Inactive [InActive] Windows explorer was canceller to prevent damage.

blacklogman · 2009/03/05

- 2004-08-10 09:00:00 1,689,088 ----a-w c:\windows\system32\d3d9.dll
+ 2008-04-14 00:11:51 1,689,088 ----a-w c:\windows\system32\d3d9.dll
+ 2009-02-27 02:11:43 5,308 ----a-w c:\windows\system32\d3d9caps.dat
- 2004-08-10 09:00:00 825,344 ----a-w c:\windows\system32\d3dim700.dll
+ 2008-04-14 00:11:51 824,320 ----a-w c:\windows\system32\d3dim700.dll
- 2006-10-23 15:34:20 1,054,208 ----a-w c:\windows\system32\danim.dll
+ 2008-04-14 00:11:51 1,054,208 ----a-w c:\windows\system32\danim.dll
- 2004-08-10 09:00:00 54,272 ----a-w c:\windows\system32\dataclen.dll
+ 2008-04-14 00:11:51 54,272 ----a-w c:\windows\system32\dataclen.dll
- 2004-08-10 09:00:00 152,064 ----a-w c:\windows\system32\datime.dll
+ 2008-04-14 00:11:51 165,376 ----a-w c:\windows\system32\datime.dll
- 2004-08-10 09:00:00 24,576 ----a-w c:\windows\system32\davclnt.dll
+ 2008-04-14 00:11:51 25,088 ----a-w c:\windows\system32\davclnt.dll
- 2004-08-10 07:43:20 5,068,800 ----a-w c:\windows\system32\davinci.scr
+ 2004-08-10 07:43:20 5,085,696 ----a-w c:\windows\system32\davinci.scr
- 2004-08-10 09:00:00 640,000 ----a-w c:\windows\system32\dbghelp.dll
+ 2008-04-14 00:11:51 640,000 ----a-w c:\windows\system32\dbghelp.dll
- 2004-08-10 09:00:00 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll
+ 2008-04-14 00:11:51 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll
- 2004-08-10 09:00:00 110,592 ----a-w c:\windows\system32\dbnetlib.dll
+ 2008-04-14 00:11:51 110,592 ----a-w c:\windows\system32\dbnetlib.dll
- 2004-08-10 09:00:00 28,672 ----a-w c:\windows\system32\dbnmpntw.dll
+ 2008-04-14 00:11:51 28,672 ----a-w c:\windows\system32\dbnmpntw.dll
- 2004-08-10 09:00:00 1,788 ----a-w c:\windows\system32\Dcache.bin
+ 2008-04-14 00:25:26 1,804 ----a-w c:\windows\system32\dcache.bin
- 2004-08-10 09:00:00 8,704 ----a-w c:\windows\system32\dciman32.dll
+ 2008-04-14 00:11:51 8,704 ----a-w c:\windows\system32\dciman32.dll
- 2004-08-10 09:00:00 5,120 ----a-w c:\windows\system32\dcomcnfg.exe
+ 2008-04-14 00:12:16 6,144 ----a-w c:\windows\system32\dcomcnfg.exe
- 2004-08-10 09:00:00 30,208 ----a-w c:\windows\system32\ddeshare.exe
+ 2008-04-14 00:12:16 30,208 ----a-w c:\windows\system32\ddeshare.exe
- 2004-08-10 09:00:00 266,240 ----a-w c:\windows\system32\ddraw.dll
+ 2008-04-14 00:11:51 279,552 ----a-w c:\windows\system32\ddraw.dll
- 2004-08-10 09:00:00 27,136 ----a-w c:\windows\system32\ddrawex.dll
+ 2008-04-14 00:11:51 27,136 ----a-w c:\windows\system32\ddrawex.dll
- 2004-08-10 09:00:00 25,088 ----a-w c:\windows\system32\defrag.exe
+ 2008-04-14 00:12:16 41,984 ----a-w c:\windows\system32\defrag.exe
- 2004-08-10 09:00:00 59,904 ----a-w c:\windows\system32\devenum.dll
+ 2008-04-14 00:11:51 59,904 ----a-w c:\windows\system32\devenum.dll
- 2004-08-10 09:00:00 282,624 ----a-w c:\windows\system32\devmgr.dll
+ 2008-04-14 00:11:51 282,624 ----a-w c:\windows\system32\devmgr.dll
- 2004-08-10 09:00:00 82,432 ----a-w c:\windows\system32\dfrgfat.exe
+ 2008-04-14 00:12:16 82,944 ----a-w c:\windows\system32\dfrgfat.exe
- 2004-08-10 09:00:00 104,960 ----a-w c:\windows\system32\dfrgntfs.exe
+ 2008-04-14 00:12:16 122,368 ----a-w c:\windows\system32\dfrgntfs.exe
- 2004-08-10 09:00:00 38,912 ----a-w c:\windows\system32\dfrgsnap.dll
+ 2008-04-14 00:11:51 39,424 ----a-w c:\windows\system32\dfrgsnap.dll
- 2004-08-10 09:00:00 123,904 ----a-w c:\windows\system32\dfrgui.dll
+ 2008-04-14 00:11:51 124,416 ----a-w c:\windows\system32\dfrgui.dll
- 2004-08-10 09:00:00 28,672 ----a-w c:\windows\system32\dfsshlex.dll
+ 2008-04-14 00:11:51 28,672 ----a-w c:\windows\system32\dfsshlex.dll
- 2004-08-10 09:00:00 111,104 ----a-w c:\windows\system32\dgnet.dll
+ 2008-04-14 00:11:51 111,104 ----a-w c:\windows\system32\dgnet.dll
- 2006-05-19 12:59:41 111,616 ----a-w c:\windows\system32\dhcpcsvc.dll
+ 2008-04-14 00:11:51 126,976 ----a-w c:\windows\system32\dhcpcsvc.dll
- 2004-08-10 09:00:00 370,176 ----a-w c:\windows\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 379,904 ----a-w c:\windows\system32\dhcpmon.dll
+ 2008-04-14 00:11:52 48,640 ------w c:\windows\system32\dhcpqec.dll
- 2004-08-10 09:00:00 85,504 ----a-w c:\windows\system32\diantz.exe
+ 2008-04-14 00:12:17 87,040 ----a-w c:\windows\system32\diantz.exe
- 2004-08-10 09:00:00 68,608 ----a-w c:\windows\system32\digest.dll
+ 2008-04-14 00:11:52 68,608 ----a-w c:\windows\system32\digest.dll
+ 2008-04-14 00:11:52 19,456 ------w c:\windows\system32\dimsntfy.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\system32\dimsroam.dll
- 2004-08-10 09:00:00 159,232 ----a-w c:\windows\system32\dinput.dll
+ 2008-04-14 00:11:52 158,720 ----a-w c:\windows\system32\dinput.dll
- 2004-08-10 09:00:00 181,760 ----a-w c:\windows\system32\dinput8.dll
+ 2008-04-14 00:11:52 181,760 ----a-w c:\windows\system32\dinput8.dll
- 2004-08-10 09:00:00 1,501,696 ----a-w c:\windows\system32\diskcopy.dll
+ 2008-04-14 00:11:52 1,504,256 ----a-w c:\windows\system32\diskcopy.dll
- 2004-08-10 09:00:00 163,840 ----a-w c:\windows\system32\diskpart.exe
+ 2008-04-14 00:12:17 163,840 ----a-w c:\windows\system32\diskpart.exe
- 2004-08-10 09:00:00 17,920 ----a-w c:\windows\system32\diskperf.exe
+ 2004-08-10 09:00:00 35,328 ----a-w c:\windows\system32\diskperf.exe
- 2004-08-10 09:00:00 45,083 ----a-w c:\windows\system32\dispex.dll
+ 2008-04-14 00:11:52 32,768 ----a-w c:\windows\system32\dispex.dll
- 2005-09-29 08:02:26 491,520 ----a-w c:\windows\system32\dlcfcoms.exe
+ 2005-09-29 08:02:26 512,000 ----a-w c:\windows\system32\dlcfcoms.exe
- 2008-10-16 20:38:34 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-12-20 23:15:11 124,928 ------w c:\windows\system32\dllcache\advpack.dll
- 2008-08-14 09:51:43 138,368 ------w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 10:04:36 138,496 ------w c:\windows\system32\dllcache\afd.sys
- 2008-06-13 13:10:50 272,128 ------w c:\windows\system32\dllcache\bthport.sys
+ 2008-06-13 11:05:51 272,128 ------w c:\windows\system32\dllcache\bthport.sys
+ 2008-05-07 09:07:23 135,168 ------w c:\windows\system32\dllcache\cscript.exe
- 2008-06-20 17:41:10 148,992 ----a-w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 ------w c:\windows\system32\dllcache\dnsapi.dll
- 2006-08-22 09:05:26 498,742 ------w c:\windows\system32\dllcache\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ------w c:\windows\system32\dllcache\dxmasf.dll
- 2008-10-16 20:38:34 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-10-16 20:38:34 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-07-07 20:32:22 253,952 ------w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:26:58 253,952 ------w c:\windows\system32\dllcache\es.dll
- 2008-10-16 20:38:35 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
- 2008-10-23 13:01:36 283,648 ------w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
- 2008-10-16 20:38:35 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-12-20 23:15:13 63,488 ------w c:\windows\system32\dllcache\icardie.dll
- 2008-10-16 13:11:09 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-10-16 20:38:35 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
- 2008-10-16 20:38:35 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
- 2008-10-15 07:04:53 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
- 2008-10-16 20:38:35 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-12-20 23:15:15 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-10-16 20:38:35 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-16 20:38:37 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-12-20 23:15:21 6,066,688 ------w c:\windows\system32\dllcache\ieframe.dll
- 2008-10-16 20:38:37 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
+ 2008-12-20 23:15:21 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
- 2008-10-16 20:38:37 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-12-20 23:15:22 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
- 2008-10-16 13:11:09 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
- 2008-10-15 07:06:26 633,632 ------w c:\windows\system32\dllcache\iexplore.exe
+ 2008-12-19 05:25:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
- 2008-04-11 18:50:43 683,520 ------w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ------w c:\windows\system32\dllcache\inetcomm.dll
- 2006-10-17 17:00:00 491,520 ----a-w c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:53:39 512,000 ------w c:\windows\system32\dllcache\jscript.dll
- 2008-10-16 20:38:37 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll
- 2008-10-24 11:10:42 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
- 2008-05-01 14:30:33 331,776 ------w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:33:02 331,776 ------w c:\windows\system32\dllcache\msadce.dll
- 2008-06-24 16:23:05 74,240 ------w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:43:16 74,240 ------w c:\windows\system32\dllcache\mscms.dll
- 2008-10-16 20:38:37 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-20 23:15:23 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
- 2008-10-16 20:38:37 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-10-17 07:08:40 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-17 02:35:14 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-10-16 20:38:38 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-10-16 20:38:38 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-12-20 23:15:31 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-10-16 20:38:39 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-12-20 23:15:32 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2008-06-20 17:41:10 245,248 ------w c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ------w c:\windows\system32\dllcache\mswsock.dll
- 2008-09-04 16:42:02 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w c:\windows\system32\dllcache\msxml6r.dll
- 2008-10-15 16:57:55 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
- 2008-08-14 09:55:01 2,142,720 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 10:09:26 2,145,280 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-08-14 09:18:44 2,062,976 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,066,048 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-08-14 09:18:46 2,020,864 ------w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 09:33:16 2,023,936 ------w c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-08-14 09:57:20 2,185,984 ------w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 10:11:02 2,189,184 ------w c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-10-16 20:38:39 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-12-20 23:15:38 102,912 ------w c:\windows\system32\dllcache\occache.dll
- 2008-10-16 20:38:39 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-05-07 04:55:40 1,288,192 ------w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ------w c:\windows\system32\dllcache\quartz.dll
- 2008-05-08 12:28:49 202,752 ------w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ------w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-09 10:53:39 180,224 ------w c:\windows\system32\dllcache\scrobj.dll
+ 2008-05-09 10:53:40 172,032 ------w c:\windows\system32\dllcache\scrrun.dll
- 2007-10-26 03:34:01 8,460,288 ----a-w c:\windows\system32\dllcache\shell32.dll
+ 2008-06-17 19:02:19 8,461,312 ------w c:\windows\system32\dllcache\shell32.dll
- 2008-08-28 10:04:17 333,056 ------w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 10:57:09 333,952 ------w c:\windows\system32\dllcache\srv.sys
- 2008-10-03 10:15:47 247,326 ------w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ------w c:\windows\system32\dllcache\strmdll.dll
- 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ------w c:\windows\system32\dllcache\tcpip.sys
- 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ------w c:\windows\system32\dllcache\tcpip6.sys
- 2008-04-15 14:53:29 295,424 ------w c:\windows\system32\dllcache\termsrv.dll
+ 2008-04-15 15:17:37 295,424 ------w c:\windows\system32\dllcache\termsrv.dll
- 2008-10-16 20:38:39 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-12-20 23:15:39 105,984 ------w c:\windows\system32\dllcache\url.dll
- 2008-10-16 20:38:39 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
- 2006-11-08 02:03:36 413,696 ------w c:\windows\system32\dllcache\vbscript.dll
+ 2008-05-09 10:53:40 430,080 ------w c:\windows\system32\dllcache\vbscript.dll
- 2008-10-16 20:38:39 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
- 2008-09-15 11:57:41 1,846,016 ------w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 12:12:56 1,846,400 ------w c:\windows\system32\dllcache\win32k.sys
- 2008-10-16 20:38:40 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-12-20 23:15:41 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-05-08 11:24:44 155,648 ------w c:\windows\system32\dllcache\wscript.exe
+ 2008-05-09 10:53:40 90,112 ------w c:\windows\system32\dllcache\wshext.dll
- 2004-08-10 09:00:00 5,120 ----a-w c:\windows\system32\dllhost.exe
+ 2008-04-14 00:12:17 22,528 ----a-w c:\windows\system32\dllhost.exe
- 2004-08-10 09:00:00 224,768 ----a-w c:\windows\system32\dmadmin.exe
+ 2008-04-14 00:12:17 224,768 ----a-w c:\windows\system32\dmadmin.exe
- 2004-08-10 09:00:00 28,672 ----a-w c:\windows\system32\dmband.dll
+ 2008-04-14 00:11:52 28,672 ----a-w c:\windows\system32\dmband.dll
- 2004-08-10 09:00:00 61,440 ----a-w c:\windows\system32\dmcompos.dll
+ 2008-04-14 00:11:52 61,440 ----a-w c:\windows\system32\dmcompos.dll
- 2004-08-10 09:00:00 273,920 ----a-w c:\windows\system32\dmdlgs.dll
+ 2008-04-14 00:11:52 285,184 ----a-w c:\windows\system32\dmdlgs.dll
- 2004-08-10 09:00:00 200,704 ----a-w c:\windows\system32\dmdskmgr.dll
+ 2008-04-14 00:11:52 200,704 ----a-w c:\windows\system32\dmdskmgr.dll
- 2004-08-10 09:00:00 181,248 ----a-w c:\windows\system32\dmime.dll
+ 2008-04-14 00:11:52 181,248 ----a-w c:\windows\system32\dmime.dll
- 2004-08-10 09:00:00 35,840 ----a-w c:\windows\system32\dmloader.dll
+ 2008-04-14 00:11:52 35,840 ----a-w c:\windows\system32\dmloader.dll
- 2004-08-10 09:00:00 15,872 ----a-w c:\windows\system32\dmremote.exe
+ 2008-04-14 00:12:17 15,872 ----a-w c:\windows\system32\dmremote.exe
- 2004-08-10 09:00:00 82,432 ----a-w c:\windows\system32\dmscript.dll
+ 2008-04-14 00:11:52 82,432 ----a-w c:\windows\system32\dmscript.dll
- 2004-08-10 09:00:00 23,552 ----a-w c:\windows\system32\dmserver.dll
+ 2008-04-14 00:11:52 23,552 ----a-w c:\windows\system32\dmserver.dll
- 2004-08-10 09:00:00 105,984 ----a-w c:\windows\system32\dmstyle.dll
+ 2008-04-14 00:11:52 105,984 ----a-w c:\windows\system32\dmstyle.dll
- 2004-08-10 09:00:00 103,424 ----a-w c:\windows\system32\dmsynth.dll
+ 2008-04-14 00:11:52 103,424 ----a-w c:\windows\system32\dmsynth.dll
- 2004-08-10 09:00:00 104,448 ----a-w c:\windows\system32\dmusic.dll
+ 2008-04-14 00:11:52 104,448 ----a-w c:\windows\system32\dmusic.dll
- 2004-08-10 09:00:00 52,224 ----a-w c:\windows\system32\dmutil.dll
+ 2008-04-14 00:11:52 52,224 ----a-w c:\windows\system32\dmutil.dll
- 2008-06-20 17:41:10 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:46:57 147,968 ----a-w c:\windows\system32\dnsapi.dll
- 2008-02-20 05:32:43 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
+ 2008-04-14 00:11:52 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
- 2004-08-10 09:00:00 48,128 ----a-w c:\windows\system32\docprop2.dll
+ 2008-04-14 00:11:52 48,128 ----a-w c:\windows\system32\docprop2.dll
+ 2008-04-14 00:11:52 26,112 ------w c:\windows\system32\dot3api.dll
+ 2008-04-14 00:11:52 57,856 ------w c:\windows\system32\dot3cfg.dll
+ 2008-04-14 00:11:52 9,216 ------w c:\windows\system32\dot3dlg.dll
+ 2008-04-14 00:11:52 39,936 ------w c:\windows\system32\dot3gpclnt.dll
+ 2008-04-14 00:11:52 56,320 ------w c:\windows\system32\dot3msm.dll
+ 2008-04-14 00:11:52 132,096 ------w c:\windows\system32\dot3svc.dll
+ 2008-04-14 00:11:52 650,752 ------w c:\windows\system32\dot3ui.dll
- 2004-08-10 09:00:00 96,768 ----a-w c:\windows\system32\dpcdll.dll
+ 2008-04-14 00:11:52 102,912 ----a-w c:\windows\system32\dpcdll.dll
- 2004-08-10 09:00:00 30,208 ----a-w c:\windows\system32\dplaysvr.exe
+ 2008-04-14 00:12:17 29,696 ----a-w c:\windows\system32\dplaysvr.exe
- 2004-08-10 09:00:00 229,888 ----a-w c:\windows\system32\dplayx.dll
+ 2008-04-14 00:11:52 229,888 ----a-w c:\windows\system32\dplayx.dll
- 2004-08-10 09:00:00 23,552 ----a-w c:\windows\system32\dpmodemx.dll
+ 2008-04-14 00:11:52 23,552 ----a-w c:\windows\system32\dpmodemx.dll
- 2004-08-10 09:00:00 3,584 ----a-w c:\windows\system32\dpnaddr.dll
+ 2008-04-14 00:09:19 3,072 ----a-w c:\windows\system32\dpnaddr.dll
- 2004-08-10 09:00:00 375,296 ----a-w c:\windows\system32\dpnet.dll
+ 2008-04-14 00:11:52 375,296 ----a-w c:\windows\system32\dpnet.dll
- 2004-08-10 09:00:00 35,328 ----a-w c:\windows\system32\dpnhpast.dll
+ 2008-04-14 00:11:52 35,328 ----a-w c:\windows\system32\dpnhpast.dll
- 2004-08-10 09:00:00 60,928 ----a-w c:\windows\system32\dpnhupnp.dll
+ 2008-04-14 00:11:52 60,928 ----a-w c:\windows\system32\dpnhupnp.dll
- 2004-08-10 09:00:00 3,584 ----a-w c:\windows\system32\dpnlobby.dll
+ 2008-04-14 00:09:20 3,072 ----a-w c:\windows\system32\dpnlobby.dll
- 2004-08-10 09:00:00 18,432 ----a-w c:\windows\system32\dpnsvr.exe
+ 2008-04-14 00:12:17 17,920 ----a-w c:\windows\system32\dpnsvr.exe
- 2004-08-10 09:00:00 21,504 ----a-w c:\windows\system32\dpvacm.dll
+ 2008-04-14 00:11:52 21,504 ----a-w c:\windows\system32\dpvacm.dll
- 2004-08-10 09:00:00 212,480 ----a-w c:\windows\system32\dpvoice.dll
+ 2008-04-14 00:11:52 212,480 ----a-w c:\windows\system32\dpvoice.dll
- 2004-08-10 09:00:00 83,456 ----a-w c:\windows\system32\dpvsetup.exe
+ 2008-04-14 00:12:18 83,456 ----a-w c:\windows\system32\dpvsetup.exe
- 2004-08-10 09:00:00 116,736 ----a-w c:\windows\system32\dpvvox.dll
+ 2008-04-14 00:11:52 116,736 ----a-w c:\windows\system32\dpvvox.dll
- 2004-08-10 09:00:00 57,344 ----a-w c:\windows\system32\dpwsockx.dll
+ 2008-04-14 00:11:52 57,344 ----a-w c:\windows\system32\dpwsockx.dll
- 2004-08-10 09:00:00 58,368 ----a-w c:\windows\system32\driverquery.exe
+ 2008-04-14 00:12:18 62,976 ----a-w c:\windows\system32\driverquery.exe
- 2004-08-10 09:00:00 187,776 ----a-w c:\windows\system32\drivers\acpi.sys
+ 2008-04-13 18:36:35 187,776 ----a-w c:\windows\system32\drivers\acpi.sys
+ 2008-04-14 00:11:48 4,255 ------w c:\windows\system32\drivers\adv01nt5.dll
+ 2008-04-14 00:11:48 3,967 ------w c:\windows\system32\drivers\adv02nt5.dll
+ 2008-04-14 00:11:48 3,615 ------w c:\windows\system32\drivers\adv05nt5.dll
+ 2008-04-14 00:11:48 3,647 ------w c:\windows\system32\drivers\adv07nt5.dll
+ 2008-04-14 00:11:48 3,135 ------w c:\windows\system32\drivers\adv08nt5.dll
+ 2008-04-14 00:11:48 3,711 ------w c:\windows\system32\drivers\adv09nt5.dll
+ 2008-04-14 00:11:48 3,775 ------w c:\windows\system32\drivers\adv11nt5.dll
- 2006-02-15 00:22:26 142,464 ----a-w c:\windows\system32\drivers\aec.sys
+ 2008-04-13 16:39:23 142,592 ----a-w c:\windows\system32\drivers\aec.sys
- 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\system32\drivers\afd.sys
- 2004-08-04 03:07:42 42,368 ----a-w c:\windows\system32\drivers\AGP440.SYS
+ 2008-04-13 18:36:38 42,368 ----a-w c:\windows\system32\drivers\agp440.sys
- 2004-08-04 03:07:44 44,928 ----a-w c:\windows\system32\drivers\AGPCPQ.SYS
+ 2008-04-13 18:36:39 44,928 ----a-w c:\windows\system32\drivers\agpcpq.sys
- 2004-08-04 03:07:42 42,752 ----a-w c:\windows\system32\drivers\ALIM1541.SYS
+ 2008-04-13 18:36:38 42,752 ----a-w c:\windows\system32\drivers\alim1541.sys
- 2004-08-04 03:07:44 43,008 ----a-w c:\windows\system32\drivers\AMDAGP.SYS
+ 2008-04-13 18:36:39 43,008 ----a-w c:\windows\system32\drivers\amdagp.sys
- 2004-08-10 09:00:00 36,992 ----a-w c:\windows\system32\drivers\amdk6.sys

