Solved Remove XP antivirus Warning

C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe
+ 2008-04-14 00:12:36 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\smss.exe
+ 2008-04-14 00:12:06 456,192 ------w C:\WINDOWS\ServicePackFiles\i386\smtpsvc.dll
+ 2008-04-14 00:12:36 131,584 ------w C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe
+ 2008-04-14 00:12:06 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\sniffpol.dll
+ 2008-04-14 00:12:36 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\snmp.exe
+ 2008-04-14 00:12:06 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\snmpapi.dll
+ 2008-04-14 00:12:06 259,072 ------w C:\WINDOWS\ServicePackFiles\i386\snmpcl.dll
+ 2008-04-14 00:12:06 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\snmpincl.dll
+ 2008-04-14 00:12:06 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\snmpmib.dll
+ 2008-04-14 00:12:06 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\snmpsmir.dll
+ 2008-04-14 00:12:06 182,272 ------w C:\WINDOWS\ServicePackFiles\i386\snmpsnap.dll
+ 2008-04-14 00:12:06 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\snmpthrd.dll
+ 2008-04-14 00:12:36 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe
+ 2008-04-14 00:12:06 130,048 ------w C:\WINDOWS\ServicePackFiles\i386\softkbd.dll
+ 2008-04-13 18:40:52 7,552 ------w C:\WINDOWS\ServicePackFiles\i386\sonyait.sys
+ 2008-04-13 18:46:07 25,344 ------w C:\WINDOWS\ServicePackFiles\i386\sonydcam.sys
+ 2008-04-14 00:12:36 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\sort.exe
+ 2008-04-14 00:12:36 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe
+ 2008-04-13 16:43:18 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\spgrmr.dll
+ 2008-04-14 00:12:36 538,624 ------w C:\WINDOWS\ServicePackFiles\i386\spider.exe
+ 2008-04-13 18:45:07 6,272 ------w C:\WINDOWS\ServicePackFiles\i386\splitter.sys
+ 2008-04-14 09:42:38 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe
+ 2008-04-14 00:12:06 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\spoolss.dll
+ 2008-04-14 00:12:36 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
+ 2008-04-13 18:35:28 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\spra041b.dll
+ 2008-04-13 18:35:28 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\spra0424.dll
+ 2008-04-13 18:38:37 757,248 ------w C:\WINDOWS\ServicePackFiles\i386\sprb041b.dll
+ 2008-04-13 18:38:36 732,160 ------w C:\WINDOWS\ServicePackFiles\i386\sprb0424.dll
+ 2008-04-13 18:40:04 577,536 ------w C:\WINDOWS\ServicePackFiles\i386\sprc041b.dll
+ 2008-04-13 18:40:05 576,512 ------w C:\WINDOWS\ServicePackFiles\i386\sprc0424.dll
+ 2008-04-14 00:12:06 250,368 ------w C:\WINDOWS\ServicePackFiles\i386\sptip.dll
+ 2008-04-14 00:12:36 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe
+ 2008-04-14 00:12:06 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\sqldb20.dll
+ 2008-04-14 00:12:06 528,384 ------w C:\WINDOWS\ServicePackFiles\i386\sqloledb.dll
+ 2008-04-14 00:12:06 462,848 ------w C:\WINDOWS\ServicePackFiles\i386\sqlqp20.dll
+ 2008-04-14 00:12:06 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\sqlse20.dll
+ 2008-04-14 00:12:06 442,368 ------w C:\WINDOWS\ServicePackFiles\i386\sqlsrv32.dll
+ 2008-04-14 00:12:06 180,800 ------w C:\WINDOWS\ServicePackFiles\i386\sqlunirl.dll
+ 2008-04-14 00:12:06 217,088 ------w C:\WINDOWS\ServicePackFiles\i386\sqlxmlx.dll
+ 2008-04-13 18:36:52 73,472 ------w C:\WINDOWS\ServicePackFiles\i386\sr.sys
+ 2008-04-14 00:12:06 58,434 ------w C:\WINDOWS\ServicePackFiles\i386\srchctls.dll
+ 2008-04-14 00:12:07 726,078 ------w C:\WINDOWS\ServicePackFiles\i386\srchui.dll
+ 2008-04-14 00:12:07 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\srclient.dll
+ 2008-04-14 00:12:07 239,104 ------w C:\WINDOWS\ServicePackFiles\i386\srrstr.dll
+ 2008-04-14 00:12:07 171,008 ------w C:\WINDOWS\ServicePackFiles\i386\srsvc.dll
+ 2008-04-13 19:15:11 334,848 ------w C:\WINDOWS\ServicePackFiles\i386\srv.sys
+ 2008-04-14 00:12:07 96,768 ------w C:\WINDOWS\ServicePackFiles\i386\srvsvc.dll
+ 2008-04-14 00:12:43 704,512 ------w C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr
+ 2008-04-14 00:12:43 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr
+ 2008-04-14 00:12:07 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\ssdpapi.dll
+ 2008-04-14 00:12:07 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\ssdpsrv.dll
+ 2008-04-14 00:12:43 393,216 ------w C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr
+ 2008-04-14 00:12:44 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr
+ 2008-04-14 00:12:44 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr
+ 2008-04-14 00:12:44 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr
+ 2008-04-14 00:12:44 610,304 ------w C:\WINDOWS\ServicePackFiles\i386\sspipes.scr
+ 2008-04-14 00:12:44 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\ssstars.scr
+ 2008-04-14 00:12:44 679,936 ------w C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr
+ 2008-04-14 00:12:07 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\sstub.dll
+ 2008-04-14 00:12:07 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\startoc.dll
+ 2008-04-14 00:12:07 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\stclient.dll
+ 2008-04-14 00:12:07 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\stdprov.dll
+ 2008-04-14 00:12:07 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\sti.dll
+ 2008-04-14 00:12:07 136,704 ------w C:\WINDOWS\ServicePackFiles\i386\sti_ci.dll
+ 2008-04-14 00:12:36 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\stimon.exe
+ 2008-04-14 00:12:07 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\stobject.dll
+ 2008-04-14 00:12:07 74,752 ------w C:\WINDOWS\ServicePackFiles\i386\storprop.dll
+ 2008-04-13 18:45:15 49,408 ------w C:\WINDOWS\ServicePackFiles\i386\stream.sys
+ 2008-04-13 18:46:21 15,232 ------w C:\WINDOWS\ServicePackFiles\i386\streamip.sys
+ 2008-04-14 00:12:07 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\strmfilt.dll
+ 2008-04-14 00:12:36 16,449 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe
+ 2008-04-14 00:12:36 65,601 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe
+ 2008-04-14 00:12:36 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\svchost.exe
+ 2008-04-13 18:39:53 4,352 ------w C:\WINDOWS\ServicePackFiles\i386\swenum.sys
+ 2008-04-13 18:45:09 56,576 ------w C:\WINDOWS\ServicePackFiles\i386\swmidi.sys
+ 2008-04-14 00:12:07 713,216 ------w C:\WINDOWS\ServicePackFiles\i386\sxs.dll
+ 2008-04-14 00:12:07 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\synceng.dll
+ 2008-04-14 00:12:07 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\syncui.dll
+ 2008-04-13 19:15:55 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\sysaudio.sys
+ 2008-04-14 00:12:07 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w C:\WINDOWS\ServicePackFiles\i386\sysmoda.dll
+ 2008-04-14 00:12:37 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe
+ 2008-04-14 00:12:07 990,208 ------w C:\WINDOWS\ServicePackFiles\i386\syssetup.dll
+ 2008-04-14 00:12:07 117,760 ------w C:\WINDOWS\ServicePackFiles\i386\t2embed.dll
+ 2008-04-13 18:40:50 14,976 ------w C:\WINDOWS\ServicePackFiles\i386\tape.sys
