg32.dll
- 2004-08-04 07:56:48 388,608 ----a-w c:\windows\system32\cmd.exe
+ 2008-04-14 00:12:14 389,120 ----a-w c:\windows\system32\cmd.exe
- 2004-08-04 07:56:41 343,040 ----a-w c:\windows\system32\cmdial32.dll
+ 2008-04-14 00:11:50 344,064 ----a-w c:\windows\system32\cmdial32.dll
- 2004-08-04 07:56:48 47,104 ----a-w c:\windows\system32\cmdl32.exe
+ 2008-04-14 00:12:14 25,600 ----a-w c:\windows\system32\cmdl32.exe
- 2004-08-04 07:56:48 39,936 ----a-w c:\windows\system32\cmmon32.exe
+ 2008-04-14 00:12:15 39,936 ----a-w c:\windows\system32\cmmon32.exe
- 2004-08-04 07:56:41 185,344 ----a-w c:\windows\system32\cmprops.dll
+ 2008-04-14 00:11:50 185,344 ----a-w c:\windows\system32\cmprops.dll
- 2004-08-04 07:56:41 13,824 ----a-w c:\windows\system32\cmsetacl.dll
+ 2008-04-14 00:11:50 13,312 ----a-w c:\windows\system32\cmsetacl.dll
- 2004-08-04 07:56:48 63,488 ----a-w c:\windows\system32\cmstp.exe
+ 2008-04-14 00:12:15 63,488 ----a-w c:\windows\system32\cmstp.exe
- 2004-08-04 07:56:41 39,936 ----a-w c:\windows\system32\cmutil.dll
+ 2008-04-14 00:11:50 39,424 ----a-w c:\windows\system32\cmutil.dll
- 2004-08-04 07:56:41 47,104 ----a-w c:\windows\system32\cnbjmon.dll
+ 2008-04-14 00:11:50 47,104 ----a-w c:\windows\system32\cnbjmon.dll
- 2005-07-26 04:39:43 60,416 ----a-w c:\windows\system32\colbact.dll
+ 2008-04-14 00:11:51 60,416 ----a-w c:\windows\system32\colbact.dll
- 2005-07-26 04:39:44 195,072 ----a-w c:\windows\system32\Com\comadmin.dll
+ 2008-04-14 00:11:51 195,072 ----a-w c:\windows\system32\Com\comadmin.dll
- 2004-08-04 07:56:48 9,728 ----a-w c:\windows\system32\Com\comrepl.exe
+ 2008-04-14 00:12:15 9,728 ----a-w c:\windows\system32\Com\comrepl.exe
- 2002-09-03 16:29:17 5,120 ----a-w c:\windows\system32\Com\comrereg.exe
+ 2008-04-14 00:12:15 6,144 ----a-w c:\windows\system32\Com\comrereg.exe
- 2002-09-03 16:29:08 25,600 ----a-w c:\windows\system32\comaddin.dll
+ 2008-04-14 00:11:51 28,160 ----a-w c:\windows\system32\comaddin.dll
- 2006-08-25 15:45:58 617,472 ----a-w c:\windows\system32\comctl32.dll
+ 2008-04-14 00:11:51 617,472 ----a-w c:\windows\system32\comctl32.dll
- 2004-08-04 07:56:41 276,992 ----a-w c:\windows\system32\comdlg32.dll
+ 2008-04-14 00:11:51 276,992 ----a-w c:\windows\system32\comdlg32.dll
+ 2002-09-03 16:29:11 10,544 ----a-w c:\windows\system32\comm.drv
- 2004-08-04 07:56:41 252,928 ----a-w c:\windows\system32\compatui.dll
+ 2008-04-14 00:11:51 252,928 ----a-w c:\windows\system32\compatui.dll
- 2004-08-04 07:56:41 229,376 ----a-w c:\windows\system32\compstui.dll
+ 2008-04-14 00:11:51 229,376 ----a-w c:\windows\system32\compstui.dll
- 2005-07-26 04:39:44 97,792 ----a-w c:\windows\system32\comrepl.dll
+ 2008-04-14 00:11:51 97,792 ----a-w c:\windows\system32\comrepl.dll
- 2004-08-04 07:56:41 792,064 ----a-w c:\windows\system32\comres.dll
+ 2008-04-14 00:11:51 792,064 ----a-w c:\windows\system32\comres.dll
- 2002-09-03 16:29:18 147,456 ----a-w c:\windows\system32\comsnap.dll
+ 2008-04-14 00:11:51 167,424 ----a-w c:\windows\system32\comsnap.dll
- 2005-07-26 04:39:44 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
+ 2008-04-14 00:11:51 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
- 2005-07-26 04:39:45 540,160 ----a-w c:\windows\system32\comuid.dll
+ 2008-04-14 00:11:51 539,648 ----a-w c:\windows\system32\comuid.dll
+ 2008-11-30 19:15:50 3,448 ----a-w c:\windows\system32\config\systemprofile\Application Data\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\070787C32F4F9C08E71FF8FBCE2C58FDAF53FE41\070787C32F4F9C08E71FF8FBCE2C58FDAF53FE41\Data.dat
+ 2008-11-30 19:15:38 3,378 ----a-w c:\windows\system32\config\systemprofile\Application Data\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\34EF31291F8EA59F 5C77B5C7C788725D8B538BB1\34EF31291F8EA59F5C77B5C7C788725D8B538BB1\Data.dat
+ 2008-11-30 19:04:40 5,814 ----a-w c:\windows\system32\config\systemprofile\Application Data\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\3A3C5F7CC9415160 B34912634CB95978E99A7DDE\3A3C5F7CC9415160B34912634CB95978E99A7DDE\Data.dat
+ 2008-11-30 19:01:48 3,378 ----a-w c:\windows\system32\config\systemprofile\Application Data\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\681E3BBDEDD8D924 C020EB6A7C5BBC35336F185B\681E3BBDEDD8D924C020EB6A7C5BBC35336F185B\Data.dat
+ 2008-11-30 19:01:53 3,532 ----a-w c:\windows\system32\config\systemprofile\Application Data\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\C2ADCAFAE3B4F202 97210C01E88F5709BF43045C\C2ADCAFAE3B4F20297210C01E88F5709BF43045C\Data.dat
+ 2008-11-30 19:01:26 5,722 ----a-w c:\windows\system32\config\systemprofile\Application Data\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\CD0122E52A7F5228 E67DF537D503618B453572A2\CD0122E52A7F5228E67DF537D503618B453572A2\Data.dat
+ 2008-11-30 19:04:50 3,378 ----a-w c:\windows\system32\config\systemprofile\Application Data\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\FCB751C54B64D96B 0892FD809BDE464D4097AB76\FCB751C54B64D96B0892FD809BDE464D4097AB76\Data.dat
- 2007-10-08 05:28:34 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-11-30 19:35:12 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-10-16 08:44:47 64,192 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
- 2007-10-08 05:28:34 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-11-30 19:35:12 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-09-19 15:55:02 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008091920080920\index.dat
- 2007-10-08 05:28:34 81,920 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-30 19:35:12 98,304 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2002-09-03 16:29:21 345,600 ----a-w c:\windows\system32\confmsp.dll
+ 2008-04-14 00:11:51 357,888 ----a-w c:\windows\system32\confmsp.dll
- 2004-08-04 07:56:48 27,648 ----a-w c:\windows\system32\conime.exe
+ 2008-04-14 00:12:15 27,648 ----a-w c:\windows\system32\conime.exe
FLYNDAGGER is offline   Reply With Quote
Old 30th November 2008   #17
Member
 