blacklogman · 2009/03/05

- 2004-08-10 09:00:00 4,096 ----a-w c:\windows\system32\dsprpres.dll
+ 2008-04-13 17:09:30 4,096 ----a-w c:\windows\system32\dsprpres.dll
- 2004-08-10 09:00:00 239,104 ----a-w c:\windows\system32\dsquery.dll
+ 2008-04-14 00:11:52 239,104 ----a-w c:\windows\system32\dsquery.dll
- 2004-08-10 09:00:00 51,200 ----a-w c:\windows\system32\dssec.dll
+ 2008-04-14 00:11:52 51,200 ----a-w c:\windows\system32\dssec.dll
- 2004-08-10 09:00:00 137,216 ----a-w c:\windows\system32\dssenh.dll
+ 2008-04-13 17:37:57 138,752 ----a-w c:\windows\system32\dssenh.dll
- 2004-08-10 09:00:00 113,152 ----a-w c:\windows\system32\dsuiext.dll
+ 2008-04-14 00:11:52 113,152 ----a-w c:\windows\system32\dsuiext.dll
- 2004-08-10 09:00:00 19,456 ----a-w c:\windows\system32\dswave.dll
+ 2008-04-14 00:11:52 19,456 ----a-w c:\windows\system32\dswave.dll
- 2004-08-10 09:00:00 10,752 ----a-w c:\windows\system32\dumprep.exe
+ 2008-04-14 00:12:18 27,648 ----a-w c:\windows\system32\dumprep.exe
- 2004-08-10 09:00:00 304,128 ----a-w c:\windows\system32\duser.dll
+ 2008-04-14 00:11:52 304,128 ----a-w c:\windows\system32\duser.dll
- 2004-08-10 09:00:00 17,920 ----a-w c:\windows\system32\dvdupgrd.exe
+ 2008-04-14 00:12:18 34,816 ----a-w c:\windows\system32\dvdupgrd.exe
- 2004-08-10 09:00:00 180,224 ----a-w c:\windows\system32\dwwin.exe
+ 2008-04-14 00:12:18 200,704 ----a-w c:\windows\system32\dwwin.exe
- 2004-08-10 09:00:00 619,008 ----a-w c:\windows\system32\dx7vb.dll
+ 2008-04-14 00:11:52 619,008 ----a-w c:\windows\system32\dx7vb.dll
- 2004-08-10 09:00:00 1,227,264 ----a-w c:\windows\system32\dx8vb.dll
+ 2008-04-14 00:11:52 1,227,264 ----a-w c:\windows\system32\dx8vb.dll
- 2004-08-10 09:00:00 1,298,432 ----a-w c:\windows\system32\dxdiag.exe
+ 2008-04-14 00:12:18 1,298,432 ----a-w c:\windows\system32\dxdiag.exe
- 2004-08-10 09:00:00 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll
+ 2008-04-14 00:11:52 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll
- 2006-08-22 09:05:26 498,742 ----a-w c:\windows\system32\dxmasf.dll
+ 2008-04-14 00:11:52 498,742 ----a-w c:\windows\system32\dxmasf.dll
- 2008-10-16 20:38:34 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-10-16 20:38:34 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-04-14 00:11:52 30,720 ------w c:\windows\system32\eapolqec.dll
+ 2008-04-14 00:11:52 184,832 ------w c:\windows\system32\eapp3hst.dll
+ 2008-04-14 00:11:52 126,976 ------w c:\windows\system32\eappcfg.dll
+ 2008-04-14 00:11:52 94,208 ------w c:\windows\system32\eappgnui.dll
+ 2008-04-14 00:11:52 180,224 ------w c:\windows\system32\eapphost.dll
+ 2008-04-14 00:11:52 40,960 ------w c:\windows\system32\eappprxy.dll
+ 2008-04-14 00:11:52 59,392 ------w c:\windows\system32\eapqec.dll
+ 2008-04-14 00:11:52 33,792 ------w c:\windows\system32\eapsvc.dll
- 2004-08-10 09:00:00 26,624 ----a-w c:\windows\system32\efsadu.dll
+ 2008-04-14 00:11:52 26,624 ----a-w c:\windows\system32\efsadu.dll
- 2004-08-10 09:00:00 183,296 ----a-w c:\windows\system32\els.dll
+ 2008-04-14 00:11:53 183,296 ----a-w c:\windows\system32\els.dll
+ 2008-04-14 00:11:57 28,672 ------w c:\windows\system32\en\microsoft.managementconsole.resources.dll
+ 2008-04-14 00:11:57 40,960 ------w c:\windows\system32\en\mmcex.resources.dll
+ 2008-04-14 00:11:57 6,656 ------w c:\windows\system32\en\mmcfxcommon.resources.dll
- 2004-08-10 09:00:00 20,480 ----a-w c:\windows\system32\encapi.dll
+ 2008-04-14 00:11:53 20,480 ----a-w c:\windows\system32\encapi.dll
- 2004-08-10 09:00:00 23,040 ----a-w c:\windows\system32\ersvc.dll
+ 2008-04-14 00:11:53 23,040 ----a-w c:\windows\system32\ersvc.dll
- 2008-07-07 20:32:22 253,952 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\system32\es.dll
- 2005-10-20 22:20:03 1,082,368 ----a-w c:\windows\system32\esent.dll
+ 2008-04-14 00:11:53 1,082,368 ----a-w c:\windows\system32\esent.dll
- 2004-08-10 09:00:00 193,024 ----a-w c:\windows\system32\eudcedit.exe
+ 2008-04-14 00:12:19 193,024 ----a-w c:\windows\system32\eudcedit.exe
- 2004-08-10 09:00:00 50,176 ----a-w c:\windows\system32\eventcreate.exe
+ 2008-04-14 00:12:19 50,688 ----a-w c:\windows\system32\eventcreate.exe
- 2004-08-10 09:00:00 55,808 ----a-w c:\windows\system32\eventlog.dll
+ 2008-04-14 00:11:53 56,320 ----a-w c:\windows\system32\eventlog.dll
- 2004-08-10 09:00:00 77,824 ----a-w c:\windows\system32\eventtriggers.exe
+ 2008-04-14 00:12:19 82,944 ----a-w c:\windows\system32\eventtriggers.exe
- 2004-08-10 09:00:00 380,957 ----a-w c:\windows\system32\expsrv.dll
+ 2008-04-14 00:11:53 380,445 ----a-w c:\windows\system32\expsrv.dll
- 2008-10-16 20:38:35 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2004-08-10 09:00:00 45,568 ----a-w c:\windows\system32\extrac32.exe
+ 2008-04-14 00:12:19 24,064 ----a-w c:\windows\system32\extrac32.exe
- 2004-08-10 09:00:00 121,856 ----a-w c:\windows\system32\exts.dll
+ 2008-04-14 00:11:53 125,952 ----a-w c:\windows\system32\exts.dll
- 2004-08-10 09:00:00 80,384 ----a-w c:\windows\system32\faultrep.dll
+ 2008-04-14 00:11:53 80,384 ----a-w c:\windows\system32\faultrep.dll
+ 2008-04-14 00:12:20 20,992 ------w c:\windows\system32\faxpatch.exe
- 2004-08-10 09:00:00 117,760 ----a-w c:\windows\system32\fde.dll
+ 2008-04-14 00:11:53 124,928 ----a-w c:\windows\system32\fde.dll
- 2004-08-10 09:00:00 73,728 ----a-w c:\windows\system32\fdeploy.dll
+ 2008-04-14 00:11:53 73,728 ----a-w c:\windows\system32\fdeploy.dll
- 2004-08-10 09:00:00 21,504 ----a-w c:\windows\system32\feclient.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\feclient.dll
- 2004-08-10 09:00:00 337,920 ----a-w c:\windows\system32\filemgmt.dll
+ 2008-04-14 00:11:53 337,920 ----a-w c:\windows\system32\filemgmt.dll
- 2004-08-10 09:00:00 9,216 ----a-w c:\windows\system32\find.exe
+ 2004-08-10 09:00:00 26,112 ----a-w c:\windows\system32\find.exe
- 2004-08-10 09:00:00 27,136 ----a-w c:\windows\system32\findstr.exe
+ 2008-04-14 00:12:20 44,032 ----a-w c:\windows\system32\findstr.exe
- 2004-08-10 09:00:00 87,552 ----a-w c:\windows\system32\fldrclnr.dll
+ 2008-04-14 00:11:53 87,552 ----a-w c:\windows\system32\fldrclnr.dll
- 2006-08-21 12:21:06 16,896 ----a-w c:\windows\system32\fltlib.dll
+ 2008-04-14 00:11:53 16,896 ----a-w c:\windows\system32\fltlib.dll
- 2006-08-21 09:14:58 23,040 ----a-w c:\windows\system32\fltmc.exe
+ 2008-04-14 00:12:20 23,040 ----a-w c:\windows\system32\fltmc.exe
- 2008-11-13 09:16:54 333,072 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-02-05 09:07:56 334,664 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2004-08-10 09:00:00 382,976 ----a-w c:\windows\system32\fontext.dll
+ 2008-04-14 00:11:53 382,976 ----a-w c:\windows\system32\fontext.dll
- 2005-10-17 21:14:45 80,896 ----a-w c:\windows\system32\fontsub.dll
+ 2008-04-14 00:11:53 80,896 ----a-w c:\windows\system32\fontsub.dll
- 2004-08-10 09:00:00 20,992 ----a-w c:\windows\system32\fontview.exe
+ 2008-04-14 00:12:20 20,992 ----a-w c:\windows\system32\fontview.exe
- 2004-08-10 09:00:00 7,168 ----a-w c:\windows\system32\forcedos.exe
+ 2008-04-14 00:12:20 7,680 ----a-w c:\windows\system32\forcedos.exe
- 2004-08-10 09:00:00 25,600 ----a-w c:\windows\system32\format.com
+ 2008-04-14 00:12:42 29,696 ----a-w c:\windows\system32\format.com
- 2004-08-10 09:00:00 9,344 ----a-w c:\windows\system32\framebuf.dll
+ 2008-04-14 00:09:33 9,344 ----a-w c:\windows\system32\framebuf.dll
- 2004-08-10 09:00:00 55,296 ----a-w c:\windows\system32\freecell.exe
+ 2004-08-10 09:00:00 72,704 ----a-w c:\windows\system32\freecell.exe
- 2004-08-10 09:00:00 193,024 ----a-w c:\windows\system32\fsquirt.exe
+ 2008-04-14 00:12:20 193,024 ----a-w c:\windows\system32\fsquirt.exe
- 2004-08-10 09:00:00 42,496 ----a-w c:\windows\system32\ftp.exe
+ 2008-04-14 00:12:20 42,496 ----a-w c:\windows\system32\ftp.exe
- 2004-08-10 09:00:00 60,416 ----a-w c:\windows\system32\fwcfg.dll
+ 2008-04-14 00:11:53 60,416 ----a-w c:\windows\system32\fwcfg.dll
- 2004-08-10 09:00:00 452,096 ----a-w c:\windows\system32\fxsapi.dll
+ 2008-04-14 00:11:53 451,584 ----a-w c:\windows\system32\fxsapi.dll
- 2004-08-10 09:00:00 143,360 ----a-w c:\windows\system32\fxsclnt.exe
+ 2008-04-14 00:12:21 142,848 ----a-w c:\windows\system32\fxsclnt.exe
- 2004-08-10 09:00:00 72,192 ----a-w c:\windows\system32\fxscom.dll
+ 2008-04-14 00:11:54 72,192 ----a-w c:\windows\system32\fxscom.dll
- 2004-08-10 09:00:00 285,184 ----a-w c:\windows\system32\fxscomex.dll
+ 2008-04-14 00:11:54 285,184 ----a-w c:\windows\system32\fxscomex.dll
- 2004-08-10 09:00:00 229,376 ----a-w c:\windows\system32\fxscover.exe
+ 2008-04-14 00:12:21 246,272 ----a-w c:\windows\system32\fxscover.exe
- 2004-08-10 09:00:00 27,136 ----a-w c:\windows\system32\fxsdrv.dll
+ 2008-04-14 00:11:54 26,624 ----a-w c:\windows\system32\fxsdrv.dll
- 2004-08-10 09:00:00 55,296 ----a-w c:\windows\system32\fxsevent.dll
+ 2008-04-14 00:11:54 55,296 ----a-w c:\windows\system32\fxsevent.dll
- 2004-08-10 09:00:00 23,552 ----a-w c:\windows\system32\fxsext32.dll
+ 2008-04-14 00:11:54 23,552 ----a-w c:\windows\system32\fxsext32.dll
- 2004-08-10 09:00:00 23,552 ----a-w c:\windows\system32\fxsmon.dll
+ 2008-04-14 00:11:54 23,552 ----a-w c:\windows\system32\fxsmon.dll
- 2004-08-10 09:00:00 8,704 ----a-w c:\windows\system32\fxsperf.dll
+ 2008-04-14 00:11:54 8,704 ----a-w c:\windows\system32\fxsperf.dll
- 2004-08-10 09:00:00 6,656 ----a-w c:\windows\system32\fxsres.dll
+ 2008-04-14 00:09:33 6,656 ----a-w c:\windows\system32\fxsres.dll
- 2004-08-10 09:00:00 11,264 ----a-w c:\windows\system32\fxssend.exe
+ 2004-08-10 09:00:00 28,160 ----a-w c:\windows\system32\fxssend.exe
- 2004-08-10 09:00:00 562,176 ----a-w c:\windows\system32\fxsst.dll
+ 2008-04-14 00:11:54 562,176 ----a-w c:\windows\system32\fxsst.dll
- 2004-08-10 09:00:00 267,776 ----a-w c:\windows\system32\fxssvc.exe
+ 2008-04-14 00:12:21 284,672 ----a-w c:\windows\system32\fxssvc.exe
- 2004-08-10 09:00:00 246,272 ----a-w c:\windows\system32\fxst30.dll
+ 2008-04-14 00:11:54 246,272 ----a-w c:\windows\system32\fxst30.dll
- 2004-08-10 09:00:00 397,312 ----a-w c:\windows\system32\fxstiff.dll
+ 2008-04-14 00:11:54 397,312 ----a-w c:\windows\system32\fxstiff.dll
- 2004-08-10 09:00:00 154,112 ----a-w c:\windows\system32\fxsui.dll
+ 2008-04-14 00:11:54 154,112 ----a-w c:\windows\system32\fxsui.dll
- 2004-08-10 09:00:00 192,512 ----a-w c:\windows\system32\fxswzrd.dll
+ 2008-04-14 00:11:54 192,512 ----a-w c:\windows\system32\fxswzrd.dll
- 2004-08-10 09:00:00 400,384 ----a-w c:\windows\system32\fxsxp32.dll
+ 2008-04-14 00:11:54 400,384 ----a-w c:\windows\system32\fxsxp32.dll
- 2008-10-23 13:01:36 283,648 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\system32\gdi32.dll
- 2004-08-10 09:00:00 55,296 ----a-w c:\windows\system32\getmac.exe
+ 2008-04-14 00:12:21 59,904 ----a-w c:\windows\system32\getmac.exe
- 2004-08-10 09:00:00 122,880 ----a-w c:\windows\system32\glu32.dll
+ 2008-04-14 00:11:54 122,880 ----a-w c:\windows\system32\glu32.dll
- 2004-08-10 09:00:00 566,784 ----a-w c:\windows\system32\gpedit.dll
+ 2008-04-14 00:09:35 566,784 ----a-w c:\windows\system32\gpedit.dll
- 2004-08-10 09:00:00 9,728 ----a-w c:\windows\system32\gpkrsrc.dll
+ 2006-12-31 01:26:44 9,728 ----a-w c:\windows\system32\gpkrsrc.dll
- 2004-08-10 09:00:00 119,808 ----a-w c:\windows\system32\gpresult.exe
+ 2008-04-14 00:12:21 120,832 ----a-w c:\windows\system32\gpresult.exe
- 2004-08-10 09:00:00 198,656 ----a-w c:\windows\system32\gptext.dll
+ 2008-04-14 00:11:54 199,680 ----a-w c:\windows\system32\gptext.dll
- 2004-08-10 09:00:00 39,424 ----a-w c:\windows\system32\grpconv.exe
+ 2008-04-14 00:12:21 56,320 ----a-w c:\windows\system32\grpconv.exe
- 2004-08-10 09:00:00 614,912 ----a-w c:\windows\system32\h323msp.dll
+ 2008-04-14 00:11:54 614,912 ----a-w c:\windows\system32\h323msp.dll
- 2005-06-23 00:05:52 134,272 ----a-w c:\windows\system32\HAL.DLL
+ 2008-04-13 18:31:28 134,400 ----a-w c:\windows\system32\HAL.DLL
- 2004-08-10 09:00:00 7,168 ----a-w c:\windows\system32\hccoin.dll
+ 2008-04-14 00:11:54 7,168 ----a-w c:\windows\system32\hccoin.dll
- 2004-08-10 09:00:00 14,848 ----a-w c:\windows\system32\help.exe
+ 2008-04-14 00:12:21 15,872 ----a-w c:\windows\system32\help.exe
- 2005-05-27 02:04:27 41,472 ----a-w c:\windows\system32\hhsetup.dll
+ 2008-04-14 00:11:54 41,472 ----a-w c:\windows\system32\hhsetup.dll
- 2004-08-10 09:00:00 20,992 ----a-w c:\windows\system32\hid.dll
+ 2008-04-14 00:11:54 20,992 ----a-w c:\windows\system32\hid.dll
- 2004-08-04 04:56:44 21,504 ----a-w c:\windows\system32\hidserv.dll
+ 2008-04-14 00:11:54 21,504 ----a-w c:\windows\system32\hidserv.dll
- 2006-07-21 08:24:43 72,704 ----a-w c:\windows\system32\hlink.dll
+ 2008-04-14 00:11:54 72,704 ----a-w c:\windows\system32\hlink.dll
- 2004-08-10 09:00:00 344,064 ----a-w c:\windows\system32\hnetcfg.dll
+ 2008-04-14 00:11:54 344,064 ----a-w c:\windows\system32\hnetcfg.dll
- 2004-08-10 09:00:00 330,752 ----a-w c:\windows\system32\hnetwiz.dll
+ 2008-04-14 00:11:54 330,752 ----a-w c:\windows\system32\hnetwiz.dll
- 2004-08-10 09:00:00 7,680 ----a-w c:\windows\system32\hostname.exe
+ 2004-08-10 09:00:00 25,088 ----a-w c:\windows\system32\hostname.exe
- 2004-08-10 09:00:00 144,896 ----a-w c:\windows\system32\hotplug.dll
+ 2008-04-14 00:11:54 144,896 ----a-w c:\windows\system32\hotplug.dll
+ 2008-04-14 00:11:54 32,285 ------w c:\windows\system32\hsfcisp2.dll
- 2004-08-10 09:00:00 24,576 ----a-w c:\windows\system32\httpapi.dll
+ 2008-04-14 00:11:54 24,576 ----a-w c:\windows\system32\httpapi.dll
- 2004-08-10 09:00:00 41,984 ----a-w c:\windows\system32\htui.dll
+ 2008-04-14 00:11:54 41,984 ----a-w c:\windows\system32\htui.dll
- 2004-11-17 17:41:24 347,136 ----a-w c:\windows\system32\hypertrm.dll
+ 2008-04-14 00:11:54 347,136 ----a-w c:\windows\system32\hypertrm.dll
- 2004-08-10 09:00:00 119,808 ----a-w c:\windows\system32\iasrad.dll
+ 2008-04-14 00:11:54 119,808 ----a-w c:\windows\system32\iasrad.dll
- 2004-08-10 09:00:00 11,264 ----a-w c:\windows\system32\icaapi.dll
+ 2008-04-14 00:11:54 11,264 ----a-w c:\windows\system32\icaapi.dll
- 2008-10-16 20:38:35 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-12-20 23:15:13 63,488 ----a-w c:\windows\system32\icardie.dll
- 2004-08-10 09:00:00 80,384 ----a-w c:\windows\system32\iccvid.dll
+ 2008-04-14 00:11:54 80,384 ----a-w c:\windows\system32\iccvid.dll
- 2005-06-29 01:46:00 254,976 ----a-w c:\windows\system32\icm32.dll
+ 2008-04-14 00:11:54 254,976 ----a-w c:\windows\system32\icm32.dll
- 2004-08-10 09:00:00 3,584 ----a-w c:\windows\system32\icmp.dll
+ 2008-04-14 00:09:40 3,584 ----a-w c:\windows\system32\icmp.dll
- 2004-08-10 09:00:00 73,728 ----a-w c:\windows\system32\icwdial.dll
+ 2008-04-14 00:11:54 73,728 ----a-w c:\windows\system32\icwdial.dll
- 2004-08-10 09:00:00 65,536 ----a-w c:\windows\system32\icwphbk.dll
+ 2008-04-14 00:11:54 65,536 ----a-w c:\windows\system32\icwphbk.dll
- 2004-08-10 09:00:00 120,832 ----a-w c:\windows\system32\idq.dll
+ 2008-04-14 00:11:54 120,832 ----a-w c:\windows\system32\idq.dll
- 2008-10-16 13:11:09 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-10-16 20:38:35 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-10-16 20:38:35 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-10-16 20:38:35 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-12-20 23:15:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-10-16 20:38:35 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2006-10-17 17:06:00 78,336 ----a-w c:\windows\system32\ieencode.dll
+ 2008-04-14 00:11:54 81,920 ----a-w c:\windows\system32\ieencode.dll
- 2008-10-16 20:38:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-12-20 23:15:21 6,066,688 ----a-w c:\windows\system32\ieframe.dll
- 2008-10-16 20:38:37 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-12-20 23:15:21 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-10-16 20:38:37 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-12-20 23:15:22 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2004-08-10 09:00:00 114,688 ----a-w c:\windows\system32\iexpress.exe
+ 2008-04-14 00:12:22 114,688 ----a-w c:\windows\system32\iexpress.exe
- 2004-08-10 09:00:00 135,680 ----a-w c:\windows\system32\ifmon.dll
+ 2008-04-14 00:11:54 135,680 ----a-w c:\windows\system32\ifmon.dll
- 2004-08-10 09:00:00 8,192 ----a-w c:\windows\system32\igmpagnt.dll
+ 2008-04-14 00:11:54 8,192 ----a-w c:\windows\system32\igmpagnt.dll
- 2004-08-10 09:00:00 81,920 ----a-w c:\windows\system32\ils.dll
+ 2008-04-14 00:11:54 81,920 ----a-w c:\windows\system32\ils.dll
- 2004-08-10 09:00:00 144,384 ----a-w c:\windows\system32\imagehlp.dll
+ 2008-04-14 00:11:54 144,384 ----a-w c:\windows\system32\imagehlp.dll
- 2004-08-10 09:00:00 150,016 ----a-w c:\windows\system32\imapi.exe
+ 2008-04-14 00:12:22 167,936 ----a-w c:\windows\system32\imapi.exe
- 2004-08-10 09:00:00 36,921 ----a-w c:\windows\system32\imeshare.dll
+ 2008-04-14 00:11:54 36,921 ----a-w c:\windows\system32\imeshare.dll
- 2004-08-10 09:00:00 110,080 ----a-w c:\windows\system32\imm32.dll
+ 2008-04-14 00:11:54 110,080 ----a-w c:\windows\system32\imm32.dll
- 2004-08-10 09:00:00 274,432 ----a-w c:\windows\system32\inetcfg.dll
+ 2008-04-14 00:11:54 274,432 ----a-w c:\windows\system32\inetcfg.dll
- 2008-04-11 18:50:43 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w c:\windows\system32\inetcomm.dll
- 2004-08-10 09:00:00 33,280 ----a-w c:\windows\system32\inetmib1.dll
+ 2008-04-14 00:11:55 32,768 ----a-w c:\windows\system32\inetmib1.dll
- 2004-08-10 09:00:00 75,264 ----a-w c:\windows\system32\inetpp.dll
+ 2008-04-14 00:11:55 75,264 ----a-w c:\windows\system32\inetpp.dll
- 2004-08-10 09:00:00 15,872 ----a-w c:\windows\system32\inetppui.dll
+ 2008-04-14 00:11:55 15,872 ----a-w c:\windows\system32\inetppui.dll
- 2004-08-10 09:00:00 48,128 ----a-w c:\windows\system32\inetres.dll
+ 2008-04-13 16:22:12 48,128 ----a-w c:\windows\system32\inetres.dll
+ 2008-04-14 00:12:05 221,696 ------w c:\windows\system32\inetsrv\seo.dll
+ 2008-04-14 00:12:06 189,440 ------w c:\windows\system32\inetsrv\smtpadm.dll
+ 2008-04-14 00:12:06 2,134,528 ------w c:\windows\system32\inetsrv\smtpsnap.dll
- 2004-08-10 09:00:00 147,456 ----a-w c:\windows\system32\initpki.dll
+ 2008-04-14 00:11:55 147,456 ----a-w c:\windows\system32\initpki.dll
- 2004-08-10 09:00:00 123,392 ----a-w c:\windows\system32\input.dll
+ 2008-04-14 00:11:55 123,392 ----a-w c:\windows\system32\input.dll
- 2004-08-10 09:00:00 55,808 ----a-w c:\windows\system32\ipconfig.exe
+ 2008-04-14 00:12:22 72,704 ----a-w c:\windows\system32\ipconfig.exe
- 2006-05-19 12:59:41 94,720 ----a-w c:\windows\system32\iphlpapi.dll
+ 2008-04-14 00:11:55 94,720 ----a-w c:\windows\system32\iphlpapi.dll
- 2004-08-10 09:00:00 154,112 ----a-w c:\windows\system32\ipmontr.dll
+ 2008-04-14 00:11:55 161,280 ----a-w c:\windows\system32\ipmontr.dll
- 2004-08-10 09:00:00 331,264 ----a-w c:\windows\system32\ipnathlp.dll
+ 2008-04-14 00:11:55 331,264 ----a-w c:\windows\system32\ipnathlp.dll
- 2004-08-10 09:00:00 330,752 ----a-w c:\windows\system32\ippromon.dll
+ 2008-04-14 00:11:55 330,752 ----a-w c:\windows\system32\ippromon.dll
- 2004-08-10 09:00:00 169,984 ----a-w c:\windows\system32\iprtrmgr.dll
+ 2008-04-14 00:11:55 177,152 ----a-w c:\windows\system32\iprtrmgr.dll
- 2004-08-10 09:00:00 349,696 ----a-w c:\windows\system32\ipsecsnp.dll
+ 2008-04-14 00:11:55 349,696 ----a-w c:\windows\system32\ipsecsnp.dll
- 2004-08-10 09:00:00 182,784 ----a-w c:\windows\system32\ipsecsvc.dll
+ 2008-04-14 00:11:55 183,808 ----a-w c:\windows\system32\ipsecsvc.dll
- 2004-08-10 09:00:00 384,000 ----a-w c:\windows\system32\ipsmsnap.dll
+ 2008-04-14 00:11:55 384,000 ----a-w c:\windows\system32\ipsmsnap.dll
- 2004-08-10 09:00:00 53,248 ----a-w c:\windows\system32\ipv6.exe
+ 2008-04-14 00:12:23 53,248 ----a-w c:\windows\system32\ipv6.exe
- 2004-08-10 09:00:00 59,904 ----a-w c:\windows\system32\ipv6mon.dll
+ 2008-04-14 00:11:55 59,904 ----a-w c:\windows\system32\ipv6mon.dll
- 2004-08-10 09:00:00 23,552 ----a-w c:\windows\system32\ipxroute.exe
+ 2008-04-14 00:12:23 23,552 ----a-w c:\windows\system32\ipxroute.exe
- 2004-08-10 09:00:00 20,992 ----a-w c:\windows\system32\ipxwan.dll
+ 2008-04-14 00:11:55 22,016 ----a-w c:\windows\system32\ipxwan.dll
- 2004-08-10 09:00:00 120,320 ----a-w c:\windows\system32\ir41_qc.dll
+ 2008-04-14 00:11:55 120,320 ----a-w c:\windows\system32\ir41_qc.dll
- 2004-08-10 09:00:00 338,432 ----a-w c:\windows\system32\ir41_qcx.dll
+ 2008-04-14 00:11:55 338,432 ----a-w c:\windows\system32\ir41_qcx.dll
- 2004-08-10 09:00:00 755,200 ----a-w c:\windows\system32\ir50_32.dll
+ 2008-04-14 00:11:55 755,200 ----a-w c:\windows\system32\ir50_32.dll
- 2004-08-10 09:00:00 200,192 ----a-w c:\windows\system32\ir50_qc.dll
+ 2008-04-14 00:11:55 200,192 ----a-w c:\windows\system32\ir50_qc.dll
- 2004-08-10 09:00:00 183,808 ----a-w c:\windows\system32\ir50_qcx.dll
+ 2008-04-14 00:11:55 183,808 ----a-w c:\windows\system32\ir50_qcx.dll
- 2004-08-10 09:00:00 81,920 ----a-w c:\windows\system32\isign32.dll
+ 2008-04-14 00:11:55 81,920 ----a-w c:\windows\system32\isign32.dll
- 2004-08-10 09:00:00 32,768 ----a-w c:\windows\system32\isrdbg32.dll
+ 2008-04-14 00:11:55 32,768 ----a-w c:\windows\system32\isrdbg32.dll
- 2005-05-27 02:04:27 155,136 ----a-w c:\windows\system32\itircl.dll
+ 2008-04-14 00:11:55 155,136 ----a-w c:\windows\system32\itircl.dll
- 2005-05-27 02:04:27 137,216 ----a-w c:\windows\system32\itss.dll
+ 2008-04-14 00:11:55 138,240 ----a-w c:\windows\system32\itss.dll
- 2004-08-10 09:00:00 54,272 ----a-w c:\windows\system32\ixsso.dll
+ 2008-04-14 00:11:55 54,272 ----a-w c:\windows\system32\ixsso.dll
- 2004-08-04 04:56:44 47,616 ----a-w c:\windows\system32\iyuv_32.dll
+ 2008-04-14 00:11:55 47,616 ----a-w c:\windows\system32\iyuv_32.dll
+ 2009-03-02 16:58:09 84,992 --sha-w c:\windows\system32\japuduho.dll
- 2006-06-01 18:47:07 163,840 ------w c:\windows\system32\jgdw400.dll
+ 2008-04-14 00:11:55 163,840 ------w c:\windows\system32\jgdw400.dll
- 2006-06-01 18:47:07 27,648 ------w c:\windows\system32\jgpl400.dll
+ 2008-04-14 00:11:55 27,648 ------w c:\windows\system32\jgpl400.dll
- 2006-10-17 17:00:00 491,520 ----a-w c:\windows\system32\jscript.dll
+ 2008-05-09 10:53:39 512,000 ----a-w c:\windows\system32\jscript.dll
- 2008-10-16 20:38:37 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2007-08-29 19:47:20 94,208 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 19:47:20 114,688 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
- 2001-08-17 18:55:56 6,144 ----a-w c:\windows\system32\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbd106.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdbhc.dll
- 2004-08-10 09:00:00 7,168 ----a-w c:\windows\system32\kbdfi1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdfi1.dll
- 2004-08-10 09:00:00 6,144 ----a-w c:\windows\system32\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdinbe1.dll
- 2004-08-10 09:00:00 6,656 ----a-w c:\windows\system32\kbdinben.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdinben.dll
- 2004-08-10 09:00:00 6,656 ----a-w c:\windows\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,656 ----a-w c:\windows\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdiultn.dll
- 2004-08-10 09:00:00 5,632 ----a-w c:\windows\system32\kbdmaori.dll
+ 2008-04-14 00:09:55 5,632 ----a-w c:\windows\system32\kbdmaori.dll
- 2004-08-10 09:00:00 6,144 ----a-w c:\windows\system32\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt47.dll
- 2004-08-10 09:00:00 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ----a-w c:\windows\system32\kbdmlt48.dll
- 2004-08-10 09:00:00 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdnepr.dll
- 2004-08-10 09:00:00 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w c:\windows\system32\kbdpash.dll
- 2004-08-10 09:00:00 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsfi.dll
- 2004-08-10 09:00:00 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ----a-w c:\windows\system32\kbdsmsno.dll
- 2004-08-10 09:00:00 7,168 ----a-w c:\windows\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ----a-w c:\windows\system32\kbdukx.dll
- 2004-08-10 09:00:00 7,424 ----a-w c:\windows\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w c:\windows\system32\kd1394.dll
- 2005-06-15 17:49:30 295,936 ----a-w c:\windows\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w c:\windows\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w c:\windows\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w c:\windows\system32\kernel32.dll
- 2004-08-10 09:00:00 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w c:\windows\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ------w c:\windows\system32\kmsvc.dll
- 2004-08-04 04:56:44 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w c:\windows\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w c:\windows\system32\l2gpstore.dll
- 2004-08-10 09:00:00 423,936 ----a-w c:\windows\system32\licdll.dll
+ 2008-04-14 09:41:58 423,936 ----a-w c:\windows\system32\licdll.dll
- 2004-08-10 09:00:00 58,880 ----a-w c:\windows\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w c:\windows\system32\licwmi.dll
- 2005-09-01 01:41:53 19,968 ----a-w c:\windows\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\linkinfo.dll
- 2004-08-10 09:00:00 13,824 ----a-w c:\windows\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w c:\windows\system32\lmhsvc.dll
- 2004-08-10 09:00:00 399,872 ----a-w c:\windows\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w c:\windows\system32\lmrt.dll
- 2004-08-10 09:00:00 97,280 ----a-w c:\windows\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w c:\windows\system32\loadperf.dll
- 2004-08-10 09:00:00 221,696 ----a-w c:\windows\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w c:\windows\system32\localsec.dll
- 2004-08-10 09:00:00 341,504 ----a-w c:\windows\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w c:\windows\system32\localspl.dll
- 2004-08-10 09:00:00 11,776 ----a-w c:\windows\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w c:\windows\system32\localui.dll
- 2004-08-10 09:00:00 75,264 ----a-w c:\windows\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w c:\windows\system32\locator.exe
- 2004-08-10 09:00:00 59,392 ----a-w c:\windows\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ----a-w c:\windows\system32\logman.exe
- 2004-08-10 09:00:00 220,672 ----a-w c:\windows\system32\logon.scr
+ 2008-04-14 00:12:43 237,568 ----a-w c:\windows\system32\logon.scr
- 2004-08-10 09:00:00 514,560 ----a-w c:\windows\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w c:\windows\system32\logonui.exe
- 2004-08-10 09:00:00 22,016 ----a-w c:\windows\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w c:\windows\system32\lpk.dll
- 2004-08-10 09:00:00 10,240 ----a-w c:\windows\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w c:\windows\system32\lprhelp.dll
+ 2004-08-10 09:00:00 219,392 ----a-w c:\windows\system32\lpwaziyr.dat
- 2007-11-07 09:26:56 721,920 ----a-w c:\windows\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w c:\windows\system32\lsasrv.dll
- 2004-08-10 09:00:00 13,312 ----a-w c:\windows\system32\lsass.exe
+ 2008-04-14 00:12:24 13,312 ----a-w c:\windows\system32\lsass.exe
- 2007-11-21 00:52:40 218,496 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-04-01 00:34:37 70,264 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-02-12 16:19:06 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2004-08-10 09:00:00 72,704 ----a-w c:\windows\system32\magnify.exe
+ 2008-04-14 00:12:24 90,112 ----a-w c:\windows\system32\magnify.exe
- 2004-08-10 09:00:00 85,504 ----a-w c:\windows\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w c:\windows\system32\makecab.exe
- 2004-08-10 09:00:00 14,848 ----a-w c:\windows\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w c:\windows\system32\mcastmib.dll
- 2004-08-10 09:00:00 84,480 ----a-w c:\windows\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w c:\windows\system32\mciavi32.dll
- 2004-08-10 09:00:00 35,328 ----a-w c:\windows\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w c:\windows\system32\mciqtz32.dll
- 2004-08-10 09:00:00 23,040 ----a-w c:\windows\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w c:\windows\system32\mciseq.dll
- 2004-08-10 09:00:00 23,552 ----a-w c:\windows\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w c:\windows\system32\mciwave.dll
- 2004-08-10 09:00:00 118,272 ----a-w c:\windows\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w c:\windows\system32\mdminst.dll
+ 2008-04-14 00:11:56 86,016 ------w c:\windows\system32\mdmxsdk.dll
- 2007-03-08 15:36:28 40,960 ----a-w c:\windows\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w c:\windows\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 ----a-w c:\windows\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w c:\windows\system32\mfc40u.dll
- 2004-08-10 09:00:00 1,028,096 ------w c:\windows\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w c:\windows\system32\mfc42.dll
- 2004-08-10 09:00:00 22,528 ----a-w c:\windows\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w c:\windows\system32\mfcsubs.dll
- 2004-08-10 09:00:00 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w c:\windows\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ------w c:\windows\system32\microsoft.managementconsole.dll
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w c:\windows\system32\midimap.dll
- 2004-08-10 09:00:00 60,928 ----a-w c:\windows\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w c:\windows\system32\miglibnt.dll
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w c:\windows\system32\mimefilt.dll
- 2004-08-10 09:00:00 586,240 ----a-w c:\windows\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w c:\windows\system32\mlang.dll
- 2004-08-10 09:00:00 815,104 ----a-w c:\windows\system32\mmc.exe
+ 2008-04-14 00:12:25 1,431,552 ----a-w c:\windows\system32\mmc.exe
- 2004-08-10 09:00:00 70,656 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w c:\windows\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w c:\windows\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ------w c:\windows\system32\mmcfxcommon.dll
- 2004-08-10 09:00:00 1,192,960 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w c:\windows\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w c:\windows\system32\mmcperf.exe
- 2004-08-10 09:00:00 50,688 ----a-w c:\windows\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w c:\windows\system32\mmcshext.dll
- 2004-08-10 09:00:00 17,408 ----a-w c:\windows\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w c:\windows\system32\mmfutil.dll
- 2004-08-10 09:00:00 34,560 ----a-w c:\windows\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w c:\windows\system32\mnmdd.dll
- 2004-08-10 09:00:00 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
- 2004-08-10 09:00:00 207,360 ----a-w c:\windows\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w c:\windows\system32\mobsync.dll
- 2004-08-10 09:00:00 143,360 ----a-w c:\windows\system32\mobsync.exe
+ 2008-04-14 00:12:26 160,256 ----a-w c:\windows\system32\mobsync.exe
- 2004-08-10 09:00:00 153,600 ----a-w c:\windows\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w c:\windows\system32\modemui.dll