+ 2008-04-14 00:12:07 858,624 ------w C:\WINDOWS\ServicePackFiles\i386\tapi3.dll
+ 2008-04-14 00:12:07 181,760 ------w C:\WINDOWS\ServicePackFiles\i386\tapi32.dll
+ 2008-04-14 00:12:07 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\tapisrv.dll
+ 2008-04-14 00:12:37 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe
+ 2008-04-13 19:20:16 361,344 ------w C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
+ 2008-04-13 19:00:02 225,664 ------w C:\WINDOWS\ServicePackFiles\i386\tcpip6.sys
+ 2008-04-14 00:12:07 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmib.dll
+ 2008-04-14 00:12:07 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmonui.dll
+ 2008-04-14 00:12:37 32,827 ------w C:\WINDOWS\ServicePackFiles\i386\tcptest.exe
+ 2007-04-02 16:36:07 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\tcptsat.dll
+ 2008-04-13 19:00:05 19,072 ------w C:\WINDOWS\ServicePackFiles\i386\tdi.sys
+ 2008-04-14 00:13:20 12,040 ------w C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys
+ 2008-04-14 00:13:21 21,896 ------w C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys
+ 2008-04-14 00:12:37 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\telnet.exe
+ 2008-04-14 00:13:20 40,840 ------w C:\WINDOWS\ServicePackFiles\i386\termdd.sys
+ 2008-04-14 00:12:07 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\termmgr.dll
+ 2008-04-14 00:12:07 295,424 ------w C:\WINDOWS\ServicePackFiles\i386\termsrv.dll
+ 2008-04-13 18:40:50 149,376 ------w C:\WINDOWS\ServicePackFiles\i386\tffsport.sys
+ 2008-04-14 00:12:07 385,536 ------w C:\WINDOWS\ServicePackFiles\i386\themeui.dll
+ 2008-04-14 00:12:38 347,136 ------w C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe
+ 2008-04-14 00:12:38 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe
+ 2008-04-14 00:12:38 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\tracert.exe
+ 2008-04-14 00:12:42 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\tree.com
+ 2008-04-14 00:12:07 153,088 ------w C:\WINDOWS\ServicePackFiles\i386\triedit.dll
+ 2008-04-14 00:12:07 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\trkwks.dll
+ 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\ServicePackFiles\i386\tscdsbl.bat
+ 2008-04-14 00:12:07 93,696 ------w C:\WINDOWS\ServicePackFiles\i386\tscfgwmi.dll
+ 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\ServicePackFiles\i386\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\ServicePackFiles\i386\tscuinst.vbs
+ 2008-04-14 00:11:31 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\tscupdc.dll
+ 2008-04-14 00:13:21 12,168 ------w C:\WINDOWS\ServicePackFiles\i386\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\tsgqec.dll
+ 2008-04-14 00:12:07 279,040 ------w C:\WINDOWS\ServicePackFiles\i386\tshoot.dll
+ 2008-04-14 00:12:07 130,048 ------w C:\WINDOWS\ServicePackFiles\i386\tsoc.dll
+ 2008-04-14 00:12:07 50,688 ------wC:\WINDOWS\ServicePackFiles\i386\tspkg.dll
+ 2008-04-14 00:12:07 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\tty.dll
+ 2007-04-02 15:31:00 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\ttyres.dll
+ 2008-04-14 00:12:07 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ttyui.dll
+ 2008-04-13 18:56:01 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\tunmp.sys
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\twain_32.dll
+ 2008-04-14 00:12:07 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\twext.dll
+ 2008-04-14 00:12:07 101,376 ------w C:\WINDOWS\ServicePackFiles\i386\txflog.dll
+ 2008-04-14 00:12:38 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\tzchange.exe
+ 2008-04-13 18:36:40 44,672 ------w C:\WINDOWS\ServicePackFiles\i386\uagp35.sys
+ 2008-04-13 18:32:36 66,048 ------w C:\WINDOWS\ServicePackFiles\i386\udfs.sys
+ 2008-04-14 00:12:07 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\udhisapi.dll
+ 2008-04-14 00:12:07 275,456 ------w C:\WINDOWS\ServicePackFiles\i386\ulib.dll
+ 2008-04-14 00:12:07 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\umandlg.dll
+ 2008-04-14 00:12:07 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\umpnpmgr.dll
+ 2008-04-14 00:12:07 373,248 ------w C:\WINDOWS\ServicePackFiles\i386\unidrv.dll
+ 2008-04-14 00:12:07 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\unidrvui.dll
+ 2008-04-14 00:12:07 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\unimdmat.dll
+ 2008-04-14 00:12:07 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\uniplat.dll
+ 2007-05-15 08:08:53 761,344 ------w C:\WINDOWS\ServicePackFiles\i386\unires.dll
+ 2008-04-14 00:12:07 316,416 ------w C:\WINDOWS\ServicePackFiles\i386\untfs.dll
+ 2008-04-13 18:39:46 384,768 ------w C:\WINDOWS\ServicePackFiles\i386\update.sys
+ 2008-04-14 00:12:38 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\uploadm.exe
+ 2008-04-14 00:12:08 133,632 ------w C:\WINDOWS\ServicePackFiles\i386\upnp.dll
+ 2008-04-14 00:12:38 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe
+ 2008-04-14 00:12:08 185,856 ------w C:\WINDOWS\ServicePackFiles\i386\upnphost.dll
+ 2008-04-14 00:12:08 239,616 ------w C:\WINDOWS\ServicePackFiles\i386\upnpui.dll
+ 2008-04-14 00:12:38 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\ups.exe
+ 2008-04-14 00:12:08 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\url.dll
+ 2008-04-14 00:12:08 619,520 ------w C:\WINDOWS\ServicePackFiles\i386\urlmon.dll
+ 2004-08-04 02:31:26 32,384 ------w C:\WINDOWS\ServicePackFiles\i386\usb101et.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023.sys
+ 2008-04-13 18:56:49 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023x.sys
+ 2008-04-13 18:45:12 60,032 ------w C:\WINDOWS\ServicePackFiles\i386\usbaudio.sys
+ 2008-04-13 18:45:40 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd.sys
+ 2008-04-13 18:45:41 25,728 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd2.sys
+ 2008-04-13 18:45:39 32,128 ------w C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys
+ 2008-04-13 18:45:35 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\usbehci.sys
+ 2008-04-13 18:45:37 59,520 ------w C:\WINDOWS\ServicePackFiles\i386\usbhub.sys
+ 2008-04-13 18:45:43 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbintel.sys
+ 2008-04-14 00:12:08 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\usbmon.dll
+ 2008-04-13 18:45:35 17,152 ------w C:\WINDOWS\ServicePackFiles\i386\usbohci.sys
+ 2008-04-13 18:45:36 143,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbport.sys
+ 2008-04-13 18:47:37 25,856 ------w C:\WINDOWS\ServicePackFiles\i386\usbprint.sys
+ 2008-04-13 18:45:34 15,104 ------w C:\WINDOWS\ServicePackFiles\i386\usbscan.sys
+ 2008-04-13 18:45:36 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\usbser.sys
+ 2008-04-13 18:45:38 26,368 ------w C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
+ 2008-04-13 18:45:35 20,608 ------w C:\WINDOWS\ServicePackFiles\i386\usbuhci.sys
+ 2008-04-14 00:12:08 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\usbui.dll
+ 2008-04-13 18:46:20 121,984 ------w C:\WINDOWS\ServicePackFiles\i386\usbvideo.sys
+ 2008-04-14 00:12:08 578,560 ------w C:\WINDOWS\ServicePackFiles\i386\user32.dll
+ 2008-04-14 00:12:08 727,040 ------w C:\WINDOWS\ServicePackFiles\i386\userenv.dll
+ 2008-04-14 00:12:38 26,11