Profile:
Join Date: Oct 2008
Posts: 24
Computer Experience:
Intermediate
FLYNDAGGER Reputation Level
Okay, thanks, here goes the rest...


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-20 1207080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2008-07-11 641208]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2003-05-15 163840]
"DellTouch"="c:\windows\MMKeybd.exe" [2002-01-16 163840]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"acEventServ"="c:\program files\ActivCard\ActivCard Gold\acevtsrv.exe" [2004-06-15 28672]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
ActivCard Gold Smart Card Agent.lnk - c:\program files\ActivCard\ActivCard Gold\agquickp.exe [2004-06-15 147456]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explor er]
"NoCommonGroups"= 0 (0x0)
"NoFileSharing"= 0 (0x0)
"NoPrintSharing"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\acAuth]
2004-06-15 09:34 65536 c:\windows\system32\acauth.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
"vidc.ffds"= ffdshow.ax
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"RetroExpress"=c:\progra~1\RETROS~1\RETROS~1.1\RetroExpress.exe /h
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"AppleSyncNotifier"=c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Glob allyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R2 ACachSrv;ActivCard Authentication Service;c:\program files\Common Files\ActivCard\acachsrv.exe [2004-06-15 135168]
R2 acautoreg;ActivCard Gold Autoregister;c:\program files\Common Files\ActivCard\acautoreg.exe [2004-06-15 53248]
R2 Accoca;ActivCard Gold service;c:\program files\Common Files\ActivCard\accoca.exe [2004-06-15 159744]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" [2008-09-04 203280]
R2 Nhksrv;Netropa NHK Server;c:\windows\Nhksrv.exe [2005-04-30 28672]
R3 Msikbd2k;DellTouch;c:\windows\system32\DRIVERS\msikbd2k.sys [2005-04-30 6656]
R3 SCRx31 USB Reader;SCRx31 USB Reader;c:\windows\system32\DRIVERS\stc2.sys [2002-07-03 56320]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys []
S3 dwusbdnt;dwusbdnt;c:\windows\system32\DRIVERS\dwusbdnt.sys [2002-05-24 10368]
.
Contents of the 'Scheduled Tasks' folder

2008-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-10-15 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 17:10]

2008-11-01 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 17:10]
.
- - - - ORPHANS REMOVED - - - -

BHO-{8ab08215-d877-4552-9907-87c8ca2f4948} - c:\windows\system32\zomiyiwu.dll
HKLM-Run-golakewayi - c:\windows\system32\popubome.dll