blacklogman · 2009/03/05

- 2004-08-10 09:00:00 15,872 ----a-w c:\windows\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w c:\windows\system32\more.com
- 2004-08-10 09:00:00 216,064 ----a-w c:\windows\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w c:\windows\system32\moricons.dll
- 2004-08-10 09:00:00 123,392 ----a-w c:\windows\system32\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w c:\windows\system32\mplay32.exe
- 2004-08-10 09:00:00 22,016 ----a-w c:\windows\system32\mpnotify.exe
+ 2004-08-10 09:00:00 39,424 ----a-w c:\windows\system32\mpnotify.exe
- 2004-08-10 09:00:00 59,904 ----a-w c:\windows\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w c:\windows\system32\mpr.dll
- 2004-08-10 09:00:00 87,040 ----a-w c:\windows\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w c:\windows\system32\mprapi.dll
- 2004-08-10 09:00:00 49,152 ----a-w c:\windows\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w c:\windows\system32\mprdim.dll
- 2007-07-06 12:46:59 138,240 ----a-w c:\windows\system32\mqad.dll
+ 2008-04-14 00:11:57 138,240 ----a-w c:\windows\system32\mqad.dll
- 2004-08-10 09:00:00 19,968 ----a-w c:\windows\system32\mqbkup.exe
+ 2008-04-14 00:12:27 19,968 ----a-w c:\windows\system32\mqbkup.exe
- 2007-07-06 12:46:59 47,104 ----a-w c:\windows\system32\mqdscli.dll
+ 2008-04-14 00:11:57 47,616 ----a-w c:\windows\system32\mqdscli.dll
- 2007-07-06 12:46:59 16,896 ----a-w c:\windows\system32\mqise.dll
+ 2008-04-14 00:11:57 16,896 ----a-w c:\windows\system32\mqise.dll
- 2004-08-10 09:00:00 89,088 ----a-w c:\windows\system32\mqlogmgr.dll
+ 2008-04-14 00:11:57 89,088 ----a-w c:\windows\system32\mqlogmgr.dll
- 2004-08-10 09:00:00 225,280 ----a-w c:\windows\system32\mqoa.dll
+ 2008-04-14 00:11:57 225,280 ----a-w c:\windows\system32\mqoa.dll
- 2007-07-06 12:46:59 660,992 ----a-w c:\windows\system32\mqqm.dll
+ 2008-04-14 00:11:57 663,040 ----a-w c:\windows\system32\mqqm.dll
- 2007-07-06 12:46:59 177,152 ----a-w c:\windows\system32\mqrt.dll
+ 2008-04-14 00:11:57 177,152 ----a-w c:\windows\system32\mqrt.dll
- 2004-08-10 09:00:00 123,392 ----a-w c:\windows\system32\mqrtdep.dll
+ 2008-04-14 00:11:57 123,904 ----a-w c:\windows\system32\mqrtdep.dll
- 2007-07-06 12:46:59 95,744 ----a-w c:\windows\system32\mqsec.dll
+ 2008-04-14 00:11:57 95,744 ----a-w c:\windows\system32\mqsec.dll
- 2004-08-10 09:00:00 517,632 ----a-w c:\windows\system32\mqsnap.dll
+ 2008-04-14 00:11:58 517,632 ----a-w c:\windows\system32\mqsnap.dll
- 2004-08-10 09:00:00 4,608 ----a-w c:\windows\system32\mqsvc.exe
+ 2008-04-14 00:12:27 4,608 ----a-w c:\windows\system32\mqsvc.exe
- 2004-08-10 09:00:00 117,248 ----a-w c:\windows\system32\mqtgsvc.exe
+ 2008-04-14 00:12:27 117,248 ----a-w c:\windows\system32\mqtgsvc.exe
- 2004-08-10 09:00:00 186,880 ----a-w c:\windows\system32\mqtrig.dll
+ 2008-04-14 00:11:58 187,392 ----a-w c:\windows\system32\mqtrig.dll
- 2007-07-06 12:46:59 48,640 ----a-w c:\windows\system32\mqupgrd.dll
+ 2008-04-14 00:11:58 49,152 ----a-w c:\windows\system32\mqupgrd.dll
- 2007-07-06 12:46:59 471,552 ----a-w c:\windows\system32\mqutil.dll
+ 2008-04-14 00:11:58 471,552 ----a-w c:\windows\system32\mqutil.dll
- 2004-08-10 09:00:00 71,680 ----a-w c:\windows\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w c:\windows\system32\msacm32.dll
- 2004-08-10 09:00:00 3,584 ----a-w c:\windows\system32\msafd.dll
+ 2008-04-14 00:10:06 3,584 ----a-w c:\windows\system32\msafd.dll
- 2004-08-10 09:00:00 86,016 ----a-w c:\windows\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w c:\windows\system32\msapsspc.dll
- 2004-08-10 09:00:00 57,344 ----a-w c:\windows\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w c:\windows\system32\msasn1.dll
- 2008-06-24 16:23:05 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\system32\mscms.dll
- 2004-08-10 09:00:00 69,632 ----a-w c:\windows\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w c:\windows\system32\msconf.dll
- 2004-08-10 09:00:00 12,288 ----a-w c:\windows\system32\mscpx32r.dLL
+ 2008-04-13 17:26:07 12,288 ----a-w c:\windows\system32\mscpx32r.dll
- 2004-08-10 09:00:00 36,864 ----a-w c:\windows\system32\mscpxl32.dLL
+ 2008-04-14 00:11:58 36,864 ----a-w c:\windows\system32\mscpxl32.dll
- 2008-02-26 11:59:50 294,912 ----a-w c:\windows\system32\msctf.dll
+ 2008-04-14 00:11:58 297,984 ----a-w c:\windows\system32\msctf.dll
- 2004-08-10 09:00:00 69,120 ----a-w c:\windows\system32\MSCTFP.dll
+ 2008-04-14 00:11:58 68,608 ----a-w c:\windows\system32\msctfp.dll
- 2004-08-10 09:00:00 118,784 ----a-w c:\windows\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ----a-w c:\windows\system32\msdadiag.dll
- 2004-08-10 09:00:00 151,552 ----a-w c:\windows\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w c:\windows\system32\msdart.dll
- 2004-08-10 09:00:00 14,336 ----a-w c:\windows\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w c:\windows\system32\msdmo.dll
- 2004-08-10 09:00:00 6,144 ----a-w c:\windows\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w c:\windows\system32\msdtc.exe
- 2004-08-10 09:00:00 58,880 ----a-w c:\windows\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w c:\windows\system32\msdtclog.dll
- 2006-03-01 19:42:42 426,496 ----a-w c:\windows\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w c:\windows\system32\msdtcprx.dll
- 2006-03-01 19:42:42 956,416 ----a-w c:\windows\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w c:\windows\system32\msdtctm.dll
- 2006-03-01 19:42:42 161,280 ----a-w c:\windows\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w c:\windows\system32\msdtcuiu.dll
- 2004-08-10 09:00:00 4,126 ----a-w c:\windows\system32\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w c:\windows\system32\msdxmlc.dll
- 2008-10-16 20:38:37 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-12-20 23:15:23 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-10-16 20:38:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2006-11-27 14:54:06 539,136 ----a-w c:\windows\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w c:\windows\system32\msftedit.dll
- 2004-08-10 09:00:00 994,304 ----a-w c:\windows\system32\msgina.dll
+ 2008-04-14 00:11:59 997,376 ----a-w c:\windows\system32\msgina.dll
- 2004-08-10 09:00:00 33,792 ----a-w c:\windows\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w c:\windows\system32\msgsvc.dll
- 2004-08-10 09:00:00 188,416 ----a-w c:\windows\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w c:\windows\system32\msh261.drv
- 2004-08-04 04:56:58 294,912 ----a-w c:\windows\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w c:\windows\system32\msh263.drv
- 2004-08-10 09:00:00 126,976 ----a-w c:\windows\system32\mshearts.exe
+ 2004-08-10 09:00:00 143,872 ----a-w c:\windows\system32\mshearts.exe
- 2006-10-17 16:56:10 45,568 ----a-w c:\windows\system32\mshta.exe
+ 2006-10-17 16:56:10 62,464 ----a-w c:\windows\system32\mshta.exe
- 2008-10-17 07:08:40 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-17 02:35:14 3,594,752 ----a-w c:\windows\system32\mshtml.dll
- 2008-10-16 20:38:38 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2007-04-18 16:12:23 2,854,400 ----a-w c:\windows\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w c:\windows\system32\msi.dll
- 2004-08-10 09:00:00 51,712 ----a-w c:\windows\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w c:\windows\system32\msident.dll
- 2004-08-10 09:00:00 6,656 ----a-w c:\windows\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w c:\windows\system32\msidle.dll
- 2004-08-10 09:00:00 248,832 ----a-w c:\windows\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w c:\windows\system32\msieftp.dll
- 2005-05-04 23:45:36 78,848 ----a-w c:\windows\system32\msiexec.exe
+ 2008-04-14 00:12:28 96,256 ----a-w c:\windows\system32\msiexec.exe
- 2005-05-04 23:45:36 271,360 ----a-w c:\windows\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w c:\windows\system32\msihnd.dll
- 2004-08-10 09:00:00 4,608 ----a-w c:\windows\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w c:\windows\system32\msimg32.dll
- 2005-05-04 23:45:36 884,736 ----a-w c:\windows\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w c:\windows\system32\msimsg.dll
- 2004-08-10 09:00:00 159,232 ----a-w c:\windows\system32\MSIMTF.dll
+ 2008-04-14 00:11:59 159,232 ----a-w c:\windows\system32\msimtf.dll
- 2005-05-04 23:45:36 15,360 ----a-w c:\windows\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\msisip.dll
- 2008-03-27 08:12:54 151,583 ----a-w c:\windows\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w c:\windows\system32\msjint40.dll
- 2004-08-10 09:00:00 25,088 ----a-w c:\windows\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w c:\windows\system32\mslbui.dll
- 2004-08-10 09:00:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w c:\windows\system32\msnsspc.dll
- 2004-08-10 09:00:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w c:\windows\system32\msoeacct.dll
- 2004-08-10 09:00:00 105,984 ----a-w c:\windows\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w c:\windows\system32\msoert2.dll
- 2004-08-10 09:00:00 20,480 ----a-w c:\windows\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w c:\windows\system32\msorc32r.dll
- 2004-08-10 09:00:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w c:\windows\system32\msorcl32.dll
- 2004-08-10 09:00:00 343,040 ----a-w c:\windows\system32\mspaint.exe
+ 2008-04-14 00:12:28 359,936 ----a-w c:\windows\system32\mspaint.exe
- 2004-08-10 09:00:00 30,208 ----a-w c:\windows\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w c:\windows\system32\mspatcha.dll
- 2004-08-10 09:00:00 48,128 ----a-w c:\windows\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w c:\windows\system32\msprivs.dll
- 2008-10-16 20:38:38 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-12-20 23:15:31 193,024 ----a-w c:\windows\system32\msrating.dll
- 2004-08-10 09:00:00 11,264 ----a-w c:\windows\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w c:\windows\system32\msrle32.dll
+ 2004-08-10 09:00:00 257,536 ----a-w c:\windows\system32\msrstart.exe
- 2004-08-10 09:00:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w c:\windows\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w c:\windows\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w c:\windows\system32\msshavmsg.dll
- 2004-08-10 09:00:00 274,944 ----a-w c:\windows\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w c:\windows\system32\mstask.dll
- 2008-10-16 20:38:39 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-12-20 23:15:32 671,232 ----a-w c:\windows\system32\mstime.dll
- 2004-08-10 09:00:00 12,288 ----a-w c:\windows\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w c:\windows\system32\mstinit.exe
- 2004-08-10 09:00:00 115,712 ----a-w c:\windows\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w c:\windows\system32\mstlsapi.dll
- 2004-08-10 09:00:00 407,552 ----a-w c:\windows\system32\mstsc.exe
+ 2008-04-14 00:12:23 694,784 ----a-w c:\windows\system32\mstsc.exe
- 2004-08-10 09:00:00 655,360 ----a-w c:\windows\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w c:\windows\system32\mstscax.dll
- 2004-08-10 09:00:00 195,072 ----a-w c:\windows\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w c:\windows\system32\msutb.dll
- 2004-08-10 09:00:00 129,536 ----a-w c:\windows\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w c:\windows\system32\msv1_0.dll
- 2004-08-10 09:00:00 1,392,671 ----a-w c:\windows\system32\msvbvm60.dll
+ 2008-04-14 00:12:00 1,384,479 ----a-w c:\windows\system32\msvbvm60.dll
- 2004-08-10 09:00:00 54,784 ----a-w c:\windows\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\msvcirt.dll
- 2004-08-10 09:00:00 413,696 ----a-w c:\windows\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w c:\windows\system32\msvcp60.dll
- 2004-08-10 09:00:00 343,040 ------w c:\windows\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w c:\windows\system32\msvcrt.dll
- 2004-08-10 09:00:00 61,440 ----a-w c:\windows\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w c:\windows\system32\msvcrt40.dll
- 2004-08-10 09:00:00 120,832 ----a-w c:\windows\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w c:\windows\system32\msvfw32.dll
- 2004-08-10 09:00:00 72,704 ----a-w c:\windows\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w c:\windows\system32\msw3prt.dll
- 2004-08-10 09:00:00 204,288 ----a-w c:\windows\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w c:\windows\system32\mswebdvd.dll
- 2008-06-20 17:41:10 245,248 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\system32\mswsock.dll
- 2004-08-10 09:00:00 506,368 ----a-w c:\windows\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w c:\windows\system32\msxml.dll
- 2004-08-10 09:00:00 701,440 ----a-w c:\windows\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w c:\windows\system32\msxml2.dll
- 2008-09-04 16:42:02 1,106,944 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2005-09-08 05:03:50 86,728 ----a-w c:\windows\system32\msxml6r.dll
+ 2008-04-13 17:27:18 79,872 ----a-w c:\windows\system32\msxml6r.dll
- 2004-08-04 04:56:46 17,408 ----a-w c:\windows\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w c:\windows\system32\msyuv.dll
- 2006-03-01 19:42:42 66,560 ----a-w c:\windows\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w c:\windows\system32\mtxclu.dll
- 2004-08-10 09:00:00 20,480 ----a-w c:\windows\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w c:\windows\system32\mtxdm.dll
- 2004-08-10 09:00:00 4,096 ----a-w c:\windows\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w c:\windows\system32\mtxex.dll
- 2004-08-10 09:00:00 25,088 ----a-w c:\windows\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w c:\windows\system32\mtxlegih.dll
- 2006-03-01 19:42:42 91,136 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w c:\windows\system32\mtxoci.dll
+ 2008-04-14 00:12:01 1,737,856 ------w c:\windows\system32\mtxparhd.dll
- 2004-08-10 09:00:00 393,728 ----a-w c:\windows\system32\mui\0401\xpob2res.dll
+ 2008-04-13 18:40:07 393,728 ----a-w c:\windows\system32\mui\0401\xpob2res.dll
- 2004-08-10 09:00:00 186,880 ----a-w c:\windows\system32\mui\0401\xpsp1res.dll
+ 2008-04-13 18:35:06 186,880 ----a-w c:\windows\system32\mui\0401\xpsp1res.dll
- 2004-08-10 09:00:00 2,869,248 ----a-w c:\windows\system32\mui\0401\xpsp2res.dll
+ 2008-04-13 18:35:49 2,869,248 ----a-w c:\windows\system32\mui\0401\xpsp2res.dll
+ 2008-04-13 18:39:02 656,896 ------w c:\windows\system32\mui\0401\xpsp3res.dll
- 2004-08-10 09:00:00 189,440 ----a-w c:\windows\system32\mui\0402\xpsp1res.dll
+ 2008-04-13 18:35:08 189,440 ----a-w c:\windows\system32\mui\0402\xpsp1res.dll
- 2004-08-10 09:00:00 212,480 ----a-w c:\windows\system32\mui\0404\xpob2res.dll
+ 2008-04-13 18:40:23 212,480 ----a-w c:\windows\system32\mui\0404\xpob2res.dll
- 2004-08-10 09:00:00 161,280 ----a-w c:\windows\system32\mui\0404\xpsp1res.dll
+ 2008-04-13 18:35:09 161,280 ----a-w c:\windows\system32\mui\0404\xpsp1res.dll
- 2004-08-10 09:00:00 477,696 ----a-w c:\windows\system32\mui\0404\xpsp2res.dll
+ 2008-04-13 18:36:10 477,696 ----a-w c:\windows\system32\mui\0404\xpsp2res.dll
+ 2008-04-13 18:39:13 327,680 ------w c:\windows\system32\mui\0404\xpsp3res.dll
- 2004-08-10 09:00:00 428,032 ----a-w c:\windows\system32\mui\0405\xpob2res.dll
+ 2008-04-13 18:40:24 428,032 ----a-w c:\windows\system32\mui\0405\xpob2res.dll
- 2004-08-10 09:00:00 188,928 ----a-w c:\windows\system32\mui\0405\xpsp1res.dll
+ 2008-04-13 18:35:09 188,928 ----a-w c:\windows\system32\mui\0405\xpsp1res.dll
- 2004-08-10 09:00:00 734,720 ----a-w c:\windows\system32\mui\0405\xpsp2res.dll
+ 2008-04-13 18:36:10 734,720 ----a-w c:\windows\system32\mui\0405\xpsp2res.dll
+ 2008-04-13 18:39:02 601,088 ------w c:\windows\system32\mui\0405\xpsp3res.dll
- 2004-08-10 09:00:00 418,816 ----a-w c:\windows\system32\mui\0406\xpob2res.dll
+ 2008-04-13 18:40:27 418,816 ----a-w c:\windows\system32\mui\0406\xpob2res.dll
- 2004-08-10 09:00:00 192,512 ----a-w c:\windows\system32\mui\0406\xpsp1res.dll
+ 2008-04-13 18:35:09 192,000 ----a-w c:\windows\system32\mui\0406\xpsp1res.dll
- 2004-08-10 09:00:00 742,912 ----a-w c:\windows\system32\mui\0406\xpsp2res.dll
+ 2008-04-13 18:36:10 742,912 ----a-w c:\windows\system32\mui\0406\xpsp2res.dll
+ 2008-04-13 18:39:12 605,696 ------w c:\windows\system32\mui\0406\xpsp3res.dll
- 2004-08-10 09:00:00 403,456 ----a-w c:\windows\system32\mui\0407\xpob2res.dll
+ 2008-04-13 18:40:34 403,456 ----a-w c:\windows\system32\mui\0407\xpob2res.dll
- 2004-08-10 09:00:00 199,680 ----a-w c:\windows\system32\mui\0407\xpsp1res.dll
+ 2008-04-13 18:35:21 199,680 ----a-w c:\windows\system32\mui\0407\xpsp1res.dll
- 2004-08-10 09:00:00 788,992 ----a-w c:\windows\system32\mui\0407\xpsp2res.dll
+ 2008-04-13 18:37:03 788,480 ----a-w c:\windows\system32\mui\0407\xpsp2res.dll
+ 2008-04-13 18:39:19 663,552 ------w c:\windows\system32\mui\0407\xpsp3res.dll
- 2004-08-10 09:00:00 419,328 ----a-w c:\windows\system32\mui\0408\xpob2res.dll
+ 2008-04-13 18:40:30 419,328 ----a-w c:\windows\system32\mui\0408\xpob2res.dll
- 2004-08-10 09:00:00 197,632 ----a-w c:\windows\system32\mui\0408\xpsp1res.dll
+ 2008-04-13 18:35:11 197,632 ----a-w c:\windows\system32\mui\0408\xpsp1res.dll
- 2004-08-10 09:00:00 801,280 ----a-w c:\windows\system32\mui\0408\xpsp2res.dll
+ 2008-04-13 18:36:35 801,280 ----a-w c:\windows\system32\mui\0408\xpsp2res.dll
+ 2008-04-13 18:39:12 679,936 ------w c:\windows\system32\mui\0408\xpsp3res.dll
- 2004-08-10 09:00:00 405,504 ----a-w c:\windows\system32\mui\040b\xpob2res.dll
+ 2008-04-13 18:40:32 405,504 ----a-w c:\windows\system32\mui\040b\xpob2res.dll
- 2004-08-10 09:00:00 186,368 ----a-w c:\windows\system32\mui\040b\xpsp1res.dll
+ 2008-04-13 18:35:11 186,368 ----a-w c:\windows\system32\mui\040b\xpsp1res.dll
- 2004-08-10 09:00:00 729,088 ----a-w c:\windows\system32\mui\040b\xpsp2res.dll
+ 2008-04-13 18:36:39 729,088 ----a-w c:\windows\system32\mui\040b\xpsp2res.dll
+ 2008-04-13 18:39:17 604,672 ------w c:\windows\system32\mui\040b\xpsp3res.dll
- 2004-08-10 09:00:00 410,624 ----a-w c:\windows\system32\mui\040C\xpob2res.dll
+ 2008-04-13 18:40:33 410,624 ----a-w c:\windows\system32\mui\040C\xpob2res.dll
- 2004-08-10 09:00:00 197,632 ----a-w c:\windows\system32\mui\040C\xpsp1res.dll
+ 2008-04-13 18:35:20 197,632 ----a-w c:\windows\system32\mui\040C\xpsp1res.dll
- 2004-08-10 09:00:00 793,600 ----a-w c:\windows\system32\mui\040C\xpsp2res.dll
+ 2008-04-13 18:36:55 793,088 ----a-w c:\windows\system32\mui\040C\xpsp2res.dll
+ 2008-04-13 18:39:20 663,040 ------w c:\windows\system32\mui\040C\xpsp3res.dll
- 2004-08-10 09:00:00 384,000 ----a-w c:\windows\system32\mui\040D\xpob2res.dll
+ 2008-04-13 18:40:32 384,000 ----a-w c:\windows\system32\mui\040D\xpob2res.dll
- 2004-08-10 09:00:00 181,760 ----a-w c:\windows\system32\mui\040D\xpsp1res.dll
+ 2008-04-13 18:35:21 181,760 ----a-w c:\windows\system32\mui\040D\xpsp1res.dll
- 2004-08-10 09:00:00 2,842,112 ----a-w c:\windows\system32\mui\040D\xpsp2res.dll
+ 2008-04-13 18:37:07 2,842,112 ----a-w c:\windows\system32\mui\040D\xpsp2res.dll
+ 2008-04-13 18:39:28 620,544 ------w c:\windows\system32\mui\040D\xpsp3res.dll
- 2004-08-10 09:00:00 434,176 ----a-w c:\windows\system32\mui\040e\xpob2res.dll
+ 2008-04-13 18:40:39 434,176 ----a-w c:\windows\system32\mui\040e\xpob2res.dll
- 2004-08-10 09:00:00 195,584 ----a-w c:\windows\system32\mui\040e\xpsp1res.dll
+ 2008-04-13 18:35:23 195,584 ----a-w c:\windows\system32\mui\040e\xpsp1res.dll
- 2004-08-10 09:00:00 769,536 ----a-w c:\windows\system32\mui\040e\xpsp2res.dll
+ 2008-04-13 18:37:22 769,536 ----a-w c:\windows\system32\mui\040e\xpsp2res.dll
+ 2008-04-13 18:39:28 645,120 ------w c:\windows\system32\mui\040e\xpsp3res.dll
- 2004-08-10 09:00:00 413,696 ----a-w c:\windows\system32\mui\0410\xpob2res.dll
+ 2008-04-13 18:40:39 413,696 ----a-w c:\windows\system32\mui\0410\xpob2res.dll
- 2004-08-10 09:00:00 195,072 ----a-w c:\windows\system32\mui\0410\xpsp1res.dll
+ 2008-04-13 18:35:23 195,072 ----a-w c:\windows\system32\mui\0410\xpsp1res.dll
- 2004-08-10 09:00:00 769,536 ----a-w c:\windows\system32\mui\0410\xpsp2res.dll
+ 2008-04-13 18:37:22 769,536 ----a-w c:\windows\system32\mui\0410\xpsp2res.dll
+ 2008-04-13 18:39:28 658,432 ------w c:\windows\system32\mui\0410\xpsp3res.dll
- 2004-08-10 09:00:00 275,456 ----a-w c:\windows\system32\mui\0411\xpob2res.dll
+ 2008-04-13 18:40:44 275,456 ----a-w c:\windows\system32\mui\0411\xpob2res.dll
- 2004-08-10 09:00:00 171,008 ----a-w c:\windows\system32\mui\0411\xpsp1res.dll
+ 2008-04-13 18:35:23 171,008 ----a-w c:\windows\system32\mui\0411\xpsp1res.dll
- 2004-08-10 09:00:00 562,688 ----a-w c:\windows\system32\mui\0411\xpsp2res.dll
+ 2008-04-13 18:37:34 562,688 ----a-w c:\windows\system32\mui\0411\xpsp2res.dll
+ 2008-04-13 18:39:49 412,672 ------w c:\windows\system32\mui\0411\xpsp3res.dll
- 2004-08-10 09:00:00 306,688 ----a-w c:\windows\system32\mui\0412\xpob2res.dll
+ 2008-04-13 18:40:48 306,688 ----a-w c:\windows\system32\mui\0412\xpob2res.dll
- 2004-08-10 09:00:00 167,936 ----a-w c:\windows\system32\mui\0412\xpsp1res.dll
+ 2008-04-13 18:35:23 167,936 ----a-w c:\windows\system32\mui\0412\xpsp1res.dll
- 2004-08-10 09:00:00 543,744 ----a-w c:\windows\system32\mui\0412\xpsp2res.dll
+ 2008-04-13 18:37:37 543,744 ----a-w c:\windows\system32\mui\0412\xpsp2res.dll
+ 2008-04-13 18:39:49 392,704 ------w c:\windows\system32\mui\0412\xpsp3res.dll
- 2004-08-10 09:00:00 401,920 ----a-w c:\windows\system32\mui\0413\xpob2res.dll
+ 2008-04-13 18:40:44 401,920 ----a-w c:\windows\system32\mui\0413\xpob2res.dll
- 2004-08-10 09:00:00 196,096 ----a-w c:\windows\system32\mui\0413\xpsp1res.dll
+ 2008-04-13 18:35:25 196,096 ----a-w c:\windows\system32\mui\0413\xpsp1res.dll
- 2004-08-10 09:00:00 769,024 ----a-w c:\windows\system32\mui\0413\xpsp2res.dll
+ 2008-04-13 18:38:00 769,024 ----a-w c:\windows\system32\mui\0413\xpsp2res.dll
+ 2008-04-13 18:39:47 645,120 ------w c:\windows\system32\mui\0413\xpsp3res.dll
- 2004-08-10 09:00:00 353,792 ----a-w c:\windows\system32\mui\0414\xpob2res.dll