 

0,496 ----a-w C:\WINDOWS\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w C:\WINDOWS\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
- 2004-08-04 10:00:00 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
- 2004-08-04 10:00:00 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
- 2004-08-04 10:00:00 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
- 2004-08-04 10:00:00 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
- 2004-08-04 10:00:00 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
- 2004-08-04 10:00:00 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
- 2004-08-04 10:00:00 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
- 2004-08-04 10:00:00 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
- 2004-08-04 10:00:00 54,272 ----a-w C:\WINDOWS\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w C:\WINDOWS\system32\stclient.dll
- 2004-08-04 10:00:00 67,584 ----a-w C:\WINDOWS\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w C:\WINDOWS\system32\sti.dll
- 2004-08-04 10:00:00 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
- 2004-08-04 10:00:00 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
- 2004-08-04 10:00:00 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
- 2004-08-04 00:56:46 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
- 2006-08-21 13:52:08 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2004-08-04 10:00:00 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
+ 2008-04-14 00:12:36 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
- 2006-10-19 13:56:32 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
- 2004-08-04 10:00:00 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
- 2004-08-04 10:00:00 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
- 2004-08-04 10:00:00 105,984 ----a-w C:\WINDOWS\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w C:\WINDOWS\system32\sysocmgr.exe
- 2004-08-04 10:00:00 984,576 ----a-w C:\WINDOWS\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w C:\WINDOWS\system32\syssetup.dll
- 2005-10-17 21:14:46 118,272 ----a-w C:\WINDOWS\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w C:\WINDOWS\system32\t2embed.dll
- 2004-08-04 10:00:00 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
- 2004-08-04 10:00:00 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w C:\WINDOWS\system32\tapisrv.dll
- 2004-08-04 10:00:00 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
- 2004-08-04 10:00:00 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
- 2004-08-04 10:00:00 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
- 2004-08-04 10:00:00 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
- 2004-08-04 10:00:00 358,400 ----a-w C:\WINDOWS\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w C:\WINDOWS\system32\termmgr.dll
- 2004-08-04 10:00:00 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
- 2004-08-04 10:00:00 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
- 2004-08-04 10:00:00 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
- 2004-08-04 10:00:00 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
- 2004-08-04 10:00:00 11,264 ----a-w C:\WINDOWS\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w C:\WINDOWS\system32\tree.com
- 2004-08-04 10:00:00 90,624 ----a-w C:\WINDOWS\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w C:\WINDOWS\system32\trkwks.dll
- 2004-08-04 10:00:00 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
- 2004-08-04 10:00:00 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w C:\WINDOWS\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\system32\tspkg.dll
- 2004-08-04 10:00:00 44,032 ----a-w C:\WINDOWS\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\twext.dll
- 2005-07-26 04:39:49 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
- 2008-07-14 11:09:18 62,976 ----a-w C:\WINDOWS\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2004-08-04 10:00:00 25,600 ----a-w C:\WINDOWS\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w C:\WINDOWS\system32\udhisapi.dll
- 2004-08-04 10:00:00 275,456 ----a-w C:\WINDOWS\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w C:\WINDOWS\system32\ulib.dll
- 2004-08-04 10:00:00 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
- 2004-08-04 10:00:00 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
- 2004-08-04 10:00:00 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
- 2004-08-04 10:00:00 316,416 ----a-w C:\WINDOWS\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w C:\WINDOWS\system32\untfs.dll
- 2004-08-04 10:00:00 132,608 ----a-w C:\WINDOWS\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w C:\WINDOWS\system32\upnp.dll
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2004-08-04 10:00:00 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
- 2004-08-04 10:00:00 18,432 ----a-w C:\WINDOWS\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w C:\WINDOWS\system32\ups.exe
- 2004-08-04 10:00:00 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-14 00:12:08 37,888 ----a-w C:\WINDOWS\system32\url.dll
- 2008-06-23 15:38:34 615,936 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-26 08:15:30 619,520 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
- 2004-08-04 04:56:48 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w C:\WINDOWS\system32\user32.dll
- 2004-08-04 10:00:00 723,456 ----a-w C:\WINDOWS\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w C:\WINDOWS\system32\userenv.dll
- 2004-08-04 10:00:00 24,576 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\system32\usmt\cobramsg.dll
- 2004-08-04 10:00:00 123,904 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w C:\WINDOWS\system32\usmt\guitrna.dll
- 2004-08-04 10:00:00 4,096 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w