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Rich\Application Data\Mozilla\Firefox\Profiles\h16d7gvf.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Real\RhapsodyPlayerEngine\nprhapengine.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-30 13:35:58
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\program files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
c:\windows\system32\scardsvr.exe
c:\windows\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\Common Files\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\windows\system32\nvsvc32.exe
c:\progra~1\RETROS~1\RETROS~1.1\retrorun.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Netropa\OSD.exe
.
**************************************************************************
.
Completion time: 2008-11-30 13:39:28 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-30 19:39:06

Pre-Run: 10,177,888,256 bytes free
Post-Run: 10,215,002,112 bytes free

10161 --- E O F --- 2008-11-13 09:06:00
FLYNDAGGER is offline   Reply With Quote
Old 30th November 2008   #18
Staff
 
noahdfear's Avatar
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,524
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

Appears as though ComboFix has removed the remainder of the infection. Lets get an online scan to see if there's anything else hiding. Please do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.
  • Click Run at the Security prompt.
  • The program will then begin downloading and installing and will also update the database.
  • Please be patient as this can take several minutes.
  • Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Click View scan report at the bottom.
  • Click the Save Report As... button.
  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.
**Note**

To optimize scanning time and produce a more sensible report for review:
  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


Post the Kaspersky log here and let me know if any issues remain.
noahdfear is offline   Reply With Quote
Old 1st December 2008   #19
Member
 
Profile:
Join Date: Oct 2008
Posts: 24
Computer Experience:
Intermediate
FLYNDAGGER Reputation Level
Here's the Kaspersky log:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, December 1, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, December 01, 2008 05:13:15
Records in database: 1428828
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 67345
Threat name: 2
Infected objects: 2
Suspicious objects: 0
Duration of the scan: 01:08:59


File name / Threat name / Threats count
C:\qoobox\Quarantine\C\WINDOWS\system32\bivihowo.dll.vir Infected: Trojan-Spy.Win32.Agent.fdp 1
C:\qoobox\Quarantine\C\WINDOWS\system32\welatili.dll.vir Infected: Trojan.Win32.Monder.aamw 1

The selected area was scanned.
FLYNDAGGER is offline   Reply With Quote
Old 2nd December 2008   #20
Staff
 
noahdfear's Avatar
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,524
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

Looks great! If you're satisfied everything is working properly, lets clean up.

Open MBAM and remove any items quarantined. Do the same with your resident antivirus.

Click Start>Run and type ComboFix /u then hit Enter to uninstall ComboFix and remove the files it has quarantined. This action will also reset the System Restore points, removing any infected files there as well.
Verify the C:\Qoobox and C:\ComboFix folders were removed, as well as the C:\ComboFix.txt file.
You can delete any other logs that were created/saved too.
You may also remove the RSIT.exe file and the C:\rsit folder.

Download ATF Cleaner by Atribune and save it to your Desktop.
  • Double click ATF-Cleaner.exe to run the program.
  • Check the boxes to the left of:

    • Windows Temp
    • Current User Temp
    • All Users Temp
    • Temporary Internet Files
    • Prefetch
    • Java Cache
    • Recycle bin

  • The rest are optional - if you want it to remove everything check "Select All".
  • Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.
Reboot


That should do it. Let me know how things are working after the above and if we can mark this resolved.
noahdfear is offline   Reply With Quote
Old 6th December 2008   #21
Member
 
Profile:
Join Date: Oct 2008
Posts: 24
Computer Experience:
Intermediate
FLYNDAGGER Reputation Level
OK, It seems as if the Virtumonde infection is gone as well as the "use this virus scan" type pop ups and other hijacking annoyances. Thanks for all your help and time.
One question: after all the cleaning; it seems like the autorun on my CD-ROM and USB type drives isn't working. Is this normal? How do I make them autorun again?
Thanks again!
FLYNDAGGER is offline   Reply With Quote
Old 7th December 2008   #22
Staff
 
noahdfear's Avatar
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,524
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

Glad to hear all is well again. ComboFix disables the autorun feature as a safety measure. Even MS recommends disabling it as it is a security risk. If you really need it, I can instruct you on re-enabling it, but you would do well to leave it disabled IMO.
noahdfear is offline   Reply With Quote
Reply
Page 2 of 2 1 2

« [Resolved] Folders act like files | [InActive] Tried everything can someone help »
Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
Disappearing Files, Hijacked IE6 Browser, etc. etc catswhisker Malware and Virus Removal 74 13th September 2008 06:42
Router, NAT, Firewall discussion aspicer Networking 2 27th September 2005 08:48
Please read this first if you have a network problem ReggieB Networking 4 3rd February 2005 01:05
Why more then 1 Firewall? FireDancer General Security 28 25th September 2003 20:39
Firewall Problem.. THunDA General Security 2 7th September 2002 07:45


All times are GMT +1. The time now is 00:06.




Advertise - Contact Us - Windows BBS - Archive - Privacy Statement - Top

Advertisements do not imply our endorsement of the product or service advertised.
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.3.2
Copyright © 2002 - 2009 WindowsBBS.com. All rights reserved.
Terms of Use, Legal Information & Privacy Policy
[]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32