blacklogman · 2009/03/05

+ 2008-04-13 18:40:44 353,792 ----a-w c:\windows\system32\mui\0414\xpob2res.dll
- 2004-08-10 09:00:00 189,440 ----a-w c:\windows\system32\mui\0414\xpsp1res.dll
+ 2008-04-13 18:35:25 189,440 ----a-w c:\windows\system32\mui\0414\xpsp1res.dll
- 2004-08-10 09:00:00 716,288 ----a-w c:\windows\system32\mui\0414\xpsp2res.dll
+ 2008-04-13 18:38:02 716,288 ----a-w c:\windows\system32\mui\0414\xpsp2res.dll
+ 2008-04-13 18:39:48 591,872 ------w c:\windows\system32\mui\0414\xpsp3res.dll
- 2004-08-10 09:00:00 391,680 ----a-w c:\windows\system32\mui\0415\xpob2res.dll
+ 2008-04-13 18:40:47 391,680 ----a-w c:\windows\system32\mui\0415\xpob2res.dll
- 2004-08-10 09:00:00 194,560 ----a-w c:\windows\system32\mui\0415\xpsp1res.dll
+ 2008-04-13 18:35:26 194,560 ----a-w c:\windows\system32\mui\0415\xpsp1res.dll
- 2004-08-10 09:00:00 759,808 ----a-w c:\windows\system32\mui\0415\xpsp2res.dll
+ 2008-04-13 18:38:05 759,808 ----a-w c:\windows\system32\mui\0415\xpsp2res.dll
+ 2008-04-13 18:39:52 641,024 ------w c:\windows\system32\mui\0415\xpsp3res.dll
- 2004-08-10 09:00:00 409,600 ----a-w c:\windows\system32\mui\0416\xpob2res.dll
+ 2008-04-13 18:40:10 409,600 ----a-w c:\windows\system32\mui\0416\xpob2res.dll
- 2004-08-10 09:00:00 192,512 ----a-w c:\windows\system32\mui\0416\xpsp1res.dll
+ 2008-04-13 18:35:08 192,512 ----a-w c:\windows\system32\mui\0416\xpsp1res.dll
- 2004-08-10 09:00:00 752,128 ----a-w c:\windows\system32\mui\0416\xpsp2res.dll
+ 2008-04-13 18:35:43 752,128 ----a-w c:\windows\system32\mui\0416\xpsp2res.dll
+ 2008-04-13 18:38:56 620,032 ------w c:\windows\system32\mui\0416\xpsp3res.dll
- 2004-08-10 09:00:00 190,464 ----a-w c:\windows\system32\mui\0418\xpsp1res.dll
+ 2008-04-13 18:35:27 190,464 ----a-w c:\windows\system32\mui\0418\xpsp1res.dll
- 2004-08-10 09:00:00 427,008 ----a-w c:\windows\system32\mui\0419\xpob2res.dll
+ 2008-04-13 18:40:50 427,008 ----a-w c:\windows\system32\mui\0419\xpob2res.dll
- 2004-08-10 09:00:00 192,512 ----a-w c:\windows\system32\mui\0419\xpsp1res.dll
+ 2008-04-13 18:35:27 192,512 ----a-w c:\windows\system32\mui\0419\xpsp1res.dll
- 2004-08-10 09:00:00 736,768 ----a-w c:\windows\system32\mui\0419\xpsp2res.dll
+ 2008-04-13 18:38:28 736,768 ----a-w c:\windows\system32\mui\0419\xpsp2res.dll
+ 2008-04-13 18:39:56 627,200 ------w c:\windows\system32\mui\0419\xpsp3res.dll
- 2004-08-10 09:00:00 188,928 ----a-w c:\windows\system32\mui\041a\xpsp1res.dll
+ 2008-04-13 18:35:21 188,928 ----a-w c:\windows\system32\mui\041a\xpsp1res.dll
- 2004-08-10 09:00:00 405,504 ----a-w c:\windows\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ----a-w c:\windows\system32\mui\041b\xpob2res.dll
- 2004-08-10 09:00:00 193,024 ----a-w c:\windows\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\041b\xpsp1res.dll
- 2004-08-10 09:00:00 757,248 ----a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ----a-w c:\windows\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ------w c:\windows\system32\mui\041b\xpsp3res.dll
- 2004-08-10 09:00:00 363,520 ----a-w c:\windows\system32\mui\041D\xpob2res.dll
+ 2008-04-13 18:40:56 363,008 ----a-w c:\windows\system32\mui\041D\xpob2res.dll
- 2004-08-10 09:00:00 188,928 ----a-w c:\windows\system32\mui\041D\xpsp1res.dll
+ 2008-04-13 18:35:28 188,928 ----a-w c:\windows\system32\mui\041D\xpsp1res.dll
- 2004-08-10 09:00:00 724,992 ----a-w c:\windows\system32\mui\041D\xpsp2res.dll
+ 2008-04-13 18:38:47 724,480 ----a-w c:\windows\system32\mui\041D\xpsp2res.dll
+ 2008-04-13 18:40:05 590,848 ------w c:\windows\system32\mui\041D\xpsp3res.dll
- 2004-08-10 09:00:00 188,416 ----a-w c:\windows\system32\mui\041e\xpsp1res.dll
+ 2008-04-13 18:35:29 188,416 ----a-w c:\windows\system32\mui\041e\xpsp1res.dll
- 2004-08-10 09:00:00 390,144 ----a-w c:\windows\system32\mui\041f\xpob2res.dll
+ 2008-04-13 18:41:00 390,144 ----a-w c:\windows\system32\mui\041f\xpob2res.dll
- 2004-08-10 09:00:00 188,928 ----a-w c:\windows\system32\mui\041f\xpsp1res.dll
+ 2008-04-13 18:35:30 188,928 ----a-w c:\windows\system32\mui\041f\xpsp1res.dll
- 2004-08-10 09:00:00 724,480 ----a-w c:\windows\system32\mui\041f\xpsp2res.dll
+ 2008-04-13 18:38:51 724,480 ----a-w c:\windows\system32\mui\041f\xpsp2res.dll
+ 2008-04-13 18:40:09 592,896 ------w c:\windows\system32\mui\041f\xpsp3res.dll
- 2004-08-10 09:00:00 408,576 ----a-w c:\windows\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ----a-w c:\windows\system32\mui\0424\xpob2res.dll
- 2004-08-10 09:00:00 192,512 ----a-w c:\windows\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w c:\windows\system32\mui\0424\xpsp1res.dll
- 2004-08-10 09:00:00 732,160 ----a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ----a-w c:\windows\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ------w c:\windows\system32\mui\0424\xpsp3res.dll
- 2004-08-10 09:00:00 187,392 ----a-w c:\windows\system32\mui\0425\xpsp1res.dll
+ 2008-04-13 18:35:11 186,880 ----a-w c:\windows\system32\mui\0425\xpsp1res.dll
- 2004-08-10 09:00:00 188,928 ----a-w c:\windows\system32\mui\0426\xpsp1res.dll
+ 2008-04-13 18:35:24 188,928 ----a-w c:\windows\system32\mui\0426\xpsp1res.dll
- 2004-08-10 09:00:00 189,952 ----a-w c:\windows\system32\mui\0427\xpsp1res.dll
+ 2008-04-13 18:35:24 189,952 ----a-w c:\windows\system32\mui\0427\xpsp1res.dll
- 2004-08-10 09:00:00 270,336 ----a-w c:\windows\system32\mui\0804\xpob2res.dll
+ 2008-04-13 18:40:24 270,336 ----a-w c:\windows\system32\mui\0804\xpob2res.dll
- 2004-08-10 09:00:00 161,280 ----a-w c:\windows\system32\mui\0804\xpsp1res.dll
+ 2008-04-13 18:35:06 161,280 ----a-w c:\windows\system32\mui\0804\xpsp1res.dll
- 2004-08-10 09:00:00 470,016 ----a-w c:\windows\system32\mui\0804\xpsp2res.dll
+ 2008-04-13 18:35:54 470,016 ----a-w c:\windows\system32\mui\0804\xpsp2res.dll
+ 2008-04-13 18:39:03 322,560 ------w c:\windows\system32\mui\0804\xpsp3res.dll
- 2004-08-10 09:00:00 435,200 ----a-w c:\windows\system32\mui\0816\xpob2res.dll
+ 2008-04-13 18:40:48 435,200 ----a-w c:\windows\system32\mui\0816\xpob2res.dll
- 2004-08-10 09:00:00 194,560 ----a-w c:\windows\system32\mui\0816\xpsp1res.dll
+ 2008-04-13 18:35:26 194,560 ----a-w c:\windows\system32\mui\0816\xpsp1res.dll
- 2004-08-10 09:00:00 751,616 ----a-w c:\windows\system32\mui\0816\xpsp2res.dll
+ 2008-04-13 18:38:06 751,616 ----a-w c:\windows\system32\mui\0816\xpsp2res.dll
+ 2008-04-13 18:39:53 639,488 ------w c:\windows\system32\mui\0816\xpsp3res.dll
- 2004-08-10 09:00:00 446,464 ----a-w c:\windows\system32\mui\0C0A\xpob2res.dll
+ 2008-04-13 18:40:30 446,464 ----a-w c:\windows\system32\mui\0C0A\xpob2res.dll
- 2004-08-10 09:00:00 196,096 ----a-w c:\windows\system32\mui\0C0A\xpsp1res.dll
+ 2008-04-13 18:35:11 196,096 ----a-w c:\windows\system32\mui\0C0A\xpsp1res.dll
- 2004-08-10 09:00:00 773,632 ----a-w c:\windows\system32\mui\0C0A\xpsp2res.dll
+ 2008-04-13 18:36:38 773,632 ----a-w c:\windows\system32\mui\0C0A\xpsp2res.dll
+ 2008-04-13 18:39:13 648,704 ------w c:\windows\system32\mui\0C0A\xpsp3res.dll
- 2004-08-10 09:00:00 90,624 ----a-w c:\windows\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w c:\windows\system32\mydocs.dll
- 2004-08-10 07:43:28 1,742,336 ----a-w c:\windows\system32\mypixdx.scr
+ 2004-08-10 07:43:28 1,759,744 ----a-w c:\windows\system32\mypixdx.scr
+ 2008-04-14 00:12:01 30,208 ------w c:\windows\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w c:\windows\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w c:\windows\system32\napstat.exe
- 2004-08-10 09:00:00 53,760 ----a-w c:\windows\system32\narrator.exe
+ 2008-04-14 00:12:29 70,656 ----a-w c:\windows\system32\narrator.exe
- 2004-08-10 07:43:22 3,343,360 ----a-w c:\windows\system32\nature.scr
+ 2004-08-10 07:43:22 3,360,768 ----a-w c:\windows\system32\nature.scr
- 2004-08-10 09:00:00 36,352 ----a-w c:\windows\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w c:\windows\system32\ncobjapi.dll
- 2004-08-10 09:00:00 17,920 ----a-w c:\windows\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w c:\windows\system32\nddeapi.dll
- 2004-08-10 09:00:00 4,096 ----a-w c:\windows\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w c:\windows\system32\nddeapir.exe
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w c:\windows\system32\nddenb32.dll
- 2004-08-10 09:00:00 42,496 ----a-w c:\windows\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w c:\windows\system32\net.exe
- 2004-08-10 09:00:00 124,928 ----a-w c:\windows\system32\net1.exe
+ 2008-04-14 00:12:29 142,336 ----a-w c:\windows\system32\net1.exe
- 2008-10-15 16:57:55 332,800 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2004-08-10 09:00:00 622,080 ----a-w c:\windows\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w c:\windows\system32\netcfgx.dll
- 2004-08-10 09:00:00 111,104 ----a-w c:\windows\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w c:\windows\system32\netdde.exe
- 2004-08-10 09:00:00 139,264 ----a-w c:\windows\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w c:\windows\system32\netid.dll
- 2004-08-10 09:00:00 407,040 ----a-w c:\windows\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w c:\windows\system32\netlogon.dll
- 2005-08-22 18:29:46 197,632 ----a-w c:\windows\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w c:\windows\system32\netman.dll
- 2004-08-10 09:00:00 875,008 ----a-w c:\windows\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w c:\windows\system32\netplwiz.dll
- 2004-08-10 09:00:00 12,288 ----a-w c:\windows\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w c:\windows\system32\netrap.dll
- 2004-08-10 09:00:00 329,728 ----a-w c:\windows\system32\netsetup.exe
+ 2008-04-14 00:16:51 329,728 ----a-w c:\windows\system32\netsetup.exe
- 2004-08-10 09:00:00 86,016 ----a-w c:\windows\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w c:\windows\system32\netsh.exe
- 2005-06-21 14:00:18 1,705,472 ----a-w c:\windows\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w c:\windows\system32\netshell.dll
- 2004-08-10 09:00:00 36,864 ----a-w c:\windows\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w c:\windows\system32\netstat.exe
- 2004-08-10 09:00:00 80,896 ----a-w c:\windows\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w c:\windows\system32\netui0.dll
- 2004-08-10 09:00:00 245,760 ----a-w c:\windows\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w c:\windows\system32\netui1.dll
- 2004-08-10 09:00:00 248,832 ----a-w c:\windows\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w c:\windows\system32\newdev.dll
- 2004-08-10 09:00:00 103,936 ----a-w c:\windows\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w c:\windows\system32\nlhtml.dll
- 2004-08-10 09:00:00 28,672 ----a-w c:\windows\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w c:\windows\system32\nmmkcert.dll
+ 2009-03-02 16:57:59 79,872 --sha-w c:\windows\system32\norulabo.dll
- 2004-08-10 09:00:00 69,120 ----a-w c:\windows\system32\notepad.exe
+ 2008-04-14 00:12:29 86,528 ----a-w c:\windows\system32\notepad.exe
- 2004-08-10 09:00:00 57,344 ----a-w c:\windows\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w c:\windows\system32\npp\ndisnpp.dll
- 2004-08-10 09:00:00 15,360 ----a-w c:\windows\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w c:\windows\system32\npp\nppagent.exe
- 2004-08-10 09:00:00 54,784 ----a-w c:\windows\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w c:\windows\system32\npptools.dll
- 2004-08-10 09:00:00 76,800 ----a-w c:\windows\system32\nslookup.exe
+ 2008-04-14 00:12:29 94,208 ----a-w c:\windows\system32\nslookup.exe
- 2004-08-10 09:00:00 1,200,128 ----a-w c:\windows\system32\ntbackup.exe
+ 2008-04-14 00:12:30 1,217,536 ----a-w c:\windows\system32\ntbackup.exe
- 2004-08-10 09:00:00 708,096 ----a-w c:\windows\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w c:\windows\system32\ntdll.dll
- 2004-08-10 09:00:00 67,072 ----a-w c:\windows\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w c:\windows\system32\ntdsapi.dll
- 2008-08-14 09:18:46 2,020,864 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2004-08-10 09:00:00 43,520 ----a-w c:\windows\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w c:\windows\system32\ntlanman.dll
- 2004-08-10 09:00:00 8,192 ----a-w c:\windows\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w c:\windows\system32\ntlsapi.dll
- 2004-08-10 09:00:00 118,784 ----a-w c:\windows\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w c:\windows\system32\ntmarta.dll
- 2004-08-10 09:00:00 40,960 ----a-w c:\windows\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w c:\windows\system32\ntmsapi.dll
- 2004-08-10 09:00:00 179,712 ----a-w c:\windows\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w c:\windows\system32\ntmsdba.dll
- 2004-08-10 09:00:00 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w c:\windows\system32\ntmsmgr.dll
- 2004-08-10 09:00:00 435,200 ----a-w c:\windows\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w c:\windows\system32\ntmssvc.dll
- 2008-08-14 09:55:01 2,142,720 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 10:09:26 2,145,280 ----a-w c:\windows\system32\ntoskrnl.exe
- 2004-08-10 09:00:00 91,136 ----a-w c:\windows\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w c:\windows\system32\ntprint.dll
- 2004-08-10 09:00:00 143,872 ----a-w c:\windows\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w c:\windows\system32\ntshrui.dll
- 2004-08-10 09:00:00 419,840 ----a-w c:\windows\system32\ntvdm.exe
+ 2008-04-14 00:12:30 437,760 ----a-w c:\windows\system32\ntvdm.exe
- 2004-08-10 09:00:00 13,312 ----a-w c:\windows\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\ntvdmd.dll
- 2004-08-04 04:56:46 4,274,816 ----a-w c:\windows\system32\nv4_disp.dll
+ 2008-04-14 00:12:02 4,274,816 ----a-w c:\windows\system32\nv4_disp.dll
+ 2009-03-02 16:55:37 262,144 ----a-w c:\windows\system32\nvtpm32.dll
- 2006-10-13 12:35:12 64,000 ----a-w c:\windows\system32\nwapi32.dll
+ 2008-04-14 00:12:02 64,000 ----a-w c:\windows\system32\nwapi32.dll
- 2006-10-13 12:35:12 142,336 ----a-w c:\windows\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w c:\windows\system32\nwprovau.dll
- 2006-10-13 12:35:12 65,536 ----a-w c:\windows\system32\nwwks.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\nwwks.dll
+ 2004-08-10 09:00:00 257,536 ----a-w c:\windows\system32\nxtepad.exe
- 2004-08-10 09:00:00 266,752 ----a-w c:\windows\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w c:\windows\system32\oakley.dll
- 2004-08-10 09:00:00 285,696 ----a-w c:\windows\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w c:\windows\system32\objsel.dll
- 2008-10-16 20:38:39 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-12-20 23:15:38 102,912 ----a-w c:\windows\system32\occache.dll
- 2004-08-10 09:00:00 60,928 ----a-w c:\windows\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\ocmanage.dll
- 2004-08-10 09:00:00 249,856 ----a-w c:\windows\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w c:\windows\system32\odbc32.dll
- 2004-08-10 09:00:00 16,384 ----a-w c:\windows\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w c:\windows\system32\odbc32gt.dll
- 2004-08-10 09:00:00 32,768 ----a-w c:\windows\system32\odbcad32.exe
+ 2008-04-14 00:12:30 53,248 ----a-w c:\windows\system32\odbcad32.exe
- 2004-08-10 09:00:00 24,576 ----a-w c:\windows\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w c:\windows\system32\odbcbcp.dll
- 2004-08-10 09:00:00 135,168 ----a-w c:\windows\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w c:\windows\system32\odbcconf.dll
- 2004-08-10 09:00:00 69,632 ----a-w c:\windows\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w c:\windows\system32\odbcconf.exe
- 2004-08-10 09:00:00 106,496 ----a-w c:\windows\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w c:\windows\system32\odbccp32.dll
- 2004-08-10 09:00:00 65,536 ----a-w c:\windows\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccr32.dll
- 2004-08-10 09:00:00 65,536 ----a-w c:\windows\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w c:\windows\system32\odbccu32.dll
- 2004-08-10 09:00:00 94,208 ----a-w c:\windows\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w c:\windows\system32\odbcint.dll
- 2004-08-10 09:00:00 53,279 ----a-w c:\windows\system32\odbcji32.dll
+ 2008-04-14 00:10:31 53,279 ----a-w c:\windows\system32\odbcji32.dll
- 2004-08-10 09:00:00 278,559 ----a-w c:\windows\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w c:\windows\system32\odbcjt32.dll
- 2004-08-10 09:00:00 12,288 ----a-w c:\windows\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w c:\windows\system32\odbcp32r.dll
- 2004-08-10 09:00:00 147,456 ----a-w c:\windows\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w c:\windows\system32\odbctrac.dll
- 2004-08-10 09:00:00 20,511 ----a-w c:\windows\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\oddbse32.dll
- 2004-08-10 09:00:00 20,510 ----a-w c:\windows\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odexl32.dll
- 2004-08-10 09:00:00 20,510 ----a-w c:\windows\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odfox32.dll
- 2004-08-10 09:00:00 20,510 ----a-w c:\windows\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w c:\windows\system32\odpdx32.dll
- 2004-08-10 09:00:00 20,511 ----a-w c:\windows\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w c:\windows\system32\odtext32.dll
- 2004-08-10 09:00:00 120,832 ----a-w c:\windows\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w c:\windows\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w c:\windows\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w c:\windows\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w c:\windows\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w c:\windows\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w c:\windows\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w c:\windows\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w c:\windows\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w c:\windows\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 ----a-w c:\windows\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w c:\windows\system32\oledlg.dll
- 2004-08-10 09:00:00 107,008 ----a-w c:\windows\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w c:\windows\system32\oleprn.dll
- 2004-08-10 09:00:00 83,456 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w c:\windows\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w c:\windows\system32\onex.dll
- 2004-08-10 09:00:00 122,368 ----a-w c:\windows\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w c:\windows\system32\oobe\msobcomm.dll
- 2004-08-10 09:00:00 16,384 ----a-w c:\windows\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w c:\windows\system32\oobe\msobdl.dll
- 2004-08-10 09:00:00 561,664 ----a-w c:\windows\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w c:\windows\system32\oobe\msobmain.dll
- 2004-08-10 09:00:00 30,720 ----a-w c:\windows\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w c:\windows\system32\oobe\msobshel.dll
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w c:\windows\system32\oobe\msobweb.dll
- 2004-08-10 09:00:00 28,160 ----a-w c:\windows\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w c:\windows\system32\oobe\msoobe.exe
- 2004-08-10 09:00:00 51,200 ----a-w c:\windows\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w c:\windows\system32\oobe\oobebaln.exe
- 2004-08-10 09:00:00 67,584 ----a-w c:\windows\system32\openfiles.exe
+ 2008-04-14 00:12:31 67,584 ----a-w c:\windows\system32\openfiles.exe
- 2004-08-10 09:00:00 713,728 ----a-w c:\windows\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w c:\windows\system32\opengl32.dll
- 2004-08-10 09:00:00 215,552 ----a-w c:\windows\system32\osk.exe
+ 2008-04-14 00:12:31 232,960 ----a-w c:\windows\system32\osk.exe
- 2004-08-10 09:00:00 67,584 ----a-w c:\windows\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\osuninst.dll
- 2004-08-10 09:00:00 116,224 ----a-w c:\windows\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ----a-w c:\windows\system32\p2p.dll
- 2004-08-10 09:00:00 86,016 ----a-w c:\windows\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\p2pgasvc.dll
- 2004-08-10 09:00:00 312,320 ----a-w c:\windows\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ----a-w c:\windows\system32\p2pgraph.dll
- 2004-08-10 09:00:00 88,064 ----a-w c:\windows\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ----a-w c:\windows\system32\p2pnetsh.dll
- 2004-08-10 09:00:00 526,848 ----a-w c:\windows\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ----a-w c:\windows\system32\p2psvc.dll
- 2004-08-10 09:00:00 58,368 ----a-w c:\windows\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w c:\windows\system32\packager.exe
- 2004-08-10 09:00:00 62,976 ----a-w c:\windows\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w c:\windows\system32\pautoenr.dll
+ 2008-04-14 00:11:56 2,176 ----a-w c:\windows\system32\pcistub.sys
- 2004-08-10 09:00:00 283,648 ----a-w c:\windows\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w c:\windows\system32\pdh.dll
- 2008-12-15 17:04:30 65,044 ----a-w c:\windows\system32\perfc009.dat
+ 2009-02-01 01:16:36 65,044 ----a-w c:\windows\system32\perfc009.dat
- 2004-08-10 09:00:00 39,936 ----a-w c:\windows\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w c:\windows\system32\perfctrs.dll
- 2004-08-10 09:00:00 26,624 ----a-w c:\windows\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w c:\windows\system32\perfdisk.dll
- 2008-12-15 17:04:30 410,574 ----a-w c:\windows\system32\perfh009.dat
+ 2009-02-01 01:16:37 410,574 ----a-w c:\windows\system32\perfh009.dat
- 2004-08-10 09:00:00 15,872 ----a-w c:\windows\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w c:\windows\system32\perfmon.exe
- 2004-08-10 09:00:00 16,896 ----a-w c:\windows\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w c:\windows\system32\perfnet.dll
- 2004-08-10 09:00:00 25,088 ----a-w c:\windows\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w c:\windows\system32\perfos.dll
- 2004-08-10 09:00:00 34,816 ----a-w c:\windows\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w c:\windows\system32\perfproc.dll
- 2006-10-24 16:30:20 412,160 ----a-w c:\windows\system32\photometadatahandler.dll
+ 2008-04-14 00:12:02 412,160 ----a-w c:\windows\system32\photometadatahandler.dll
- 2004-08-10 09:00:00 176,128 ----a-w c:\windows\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w c:\windows\system32\photowiz.dll
- 2004-08-10 09:00:00 35,328 ----a-w c:\windows\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w c:\windows\system32\pid.dll
- 2004-08-10 09:00:00 24,064 ----a-w c:\windows\system32\pidgen.dll
+ 2008-04-14 00:11:09 24,064 ----a-w c:\windows\system32\pidgen.dll
- 2004-08-10 09:00:00 17,920 ----a-w c:\windows\system32\ping.exe
+ 2008-04-14 00:12:31 34,816 ----a-w c:\windows\system32\ping.exe
- 2004-08-10 09:00:00 15,360 ----a-w c:\windows\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\pjlmon.dll
- 2008-10-16 20:38:39 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2004-08-10 09:00:00 48,640 ----a-w c:\windows\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ----a-w c:\windows\system32\pnrpnsp.dll
- 2004-08-10 09:00:00 105,472 ----a-w c:\windows\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w c:\windows\system32\polstore.dll
- 2004-08-10 09:00:00 49,152 ----a-w c:\windows\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ----a-w c:\windows\system32\powercfg.exe
- 2004-08-10 09:00:00 17,408 ----a-w c:\windows\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w c:\windows\system32\powrprof.dll
- 2004-08-10 09:00:00 560,640 ----a-w c:\windows\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w c:\windows\system32\printui.dll
- 2004-08-10 09:00:00 27,648 ----a-w c:\windows\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w c:\windows\system32\profmap.dll
- 2004-08-10 09:00:00 109,568 ----a-w c:\windows\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w c:\windows\system32\progman.exe
- 2004-08-10 09:00:00 50,176 ----a-w c:\windows\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\proquota.exe
- 2004-11-17 03:52:20 126,976 ----a-w c:\windows\system32\Prounstl.exe
+ 2004-11-17 03:52:20 147,456 ----a-w c:\windows\system32\Prounstl.exe
- 2004-08-10 09:00:00 9,216 ----a-w c:\windows\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ----a-w c:\windows\system32\proxycfg.exe
- 2004-08-10 09:00:00 23,040 ----a-w c:\windows\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w c:\windows\system32\psapi.dll
- 2004-08-10 09:00:00 96,768 ----a-w c:\windows\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w c:\windows\system32\psbase.dll
- 2004-08-10 09:00:00 43,520 ----a-w c:\windows\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\pstorec.dll
- 2004-08-10 09:00:00 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w c:\windows\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 150,528 ------w c:\windows\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w c:\windows\system32\qagentrt.dll
- 2004-08-10 09:00:00 16,896 ----a-w c:\windows\system32\qappsrv.exe
+ 2004-08-10 09:00:00 34,304 ----a-w c:\windows\system32\qappsrv.exe
- 2004-08-10 09:00:00 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w c:\windows\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w c:\windows\system32\qcliprov.dll
- 2004-08-10 09:00:00 279,040 ----a-w c:\windows\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w c:\windows\system32\qdv.dll
- 2005-06-28 17:55:08 385,024 ----a-w c:\windows\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w c:\windows\system32\qdvd.dll
- 2004-08-10 09:00:00 562,176 ----a-w c:\windows\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w c:\windows\system32\qedit.dll
- 2004-08-10 09:00:00 733,696 ----a-w c:\windows\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w c:\windows\system32\qedwipes.dll
+ 2009-03-02 16:58:09 129,024 --sha-w c:\windows\system32\qgcgdp.dll
- 2004-08-10 09:00:00 382,464 ----a-w c:\windows\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w c:\windows\system32\qmgr.dll
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w c:\windows\system32\qmgrprxy.dll
- 2004-08-10 09:00:00 20,480 ----a-w c:\windows\system32\qprocess.exe
+ 2008-04-14 00:12:32 36,864 ----a-w c:\windows\system32\qprocess.exe
- 2008-05-07 04:55:40 1,288,192 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w c:\windows\system32\quartz.dll
- 2006-06-22 05:06:30 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w c:\windows\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ------w c:\windows\system32\qutil.dll
- 2004-08-10 09:00:00 43,520 ----a-w c:\windows\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w c:\windows\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w c:\windows\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w c:\windows\system32\rasadhlp.dll
- 2004-08-10 09:00:00 236,544 ----a-w c:\windows\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\rasapi32.dll
- 2004-08-10 09:00:00 89,088 ----a-w c:\windows\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w c:\windows\system32\rasauto.dll
- 2004-08-10 09:00:00 69,632 ----a-w c:\windows\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w c:\windows\system32\raschap.dll
- 2004-08-10 09:00:00 657,920 ----a-w c:\windows\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w c:\windows\system32\rasdlg.dll
- 2004-08-10 09:00:00 61,440 ----a-w c:\windows\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w c:\windows\system32\rasman.dll
- 2006-06-22 10:47:18 181,248 ----a-w c:\windows\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w c:\windows\system32\rasmans.dll
- 2004-08-10 09:00:00 56,832 ----a-w c:\windows\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w c:\windows\system32\rasphone.exe
- 2004-08-10 09:00:00 206,336 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w c:\windows\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ------w c:\windows\system32\rasqec.dll
- 2004-08-10 09:00:00 16,896 ----a-w c:\windows\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w c:\windows\system32\rassapi.dll
- 2004-08-10 09:00:00 58,880 ----a-w c:\windows\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w c:\windows\system32\rastapi.dll
- 2004-08-10 09:00:00 112,128 ----a-w c:\windows\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w c:\windows\system32\rastls.dll
- 2004-08-10 09:00:00 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w c:\windows\system32\rcbdyctl.dll
- 2004-08-10 09:00:00 35,840 ----a-w c:\windows\system32\rcimlby.exe
+ 2008-04-14 00:12:32 53,248 ----a-w c:\windows\system32\rcimlby.exe
- 2004-08-10 09:00:00 21,504 ----a-w c:\windows\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w c:\windows\system32\rcp.exe
- 2004-08-10 09:00:00 147,968 ----a-w c:\windows\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w c:\windows\system32\rdchost.dll
- 2004-08-10 09:00:00 62,464 ----a-w c:\windows\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w c:\windows\system32\rdpclip.exe
- 2004-08-10 09:00:00 92,168 ----a-w c:\windows\system32\rdpdd.dll
+ 2008-04-14 00:13:22 92,424 ----a-w c:\windows\system32\rdpdd.dll
- 2004-08-10 09:00:00 19,968 ----a-w c:\windows\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w c:\windows\system32\rdpsnd.dll
- 2004-08-10 09:00:00 87,176 ----a-w c:\windows\system32\rdpwsx.dll
+ 2008-04-14 00:13:22 87,176 ----a-w c:\windows\system32\rdpwsx.dll
- 2004-08-10 09:00:00 13,824 ----a-w c:\windows\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w c:\windows\system32\rdsaddin.exe
- 2004-08-10 09:00:00 67,072 ----a-w c:\windows\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w c:\windows\system32\rdshost.exe
- 2004-08-10 09:00:00 50,176 ----a-w c:\windows\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w c:\windows\system32\reg.exe
- 2004-08-10 09:00:00 49,664 ----a-w c:\windows\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w c:\windows\system32\regapi.dll
- 2004-08-10 09:00:00 59,904 ----a-w c:\windows\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w c:\windows\system32\regsvc.dll
- 2004-08-10 09:00:00 11,776 ----a-w c:\windows\system32\regsvr32.exe
+ 2008-04-14 00:12:32 28,672 ----a-w c:\windows\system32\regsvr32.exe
- 2004-08-10 09:00:00 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w c:\windows\system32\regwizc.dll
+ 2004-08-10 09:00:00 20,992 ----a-w c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\hid.dll
+ 2004-08-10 09:00:00 36,224 ----a-w c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\hidclass.sys
+ 2006-01-11 00:48:53 19,200 ----a-w c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\hidir.sys
+ 2004-08-10 09:00:00 24,960 ----a-w c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\hidparse.sys
+ 2004-08-10 09:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\intelppm.sys
+ 2006-01-11 00:48:58 46,592 ----a-w c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\IrBus.sys
+ 2004-08-10 09:00:00 20,992 ----a-w c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\hid.dll
+ 2004-08-10 09:00:00 36,224 ----a-w c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\hidclass.sys
+ 2006-01-11 00:48:53 19,200 ----a-w c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\hidir.sys
+ 2004-08-10 09:00:00 24,960 ----a-w c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\hidparse.sys
+ 2004-08-10 09:00:00 36,096 ----a-w c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\intelppm.sys
+ 2004-08-12 21:45:54 137,728 ----a-w c:\windows\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.sys
+ 2006-01-11 00:48:58 46,592 ----a-w c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\IrBus.sys
- 2004-08-10 09:00:00 60,416 ----a-w c:\windows\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w c:\windows\system32\remotepg.dll
- 2004-08-10 09:00:00 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 397,312 ----a-w c:\windows\system32\Restore\rstrui.exe
- 2004-08-10 09:00:00 58,880 ----a-w c:\windows\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w c:\windows\system32\resutils.dll
- 2004-08-10 09:00:00 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w c:\windows\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ------w c:\windows\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w c:\windows\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w c:\windows\system32\riched20.dll
- 2004-08-10 09:00:00 19,968 ----a-w c:\windows\system32\route.exe
+ 2004-08-10 09:00:00 37,376 ----a-w c:\windows\system32\route.exe
- 2007-07-09 13:16:16 582,656 ----a-w c:\windows\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w c:\windows\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w c:\windows\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w c:\windows\system32\rpcss.dll
- 2004-08-10 09:00:00 152,576 ----a-w c:\windows\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w c:\windows\system32\rsaenh.dll
- 2004-08-10 09:00:00 14,848 ----a-w c:\windows\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w c:\windows\system32\rsh.exe
- 2004-08-10 09:00:00 39,936 ----a-w c:\windows\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w c:\windows\system32\rshx32.dll
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w c:\windows\system32\rsmps.dll
- 2004-08-10 09:00:00 107,520 ----a-w c:\windows\system32\rsnotify.exe
+ 2008-04-14 00:12:33 107,520 ----a-w c:\windows\system32\rsnotify.exe