 

C:\WINDOWS\system32\usmt\iconlib.dll
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
- 2004-08-04 10:00:00 201,216 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w C:\WINDOWS\system32\usmt\migisma.dll
- 2004-08-04 10:00:00 103,424 ----a-w C:\WINDOWS\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w C:\WINDOWS\system32\usmt\migload.exe
- 2004-08-04 10:00:00 240,128 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w C:\WINDOWS\system32\usmt\migwiza.exe
- 2004-08-04 10:00:00 202,752 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w C:\WINDOWS\system32\usmt\scripta.dll
- 2004-08-04 10:00:00 168,960 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w C:\WINDOWS\system32\usmt\sysmoda.dll
- 2004-08-04 10:00:00 406,528 ----a-w C:\WINDOWS\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w C:\WINDOWS\system32\usp10.dll
- 2004-08-04 10:00:00 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
- 2004-08-04 10:00:00 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
- 2004-08-04 10:00:00 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
- 2007-12-18 14:40:58 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-04 10:00:00 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
- 2004-08-04 10:00:00 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ----a-w C:\WINDOWS\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ----a-w C:\WINDOWS\system32\verclsid.exe
- 2004-08-04 10:00:00 13,312 ----a-w C:\WINDOWS\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w C:\WINDOWS\system32\verifier.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\version.dll
- 2004-08-04 10:00:00 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
- 2004-08-04 10:00:00 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
- 2004-08-04 10:00:00 174,592 ----a-w C:\WINDOWS\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w C:\WINDOWS\system32\w32time.dll
- 2004-08-04 10:00:00 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll
- 2004-08-04 10:00:00 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
- 2004-08-04 10:00:00 208,896 ----a-w C:\WINDOWS\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w C:\WINDOWS\system32\wavemsp.dll
- 2004-08-04 10:00:00 1,352,192 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
- 2004-08-04 10:00:00 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
- 2004-08-04 10:00:00 22,016 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
- 2004-08-04 10:00:00 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
- 2004-08-04 10:00:00 185,856 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
- 2004-08-04 10:00:00 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
- 2004-08-04 10:00:00 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
- 2004-08-04 10:00:00 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
- 2004-08-04 10:00:00 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
- 2004-08-04 10:00:00 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
- 2004-08-04 10:00:00 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
- 2004-08-04 10:00:00 177,152 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
- 2004-08-04 10:00:00 36,864 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
- 2004-08-04 10:00:00 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
- 2004-08-04 10:00:00 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
- 2004-08-04 10:00:00 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
- 2004-08-04 10:00:00 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
- 2004-08-04 10:00:00 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
- 2004-08-04 10:00:00 530,944 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
- 2004-08-04 10:00:00 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
- 2004-08-04 10:00:00 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
- 2004-08-04 10:00:00 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
- 2004-08-04 10:00:00 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
- 2004-08-04 10:00:00 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
- 2004-08-04 10:00:00 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
- 2004-08-04 10:00:00 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
- 2004-08-04 10:00:00 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
- 2004-08-04 10:00:00 89,088 ----a-w

 

C:\WINDOWS\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
- 2004-08-04 10:00:00 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
- 2004-08-04 10:00:00 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
- 2004-08-04 10:00:00 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
- 2004-08-04 10:00:00 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
- 2004-08-04 10:00:00 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
- 2004-08-04 10:00:00 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
- 2004-08-04 10:00:00 62,976 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
- 2004-08-04 10:00:00 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
- 2004-08-04 10:00:00 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
- 2004-08-04 10:00:00 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
- 2004-08-04 10:00:00 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
- 2004-08-04 10:00:00 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
- 2004-08-04 10:00:00 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
- 2004-08-04 10:00:00 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
- 2004-08-04 04:56:58 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2004-08-04 10:00:00 276,480 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-14 00:12:08 276,480 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2006-01-04 03:35:05 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
- 2004-08-04 10:00:00 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
- 2004-08-04 10:00:00 65,536 ----a-w C:\WINDOWS\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w C:\WINDOWS\system32\wextract.exe
- 2004-08-04 10:00:00 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
- 2004-08-04 10:00:00 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
- 2004-08-04 10:00:00 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
- 2004-08-04 10:00:00 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2004-08-04 10:00:00 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
- 2004-08-04 10:00:00 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
- 2008-03-19 09:47:00 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-04-13 19:30:10 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
- 2004-08-04 10:00:00 101,888 ----a-w C:\WINDOWS\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w C:\WINDOWS\system32\win32spl.dll
- 2004-08-04 10:00:00 937,984 ----a-w C:\WINDOWS\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
- 2004-08-04 10:00:00 351,232 ----a-w C:\WINDOWS\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w C:\WINDOWS\system32\winhttp.dll
- 2008-06-23 15:38:34 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-23 15:09:27 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
- 2004-08-04 10:00:00 32,768 ----a-w C:\WINDOWS\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w C:\WINDOWS\system32\winipsec.dll
- 2004-08-04 10:00:00 502,272 ----a-w C:\WINDOWS\system32\winlogon.exe
+ 2008-04-14 00:12:39 507,904 ----a-w C:\WINDOWS\system32\winlogon.exe
- 2004-08-04 10:00:00 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
- 2004-08-04 10:00:00 764,928 ----a-w C:\WINDOWS\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w C:\WINDOWS\system32\winntbbu.dll
- 2004-08-04 10:00:00 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
- 2004-08-04 10:00:00 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
- 2004-08-04 10:00:00 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll
- 2004-08-04 10:00:00 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2004-08-04 10:00:00 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
- 2004-08-04 10:00:00 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
- 2004-08-04 10:00:00 5,632 ----a-w C:\WINDOWS\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w C:\WINDOWS\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
- 2004-08-04 10:00:00 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
- 2004-08-04 10:00:00 92,672 ----a-w

 

C:\WINDOWS\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
- 2004-08-04 10:00:00 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\wmpcd.dll
+ 2008-04-14 00:12:09 20,480 ----a-w C:\WINDOWS\system32\wmpcd.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\wmpcore.dll
+ 2008-04-14 00:12:09 20,480 ----a-w C:\WINDOWS\system32\wmpcore.dll
- 2004-08-04 10:00:00 20,480 ----a-w C:\WINDOWS\system32\wmpui.dll
+ 2008-04-14 00:12:09 20,480 ----a-w C:\WINDOWS\system32\wmpui.dll
- 2004-08-04 10:00:00 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
- 2004-08-04 10:00:00 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll
- 2004-08-04 10:00:00 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
- 2004-08-04 10:00:00 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
- 2004-08-04 10:00:00 32,256 ----a-w C:\WINDOWS\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w C:\WINDOWS\system32\wpnpinst.exe
- 2004-08-04 10:00:00 82,944 ----a-w C:\WINDOWS\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w C:\WINDOWS\system32\ws2_32.dll
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
- 2004-08-04 10:00:00 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
- 2004-08-04 10:00:00 114,688 ----a-w C:\WINDOWS\system32\wscript.exe
+ 2008-04-14 00:12:41 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
- 2004-08-04 10:00:00 81,408 ----a-w C:\WINDOWS\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w C:\WINDOWS\system32\wscsvc.dll
- 2004-08-04 10:00:00 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll
- 2004-08-04 10:00:00 28,672 ----a-w C:\WINDOWS\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w C:\WINDOWS\system32\wshcon.dll
- 2004-08-04 10:00:00 65,536 ----a-w C:\WINDOWS\system32\wshext.dll
+ 2008-04-14 00:12:10 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
- 2004-08-04 10:00:00 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
- 2004-08-04 10:00:00 11,776 ----a-w C:\WINDOWS\system32\wshrm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w C:\WINDOWS\system32\wshrm.dll
- 2004-08-04 10:00:00 19,968 ----a-w C:\WINDOWS\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w C:\WINDOWS\system32\wshtcpip.dll
- 2004-08-04 10:00:00 42,496 ----a-w C:\WINDOWS\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w C:\WINDOWS\system32\wsnmp32.dll
- 2004-08-04 10:00:00 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
- 2004-08-04 10:00:00 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
- 2004-08-04 10:00:00 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
- 2004-08-04 10:00:00 165,888 ----a-w C:\WINDOWS\system32\wuauclt1.exe
+ 2008-04-14 00:12:41 165,888 ----a-w C:\WINDOWS\system32\wuauclt1.exe
- 2004-08-04 10:00:00 183,296 ----a-w C:\WINDOWS\system32\wuaueng1.dll
+ 2008-04-14 00:12:11 183,296 ----a-w C:\WINDOWS\system32\wuaueng1.dll
- 2004-08-04 10:00:00 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w C

 

:\WINDOWS\system32\wuauserv.dll
- 2004-08-04 10:00:00 378,368 ----a-w C:\WINDOWS\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w C:\WINDOWS\system32\wzcdlg.dll
- 2004-08-04 10:00:00 51,712 ----a-w C:\WINDOWS\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w C:\WINDOWS\system32\wzcsapi.dll
- 2004-08-04 10:00:00 359,936 ----a-w C:\WINDOWS\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w C:\WINDOWS\system32\wzcsvc.dll
- 2004-08-04 10:00:00 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
- 2004-08-04 10:00:00 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
+ 2008-04-14 00:12:11 121,856 ------w C:\WINDOWS\system32\xmllite.dll
- 2004-08-04 10:00:00 129,536 ----a-w C:\WINDOWS\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w C:\WINDOWS\system32\xmlprov.dll
- 2004-08-04 10:00:00 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll
- 2006-03-01 19:42:42 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
- 2004-08-04 10:00:00 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
- 2004-08-04 10:00:00 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
- 2004-08-04 10:00:00 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
- 2008-07-03 09:14:02 351,744 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
- 2004-08-04 10:00:00 337,920 ----a-w C:\WINDOWS\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w C:\WINDOWS\system32\zipfldr.dll
- 2004-08-04 10:00:00 50,688 ----a-w C:\WINDOWS\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w C:\WINDOWS\twain_32.dll
- 2004-08-04 10:00:00 283,648 ----a-w C:\WINDOWS\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w C:\WINDOWS\winhlp32.exe
+ 2008-04-14 00:12:51 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg "= "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-07 04:54 68856]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 20:12 1695232]
"AOL Fast Start "= "C:\Program Files\AOL 9.1\AOL.EXE" [2008-03-06 06:12 50528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"

 

HostManager "= "C:\Program Files\Common Files\AOL\1211762669\ee\AOLSoftware.exe" [2007-10-08 17:50 41824]
"SynTPEnh "= "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 12:48 761947]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [2008-05-26 11:36 77824]
"QuickFinder Scheduler "= "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2006-07-05 00:01 77892]
"Persistence "= "C:\WINDOWS\system32\igfxpers.exe" [2007-03-30 19:59 138008]
"mcagent_exe "= "C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-11-01 19:12 582992]
"ISUSScheduler "= "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50 81920]
"ISUSPM Startup "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50 221184]
"IgfxTray "= "C:\WINDOWS\system32\igfxtray.exe" [2007-03-30 20:00 138008]
"HotKeysCmds "= "C:\WINDOWS\system32\hkcmd.exe" [2007-03-30 20:00 162584]
"DVDLauncher "= "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 16:19 53248]
"DMXLauncher "= "C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-11-01 03:12 94208]
"DLA "= "C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-11-07 05:20 122940]
"Dell QuickSet "= "C:\Program Files\Dell\QuickSet\Quickset.exe" [2007-05-14 14:23 1191936]
"Broadcom Wireless Manager UI "= "C:\WINDOWS\system32\WLTRAY.exe" [2006-11-01 12:48 1392640]
"McAfee Backup "= "C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-16 13:59 4838952]
"MBkLogOnHook "= "C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 11:22 20480]
"SigmatelSysTrayApp "= "stsystra.exe" [2006-03-24 17:30 282624 C:\WINDOWS\stsystra.exe]