blacklogman · 2009/03/05

- 2004-08-10 09:00:00 90,112 ----a-w c:\windows\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w c:\windows\system32\rsvpsp.dll
- 2004-08-10 09:00:00 77,312 ----a-w c:\windows\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w c:\windows\system32\rtcshare.exe
- 2004-08-10 09:00:00 31,744 ----a-w c:\windows\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w c:\windows\system32\rtipxmib.dll
- 2004-08-10 09:00:00 44,032 ----a-w c:\windows\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w c:\windows\system32\rtutils.dll
- 2004-08-10 09:00:00 33,280 ----a-w c:\windows\system32\rundll32.exe
+ 2008-04-14 00:12:33 50,688 ----a-w c:\windows\system32\rundll32.exe
- 2004-08-10 09:00:00 14,336 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:33 31,744 ----a-w c:\windows\system32\runonce.exe
+ 2008-04-14 00:12:04 9,728 ------w c:\windows\system32\rwnh.dll
+ 2008-04-14 00:12:04 397,056 ------w c:\windows\system32\s3gnb.dll
- 2004-08-10 09:00:00 43,520 ----a-w c:\windows\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w c:\windows\system32\safrcdlg.dll
- 2004-08-10 09:00:00 29,696 ----a-w c:\windows\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w c:\windows\system32\safrdm.dll
- 2004-08-10 09:00:00 45,568 ----a-w c:\windows\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w c:\windows\system32\safrslv.dll
- 2004-08-10 09:00:00 64,000 ----a-w c:\windows\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w c:\windows\system32\samlib.dll
- 2004-08-10 09:00:00 415,744 ----a-w c:\windows\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w c:\windows\system32\samsrv.dll
- 2004-08-10 09:00:00 13,312 ----a-w c:\windows\system32\savedump.exe
+ 2008-04-14 00:12:33 30,208 ----a-w c:\windows\system32\savedump.exe
- 2004-08-10 09:00:00 159,232 ----a-w c:\windows\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w c:\windows\system32\sbeio.dll
- 2004-08-10 09:00:00 69,632 ----a-w c:\windows\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w c:\windows\system32\scarddlg.dll
- 2004-08-10 09:00:00 95,744 ----a-w c:\windows\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w c:\windows\system32\scardsvr.exe
- 2004-08-10 09:00:00 171,008 ----a-w c:\windows\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w c:\windows\system32\sccsccp.dll
- 2004-08-10 09:00:00 180,224 ----a-w c:\windows\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w c:\windows\system32\scecli.dll
- 2004-08-10 09:00:00 313,856 ----a-w c:\windows\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w c:\windows\system32\scesrv.dll
- 2007-04-25 14:21:15 144,896 ----a-w c:\windows\system32\schannel.dll
+ 2008-04-14 00:12:05 144,384 ----a-w c:\windows\system32\schannel.dll
- 2004-08-10 09:00:00 190,976 ----a-w c:\windows\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w c:\windows\system32\schedsvc.dll
- 2004-08-10 09:00:00 121,856 ----a-w c:\windows\system32\schtasks.exe
+ 2008-04-14 00:12:34 121,856 ----a-w c:\windows\system32\schtasks.exe
- 2004-08-10 09:00:00 20,992 ----a-w c:\windows\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w c:\windows\system32\sclgntfy.dll
- 2004-08-10 09:00:00 9,216 ----a-w c:\windows\system32\scrnsave.scr
+ 2008-04-14 00:12:43 26,112 ----a-w c:\windows\system32\scrnsave.scr
- 2004-08-10 09:00:00 159,744 ----a-w c:\windows\system32\scrobj.dll
+ 2008-05-09 10:53:39 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2004-08-10 09:00:00 151,552 ----a-w c:\windows\system32\scrrun.dll
+ 2008-05-09 10:53:40 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2004-08-10 09:00:00 77,312 ----a-w c:\windows\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w c:\windows\system32\sdbinst.exe
- 2004-08-10 09:00:00 29,184 ----a-w c:\windows\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sdhcinst.dll
- 2004-08-10 09:00:00 18,432 ----a-w c:\windows\system32\secedit.exe
+ 2008-04-14 00:12:34 18,944 ----a-w c:\windows\system32\secedit.exe
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w c:\windows\system32\seclogon.dll
- 2004-08-10 09:00:00 55,808 ----a-w c:\windows\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\secur32.dll
- 2004-08-10 09:00:00 5,632 ----a-w c:\windows\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w c:\windows\system32\security.dll
- 2004-08-10 09:00:00 29,184 ----a-w c:\windows\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w c:\windows\system32\sendcmsg.dll
- 2004-08-10 09:00:00 55,296 ----a-w c:\windows\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w c:\windows\system32\sendmail.dll
- 2004-08-10 09:00:00 38,912 ----a-w c:\windows\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w c:\windows\system32\sens.dll
- 2004-08-10 09:00:00 6,656 ----a-w c:\windows\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w c:\windows\system32\sensapi.dll
- 2004-08-10 09:00:00 56,320 ----a-w c:\windows\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w c:\windows\system32\servdeps.dll
- 2004-08-10 09:00:00 108,032 ----a-w c:\windows\system32\services.exe
+ 2008-04-14 00:12:34 108,544 ----a-w c:\windows\system32\services.exe
- 2004-08-10 09:00:00 140,800 ----a-w c:\windows\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w c:\windows\system32\sessmgr.exe
- 2004-08-10 09:00:00 31,232 ----a-w c:\windows\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w c:\windows\system32\sethc.exe
- 2004-08-10 09:00:00 23,040 ----a-w c:\windows\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w c:\windows\system32\setup.exe
- 2004-08-10 09:00:00 259,584 ----a-w c:\windows\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w c:\windows\system32\Setup\comsetup.dll
- 2004-08-10 09:00:00 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll
- 2004-08-10 09:00:00 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll
- 2004-08-10 09:00:00 505,344 ----a-w c:\windows\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w c:\windows\system32\Setup\iis.dll
- 2004-08-10 09:00:00 115,712 ----a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w c:\windows\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w c:\windows\system32\Setup\koc.dll
- 2004-08-10 09:00:00 82,432 ----a-w c:\windows\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w c:\windows\system32\Setup\msdtcstp.dll
- 2004-08-10 09:00:00 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll
- 2004-08-10 09:00:00 169,984 ----a-w c:\windows\system32\Setup\msmqocm.dll
+ 2008-04-14 00:12:00 170,496 ----a-w c:\windows\system32\Setup\msmqocm.dll
- 2004-08-10 09:00:00 77,312 ----a-w c:\windows\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w c:\windows\system32\Setup\netoc.dll
- 2004-08-10 09:00:00 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll
- 2004-08-10 09:00:00 15,872 ----a-w c:\windows\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w c:\windows\system32\Setup\ocgen.dll
- 2004-08-10 09:00:00 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll
- 2004-08-10 09:00:00 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll
- 2004-08-10 09:00:00 33,792 ----a-w c:\windows\system32\Setup\tabletoc.dll
+ 2008-04-14 00:12:07 33,792 ----a-w c:\windows\system32\Setup\tabletoc.dll
- 2004-08-10 09:00:00 121,856 ----a-w c:\windows\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w c:\windows\system32\Setup\tsoc.dll
- 2004-08-10 09:00:00 983,552 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 09:42:06 985,088 ----a-w c:\windows\system32\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w c:\windows\system32\setupn.exe
- 2004-08-10 09:00:00 5,120 ----a-w c:\windows\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w c:\windows\system32\sfc.dll
- 2004-08-10 09:00:00 140,288 ----a-w c:\windows\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w c:\windows\system32\sfc_os.dll
- 2004-08-10 09:00:00 1,580,544 ----a-w c:\windows\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w c:\windows\system32\sfcfiles.dll
- 2004-08-10 09:00:00 549,376 ----a-w c:\windows\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w c:\windows\system32\shdoclc.dll
- 2006-10-23 15:34:22 1,497,600 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-04-14 00:12:05 1,499,136 ----a-w c:\windows\system32\shdocvw.dll
- 2007-10-26 03:34:01 8,460,288 ----a-w c:\windows\system32\shell32.dll
+ 2008-06-17 19:02:19 8,461,312 ----a-w c:\windows\system32\shell32.dll
- 2004-08-10 09:00:00 25,088 ----a-w c:\windows\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w c:\windows\system32\shfolder.dll
- 2004-08-10 09:00:00 68,096 ----a-w c:\windows\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w c:\windows\system32\shgina.dll
- 2004-08-10 09:00:00 65,536 ----a-w c:\windows\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w c:\windows\system32\shimeng.dll
- 2004-08-10 09:00:00 438,272 ----a-w c:\windows\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w c:\windows\system32\shimgvw.dll
- 2006-10-23 15:34:22 474,112 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w c:\windows\system32\shlwapi.dll
- 2004-08-10 09:00:00 151,552 ----a-w c:\windows\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w c:\windows\system32\shmedia.dll
- 2004-08-10 09:00:00 42,496 ----a-w c:\windows\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w c:\windows\system32\shmgrate.exe
- 2004-08-10 09:00:00 77,824 ----a-w c:\windows\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w c:\windows\system32\shrpubw.exe
- 2004-08-10 09:00:00 27,648 ----a-w c:\windows\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w c:\windows\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w c:\windows\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w c:\windows\system32\shsvcs.dll
- 2004-08-10 09:00:00 19,456 ----a-w c:\windows\system32\shutdown.exe
+ 2008-04-14 00:12:35 36,352 ----a-w c:\windows\system32\shutdown.exe
- 2004-08-10 09:00:00 13,312 ----a-w c:\windows\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w c:\windows\system32\sigtab.dll
- 2004-08-10 09:00:00 70,144 ----a-w c:\windows\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w c:\windows\system32\sigverif.exe
- 2004-08-10 09:00:00 26,112 ----a-w c:\windows\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w c:\windows\system32\skeys.exe
- 2004-08-10 09:00:00 25,088 ----a-w c:\windows\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w c:\windows\system32\slayerxp.dll
- 2004-08-10 09:00:00 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w c:\windows\system32\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w c:\windows\system32\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w c:\windows\system32\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w c:\windows\system32\slgen.dll
+ 2008-04-14 00:12:35 32,866 ------w c:\windows\system32\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w c:\windows\system32\slserv.exe
- 2004-08-10 09:00:00 8,192 ----a-w c:\windows\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ----a-w c:\windows\system32\smbinst.exe
- 2004-08-10 09:00:00 363,008 ----a-w c:\windows\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w c:\windows\system32\smlogcfg.dll
- 2004-08-10 09:00:00 89,600 ----a-w c:\windows\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w c:\windows\system32\smlogsvc.exe
- 2004-08-10 09:00:00 50,688 ----a-w c:\windows\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w c:\windows\system32\smss.exe
+ 2008-04-14 00:12:06 10,752 ------w c:\windows\system32\smtpapi.dll
- 2004-08-10 09:00:00 131,584 ----a-w c:\windows\system32\sndrec32.exe
+ 2008-04-14 00:12:36 148,480 ----a-w c:\windows\system32\sndrec32.exe
- 2004-08-10 09:00:00 138,752 ----a-w c:\windows\system32\sndvol32.exe
+ 2004-08-10 09:00:00 156,160 ----a-w c:\windows\system32\sndvol32.exe
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w c:\windows\system32\snmpapi.dll
- 2004-08-10 09:00:00 182,272 ----a-w c:\windows\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w c:\windows\system32\snmpsnap.dll
- 2004-08-10 09:00:00 56,832 ----a-w c:\windows\system32\sol.exe
+ 2004-08-10 09:00:00 73,728 ----a-w c:\windows\system32\sol.exe
+ 2004-08-10 09:00:00 65,536 ----a-w c:\windows\system32\sopidkc.exe
- 2004-08-10 09:00:00 23,552 ----a-w c:\windows\system32\sort.exe
+ 2008-04-14 00:12:36 41,472 ----a-w c:\windows\system32\sort.exe
+ 2009-03-02 00:39:56 79,872 ------w c:\windows\system32\sosikupi.dll
- 2004-08-10 07:43:22 7,093,760 ----a-w c:\windows\system32\space.scr
+ 2004-08-10 07:43:22 7,110,656 ----a-w c:\windows\system32\space.scr
+ 2008-04-14 00:12:36 7,680 ----a-w c:\windows\system32\spdwnwxp.exe
- 2004-08-10 09:00:00 538,624 ----a-w c:\windows\system32\spider.exe
+ 2008-04-14 00:12:36 555,520 ----a-w c:\windows\system32\spider.exe
- 2004-08-10 09:00:00 12,800 ----a-w c:\windows\system32\spiisupd.exe
+ 2008-04-13 18:43:31 12,800 ----a-w c:\windows\system32\spiisupd.exe
- 2007-07-27 14:41:40 16,760 ----a-w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:38:24 17,272 ------w c:\windows\system32\spmsg.dll
- 2004-08-10 09:00:00 11,776 ----a-w c:\windows\system32\spnpinst.exe
+ 2008-04-14 09:42:38 11,264 ----a-w c:\windows\system32\spnpinst.exe
- 2005-09-15 10:05:24 188,416 ----a-w c:\windows\system32\spool\drivers\w32x86\3\dlcfunst.exe
+ 2005-09-15 10:05:24 208,896 ----a-w c:\windows\system32\spool\drivers\w32x86\3\dlcfunst.exe
- 2004-08-10 09:00:00 452,096 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSAPI.DLL
+ 2008-04-14 00:11:53 451,584 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsapi.dll
- 2004-08-10 09:00:00 27,136 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSDRV.DLL
+ 2008-04-14 00:11:54 26,624 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsdrv.dll
- 2004-08-10 09:00:00 6,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSRES.DLL
+ 2008-04-14 00:09:33 6,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsres.dll
- 2004-08-10 09:00:00 397,312 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSTIFF.DLL
+ 2008-04-14 00:11:54 397,312 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxstiff.dll
- 2004-08-10 09:00:00 154,112 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSUI.DLL
+ 2008-04-14 00:11:54 154,112 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxsui.dll
- 2004-08-10 09:00:00 192,512 ----a-w c:\windows\system32\spool\drivers\w32x86\3\FXSWZRD.DLL
+ 2008-04-14 00:11:54 192,512 ----a-w c:\windows\system32\spool\drivers\w32x86\3\fxswzrd.dll
- 1980-06-03 03:00:00 135,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\Ps5UI.dll
+ 2008-04-14 00:12:03 728,576 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ps5ui.dll
- 1980-06-03 03:00:00 470,608 ----a-w c:\windows\system32\spool\drivers\w32x86\3\pscript5.dll
+ 2008-04-14 00:12:03 543,232 ----a-w c:\windows\system32\spool\drivers\w32x86\3\pscript5.dll
- 2004-08-04 05:56:48 264,704 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2008-04-14 00:12:07 373,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
- 2004-08-04 05:56:48 197,120 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2008-04-14 00:12:07 744,448 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
- 2004-08-04 05:56:36 619,520 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2007-05-15 08:08:53 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unires.dll
- 2004-08-10 09:00:00 74,752 ----a-w c:\windows\system32\spoolss.dll
+ 2008-04-14 00:12:06 75,264 ----a-w c:\windows\system32\spoolss.dll
- 2006-10-16 20:10:58 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-08-11 00:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-04-14 00:12:36 20,992 ------w c:\windows\system32\spupdwxp.exe
- 2004-08-10 09:00:00 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w c:\windows\system32\sqlsrv32.dll
- 2004-08-10 09:00:00 180,800 ----a-w c:\windows\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w c:\windows\system32\sqlunirl.dll
- 2004-08-10 09:00:00 67,584 ----a-w c:\windows\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w c:\windows\system32\srclient.dll
- 2004-08-10 09:00:00 239,104 ----a-w c:\windows\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w c:\windows\system32\srrstr.dll
- 2004-08-10 09:00:00 170,496 ----a-w c:\windows\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w c:\windows\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w c:\windows\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w c:\windows\system32\srvsvc.dll
- 2004-08-10 09:00:00 704,512 ----a-w c:\windows\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 724,992 ----a-w c:\windows\system32\ss3dfo.scr
- 2004-08-10 09:00:00 19,968 ----a-w c:\windows\system32\ssbezier.scr
+ 2008-04-14 00:12:43 37,376 ----a-w c:\windows\system32\ssbezier.scr
- 2004-08-10 09:00:00 34,816 ----a-w c:\windows\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w c:\windows\system32\ssdpapi.dll
- 2004-08-10 09:00:00 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w c:\windows\system32\ssdpsrv.dll
- 2004-08-10 09:00:00 393,216 ----a-w c:\windows\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 413,696 ----a-w c:\windows\system32\ssflwbox.scr
- 2004-08-10 09:00:00 20,992 ----a-w c:\windows\system32\ssmarque.scr
+ 2008-04-14 00:12:44 37,888 ----a-w c:\windows\system32\ssmarque.scr
- 2004-08-10 09:00:00 47,104 ----a-w c:\windows\system32\ssmypics.scr
+ 2008-04-14 00:12:44 64,000 ----a-w c:\windows\system32\ssmypics.scr
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\ssmyst.scr
+ 2008-04-14 00:12:44 36,352 ----a-w c:\windows\system32\ssmyst.scr
- 2004-08-10 09:00:00 610,304 ----a-w c:\windows\system32\sspipes.scr
+ 2008-04-14 00:12:44 630,784 ----a-w c:\windows\system32\sspipes.scr
- 2004-08-10 09:00:00 14,336 ----a-w c:\windows\system32\ssstars.scr
+ 2008-04-14 00:12:44 31,744 ----a-w c:\windows\system32\ssstars.scr
- 2004-08-10 09:00:00 679,936 ----a-w c:\windows\system32\sstext3d.scr
+ 2008-04-14 00:12:44 700,416 ----a-w c:\windows\system32\sstext3d.scr
- 2004-08-10 09:00:00 54,272 ----a-w c:\windows\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w c:\windows\system32\stclient.dll
- 2004-08-10 09:00:00 67,584 ----a-w c:\windows\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w c:\windows\system32\sti.dll
- 2004-08-10 09:00:00 136,704 ----a-w c:\windows\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w c:\windows\system32\sti_ci.dll
- 2004-08-10 09:00:00 14,848 ----a-w c:\windows\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w c:\windows\system32\stimon.exe
- 2004-08-10 09:00:00 121,856 ----a-w c:\windows\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w c:\windows\system32\stobject.dll
- 2004-08-04 04:56:46 74,752 ----a-w c:\windows\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w c:\windows\system32\storprop.dll
- 2008-10-03 10:15:47 247,326 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2004-08-10 09:00:00 75,776 ----a-w c:\windows\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w c:\windows\system32\strmfilt.dll
- 2004-08-10 09:00:00 14,336 ----a-w c:\windows\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w c:\windows\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w c:\windows\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w c:\windows\system32\sxs.dll
- 2004-08-10 09:00:00 57,856 ----a-w c:\windows\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\synceng.dll
- 2004-08-10 09:00:00 191,488 ----a-w c:\windows\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w c:\windows\system32\syncui.dll
- 2004-08-10 09:00:00 105,984 ----a-w c:\windows\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w c:\windows\system32\sysocmgr.exe
- 2004-08-10 09:00:00 984,576 ----a-w c:\windows\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w c:\windows\system32\syssetup.dll
- 2004-08-10 09:00:00 68,096 ----a-w c:\windows\system32\systeminfo.exe
+ 2008-04-14 00:12:36 71,680 ----a-w c:\windows\system32\systeminfo.exe
- 2005-10-17 21:14:46 118,272 ----a-w c:\windows\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w c:\windows\system32\t2embed.dll
+ 2009-03-02 00:40:02 84,992 --sha-w c:\windows\system32\tafukore.dll
- 2004-08-10 09:00:00 858,624 ----a-w c:\windows\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w c:\windows\system32\tapi3.dll
- 2004-08-10 09:00:00 181,760 ----a-w c:\windows\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w c:\windows\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w c:\windows\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w c:\windows\system32\tapisrv.dll
- 2004-08-10 09:00:00 72,192 ----a-w c:\windows\system32\taskkill.exe
+ 2008-04-14 00:12:37 76,288 ----a-w c:\windows\system32\taskkill.exe
- 2004-08-10 09:00:00 72,192 ----a-w c:\windows\system32\tasklist.exe
+ 2008-04-14 00:12:37 77,824 ----a-w c:\windows\system32\tasklist.exe
- 2004-08-10 09:00:00 135,680 ----a-w c:\windows\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w c:\windows\system32\taskmgr.exe
- 2004-08-10 09:00:00 14,848 ----a-w c:\windows\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w c:\windows\system32\tcpmib.dll
- 2004-08-10 09:00:00 45,568 ----a-w c:\windows\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmon.dll
- 2004-08-10 09:00:00 45,568 ----a-w c:\windows\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w c:\windows\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 ----a-w c:\windows\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w c:\windows\system32\telnet.exe
- 2004-08-10 09:00:00 358,400 ----a-w c:\windows\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w c:\windows\system32\termmgr.dll
- 2008-04-15 14:53:29 295,424 ----a-w c:\windows\system32\termsrv.dll
+ 2008-04-15 15:17:37 295,424 ----a-w c:\windows\system32\termsrv.dll
- 2004-08-10 09:00:00 385,536 ----a-w c:\windows\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w c:\windows\system32\themeui.dll
- 2004-08-10 09:00:00 61,440 ----a-w c:\windows\system32\tlntadmn.exe
+ 2008-04-14 00:12:37 61,440 ----a-w c:\windows\system32\tlntadmn.exe
- 2004-08-10 09:00:00 78,336 ----a-w c:\windows\system32\tlntsess.exe
+ 2008-04-14 00:12:37 78,336 ----a-w c:\windows\system32\tlntsess.exe
- 2004-08-10 09:00:00 73,216 ----a-w c:\windows\system32\tlntsvr.exe
+ 2008-04-14 00:12:38 73,216 ----a-w c:\windows\system32\tlntsvr.exe
- 2004-08-10 09:00:00 7,168 ----a-w c:\windows\system32\tlntsvrp.dll
+ 2008-04-14 00:12:07 7,168 ----a-w c:\windows\system32\tlntsvrp.dll
- 2004-08-10 09:00:00 347,136 ----a-w c:\windows\system32\tourstart.exe
+ 2008-04-14 00:12:38 364,032 ----a-w c:\windows\system32\tourstart.exe
- 2004-08-10 09:00:00 259,584 ----a-w c:\windows\system32\tracerpt.exe
+ 2008-04-14 00:12:38 259,584 ----a-w c:\windows\system32\tracerpt.exe
- 2004-08-10 09:00:00 12,288 ----a-w c:\windows\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w c:\windows\system32\tracert.exe
- 2004-08-10 09:00:00 11,264 ----a-w c:\windows\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w c:\windows\system32\tree.com
- 2004-08-10 09:00:00 90,624 ----a-w c:\windows\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w c:\windows\system32\trkwks.dll
- 2004-08-10 09:00:00 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w c:\windows\system32\tscfgwmi.dll
- 2004-08-10 09:00:00 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w c:\windows\system32\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w c:\windows\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ------w c:\windows\system32\tspkg.dll
- 2004-08-10 09:00:00 44,032 ----a-w c:\windows\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w c:\windows\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w c:\windows\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w c:\windows\system32\txflog.dll
- 2008-10-22 09:47:07 62,976 ----a-w c:\windows\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ----a-w c:\windows\system32\tzchange.exe
- 2004-08-10 09:00:00 25,600 ----a-w c:\windows\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w c:\windows\system32\udhisapi.dll
- 2004-08-10 09:00:00 275,456 ----a-w c:\windows\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w c:\windows\system32\ulib.dll
- 2004-08-10 09:00:00 35,840 ----a-w c:\windows\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w c:\windows\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w c:\windows\system32\umpnpmgr.dll
+ 2004-08-10 09:00:00 32,768 ----a-w c:\windows\system32\umtcdtw.sys
- 2004-08-10 09:00:00 74,240 ----a-w c:\windows\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w c:\windows\system32\unimdmat.dll
- 2004-08-10 09:00:00 13,824 ----a-w c:\windows\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w c:\windows\system32\uniplat.dll
- 2004-08-10 09:00:00 316,416 ----a-w c:\windows\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w c:\windows\system32\untfs.dll
- 2004-08-10 09:00:00 132,608 ----a-w c:\windows\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w c:\windows\system32\upnp.dll
- 2004-08-10 09:00:00 16,896 ----a-w c:\windows\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w c:\windows\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w c:\windows\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w c:\windows\system32\upnphost.dll
- 2004-08-10 09:00:00 239,616 ----a-w c:\windows\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w c:\windows\system32\upnpui.dll
- 2004-08-10 09:00:00 18,432 ----a-w c:\windows\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w c:\windows\system32\ups.exe
- 2008-10-16 20:38:39 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-12-20 23:15:39 105,984 ----a-w c:\windows\system32\url.dll
- 2008-10-16 20:38:39 1,160,192 ----a-w c:\windows\system32\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2004-08-10 09:00:00 16,896 ----a-w c:\windows\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w c:\windows\system32\usbmon.dll
- 2004-08-04 04:56:48 74,240 ----a-w c:\windows\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w c:\windows\system32\usbui.

blacklogman · 2009/03/05

- 2004-08-10 09:00:00 723,456 ----a-w c:\windows\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w c:\windows\system32\userenv.dll
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\system32\usmt\cobramsg.dll
- 2004-08-10 09:00:00 123,904 ----a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w c:\windows\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w c:\windows\system32\usmt\guitrna.dll
- 2004-08-10 09:00:00 4,096 ----a-w c:\windows\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w c:\windows\system32\usmt\iconlib.dll
- 2004-08-10 09:00:00 19,968 ----a-w c:\windows\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w c:\windows\system32\usmt\log.dll
- 2004-08-10 09:00:00 201,216 ----a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w c:\windows\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w c:\windows\system32\usmt\migisma.dll
- 2004-08-10 09:00:00 103,424 ----a-w c:\windows\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w c:\windows\system32\usmt\migload.exe
- 2004-08-10 09:00:00 240,128 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 262,144 ----a-w c:\windows\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w c:\windows\system32\usmt\migwiza.exe
- 2004-08-10 09:00:00 202,752 ----a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w c:\windows\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w c:\windows\system32\usmt\scripta.dll
- 2004-08-10 09:00:00 168,960 ----a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w c:\windows\system32\usmt\sysmoda.dll
- 2004-08-10 09:00:00 406,528 ----a-w c:\windows\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w c:\windows\system32\usp10.dll
- 2004-08-10 09:00:00 50,176 ----a-w c:\windows\system32\utilman.exe
+ 2008-04-14 00:12:38 67,584 ----a-w c:\windows\system32\utilman.exe
- 2004-08-10 09:00:00 218,624 ----a-w c:\windows\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w c:\windows\system32\uxtheme.dll
- 2004-08-10 09:00:00 30,749 ----a-w c:\windows\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w c:\windows\system32\vbajet32.dll
- 2006-11-08 02:03:36 413,696 ----a-w c:\windows\system32\vbscript.dll
+ 2008-05-09 10:53:40 430,080 ----a-w c:\windows\system32\vbscript.dll
- 2004-08-10 09:00:00 26,112 ----a-w c:\windows\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w c:\windows\system32\vdmdbg.dll
- 2004-08-10 09:00:00 51,712 ----a-w c:\windows\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w c:\windows\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ----a-w c:\windows\system32\verclsid.exe
+ 2008-04-14 00:12:38 45,568 ----a-w c:\windows\system32\verclsid.exe
- 2004-08-10 09:00:00 13,312 ----a-w c:\windows\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w c:\windows\system32\verifier.dll
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\version.dll
- 2004-08-04 04:56:48 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
+ 2008-04-14 00:12:08 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
+ 2004-08-10 09:00:00 104,448 ----a-w c:\windows\system32\vgfbime.dll
- 2004-08-10 09:00:00 430,592 ----a-w c:\windows\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w c:\windows\system32\vssapi.dll
- 2004-08-10 09:00:00 289,792 ----a-w c:\windows\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w c:\windows\system32\vssvc.exe
- 2004-08-10 09:00:00 174,592 ----a-w c:\windows\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w c:\windows\system32\w32time.dll
- 2004-08-10 09:00:00 15,872 ----a-w c:\windows\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w c:\windows\system32\w3ssl.dll
- 2004-08-10 09:00:00 17,664 ----a-w c:\windows\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w c:\windows\system32\watchdog.sys
- 2004-08-10 09:00:00 208,896 ----a-w c:\windows\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w c:\windows\system32\wavemsp.dll
- 2004-08-10 09:00:00 1,352,192 ----a-w c:\windows\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w c:\windows\system32\wbem\cimwin32.dll
- 2004-08-10 09:00:00 45,568 ----a-w c:\windows\system32\wbem\CmdEvTgProv.dll
+ 2008-04-14 00:11:53 45,056 ----a-w c:\windows\system32\wbem\cmdevtgprov.dll
- 2004-08-10 09:00:00 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w c:\windows\system32\wbem\esscli.dll
- 2004-08-10 09:00:00 22,016 ----a-w c:\windows\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w c:\windows\system32\wbem\evntrprv.dll
- 2004-08-10 09:00:00 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll
- 2004-08-10 09:00:00 185,856 ----a-w c:\windows\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w c:\windows\system32\wbem\framedyn.dll
- 2004-08-10 09:00:00 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll
- 2004-08-10 09:00:00 16,384 ----a-w c:\windows\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 33,280 ----a-w c:\windows\system32\wbem\mofcomp.exe
- 2004-08-10 09:00:00 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w c:\windows\system32\wbem\mofd.dll
- 2004-08-10 09:00:00 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll
- 2004-08-10 09:00:00 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll
- 2004-08-10 09:00:00 92,672 ----a-w c:\windows\system32\wbem\policman.dll
+ 2008-04-14 00:12:02 92,672 ----a-w c:\windows\system32\wbem\policman.dll
- 2004-08-10 09:00:00 237,056 ----a-w c:\windows\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w c:\windows\system32\wbem\provthrd.dll
- 2004-08-10 09:00:00 177,152 ----a-w c:\windows\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w c:\windows\system32\wbem\repdrvfs.dll
- 2004-08-10 09:00:00 36,864 ----a-w c:\windows\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 53,248 ----a-w c:\windows\system32\wbem\scrcons.exe
- 2004-08-10 09:00:00 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll
- 2004-08-10 09:00:00 16,896 ----a-w c:\windows\system32\wbem\unsecapp.exe
+ 2004-08-10 09:00:00 34,304 ----a-w c:\windows\system32\wbem\unsecapp.exe
- 2004-08-10 09:00:00 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll
- 2004-08-10 09:00:00 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll
- 2004-08-10 09:00:00 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll
- 2004-08-10 09:00:00 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll
- 2004-08-10 09:00:00 530,944 ----a-w c:\windows\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w c:\windows\system32\wbem\wbemcore.dll
- 2004-08-10 09:00:00 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll
- 2004-08-10 09:00:00 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll
- 2004-08-10 09:00:00 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll
- 2004-08-10 09:00:00 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll
- 2004-08-10 09:00:00 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll
- 2004-08-10 09:00:00 116,224 ----a-w c:\windows\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 133,632 ----a-w c:\windows\system32\wbem\wbemtest.exe
- 2004-08-10 09:00:00 197,120 ----a-w c:\windows\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w c:\windows\system32\wbem\wbemupgd.dll
- 2004-08-10 09:00:00 13,312 ----a-w c:\windows\system32\wbem\winmgmt.exe
+ 2004-08-10 09:00:00 30,208 ----a-w c:\windows\system32\wbem\winmgmt.exe
- 2004-08-10 09:00:00 196,608 ----a-w c:\windows\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 213,504 ----a-w c:\windows\system32\wbem\wmiadap.exe
- 2004-08-10 09:00:00 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll
- 2004-08-10 09:00:00 89,088 ----a-w c:\windows\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w c:\windows\system32\wbem\wmiaprpl.dll
- 2004-08-10 09:00:00 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 143,360 ----a-w c:\windows\system32\wbem\wmiapsrv.exe
- 2004-08-10 09:00:00 358,912 ----a-w c:\windows\system32\wbem\wmic.exe
+ 2008-04-14 00:12:40 375,808 ----a-w c:\windows\system32\wbem\wmic.exe
- 2004-08-10 09:00:00 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll
- 2004-08-10 09:00:00 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll
- 2004-08-10 09:00:00 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll
- 2004-08-10 09:00:00 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll
- 2004-08-10 09:00:00 62,464 ----a-w c:\windows\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w c:\windows\system32\wbem\wmipiprt.dll
- 2004-08-10 09:00:00 62,976 ----a-w c:\windows\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w c:\windows\system32\wbem\wmipjobj.dll
- 2004-08-10 09:00:00 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll
- 2004-08-10 09:00:00 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll
- 2004-08-10 09:00:00 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 235,520 ----a-w c:\windows\system32\wbem\wmiprvse.exe
- 2004-08-10 09:00:00 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll
- 2004-08-10 09:00:00 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll
- 2004-08-10 09:00:00 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll
- 2006-03-24 04:37:50 49,152 ----a-w c:\windows\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w c:\windows\system32\wdigest.dll
- 2004-08-04 04:56:58 23,552 ----a-w c:\windows\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w c:\windows\system32\wdmaud.drv
- 2008-10-16 20:38:39 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2006-01-04 03:35:05 68,096 ----a-w c:\windows\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w c:\windows\system32\webclnt.dll
- 2004-08-10 09:00:00 135,680 ----a-w c:\windows\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w c:\windows\system32\webvw.dll
- 2004-08-10 09:00:00 65,536 ----a-w c:\windows\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w c:\windows\system32\wextract.exe
- 2004-08-10 09:00:00 433,664 ----a-w c:\windows\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 450,560 ----a-w c:\windows\system32\wiaacmgr.exe
- 2004-08-10 09:00:00 463,360 ----a-w c:\windows\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w c:\windows\system32\wiadefui.dll
- 2004-08-10 09:00:00 124,416 ----a-w c:\windows\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w c:\windows\system32\wiadss.dll
- 2004-08-10 09:00:00 75,776 ----a-w c:\windows\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w c:\windows\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w c:\windows\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w c:\windows\system32\wiaservc.dll
- 2004-08-10 09:00:00 589,312 ----a-w c:\windows\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w c:\windows\system32\wiashext.dll
- 2004-08-10 09:00:00 111,104 ----a-w c:\windows\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w c:\windows\system32\wiavideo.dll
- 2008-09-15 11:57:41 1,846,016 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 12:12:56 1,846,400 ----a-w c:\windows\system32\win32k.sys
- 2004-08-10 09:00:00 101,888 ----a-w c:\windows\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w c:\windows\system32\win32spl.dll
- 2004-08-10 09:00:00 937,984 ----a-w c:\windows\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w c:\windows\system32\winbrand.dll
- 2006-10-24 16:30:06 716,288 ----a-w c:\windows\system32\WindowsCodecs.dll
+ 2008-04-14 00:12:08 712,704 ----a-w c:\windows\system32\windowscodecs.dll
- 2006-10-24 16:29:50 352,256 ----a-w c:\windows\system32\WindowsCodecsExt.dll
+ 2008-04-14 00:12:08 346,112 ----a-w c:\windows\system32\windowscodecsext.dll
- 2004-08-10 09:00:00 8,192 ----a-w c:\windows\system32\winhlp32.exe
+ 2004-08-10 09:00:00 25,088 ----a-w c:\windows\system32\winhlp32.exe
- 2004-08-10 09:00:00 351,232 ----a-w c:\windows\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w c:\windows\system32\winhttp.dll
- 2008-10-16 20:38:40 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-12-20 23:15:41 826,368 ----a-w c:\windows\system32\wininet.dll
- 2004-08-10 09:00:00 32,768 ----a-w c:\windows\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w c:\windows\system32\winipsec.dll
- 2004-08-10 09:00:00 502,272 ----a-w c:\windows\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w c:\windows\system32\winlogon.exe
- 2004-08-10 09:00:00 119,808 ----a-w c:\windows\system32\winmine.exe
+ 2004-08-10 09:00:00 136,704 ----a-w c:\windows\system32\winmine.exe
- 2004-08-10 09:00:00 176,128 ----a-w c:\windows\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w c:\windows\system32\winmm.dll
- 2004-08-10 09:00:00 764,928 ----a-w c:\windows\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w c:\windows\system32\winntbbu.dll
- 2004-08-10 09:00:00 16,896 ----a-w c:\windows\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w c:\windows\system32\winrnr.dll
- 2004-08-10 09:00:00 99,328 ----a-w c:\windows\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w c:\windows\system32\winscard.dll
- 2004-08-10 09:00:00 17,408 ----a-w c:\windows\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w c:\windows\system32\winshfhc.dll
- 2004-08-10 09:00:00 146,432 ----a-w c:\windows\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w c:\windows\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w c:\windows\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w c:\windows\system32\winsrv.dll
- 2004-08-10 09:00:00 53,760 ----a-w c:\windows\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w c:\windows\system32\winsta.dll
- 2004-08-10 09:00:00 176,640 ----a-w c:\windows\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w c:\windows\system32\wintrust.dll
- 2004-08-10 09:00:00 5,632 ----a-w c:\windows\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w c:\windows\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w c:\windows\system32\wlanapi.dll
- 2004-08-10 09:00:00 172,032 ----a-w c:\windows\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w c:\windows\system32\wldap32.dll
- 2004-08-10 09:00:00 92,672 ----a-w c:\windows\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w c:\windows\system32\wlnotify.dll
- 2004-08-10 09:00:00 5,632 ----a-w c:\windows\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w c:\windows\system32\wmi.dll
- 2004-08-10 09:00:00 20,480 ----a-w c:\windows\system32\wmpcd.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpcd.dll
- 2004-08-10 09:00:00 20,480 ----a-w c:\windows\system32\wmpcore.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpcore.dll
- 2006-10-24 16:30:00 276,992 ----a-w c:\windows\system32\WMPhoto.dll
+ 2008-04-14 00:12:09 276,992 ----a-w c:\windows\system32\wmphoto.dll
- 2004-08-10 09:00:00 20,480 ----a-w c:\windows\system32\wmpui.dll
+ 2008-04-14 00:12:09 20,480 ----a-w c:\windows\system32\wmpui.dll
- 2004-08-10 09:00:00 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w c:\windows\system32\wmsdmoe.dll
- 2004-08-10 09:00:00 303,616 ----a-w c:\windows\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w c:\windows\system32\wmstream.dll
- 2004-08-10 09:00:00 264,192 ----a-w c:\windows\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w c:\windows\system32\wow32.dll
- 2004-08-10 09:00:00 32,256 ----a-w c:\windows\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w c:\windows\system32\wpabaln.exe
- 2004-08-10 07:43:32 4,396,544 ----a-w c:\windows\system32\wpgldfsh.scr
+ 2004-08-10 07:43:32 4,413,440 ----a-w c:\windows\system32\wpgldfsh.scr
- 2004-08-10 09:00:00 32,256 ----a-w c:\windows\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w c:\windows\system32\wpnpinst.exe
- 2004-08-10 09:00:00 82,944 ----a-w c:\windows\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w c:\windows\system32\ws2_32.dll
- 2004-08-10 09:00:00 19,968 ----a-w c:\windows\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w c:\windows\system32\ws2help.dll
- 2004-08-10 09:00:00 13,824 ----a-w c:\windows\system32\wscntfy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w c:\windows\system32\wscntfy.exe
- 2004-08-10 09:00:00 114,688 ----a-w c:\windows\system32\wscript.exe
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\system32\wscript.exe
- 2004-08-10 09:00:00 81,408 ----a-w c:\windows\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w c:\windows\system32\wscsvc.dll
- 2004-08-10 09:00:00 596,992 ----a-w c:\windows\system32\wsecedit.dll
+ 2008-04-14 00:12:10 604,160 ----a-w c:\windows\system32\wsecedit.dll
- 2004-08-10 09:00:00 108,032 ----a-w c:\windows\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w c:\windows\system32\wshbth.dll
- 2004-08-10 09:00:00 28,672 ----a-w c:\windows\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w c:\windows\system32\wshcon.dll
- 2004-08-10 09:00:00 65,536 ----a-w c:\windows\system32\wshext.dll
+ 2008-05-09 10:53:40 90,112 ----a-w c:\windows\system32\wshext.dll
- 2004-08-10 09:00:00 14,336 ----a-w c:\windows\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w c:\windows\system32\wship6.dll
- 2004-08-10 09:00:00 11,776 ----a-w c:\windows\system32\WshRm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w c:\windows\system32\wshrm.dll
- 2004-08-10 09:00:00 19,968 ----a-w c:\windows\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w c:\windows\system32\wshtcpip.dll
- 2004-08-10 09:00:00 42,496 ----a-w c:\windows\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w c:\windows\system32\wsnmp32.dll
- 2004-08-10 09:00:00 22,528 ----a-w c:\windows\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w c:\windows\system32\wsock32.dll
- 2004-08-10 09:00:00 50,688 ----a-w c:\windows\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w c:\windows\system32\wstdecod.dll
- 2004-08-10 09:00:00 18,432 ----a-w c:\windows\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w c:\windows\system32\wtsapi32.dll
- 2004-08-10 09:00:00 6,656 ----a-w c:\windows\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w c:\windows\system32\wuauserv.dll
- 2004-08-10 09:00:00 32,256 ----a-w c:\windows\system32\wupdmgr.exe
+ 2004-08-10 09:00:00 49,664 ----a-w c:\windows\system32\wupdmgr.exe
- 2005-06-21 14:00:18 383,488 ----a-w c:\windows\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w c:\windows\system32\wzcdlg.dll
- 2005-06-21 14:00:18 52,736 ----a-w c:\windows\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w c:\windows\system32\wzcsapi.dll
- 2005-06-21 14:00:18 474,624 ----a-w c:\windows\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w c:\windows\system32\wzcsvc.dll
- 2004-08-10 09:00:00 91,648 ----a-w c:\windows\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w c:\windows\system32\xactsrv.dll
- 2004-08-10 09:00:00 30,720 ----a-w c:\windows\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w c:\windows\system32\xcopy.exe
- 2006-07-14 15:51:51 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2008-04-14 00:12:11 121,856 ----a-w c:\windows\system32\xmllite.dll
- 2004-08-10 09:00:00 129,536 ----a-w c:\windows\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w c:\windows\system32\xmlprov.dll
- 2004-08-10 09:00:00 50,176 ----a-w c:\windows\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w c:\windows\system32\xmlprovi.dll
- 2006-03-01 19:42:42 11,776 ----a-w c:\windows\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w c:\windows\system32\xolehlp.dll
- 2004-08-10 09:00:00 438,784 ----a-w c:\windows\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w c:\windows\system32\xpob2res.dll
- 2004-08-10 09:00:00 187,392 ----a-w c:\windows\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w c:\windows\system32\xpsp1res.dll
- 2004-08-10 09:00:00 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w c:\windows\system32\xpsp2res.dll
- 2007-10-29 10:04:03 350,720 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w c:\windows\system32\xpsp3res.dll
- 2004-08-10 09:00:00 337,920 ----a-w c:\windows\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w c:\windows\system32\zipfldr.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\temp\mta114657.dll
+ 2009-03-02 16:54:57 16,384 ----atw c:\windows\temp\Perflib_Perfdata_dc.dat
- 2004-08-10 09:00:00 50,688 ----a-w c:\windows\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w c:\windows\twain_32.dll
- 2000-08-31 13:00:00 49,152 ----a-w c:\windows\VFIND.exe
+ 2000-08-31 13:00:00 72,548 ----a-w c:\windows\VFIND.exe
- 2004-08-10 09:00:00 283,648 ----a-w c:\windows\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w c:\windows\winhlp32.exe
- 2007-01-19 20:15:24 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-12-02 03:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-02 05:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-02 05:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 05:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-02 05:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2004-08-10 09:00:00 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2004-08-10 09:00:00 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2004-08-10 09:00:00 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
- 2000-08-31 13:00:00 68,096 ----a-w c:\windows\zip.exe
+ 2000-08-31 13:00:00 84,992 ----a-w c:\windows\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{022bd500-c9f9-41f7-b97e-4744f5cce2f9}]
47616 --ahs---- c:\windows\system32\zijifusi.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-12-09 18:40 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a6875d60-575c-44b7-93dd-0cb8516ab219}]
2009-03-02 11:58 129024 --ahs---- c:\windows\system32\qgcgdp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98} "= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98} "= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2008-04-13 32256]
"updateMgr "= "c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 68856]
"prunnet "= "c:\windows\system32\prunnet.exe" [BU]
"comidle "= "c:\documents and settings\Ty Reiber\Application Data\comidle\comidle.exe" [2009-03-01 56832]

blacklogman · 2009/03/05

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "c:\windows\ehome\ehtray.exe" [2005-09-29 84992]
"ATIPTA "= "c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 364544]
"DMXLauncher "= "c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 114688]
"ISUSPM Startup "= "c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 270336]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 102400]
"Google Desktop Search "= "c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-08-22 186880]
"BuildBU "= "c:\dell\bldbubg.exe" [2006-08-22 81920]
"SunJavaUpdateSched "= "c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck "= "c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"AppleSyncNotifier "= "c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2009-01-05 434176]
"iTunesHelper "= "f:\itunes\iTunesHelper.exe" [2009-01-06 290088]
"kepodotiva "= "c:\windows\system32\fowehuri.dll" [ 47616]
"prunnet "= "c:\windows\system32\prunnet.exe" [BU]
"hgcheck "= "c:\windows\system32\hgcheck.exe" [2009-03-01 140232]
"DLCFCATS "= "c:\windows\system32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2005-09-08 73728]
"1405971b "= "c:\windows\system32\norulabo.dll" [2009-03-02 79872]
"CPM1736a487 "= "c:\windows\system32\japuduho.dll" [2009-03-02 84992]
"SigmatelSysTrayApp "= "stsystra.exe" [2006-02-10 c:\windows\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting "= "c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
"comidle "= "c:\documents and settings\Ty Reiber\Application Data\comidle\comidle.exe" [2009-03-01 56832]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 47104]
Extender Resource Monitor.lnk - c:\windows\ehome\RMSysTry.exe [2005-10-20 35840]
HotSync Manager.lnk - c:\program files\Palm\Hotsync.exe [2008-01-03 1413120]
Stardust Screen Saver Control 2003.lnk - c:\windows\SCMain.exe [2004-01-02 374784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} "= "c:\windows\system32\japuduho.dll" [2009-03-02 84992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"SSODL "= {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\japuduho.dll [2009-03-02 84992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashDisp.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashserv.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashSimpl.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avesvc.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdmcon.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdnagent.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdss.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdswitch.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DefWatch.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xcommsvr.exe]
"Debugger "=c:\windows\system32\alg.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\windows\system32\mafoyina.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WZCSVC "=2 (0x2)
"WMPNetworkSvc "=3 (0x3)
"wltrysvc "=2 (0x2)
"iPod Service "=3 (0x3)
"gusvc "=3 (0x3)
"Apple Mobile Device "=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify "=dword:00000001
"AntiVirusOverride "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe "=
"c:\\WINDOWS\\system32\\dpvsetup.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"f:\\iTunes\\iTunes.exe "=
"c:\\WINDOWS\\explorer.exe "=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP "= 3776:UDP:Media Center Extender Service
"3390:TCP "= 3390:TCP:Remote Media Center Experience