C:\Documents and Settings\Dell\Start Menu\Programs\Startup\
MostFun.lnk - C:\Program Files\MostFun\Bin\MostFun.exe [2007-08-28 17:47:20 147456]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2003-06-08 17:48:18 16432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-05-28 16:48 10536 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll

 

software.lnkCommon Startup[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare

[HKLM\~\startupfolder\C:^Documents and Settings^Dee^Start Menu^Programs^Startup^AOL Desktop.lnk]
path=C:\Documents and Settings\Dee\Start Menu\Programs\Startup\AOL Desktop.lnk
backup=C:\WINDOWS\pss\AOL Desktop.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe "=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe "=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe "=
"

 

C:\\Program Files\\Common Files\\AOL\\1211762669\\ee\\aolsoftware.exe "=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "=
"C:\\Program Files\\Common Files\\AOL\\1211762669\\ee\\AOLDesktop.exe "=
"C:\\Program Files\\iWin Games\\iWinGames.exe "=
"C:\\Program Files\\iWin Games\\WebUpdater.exe "=
"C:\\Program Files\\FlashGet\\flashget.exe "=
"C:\\Program Files\\MostFun\\Bin\\MostFun.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=

R2 iWinGamesInstaller;iWinGamesInstaller;C:\Program Files\iWin Games\iWinGamesInstaller.exe [2008-03-05 08:49]
S3 GoToAssist;GoToAssist;C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe Start=service []
.
Contents of the 'Scheduled Tasks' folder

2008-07-15 C:\WINDOWS\Tasks\McDefragTask.job
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

2008-07-15 C:\WINDOWS\Tasks\McQcTask.job
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

2008-08-12 C:\WINDOWS\Tasks\Schedule Task Weekly.job
- C:\Program Files\Registry Easy\RE.exe []
.

****************************

 

**********************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 07:10:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\WLTRYSVC.EXE
C:\WINDOWS\system32\BCMWLTRY.EXE
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\AOL 9.1\waol.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mcuimgr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\AOL 9.1\shellmon.exe
.
**************************************************************************
.
Completion time: 2008-08-19 7:17:22 - machine was rebooted [Dell]
ComboFix-quarantined-files.txt 2008-08-19 11:17:14
ComboFix2.txt 2008-08-19 06:48:07
ComboFix3.txt 2008-08-18 07:13:09

Pre-Run: 234,076,602,368 bytes free
Post-Run: 234,081,198,080 bytes free

4614 --- E O F --- 2008-08-19 10:40:39

 

Dave,
I hope I got the complete log posted, it was a pain to do. What do we do about Sean who posted on this thread?

Dee

 

Yes, installing a Service Pack between ComboFix runs causes it to produce a rather large log.

Copy the bolded text below, including the quotes.

"C:\Documents and Settings\Savannah\Application Data "

Now click Start>Run and paste the copied text, then hit Enter.

When the folder opens, delete the ErrorSmart folder present there.

Now do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

• Click Run at the Security prompt.
• The program will then begin downloading and installing and will also update the database.
• Please be patient as this can take several minutes.
• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Click View scan report at the bottom.
• Click the Save Report As... button.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


Post the Kaspersky log and one more fresh HijackThis log.

 

KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, August 20, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, August 20, 2008 09:25:42
Records in database: 1113234
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
Scan statistics
Files scanned 74660
Threat name 12
Infected objects 19
Suspicious objects 6
Duration of the scan 01:16:02

File name Threat name Threats count
C:\My Games\Abundante!\abundante!.exe Suspicious: Type_Win32 1
C:\My Games\Karu\karu.exe Suspicious: Type_Win32 1
C:\My Games\Little Shop of Treasures\LittleShopofTreasures.exe Suspicious: Type_Win32 1
C:\My Games\Profitville\profitville.exe Suspicious: Type_Win32 1
C:\My Games\Sparkle\sparkle.exe Suspicious: Type_Win32 1
C:\My Games\Super Jigsaw Puzzle\Jigsaw.exe Suspicious: Type_Win32 1
C:\Program Files\iWin.com\Age of Emerald\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\Program Files\iWin.com\Age of Emerald\GLWorker.exe Infected: Trojan-Spy.Win32.SCKeyLog.di 1
C:\Program Files\iWin.com\Amazonia\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\Program Files\iWin.com\Cradle of Persia\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.u 1
C:\Program Files\iWin.com\Great Secrets Da Vinci\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\Program Files\iWin.com\Heroes of Hellas\GLWorker.exe Infected: Trojan-Spy.Win32.SCKeyLog.fo 1
C:\Program Files\iWin.com\Hide and Secret\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\Program Files\iWin.com\Jewel Quest II\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\Program Files\iWin.com\Magic Academy\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\Program Files\iWin.com\Magic Match Adventures\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\Program Files\iWin.com\Magic Match Adventures\GLWorker.exe Infected: Trojan-Spy.Win32.SCKeyLog.cn 1
C:\Program Files\iWin.com\Magicians Handbook\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\Program Files\iWin.com\Pirateville\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.af 1
C:\Program Files\iWin.com\Polly Pride Pet Detective\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.v 1
C:\Program Files\iWin.com\Season Match\GLWorker.exe Infected: Trojan-Spy.Win32.SCKeyLog.cw 1
C:\Program Files\iWin.com\Secrets of Great Art\GLWorker.exe Infected: Trojan-Spy.Win32.SCKeyLog.cu 1
C:\Program Files\iWin.com\Secrets of the Seas\GLWorker.exe Infected: Trojan-Spy.Win32.SCKeyLog.bs 1
C:\Program Files\iWin.com\The Count of Monte Cristo\GameLauncher.exe Infected: Trojan-Dropper.Win32.Irsd.ba 1
C:\QooBox\Quarantine\C\Program Files\Internet Explorer\msimg32.dll.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.cv 1
The selected area was scanned.