R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2009-02-17 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-17 234888]
R2 sopidkc;sopidkc Service;c:\windows\system32\sopidkc.exe [2004-08-10 65536]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-10-16 45132]
S2 BCMLogon;BCMLogon;c:\windows\system32\BCMLogon.dll [2007-12-23 700416]
S3 NdisWDM;Dynex Wireless G USB Network Adapter Service;c:\windows\system32\drivers\NdisWDM.sys [2007-12-23 198528]
S3 pcistub;pcistub;c:\windows\system32\pcistub.sys [2005-08-16 2176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command - I:\loader.exe
\Shell\langenglish\command - i:\setup\i386\msetup.exe lang:english

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80ad45c6-07db-11dc-8bc0-001372e2cf99}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8f4871e-3e92-11db-8b8a-001372e2cf99}]
\Shell\AutoRun\command - f:\jdsecure\Windows\JDSecure31.exe
.
Contents of the 'Scheduled Tasks' folder

2009-02-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
- - - - ORPHANS REMOVED - - - -

BHO-{F1D6C60F-51BA-4539-B77B-541B94CC4234} - c:\windows\system32\prbgadc.dll
HKLM-Explorer_Run-xccinit - c:\windows\system32\inf\rundll33.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com/?src=aim
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ty Reiber\Application Data\Mozilla\Firefox\Profiles\ikwedq45.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/calendar/render?hl=en&sourceid=navclient-ff|https://webmail.psu.edu/|http://www...w-tab.html|http://mail.google.com/mail/#inbox
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\program files\Mozilla Firefox\components\ffwt.dll
FF - plugin: c:\progra~1\Palm\PACKAG~1\NPInstal.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: f:\itunes\Mozilla Plugins\npitunes.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-02 11:55:40
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCFCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

c:\windows\system32\ipukisos.ini 1629035 bytes
c:\windows\system32\tpszxyd.sys 377344 bytes executable
c:\windows\system32\japuduho.dll 84992 bytes executable
c:\windows\system32\begataje.dll 129024 bytes executable

scan completed successfully
hidden files: 4

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(752)
c:\program files\Bonjour\mdnsNSP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\windows\ehome\RMSvc.exe
c:\windows\ehome\McrdSvc.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-03-02 12:00:54 - machine was rebooted [Ty Reiber]
ComboFix-quarantined-files.txt 2009-03-02 17:00:50
ComboFix2.txt 2008-12-15 18:01:40
ComboFix3.txt 2008-03-31 17:21:02

Pre-Run: 8,911,671,296 bytes free
Post-Run: 7,799,578,624 bytes free

7305 --- E O F --- 2009-02-26 09:01:22

Geri · 2009/03/07

Hi

With malware infections being as they are today, it's strongly recommended to have the Windows Recovery Console pre-installed on your machine before doing any malware removal.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Go to Microsoft's website => http://support.microsoft.com/kb/310994

Select the download that's appropriate for your Operating System

Download the file & save it as it's originally named.

---------------------------------------------------------------------

If your internet connection is not working, Transfer all files you just downloaded, to the desktop of the infected computer.

--------------------------------------------------------------------

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Drag the setup package onto ComboFix.exe and drop it.

Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.

At the next prompt, click 'Yes' to run the full ComboFix scan.

Close the Combofix log it produced, Now do this.

Highlight and copy the contents of the code box below and paste it into a blank Notepad, then save it to your desktop as;

Filename: CFScript.txt
Save As Type: All Files (*.*)

Close all other windows and programs. Now drag the CFScript.txt onto ComboFix.exe and drop it, using the left mouse button.
Click here to see how to use CFScript.txt
Combofix should run and may reboot the computer when it's done. A log will open when it's complete. Post the contents of that log.

Please do not click on the ComboFix window while it is running a scan. This can cause it to stall.

**NOTE - Allow ComboFix to update if prompted.
Code:
http://www.windowsbbs.com/malware-virus-removal/82050-active-windows-explorer-canceller-prevent-damage-2.html

Suspect::
c:\windows\explorer.exe

Collect::
c:\windows\system32\qgcgdp.dll
c:\windows\system32\zijifusi.dll
c:\windows\system32\bekurwlv
c:\windows\system32\xagjfiez
c:\windows\system32\hguest.exe
c:\windows\system32\hgcheck.exe
c:\windows\system32\u21195328.dll
c:\windows\system32\fowehuri.dll
c:\documents and settings\Ty Reiber\Application Data\comidle\comidle.exe

File::
c:\windows\system32\2.tmp
c:\windows\system32\8.tmp
c:\windows\system32\4.tmp
c:\windows\system32\giatqt
c:\windows\system32\5.tmp
c:\windows\system32\work.ini
c:\windows\system32\hgset.ini
c:\windows\system32\xssehfikhv
c:\windows\system32\3.tmp
c:\windows\mqcd.dbt
c:\program files\.autoreg

Folder::
c:\documents and settings\Ty Reiber\Application Data\comidle

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "prunnet "=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "prunnet "=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
 "c:\\WINDOWS\\explorer.exe "=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
 "Notification Packages "=hex(7):73,63,65,63,6c,69,00,00 
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashDisp.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashserv.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashSimpl.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avesvc.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdmcon.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdnagent.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdss.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdswitch.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DefWatch.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xcommsvr.exe]

Driver::
sopidkc 
Please post the Combofix log.

Thanks
Geri

blacklogman · 2009/03/15

Geri,

Unfortunately I ran into another problem. I just got back to my computer while I was away for a short time. I had shut my computer down during that time and now I am unable to get my start menu and program shortcuts to come up. I am again getting the message that windows closed it to protect my computer. I was able to download the recovery console by starting a new process and getting to the internet that way. I tried restarting my computer and when it started back up it did this checking process with three phases. It said it deleted several files but it did not prompt me to do anything. Thanks for any help.

Blacklogman

Geri · 2009/03/15

Hi
Can you boot into safe mode?

Geri

blacklogman · 2009/03/16

Sorry When I restarted it all of a sudden decided to work. Here is the log.

ComboFix 09-03-15.01 - Ty Reiber 2009-03-16 12:26:29.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.645 [GMT -4:00]
Running from: c:\documents and settings\Ty Reiber\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Ty Reiber\Desktop\CFScript.txt
AV: AVG 7.5.519 *On-access scanning enabled* (Outdated)
* Created a new restore point

FILE ::
c:\program files\.autoreg
c:\windows\mqcd.dbt
c:\windows\system32\2.tmp
c:\windows\system32\3.tmp
c:\windows\system32\4.tmp
c:\windows\system32\5.tmp
c:\windows\system32\8.tmp
c:\windows\system32\giatqt
c:\windows\system32\hgset.ini
c:\windows\system32\work.ini
c:\windows\system32\xssehfikhv
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\LocalService\Application Data\twain_32
c:\documents and settings\LocalService\Application Data\twain_32\user.ds
c:\documents and settings\Ty Reiber\Application Data\comidle
c:\documents and settings\Ty Reiber\Application Data\comidle\comidle.exe
c:\documents and settings\Ty Reiber\Application Data\comidle\comidle.exe2a9
c:\program files\.autoreg
c:\windows\Install.txt
c:\windows\mqcd.dbt
c:\windows\services.exe
c:\windows\system32\~.exe
c:\windows\system32\2.tmp
c:\windows\system32\3.tmp
c:\windows\system32\4.tmp
c:\windows\system32\5.tmp
c:\windows\system32\7.tmp
c:\windows\system32\8.tmp
c:\windows\system32\9.tmp
c:\windows\system32\A.tmp
c:\windows\system32\afisicx.exe
c:\windows\system32\basukavu.dll
c:\windows\system32\begataje.dll
c:\windows\system32\bekurwlv
c:\windows\system32\C.tmp
c:\windows\system32\comsa32.sys
c:\windows\system32\E.tmp
c:\windows\system32\feloviko.dll
c:\windows\system32\fowehuri.dll
c:\windows\system32\giatqt
c:\windows\system32\hgcheck.exe
c:\windows\system32\hgset.ini
c:\windows\system32\hguest.exe
c:\windows\system32\hisekeke.dll
c:\windows\system32\ipukisos.ini
c:\windows\system32\iwifiris.ini
c:\windows\system32\mabidwe.exe
c:\windows\system32\noregupu.dll
c:\windows\system32\nvaux32.dll
c:\windows\system32\obaluron.ini
c:\windows\system32\qgcgdp.dll
c:\windows\system32\sirifiwi.dll
c:\windows\system32\sopidkc.exe
c:\windows\system32\sys.dat
c:\windows\system32\tpszxyd.sys
c:\windows\system32\twain_32
c:\windows\system32\twain_32\local.ds
c:\windows\system32\twain_32\user.ds
c:\windows\system32\twext.exe
c:\windows\system32\u21195328.dll
c:\windows\system32\wenunuve.dll
c:\windows\system32\wjqznw.dll
c:\windows\system32\work.ini
c:\windows\system32\xagjfiez
c:\windows\system32\xssehfikhv
c:\windows\system32\zijifusi.dll

c:\windows\system32\userinit.exe . . . is infected!!

c:\windows\system32\spoolsv.exe . . . is infected!!

c:\windows\explorer.exe . . . is infected!!

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_6TO4
-------\Legacy_AFISICX
-------\Legacy_DEFAULTLIB
-------\Legacy_MABIDWE
-------\Legacy_SOFTYINFORWOW1
-------\Legacy_SOPIDKC
-------\Service_afisicx
-------\Service_mabidwe
-------\Service_sopidkc

((((((((((((((((((((((((( Files Created from 2009-02-16 to 2009-03-16 )))))))))))))))))))))))))))))))
.

2009-03-16 12:36 . 2009-03-16 12:36 <DIR> d--hs---- c:\windows\system32\twain_32
2009-03-16 12:36 . 2009-03-16 12:38 <DIR> d--hs---- c:\documents and settings\LocalService\Application Data\twain_32
2009-03-16 12:36 . 2009-03-16 12:39 1,362 --a------ c:\windows\system32\twain_32\user.ds
2009-03-16 12:36 . 2009-03-16 12:36 218 --------- c:\windows\system32\twain_32\local.ds
2009-03-16 12:23 . 2009-03-16 12:23 54,784 --a------ c:\windows\system32\21.tmp
2009-03-16 12:23 . 2009-03-16 12:23 84 --a------ c:\windows\system32\1F.tmp
2009-03-16 12:23 . 2009-03-16 12:23 1 --a------ c:\windows\system32\20.tmp
2009-03-16 11:14 . 2009-03-16 11:14 84 --a------ c:\windows\system32\1D.tmp
2009-03-16 11:14 . 2009-03-16 11:14 1 --a------ c:\windows\system32\1E.tmp
2009-03-16 03:40 . 2009-03-16 03:40 55,808 --a------ c:\windows\system32\2E.tmp
2009-03-16 03:40 . 2009-03-16 03:40 84 --a------ c:\windows\system32\2C.tmp
2009-03-16 03:40 . 2009-03-16 03:40 1 --a------ c:\windows\system32\2D.tmp
2009-03-15 22:07 . 2009-03-15 22:07 46,080 --a------ c:\windows\system32\gcc.exe
2009-03-15 22:06 . 2009-03-15 22:06 31,744 --a------ c:\windows\system32\29.tmp
2009-03-15 22:06 . 2009-03-15 22:06 21,374 --a------ c:\windows\system32\2A.tmp
2009-03-15 22:06 . 2009-03-15 22:06 124 --a------ c:\windows\system32\28.tmp
2009-03-06 00:47 . 2009-03-03 19:53 578,560 --a------ c:\windows\system32\ucswobfs
2009-03-06 00:47 . 2009-03-06 00:47 105,984 --a------ c:\windows\system32\1C.tmp
2009-03-06 00:47 . 2009-03-06 00:47 40 --a------ c:\windows\system32\1B.tmp
2009-03-05 17:40 . 2009-03-03 19:53 578,560 --a------ c:\windows\system32\lntsbmr
2009-03-05 17:40 . 2009-03-05 17:40 105,984 --a------ c:\windows\system32\1A.tmp
2009-03-05 17:40 . 2009-03-05 17:40 40 --a------ c:\windows\system32\19.tmp
2009-03-05 10:38 . 2009-03-03 19:53 578,560 --a------ c:\windows\system32\ysdianuwzw
2009-03-05 10:38 . 2009-03-05 10:38 105,984 --a------ c:\windows\system32\18.tmp
2009-03-05 10:38 . 2009-03-05 10:38 40 --a------ c:\windows\system32\17.tmp
2009-03-04 20:26 . 2009-03-04 20:26 <DIR> d-------- c:\program files\iTunes
2009-03-04 17:24 . 2009-03-03 19:53 578,560 --a------ c:\windows\system32\dyoxq
2009-03-04 17:23 . 2009-03-04 17:24 105,984 --a------ c:\windows\system32\16.tmp
2009-03-04 17:23 . 2009-03-04 17:23 40 --a------ c:\windows\system32\15.tmp
2009-03-03 19:55 . 2009-03-03 19:55 64,512 --a------ c:\windows\system32\wer3.pf
2009-03-03 19:55 . 2009-03-03 19:55 32,768 --a------ c:\windows\system32\febbn.wa
2009-03-03 19:53 . 2009-03-03 19:53 105,984 --a------ c:\windows\system32\14.tmp
2009-03-03 19:53 . 2009-03-03 19:53 40 --a------ c:\windows\system32\13.tmp
2009-03-03 16:30 . 2009-03-03 16:30 207,872 --a------ c:\windows\system32\11.tmp
2009-03-03 16:30 . 2009-03-03 16:30 105,984 --a------ c:\windows\system32\12.tmp
2009-03-03 16:30 . 2009-03-03 16:30 124 --a------ c:\windows\system32\F.tmp
2009-03-03 16:30 . 2009-03-03 16:30 1 --a------ c:\windows\system32\10.tmp
2009-03-03 10:50 . 2009-03-02 18:15 578,560 --a------ c:\windows\system32\hlgwsq
2009-03-03 10:50 . 2009-03-03 10:50 40 --a------ c:\windows\system32\D.tmp
2009-03-02 23:03 . 2009-03-02 18:15 578,560 --a------ c:\windows\system32\wabjsolx
2009-03-02 23:03 . 2009-03-02 23:03 40 --a------ c:\windows\system32\B.tmp
2009-03-02 19:20 . 2009-03-02 18:15 578,560 --a------ c:\windows\system32\xaoa
2009-03-02 18:19 . 2009-03-02 18:19 <DIR> d-------- c:\documents and settings\Ty Reiber\Application Data\AVG7
2009-03-02 18:19 . 2009-03-02 18:19 <DIR> d-------- c:\documents and settings\LocalService\Application Data\AVG7
2009-03-02 18:19 . 2009-03-02 18:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\Grisoft
2009-03-02 18:15 . 2009-03-02 18:15 40 --a------ c:\windows\system32\6.tmp
2009-03-02 01:18 . 2009-03-02 01:18 <DIR> d-------- c:\documents and settings\LocalService\Application Data\AdobeUM
2009-02-17 13:42 . 2009-02-17 13:42 <DIR> d-------- c:\program files\AskBarDis
2009-02-17 13:25 . 2009-02-17 13:25 <DIR> d-------- c:\program files\iPod
2009-02-17 13:25 . 2009-02-17 13:25 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-17 13:25 . 2008-04-17 14:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2009-02-17 13:25 . 2008-04-17 14:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-16 16:02 --------- d-----w c:\program files\Dl_cats
2009-03-03 21:44 --------- d-----w c:\program files\QuickTime
2009-03-03 21:43 --------- d-----w c:\program files\Palm
2009-03-03 21:42 --------- d-----w c:\program files\GemMaster
2009-03-03 21:42 --------- d-----w c:\program files\EnglishOtto
2009-03-02 22:20 --------- d-----w c:\documents and settings\All Users\Application Data\Avg7
2009-03-02 16:46 --------- d-----w c:\program files\Common Files\AOL
2009-03-02 16:42 --------- d-----w c:\program files\AIM
2009-03-02 16:41 --------- d-----w c:\documents and settings\Ty Reiber\Application Data\Aim
2009-03-02 02:09 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-02-26 09:08 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-24 03:42 --------- d-----w c:\documents and settings\Ty Reiber\Application Data\Azureus
2009-02-17 17:25 --------- d-----w c:\program files\Common Files\Apple
2009-02-17 17:04 --------- d-----w c:\program files\LimeWire
2009-02-17 16:58 --------- d-----w c:\documents and settings\Ty Reiber\Application Data\LimeWire
2009-02-01 05:54 --------- d-----w c:\program files\Star Alliance Auto Update Conduit (English)
2009-01-19 17:26 --------- d-----w c:\program files\Google
2007-02-08 06:37 251 ----a-w c:\program files\wt3d.ini
2008-03-29 22:47 69,632 ----a-w c:\program files\mozilla firefox\components\ffwt.dll
2006-10-24 02:17 88 --sh--r c:\windows\system32\AB5937B8DB.sys
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\befiteki.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\bumimihu.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\fasagere.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\gewapupa.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\gupegopa.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\henogawe.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\jujimiva.dll
2006-10-24 02:17 3,350 --sha-w c:\windows\system32\KGyGaAvL.sys
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\mezobadi.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\neriyoke.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\piritoni.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\tebubowi.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\tebulufo.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\tibijuve.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\tilevibu.dll
1601-01-01 00:12 125,052 --sha-w c:\windows\system32\yodohala.dll
.
file copied: c:\windows\system32\user32.dll -> c:\qoobox\Quarantine\C\WINDOWS\system32\user32.dll.vir ( 578560 bytes )
Infected c:\windows\system32\user32.dll hex repaired

------- Sigcheck -------

2008-04-13 20:12 1051136 80b9aad7ffad278ca804f57436f54196 c:\windows\explorer.exe
2007-06-13 07:26 1050112 c37fa45cb76ac550acc3fb856aba1fdc c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 06:23 1050624 15ac1ec83d02cac78de5490b5130f59a c:\windows\$NtServicePackUninstall$\explorer.exe
2004-08-10 05:00 1049088 e42a6a3386741897a0f1946e5c497a80 c:\windows\$NtUninstallKB938828$\explorer.exe
2008-04-13 20:12 1050624 70f02081a3076f36781e1a64001c1baa c:\windows\ServicePackFiles\i386\explorer.exe

2004-08-10 05:00 32256 03252e86390fe54a565e66f14c1d9fdc c:\windows\$NtServicePackUninstall$\ctfmon.exe
2008-04-13 20:12 32256 13056aecdcd13842114d0b6e1e27559a c:\windows\ServicePackFiles\i386\ctfmon.exe
2008-04-13 20:12 32256 6e62f2c15a1a66c7d303180e6912e937 c:\windows\system32\ctfmon.exe

2005-06-10 20:17 75264 138faea6af48a6d82c0f43ab1195db95 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2005-06-10 19:53 74752 137411fe712fe93fdb2262f63b5899a2 c:\windows\$NtServicePackUninstall$\spoolsv.exe
2008-04-13 20:12 75264 2ddf3842cce5cd14bc8a635960722798 c:\windows\ServicePackFiles\i386\spoolsv.exe
2008-04-13 20:12 75264 7076d5a3bbb5e9ddb6e22bedc981158f c:\windows\system32\spoolsv.exe

2004-08-10 05:00 41472 f85b05a91203fba2ed682253e211c4ba c:\windows\$NtServicePackUninstall$\userinit.exe
2008-04-13 20:12 43008 4aafbc055894cd7ad0e61fad969314cc c:\windows\ServicePackFiles\i386\userinit.exe
2008-04-13 20:12 43008 083c32f9a91c5553a603fdd7a043bd60 c:\windows\system32\userinit.exe

2008-04-15 11:17 295424 7a014d2211ff90c76f20b776822b332e c:\windows\$hf_mig$\KB895961-v4\SP3QFE\termsrv.dll
2008-04-15 10:53 295424 7a2a4b3082866b7437cfc78c3e0bde7e c:\windows\$NtServicePackUninstall$\termsrv.dll
2004-08-10 05:00 295424 b60c877d16d9c880b952fda04adf16e6 c:\windows\$NtUninstallKB895961$\termsrv.dll
2008-04-13 20:12 295424 ff3477c03be7201c294c35f684b3479f c:\windows\$NtUninstallKB895961-v4$\termsrv.dll
2005-03-09 19:49 295424 c29a5286e64d97385178452d5f307b98 c:\windows\$NtUninstallKB895961-v4_0$\termsrv.dll
2008-04-13 20:12 295424 ff3477c03be7201c294c35f684b3479f c:\windows\ServicePackFiles\i386\termsrv.dll
2009-03-03 16:30 215552 a77219a971029dc2fb683e8513713803 c:\windows\system32\termsrv.dll
2009-03-03 16:30 215552 a77219a971029dc2fb683e8513713803 c:\windows\system32\dllcache\termsrv.dll
.
((((((((((((((((((((((((((((( SnapShot_2009-03-02_11.59.41.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-10-14 18:36:07 169,984 ----a-w c:\windows\$hf_mig$\KB873339\spuninst.exe
+ 2004-10-14 18:36:07 186,880 ----a-w c:\windows\$hf_mig$\KB873339\spuninst.exe
- 2004-12-01 05:48:22 169,984 ----a-w c:\windows\$hf_mig$\KB885250\spuninst.exe
+ 2004-12-01 05:48:22 186,880 ----a-w c:\windows\$hf_mig$\KB885250\spuninst.exe
- 2004-10-14 18:36:07 169,984 ----a-w c:\windows\$hf_mig$\KB885835\spuninst.exe
+ 2004-10-14 18:36:07 186,880 ----a-w c:\windows\$hf_mig$\KB885835\spuninst.exe
- 2004-10-14 15:36:18 169,984 ----a-w c:\windows\$hf_mig$\KB885836\spuninst.exe
+ 2004-10-14 15:36:18 186,880 ----a-w c:\windows\$hf_mig$\KB885836\spuninst.exe
- 2004-10-14 18:36:16 169,984 ----a-w c:\windows\$hf_mig$\KB886185\spuninst.exe
+ 2004-10-14 18:36:16 187,392 ----a-w c:\windows\$hf_mig$\KB886185\spuninst.exe
- 2004-10-13 16:21:24 1,694,208 ----a-w c:\windows\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
+ 2004-10-13 16:21:24 1,711,616 ----a-w c:\windows\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
- 2004-10-14 18:36:16 169,984 ----a-w c:\windows\$hf_mig$\KB887472\spuninst.exe
+ 2004-10-14 18:36:16 186,880 ----a-w c:\windows\$hf_mig$\KB887472\spuninst.exe
- 2004-10-14 18:36:07 169,984 ----a-w c:\windows\$hf_mig$\KB888113\spuninst.exe
+ 2004-10-14 18:36:07 186,880 ----a-w c:\windows\$hf_mig$\KB888113\spuninst.exe
- 2004-12-01 00:22:42 169,984 ----a-w c:\windows\$hf_mig$\KB888302\spuninst.exe
+ 2004-12-01 00:22:42 186,880 ----a-w c:\windows\$hf_mig$\KB888302\spuninst.exe
- 2004-10-14 18:36:07 169,984 ----a-w c:\windows\$hf_mig$\KB891781\spuninst.exe
+ 2004-10-14 18:36:07 186,880 ----a-w c:\windows\$hf_mig$\KB891781\spuninst.exe
- 2005-07-07 23:27:08 30,720 ----a-w c:\windows\$hf_mig$\KB893756\update\arpidfix.exe
+ 2005-07-07 23:27:08 47,616 ----a-w c:\windows\$hf_mig$\KB893756\update\arpidfix.exe
- 2005-05-26 23:26:50 10,752 ----a-w c:\windows\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2005-05-26 23:26:50 27,648 ----a-w c:\windows\$hf_mig$\KB896358\SP2QFE\hh.exe
- 2005-06-11 00:17:13 57,856 ----a-w c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
+ 2005-06-11 00:17:13 75,264 ----a-w c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
- 2005-06-29 23:54:30 30,720 ----a-w c:\windows\$hf_mig$\KB896423\update\arpidfix.exe
+ 2005-06-29 23:54:30 47,616 ----a-w c:\windows\$hf_mig$\KB896423\update\arpidfix.exe
- 2005-10-05 23:39:44 30,720 ----a-w c:\windows\$hf_mig$\KB896424\update\arpidfix.exe
+ 2005-10-05 23:39:44 48,128 ----a-w c:\windows\$hf_mig$\KB896424\update\arpidfix.exe
- 2005-05-10 23:51:10 75,776 ----a-w c:\windows\$hf_mig$\KB896428\SP2QFE\telnet.exe
+ 2005-05-10 23:51:10 93,184 ----a-w c:\windows\$hf_mig$\KB896428\SP2QFE\telnet.exe
- 2005-06-29 20:54:32 30,720 ----a-w c:\windows\$hf_mig$\KB899587\update\arpidfix.exe
+ 2005-06-29 20:54:32 47,616 ----a-w c:\windows\$hf_mig$\KB899587\update\arpidfix.exe
- 2005-06-29 23:54:30 30,720 ----a-w c:\windows\$hf_mig$\KB899588\update\arpidfix.exe
+ 2005-06-29 23:54:30 47,616 ----a-w c:\windows\$hf_mig$\KB899588\update\arpidfix.exe
- 2005-08-17 20:38:14 30,720 ----a-w c:\windows\$hf_mig$\KB899589\update\arpidfix.exe
+ 2005-08-17 20:38:14 48,128 ----a-w c:\windows\$hf_mig$\KB899589\update\arpidfix.exe
- 2005-06-29 23:54:30 30,720 ----a-w c:\windows\$hf_mig$\KB899591\update\arpidfix.exe
+ 2005-06-29 23:54:30 48,128 ----a-w c:\windows\$hf_mig$\KB899591\update\arpidfix.exe
- 2005-09-26 21:36:24 30,720 ----a-w c:\windows\$hf_mig$\KB900725\update\arpidfix.exe
+ 2005-09-26 21:36:24 47,616 ----a-w c:\windows\$hf_mig$\KB900725\update\arpidfix.exe
- 2005-09-09 20:26:26 30,720 ----a-w c:\windows\$hf_mig$\KB901017\update\arpidfix.exe
+ 2005-09-09 20:26:26 48,128 ----a-w c:\windows\$hf_mig$\KB901017\update\arpidfix.exe
- 2005-07-25 23:42:35 8,704 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\migregdb.exe
+ 2005-07-25 23:42:35 25,600 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\migregdb.exe
- 2005-07-25 23:21:18 30,720 ----a-w c:\windows\$hf_mig$\KB902400\update\arpidfix.exe
+ 2005-07-25 23:21:18 47,616 ----a-w c:\windows\$hf_mig$\KB902400\update\arpidfix.exe
- 2005-08-19 23:50:31 30,720 ----a-w c:\windows\$hf_mig$\KB905414\update\arpidfix.exe
+ 2005-08-19 23:50:31 47,616 ----a-w c:\windows\$hf_mig$\KB905414\update\arpidfix.exe
- 2005-08-22 22:01:30 30,720 ----a-w c:\windows\$hf_mig$\KB905749\update\arpidfix.exe
+ 2005-08-22 22:01:30 47,616 ----a-w c:\windows\$hf_mig$\KB905749\update\arpidfix.exe
- 2006-03-17 01:05:35 28,672 ----a-w c:\windows\$hf_mig$\KB908531\SP2QFE\verclsid.exe
+ 2006-03-17 01:05:35 46,080 ----a-w c:\windows\$hf_mig$\KB908531\SP2QFE\verclsid.exe
- 2006-08-21 09:43:32 23,040 ----a-w c:\windows\$hf_mig$\KB922582\SP2QFE\fltmc.exe
+ 2006-08-21 09:43:32 39,936 ----a-w c:\windows\$hf_mig$\KB922582\SP2QFE\fltmc.exe
- 2007-03-06 07:54:01 56,832 ----a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\ie4uinit.exe
+ 2007-03-06 07:54:01 73,728 ----a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\ie4uinit.exe
- 2007-03-06 07:54:01 13,824 ----a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\ieudinit.exe
+ 2007-03-06 07:54:01 30,720 ----a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\ieudinit.exe
- 2007-02-28 06:51:34 625,152 ----a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe
+ 2007-02-28 06:51:34 642,560 ----a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe
- 2007-01-29 09:25:04 60,416 ----a-w c:\windows\$hf_mig$\KB931836\SP2QFE\tzchange.exe
+ 2007-01-29 09:25:04 77,312 ----a-w c:\windows\$hf_mig$\KB931836\SP2QFE\tzchange.exe
- 2007-07-18 10:33:06 60,416 ----a-w c:\windows\$hf_mig$\KB933360\SP2QFE\tzchange.exe
+ 2007-07-18 10:33:06 77,824 ----a-w c:\windows\$hf_mig$\KB933360\SP2QFE\tzchange.exe
- 2007-04-24 14:20:37 56,832 ----a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\ie4uinit.exe
+ 2007-04-24 14:20:37 73,728 ----a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\ie4uinit.exe
- 2007-04-24 14:20:37 13,824 ----a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\ieudinit.exe
+ 2007-04-24 14:20:37 30,720 ----a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\ieudinit.exe
- 2007-04-24 14:20:41 625,152 ----a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe
+ 2007-04-24 14:20:41 642,048 ----a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe
- 2007-06-27 09:16:27 63,488 ----a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\ie4uinit.exe
+ 2007-06-27 09:16:27 80,384 ----a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\ie4uinit.exe
- 2007-06-27 09:16:27 13,824 ----a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\ieudinit.exe
+ 2007-06-27 09:16:27 30,720 ----a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\ieudinit.exe
- 2007-06-27 09:16:52 625,152 ----a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe
+ 2007-06-27 09:16:52 642,048 ----a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe
- 2007-06-13 11:26:03 1,033,216 ----a-w c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
+ 2007-06-13 11:26:03 1,050,112 ----a-w c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
- 2007-08-17 10:12:34 70,656 ----a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
+ 2007-08-17 10:12:34 87,552 ----a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
- 2007-08-17 10:12:35 13,824 ----a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
+ 2007-08-17 10:12:35 31,232 ----a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
- 2007-08-17 10:12:49 625,152 ----a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
+ 2007-08-17 10:12:49 642,560 ----a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
- 2007-10-10 08:16:47 70,656 ----a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 08:16:47 87,552 ----a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
- 2007-10-10 08:16:47 13,824 ----a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:47 30,720 ----a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
- 2007-10-10 08:16:56 625,664 ----a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 08:16:56 642,560 ----a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
- 2007-11-13 11:02:46 60,416 ----a-w c:\windows\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-11-13 11:02:46 77,312 ----a-w c:\windows\$hf_mig$\KB942763\SP2QFE\tzchange.exe
- 2007-12-06 08:34:28 70,656 ----a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-06 08:34:28 87,552 ----a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
- 2007-12-06 08:34:29 13,824 ----a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:29 30,720 ----a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
- 2007-12-06 08:34:45 625,664 ----a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-06 08:34:45 642,560 ----a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
- 2008-02-22 09:39:56 70,656 ----a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-02-22 09:39:56 88,064 ----a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
- 2008-02-22 09:39:56 13,824 ----a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:39:56 30,720 ----a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
- 2008-02-22 09:40:22 625,664 ----a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-02-22 09:40:22 643,072 ----a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
- 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-22 08:02:19 87,552 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
- 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:19 30,720 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
- 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-22 08:02:46 642,560 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
- 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-14 11:03:00 79,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
- 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:42:28 79,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
- 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2008-07-11 12:51:51 79,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
- 2008-05-07 09:07:23 135,168 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2008-05-07 09:07:23 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
- 2008-05-08 11:24:44 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-08 11:24:44 176,128 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
- 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 08:23:18 87,552 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
- 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:18 31,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
- 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 08:23:52 642,560 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
- 2008-10-22 09:47:25 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-22 09:47:25 79,872 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
- 2008-10-23 10:06:59 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:06:59 79,872 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
- 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2008-10-23 10:17:49 79,872 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
- 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-25 08:43:21 87,552 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
- 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-25 08:43:21 30,720 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
- 2004-08-10 09:00:00 15,360 -c----w c:\windows\$NtServicePackUninstall$\ctfmon.exe
+ 2004-08-10 09:00:00 32,256 -c----w c:\windows\$NtServicePackUninstall$\ctfmon.exe
- 2007-06-13 10:23:07 1,033,216 -c----w c:\windows\$NtServicePackUninstall$\explorer.exe
+ 2007-06-13 10:23:07 1,050,624 -c----w c:\windows\$NtServicePackUninstall$\explorer.exe
- 2005-06-10 23:53:32 57,856 -c----w c:\windows\$NtServicePackUninstall$\spoolsv.exe
+ 2005-06-10 23:53:32 74,752 -c----w c:\windows\$NtServicePackUninstall$\spoolsv.exe
- 2004-08-10 09:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\userinit.exe
+ 2004-08-10 09:00:00 41,472 -c----w c:\windows\$NtServicePackUninstall$\userinit.exe
- 2004-08-10 09:00:00 1,032,192 -c----w c:\windows\$NtUninstallKB938828$\explorer.exe
+ 2004-08-10 09:00:00 1,049,088 -c----w c:\windows\$NtUninstallKB938828$\explorer.exe
- 2005-10-21 01:02:28 184,320 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28 183,808 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
- 2005-10-21 01:02:28 184,320 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2005-10-21 00:02:28 183,808 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
- 2007-06-27 02:10:26 317,440 ----a-w c:\windows\inf\unregmp2.exe
+ 2007-06-27 02:10:26 334,848 ----a-w c:\windows\inf\unregmp2.exe
- 2009-02-17 17:26:17 102,400 ----a-r c:\windows\Installer\{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}\iTunesIco.exe
+ 2009-03-05 00:27:08 102,400 ----a-r c:\windows\Installer\{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}\iTunesIco.exe
- 2000-08-31 13:00:00 48,640 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 12:00:00 48,640 ----a-w c:\windows\NIRCMD.exe
- 2008-04-14 00:12:21 769,024 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
+ 2008-04-14 00:12:21 785,920 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-10 09:00:00 99,840 ----a-w c:\windows\pchealth\helpctr\binaries\HelpHost.exe
+ 2004-08-10 09:00:00 116,736 ----a-w c:\windows\pchealth\helpctr\binaries\HelpHost.exe
- 2008-04-14 00:12:21 18,432 ----a-w c:\windows\pchealth\helpctr\binaries\hscupd.exe
+ 2008-04-14 00:12:21 35,328 ----a-w c:\windows\pchealth\helpctr\binaries\hscupd.exe
- 2008-04-14 00:12:27 169,984 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 00:12:27 186,880 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-10 09:00:00 35,328 ----a-w c:\windows\pchealth\helpctr\binaries\notiflag.exe
+ 2004-08-10 09:00:00 52,736 ----a-w c:\windows\pchealth\helpctr\binaries\notiflag.exe
- 2000-08-31 13:00:00 179,200 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 12:00:00 179,200 ----a-w c:\windows\SWREG.exe
- 2008-04-14 00:12:14 5,632 ----a-w c:\windows\system32\cisvc.exe
+ 2008-04-14 00:12:14 23,040 ----a-w c:\windows\system32\cisvc.exe
- 2008-04-14 00:12:14 33,280 ----a-w c:\windows\system32\clipsrv.exe
+ 2008-04-14 00:12:14 50,688 ----a-w c:\windows\system32\clipsrv.exe
- 2008-04-14 00:12:15 39,936 ----a-w c:\windows\system32\cmmon32.exe
+ 2008-04-14 00:12:15 56,832 ----a-w c:\windows\system32\cmmon32.exe
- 2008-04-14 00:12:15 63,488 ----a-w c:\windows\system32\cmstp.exe
+ 2008-04-14 00:12:15 80,896 ----a-w c:\windows\system32\cmstp.exe
- 2009-03-02 16:54:55 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-03-16 16:39:58 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-03-02 16:54:55 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-03-16 16:39:58 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-03-16 02:06:25 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009031520090316\index.dat
+ 2009-03-16 05:43:54 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009031620090317\index.dat
+ 2009-03-16 02:06:25 78,924 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat
- 2009-03-02 16:54:55 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-16 16:39:58 49,152 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2004-08-10 09:00:00 32,768 ----a-w c:\windows\system32\dctool32.sys
- 2009-03-02 00:51:40 578,560 ----a-w c:\windows\system32\dllcache\user32.dll
+ 2009-03-03 23:53:18 578,560 ----a-w c:\windows\system32\dllcache\user32.dll
- 2008-04-14 00:12:17 224,768 ----a-w c:\windows\system32\dmadmin.exe
+ 2008-04-14 00:12:17 241,664 ----a-w c:\windows\system32\dmadmin.exe
- 2008-04-14 00:12:17 15,872 ----a-w c:\windows\system32\dmremote.exe
+ 2008-04-14 00:12:17 32,768 ----a-w c:\windows\system32\dmremote.exe
+ 2009-03-02 22:19:07 821,856 ----a-w c:\windows\system32\drivers\avg7core.sys
+ 2009-03-02 22:19:10 4,224 ----a-w c:\windows\system32\drivers\avg7rsw.sys
+ 2009-03-02 22:19:11 27,776 ----a-w c:\windows\system32\drivers\avg7rsxp.sys
+ 2009-03-02 22:19:11 10,760 ----a-w c:\windows\system32\drivers\avgclean.sys
+ 2009-03-02 22:19:11 26,952 ----a-w c:\windows\system32\drivers\avgmfx86.sys
- 2004-08-10 09:00:00 15,872 ----a-w c:\windows\system32\expand.exe
+ 2004-08-10 09:00:00 32,768 ----a-w c:\windows\system32\expand.exe
- 2004-08-12 21:45:52 61,952 ----a-w c:\windows\system32\Hdaudpropshortcut.exe
+ 2004-08-12 21:45:52 78,848 ----a-w c:\windows\system32\Hdaudpropshortcut.exe
- 2008-04-14 00:12:21 15,872 ----a-w c:\windows\system32\help.exe
+ 2008-04-14 00:12:21 32,768 ----a-w c:\windows\system32\help.exe
- 2008-12-19 09:10:15 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:10:15 87,552 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-12-19 09:10:15 31,232 ----a-w c:\windows\system32\ieudinit.exe
- 2008-04-14 00:12:24 75,264 ----a-w c:\windows\system32\locator.exe
+ 2008-04-14 00:12:24 92,160 ----a-w c:\windows\system32\locator.exe
- 2008-06-18 06:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 06:09:22 117,760 ----a-w c:\windows\system32\logagent.exe
- 2008-04-14 00:12:25 32,768 ----a-w c:\windows\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 53,248 ----a-w c:\windows\system32\mnmsrvc.exe
- 2008-04-14 00:12:27 4,608 ----a-w c:\windows\system32\mqsvc.exe
+ 2008-04-14 00:12:27 22,016 ----a-w c:\windows\system32\mqsvc.exe
- 2008-04-14 00:12:27 117,248 ----a-w c:\windows\system32\mqtgsvc.exe
+ 2008-04-14 00:12:27 134,144 ----a-w c:\windows\system32\mqtgsvc.exe
- 2008-04-14 00:12:27 6,144 ----a-w c:\windows\system32\msdtc.exe
+ 2008-04-14 00:12:27 23,040 ----a-w c:\windows\system32\msdtc.exe
+ 2008-04-14 00:11:56 348,864 ----a-w c:\windows\system32\msonlinebb.dll
- 2004-08-10 09:00:00 257,536 ----a-w c:\windows\system32\msrstart.exe
+ 2004-08-10 09:00:00 102,912 ----a-w c:\windows\system32\msrstart.exe
- 2008-04-14 00:12:29 111,104 ----a-w c:\windows\system32\netdde.exe
+ 2008-04-14 00:12:29 128,512 ----a-w c:\windows\system32\netdde.exe
- 2008-04-14 00:12:29 86,016 ----a-w c:\windows\system32\netsh.exe
+ 2008-04-14 00:12:29 103,424 ----a-w c:\windows\system32\netsh.exe
- 2009-03-02 16:55:37 262,144 ----a-w c:\windows\system32\nvtpm32.dll
+ 2009-03-03 23:53:16 262,144 ----a-w c:\windows\system32\nvtpm32.dll
- 2004-08-10 09:00:00 257,536 ----a-w c:\windows\system32\nxtepad.exe
+ 2004-08-10 09:00:00 103,424 ----a-w c:\windows\system32\nxtepad.exe
- 2009-02-01 01:16:36 65,044 ----a-w c:\windows\system32\perfc009.dat
+ 2009-03-16 16:40:05 65,044 ----a-w c:\windows\system32\perfc009.dat
- 2009-02-01 01:16:37 410,574 ----a-w c:\windows\system32\perfh009.dat
+ 2009-03-16 16:40:05 410,574 ----a-w c:\windows\system32\perfh009.dat
- 2004-08-10 09:00:00 132,608 ----a-w c:\windows\system32\rsvp.exe
+ 2004-08-10 09:00:00 149,504 ----a-w c:\windows\system32\rsvp.exe
- 2008-04-14 00:12:33 95,744 ----a-w c:\windows\system32\scardsvr.exe
+ 2008-04-14 00:12:33 112,640 ----a-w c:\windows\system32\scardsvr.exe
- 2008-04-14 00:12:34 141,312 ----a-w c:\windows\system32\sessmgr.exe
+ 2008-04-14 00:12:34 158,208 ----a-w c:\windows\system32\sessmgr.exe
- 2008-04-14 00:12:35 89,600 ----a-w c:\windows\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 107,008 ----a-w c:\windows\system32\smlogsvc.exe
- 2008-04-14 00:12:37 135,680 ----a-w c:\windows\system32\taskmgr.exe
+ 2008-04-14 00:12:37 152,576 ----a-w c:\windows\system32\taskmgr.exe
+ 2004-08-10 09:00:00 187,392 ----a-w c:\windows\system32\tdctxte.exe
- 2008-04-14 00:12:38 73,216 ----a-w c:\windows\system32\tlntsvr.exe
+ 2008-04-14 00:12:38 90,112 ----a-w c:\windows\system32\tlntsvr.exe
- 2008-04-14 00:12:38 18,432 ----a-w c:\windows\system32\ups.exe
+ 2008-04-14 00:12:38 35,328 ----a-w c:\windows\system32\ups.exe
- 2009-03-02 00:51:40 578,560 ----a-w c:\windows\system32\user32.DLL
+ 2009-03-03 23:53:18 578,560 ----a-w c:\windows\system32\user32.DLL
- 2008-04-14 00:12:38 289,792 ----a-w c:\windows\system32\vssvc.exe
+ 2008-04-14 00:12:38 307,200 ----a-w c:\windows\system32\vssvc.exe
- 2007-06-14 20:45:38 20,480 ----a-w c:\windows\system32\wltrysvc.exe
+ 2007-06-14 20:45:38 37,888 ----a-w c:\windows\system32\wltrysvc.exe
- 2008-05-08 11:24:44 155,648 ----a-w c:\windows\system32\wscript.exe
+ 2008-05-08 11:24:44 176,128 ----a-w c:\windows\system32\wscript.exe
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\temp\mta106215.dll
+ 2009-03-16 16:35:31 16,384 ----atw c:\windows\temp\Perflib_Perfdata_214.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-12-09 19:40 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98} "= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98} "= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2008-04-13 32256]
"updateMgr "= "c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "c:\windows\ehome\ehtray.exe" [2005-09-29 84992]
"ATIPTA "= "c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 364544]
"DMXLauncher "= "c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 114688]
"ISUSPM Startup "= "c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 270336]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 102400]
"Google Desktop Search "= "c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-08-22 186880]
"BuildBU "= "c:\dell\bldbubg.exe" [2006-08-22 81920]
"SunJavaUpdateSched "= "c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck "= "c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"AppleSyncNotifier "= "c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2009-01-05 434176]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"DLCFCATS "= "c:\windows\system32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2005-09-08 73728]
"CPM1736a487 "= "c:\windows\system32\japuduho.dll" [2009-03-02 84992]
"000000af "= "c:\windows\system32\norulabo.dll" [2009-03-02 79872]
"AVG7_CC "= "c:\progra~1\Grisoft\AVG7\avgcc.exe" [2009-03-02 595968]
"1405971b "= "c:\windows\system32\norulabo.dll" [2009-03-02 79872]
"SigmatelSysTrayApp "= "stsystra.exe" [2006-02-10 c:\windows\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting "= "c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
"AVG7_Run "= "c:\progra~1\Grisoft\AVG7\avgw.exe" [2009-03-02 236032]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 47104]
Extender Resource Monitor.lnk - c:\windows\ehome\RMSysTry.exe [2005-10-20 35840]
HotSync Manager.lnk - c:\program files\Palm\Hotsync.exe [2008-01-03 1413120]
Stardust Screen Saver Control 2003.lnk - c:\windows\SCMain.exe [2004-01-02 374784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} "= "c:\windows\system32\japuduho.dll" [2009-03-02 84992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"SSODL "= {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\japuduho.dll [2009-03-02 84992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit "= "c:\windows\system32\userinit.exe,c:\windows\system32\twext.exe, "

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=c:\windows\system32\japuduho.dll
"LoadAppInit_DLLs "=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WZCSVC "=2 (0x2)
"WMPNetworkSvc "=3 (0x3)
"wltrysvc "=2 (0x2)
"iPod Service "=3 (0x3)
"gusvc "=3 (0x3)
"Apple Mobile Device "=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify "=dword:00000001
"AntiVirusOverride "=dword:00000001
"FirewallOverride "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe "=
"c:\\WINDOWS\\system32\\dpvsetup.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\Palm\\Hotsync.exe "=
"c:\\Program Files\\Grisoft\\AVG7\\avginet.exe "=
"c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe "=
"c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP "= 3776:UDP:Media Center Extender Service
"3390:TCP "= 3390:TCP:Remote Media Center Experience

R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2009-02-17 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-17 234888]
R2 tdctxte;tdctxte Service;c:\windows\system32\tdctxte.exe [2004-08-10 187392]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-10-16 45132]
S2 BCMLogon;BCMLogon;c:\windows\system32\BCMLogon.dll [2007-12-23 700416]
S3 NdisWDM;Dynex Wireless G USB Network Adapter Service;c:\windows\system32\drivers\NdisWDM.sys [2007-12-23 198528]
S3 pcistub;pcistub;c:\windows\system32\pcistub.sys [2005-08-16 2176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command - I:\loader.exe
\Shell\langenglish\command - i:\setup\i386\msetup.exe lang:english

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80ad45c6-07db-11dc-8bc0-001372e2cf99}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8f4871e-3e92-11db-8b8a-001372e2cf99}]
\Shell\AutoRun\command - f:\jdsecure\Windows\JDSecure31.exe
.
Contents of the 'Scheduled Tasks' folder

2009-02-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHANS REMOVED - - - -

BHO-{022bd500-c9f9-41f7-b97e-4744f5cce2f9} - c:\windows\system32\noregupu.dll
BHO-{9A1133CF-0AE7-4321-B711-0A8EC561A0D9} - %SystemRoot%\system32\msonlinebb.dll
BHO-{a6875d60-575c-44b7-93dd-0cb8516ab219} - c:\windows\system32\qgcgdp.dll
HKCU-Run-comidle - c:\documents and settings\Ty Reiber\Application Data\comidle\comidle.exe
HKLM-Run-hgcheck - c:\windows\system32\hgcheck.exe
HKU-Default-Run-comidle - c:\documents and settings\Ty Reiber\Application Data\comidle\comidle.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com/?src=aim
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ty Reiber\Application Data\Mozilla\Firefox\Profiles\ikwedq45.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/calendar/render?hl=en&sourceid=navclient-ff|https://webmail.psu.edu/|http://www...w-tab.html|http://mail.google.com/mail/#inbox
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\program files\Mozilla Firefox\components\ffwt.dll
FF - plugin: c:\progra~1\Palm\PACKAG~1\NPInstal.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-16 12:36:16
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCFCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

c:\windows\system32\twain_32
c:\windows\system32\twext.exe 311296 bytes executable
c:\windows\system32\obaluron.ini 1717796 bytes

scan completed successfully
hidden files: 3

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(752)
c:\program files\Bonjour\mdnsNSP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\progra~1\Grisoft\AVG7\avgamsvr.exe
c:\progra~1\Grisoft\AVG7\avgupsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\windows\ehome\RMSvc.exe
c:\windows\ehome\McrdSvc.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-03-16 12:44:14 - machine was rebooted [Ty Reiber]
ComboFix-quarantined-files.txt 2009-03-16 16:44:09
ComboFix2.txt 2009-03-06 05:31:36
ComboFix3.txt 2008-12-15 18:01:40
ComboFix4.txt 2008-03-31 17:21:02

Pre-Run: 14,615,490,560 bytes free
Post-Run: 14,606,659,584 bytes free

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
665 --- E O F --- 2009-02-26 09:01:22

Geri · 2009/03/16

Hi blacklogman

I'm afraid I have some bad news. You are infected with Virut.

Virut is capable of infecting all the machine's executable files (.exe) and screensaver files (.scr). However, the problem is that the virus has a number of bugs in its code, and as a result, it may misinfect a proportion of executable files and therefore, the files are corrupted beyond repair. As of now, security experts suggest that a clean reformat is the only way to clean the infection and it is the only way to return the machine to its normal working state.

Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (software, .exe files) and screensavers (.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable.

Also, try to avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.

This link has good info on virut and what not to save.
http://miekiemoes.blogspot.com/search?q=Virut

Geri

blacklogman · 2009/03/16

Geri,

Thanks for the help, just a few questions. First I have a external Hard Drive. I don't really run anything on it just save stuff. Would that be a good place to back things up on or would it have the virus too. Also, how would you recommend getting my computer clean reformatted. Is that something I should have an expert do or can I do that myself. Any other suggestions in proceeding forward? Thanks for the your help.

Blacklogman

Geri · 2009/03/16

Hi

First I have a external Hard Drive
Click to expand...

It could be possible that it is infected, if you have moved any .exe files or .scr files to it after you were infected.

Perform a clean install of Windows XP
A clean installation consists of removing all data from your hard disk by repartitioning and reformatting your hard disk and reinstalling the operating system and programs to an empty (clean) hard disk. For more information about important things to consider before you partition and format you hard disk and how to partition and format your hard disk by using the Windows XP Setup program, click the following article number to view the article in the Microsoft Knowledge Base:
313348 (http://support.microsoft.com/kb/313348/ ) How to partition and format a hard disk in Windows XP
To perform a clean installation of Windows XP, follow these steps:

1. Back up all important information before you perform a clean installation of Windows XP. Save the backup to an external location, such as a CD or external hard disk.
2. Start your computer from the Windows XP CD. To do this, insert the Windows XP CD into your CD drive or DVD drive, and then restart your computer.

Note To boot from your Windows XP CD, the BIOS settings on your computer must be configured to do this.
3. When you see the "Press any key to boot from CD" message, press any key to start the computer from the Windows XP CD.
4. At the Welcome to Setup screen, press ENTER to start Windows XP Setup.
5. Read the Microsoft Software License Terms, and then press F8.
6. Follow the instructions on the screen to select and format a partition where you want to install Windows XP.
7. Follow the instructions on the screen to complete the Windows XP Setup.

Geri

blacklogman · 2009/03/17

Geri,

Thanks for the help.

Blacklogman

Geri · 2009/03/17

Hi Blacklogman
You're welcome.

Please look at this link for some preventive recommendations, It could keep you from ending up back here to the Malware and Virus Removal Forums.
http://www.windowsbbs.com/showthread.php?t=67958

Surf Safely.
Geri

Log in or Sign up

Inactive [InActive] Windows explorer was canceller to prevent damage.

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

Geri Inactive Alumni

blacklogman Inactive Thread Starter

Geri Inactive Alumni

blacklogman Inactive Thread Starter

Geri Inactive Alumni

blacklogman Inactive Thread Starter

Geri Inactive Alumni

blacklogman Inactive Thread Starter

Geri Inactive Alumni

Share This Page

Log in or Sign up

Inactive [InActive] Windows explorer was canceller to prevent damage.

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

blacklogman Inactive Thread Starter

Geri Inactive Alumni

blacklogman Inactive Thread Starter

Geri Inactive Alumni

blacklogman Inactive Thread Starter

Geri Inactive Alumni

blacklogman Inactive Thread Starter

Geri Inactive Alumni

blacklogman Inactive Thread Starter

Geri Inactive Alumni

Share This Page

Useful Searches