 

Dave
I notifified IWin games about the infected files and I got a response from them. Is this to be believed?THIS IS AN AUTOMATED RESPONSE, PLEASE DO NOT DIRECTLY REPLY TO THIS EMAIL.

A solution for your issue has been suggested.

Solution: We understand your concern. Your system may have identified us as a culprit for viruses or adware, or your system may be blocking installation of our software without you knowing why. We would like to assure you that there is no cause for concern. The environment that our games are developed in is "air tight" and we spare no effort to vigorously ensure that our customers get a top notch product - without viruses or any malicious intrusions to your system.

Adware:


Because we have advertising supported games and advertising on our site, we do have software that functions only while you are playing your game or running our iWin Games Manager. This allows our advertising to run smoothly, but not to monitor activity or compromise your privacy. It is both completely safe and non-intrusive by nature. If you are receiving alert messages or experiencing blockages of our games, in order to install and play them you will need to alter your software's settings to allow your iWin download game to install successfully.

Virus:



If you had an existing intrusion to your system, it may have indiscriminately attached itself to our program, thereby giving the impression to your system protection software that our games were the source. More often than not though, what is called out as a "virus" is nothing of the kind. The security software simply does not recognize our software and falsely identifies our product as a threat. If you are receiving such messages, in order to play the game you will need to alter your settings or temporarily disable the software to allow your iWin download game to install successfully. We recommend spending some time to become very familiar with your antivirus software and to be sure that you choose the product you operate on your machine carefully. Some products may do a great job of protecting your machine, but could also be forcing your computer to operate within a bubble, needlessly flagging harmless software besides ours.




Because of the vast number of anti-virus products available, it is simply not feasible for us to have detailed support information for each of them. A couple rules of thumb when it comes to selecting antivirus products: Freeware is often of suboptimal quality. If your antivirus product is falsely flagging iWin.com software, it probaby is preventing access to other desired software as well. While we do not specifically endorse any of the products listed below, they are the most common antivirus software products our customers claim to use:




Aladdin Knowledge Systems







Avast


AVG







Click HERE for instructions on adjusting your security settings with AVG software.


Dee

 

iWin is generally considered adware .... it is for sure ad supported. Recommend you submit a few of those files at Virus Total and post the results here.

 

I don't know how to do this, I've tried. Another thing I need to learn.

Dee

 

| עברית | | SlovenÅ¡čina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
Virus Total
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
File AgeOfEmerald.ifn received on 08.21.2008 15:46:08 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 1/36 (2.78%)
Loading server information...
Your file is queued in position: 1.
Estimated start time is between 38 and 55 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.8.21.0 2008.08.21 -
AntiVir 7.8.1.23 2008.08.21 -
Authentium 5.1.0.4 2008.08.21 -
Avast 4.8.1195.0 2008.08.21 -
AVG 8.0.0.161 2008.08.21 -
BitDefender 7.2 2008.08.21 -
CAT-QuickHeal 9.50 2008.08.20 -
ClamAV 0.93.1 2008.08.21 -
DrWeb 4.44.0.09170 2008.08.21 -
eSafe 7.0.17.0 2008.08.21 -
eTrust-Vet 31.6.6039 2008.08.21 -
Ewido 4.0 2008.08.21 -
F-Prot 4.4.4.56 2008.08.20 -
F-Secure 7.60.13501.0 2008.08.21 -
Fortinet 3.14.0.0 2008.08.21 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.21 -
K7AntiVirus 7.10.422 2008.08.20 -
Kaspersky 7.0.0.125 2008.08.21 -
McAfee 5366 2008.08.21 -
Microsoft 1.3807 2008.08.21 -
NOD32v2 3374 2008.08.21 -
Norman 5.80.02 2008.08.20 -
Panda 9.0.0.4 2008.08.21 -
PCTools 4.4.2.0 2008.08.20 -
Prevx1 V2 2008.08.21 Suspicious
Rising 20.58.32.00 2008.08.21 -
Sophos 4.32.0 2008.08.21 -
Sunbelt 3.1.1564.1 2008.08.21 -
Symantec 10 2008.08.21 -
TheHacker 6.3.0.6.056 2008.08.21 -
TrendMicro 8.700.0.1004 2008.08.21 -
VBA32 3.12.8.4 2008.08.21 -
ViRobot 2008.8.21.1344 2008.08.21 -
VirusBuster 4.5.11.0 2008.08.20 -
Webwasher-Gateway 6.6.2 2008.08.21 -
Additional information
File size: 1830912 bytes
MD5...: 57d1ee4d322d5eabd777aced80fcdf83
SHA1..: 4206b8e65ef55d29f697226da860733c4eea4712
SHA256: bb5c47d6899278ee46d29fdf010ce56a414443fa2700ae0e3d240fd3cbed8edd
SHA512: 87fbea898692bd18a90688e7d659bfc97570bccba4a092af2d56c594e86e46ef
bed83b98fe65df51eb055cec5a88b1c8cc2068cae7eeb5a80af7d73c50030345
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x55eefd
timedatestamp.....: 0x474fd8c2 (Fri Nov 30 09:32:50 2007)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x17b896 0x17c000 6.43 9619d91b70a0622dac1b1125f6dcb921
.rdata 0x17d000 0x37d84 0x38000 6.00 0db5c18e3770966534d1aacdffdde4e4
.data 0x1b5000 0x3feb8 0x7000 4.76 177a34eb1504940e4f964114dfc98ece
.rsrc 0x1f5000 0x2680 0x3000 2.88 192d1ae1ba8966de8154e274f46f4e45

( 9 imports )
> WINMM.dll: timeGetTime, timeEndPeriod, timeBeginPeriod, mixerClose, mixerSetControlDetails, mixerOpen, mixerGetDevCapsA, mixerGetLineInfoA, mixerGetLineControlsA, mixerGetControlDetailsA
> KERNEL32.dll: DeleteFileA, ReadFile, WriteFile, OutputDebugStringA, GetTickCount, QueryPerformanceFrequency, QueryPerformanceCounter, CreateFileA, GetFileSize, FreeLibrary, GetProcAddress, LoadLibraryA, Sleep, EnterCriticalSection, LeaveCriticalSection, GetVersionExA, SetThreadPriority, GetCurrentThread, MultiByteToWideChar, GlobalUnlock, GlobalLock, GlobalAlloc, GlobalFree, GetCommandLineA, GetLastError, CreateMutexA, GetModuleHandleA, GetCurrentThreadId, GetModuleFileNameA, InterlockedDecrement, InterlockedIncrement, GetFileTime, SetUnhandledExceptionFilter, GetCurrentProcess, VirtualQuery, GetThreadPriority, InitializeCriticalSection, DeleteCriticalSection, VirtualProtect, IsBadWritePtr, MulDiv, SetErrorMode, CloseHandle, GetSystemDirectoryA, WideCharToMultiByte, InterlockedExchange, ExitProcess, RaiseException, RtlUnwind, IsBadReadPtr, HeapFree, TerminateProcess, GetStartupInfoA, ExitThread, ResumeThread, CreateThread, GetLocalTime, GetSystemTimeAsFileTime, GetDriveTypeA, GetCurrentDirectoryA, GetFullPathNameA, CreateDirectoryA, HeapReAlloc, HeapAlloc, LCMapStringA, LCMapStringW, GetCPInfo, TlsAlloc, SetLastError, TlsFree, TlsSetValue, TlsGetValue, SetFilePointer, SetHandleCount, GetStdHandle, GetFileType, HeapSize, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, FlushFileBuffers, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetTimeZoneInformation, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, GetSystemInfo, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, IsBadCodePtr, GetACP, GetOEMCP, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, GetLocaleInfoW, SetEndOfFile, LocalFree, FindNextFileA, FindFirstFileA, FindClose, GetCurrentProcessId, CreateFileMappingA, MapViewOfFile, SetCurrentDirectoryA, FileTimeToSystemTime
> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -
> USER32.dll: SetFocus, ReleaseDC, MoveWindow, GetClientRect, GetDC, EndDialog, SendMessageA, GetDlgItem, DialogBoxIndirectParamA, SetCapture, WindowFromPoint, DispatchMessageA, TranslateMessage, PeekMessageA, SetWindowTextA, GetWindowTextA, GetClipboardData, DefWindowProcW, SetCursorPos, DefWindowProcA, EndPaint, BeginPaint, GetWindowLongA, GetWindowRect, IsWindowVisible, IsIconic, ChangeDisplaySettingsA, EnumWindows, EnumDisplaySettingsA, GetSystemMetrics, CreateCursor, MessageBoxW, CreateWindowExA, RegisterClassA, LoadIconA, RegisterWindowMessageA, SetTimer, GetActiveWindow, AdjustWindowRect, DestroyCursor, SetCaretPos, ShowCaret, CreateCaret, DestroyCaret, HideCaret, GetSysColorBrush, CreateWindowExW, GetMessageA, DrawTextExA, OffsetRect, FillRect, AdjustWindowRectEx, GetWindowInfo, GetWindowPlacement, SetForegroundWindow, GetCursorPos, PostMessageA, DestroyWindow, SystemParametersInfoA, ShowWindow, OpenClipboard, EmptyClipboard, SetClipboardData, CloseClipboard, MessageBoxA, SetCursor, ClientToScreen, LoadCursorA, ScreenToClient, SetWindowLongA, ReleaseCapture
> GDI32.dll: CreateCompatibleDC, GetObjectA, CreateFontIndirectA, GetDeviceCaps, CreateDIBSection, TextOutA, SetTextColor, IntersectClipRect, GetTextMetricsA, DeleteDC, CreateFontA, DeleteObject, SelectObject, GetStockObject, GetTextExtentPoint32A, SetBkMode
> ADVAPI32.dll: RegCloseKey, RegOpenKeyA, RegSetValueExA, RegCreateKeyExA, RegOpenKeyExA, RegDeleteValueA, RegQueryValueExA
> SHELL32.dll: ShellExecuteA
> ole32.dll: CoInitialize
> OLEAUT32.dll: -

( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=527747770062268FF0C11B5D394E8100413DAB24
ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=57d1ee4d322d5eabd777aced80fcdf83

ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

Scan another file
VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com - Terms of Service & Privacy Policy

 

I posted the above report, does this mean anything? I have some with 0% and some 2+% . Iwin sent me a program to uninstall all these games and reinstall but I noticed I didn't install all from Iwin, I will run some of those.

Dee

 

I scanned all the ? infected files 12 had 0%, 11 has 1+ to 8+ %, I don'ty know what all this means. Where do I go from here?
Dee

 

I can only go by the first scanned file you posted the results for. The file submitted was AgeOfEmerald.ifn, which is not one of the files in the online scan results. The files to be submitted were all exe files.

C:\Program Files\iWin.com\Age of Emerald\GameLauncher.exe
C:\Program Files\iWin.com\Age of Emerald\GLWorker.exe
C:\Program Files\iWin.com\Amazonia\GameLauncher.exe
C:\Program Files\iWin.com\Cradle of Persia\GameLauncher.exe
C:\Program Files\iWin.com\Great Secrets Da Vinci\GameLauncher.exe
C:\Program Files\iWin.com\Heroes of Hellas\GLWorker.exe
C:\Program Files\iWin.com\Hide and Secret\GameLauncher.exe
C:\Program Files\iWin.com\Jewel Quest II\GameLauncher.exe
C:\Program Files\iWin.com\Magic Academy\GameLauncher.exe
C:\Program Files\iWin.com\Magic Match Adventures\GameLauncher.exe
C:\Program Files\iWin.com\Magic Match Adventures\GLWorker.exe
C:\Program Files\iWin.com\Magicians Handbook\GameLauncher.exe
C:\Program Files\iWin.com\Pirateville\GameLauncher.exe
C:\Program Files\iWin.com\Polly Pride Pet Detective\GameLauncher.exe
C:\Program Files\iWin.com\Season Match\GLWorker.exe
C:\Program Files\iWin.com\Secrets of Great Art\GLWorker.exe
C:\Program Files\iWin.com\Secrets of the Seas\GLWorker.exe
C:\Program Files\iWin.com\The Count of Monte Cristo\GameLauncher.exe

Notice, they are all named GameLauncher.exe and GLWorker.exe, just in different locations. If those are the files you submitted, and only Kaspersky (on Virus Total) detects them, I'd say you're safe in keeping them. Then again, if iWin has provided the means to install fresh copies, might be as well of to just do that. If you do, run Kaspersky online again to see if the new files are again detected.

How's the computer running now? Any other problems?